CVE-2016-5195 Dirty COW

[onlime]

Can you give us a time frame when kernel 4.4.19-1-pve (latest available AFAIK) is going to be patched for CVE-2016-5195 / Dirty COW ?

 

[tom]

new kernel with the fix is already on pvetest and will go to the stable repositories next week.
(pve-kernel-4.4.21-1-pve: 4.4.21-70)

 

[Dr_Heisenberg]

How about the 2.6 and 3.10 Kernel from Proxmox 3? Are these going to be fixed also?

 

[tom]

How about the 2.6 and 3.10 Kernel from Proxmox 3? Are these going to be fixed also?

yes, we are already working on this.

 

[tom]

yes, we are already working on this.

we just uploaded 2.6.32 and 3.10 kernel on pvetest repo, fixing CVE-2016-5195 / Dirty COW

 

[mathx]

to make things easier for all: https://pve.proxmox.com/wiki/Package_Repositories

the PVE 3.x test repo for wheezy is listed lower down and pve-kernel package has today's date.

 

[onlime]

Thanks a lot for this fast reaction time and for pushing it soon after to the pve-no-subscription repo.

 

[morph027]

Jip, thank you very much!

 

[Maxor]

Hey is there any chance the fix will be released for squeeze?

 

[fabian]

Hey is there any chance the fix will be released for squeeze?

PVE 2.x based on Debian Squeeze is not supported anymore (since May 2014!)

 

[MrTux]

Does kernel updates has been available in pve-no-subscription repos?

 

[fabian]

yes, updates with the fix are available in pve-no-subscription and pve-enterprise (since last week)

 

[MrTux]

yes, updates with the fix are available in pve-no-subscription and pve-enterprise (since last week)

Thanks Proxmox team very much for create awesome distro :+1:

 

[Yadan]

Hi I try to update my proxmox server 3.2 because of a dirty cow attack but when I try to update there is a 401 error to get the files on the server. Any way to solve this?

 

[wolfgang]

From what repository you get this error?

 

[Yadan]

From what repository you get this error?

I think I'm doing it the wrong way.

I got installed my proxmox server from soyoustart (OVH) and I actually receave this message when I log in

"You do not have a valid subscription for this server. Please visit www.proxmox.com to get a list of available options."

As I just got hacked beacause of the Dirty COW vulnerability I realy need to make something

 

[Yadan]

I think I'm doing it the wrong way.

I got installed my proxmox server from soyoustart (OVH) and I actually receave this message when I log in

"You do not have a valid subscription for this server. Please visit www.proxmox.com to get a list of available options."

As I just got hacked beacause of the Dirty COW vulnerability I realy need to make something

By the way I tried to add the enterprise repository but as I seem not having a subscription key it's probably the wrong way

 

[wolfgang]

Sorry but PVE 3.2 is over 4 years old, so if you really get hacked an update will not fix the situation.

Only a clean installation will secure your system.

 

[Yadan]

Sorry but PVE 3.2 is over 4 years old, so if you really get hacked an update will not fix the situation.

Only a clean installation will secure your system.

Ok how long would it take to backup my openvz CT's, convert them to get back my apps ?

 

[Yadan]

Ok how long would it take to backup my openvz CT's, convert them to get back my apps ?

Would you tell me what backup method do to advise : Snapshot? Suspend? stop? and what compression for a good convertion.