sys-kernel/openvz-sources-2.6.27.2.1-r2 is missing the famous security patch that fixes a NULL pointer dereference (see URL). Ebuilds affected (masked ebuilds haven't been tested): - sys-kernel/openvz-sources-2.6.27.2.1-r2.ebuild Patch applies almost cleanly: # patch -p1 --dry-run < sock_sendpage.patch patching file net/socket.c Hunk #1 succeeded at 693 (offset -2 lines). Reproducible: Always
This is fixed in 2.6.27.2.1-r3 which is stalbe now. Thank you for report.