The security agency described Constellation as a NetBeans Java application that can be “used to inform decision making and advance data-driven innovation”. The source code has been released under the Apache License 2.0.

The Australian Signals Directorate (ASD) has released an open source version of its in-house data visualisation and analysis tool, Constellation, connecting the security agency with the outer world.

The tool — which is available via GitHub — was designed to help “inform decision-making and advance data-driven innovation” and can be used to “solve large and complex problems in a simple and intuitive way”, according to the agency.

Week 2019/33 ‘only’ saw three snapshots being published (3 more were given to openQA but discarded).

Here’s your report of what has happened in Fedora Program Management this week. I have weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else. (Just not this week because I will be traveling)

Security updates have been issued by Debian (freetype, libreoffice, and openjdk-7), Fedora (edk2, mariadb, mariadb-connector-c, mariadb-connector-odbc, python-django, and squirrelmail), Gentoo (chromium, cups, firefox, glibc, kconfig, libarchive, libreoffice, oracle-jdk-bin, polkit, proftpd, sqlite, wget, zeromq, and znc), openSUSE (bzip2, chromium, dosbox, evince, gpg2, icedtea-web, java-11-openjdk, java-1_8_0-openjdk, kconfig, kdelibs4, mariadb, mariadb-connector-c, nodejs8, pdns, polkit, python, subversion, and vlc), Oracle (ghostscript and kernel), Red Hat (mysql:8.0 and subversion:1.10), SUSE (389-ds, libvirt and libvirt-python, and openjpeg2), and Ubuntu (nginx).

My name is Brandon Edwards, I’m Chief Scientist at Capsule8. Today we’ll be talking about a compendium of container escapes in the podcast. We’ve previously talked about escaping containers and the sorts of vulnerabilities people should be concerned with a while back. In particular we’re discussing how the RunC vulnerability had engendered all this interest, or concern, or almost shock, the trust the people are placing in containers was broken. Oh wow, an escape could happen! I think it’s really valuable to be able to communicate and show all the other ways that that sort of thing can happen, either from misconfiguration, or over granting privileges, or providing host mounts into the container, or having kernel vulnerabilities that could somehow compromise any of the elements of the security model of container, which is both fragile and complex.

Data graph vendor Apollo is aiming to help overcome several obstacles to enterprises using graph databases with its latest Apollo Data Graph Platform update, which became generally available on July 16. Among the key new features in the platform are federated management capabilities that enable more scalability across different GraphQL data graph instances. GraphQL is an open source query language for APIs, originally created by Facebook that is used to enable data graph capabilities.

In this video, I am going to show an overview of Pardus 19 Gnome and some of the applications pre-installed.

We go hands-on with the big Xfce release that took four years and five months to develop. Kubernetes gets an audit that might just set a precedent, and Google has a new feature for AMP that has us all worked up.