Recently, some interesting security news has occurred, and two specific developments are the main discussion in this episode. Trojan Source is a newly discovered tactic that can be used to hide malicious code and execute something completely unexpected, even when the source code appears to be syntactically correct. In addition, CISA recently mandated a large number of CVE’s to be patched in the very near future, which will likely have ramifications even outside of the United States. Also, Jay and Joao also discuss the recently released Fedora 35, which is a distribution that has a large presence on the workstations that administrators use.
patch
The Homelab Show Episode 32 – Linux Patch Management
In episode 32 of The Homelab Show, Tom & Jay discuss Patch Management, including (but not limited to) unattended upgrades, live patching, and more!
Enterprise Linux Security Episode 3 – Linux Distro Migrations
Migrating your servers from one Linux distribution to another can be a daunting task, even moreso if it’s a migration you’re doing because of unforeseen events or changes within the ecosystem. In this video, Jay and Joao discuss the challenges when it comes to migrating Linux distributions, and the effect this has on security.
Live-patching QEMU with QEMUCare
Rebooting is a pain, and in some organizations, downright tedious. Shuffling virtual machines between hosts in a cluster is even more tedious, and when it’s time to install patches, that’s what many administrators are forced to do. In this video, I check out QEMUCare, which aims to live-patch QEMU to avoid VM shuffling. In particular, we’ll look at installing ePortal (which deploys the patches) and also an example scenario.