A new kernel was released from RedHat that fixes a lot of KVM bugs and security vulnerabilities. CentOS has already pushed this kernel to their repositories.
You can find the details about this new kernel here.
Upgrade your KVM guests and hosts soon!
CentOS 4 has been EOL since March 2012. As there is no upgrade path from 4 to 5, many of you may still be running CentOS 4 systems.
At the time of the EOL announcement, the yum repository for CentOS 4 was shutdown. This meant that if you still needed to update packages that were recently updated in the repo, you were out of luck.
The CentOS 4 team announced that the repository has been re-enabled for people that absolutely need their CentOS 4 machine running (PLEASE UPGRADE IF YOU DON’T!). You can re-enable the repository by downloading this file here, placing it in your /etc/yum.repos.d/ directory, and replacing the one that exists there now.
Again, PLEASE UPGRADE TO CENTOS 5 or CENTOS 6 IF YOU DON’T NEED A CENTOS 4 MACHINE RUNNING. This news is great for people that are still migrating off of CentOS 4 or need that C4 machine as it contains many recent critical updates. For example, recent OpenSSL vulnerability patches.
Richard Steenbergen has released excellent slides and a technical document on Traceroute from a presentation he gave at a networking conference.
You can see the slides here. Most people will find that they’re the easiest to follow. However, those that wan’t to dive a bit deeper into the technical networking details, you can also read his document here.
If you’re an IT Manager trying to troubleshoot latency across your network, or a web developer trying to figure out why your web server is acting so slow all of a sudden, and every in between, you’ll find this document worth the read. It’s also a great overview for a beginner.
Thanks to Major Hayden for his initial blog post about this.
Earlier this week, the Internet Systems Consortium (ISC) released an advisory about two critical security problems in the BIND 9 software. The first problem is that BIND can keep certain domains in it’s cache that were previously deleted. The second is a bug that can cause recursive servers to crash and leak data.
An updated version to the BIND 9 DNS software has been released. Red Hat and CentOS have released packages for the security patch. Update now!
More information about Red Hat 5 and 6 released BIND packages here – https://rhn.redhat.com/errata/RHSA-2012-0716.html
More information about Red Hat 5 BIND 9.7 packages here – https://rhn.redhat.com/errata/RHSA-2012-0717.html
You can read more about the issues here – http://isc.sans.edu/diary.html?storyid=13387&rss
- New controversial filesystem structure changes (/lib/, /lib64/, /bin/, and /sbin/ directories have been removed and are now under /usr/)
- EXT4 now support filesystems larger than 16TB
- Removable disks are no longer mounted under /media/, but instead under/run/media/$USER/
- Linux 3.3.4
- Better power support for Sandy Bridge
- Updated KVM version
- New sandbox feature that allows applications to be isolated.
- KVM management client (virt-manager) now supports USB-passthrough to attach things like USB external hard drives to virtual machines.
- Multilayer virtual switch (Open vSwitch)
- Better disk emulation
You can also read more about the changes in Fedora 17 at this great H-Online article.