[월:] 2023년 06월

No Image

Shaping the Future of Kubernetes Application Connectivity with F5 NGINX

2023-06-09 KENNETH 0

Shaping the Future of Kubernetes Application Connectivity with F5 NGINX Application connectivity in Kubernetes can be extremely complex, especially when you deploy hundreds – or even thousands – of containers across various cloud environments, including on-premises, public, private, or hybrid and multi-cloud. At NGINX, we firmly believe that integrating a unified approach to manage connectivity to, from, and within a Kubernetes cluster can dramatically simplify and streamline operations for development, infrastructure, platform engineering, and security teams. In this blog, we want to share some reflections and thoughts on how NGINX created one of the most popular Ingress controllers today, and ways we plan continue delivering the best-in-class capabilities to manage Kubernetes app connectivity in the future. Before anything, we want to note the importance of putting the customer first. NGINX does so by looking at each customer’s specific scenario and [ more… ]

No Image

USN-6149-1: Linux kernel vulnerabilities

2023-06-08 KENNETH 0

USN-6149-1: Linux kernel vulnerabilities Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom [ more… ]

No Image

USN-6147-1: SpiderMonkey vulnerability

2023-06-08 KENNETH 0

USN-6147-1: SpiderMonkey vulnerability Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a remote attacker could exploit a variety of issues related to JavaScript security, including denial of service attacks, and arbitrary code execution. Source: USN-6147-1: SpiderMonkey vulnerability

No Image

USN-6146-1: Netatalk vulnerabilities

2023-06-08 KENNETH 0

USN-6146-1: Netatalk vulnerabilities It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the user invoking the programs. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-31439) It was discovered that Netatalk did not properly validate the length of user-supplied data in the ad_addcomment function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0194) It was discovered that Netatalk did not properly handle errors when parsing AppleDouble entries. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 [ more… ]

No Image

Announcing Windows 11 Insider Preview Build 23475

2023-06-08 KENNETH 0

Announcing Windows 11 Insider Preview Build 23475 Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 23475 to the Dev Channel. TL;DR: This build includes a handful of new features we’re beginning to roll out to Windows Insiders in the Dev Channel including a modernized File Explorer Home and address bar, Dynamic Lighting, and support for Emoji 15. As part of introducing these new features, we’ve also added some new known issues. We’re also releasing a new Microsoft Store update. Check out all the details in the below blog post! What’s new in Build 23475 Modernized File Explorer Home and Address Bar Now that File Explorer is powered by Windows App SDK, we are introducing a modernized File Explorer Home powered by WinUI. Recommended files for users signed into Windows with an Azure Active Directory (AAD) account [ more… ]