[Users] CVE-2014-0196

Benjamin Henrion zoobab at gmail.com
Wed May 14 01:16:50 PDT 2014


On Tue, May 13, 2014 at 5:56 PM, Kir Kolyshkin <kir at openvz.org> wrote:
> We are receiving a lot of inquiries as to what is the status of OpenVZ
> kernel
> with respect to CVE-2014-0196. This email summarizes our knowledge as of
> now.
>
> 1. RHEL5-based OpenVZ kernels (028stabXXX) are not affected.
>
> 2. RHEL6-based OpenVZ kernels (042stabXXX) released during last 12 months
> are not affected.
>
> 3. Older 042stab kernel are affected. Therefore, if you run kernel released
> older than May 2013 (see uname -v) please upgrade and reboot now.
>
> 3. Both OpenVZ kernel team and Red Hat are still looking into the issue,
> an updated kernel might be available.

Can you tell me if 061.2 is affected?

-- 
Benjamin Henrion <bhenrion at ffii.org>
FFII Brussels - +32-484-566109 - +32-2-4148403
"In July 2005, after several failed attempts to legalise software
patents in Europe, the patent establishment changed its strategy.
Instead of explicitly seeking to sanction the patentability of
software, they are now seeking to create a central European patent
court, which would establish and enforce patentability rules in their
favor, without any possibility of correction by competing courts or
democratically elected legislators."


More information about the Users mailing list