Important product update: Virtuozzo PowerPanel RTM Hotfix 3 (7.0.1-415)

Issue date: 2017-09-20

Applies to: Virtuozzo PowerPanel

Virtuozzo Advisory ID: VZA-2017-081

1. Overview

The new packages for Virtuozzo PowerPanel introducing new features as well as security and usability fixes.

2. Security Fixes

  • [Important] Disabled SSLv3 access to the management panel to protect against the POODLE SSLv3 vulnerability. (CVE-2014-3566, PP-427)

3. New Features

  • Added possibility to redeploy controller in place with different certificates and hostname. (PP-412, PP-414)

  • Deployment script can now process intermediate certificates specified with one or more ‘–ssl-intermediate-cert’ parameters. (PP-429)

4. Bug Fixes

  • Clarified backup management in documentation. (PP-352)

  • Containers could become unmanageable after hot migration. (PP-362)

  • The ‘Change password’ dialog with new login details disappeared on mouse click in Firefox. (PP-369)

  • Running VMs could be shown as invalid in PowerPanel after vzapi attempted to process a VM with too many IP addresses assigned. (PP-409)

  • Deployment script could not handle passwords containing the at sign. (PP-428)

  • Described more local users management commands in documentation. (PP-448)

5. Installing the Update

Install the update by running ‘yum update vzapi-installer && vzapi-installer upgrade http://repo.virtuozzo.com/pp/releases/2.0/x86_64/os/Packages/p/pp-release-2.0-4.vl7.noarch.rpm’.

6. References

The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-081.json.