Dear All,Hello @vlee,
In this case, it looks like KernelCare has actually published the updated kernel before CentOS. This is resulting in Security Advisor detecting a mismatch between the installed kernel and the kernel configured at boot time and falsely reporting that a reboot is required. Internal case CPANEL-20239 was opened to report this issue. I'll monitor this case and update this thread with more information as it becomes available.
Seems pretty tricky, I just wanted to know more of the free kernel care stuff and clicked on the link in the security advisor, assuming it will land me on a config or info page! Indeed it applied the patch immediately. :-( That is not good as that time I had minor info of how the patch works.
I also get a worrying message:
The system kernel is at version “3.10.0-862.el7”, but is set to boot to version “3.10.0-327.4.4.el7.centos.plus.x86_64”.You must take one of the following actions to ensure the system is up-to-date:
- Wait a few days for KernelCare to publish a kernel patch.
- Reboot the system.
Is this downgrade real? If yes how can I turn off this free patch?
Anyhow, I am the only (1) Cpanel user on my server.
If there will be no downgrade and its adviced to continue with the kernel symlink protection, shall I disable Apache Symlink Protection? If yes where can I do that?
All best for all of U
Last edited by a moderator: