Product security update: Virtuozzo 7.0 Update 3 Hotfix 2 (7.0.3-640)¶

1. Overview¶

The new package for Virtuozzo 7.0.3 introducing a security fix.

2. Security Fixes¶

• [Moderate] Incorrect checking of locked VM accounts in Virtuozzo SDK allowed one to use any password to log in to a VM with such a locked account via a third-party program using Virtuozzo SDK that was launched on host. Other login methods, e.g., via SSH, were not affected. (PSBM-62160)

3. Installing the Update¶

Install the update by running ‘yum update’.

The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-018.json.