Security Updates 7.0.18, 6.8.16 and 6.5.20 available for Collax Server
The Security Updates 7.0.18 for Security Gateway, Business Server, Groupware Suite and Platform Server, Update 6.8.16 for V-Cube and V-Cube+ and Update 6.5.20 for V-Bien Office, V-Bien and V-Bien Pro fix critical security vulnerabilities discovered by experts in numerous processors and published under the names Meltdown and Spectre respectively.
Kernel and fix update for versions 7.0.18, 6.5.20, 6.8.16
These updates install the kernel in version 4.4.110 with kernel page table isolation implementation (PTI), which prevents kernel mapping in user mode. This kernel feature initially only helps against meltdown and further updates against Spectre are expected in the next weeks and months. The Linux Intel Microcode Data File will also be updated to version 20180108 in preparation for further updates. This should not prevent you from installing this update as soon as possible.
Note on balancing performance and security:
The PTI option is basically a performance-optimizing option. This is deactivated by the update. If your system now uses I/O-intensive server services, you may experience a noticeable loss in performance. It is possible to prefer I/O performance to security in individual cases. In this case, please contact Collax GmbH Support.
For the Collax virtualization products, a fix is applied with regard to VMs that cannot be reached after a data backup.
You can find more information on the topics in the following links.
» Collax Release Notes
» More information about Meltdown and Spectre
» Heise FAQ
» Intel Security Advisory 00088: Systems with Speculative Execution
» AMD Processor Security: Speculative Execution
» Microsoft Blog “Understanding the Performance…”