Navigating Change: CloudLinux 6/7 End-of-Life and Migration Strategies
Effective July 1st, 2024, CloudLinux 6 and 7 will reach End of Life (EOL). Routine updates and support will cease, but critical CVE support for issues with a severity score of 8 or higher will continue until July 1st, 2025. This extension allows administrators additional time to plan migrations.
Additionally, the repositories will remain available with the frozen versions of packages until March 1st, 2029.
CloudLinux 6 kernel v.1.4-82 has been scheduled for gradual rollout
CloudLinux 6 kernel version 1.4.82 has been scheduled for gradual rollout from our production repository.
A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 Extended Lifecycle Support has been rolled out to 100%
A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.
Changelog
sudo-1.8.6p3-30.cloudlinux.
- Fixed Heap-based buffer overflow in Sudo (CVE-2021-3156)
Update command
yum update sudo*
CVE-2021-3156 description
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
A new sudo package with the CVE-2021-3156 fix within CentOS 6 Extended Lifecycle Support has been rolled out to 100%
A new sudo package with the CVE-2021-3156 fix within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.
A new sudo package with the CVE-2021-3156 fix within CentOS 6 Extended Lifecycle Support has been scheduled for gradual rollout
A new sudo package with the CVE-2021-3156 fix within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.
A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 Extended Lifecycle Support has been scheduled for gradual rollout
A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.
Rollout slot: 4
Rolled out to: 1%
ETA for 100% rollout: February, 10
Changelog
sudo-1.8.6p3-30.cloudlinux.
- Fixed Heap-based buffer overflow in Sudo (CVE-2021-3156)
Update command
yum update sudo*
Immediate update (via bypass)
yum update sudo* --enablerepo=cloudlinux-rollout-4-bypass
CVE-2021-3156 description
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
A new PHP package within CloudLinux 6 Extended Lifecycle Support has been scheduled for gradual rollout
A new PHP package within CloudLinux 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.
A new PHP package within CentOS 6 Extended Lifecycle Support has been scheduled for gradual rollout
A new PHP package within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.
OpenSSL and cURL packages within CloudLinux 6 Extended Lifecycle Support with a fix for the CVE-2020-1971 and the CVE-2020-8284 have been rolled out to 100%
We are happy to announce that new openssl-1.0.1e-59.cloudlinux.
OpenSSL package within CentOS 6 Extended Lifecycle Support with a fix for the CVE-2020-1971 has been rolled out to 100%
We are happy to announce that a new openssl-1.0.1e-59.cloudlinux.