Tag: cloudlinux-6

Navigating Change: CloudLinux 6/7 End-of-Life and Migration Strategies

CloudLinux 6/7 End-of-Life

Effective July 1st, 2024, CloudLinux 6 and 7 will reach End of Life (EOL). Routine updates and support will cease, but critical CVE support for issues with a severity score of 8 or higher will continue until July 1st, 2025. This extension allows administrators additional time to plan migrations.

Additionally, the repositories will remain available with the frozen versions of packages until March 1st, 2029.

CloudLinux 6 kernel v.1.4-82 has been scheduled for gradual rollout

kernel-beta

CloudLinux 6 kernel version 1.4.82 has been scheduled for gradual rollout from our production repository.

A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 Extended Lifecycle Support has been rolled out to 100%

Extended-CL

A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

Changelog

sudo-1.8.6p3-30.cloudlinux.els6

  • Fixed Heap-based buffer overflow in Sudo (CVE-2021-3156)

Update command

yum update sudo*

CVE-2021-3156 description

Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

A new sudo package with the CVE-2021-3156 fix within CentOS 6 Extended Lifecycle Support has been rolled out to 100%

Extended-CentOS

A new sudo package with the CVE-2021-3156 fix within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

A new sudo package with the CVE-2021-3156 fix within CentOS 6 Extended Lifecycle Support has been scheduled for gradual rollout

Extended-CentOS

A new sudo package with the CVE-2021-3156 fix within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.

A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 Extended Lifecycle Support has been scheduled for gradual rollout

Extended-CL

A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.

Rollout slot: 4

Rolled out to: 1%

ETA for 100% rollout: February, 10

Changelog

sudo-1.8.6p3-30.cloudlinux.els6

  • Fixed Heap-based buffer overflow in Sudo (CVE-2021-3156)

Update command

yum update sudo*

Immediate update (via bypass)

yum update sudo* --enablerepo=cloudlinux-rollout-4-bypass

CVE-2021-3156 description

Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

A new PHP package within CloudLinux 6 Extended Lifecycle Support has been scheduled for gradual rollout

Extended-CL

A new PHP package within CloudLinux 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.

A new PHP package within CentOS 6 Extended Lifecycle Support has been scheduled for gradual rollout

Extended-CentOS

A new PHP package within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.

OpenSSL and cURL packages within CloudLinux 6 Extended Lifecycle Support with a fix for the CVE-2020-1971 and the CVE-2020-8284 have been rolled out to 100%

Extended-CL

We are happy to announce that new openssl-1.0.1e-59.cloudlinux.els6 and curl-7.19.7-55.cloudlinux.els6 packages within CloudLinux 6 extended lifecycle support have been rolled out to 100% and is now available for download from our production repository.

OpenSSL package within CentOS 6 Extended Lifecycle Support with a fix for the CVE-2020-1971 has been rolled out to 100%

Extended-CentOS

We are happy to announce that a new openssl-1.0.1e-59.cloudlinux.els6 package within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

imunify-logo

WEB SERVER SECURITY BLOG

Subscribe to CloudLinux Newsletter