Don’t let DROWN get you down
If you’re maintaining services on the internet, you know about the importance of keeping up to date with security patches as they come available. Today is no exception with the release of CVE-2016-0800, describing the ‘DROWN’ vulnerability in OpenSSL.
The key points of DROWN are that it can allow for passive decryption of encrypted traffic, via vulnerabilities in the obsolete SSLv2 protocol. Merely using SSLv2 for one service could cause the compromise the traffic of other services, even if they aren’t using SSLv2. More information can be found at http://www.drownattack.com/.
The Red Hat specific announcement can be found in the Red Hat Knowledgebase.
Obviously, this is a big deal, but patching your systems for DROWN doesn’t have to be a big deal, thanks to Ansible.
Here’s a sample playbook for Red Hat/Fedora/CentOS and Debian/Ubuntu systems (link to source):
- hosts: all gather_facts: true sudo: true tasks: - name: update openssl from apt if available apt: name=openssl state=latest update_cache=yes when: ansible_os_family == 'Debian' notify: restart_system - name: update openssl from yum if available yum: name=openssl state=latest update_cache=yes when: ansible_os_family == 'RedHat' notify: restart_system Continue reading
Announcing Docker Cloud
Today we are proud to announce the immediate general availability of Docker Cloud. And we are excited to invite and welcome everyone of you to try it out. Docker Cloud is the name of the new cloud service by Docker … Continued#SwarmWeek is Coming – Are you ready?
The week of Monday, March 7th through Friday March 11th is packed with awesome activities, exciting news, cool hacks and content all related to Docker Swarm. Docker Swarm is the open source project for Docker host clustering and container scheduling … ContinuedDocker Compose and Networking: Easy, secure apps at scale
When we released Docker 1.10 and Docker Compose 1.6 on February 4th, we provided you with an easy way to build a fully featured and scalable app. It’s amazing what you can do with just one simple file. I … ContinuedGalaxy 2.0.1 Release
Today we are pleased to announce the release of Galaxy 2.0.1. In this release we fixed a few nagging bugs, improved the UI on the My Roles page, and took steps to make the role import process more reliable.
Here’s a rundown of the issues addressed in this release:
130 - Plural for ‘minutes ago’ is currently ‘minutess ago’
129 - When Travis notifies on a new tag, tag is not imported into Galaxy
126 - Search - make keyword search less fuzzy
123 - Edit role name changes shouldn’t result in broken links
122 - Edit role name changes should be reflected on import roles page
119 - Search on Browse Authors results in 500 error
117 - Duplication in roles list
115 - An error occurred while saving the role: value too long for type character varying(256)
114 - Link to Travis-CI not loading
113 - Move user repository refresh task to separate queue
109 - Role listed multiple (2) times
107 - My Roles not displaying all roles
105 - Users have to refresh browser cache to get new CSS
Video: Docker Containers-as-a-Service Walkthrough
This has been a huge week for us here at Docker! Yesterday, we announced the release of Docker Datacenter, which brings container management and deployment services to the enterprise with a production-ready Containers-as-a-Service (CaaS) platform that is supported by Docker … ContinuedAnsibleFest London 2016 Presentations
We broke records last week with over 500 people attending AnsibleFest London last week. If you were able to attend, we hope you enjoyed the event and will come again in 2017. If you couldn't attend, don't worry, we plan on 2 more events this year.
Follow Ansible on Twitter to get the latest news and details.
Deploying a Mesos Based Visual Effects Studio, Industrial Light and Magic
Continuous Deployment for an Order System, Atlassian
Ansible 2.0 and Windows, M*Modal
Ansible Accelerates Deployment at Societe Generale, Theodo
Managing Your Cisco Data Center Network with Ansible, Cisco
Immutable Infrastructure at Scale with Ansible, Beamly
View all of the presentations here.
