Articles by KENNETH

About KENNETH
지락문화예술공작단

Announcing the Open Source Subscription by F5 NGINX

2023-06-15 KENNETH 0

Announcing the Open Source Subscription by F5 NGINX As a reader of the NGINX blog, you’ve likely already gathered that NGINX Open Source is pretty popular. But it isn’t just because it’s free (though that’s nice, too!) – NGINX Open Source is so popular because it’s known for being stable, lightweight, and the developer’s Swiss Army Knife™. Whether you need a web server, reverse proxy, API gateway, Ingress controller, or cache, NGINX (which is lightweight enough to be installed from a floppy disk) has your back. But there’s one thing NGINX Open Source users have told us is missing: Enterprise support. So, that (and more) is what we’re excited to introduce with the new Open Source Subscription! What Is the Open Source Subscription? The Open Source Subscription is a new bundle that includes: Enterprise Support: Get a trusted advisor and [ more… ]

Public Preview : Improve Win32 app security via app isolation

2023-06-14 KENNETH 0

Public Preview : Improve Win32 app security via app isolation We are thrilled to announce the public preview launch of Win32 app isolation. This blog post provides an overview of the topic. To learn more about the developer experience and engage with the team, please visit our GitHub page. It is worth noting that Win32 app isolation is an addition to the family of existing Windows sandbox options, such as Windows Sandbox and Microsoft Defender Application Guard. While these options are based on virtualization based security, Win32 app isolation is built on the foundation of AppContainers (and more). AppContainers are specifically designed to encapsulate and restrict the execution of processes, helping to ensure they operate with limited privileges, commonly referred to as low integrity levels. Win32 App isolation The frequency and impact of zero-day vulnerabilities have witnessed a substantial increase [ more… ]

No Image

USN-6166-1: libcap2 vulnerabilities

2023-06-14 KENNETH 0

USN-6166-1: libcap2 vulnerabilities David Gstir discovered that libcap2 incorrectly handled certain return codes. An attacker could possibly use this issue to cause libcap2 to consume memory, leading to a denial of service. (CVE-2023-2602) Richard Weinberger discovered that libcap2 incorrectly handled certain long input strings. An attacker could use this issue to cause libcap2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-2603) Source: USN-6166-1: libcap2 vulnerabilities

No Image

USN-6165-1: GLib vulnerabilities

2023-06-14 KENNETH 0

USN-6165-1: GLib vulnerabilities It was discovered that GLib incorrectly handled non-normal GVariants. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or perform other unknown attacks. Source: USN-6165-1: GLib vulnerabilities

No Image

USN-6164-1: c-ares vulnerabilities

2023-06-14 KENNETH 0

USN-6164-1: c-ares vulnerabilities Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-31130) Xiang Li discovered that c-ares incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause c-res to crash, resulting in a denial of service. (CVE-2023-32067) Source: USN-6164-1: c-ares vulnerabilities