<link href="/user/plugins/datatables/assets/datatables.min.css" type="text/css" rel="stylesheet"> <link href="/user/plugins/markdown-notices/assets/notices.css" type="text/css" rel="stylesheet"> <link href="/user/plugins/form/assets/form-styles.css" type="text/css" rel="stylesheet"> <link href="/user/plugins/simplesearch/css/simplesearch.css" type="text/css" rel="stylesheet"> <link href="/user/plugins/highlight/css/default.css" type="text/css" rel="stylesheet"> <link href="/user/plugins/login/css/login.css" type="text/css" rel="stylesheet"> <link href="/user/themes/imagefactory/css/components.min.css" type="text/css" rel="stylesheet"> <link href="/user/themes/imagefactory/css/otc.css" type="text/css" rel="stylesheet"> <script src="/user/themes/imagefactory/js/jquery.min.js"></script> <script src="/user/plugins/datatables/assets/datatables.min.js"></script> <script src="/user/plugins/highlight/js/highlight.pack.js"></script> <script src="/user/themes/imagefactory/js/components.min.js"></script> <script src="/user/themes/imagefactory/js/totop.js"></script> <script> hljs.initHighlightingOnLoad(); </script>
Brand Claim Brand Claim
by Kurt Garloff

January 2018

<ul> <li>Security Alert Meltdown and Spectre: <a href="https://imagefactory.otc.t-systems.com/Blog-Review/SpecExLeak/">https://imagefactory.otc.t-systems.com/Blog-Review/SpecExLeak/</a></li> </ul> <p>Updated images provided on 2018-01-26. Major changes over previous versions:</p> <ul> <li> <p>Ubuntu-14, Ubuntu-16</p> <ul> <li> <p>Security fix for Spectre Variant-1 (CVE-2017-5753)</p> <blockquote> <p><code>new version Ubuntu-14 with kernel 3.13.0-141-generic #190</code> <code>new version Ubuntu-16 with kernel 4.4.0-112-generic #135</code></p> </blockquote> </li> </ul> </li> </ul> <p>Updated Windows images provided on 2018-01-12. Major changes over previous versions:</p> <ul> <li> <p>OTC Windows Self-Managed - Release 2018-01-11-0</p> </li> <li> <p>registry keys to enable the mitigations on the server against speculative execution side-channel vulnerabilities are set:</p> <blockquote> <p><code>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management, FeatureSettingsOverride, 0</code> <code>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management, FeatureSettingsOverrideMask, 3</code> <code>`HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization MinVmVersionForCpuBasedMitigations, 1.0</code></p> </blockquote> </li> </ul> <p>for details see: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution</p> <ul> <li> <p>added January 2018 MS Patches</p> </li> <li> <p>Windows Server 2008 R2</p> <ul> <li>2018-01 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4056890)</li> <li>Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2, 2016 x64 Edition - January 2018 (KB8 90830)</li> </ul> </li> <li> <p>Windows Server 2012 R2</p> <ul> <li>2018-01 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4056898)</li> <li>2018-01 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4056895)</li> <li>Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2, 2016 x64 Edition - January 2018 (KB890830)</li> <li>2018-01 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 8.1 and Server 2012 R2 for x64 (KB4055271)</li> </ul> </li> <li> <p>Windows Server 2016</p> <ul> <li>2018-01 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4056894)</li> <li>Windows Malicious Software Removal Tool x64 - January 2018 (KB890830)</li> <li>2018-01 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4055269)</li> <li>2018-01 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows 7 and Server 2008 R2 for x64 (KB4055532)</li> </ul> </li> <li> <p>Included driver and tools:</p> <ul> <li>XEN GPL driver: 3.0.144.590 (unchanged)</li> <li>KVM UVP Vmtools: 2.5.0.102 (unchanged)</li> <li>Intel SRIOV (High Performance ) driver : Version 22.0, January 27, 2017 (unchanged)</li> <li>NVIDIA vGPU driver: 369.71 (unchanged)</li> <li>NVIDIA pGPU driver: 385.54 (unchanged)</li> <li>Cloudbase-Init: 9.12 (unchanged)</li> </ul> </li> <li> <p>In pGPU image NVIDIA driver mode is set to TCC per default. Can be changed to WDDM by running :</p> <blockquote> <p><code>"C:\Program Files\NVIDIA Corporation\NVSMI\nvidia-smi.exe" -dm 0</code></p> </blockquote> </li> </ul> <p>Updated images provided on 2018-01-08. Major changes over previous versions:</p> <ul> <li> <p>Debian-9</p> <ul> <li> <p>Security fix for Meltdown (CVE-2017-5754)</p> <blockquote> <p><code>new version Debian 4.9.65-3+deb9u2</code></p> </blockquote> </li> </ul> </li> <li> <p>Fedora-26</p> <ul> <li> <p>Security fix for Meltdown (KPTI)</p> <blockquote> <p><code>new version Fedora 4.14.11-200.fc26.x86_64</code></p> </blockquote> </li> </ul> </li> </ul> <p>Updated images provided on 2018-01-05. Major changes over previous versions:</p> <ul> <li> <p>CentOS-6, CentOS-7</p> <ul> <li> <p>Security fix for Meltdown and Spectre (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)</p> <blockquote> <p><code>new version CentOS-7 3.10.0-693.11.6.el7.x86_64</code></p> <p><code>new version CentOS-6 2.6.32-696.18.7.el6.x86_64</code></p> </blockquote> </li> </ul> </li> </ul> <p>All the other Images were updated as well on Jan 5 or the following handful of days, see <a href="https://imagefactory.otc.t-systems.com/Blog-Review/SpecExLeak/OTC_Patching.html">https://imagefactory.otc.t-systems.com/Blog-Review/SpecExLeak/OTC_Patching.html</a>.</p>