CageFS and LVE-Utils packages have been updated in the current rollout
New lve-utils-4.2.25.2-1 and cagefs-7.1.6.1-1 packages have been updated in the current rollout.
Rollout slot: 5
Rolled out to: 25.6%
ETA for 100% rollout: February, 18
Changelog
lve-utils-4.2.25.2-1
cagefs-7.1.6.1-1
- LU-1893: cldiag - remove unneeded test users
Update command
yum update cagefs lve-utilsImmediate update (via bypass)
yum update cagefs lve-utils --enablerepo=cloudlinux-rollout-5-bypass
CentOS 6 ELS kernel v.2.6.32-754.29.3 has been scheduled for gradual rollout
CentOS 6 ELS kernel v.2.6.32-754.29.3.el6 has been scheduled for gradual rollout from our production repository.
Rollout slot: 2
Rolled out to: 1%
ETA for 100%: February, 16
Changelog
- CKSIX-268: futex: Handle faults correctly for PI futexes
- CKSIX-268: futex: Provide and use pi_state_update_owner()
- CKSIX-263: KEYS: allow reaching the keys quotas exactly
- CKSIX-263: KEYS: reaching the keys quotas correctly
- CKSIX-263: fix -ENOMEM result with invalid user space pointer in
sendto() syscall - CKSIX-263: CVE-2017-18344: posix-timer: Properly check sigevent->sigev_notify
- CKSIX-263: CVE-2018-6927: futex: Prevent overflow by strengthen
input validation - CKSIX-258: CVE-2017-6951: KEYS: Change the name of the dead type to
".dead" to prevent user access - CKSIX-258: CVE-2017-15299: KEYS: don't let add_key() update an
uninstantiated key - CKSIX-258: fix CVE-2016-9604
- CKSIX-258: KEYS: add missing permission check for request_key() destination
- CKSIX-258: KEYS: prevent KEYCTL_READ on negative key
- CKSIX-258: CVE-2017-10661: timerfd: Protect the might cancel mechanism proper
- CKSIX-258: fix CVE-2017-7472
- CKSIX-258: fix CVE-2017-15274
Update
yum update kernel*Immediate update (via bypass)
yum update kernel* --enablerepo=ELS6-rollout-2-bypass
MySQL for MySQL Governor has been scheduled for gradual rollout
New updated MySQL packages for MySQL Governor for CloudLinux OS 6, 7, and 8 have been scheduled for gradual rollout from our production repository.
Rollout slot: 3
Rolled out to: 0.2%
ETA for 100% rollout: February, 16
Changelog
Platforms: CloudLinux 6, CloudLinux 7, CloudLinux 8
- Updated up to 5.6.51
- Updated up to 5.7.33
Platforms: CloudLinux 7, CloudLinux 8
- Updated up to 8.0.23
Installation
For new installation you should install the current stable packages through the governor-mysql using instruction above and only after that you can update cl-MySQL from the rollout slot via bypass.
Immediate Update (via bypass)
Note: make a full database backup (including system tables) before you upgrade MySQL or switch to MariaDB. This action will prevent data loss in case something goes wrong.
To update MySQL, run:
# yum update cl-MySQL* --enablerepo=cloudlinux-rollout-3-bypass 
CloudLinux 6 kernel v.1.4.81 has been scheduled for gradual rollout
CloudLinux 6 kernel version 2.6.32-954.3.5.lve1.4.8
Rollout slot: 4
Rolled out to: 1%
ETA for 100%: February, 16
Changelog
- CKSIX-268: futex: Handle faults correctly for PI futexes
- CKSIX-268: futex: Provide and use pi_state_update_owner()
Update
yum install kernel-2.6.32-954.3.5.lve1.4.81.el6 Immediate update (via bypass)
yum install kernel-2.6.32-954.3.5.lve1.4.81.el6 --enablerepo=cloudlinux-rollout-4-bypassAn updated LVE Manager package has been scheduled for gradual rollout
An updated lvemanager-6.3.7.1-1 package has been scheduled for gradual rollout from our production repository.
Rollout slot: 5
Rolled out to: 25.6%
ETA for 100% rollout: February, 18
Changelog
lvemanager-6.3.7.1-1
- LVEMAN-1718: Fixed a security issue in the cloudlinux-selector
Update command
yum update lvemanagerImmediate update (via bypass)
yum update lvemanager --enablerepo=cloudlinux-rollout-5-bypass
A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 Extended Lifecycle Support has been rolled out to 100%
A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.
Changelog
sudo-1.8.6p3-30.cloudlinux.
- Fixed Heap-based buffer overflow in Sudo (CVE-2021-3156)
Update command
yum update sudo*CVE-2021-3156 description
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
A new sudo package with the CVE-2021-3156 fix within CentOS 6 Extended Lifecycle Support has been rolled out to 100%
A new sudo package with the CVE-2021-3156 fix within CentOS 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.
CloudLinux 7 and CloudLinux 6 Hybrid kernel v.1.5-44 has been scheduled for gradual rollout
CloudLinux 7 and CloudLinux 6 Hybrid kernel version 3.10.0-962.3.2.lve1.5.44 has been scheduled for gradual rollout from our production repository.
A new sudo package with the CVE-2021-3156 fix within CentOS 6 Extended Lifecycle Support has been scheduled for gradual rollout
A new sudo package with the CVE-2021-3156 fix within CentOS 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.
A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 Extended Lifecycle Support has been scheduled for gradual rollout
A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 extended lifecycle support has been scheduled for gradual rollout from our production repository.
Rollout slot: 4
Rolled out to: 1%
ETA for 100% rollout: February, 10
Changelog
sudo-1.8.6p3-30.cloudlinux.
- Fixed Heap-based buffer overflow in Sudo (CVE-2021-3156)
Update command
yum update sudo*Immediate update (via bypass)
yum update sudo* --enablerepo=cloudlinux-rollout-4-bypassCVE-2021-3156 description
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
prev
