-
November 2019 security update for XCP-ng
New security update candidates are available (XCP-ng 7.6 and 8.0). As usual, I will only release them to everyone after enough testing, so if you can please install the update candidates.
Instructions there: https://github.com/xcp-ng/xcp/issues/302
Please use the github issues to provide feedback so this thread here remains clean.
But also...
I'm also still interested in feedback regarding the added support in the guest tools ISO for:
- CloudLinux
- Alpine Linux
- FreePBX (Sangoma Linux)
... and the added Debian 10 template. See my post about that https://xcp-ng.org/forum/post/18268 above.
I'd like to release all updates at the same time if possible.
-
Hi Stormi - any chance you could add support for Gentoo Linux?
-
It's not on my priority list but I'd probably accept a well tested pull request to https://github.com/xcp-ng/xe-guest-utilities/
-
@stormi said in Updates announcements and testing:
November 2019 security update for XCP-ng
New security update candidates are available (XCP-ng 7.6 and 8.0). As usual, I will only release them to everyone after enough testing, so if you can please install the update candidates.
Instructions there: https://github.com/xcp-ng/xcp/issues/302
Please use the github issues to provide feedback so this thread here remains clean.
The security issues are serious and public, and I haven't had any feedback about the update candidates yet, so I'm doubling my call.
-
Last chance to test before I release them based only on our internal testing.
-
Updates published: https://xcp-ng.org/blog/2019/11/08/xcp-ng-security-bulletin-november-2019/
-
No problem here, RHEL 8 support for guest tools works as expected (tested on the last RHEL 8.1 release), good job
-
Updated a two node XCP-ng 8.0 homelab without any issues
-
updates ran with no problems
-
I did the November 2019 updates for XCP-ng 8 on a standalone host as well as a 3 node cluster. No problems so far.
-
Get ready for testing. New (previously unforeseen) security updates are coming soon for testing. You can thank hardware bugs in CPUs (and it's only starting)
-
Testing: November 2019 security update for XCP-ng, 2nd Impact
New security update candidates are available (XCP-ng 7.6 and 8.0). As usual, I will only release them to everyone after enough testing, so if you can please install the update candidates.
Instructions there: https://github.com/xcp-ng/xcp/issues/308
Please use the github issues to provide feedback so this thread here remains clean.
-
End of WE soon, still interested in feedback for release tomorrow.
-
@stormi intel only it seems?
-
There's a misunderdstanding when I ask for tests. What hardware you have doesn't really matter. Even if you don't have Intel CPUs, your hosts will receive the updates. So they are impacted. If there are regressions in the updates, you'll be impacted.
That's why what's the most important with all the updates I ask feedback for is not what they fix, it's what they don't break. A large number of "I installed them, things seem to still function normally" is what we really need.
Testing the actual changes the updates bring is a plus, but not a requirement to be able to contribute.
-
Security Updates released. Intel hardware again. You'll need to choose between safety and performance regarding one of the flaws if you are running untrusted guests. https://xcp-ng.org/blog/2019/11/18/security-updates-for-intel-hardware/
-
I just pushed a bugfix update for XCP-ng 8.0:
sm-2.2.3-1.0.3.xcpng8.0
.If fixes a never-ending coalesce issues described at https://github.com/xcp-ng/xcp/issues/298 and https://bugs.xenserver.org/browse/XSO-966
If you had alread applied all the security updates, there's no hurry. You can wait for the next batch of security updates if you don't strictly require the fix. If you apply it alone, no reboot is required.
xe-toolstack-restart
is enough. -
@stormi Thank you!
I'll be applying and validating the patch. -
@stormi the update actually solves the problem of zombies process, but the coalesce, all disks after backup/snapshot (removal) still continue with a 1 disk stuck in the leaf chain.
I am also testing the update made available in https://support.citrix.com/article/CTX265619 in an XS 7.1 pool.
-
I'm interested in the results because it's the same patch!