Right.. I have hit a rather frustrating problem that I am pretty certain is going to affect ALLOT of people.
My latest PCI compliancy scans on one of my servers threw up a problem.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1146
It seems the kernel 2.6 series of linux (all flavours) has a flaw in it. As a result, PCI compliancy is being denied.
Whats the problem with this?
If you run anything in a container, you get kernel 2.6.32.XX from the guest machine.
Result.
If you run openVZ containers, you have no way of getting PCI-DSS compliance!
Dont know if anyone has any magic fixes to this issue?
Rob
My latest PCI compliancy scans on one of my servers threw up a problem.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1146
It seems the kernel 2.6 series of linux (all flavours) has a flaw in it. As a result, PCI compliancy is being denied.
Whats the problem with this?
If you run anything in a container, you get kernel 2.6.32.XX from the guest machine.
Result.
If you run openVZ containers, you have no way of getting PCI-DSS compliance!
Dont know if anyone has any magic fixes to this issue?
Rob