14 December 2015: Scheduled reboot for critical Xen security fixes

FastLizard4,

This is a past/expired downtime notification. The downtimes specified below have been completed, and remarks/results are given below as well.

Unless otherwise noted, all dates and times are given in Coordinated Universal Time (UTC), with time in 24-hour notation.

Once again, the Xen development team has released several highly-critical and so far undisclosed Xen Security Advisories (XSAs), and as such, Linode (LizardNet’s provider) will be performing emergency maintenance on all of their Xen hosts.  LizardNet’s sole remaining Xen system, phazon.fastlizard4.org, will be rebooted as part of the endeavour to patch the Xen vulnerabilities before the public disclosure date of 17 December 2015.  (More information can be found on the Linode status blog here.)

Update: The Xen Security team has lifted the embargo and publicly disclosed the vulnerabilities: XSA-155, XSA-157, XSA-164, XSA-165, and XSA-166.  Of these, XSA-155 and XSA-165 appear to be by far the most serious issues.  The QubesOS folks have published a commentary addressing these bugs.

The following server and services will experience downtime:

phazon.fastlizard4.org
Date and time of downtime start: 10:00 Monday 14 December 2015 UTC (convert to other timezones)
Duration of downtime: Expected between 30 minutes and 1 hour, but up to 2 hours is possible
Status: Completed with no issues, despite late start (10:23 UTC)
Partial list of services affected:

  • LizardWiki
  • LizardNet OTRS (emails sent to OTRS during the downtime will be delivered after the downtime concludes)
  • LizardNet Continuous Integration (Jenkins) (Gerrit will not be able to trigger any jobs during the downtime, and they will not be run after the downtime concludes)
  • LizardNet Minecraft dynamic web maps
  • LizardIRC server emerald.lizardirc.org
  • LizardIRC’s website
  • LizardMail services on phazon.fastlizard4.org (emails sent to phazon.fastlizard4.org users during the downtime will be delivered after the downtime concludes)

Apologies for the short notice on this downtime (both from me and Linode).

Advertisement
14 December 2015: Scheduled reboot for critical Xen security fixes

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s