RSS
Tag: centos

CentOS 6 ELS kernel v.2.6.32-754.29.3 has been rolled out to 100%

Feb 16, 2021 10:53:11 AM

kernel

CentOS 6 ELS kernel v.2.6.32-754.29.3.el6 has been rolled out to 100% and is now available for download from our production repository.

READ MORE

CentOS 6 ELS kernel v.2.6.32-754.29.3 has been scheduled for gradual rollout

Feb 2, 2021 4:44:59 PM

kernel

CentOS 6 ELS kernel v.2.6.32-754.29.3.el6 has been scheduled for gradual rollout from our production repository.

Rollout slot: 2

Rolled out to: 1%

ETA for 100%: February, 16

Changelog

  • CKSIX-268: futex: Handle faults correctly for PI futexes
  • CKSIX-268: futex: Provide and use pi_state_update_owner()
  • CKSIX-263: KEYS: allow reaching the keys quotas exactly
  • CKSIX-263: KEYS: reaching the keys quotas correctly
  • CKSIX-263: fix -ENOMEM result with invalid user space pointer in
    sendto() syscall
  • CKSIX-263: CVE-2017-18344: posix-timer: Properly check sigevent->sigev_notify
  • CKSIX-263: CVE-2018-6927: futex: Prevent overflow by strengthen
    input validation
  • CKSIX-258: CVE-2017-6951: KEYS: Change the name of the dead type to
    ".dead" to prevent user access
  • CKSIX-258: CVE-2017-15299: KEYS: don't let add_key() update an
    uninstantiated key
  • CKSIX-258: fix CVE-2016-9604
  • CKSIX-258: KEYS: add missing permission check for request_key() destination
  • CKSIX-258: KEYS: prevent KEYCTL_READ on negative key
  • CKSIX-258: CVE-2017-10661: timerfd: Protect the might cancel mechanism proper
  • CKSIX-258: fix CVE-2017-7472
  • CKSIX-258: fix CVE-2017-15274

Update

yum update kernel*

Immediate update (via bypass)

yum update kernel* --enablerepo=ELS6-rollout-2-bypass
READ MORE

A new sudo package with the CVE-2021-3156 fix within CentOS 6 Extended Lifecycle Support has been rolled out to 100%

Jan 28, 2021 8:33:54 AM

Extended-CentOS

A new sudo package with the CVE-2021-3156 fix within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

READ MORE

A new sudo package with the CVE-2021-3156 fix within CentOS 6 Extended Lifecycle Support has been scheduled for gradual rollout

Jan 27, 2021 1:02:06 PM

Extended-CentOS

A new sudo package with the CVE-2021-3156 fix within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.

READ MORE

A new PHP package within CentOS 6 Extended Lifecycle Support has been scheduled for gradual rollout

Jan 27, 2021 11:06:18 AM

Extended-CentOS

A new PHP package within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.

READ MORE

OpenSSL package within CentOS 6 Extended Lifecycle Support with a fix for the CVE-2020-1971 has been rolled out to 100%

Dec 23, 2020 2:25:24 PM

Extended-CentOS

We are happy to announce that a new openssl-1.0.1e-59.cloudlinux.els6 package within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

READ MORE

cURL package within CentOS 6 Extended Lifecycle Support with a fix for the CVE-2020-8284 has been rolled out to 100%

Dec 23, 2020 2:16:07 PM

Extended-CentOS

We are happy to announce that a new curl-7.19.7-55.cloudlinux.els6 package within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

READ MORE

Converting CentOS 8.3 to CloudLinux 8.3

Dec 15, 2020 4:55:56 PM

CentOSCLOS8.3

Yesterday, we released a new CloudLinux OS 8.3, and many of you would like to convert CentOS 8.3 to CloudLinux 8.3

READ MORE

Announcing Open-sourced & Community-Driven RHEL Fork by CloudLinux

Dec 10, 2020 1:01:54 PM

Announcing Open-sourced & Community-Driven RHEL Fork by CloudLinux

CentOS is a fork of Red Hat Enterprise Linux (RHEL) and undoubtedly a popular choice to deploy on production servers because of its rock-solid stability and compatibility. But, now with CentOS Stream, Red Hat just killed CentOS as we know it. And as expected, people started to fork Red Hat to give a viable community-based alternative to RHEL.

READ MORE

A security vulnerability in OpenSSL. Extended Support for CentOS 6 already has patches

Dec 10, 2020 11:38:11 AM

 

openssl-vulnerability

On December 8, 2020 OpenSSL released an advisory patch for a high-risk null pointer dereference vulnerability found in the encryption library’s GENERAL_NAME_cmp() function.  CVE-2020-1971 (assigned name) is the High level vulnerability that cannot be ignored. The only level higher is the Critical level which happens maybe once in 5 years.

READ MORE
imunify-logo

WEB SERVER SECURITY BLOG

READ MORE ABOUT WEB SERVER SECURITY

Subscribe to CloudLinux Newsletter

aicpa soc
pci-dss
eu gdpr compliant
© All rights reserved. CloudLinux Inc.
Terms of Use | Privacy Policy | Vulnerability Reporting | Legal | Do Not Sell My Personal Data

Call Sales at +1 (800) 231-7307
Email sales@cloudlinux.com