OnApp 5.0 CloudBoot KVM Security Update
This update addresses the Meltdown and Spectre vulnerabilities (CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754) for CentOS 6 KVM. For more information, refer to Meltdown and Spectre CPU Issues.
The following package has been released for CloudBoot:
- onapp-store-install-5.0.0-38.noarch.rpm
Use CloudBoot Compute Resources and CloudBoot Backup Server upgrade procedures to install the update. ‘Simple reboot’ and ‘Migrate and Reboot’ options are available.
| Key | Type | Release Notes | Affects Version/s |
|---|---|---|---|
| CLOUDBOOT-176 | Fix | Updated the kernel to version 2.6.32-696.3.2.el6.x86_64 for CentOS 6 KVM ramdisk to address the CVE-2017-1000364 issue. | All OnApp versions |
| CLOUDBOOT-177 | Fix | Updated the glibc packages for CentOS6 KVM and Xen ramdisks to address the CVE-2017-1000366 issue. | All OnApp versions |
| CLOUDBOOT-178 | Fix | Fixed the issue caused by the old Intel i40e driver version having a bug preventing the X710 quad NICs from receiving multicast packets when the ethX was bridged. | 5.0 |
CLOUDBOOT-195 | Fix | Updated KVM packages to version 0.12.1.2-2.503.el6_9.4 for CentOS 6 KVM to address the CVE-2017-5715 issue. | All OnApp versions |
| CLOUDBOOT-198 | Fix | Updated libvirt packages to version 0.10.2-62.el6_9.1 for CentOS 6 KVM to address the CVE-2017-5715 issue. | All OnApp versions |
| CLOUDBOOT-192 | Fix | Updated the kernel to version 2.6.32-696.18.7.el6.x86_64 for CentOS 6 KVM to address the CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 issues. | All OnApp versions |
