Show posts tagged:
security

CFEngine 3.18 LTS released - Extensibility

Today, we are pleased to announce the release of CFEngine 3.18.0! The focus of this new version has been extensibility. It also marks an important event, the beginning of the 3.18 LTS series, which will be supported for 3 years. Several new features have been added since the release of CFEngine 3.15 LTS, in the form of non-LTS releases. In this blog post we’ll primarily focus on what is new in 3.

June 24, 2021

CFEngine 3.12.7 and 3.15.4 released

We are pleased to announce two new patch releases for CFEngine, version 3.12.7 and 3.15.4! These releases mainly contain bug fixes and dependency updates. Changelogs As always, you can see a full list of changes and improvements in our changelogs: 3.12.7 Changelog for CFEngine Community 3.12.7 Changelog for CFEngine Enterprise 3.12.7 Changelog for Masterfiles Policy Framework 3.15.4 Changelog for CFEngine Community 3.15.4 Changelog for CFEngine Enterprise 3.

June 8, 2021

CFEngine 3.17 released - Flexibility

We are pleased to announce the release of CFEngine 3.17.0, with the theme Flexibility! This is a non-LTS release and allows the CFEngine community to test the features which will be in CFEngine 3.18.0 LTS (Summer 2021). What’s new? A new look - Mission Portal Dark Mode Mission portal now gives you the option of switching to an alternate color theme, dark mode: Trigger report collection from Host Info Page You no longer have to wait for the next reporting interval, or use the command line to get updated reports.

November 18, 2020

CFEngine 3.12.6 and 3.15.3 released

We are pleased to announce two new patch releases for CFEngine, version 3.12.6 and 3.15.3! These releases mainly contain bug fixes and dependency updates, but in 3.15.3 there are also some new enhancements in Mission Portal. The new cf-secret binary is also included in 3.15.3 packages. New in Mission Portal 3.15.3 Synchronizing roles between Mission Portal and Active Directory When using LDAP for authentication, Mission Portal can now automatically grant roles based on the tags received from your LDAP server (for example Active Directory).

November 10, 2020

COVID-19's Impact On Infrastructure Security

It’s no secret that COVID-19 is negatively impacting businesses of all sizes in a number of ways. Some more obvious than others. Unless you are in IT, you’re probably not thinking of how COVID-19 can affect the infrastructure security of your organization, but the truth is that as businesses make the tough decision to layoff employees in order to stay in business, basic security hygiene can easily be overlooked. Even organizations that are fortunate enough to not have to make cuts are still impacted in the form of needing access to specialized tools that allow IT & Security teams to enforce infrastructure changes remotely, efficiently, and at scale.

Posted by Cody Valle
July 14, 2020

CFEngine 3.16 released - Compliance

Today we announce the newest additions to CFEngine. CFEngine 3.16 brings several improvements, bug fixes, and new features. The theme for this release has been compliance, and it notably includes a new category of reports for proving compliance to regulation and other compliance frameworks in high level, easy to read reports. If you are interested to learn more about CFEngine, schedule training, or hear about pricing options, feel free to reach out to us!

June 25, 2020

How CFEngine stays ahead of the pack

Blazing the trail CFEngine was the first Configuration Management solution on the market, and while we have made many and significant changes and improvements to CFEngine in that time, we stay true to the principles that make it such a great product and technology. There are many things that have changed in the market, not at least the competitive situation, we believe that fundamentally many of the challenges stay the same.

June 23, 2020

Introducing cf-secret - Secret encryption in CFEngine

Contributor and CFEngine Champion, Jon Henrik Bjørnstad, developed a tool for encrypting files using CFEngine host keys, called cf-keycrypt. Thank you to Jon Henrik and all of our contributors for helping improve the CFEngine project. Our developer, Vratislav Podzimek, recently took some time to review the cf-keycrypt code, and made many improvements and fixes. The most notable changes were: Switched to hybrid encryption (payload is encrypted with randomly generated AES key, AES key is encrypted with RSA key).

May 30, 2020

CVE-2019-19394 - Mission Portal JavaScript Injection vulnerability

A vulnerability was recently discovered in CFEngine Mission Portal and has now been fixed. Under certain circumstances, it was possible to inject JavaScript code into data presented in Mission Portal, that would be run in the user’s browser. This security issue was fixed in CFEngine 3.10.7, 3.12.3, and 3.15.0, and will be mitigated by upgrading your hub to one of these versions (or later). No other action is required than upgrading the Hub.

April 16, 2020

Upgrading from CFEngine 2 to 3: running the 2 agents side by side with 3

CFEngine 2 network communication is insecure by today’s standards. CFEngine 2 CVE-2016-6329: CFEngine 2 uses Blowfish cipher (1993) which today is considered: Weak Deprecated Subject to key recovery attack No security fixes since 2008. Protocol communications not encrypted; only data transfer (which facilitates attack). Encryption is off by default. CFEngine 3 All communication is encrypted Uses TLS 1.3 (current state of the art) Up to date, maintained, secure from the software vendor Full Enterprise support, with SLA.

January 28, 2020
Get in touch with us
to discuss how we can help!
Contact us
Sign up for
our newsletter
By signing up, you agree to your e-mail address being stored and used to receive newsletters about CFEngine