Monthly TuxCare Update - July 2021 | tuxcare.com
TuxCare Blog News

Monthly TuxCare Update – July 2021

August 2, 2021

We are a trusted partner to the Enterprise Linux industry when it comes to delivering maintenance services. Our goal is to improve the manageability of system administration. In this monthly overview, you will find a round-up of the latest CVEs patched by the TuxCare Team. Also, carry on reading for details of the latest updates to our TuxCare service and lots of helpful advice.

Content:

1. CVEs Disclosed in July
2. Single Sign-On is Here
3. TuxCare on YouTube
4. Sysadmin Appreciation Day

CVEs disclosed in JuLY

The big news this month was the discovery of a vulnerability in the code for the curl function that’s been in existence for over twenty years. CVE-2021-22922, CVE-2021-22923 and CVE-2021-22925 are related to a process that could allow a download link to be replaced with a pointer to malicious content undetected. The latter of the CVE’s coming due to the fix for a previous CVE not resolving the problem. Luckily for our clients, our Extended Lifecycle Support Services have produced and distributed live patches for all these CVE’s.

In other CVE news, a kernel vulnerability was identified in the Linux filesystem layer. CVE-2021-33909 affects code that’s seven years old and, if exploited, could allow an attacker to escalate privileges and employ lateral movement techniques to compromise systems. Our KernelCare Enterprise Live Patching Service has produced and distributed a live patch for this CVE.

 

 

SINGLE SIGN-ON IS HERE

The TuxCare Team is continually looking to improve its services and respond to our clients’ requests for new functions and features. To this end, we are delighted to announce the roll-out of single sign-on support for ePortal authentication that follows the OAuth 2.0 standard. This feature is therefore fully compatible out-of-the-box with popular authentication providers like Google, Okta and others. This improvement to the useability and security follows feedback from our clients on new functions they would like to see implemented. We’re always happy to receive such suggestions and add them to our service’s impressive feature list whenever we can.

 

 


TUXCARE ON YOUTUBE

The other big news is the launch of a brand new, bi-weekly podcast that discusses all things Linux Security co-hosted by Learn Linux TV’s Jay LaCroix and TuxCare’s very own Joao Correia. This forty-five-minute exploration of Linux security issues is essential listening for anyone involved in managing Linux-based enterprise systems. You can watch the first episode here on YouTube.

 

 


SYSADMIN APPRECIATION DAY

Finally, if you’ve been paying attention to our previous blogs, you will know that the 30th of July was Sysadmin day. In honour of this day of appreciation for Sysadmins everywhere, Jay LaCroix and Joao Correia were joined by Brian Osborn from Admin Magazine in an excellent and entertaining panel discussion. You can watch the video here on YouTube.

Catch up on the previous tuxcare updates:

TuxCare Update – June 2021

TuxCare Update – May 2021

TuxCare can help you reduce your risk window to data exfiltration and other cyber security threats.

TALK TO A CYBERSECURITY EXPERT

Expert knowledge of Linux security tips,
live patching education, and Cybersecurity news.

Stay updated with the latest news and announcements from TuxCare.com

Related Articles

The Bugs Behind the Vulnerabilities...

We continue to look at the code issues that cause...

November 14, 2022

Cybersecurity insurance and fine print:...

Catastrophic risks such as natural disasters and indeed cyberattacks require...

June 29, 2022

IT Automation With Live...

In a symphony orchestra, instruments harmonize to create one pleasing...

June 20, 2022

KernelCare ePortal updated – version...

We are pleased to announce that a new updated ePortal version...

June 16, 2022

KernelCare agent update – version...

We are pleased to announce that a new updated KernelCare agent...

June 2, 2022

KernelCare ePortal updated – version...

We are pleased to announce that a new updated ePortal version...

May 26, 2022

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching