Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
Testing applications is necessary, as bugs and other security vulnerabilities are always found in applications. Many developers have to work under tight schedules; therefore, they don’t always have enough time to test the applications, which often becomes a disaster.
A new Kubernetes security vulnerability was recently announced, along with patch releases for the issue for Kubernetes versions 1.13, 1.14, and 1.15. CVE-2019-11247 discloses a serious vulnerability in the K8s API that could allow users to read, modify or delete cluster-wide custom resources, even if they only have RBAC permissions for namespaced resources.
If your clusters aren’t using , you aren’t affected. But CRDs have become a critical component of many Kubernetes-native projects like Istio, so many users are impacted. This vulnerability also doesn’t affect you if your clusters run without Kubernetes RBAC, but that puts you at an even greater risk than this vulnerability does. We still strongly recommend enabling and using Kubernetes RBAC.
Pressing Topics is a daily podcast hosted by Malcom Peralty and myself. We discuss the news that’s making headlines in the WordPress ecosystem as well as related topics that catch our eyes. Generally speaking, if you listen to this show on a daily basis, you should have a good idea on what’s going on in the WordPress community.
Pressing Topics is different from WordPress Weekly as we’ll rarely interview guests, go in-depth on specific subjects, and the show’s length is greatly reduced. Today’s episode is 26 minutes long and most episodes will be shorter than that.
In our first episode, we discuss the balancing act of user self sufficiency, a new empowerwoment project at Yoast, why countdown timers on event sites are impractical, and WPMU Dev ending development for more than 90% of their plugins.
We also talk about the success of WordPress Translation day 4, and inform listeners of multiple security vulnerabilities discovered in the WordPress Ultimate Member plugin.
I’ll submit the podcast to iTunes in the next few days to provide more convenient options of subscribing. Please listen to episode one and let us know what you think.
Empowerwoment project at Yoast
Conference Websites – Please don’t use countdown timers
WPMUDEV Shutting Down Development on Many Plugins
WPMU Pro Sites Plugin Migration Option with WP Ultimo
Multiple Vulnerabilities in the WordPress Ultimate Member Plugin
The transcript is in Rich-Text format. You can download the show or listen to it via the embedded audio player below.
Snyk recently released its annual State of Open-Source Security Report for 2019, which highlights the current landscape of open-source security, as a whole, and clearly illustrates that vulnerabilities in container images are no exception.
The report showed results from data collected in a recent survey of more than 500 open-source developers and maintainers, data from public application registries, library datasets, GitHub repositories, and Snyk’s comprehensive vulnerability database continuously pulling in data from hundreds of thousands of projects monitored and protected by Snyk.