NGINX Conf 2018: Migrating Load-Balanced Services from F5 to NGINX Plus at AppNexus

2018-12-01 KENNETH 0

NGINX Conf 2018: Migrating Load-Balanced Services from F5 to NGINX Plus at AppNexus In his session at NGINX Conf 2018, Ernesto Chaves, a Senior Network Engineer at AppNexus, describes how and why the company replaced all of the F5 Networks BIG‑IP hardware load balancers in its global data centers with NGINX Plus. He details the motivations, pitfalls, and successes of the transition from proof of concept through to implementation. In this blog we highlight some key takeaways. You can watch the complete video here: Key Takeaways Solutions that were the best choice at the time don’t always stay that way. Six years after their initial deployment at AppNexus in 2009, F5 BIG‑IP load balancers were struggling to keep up with increasing traffic. They also suffered from hardware failures, random rebooting, and memory leaks, among other issues. Hardware solutions usually come at a premium. The NGINX Plus [ more… ]

No Image

RHBA-2018:3756-1: Red Hat Satellite 5.8.0 bug fix update

2018-12-01 KENNETH 0

RHBA-2018:3756-1: Red Hat Satellite 5.8.0 bug fix update RHN Satellite and Proxy: Updated satellite-schema, spacewalk-backend, spacewalk-java, and spacewalk-schema packages that fix several bugs and add various enhancements are now available for Red Hat Satellite 5.8.0. Source: RHBA-2018:3756-1: Red Hat Satellite 5.8.0 bug fix update

No Image

RHBA-2018:3755-1: runc bug fix update

2018-11-30 KENNETH 0

RHBA-2018:3755-1: runc bug fix update Red Hat Enterprise Linux: Updated runc package that fixes one bug is now available for Red Hat Enterprise Linux 7 Extras. Source: RHBA-2018:3755-1: runc bug fix update

No Image

USN-3833-1: Linux kernel (AWS) vulnerabilities

2018-11-30 KENNETH 0

USN-3833-1: Linux kernel (AWS) vulnerabilities linux-aws vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description linux-aws – Linux kernel for Amazon Web Services (AWS) systems Details Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955) Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS linux-image-4.15.0-1029-aws – [ more… ]

No Image

USN-3832-1: Linux kernel (AWS) vulnerabilities

2018-11-30 KENNETH 0

USN-3832-1: Linux kernel (AWS) vulnerabilities linux-aws vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Summary Several security issues were fixed in the Linux kernel. Software Description linux-aws – Linux kernel for Amazon Web Services (AWS) systems Details Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. (CVE-2018-17972) Jann Horn discovered that the mremap() system call in the Linux kernel did not properly flush the TLB when completing, potentially leaving access to a physical page after it has been released to the page allocator. A local attacker could use this to cause a denial of service (system crash), expose sensitive information, or possibly execute arbitrary code. [ more… ]