Canonical publishes auto-apply vulnerability patch for Kubernetes

Charmed distribution of Kubernetes clusters auto-apply vulnerability patches for CVE-2018-1002105 On December 3 2018,  the Kubernetes project disclosed a security vulnerability in all versions of its popular container orchestration software. The vulnerability, CVE-2018-1002105, exists in the Kubernetes API server, and allows an attacker to send arbitrary requests to backend cluster services, such as kubelets. The […]

The post Canonical publishes auto-apply vulnerability patch for Kubernetes appeared first on Ubuntu Blog.

Ubuntu, security & compliance

Security, regulations and compliance are everyday issues for businesses, whether global or not. HIPAA, GDPR, MiFID II, and a whole host of other regulations, security and compliance demands are shaping the way businesses operate and the technologies that they can use. Although technological choices are not always able to completely solve particular regulatory or compliance […]

The post Ubuntu, security & compliance appeared first on Ubuntu Blog.

How Ubuntu is at the forefront of security & compliance

  Whether it is HIPAA, MiFID II or GDPR, the importance of being compliant cannot be underestimated. Protecting your customers and avoiding the significant financial and reputational ramifications that threaten non-compliant organisations, is a must, and this starts with the technology powering your enterprise. Ubuntu is used by businesses spanning all sizes, industries and geographies, […]

The post How Ubuntu is at the forefront of security & compliance appeared first on Ubuntu Blog.

A guide to snap permissions and interfaces

Snap is a Linux application package management system which allow developers to easily publish self contained software packages (snaps) that work across many distributions and versions of Linux. Snaps have security at their heart, and are designed to ensure all applications support the principle of least privilege / authority. That is, each package only has […]

The post A guide to snap permissions and interfaces appeared first on Ubuntu Blog.

Canonical’s Current Security Certifications

Canonical has entered the security certifications space by achieving a few important security certifications for the first time on Ubuntu. Canonical has achieved FIPS 140-2 Level 1 certification for several cryptographic modules on Ubuntu 16.04. Canonical has also achieved Common Criteria EAL2 certification for Ubuntu 16.04. In addition, Defense Information System Agency (DISA) has published […]

The post Canonical’s Current Security Certifications appeared first on Ubuntu Blog.

Ubuntu updates for L1 Terminal Fault vulnerabilities

For up-to-date patch, package, and USN links, please click here.  Today Intel announced a new side channel vulnerability known as L1 Terminal Fault. Raoul Strackx, Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and researchers from Intel discovered that memory present in the L1 […]

The post Ubuntu updates for L1 Terminal Fault vulnerabilities appeared first on Ubuntu Blog.

National Cyber Security Centre publish Ubuntu 18.04 LTS Security Guide

Last week the NCSC (National Cyber Security Centre) in the UK issued their latest publication which gives advice on how to configure Ubuntu 18.04 LTS in accordance with their security best practices. The National Cyber Security Centre (NCSC)is the UK government department responsible for providing guidance on Information Security to the UK public and private […]

The post National Cyber Security Centre publish Ubuntu 18.04 LTS Security Guide appeared first on Ubuntu Blog.