hi all,
we are patching all our servers with the march security patch released yesterday.
do we have to update our hardened repository transport? will jobs fail if we don't?
-
pesos
- Expert
- Posts: 223
- Liked: 22 times
- Joined: Nov 12, 2014 9:40 am
- Full Name: John Johnson
- Contact:
-
pesos
- Expert
- Posts: 223
- Liked: 22 times
- Joined: Nov 12, 2014 9:40 am
- Full Name: John Johnson
- Contact:
Re: veeam march security patch - hardened repo necessary?
related question generally regarding hardened repos... wondering what others do when patching it. I have two concerns
1) the bug I've discussed here before where the veeam installer breaks the permissions resulting in the repo being unusable (not only does this happen during the original installation on new ubuntu distros among others, but it still hasn't been fixed in later build) - has this finally been resolved with this most recent patch, or are we going to have to go through the manual steps yet again to fix the permissions after updating?
2) longer term, when updating hardened repos in general, how do we avoid the patching process itself being an security risk and avenue for bad actors who have infiltrated an environment and are camping and waiting for an opening to strike?
1) the bug I've discussed here before where the veeam installer breaks the permissions resulting in the repo being unusable (not only does this happen during the original installation on new ubuntu distros among others, but it still hasn't been fixed in later build) - has this finally been resolved with this most recent patch, or are we going to have to go through the manual steps yet again to fix the permissions after updating?
2) longer term, when updating hardened repos in general, how do we avoid the patching process itself being an security risk and avenue for bad actors who have infiltrated an environment and are camping and waiting for an opening to strike?
Who is online
Users browsing this forum: Andreas Neufert, Regnor and 30 guests