Articles by KENNETH

About KENNETH
지락문화예술공작단
No Image

Announcing Windows 11 Insider Preview Build 22621.1835 and 22631.1835

2023-06-09 KENNETH 0

Announcing Windows 11 Insider Preview Build 22621.1835 and 22631.1835 Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 22621.1830 and Build 22631.1835 (KB5027305) to the Beta Channel. Build 22631.1835 = New features rolling out. Build 22621.1835 = New features off by default. REMINDER: Insiders who were previously on Build 22624 will automatically get moved to Build 22631 via an enablement package. The enablement package artificially increments the build number for the update with new features getting rolled out and turned on to make it easier to differentiate from devices with the update with features off by default. This approach is being used for the Beta Channel only and is not indicative of any changes or plans for final feature rollouts. Insiders who landed in the group with new features turned off by default (Build 22621.xxxx) can check for [ more… ]

No Image

Shaping the Future of Kubernetes Application Connectivity with F5 NGINX

2023-06-09 KENNETH 0

Shaping the Future of Kubernetes Application Connectivity with F5 NGINX Application connectivity in Kubernetes can be extremely complex, especially when you deploy hundreds – or even thousands – of containers across various cloud environments, including on-premises, public, private, or hybrid and multi-cloud. At NGINX, we firmly believe that integrating a unified approach to manage connectivity to, from, and within a Kubernetes cluster can dramatically simplify and streamline operations for development, infrastructure, platform engineering, and security teams. In this blog, we want to share some reflections and thoughts on how NGINX created one of the most popular Ingress controllers today, and ways we plan continue delivering the best-in-class capabilities to manage Kubernetes app connectivity in the future. Before anything, we want to note the importance of putting the customer first. NGINX does so by looking at each customer’s specific scenario and [ more… ]

No Image

USN-6149-1: Linux kernel vulnerabilities

2023-06-08 KENNETH 0

USN-6149-1: Linux kernel vulnerabilities Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32233) Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-31436) Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that the Broadcom [ more… ]

No Image

USN-6147-1: SpiderMonkey vulnerability

2023-06-08 KENNETH 0

USN-6147-1: SpiderMonkey vulnerability Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a remote attacker could exploit a variety of issues related to JavaScript security, including denial of service attacks, and arbitrary code execution. Source: USN-6147-1: SpiderMonkey vulnerability

No Image

USN-6146-1: Netatalk vulnerabilities

2023-06-08 KENNETH 0

USN-6146-1: Netatalk vulnerabilities It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the user invoking the programs. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-31439) It was discovered that Netatalk did not properly validate the length of user-supplied data in the ad_addcomment function. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0194) It was discovered that Netatalk did not properly handle errors when parsing AppleDouble entries. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 [ more… ]