New updated liblve, kmod-lve, and kernel packages have been scheduled for gradual rollout from our production repository.
Rollout slot: 7
Rolled out to: 0.2%
ETA for 100% rollout: January 5
Changelog
kernel-1.5-64
- CLKRN-863: CVE-2020-36385: RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy
- CLKRN-863: CVE-2020-36385: RDMA/ucma: Fix locking for ctx->events_reported
- CLKRN-863: CVE-2020-36385: RDMA/ucma: Fix the locking of ctx->file
- CLKRN-863: CVE-2020-36385: RDMA/cma: Add missing locking to rdma_accept()
- KMODLVE-478: add missing LVE_API_* directives into setuid feature
- CLKRN-859: added CAP_SYS_ADMIN capability allowing ptrace children
- KMODLVE-470: don't restrict root process from traversing symlinks
- KMODLVE-461: register usage cleanup
- KMODLVE-460: unused label removal
liblve-2.1-5
- KMODLVE-476 jail: kill homecoded password parser
kmod-lve-2.0-40
- KMODLVE-463: tc does not work properly with class major 0x0
- KMODLVE-478: add missing LVE_API_* directives into setuid feature
- CLKRN-859: added CAP_SYS_ADMIN capability allowing ptrace children
Update
To update kernel for CloudLinux OS 7, run the following command:
yum install kernel-3.10.0-962.3.2.lve1.5.64.el7To update kernel for CloudLinux OS 6 hybrid, run the following command:
yum install kernel-3.10.0-962.3.2.lve1.5.64.el6hTo update lve-kmod, run the following command:
yum update kernel kmod-lveTo update liblve, run the following command:
yum update lve liblveImmediate update (via bypass)
To update kernel for CloudLinux OS 7, run the following command:
yum install kernel-3.10.0-962.3.2.lve1.5.64.el7 --enablerepo=cloudlinux-rollout-7-bypassTo update kernel for CloudLinux OS 6 hybrid, run the following command:
yum install kernel-3.10.0-962.3.2.lve1.5.64.el6h --enablerepo=cloudlinux-rollout-7-bypassTo update kmod-lve, run the following command:
yum update kernel kmod-lve --enablerepo=cloudlinux-rollout-7-bypassTo update liblve, run the following command:
yum update lve liblve --enablerepo=cloudlinux-rollout-7-bypass
