Language Selection

English French German Italian Portuguese Spanish

Red Hat

Security: Updates, DOD and Red Hat on "Security Hardening Rules"

Filed under
Red Hat
Security
  • Security updates for Thursday
  • Year-old router bug exploited to steal sensitive DOD drone, tank documents

     

    In May, a hacker perusing vulnerable systems with the Shodan search engine found a Netgear router with a known vulnerability—and came away with the contents of a US Air Force captain's computer. The purloined files from the captain—the officer in charge (OIC) of the 432d Aircraft Maintenance Squadron's MQ-9 Reaper Aircraft Maintenance Unit (AMU)at Creech Air Force Base, Nevada—included export-controlled information regarding Reaper drone maintenance.

  • Security Hardening Rules

    Many users of Red Hat Insights are familiar with the security rules we create to alert them about security vulnerabilities on their system, especially concerning high-profile issues such as Spectre/Meltdown or Heartbleed. In this post, I'd like to talk about the other category of security related rules, those related to security hardening.

    In all of the products we ship, we make a concerted effort to ship thoughtful, secure default settings to minimize the amount of configuration needed to do the work you want to do. With complex packages such as Apache httpd, however, every installation will require some degree of customization before it's ready for deployment to production, and with more complex configurations, there's a chance that a setting or the interaction between several settings can have security implications which aren't immediately evident. Additionally, sometimes systems are configured in a manner that aids rapid development, but those configurations aren't suitable for production environments.

    With our hardening rules, we detect some of the most common security-related configuration issues and provide context to help you understand the represented risks, as well as recommendations on how to remediate the issues.

Red Hat News

Filed under
Red Hat
  • Top Indian carriers taking "open telco" approach to build future networks for new services: Red Hat

    Top Indian telecom service providers are taking “Open Telco” approach in building next-generation networks using networks functions virtualisation technology to bring flexibility to offer new services, and to prepare for 5G in coming years, according to the US-based open source solutions provider, Red Hat.

    Ben Panic, Director of Sales, Asia Pacific Region (Telecommunications) at Red Hat told ET that Indian telcos have already deployed open source technology-based solutions in the core functions of their mobile networks. “The target goal of NFV is to open, be multi-vendor, be flexible and agile,” he said.

  • Celebrating Red Hat’s 25th anniversary: How partners play an important role [Ed: reposted from Red Hat's site]

    As Red Hat celebrates 25 years, I would be remiss not to mention the role Red Hat partners have played in our company’s story. Partners have been an important multiplier for Red Hat and building our customer success. They are important to our future.

    Early endeavours in the channel

    In 2006, I joined Red Hat to expand the partner ecosystem. I’d been working in the channel since Moses was around, or at least since 1981. Although we were mainly selling direct, there was growing confidence that we could make the transformation to support a robust partner ecosystem.

  • Analysts Set Red Hat Inc (RHT) Target Price at $157.79
  • Buy Red Hat, An Attractive Cloud Computing Play

Red Hat News, Scientific Linux, and Fedora 29 Dropping GCC From Their Default Build Root

Filed under
Red Hat
  • Red Hat OpenStack platform adopted by Fujitsu

    Red Hat recently announced that Fujitsu has adopted Red Hat OpenStack Platform as an Infrastructure-as-a-Service (IaaS) component of Fujitsu Cloud Service for OSS, its global hybrid cloud service offering.

    As a backbone for an open hybrid cloud, Fujitsu Cloud Service for OSS is designed to help enterprises more quickly develop cloud-native and traditional applications and services in an environment built from innovative, more reliable, and more secure open technologies.

    This announcement shows the continued, long-standing collaboration between Red Hat and Fujitsu to offer hybrid cloud solutions based on open source.

  • Fujitsu Adopts Red Hat OpenStack Platform for Fujitsu Cloud Service for OSS
  • Entando Announces OEM Agreement with Red Hat on Modern Applications

    Entando, a leader in open source Digital Experience Platforms, today announced that Red Hat has agreed to include access to a set of Entando’s open source low-code tools as part of Red Hat’s newly launched Red Hat Process Automation Manager. Entando has optimized the tools to run effectively on Red Hat Process Automation Manager. Together, these technologies offer customers expanded next-generation business process automation capabilities native to Red Hat OpenShift Container Platform and a user experience (UX) designed to help them create cloud-native applications faster.

  • STT Connect builds webscale private cloud infrastructure on Red Hat

    To build its cloud on a flexible, supported open source platform, STT Connect partnered with Red Hat to deploy Red Hat OpenStack Platform, Red Hat Ansible Tower, and other enterprise Red Hat software.

    These solutions helped the company create an agile and efficient — yet secure — webscale cloud infrastructure. STT Connect became the first cloud company in Singapore to achieve the highest level Multi-Tier Cloud Security (MTCS) certification with an OpenStack private cloud.

  • The Final Build of Scientific Linux 6.10 Legacy Branch Released

    Scientific Linux has announced that the 6.10 release will be the final build of their legacy branch based on Red Hat 6.10. It will only receive security updates and major bug fixes and will be supported until November 2020.

    Fermi National Accelerator Laboratory (Fermilab) and European Organization for Nuclear Research (CERN) co-develop Scientific Linux with the aim of creating a stable operating system that is supplied with packages and applications that support scientific research. They also list using “the free exchange of ideas, designs, and implementations to prepare a computing platform for the next generation of scientific computing” as one of their goals.

  • ISVs in APAC Showcase Increased Red Hat OpenShift Adoption Across Verticals
  • Should You Buy Red Hat, Inc. (RHT) or Marsh & McLennan Companies, Inc. (MMC)?
  • Red Hat, Inc. (RHT) P/E ratio is noted at 62.01
  • Is this stock Risky for You?: Red Hat, Inc. (RHT)
  • Analyst Buzz: Red Hat, Inc. (NYSE:RHT)
  • Red Hat: Ready For Multiple Expansion
  • Fedora 29 Dropping GCC From Their Default Build Root Has Been Causing A Heated Debate

    One of the surprisingly controversial changes being implemented for Fedora 29 is dropping GCC and GCC-C++ from the default BuildRoot for assembling Fedora packages with Koji and Mock.

    Up to now it's always just been implied that GCC (including the GCC C++ compiler) is there by default with every build-root. But these days with more packages being written in languages like Go, Rust, Python, Node.js, and other modern languages, the proportion of C/C++ applications is decreasing. As such, the GCC C/C++ support is no longer being implied with the default build environments in Koji/Mock, which in turn should help package build times for non-C/C++ packages as they will no longer need to pull in the gcc/gcc-c++ packages and in turn a cleaner buildroot environment too.

Hiding the Fedora boot menu

Filed under
Red Hat

The venerable Linux boot menu has made its appearance at boot time since the days when LILO was the standard boot loader, through the days of GRUB, and onward to today's GRUB 2 and others. It is sometimes configured out by distributions as something that will potentially confuse less-technical users, but it has been a mainstay of Fedora for many releases. A recent proposal to hide the menu, starting in Fedora 29, has met a mixed reaction, but those who are not in favor are also those most able to revert to the existing behavior.

Hans de Goede raised the issue back at the end of May. He suggested that Fedora had at one time hidden the boot menu, but changed. As a longtime Fedora user, I don't remember that switch, but my memory is faulty and that may be the case here. In any case, De Goede's idea is to not have the distribution print any confusing messages at boot time: "the end goal being a user pressing the on button and then going to the graphical login manager without him seeing any text messages / menus filled with technical jargon."

The response was somewhat mixed, as might be expected. Stephen Gallagher was concerned about boots that failed and gave the user no alternatives to try. De Goede said that the plan was to detect failed boots and then show the boot menu on the next boot. He muddied the waters somewhat by mentioning a "fastboot" feature that he is planning for Fedora 30. It would effectively provide no way for a user sitting at the console to override the boot sequence (with a key press, say) and get the boot menu once the system has started booting.

Read more

Also: Fedora tackles Southeast Linux Fest 2018

Red Hat News, Mostly APAC

Filed under
Red Hat

Red Hat News

Filed under
Red Hat
  • Red Hat targets regional system integrators through program launch

    Red Hat has launched an Asia Pacific (APAC) program targeted at helping system integrators (SIs) build and modernise applications for the cloud.

    The new initiative is designed to allow partners to deliver new services at a lower cost and accelerate development for faster return on investment.

    Specifically, the Red Hat OpenShift Practice Builder Program has been designed to do just that, using the vendor's container application platform, Openshift, and a portfolio of enterprise-class application and integration middleware software products, JBoss Middleware.

  • Virtualize your OpenStack control plane with Red Hat Virtualization and Red Hat OpenStack Platform 13

    With the release of Red Hat OpenStack Platform 13 (Queens) we’ve added support to Red Hat OpenStack Platform director to deploy the overcloud controllers as virtual machines in a Red Hat Virtualization cluster. This allows you to have your controllers, along with other supporting services such as Red Hat Satellite, Red Hat CloudForms, Red Hat Ansible Tower, DNS servers, monitoring servers, and of course, the undercloud node (which hosts director), all within a Red Hat Virtualization cluster. This can reduce the physical server footprint of your architecture and provide an extra layer of availability.

    Please note: this is not using Red Hat Virtualization as an OpenStack hypervisor (i.e. the compute service, which is already nicely done with nova via libvirt and KVM) nor is this about hosting the OpenStack control plane on OpenStack compute nodes.

  • ORock Technologies Achieves FedRAMP Moderate Authorization for ORockCloud

    As a Red Hat Premier Certified Cloud and Service Provider (CCSP), ORock Technologies architected ORockCloud as a "pure-play" Red Hat cloud that incorporates a suite of Red Hat's open source solutions for enhanced flexibility, security features and control. These include: Red Hat Enterprise Linux; Red Hat OpenStack Platform; Red Hat Virtualization; Red Hat Ceph Storage; Red Hat CloudForms; Red Hat Ansible Tower; Red Hat Satellite; and associated cloud APIs.

  • Will Investors Step Up in Red Hat, Inc. (RHT) and Chubb Limited (CB)?
  • Here’s What To Do With Red Hat, Inc. (RHT), EQT Corporation (EQT)

Red Hat News: Security, Celebrating Red Hat’s 25th Anniversary and More

Filed under
Red Hat
  • Red Hat Security: Red Hat’s disclosure process

    Last week, a vulnerability (CVE-2018-10892) that affected CRI-O, Buildah, Podman, and Docker was made public before some affected upstream projects were notified. We regret that this was not handled in a way that lives up to our own standards around responsible disclosure. It has caused us to look back to see what went wrong so as to prevent this from happening in the future.

    Because of how important our relationships with the community and industry partners are and how seriously we treat non-public information irrespective of where it originates, we are taking this event as an opportunity to look internally at improvements and challenge assumptions we have held.

    We conducted a review and are using this to develop training around the handling of non-public information relating to security vulnerabilities, and ensuring that our relevant associates have a full understanding of the importance of engaging with upstreams as per their, and our, responsible disclosure guidelines. We are also clarifying communication mechanisms so that our associates are aware of the importance of and methods for notifying upstream of a vulnerability prior to public disclosure.

  • Celebrating Red Hat’s 25th anniversary: Red Hat partners have played an important role in our company journey

    As Red Hat celebrates 25 years, I would be remiss not to mention the role Red Hat partners have played in our company’s story. Partners have been an important multiplier for Red Hat and building our customer success. They are important to our future.

  • DH2i signs strategic-alignment agreement with Red Hat

    DH2i Co., a Fort Collins-based company that provides disaster-recovery solutions for Windows, Linux and Oracle databases, has signed a strategic-alignment agreement with Red Hat.

    After testing and validation, DH2i will become a Red Hat Technology Partner and has been certified on Red Hat Enterprise Linux 7.

  • How Financially Strong Is Red Hat Inc (NYSE:RHT)?
  • What is the fate of Red Hat, Inc. (RHT) against Blue Apron Holdings, Inc. (APRN),

Red Hat News

Filed under
Red Hat

Red Hat: APAC, Kubernetes, Raleigh and More

Filed under
Red Hat

Scientific Linux 6.10 RC 1

Filed under
Red Hat
  • Scientific Linux 6.10 RC 1 i386/x86_64 is now available for testing
  • CentOS 6.10 Released, Scientific Linux 6.10 Coming Next Week

    Based off last month's Red Hat Enterprise Linux 6.10 update, CentOS 6.10 is available this week while also the Scientific Linux 6.10 release candidate has also been made available.

    Released on Tuesday was the CentOS 6.10 release. This CentOS 6 update is derived from the same sources as RHEL 6.10.

    As such, like with upstream RHEL 6.10, this new release offers Retpolines and KPTI support for Spectre and Meltdown mitigation. Besides security update work, there are also updates to GCC and other system packages. But all in all, not much is happening for EL6 due to the time around on the market it's mostly just receiving security updates and important fixes. Red Hat Enterprise Linux 7 remains their prime focus and prepping the yet-to-be-released Red Hat Enterprise Linux 8.

Syndicate content

More in Tux Machines

KDE and GNOME: Kubuntu 18.04 Reviewed, Akademy, Cutelyst and GUADEC

  • Kubuntu 18.04 Reviewed in Linux ( Pro ) Magazine
    Kubuntu Linux has been my preferred Linux distribution for more than 10 years. My attraction to the KDE desktop and associated application set, has drawn from Kubuntu user, to a tester, teacher, developer, community manager and councilor. I feel really privileged to be part of, what can only be described as, a remarkable example of the free software, and community development of an exceptional product. This latest release 18.04, effectively the April 2018 release, is a major milestone. It is the first LTS Long Term Support release of Kubuntu running the “Plasma 5” desktop. The improvements are so considerable, in both performance and modern user interface ( UI ) design, that I was really excited about wanting to tell the world about it.
  • Going to Akademy
    Happy to participate in a tradition I’ve admired from afar but never been able to do myself… until this year. My tickets are bought, my passport is issued, and I’m going to Akademy! Hope to see you all there!
  • System76's New Manufacturing Facility, Ubuntu 17.10 Reaches End of Life, Google Cloud Platform Marketplace, Stranded Deep Now Available for Linux and Cutelyst New Release
    Cutelyst, a C++ web framework based on Qt, has a new release. The update includes several bug fixes and some build issues with buildroot. See Dantti's Blog for all the details. Cutelyst is available on GitHub.
  • GUADEC 2018 Videos: Help Wanted
    At this year’s GUADEC in Almería we had a team of volunteers recording the talks in the second room. This was organized very last minute as initially the University were going to do this, but thanks to various efforts (thanks in particular to Adrien Plazas and Bin Li) we managed to record nearly all the talks. There were some issues with sound on both the Friday and Saturday, which Britt Yazel has done his best to overcome using science, and we are now ready to edit and upload the 19 talks that took place in the 2nd room. To bring you the videos from last year we had a team of 5 volunteers from the local team who spent our whole weekend in the Codethink offices. (Although none of us had much prior video editing experience so the morning of the first day was largely spent trying out different video editors to see which had the features we needed and could run without crashing too often… and the afternoon was mostly figuring out how transitions worked in Kdenlive).
  • GUADEC 2018
    This year I attended my second GUADEC in beautiful Almería, Spain. As with the last one I had the opportunity to meet many new people from the extended GNOME community which is always great and I can’t recommend it enough for anybody involved in the project. [...] Flatpak continues to have a lot of healthy discussions at these events. @matthiasclasen made a post summarizing the BoF so check that out for the discussions of the soon landing 1.0 release. So lets start with the Freedesktop 18.07 (date based versioning now!) runtime which is in a much better place than 1.6 and will be solving lots of problems such as multi-arch support and just long term maintainability. I was really pleased to see all of the investment in BuildStream and the runtime from CodeThink which is really needed in the long term.

Red Hat and Fedora

Android: Video Editors, Antitrust/Forks, and Fuchsia OS

OSS Leftovers

  • Mitre to Use Open Source Tool for Cyber Evaluations on 8 Companies
    Mitre will deploy an open source tool to assess the cybersecurity capabilities of eight companies and subsequently release findings in October as part of an initiative by the nonprofit research organization, ExecutiveBiz reported Thursday. The Washington Business Journal reported Tuesday that Mitre will utilize its Adversarial Tactics, Techniques and Common Knowledge platform to help conduct evaluations on the cyber offerings of Carbon Black (Nasdaq: CBLK), CounterTack, CrowdStrike, Cylance, Endgame, Microsoft (Nasdaq: MSFT), RSA and SentinelOne.
  • News:-Apache’s Project Kafka has released stable latest version 1.1.1
    Apache Kafka is a distributed streaming platform to publish, store, subscribe, and process the records. Kafka is broadly used for real-time streaming of the data between systems or applications. There are various applications in which Kafka is used like samza and confluent for Real-time Financial Alerts. Big brand names like The NewYork Times, Pinterest, Zalando, Rabobank, LINE, trivago are few of them who are using Kafka.
  • Creating Open-Source Projects Companies Want to Sponsor
  • IBM reflects on open source some 20 years into it
    Open source might be a relatively new trend in telecom, but it’s been around at least 20 years, and that’s something OSCON 2018 organizers want to make sure attendees here are aware. The open source convention known as OSCON hosts developers, IT managers, system administrators and just plain geeks who want to learn the latest in blockchain, Kubernetes or other technical arenas and hear inspiring stories about open source. The convention is back in Portland this week after having been held in Austin, Texas, the past two years. In telecom, operators want their vendors to deliver based on open source platforms. Various initiatives are under way, but not every vendor is rushing to the party. Through the Open Networking Foundation (ONF), for example, operators are developing reference designs so that everyone in the supply chain knows what solutions operators plan to procure and deploy.
  • Perspecta Participates in Open Source Summit as Conference Sponsor; Mac Curtis Comments
    Perspecta (NYSE: PRSP) served as a sponsor of the 7th Annual Open Source Summit organized by the Open Source Electronic Health Record Alliance to discuss the use of open source software in industry and government, ExecutiveBiz reported July 13.
  • Get rich with Firefox or *(int *)NULL = 0 trying: Automated bug-bounty hunter build touted
    Do you love Firefox, Linux, and the internet? Are you interested in earning money from the comfort of your own home? Are you OK with a special flavor of Firefox quietly gobbling up memory in a hunt for exploitable security bugs? If so, Mozilla has a deal for you. The open internet organization (and search licensing revenue addict) would like you to go about your usual browsing business with a special Firefox build designed to automatically report potential security flaws in the software back to the mothership. If you do so, and the reported error turns out to be a legit exploitable vulnerability that Firefox engineers can fix, you'll be rewarded as if you'd submitted the errant code to Mozilla's bug bounty program. That's right, kids. Your aimless online procrastination could be your ticket to riches through the ASan Nightly Project.
  • Why an ops career
    It’s been a great “family reunion” of FOSS colleagues and peers in the OSCON hallway track this week. I had a conversation recently in which I was asked “Why did you choose ops as a career path?”, and this caused me to notice that I’ve never blogged about this rationale before. I work in roles revolving around software and engineering because they fall into a cultural sweet spot offering smart and interesting colleagues, opportunities for great work-life balance, and exemplary compensation. I also happen to have taken the opportunity to spend over a decade building my skills and reputation in this industry, which helps me keep the desirable roles and avoid the undesirable ones. Yet, many people in my field prefer software development over operations work.
  • Free and open source software for public health information systems in India
  • David's Progress on The Free Software Directory, internship weeks 2-3
    I'm working on creating a list of free software extensions for Mozilla-based browsers on the Free Software Directory based on data from addons.mozilla.org. This is needed because the official extensions repository includes many proprietary extensions. I found out that it's not possible to use the addons.mozilla.org API to list add-on collections, so I submitted a bug report for this. To my surprise they declined my suggestion, so I had to add a function to my program to parse it manually. Then I went on and wrote a detailed README file to describe the philosophy for the project to make it easy for anyone to contribute. I merged my source code to the Savannah GNU package called Free Software Directory, which also has scripts for importing data from Debian. I started a collection of IceCat add-ons and recommended IceCat (and Abrowser) to use it in Tools -> Add-ons (about:addons) -> Get Add-ons.
  • PHP version 5.6.37, 7.0.31, 7.1.20 and 7.2.8
  • An Introduction to Using Git
    If you’re a developer, then you know your way around development tools. You’ve spent years studying one or more programming languages and have perfected your skills. You can develop with GUI tools or from the command line. On your own, nothing can stop you. You code as if your mind and your fingers are one to create elegant, perfectly commented, source for an app you know will take the world by storm.
  • Open Source and Standard-Essential Patents: More Alike Than Not
    The unspoken question that this paper raises in my mind is whether it may be incorrect to speak of Open Source and standardization as separate activities at all.  Instead, Open Source might correctly be viewed as a species of standardization activity, with particular license conditions and membership conditions. The success of Open Source activities—and other standards that implement royalty-free commitments, such as Bluetooth—shows that there’s a place in the continuum of standards policy for royalty-free licensing when participants wish that to be the case.