Securing Private Keys on a Linux Sysadmin Workstation

In this last article of our ongoing Linux workstation security series for sysadmins, we’ll lay out our recommendations for how to secure your private keys. If you’re interested in more security tips and a list of resources for more reading (to go further down the rabbit hole of Linux security), I recommend that you download our free security guide for sysadmins.

Read More

Core Kubernetes: Jazz Improv over Orchestration

This is the first in a series of blog posts that details some of the inner workings of Kubernetes. If you are simply an operator or user of Kubernetes you don’t necessarily need to understand these details. But if you prefer depth-first learning and really want to understand the details of how things work, this is for you.

This article assumes a working knowledge of Kubernetes. I’m not going to define what Kubernetes is or the core components (e.g. Pod, Node, Kubelet).

Read More

RHSA-2017:1399-1: Important: chromium-browser security update

Red Hat Enterprise Linux: An update for chromium-browser is now available for Red Hat Enterprise Linux 6
Supplementary.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082, CVE-2017-5083, CVE-2017-5085, CVE-2017-5086

Read More

RHSA-2017:1395-1: Important: libntirpc security update

Red Hat Enterprise Linux: An update for libntirpc is now available for Red Hat Gluster Storage 3.2 for
RHEL 6 and Red Hat Gluster Storage 3.2 for RHEL 7.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2017-8779

Read More

USN-3310-1: lintian vulnerability

Ubuntu Security Notice USN-3310-1

6th June, 2017

lintian vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.10
  • Ubuntu 16.04 LTS

Summary

lintian could be made to run programs if it processed a specially crafted
package.

Software description

  • lintian
    – Debian package checker

Details

Jakub Wilk discovered that lintian incorrectly handled deserializing
certain YAML files. If a user or automated system were tricked into running
lintian on a specially crafted package, a remote attacker could possibly
use this issue to execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
lintian

2.5.50.1ubuntu0.1
Ubuntu 16.10:
lintian

2.5.48ubuntu0.1
Ubuntu 16.04 LTS:
lintian

2.5.43ubuntu0.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-8829

Read More