RSS
Tag: technical-blog

CentOS 6 ELS kernel v.2.6.32-754.29.3 has been scheduled for gradual rollout

Feb 2, 2021 4:44:59 PM

kernel

CentOS 6 ELS kernel v.2.6.32-754.29.3.el6 has been scheduled for gradual rollout from our production repository.

Rollout slot: 2

Rolled out to: 1%

ETA for 100%: February, 16

Changelog

  • CKSIX-268: futex: Handle faults correctly for PI futexes
  • CKSIX-268: futex: Provide and use pi_state_update_owner()
  • CKSIX-263: KEYS: allow reaching the keys quotas exactly
  • CKSIX-263: KEYS: reaching the keys quotas correctly
  • CKSIX-263: fix -ENOMEM result with invalid user space pointer in
    sendto() syscall
  • CKSIX-263: CVE-2017-18344: posix-timer: Properly check sigevent->sigev_notify
  • CKSIX-263: CVE-2018-6927: futex: Prevent overflow by strengthen
    input validation
  • CKSIX-258: CVE-2017-6951: KEYS: Change the name of the dead type to
    ".dead" to prevent user access
  • CKSIX-258: CVE-2017-15299: KEYS: don't let add_key() update an
    uninstantiated key
  • CKSIX-258: fix CVE-2016-9604
  • CKSIX-258: KEYS: add missing permission check for request_key() destination
  • CKSIX-258: KEYS: prevent KEYCTL_READ on negative key
  • CKSIX-258: CVE-2017-10661: timerfd: Protect the might cancel mechanism proper
  • CKSIX-258: fix CVE-2017-7472
  • CKSIX-258: fix CVE-2017-15274

Update

yum update kernel*

Immediate update (via bypass)

yum update kernel* --enablerepo=ELS6-rollout-2-bypass
READ MORE

MySQL for MySQL Governor has been scheduled for gradual rollout

Feb 2, 2021 4:15:26 PM

mysql

New updated MySQL packages for MySQL Governor for CloudLinux OS 6, 7, and 8 have been scheduled for gradual rollout from our production repository.

Rollout slot: 3

Rolled out to: 0.2%

ETA for 100% rollout: February, 16

Changelog

Platforms: CloudLinux 6, CloudLinux 7, CloudLinux 8

cl-MySQL56-5.6.51-1
  • Updated up to 5.6.51
cl-MySQL57-5.7.33-1
  • Updated up to 5.7.33

Platforms: CloudLinux 7, CloudLinux 8

cl-MySQL80-8.0.23-1
  • Updated up to 8.0.23

Installation

To install cl-MySQL packages, follow our documentation for the instructions here.
 
Note: There is no way to immediate install for these packages (only immediate update).
For new installation you should install the current stable packages through the governor-mysql using instruction above and only after that you can update cl-MySQL from the rollout slot via bypass.

Immediate Update (via bypass)

Note: make a full database backup (including system tables) before you upgrade MySQL or switch to MariaDB. This action will prevent data loss in case something goes wrong.

To update MySQL, run:

# yum update cl-MySQL* --enablerepo=cloudlinux-rollout-3-bypass
READ MORE

CloudLinux 6 kernel v.1.4.81 has been scheduled for gradual rollout

Feb 2, 2021 3:51:03 PM

kernel

CloudLinux 6 kernel version 2.6.32-954.3.5.lve1.4.81 has been scheduled for gradual rollout from our production repository.

Rollout slot: 4

Rolled out to: 1%

ETA for 100%: February, 16

Changelog

  • CKSIX-268: futex: Handle faults correctly for PI futexes
  • CKSIX-268: futex: Provide and use pi_state_update_owner()

Update

yum install kernel-2.6.32-954.3.5.lve1.4.81.el6

Immediate update (via bypass)

yum install kernel-2.6.32-954.3.5.lve1.4.81.el6 --enablerepo=cloudlinux-rollout-4-bypass
READ MORE

Beta: CageFS and LVE-Utils updated

Feb 2, 2021 2:46:16 PM

cageFS-beta

New updated CageFS and LVE-Utils packages are now available for download from our updates-testing repository.

Changelog

cagefs-7.1.8-1

lve-utils-4.2.28-1

  • LU-1893: cldiag - remove unneeded test users

Update command

yum update cagefs lve-utils --enablerepo=cloudlinux-updates-testing
READ MORE

Alt-PHP updated

Jan 29, 2021 1:51:54 PM

alt-php

New updated Alt-PHP packages are now available for download from our production repository.

READ MORE

Beta: LVE Manager updated

Jan 28, 2021 4:15:04 PM

lve-manager-beta

A new updated LVE Manager package is now available for download from our updates-testing repository.

READ MORE

LVE Manager updated

Jan 28, 2021 4:12:34 PM

lve-manager

New updated LVE Manager package is now available for download from our production repository.

READ MORE

An updated LVE Manager package has been scheduled for gradual rollout

Jan 28, 2021 4:07:34 PM

lve-manager

An updated lvemanager-6.3.7.1-1 package has been scheduled for gradual rollout from our production repository.

Rollout slot: 5

Rolled out to: 25.6%

ETA for 100% rollout: February, 18

Changelog

lvemanager-6.3.7.1-1

  • LVEMAN-1718: Fixed a security issue in the cloudlinux-selector

Update command

yum update lvemanager

Immediate update (via bypass)

yum update lvemanager --enablerepo=cloudlinux-rollout-5-bypass
READ MORE

Beta: MySQL for MySQL Governor updated

Jan 28, 2021 2:40:15 PM

mysql-beta

New updated MySQL packages for MySQL Governor for CloudLinux 7 and 8 are now available for download from our updates-testing repository.

READ MORE

A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 Extended Lifecycle Support has been rolled out to 100%

Jan 28, 2021 8:37:00 AM

Extended-CL

A new sudo package with the CVE-2021-3156 fix within CloudLinux 6 extended lifecycle support has been rolled out to 100% and is now available for download from our production repository.

Changelog

sudo-1.8.6p3-30.cloudlinux.els6

  • Fixed Heap-based buffer overflow in Sudo (CVE-2021-3156)

Update command

yum update sudo*

CVE-2021-3156 description

Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

READ MORE
imunify-logo

WEB SERVER SECURITY BLOG

READ MORE ABOUT WEB SERVER SECURITY

Subscribe to CloudLinux Newsletter

aicpa soc
pci-dss
eu gdpr compliant
© All rights reserved. CloudLinux Inc.
Terms of Use | Privacy Policy | Vulnerability Reporting | Legal | Do Not Sell My Personal Data

Call Sales at +1 (800) 231-7307
Email sales@cloudlinux.com