[Debian] [Announce] [Security] vzctl 4.9.4

Sergey Bronnikov sergeyb at openvz.org
Wed Aug 26 07:17:46 PDT 2015 

Hi

On 23:15 Tue 25 Aug , Ola Lundqvist wrote:
> Hi Sergey
> 
> How serious should we consider this problem? Should I ask the Debian
> security team (Debian do not accept new revisions, just backports for
> security fixes to their stable releases) to backport this correction to the
> current vzctl stable package?

I think it is better to backport fix to stable releases.

> In the meantime I'll build this 4.9.4 for debian unstable and also upload
> to the openvz download directory. First testing and then after a few days
> to the wheezy and jessie stable targets.
> 
> Regards,
> // Ola
> 
> 
> On Tue, Aug 25, 2015 at 2:32 PM, Sergey Bronnikov <sergeyb at openvz.org>
> wrote:
> 
> > OpenVZ project has released a new vzctl update for legacy OpenVZ.
> > Read below for more information. Everybody is advised to upgrade.
> >
> > Changes
> > =======
> > * store VE layout to VE config on start
> > * store VE layout in VE config during create and convert
> >
> > See full changelog here:
> > https://src.openvz.org/projects/OVZL/repos/vzctl/commits
> >
> > Download
> > ========
> > http://wiki.openvz.org/Download/vzctl/4.9.4
> >
> >
> > Thanks
> > ======
> > OpenVZ project would like to thank the RACK911LABS for discovering this
> > bug and
> > providing the attack scenario.
> >
> >
> > Bug reporting
> > =============
> > Please report all bugs found to https://bugs.openvz.org/
> >
> >
> > Other sources of info on updates
> > ================================
> > See http://planet.openvz.org/ to view all the news (including updates)
> > online.
> > There you can also find RSS/Atom feed links.
> >
> >
> > Regards,
> >     OpenVZ team
> > _______________________________________________
> > Announce mailing list
> > Announce at openvz.org
> > https://lists.openvz.org/mailman/listinfo/announce
> >
> 
> 
> 
> -- 
>  --- Inguza Technology AB --- MSc in Information Technology ----
> /  ola at inguza.com                    Annebergsslingan 37        \
> |  opal at debian.org                   654 65 KARLSTAD            |
> |  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
> \  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
>  ---------------------------------------------------------------

--

More information about the Debian mailing list