[월:] 2021년 03월

How to Improve Visibility in Kubernetes

2021-03-09 KENNETH 0

How to Improve Visibility in Kubernetes Adoption of microservices accelerates digital experiences, but microservices architectures can also make those experiences more fragile. While your developers are running fast to get new apps out the door, your architecture may be putting you at increased risk for outages, security exposures, and time wasted on inefficient troubleshooting or fixing preventable problems. In this second blog of our series on production‑grade Kubernetes, we examine how components that provide traffic visibility can reduce complexity and improve security in your microservices environments. Gain Visibility to Attain Insight First, let’s look at a couple of definitions: Visibility – The state of being able to see or be seen Insight – A deep understanding of a person or thing In a 2020 survey from StackRox, 75% of Kubernetes users identified visibility as a “must‑have” capability. We agree that visibility is key in [ more… ]

No Image

USN-4758-1: Go vulnerability

2021-03-09 KENNETH 0

USN-4758-1: Go vulnerability It was discovered that Go applications incorrectly handled uploaded content. If a user were tricked into visiting a malicious page, a remote attacker could exploit this with a crafted file to conduct cross-site scripting (XSS) attacks. Source: USN-4758-1: Go vulnerability

No Image

USN-4760-1: libzstd vulnerabilities

2021-03-09 KENNETH 0

USN-4760-1: libzstd vulnerabilities It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to expectations. Source: USN-4760-1: libzstd vulnerabilities

No Image

USN-4759-1: GLib vulnerabilities

2021-03-09 KENNETH 0

USN-4759-1: GLib vulnerabilities Krzesimir Nowak discovered that GLib incorrectly handled certain large buffers. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-27218) Kevin Backhouse discovered that GLib incorrectly handled certain memory allocations. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-27219) Source: USN-4759-1: GLib vulnerabilities

No Image

USN-4733-2: GNOME Autoar regression

2021-03-09 KENNETH 0

USN-4733-2: GNOME Autoar regression USN-4733-1 fixed a vulnerability in GNOME Autoar. The upstream fix introduced a regression when extracting archives containing directories. This update fixes the problem. Original advisory details: Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution. Source: USN-4733-2: GNOME Autoar regression