XEN Security Update XSA-182/CVE-2016-6258
Issue | Summary | Affected Versions | Fixed | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Static Compute Resources | CloudBoot Compute Resources | Static Compute Resources | CloudBoot Compute Resources | ||||||
| CentOS 5.x | CentOS 6.x | CentOS 5.x | CentOS 6.x | CentOS 5.x | CentOS 6.x | CentOS 5.x | CentOS 6.x | ||
| XSA-182/CVE-2016-6258 | Privilege escalation in PV guests | ✓* | ✓* | ✓* | ✓* | ✓ | ✓ | ✓ | ✓ |
* This issue affects only the compute resources with Linux guests (PV mode).
Static Compute Resources
CentOS 5.x
- The following procedures should update to the xen-3.4.4-23.el5.onapp version.
- For OnApp HV tools version 4.2, the onapp-hv-tools-xen-4.2.0-9.1.el5 package will also be installed.
CentOS 6.x
- For versions of OnApp HV tools prior to version 4.2.0 the following procedures should update to the xen-4.2.5-38.29.onapp version.
- For versions of OnApp HV tools after version 4.2.0 the fix is provided by CentOS.org. The following procedure should update to the xen-4.4.4-9.el6.centos version.
- For OnApp HV tools version 4.2, the onapp-hv-tools-xen-4.2.0-9.1.el6 package will also be installed.
For customers willing to upgrade to the latest compute resource tools (corresponding to OnApp version installed) or running OnApp version 4.2 and 4.3
To eliminate the security issue for Static Compute Resources:
Run the OnApp Xen Compute Resource installer
1/onapp/onapp-hv-install/onapp-hv-xen-install.shReboot all compute resources.
For customers which are using latest compute resource tools or do not want to upgrade them:
CentOS 5.x
1# yum update xen xen-libsCentOS 6.x
1# yum update xen xen-hypervisorReboot all compute resources.
CloudBoot Compute resources
To eliminate the security issue for Cloudboot Compute Resources, run the OnApp 4.2.1-11 Storage Update. Use the CloudBoot Compute Resources upgrade procedure (only reboot option is applicable) to install the update.
This should update to the following version:
- onapp-store-install-4.2.1-11.noarch.rpm
