Details
-
Type:
Dev Task
-
Status: Closed
-
Priority:
Major
-
Resolution: Won't Fix
-
Fix Version/s: Vz7.0-Update9
-
Component/s: Containers::Kernel
-
Security Level: Public
-
Environment:Virtuozzo Linux release 7.5
Description
Stable repos haven't received a kernel update since 3.10.0-862.11.6.vz7.64.7 which was built in August and released in September 2018.
There have since been multiple security patches applied to the 3.10.0 kernel upstream and you guys have released ReadyKernel live patches, yet no actual kernel updates since September.
If we were running CentOS 7 we would have these security patches already.
I get that ReadyKernel is a premium feature, however you're doing the Linux world a disservice by ensuring everyone using Virtuozzo Linux 7 as an open source OS does not receive security patched kernel updates from the repos.
I can think of two possible solutions to this:
1. If you guys don't want to be spending time building patched kernels, then you really should just make ReadyKernel patches open to the public, or
2. Simply release patched kernels to the repos like you have been for OpenVZ 6 on kernel 2.6.32
7.8.0 (390) is the latest release showing: https://download.openvz.org/virtuozzo/releases/
And the latest kernel is vzkernel-3.10.0-862.11.6.vz7.64.7.x86_64.rpm which is months behind in security patches: https://download.openvz.org/virtuozzo/releases/
There have since been multiple security patches applied to the 3.10.0 kernel upstream and you guys have released ReadyKernel live patches, yet no actual kernel updates since September.
If we were running CentOS 7 we would have these security patches already.
I get that ReadyKernel is a premium feature, however you're doing the Linux world a disservice by ensuring everyone using Virtuozzo Linux 7 as an open source OS does not receive security patched kernel updates from the repos.
I can think of two possible solutions to this:
1. If you guys don't want to be spending time building patched kernels, then you really should just make ReadyKernel patches open to the public, or
2. Simply release patched kernels to the repos like you have been for OpenVZ 6 on kernel 2.6.32
7.8.0 (390) is the latest release showing: https://download.openvz.org/virtuozzo/releases/
And the latest kernel is vzkernel-3.10.0-862.11.6.vz7.64.7.x86_64.rpm which is months behind in security patches: https://download.openvz.org/virtuozzo/releases/
