Code Dx Now Available in Microsoft’s Azure Government Cloud Marketplace

Bitnami has included Code Dx in the first wave of applications published to Microsoft’s Azure Government Cloud Marketplace. Code Dx provides comprehensive tools for software development professionals and quality assurance experts to test applications for vulnerabilities, pinpointing issues in the actual code. With the recent attention and focus on application security—along with the tools Code Dx provides to ensure software development compliance with standards found in regulations like the ... Read more

December 1, 2016

Bitnami Releases Two Amazon RDS Offerings!

Bitnami, one of the leading providers of open source software in the AWS Marketplace, is excited to announce two new offerings using Amazon Relational Database Service (RDS), Wordpress Multi-Tier with Amazon RDS for MariaDB and Redmine Multi-Tier with Amazon RDS for MariaDB. Wordpress, a popular Content Management System (CMS) and Redmine, a flexible and richly configurable project management platform, are excellent additions to any business’ needs in the cloud.  Amazon Relational Database ... Read more

November 29, 2016

MySQL / MariaDB: Privilege Escalation / Race Condition / Root Privilege Escalation (CVE-2016-6663 and CVE-2016-6664)

Several new security vulnerabilities that affect some versions of MySQL and MariaDB were announced recently: We want to let you know that all the published Bitnami Stacks that include MySQL or MariaDB as the database server are not affected, since they are using non-affected versions of the component. CVE-2016-6663 The vulnerability can allow a local system user with access to the affected database in the context of a low-privileged account (CREATE/INSERT/SELECT grants) to escalate th... Read more

November 21, 2016

Security Release: Drupal 7 and 8

The Drupal project released a new update that fixes several security vulnerabilities. We strongly recommend upgrading your existing Drupal 7 and 8 sites. Information regarding the additional changes is available in the official security advisory. In response to the new Drupal version, we have released the following: Bitnami Drupal 7 and 8 installers, virtual machines, and cloud images. Two notable issues include: 1. Confirmation forms allow external URLs to be injected (Moderately critical... Read more

November 18, 2016

Security Release: Jenkins 2.19.3 (CVE-2016-9299)

The Jenkins project hast just released a new update that fixes a zero-day vulnerability that allow unauthenticated remote code execution. It is considered critical as it allows to execute code to unprivileged users. We released new versions of Bitnami Jenkins 2.19.3 installers, virtual machines and cloud images that fix the security issue. More information about the issue can be found in the official blog post. Do you already have a Jenkins installation? You can follow our guide about h... Read more

November 18, 2016

Critical Security Release for GitLab (CVE-2016-9086)

The Gitlab project released a new update that contains an important security fix for a critical directory traversal vulnerability, and we strongly recommend that all GitLab installations be upgraded to the new version immediately. We released new versions of Bitnami Gitlab 8.13.3 installers, virtual machines and cloud images that fix the security issue. Directory traversal via "import/export" feature: CVE-2016-9086 Added in GitLab 8.9, the "import/export project" feature of GitLab allow... Read more

November 3, 2016

Joomla! 3.6.4 Security Release

The Joomla! project has just released a new version that fixes two critical security vulnerabilities, in addition to a bug fix for two-factor authentication. This is a security release for the 3.x series and it only contains the security fixes, no other changes have been made. It is strongly suggested that you update your Joomla! website to the latest version. You can find more info about these issue at the Joomla! release news. We have released Bitnami Joomla! 3.6.4 Docker image, cloud ... Read more

October 26, 2016

Dirty COW (CVE-2016-5195): Privilege escalation vulnerability in the Linux Kernel

[2016-10-26] All the affected cloud images and virtual machines have been successfully patched. If you are using a Bitnami Cloud Hosting instance, you can easily patch it by following the guide below while we upgrade the base images. [2016-10-24] The Bitnami Team is happy to announce that our images on Google, Azure, AWS Marketplace and regular images have been properly updated. Additionally, we will continue to work on releasing the images for our all of our cloud platform partners a... Read more

October 20, 2016

See more articles