Important product update: Virtuozzo PowerPanel RTM Hotfix 3 (7.0.1-415)¶

1. Overview¶

The new packages for Virtuozzo PowerPanel introducing new features as well as security and usability fixes.

2. Security Fixes¶

• [Important] Disabled SSLv3 access to the management panel to protect against the POODLE SSLv3 vulnerability. (CVE-2014-3566, PP-427)

3. New Features¶

• Added possibility to redeploy controller in place with different certificates and hostname. (PP-412, PP-414)

• Deployment script can now process intermediate certificates specified with one or more ‘–ssl-intermediate-cert’ parameters. (PP-429)

4. Bug Fixes¶

• Clarified backup management in documentation. (PP-352)

• Containers could become unmanageable after hot migration. (PP-362)

• The ‘Change password’ dialog with new login details disappeared on mouse click in Firefox. (PP-369)

• Running VMs could be shown as invalid in PowerPanel after vzapi attempted to process a VM with too many IP addresses assigned. (PP-409)

• Deployment script could not handle passwords containing the at sign. (PP-428)

• Described more local users management commands in documentation. (PP-448)

5. Installing the Update¶

Install the update by running ‘yum update vzapi-installer && vzapi-installer upgrade http://repo.virtuozzo.com/pp/releases/2.0/x86_64/os/Packages/p/pp-release-2.0-4.vl7.noarch.rpm’.

6. References¶

• https://access.redhat.com/security/cve/CVE-2014-3566

The JSON file with the list of new and updated packages is available at http://docs.virtuozzo.com/vza/VZA-2017-081.json.