96MB Forum
Unknown Xen exploits? - Printable Version

+- 96MB Forum (http://96forum.com)
+-- Forum: VPS Discussions (http://96forum.com/forumdisplay.php?fid=32)
+--- Forum: VPS Discussions (http://96forum.com/forumdisplay.php?fid=42)
+--- Thread: Unknown Xen exploits? (/showthread.php?tid=212)

Unknown Xen exploits? - spammy - 03-04-2015

Just got this email from Linode:


Linode recently received several Xen Security Advisories (XSAs) that require us to perform updates to our host servers. In order to apply the updates, hosts and the Linodes running on them must be rebooted. The XSAs will be publicly released by the Xen project team on March 10th, therefore we must complete the updates before that date.

These updates are required to protect the security and safe operations of not only our infrastructure, but yours as well. We understand that a disruption with such limited notice is inconvenient, and we hope you understand that these measures are warranted due to the severity of the XSAs.

Your Linodes have been assigned a maintenance window in which a reboot will occur. These times are listed within the Linode Manager[1] in the timezone set in your user's My Profile[2]. Your schedule in UTC timezone is as follows:

* 2015-03-08 10:00:00 PM UTC - linodexxxxxx

During the maintenance window Linode instances will be cleanly shut down while we perform the updates. Your Linode will be inaccessible during this time. A two-hour window is allocated, however the actual downtime can be much less. After the maintenance, each Linode will then be booted. See our Reboot Survival Guide[3] for tips and hints on configuring and testing that your Linode services boot properly after the maintenance.

Unfortunately, due the logistical demands of this effort, your assigned windows are not changeable and the host reboots are mandatory.

For general information, please see our status post: <http://status.linode.com/incidents/2dyvn29ds5mz>

Please let us know if there is anything we can do to assist.

[1] <https://manager.linode.com/linodes>
[2] <https://manager.linode.com/profile>
[3] <https://www.linode.com/docs/uptime/reboot-survival-guide>


Usually big companies like Linode get the warnings earlier than the rest so that they can patch things up.

Anyone aware of the severity of the exploit?