Public Availability: fixes to Dom0 user space
To improve security, weaker ciphersuites have been removed from the list of ciphersuites that are supported for SSH communication. Only the following ciphersuites are now supported:
Key Exchange algorithms:
Host Key algorithms:
To benefit from the improvement to ciphersuite security, you must restart your servers. However, a restart is not required to benefit from the other fixes included in this hotfix.
This hotfix resolves the following issues:
- On slower systems, xen-bugtool can experience time outs.
- A misconfigured PCI interface-rename rule leaves all host interfaces inaccessible.
- If there is an issue in your NTP environment, sometimes on Citrix Hypervisor start up it can take up to 10 minutes to reach the xsconsole.
The wait time has been reduce to 2 minutes. You are also advised to investigate your NTP set up and change any configuration that is incorrect.