[bitfolk] Reboots will be necessary to address security issu…

Hello,

Unfortunately - and annoyingly only a month since the last lot -
some serious security bugs have been discovered in the Xen
hypervisor and fixes for these have now been pre-disclosed, with an
embargo that ends at 1200Z on 20 October 2020.

As a result we will need to apply these fixes and reboot everything
before that time. We are likely to do this in the early hours of the
morning UK time, on 17, 18 and 19 October.

In the next few days individual emails will be sent out confirming
to you which hour long maintenance window your services are in. The
times will be in UTC; please note that UK is currently observing
daylight savings and as such is currently at UTC+1. We expect the
work to take between 15 and 30 minutes per bare metal host.

If you have opted in to suspend and restore¹ then your VM will be
suspended to storage and restored again after the host it is on is
rebooted. Otherwise your VM will be cleanly shut down and booted
again later.

If you cannot tolerate the downtime then please contact
support@???. We may be able to migrate² you to
already-patched hardware before the regular maintenance starts. You
can expect a few tens of seconds of pausing in that case. This
process uses suspend&restore so has the same caveats.

It is disappointing to have another round of security reboots 28
days after the last lot, though before that there was a gap of about
330 days. Still, as there are security implications we have no
choice in the matter.

Cheers,
Andy

¹ https://tools.bitfolk.com/wiki/Suspend_and_restore

² https://tools.bitfolk.com/wiki/Suspend_and_restore#Migration

--
https://bitfolk.com/ -- No-nonsense VPS hosting