Product update: Virtuozzo Server 7.0 Update 14 Hotfix 2 (7.0.14-258)

Issue date: 2020-08-19

Applies to: Virtuozzo Server 7.0

Virtuozzo Advisory ID: VZA-2020-058

1. Overview

The Hotfix 2 for Virtuozzo Server 7.0 Update 14 provides security, stability, and usability bug fixes.

2. Security Fixes

• [Moderate] Fixed multiple vulnerabilities in libvncserver by applying upstream fixes. (PSBM-106197, CVE-2019-20839, CVE-2019-20840, CVE-2020-14396, CVE-2020-14397, CVE-2020-14398, CVE-2020-14399, CVE-2020-14400, CVE-2020-14401, CVE-2020-14402, CVE-2020-14403, CVE-2020-14404, CVE-2020-14405)

3. Bug Fixes

• Files inside containers could become corrupted after live migration. (PSBM-105933)
• Mentioned in the documentation that C2V migration is not supported. (PSBM-106603)

4. Installing the Update

Install the update with ‘yum update’.

5. References

• https://access.redhat.com/security/cve/CVE-2019-20839
• https://access.redhat.com/security/cve/CVE-2019-20840
• https://access.redhat.com/security/cve/CVE-2020-14396
• https://access.redhat.com/security/cve/CVE-2020-14397
• https://access.redhat.com/security/cve/CVE-2020-14398
• https://access.redhat.com/security/cve/CVE-2020-14399
• https://access.redhat.com/security/cve/CVE-2020-14400
• https://access.redhat.com/security/cve/CVE-2020-14401
• https://access.redhat.com/security/cve/CVE-2020-14402
• https://access.redhat.com/security/cve/CVE-2020-14403
• https://access.redhat.com/security/cve/CVE-2020-14404
• https://access.redhat.com/security/cve/CVE-2020-14405

The JSON file with the list of new and updated packages is available at JSON file.