Népszerű fórum témák
FreeBSD Project News
Over at InfoWorld, Jim Reno compares the security of virtual machines (VMs) and containers. "Which is more secure?" is a question that is often asked, but the answer, of course, is "it depends". Reno analyzes the attack surface of each to help in the choosing between VMs and containers. "Many legacy VM applications treat VMs like bare metal. In other words, they have not adapted their architectures specifically for VMs or for security models not based on perimeter security. They might install many services on the same VM, run the services with root privileges, and have few or no security controls between services. Rearchitecting these applications (or more likely replacing them with newer ones) might use VMs to provide security separation between functional units, rather than simply as a means of managing larger numbers of machines. Containers are well suited for microservices architectures that “string together” large numbers of (typically) small services using standardized APIs. Such services often have a very short lifetime, where a containerized service is started on demand, responds to a request, and is destroyed, or where services are rapidly ramped up and down based on demand. That usage pattern is dependent on the fast instantiation that containers support. From a security perspective it has both benefits and drawbacks."
On his blog, Josh Berkus asks about the effects of changing how PostgreSQL numbers its releases. There is talk of moving from an x.y.z scheme to an x.y scheme, where x would increase every year to try to reduce "the need to explain to users that 9.5 to 9.6 is really a major version upgrade requiring downtime". He is wondering what impacts that will have on users, tools, scripts, packaging, and so on. "The problem is the first number, in that we have no clear criteria when to advance it. Historically, we've advanced it because of major milestones in feature development: crash-proofing for 7.0, Windows port for 8.0, and in-core replication for 9.0. However, as PostgreSQL's feature set matures, it has become less and less clear on what milestones would be considered "first digit" releases. The result is arguments about version numbering on the mailing lists every year which waste time and irritate developers."
Greg Kroah-Hartman has released the 4.5.5, 4.4.11, and 3.14.70 stable kernels. Users of those series should upgrade.
Arch Linux has updated p7zip (two code execution flaws).
Debian has updated swift-plugin-s3 (replay attack).
Mageia has updated cacti (two SQL injection flaws), chromium-browser-stable (multiple vulnerabilities), dosfstools (two vulnerabilities), libarchive (code execution), libksba (three vulnerabilities), libndp (man-in-the-middle attacks), mariadb (multiple vulnerabilities), moodle (multiple vulnerabilities), qemu (multiple vulnerabilities), and xymon (multiple vulnerabilities).
openSUSE has updated php5 (13.2: multiple vulnerabilities).
SUSE has updated firefox (SLE10: multiple vulnerabilities).
HUP napi hírlevél
Legfrissebb HUP képek
Téglásítottál (brick) már el eszközt életedben (mobil, router, konzo, tablet stb.)?
Igen, de helyrehoztam.
Igen, de nem tudtam helyrehozni. Más helyrehozta.
Igen és helyrehozhatatlan lett.
Nem, de debrick-eltem más által eltéglásított eszközt.
Összes szavazat: 561