ClickCease Monthly TuxCare Update - May 2021 | tuxcare.com

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Monthly TuxCare Update – May 2021

June 3, 2021 - TuxCare PR Team

The Enterprise Linux industry has become more complex to maintain, which raises the need for a trusted partner for Linux maintenance. In this monthly overview you will find a round-up of the latest CVEs patched by the TuxCare Team. Also, carry on reading for details of what TuxCare offers you, our newly introduced live patching services and how these match the growth of your organization.

Content:

1. CVEs disclosed in May
2. How to run multiple End-of-Life Distributions In Your Infrastructure and Remain Secure?
3. Live Patching Services for Enterprise Linux: What’s New & How You May Benefit From It
4. Linux Support Services: Available for AlmaLinux OS 8 and other popular Enterprise Linux distributions
5. TuxCare Blog: Editor’s Pick

CVEs disclosed in May

Our main goal is to help clients overcome security breaches. To achieve this, TuxCare Extended Lifecycle Support Services track and test vulnerabilities across several packages.

  • CVE-2021-23017 affects all versions of nginx, including those that are bundled with distributions already past their End-of-Life. TuxCare patches were released on the same day the vulnerability was disclosed.
  • CVE-2021-22898 and CVE-2021-22901 both affect libcurl. During our testing, we discovered that they did not affect the Linux distributions covered by our services.

 

How to run multiple End-of-Life Distributions In Your Infrastructure and Remain Secure?

 

The nginx vulnerability mentioned above is just another example of how it feels to use a Linux distribution no longer supported by a vendor – UNSAFE. At the same time, it may be a necessary part of your migration plan, during which your systems must remain protected.

TuxCare Extended Lifecycle Support services include updates and security patches for all operating system packages. These do not affect any of your current running infrastructures, are affordably priced and do not require a mandatory annual subscription before you start using the service. Available for CentOS 6Oracle Linux 6 and Ubuntu 16.04, plus support for Debian will be released soon.

 

Live Patching Services for Enterprise Linux: What’s New & How You May Benefit From It

 

To support the requirements that larger organizations have for patching EVERY Linux system securely, we took our KernelCare Enterprise as the basis of the service and added:

  • ePortal server
  • Integration with popular vulnerability and automation scanners

Additionally, you can now include:

To familiarise yourself with any of TuxCare Live Patching Services, you can apply for a free proof of concept and see how it can help your organization avoid security beaches.

 

Linux Support Services: Available for AlmaLinux OS 8 and other popular Enterprise Linux distributions

How can we maintain all of these distros, and what makes us experts at this? First of all, the company started 11 years ago with an RHEL fork and proceeded with supporting systems that have to be continuously updated. Hence, every support request is answered by a TuxCare architect, each with 10+ years of experience in enterprise infrastructure maintenance.

The TuxCare team is not just another OS vendor. We go beyond bug fixes and updates to help solve security, interoperability and connectivity issues of the open-source software in enterprise solutions.

TuxCare Blog: Editor’s Pick

 

Regarding the last article, check out the discussion between Jay from the LearnLinuxTV and TuxCare Evangelist Joao Correia on how the University of Minnesota got the open-source wrong, plus the strengths and weaknesses of open-source in general.

Get a FREE 7-Day Supported Trial of KernelCare 

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Related Articles

Strategies for Managing End-of-Life Operating...

End-of-life software is just a fact of our fast-paced technology...

January 30, 2023

Think You Can’t Afford Consistent...

Look, everyone knows that it’s a tough act. Thousands of...

January 17, 2023

Common Government Cybersecurity Standards –...

The public sector, including state and federal agencies, are at...

January 16, 2023

Which Linux Distro is Best...

If your organization deploys IoT solutions, you know that development...

December 1, 2022

The Bugs Behind the Vulnerabilities...

We continue to look at the code issues that cause...

November 14, 2022

Cybersecurity insurance and fine print:...

Catastrophic risks such as natural disasters and indeed cyberattacks require...

June 29, 2022