We are happy to announce the release of XCP-ng 8.2.1.
What is XCP-ng 8.2.1?
It's a maintenance update for XCP-ng 8.2 LTS, which has its own version number because it also comes with updated installation images.
XCP-ng 8.2.1 is still XCP-ng 8.2 LTS. It's the same, that just reached a new numbered milestone.
What should users of XCP-ng 8.2 LTS do?
Just update as you would do for any other update to XCP-ng 8.2 LTS.
It is not a security update, so you can also schedule the update at the same time as the next security update when one is released. The update process would then install both updates.
💿 Updated installation images
The 8.2.1 installation images include every update since the release of XCP-ng 8.2, including this 8.2.1 update.
It's a maintenance update, so bringing new features is not the main goal here. It does contain a few enhancements however.
- Rocket Lake processors are now supported.
- Secure boot for VMs is now supported. You will find the full documentation here.
- The installation of Microsoft's KB4535680 update, that used to fail, now works.
- A few components like
qemuare updated to pave the way for future vTPM support. I said future. It's not available yet.
📋 Other notable changes
- Installer fixes
- Guest template for Windows Server 2022 added.
- Log rotation. Log files should now be automatically rotated if they reach a size of 100M, without waiting for the daily log rotation. This will better handle the situations where a single log file grows up very fast to the point of filling the log partition.
- Updated device drivers:
- The default console menu, xsconsole, was updated and includes an improvement that we had contributed to Citrix: when the XAPI service is unreachable on the host, xsconsole will display a useful error message instead of the misleading "no network configured".
- A bug that we discovered and reported upstream regarding the handling of web pages over HTTPS on the host when HTTP support was disabled has been fixed, so we could finally enforce HTTPS for the host's web page. Any request to get the web page on port 80 will reply with a 403 error.
- Our alternate kernel was rebased on kernel.org's
opensslwere updated, which fixes various CVEs. The update to the samba packages pulled several new dependencies such as
- Ciphers now considered weak were disabled in SSH configuration files.