Virtuozzo Infrastructure 7.2 Hotfix 3 (7.2.0-263)

Issue date: 2026-07-02

Applies to: Virtuozzo Infrastructure 7.2

Virtuozzo Advisory ID: VZA-2026-015

1. Overview

This update delivers important security and stability fixes.

2. Bug Fixes

  • Stale S3 lifecycle timestamps could cause objects to expire at incorrect times. (VSTOR-123887)

  • Extended usage reporting could omit CPU, RAM, storage tier, VPN, floating IP, and VM usage metrics. (VSTOR-126525, VSTOR-131507)

  • S3 geo-replication could crash or fail when replicating multipart uploads and delete markers. (VSTOR-128767)

  • Bidirectional cross-region S3 replication could repeatedly copy objects and delete markers. (VSTOR-129393)

  • A stability fix for MDS. (VSTOR-130065)

  • A security fix for CVE-2026-31431. (VSTOR-130225)

  • Security fixes for CVE-2026-43284 and CVE-2026-43500. (VSTOR-130767)

  • The backup gateway service could fail to synchronize updated registration settings to the upstream. (VSTOR-131456)

  • A security fix for CVE-2026-46333. (VSTOR-131868)

  • A security fix for CVE-2026-46300. (VSTOR-132074)

  • An improvement in monitoring. (VSTOR-132477)

  • Failed to delete S3 objects from the UI. (VSTOR-132533)

  • A security fix for CVE-2026-49975. (VSTOR-133971)

3. Installing the Update

You can update Virtuozzo Infrastructure in the SETTINGS > UPDATES section of the admin panel. Placing nodes in the maintenance mode is required to obtain this update.

The source of this advisory is available in the JSON file.