OpenVZ Vulnerability Requires Kernel Update

An update for OpenVZ was just released to address a serious security vulnerability and it is recommended that you update as soon as possible.
Note : This bug is not a part of the Virtualizor VPS Panel, but rather a bug in OpenVZ.

A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from an #SS (stack segment) fault on an erroneous return to user space. A local, unprivileged Container user could use this flaw to crash the Hardware Node or escalate their privileges on the system. Hence we recommend that all nodes running OpenVZ should update immediately.

The changelog of the latest kernel :

https://wiki.openvz.org/Download/kernel/rhel6/042stab094.8

To update please run the following command :
root> yum update

A system reboot will be required for the changes to take place. Before rebooting please make sure the kernel entry in your grub is the latest OpenVZ kernel.

If you need any assistance you can contact the Virtualizor team.

Regards,
The Virtualizor Team

Virtualizor 2.6.0 Launched !

Hi,

The Virtualizor Team has released Virtualizor 2.6.0
This version has new features and some bug fixes.

1) [Feature] IPv6 Support added for Virtualizor Reverse DNS.

2) [Feature] The admin can enable the option to show the Server Name/Location in the Virtualizor Enduser Panel. By default this is disabled. To enable it, just change the configuration from the Admin Panel.

3) [Feature] The new SolusVM OpenVZ VPS Importer is in BETA stage now. You can import all slaves as well. While importing SolusVM will continue to work. There is also a WHMCS importer so all your orders can be converted to Virtualizor orders as well. The complete guide can be found here : http://www.virtualizor.com/wiki/SolusVM_Import_Guide

4) [Task] Resellers can now edit the “Sub User” of the VPS even the sub user has not enough resources allocated.

5) [Bug Fix] For an OpenVZ Node, Bandwidth was not reported correctly for the Host Node if the interface is not eth0. This is fixed now.

6) [Bug Fix] For OpenVZ Ploop based VMs, the inode count bug has been fixed.

7) [Bug Fix] Users could set the Reverse DNS for the IP which is not assigned to them. This is fixed now.

8) [Bug Fix] For Ubuntu based hosts, DHCP was now working properly. This is fixed now.

9) [Bug Fix] Bandwidth of a VPS used to show a spike if a suspended VPS was unsuspended. This is fixed now.

Regards,
The Virtualizor Team

Virtualizor 2.5.9 Launched !

Hi,

The Virtualizor Team has released Virtualizor 2.5.9
This version has new features and some bug fixes.

1) [Feature] The ReverseDNS feature has been re-written. It has been improved.

2) [Feature] The new WHMCS module with NoVNC support has been launched.

3) [Feature] IPv6 Subnet Manager has been added in the Enduser Panel. Now the enduser can manage his IPv6 Subnets by defining new IPv6 from their Subnet.

4) [Feature] EMPS will be upgraded automatically while Virtualizor upgrade.

5) [Task] OpenVZ default Inode count increased

6) [Task] Postfix installation has been added to the Virtualizor installer.

7) [Bug Fix] SMTP email sender Improved.

8) [Bug Fix] Cloud user could not edit the user of a VM. This is fixed now.

9) [Bug Fix] In Rebuild VPS Email, VNC details were not send. This is Fixed now.

10) [Bug Fix] Users were not able to login in to Admin/Enduser Panel if the user password contains the “&” character. This is fixed now.

11) [Bug Fix] While Adding or rebuilding the VPS in XEN, VNC port were displayed wrong in “VPS information window”. This is fixed now.

12) [Bug Fix] In PowerDNS, SOA records were deleted while any domain is added by the user, which caused forward DNS to fail. This is fixed now.

13) [Bug Fix] After Migration, VPS were not edited/started if the admin has “Delete Origin” checked.

14) [Bug Fix] In XEN, migrated VPS were not given proper VPS Name after migration. This is Fixed now.

15) [Bug Fix] Due to improper sync between Slave and Master Server, List VPS were not updated after migration.

16) [Bug Fix] NoVNC selection box was not working properly due to the new Combobox. This is fixed now.

17) [Bug Fix] For XEN Servers, Bandwidth Stats fixed for ioemu type VMs.

18) [Bug Fix] In Edit VM, IP selection box disappears if we remove the IP. (If the server has NO IPs left.) This is fixed now.

19) [Bug Fix] If plan was set with 1 IP, the IP was not selected while adding the VPS.

20) [Bug Fix] No scroller was there in VPS Lists in various VPS management utilities. This is fixed now.

21) [Bug Fix] In the Admin Index wrong total space of VPS Stroage was shown in Admin Index. This is fixed now.

22) [Bug Fix] SolusVM importer could not connect to the Database. This is fixed now.

Virtualizor supports OpenVZ, Xen, XenServer and Linux-KVM on CentOS and Ubuntu and they all can be managed from the Master. We are adding more features and if you have any suggestions, do let us know. We hope you enjoy this version of Virtualizor.

Regards,
The Virtualizor Team

OpenVZ Security Release

An update for OpenVZ was just released to address a serious security vulnerability and it is recommended that you update as soon as possible.

Note : This bug is not a part of the Virtualizor VPS Panel, but rather a bug in OpenVZ.

This update fixes a security issue which allows access to the host filesystem from inside a container. Hence we recommend that all nodes running OpenVZ should update immediately.

The changelog of the latest kernel :

https://wiki.openvz.org/Download/kernel/rhel6/042stab094.7

To update please run the following command :
root> yum update

A system reboot will be required for the changes to take place. Before rebooting please make sure the kernel in your grub is the latest OpenVZ kernel.

If you need any assistance you can contact the Virtualizor team.

Regards,
The Virtualizor Team

Virtualizor 2.5.8 Launched !

Hi,

The Virtualizor Team has released Virtualizor 2.5.8
This version has new features and some bug fixes.

1) [Bug Fix] Virtualizor OpenVZ Importer was not importing the Container if the container name is > 1000. This is Fixed now.

2) [Bug Fix] While editing the OpenVZ container, the container edit fails if the template was removed. This is fixed now.

3) [Feature] New WHMCS module released with the “Control Panel” as a Configurable Option.

4) [Feature] New Option added to give a Hostname pattern to all the VMs created with the WHMCS module. You can set the pattern by editing virtualizor_conf.php file.

Virtualizor supports OpenVZ, Xen, XenServer and Linux-KVM on CentOS and Ubuntu and they all can be managed from the Master. We are adding more features and if you have any suggestions, do let us know. We hope you enjoy this version of Virtualizor.

Regards,
The Virtualizor Team

Virtualizor 2.5.7 Launched !

Hi,

The Virtualizor Team has released Virtualizor 2.5.7
This version has new features and some bug fixes.

1) [Feature] Network Speed options have been added for Cloud / Reseller Accounts.

2) [Feature] Control Panel install option has been added on Create VPS Page. Now the admin can install Control Panel while creating a VPS.

3) [Feature] An easy VNC access button has been added in the Admin Panel -> List VPS page.

4) [Feature] The VPS list drop down in Admin OS Reinstall, Migrate and VNC Page has been improved. Admins can now search from the list as well.

5) [Feature] Internal / Additional Network can be now created for KVM and Xen VMs.

6) [Feature] If an Admin wants some VMs to be excluded from the ebtables rules, this is now possible. The Admin can set VPS plan IDs in the universal.php for this purpose. Complete guide : http://virtualizor.com/wiki/Ebtables_Exclude

7) [Task] Add/Rebuild VPS page will now display more error logs if there are any errors while adding or rebuilding the VPS.

8) [Task] VPS naming convention has been changed for XEN. All new VMs will now have a “v” prefixed for the VPS Name.

9) [Bug Fix] POODLE issue has been resolved.

10) [Bug Fix] The Available resources of a Cloud User was not shown correctly sometimes. This is now fixed.

11) [Bug Fix] Queue creation option in “Configuration” page was always saving value 1. This is fixed now.

12) [Bug Fix] Edit VM Link in Cloud / Reseller Panel has been fixed.

13) [Bug Fix] VMs created via the Blesta Module were going in the wrong user account. This is now fixed.

14) [Bug Fix] In the VPS Management Panel, IPv6 Mask was missing for IPv6 subnets.

15) [Bug Fix] Cloud users were allowed to create more than the number specified by the admin. This is fixed now.

Virtualizor supports OpenVZ, Xen, XenServer and Linux-KVM on CentOS and Ubuntu and they all can be managed from the Master. We are adding more features and if you have any suggestions, do let us know. We hope you enjoy this version of Virtualizor.

Regards,
The Virtualizor Team

Xen Vulnerability XSA-108


An update for Xen has been released to address a vulnerability where a buggy or malicious HVM guest can crash the host or read data relating to other guests or the hypervisor itself. Xen Versions 4.1 and above are affected.

Note : This bug is not a part of the Virtualizor VPS Panel, but rather a bug in Xen. The entire detail of the bug can be found below.

If your Virtualizor Host Node is running CentOS 6 with Xen (mostly it will be running Xen 4.2.x) or Xen 4.1 and above, you will need to yum update Xen and reboot the server. The command is as follows :

root> yum -u update
root> /usr/bin/grub-bootxen.sh

Note : You will need to reboot the server.

If you need any assistance updating Xen, please contact the Virtualizor support team.

Following is the security advisory :

Xen Security Advisory CVE-2014-7188 / XSA-108
                   version 4

              Improper MSR range used for x2APIC emulation

UPDATES IN VERSION 4
====================

Public release.

ISSUE DESCRIPTION
=================

The MSR range specified for APIC use in the x2APIC access model spans
256 MSRs. Hypervisor code emulating read and write accesses to these
MSRs erroneously covered 1024 MSRs. While the write emulation path is
written such that accesses to the extra MSRs would not have any bad
effect (they end up being no-ops), the read path would (attempt to)
access memory beyond the single page set up for APIC emulation.

IMPACT
======

A buggy or malicious HVM guest can crash the host or read data
relating to other guests or the hypervisor itself.

VULNERABLE SYSTEMS
==================

Xen 4.1 and onward are vulnerable.

Only x86 systems are vulnerable.  ARM systems are not vulnerable.

MITIGATION
==========

Running only PV guests will avoid this vulnerability.

CREDITS
=======

This issue was discovered Jan Beulich at SUSE.

RESOLUTION
==========

Applying the attached patch resolves this issue.

xsa108.patch        xen-unstable, Xen 4.4.x, Xen 4.3.x, Xen 4.2.x

Sources :
http://xenbits.xen.org/xsa/
http://lists.centos.org/pipermail/centos-announce/2014-October/020662.html

Regards,
The Virtualizor Team

Virtualizor 2.5.6 Launched !

Hi,

The Virtualizor Team has released Virtualizor 2.5.6
This version has new features and some bug fixes.

1) [Features] User Management has been added in Reseller/Cloud Panel. Cloud users can now create and delete users.

2) [Task] German Language has been rectified and updated in this version.

3) [Task] Description for Scientific Linux was missing and is now added in the Enduser Panel.

4) [Task] Backup server passwords are now saved in an encrypted format.

5) [Task] The UI of the Edit Backup Server wizard has been improved.

6) [Task] VPS Info div which is shown when the admin hovers over the VPS ID has been improved to suite multiple languages.

7) [Bug-Fix] If a VPS was created with two or more IPs from different subnets, the primary IP was not set correctly. This is fixed now.

8) [Bug-Fix] Custom DNS Nameservers set for one particular VPS were not written to the resolv.conf. This is fixed now.

9) [Bug-Fix] Enduser Control Panel installation bug has been fixed in XenServer.

10) [Bug-Fix] If any error occurs while creating/rebuilding the VPS, the error was not displayed properly. This is Fixed now.

11) [Bug-Fix] ebtables rules are now saved while creating or editing the VPS.

12) [Bug-Fix] ISPconfig installer in Enduser Control panel issue has been fixed for all virtualizations.

13) [Bug-Fix] VPS data was overwritten if a user enabled the Rescue mode on a VPS not on the master server. This is fixed now.

14) [Bug-Fix] PV on HVM settings in configuration were not shown on Masters which were not Xen. This is fixed now.

15) [Bug-Fix] VPS suspend, unsuspend and shutdown for HVM VPS issue has been fixed in XenServer.

16) [Bug-Fix] In OpenVZ, if a cloud user edits their instance, “I/O priority” error was displayed by default. This is fixed now.

NOTE : A critical bash vulnerability was found in the past week. Its advised that you update your bash ASAP.

Virtualizor supports OpenVZ, Xen, XenServer and Linux-KVM on CentOS and Ubuntu and they all can be managed from the Master. We are adding more features and if you have any suggestions, do let us know. We hope you enjoy this version of Virtualizor.

Regards,
The Virtualizor Team

Virtualizor 2.5.5 Launched !

Hi,

The Virtualizor Team has released Virtualizor 2.5.5
This version has new features and some bug fixes.

1) [Feature] Cloud users can now “Edit VPS” from the Dashboard.

2) [Feature] Added several NIC card Modules added for XEN and KVM. You can create/edit VPS with new NIC cards which can be found at “Advance settings” option.

3) [Feature] PV on HVM support added for XEN-HVM VPS. The option can be found at “Advanced Option” section of create/edit VPS.

4) [Feature] ISPConfig Control panel added in “Install Control Panel” option of Enduser Panel. Now users can install ISPConfig in their VPS with one click install.

5) [Feature] Change package option added for WHMCS Virtualizor Cloud Account module.

6) [Feature] Added a configuration to calculate Bandwidth as per the service period. The admin needs to enable this from the Admin Panel -> Configuration

7) [Feature] Swap memory is now optional for XenPV VMs.

8) [Feature] Added the option for the Admin to login as user from the Admin panel.

9) [Task] PhpMyAdmin updated to latest version.

10) [Task] Sorting of User Logs improved.

11) [Task] Virtualizor XenServer edition has been improved. Some new features will be coming soon.

12) [Task] Tight VNC Viewer and SSH Terminal Signed and updated for Virtualizor XenServer.

13) [Bug Fix] IP address and User Agent check added for sessions to improve session security.

14) [Bug Fix] Gateway issue fixed for SUSE VPS created on OVH network.

15) [Bug Fix] Email Attachment issue has been fixed for SMTP emails.

16) [Bug Fix] Cloud User IP Resources showed unlimited if set to 0 while creating the cloud user. This is fixed now.

17) [Bug Fix] “Disable Control Panel” option in Configuration Page was not storing the value, which caused “Install Control Panel” option to be visible in the Enduser panel. This is fixed now.

18) [Bug Fix] Delete VPS operation did not show “Done” message after deleting the VPS. This is fixed now.

19) [Bug Fix] Traffic shaping failed when the speed for an OpenVZ VPS was set to 100+ Mbps. This is fixed now.

Virtualizor supports OpenVZ, Xen, XenServer and Linux-KVM on CentOS and Ubuntu and they all can be managed from the Master. We are adding more features and if you have any suggestions, do let us know. We hope you enjoy this version of Virtualizor.

Regards,
The Virtualizor Team