Moodle Security Issue CVE-2017-2641

[UPDATE 2017-03-23] For new application deployments, Bitnami has released Moodle 3.2.2 installers, containers, virtual machines and cloud images that address these vulnerabilities. If you deploy Bitnami Moodle via a Bitnami Launchpad, your application will be up-to-date and secure. If you deploy Bitnami Moodle via one of our cloud partner marketplaces and it is not yet updated to version 3.2.2, you should apply the workaround explained below. ---- The Moodle project has just released new... Read more

March 22, 2017

Security Release: Drupal 8.2.7

Drupal has released a new version that fixes three security vulnerabilities. It is recommended that you update your Drupal application to the latest version, Drupal 8.2.7. You can follow our documentation to learn how to upgrade your application and ensure its security. The vulnerabilities fixed in the latest version of Drupal are the following: Editor module incorrectly checks access to inline private files - Access Bypass - Critical - CVE-2017-6377 Some admin paths were not protec... Read more

March 16, 2017

Security release: WordPress 4.7.3

WordPress has released a new version that fixes six security vulnerabilities. It is recommended that you update your WordPress application to the latest version, Wordpress 4.7.3. You can follow our documentation to learn how to upgrade your application and ensure its security. For new application deployments, Bitnami has released WordPress 4.7.3 containers, installers, virtual machines and cloud images that address these vulnerabilities. If you deploy Bitnami WordPress via a Bitnami Launc... Read more

March 7, 2017

Bitnami Announces Skippbox Acquisition

Those of you who follow Bitnami closely may have noticed that Bitnami has been ramping up our development of container-based applications, and, more recently, our efforts to make Kubernetes-based application deployment easier via Helm Charts and the Monocular project. Thus, it’s probably not a big surprise that we are enthusiastic about the future of containers, and when it comes to orchestration, very excited about the momentum that has built around Kubernetes as the leading solution fo... Read more

March 7, 2017

Security notification: XSS and sandbox escape vulnerability in Plone

The Plone project has released a new patch that fixes a XSS and a sandbox escape vulnerability in the application. You can find more info about these issues on the Plone Security Announcements page. All supported Plone versions (4.3.11 and any earlier 4.x version, 5.0.6 and any earlier 5.x version) are affected. Previous versions could be affected but have not been fully tested. We highly recommend patching your existing Plone sites by following the steps below: 1. Create a backup of you... Read more

February 27, 2017

Chat Securely with Mattermost Team Edition, Now in Bitnami!

We are excited to announce our newest ISV partnership with Mattermost, the open source Slack-alternative you can run in your own cloud account! Modern chat tools have taken the world by storm with a variety of features like search, archiving, and extensibility that make them extremely useful to almost any type of organization. However, when chat is only available as a service it can run afoul of' IT security policies that require full control over sensitive files and data. With a seemingly ... Read more

February 27, 2017

Security notification: DCCP double-free kernel vulnerability (CVE-2017-6074)

[UPDATE 2017-02-28] Updated blog post with the steps to update CentOS and Oracle Linux kernels ---- [UPDATE 2017-02-23] Updated blog post with the steps to update Debian and RedHat kernels ---- A new security vulnerability in the Linux kernel has been discovered. You can find more information about this vulnerability in the following research report: "DCCP double-free vulnerability". Even though the Linux kernel code affected was implemented before 2006, it is not a remotely exploitabl... Read more

February 22, 2017

Security Release: Parse Server 2.3.1-1

Bitnami has released Parse Server version 2.3.1-1 for containers, installers and virtual machines to implement authentication when connecting to the Parse dashboard. If you deploy a new Bitnami Parse Server via a Bitnami Launchpad, your application will be up-to-date and secure. When deploying via a partner cloud marketplace, please ensure version 2.3.1-1 is selected. If you are still using a Bitnami Parse Server version 2.3.1-0 or earlier you must take steps to secure your installation. Thi... Read more

February 8, 2017

See more articles