The XCP-ng development team has announced the availability of a new version of the Open Source hypervisor based on Citrix XenServer. This new release incorporates important improvements at security level.
XCP-ng 7.6 allows to use the GPG signature for the RPMs, for the repositories containing RPMs and also for the ISO install CDs. In this way, the possible tampering of this type of packages or repositories is avoided.
This new version is patched against the vulnerability XSA-278 affecting Xen and which can be exploited through DDoS attacks by attackers with access to an HVM guest.
With this new release and thanks to the new signed repository and packages, the XCP-ng team offers the possibility of hosting an official mirror of this hypervisor guaranteeing security against possible alterations.
In addition, in the announcement of this new versión users are reminded that RAID1 software can already be used during the installation of XCP-ng.
XCP-ng 7.6 is compatible with the UDS Enterprise connection broker to manage and deploy Windows and Linux virtual desktops and applications. UDS Enterprise is the first VDI and vApp solution compatible with XCP-ng and has obtained the official XCP-ng Ready certification. Together, they make up a high-performance 100% Open Source desktop and application virtualization solution.
Check here the instructions to upgrade to XCP-ng 7.6 from any previous version of XCP-ng or from any version of Citrix XenServer.
Source: XCP-ng official blog.