Release 2016_018 (2016-06-09)

Impact

• nginx will be restarted.

NixOS platform

• Patch nginx for CVE-2016-4450. (#21775)

• Fix bug in automatic VM memory adjustments that caused an infinite reboot loop. (#21724)

• Implement transit mode (details see below).

Gentoo platform

• Update backy: reduce partial backup verifications to a time-based limit to avoid extremely long periods that block other backups. The verification is an additional safety-belt to other data protection schemes, like BTRFS scrubbing. (#21879)

• Implement transit mode: physical and virtual machines can be placed in a location-independent non-servicing state where the network configuration is based on DHCP so that the machine is manageable from either location and can be cleanly relocated.

• Security update for gnupg GLSA 201606-04 (#21829).

• Security update for nginx (no GLSA yet, #21775, CVE-2016-4450)

• Security update for pam to 1.2.1 GLSA 201606-05 (#21753).

References

• NixOS source: https://github.com/flyingcircusio/nixpkgs/commit/{TBA}

• Puppet source: https://bitbucket.org/flyingcircus/fc.platform/commits/{TBA}