Skip to main content

When we started Quay, we wanted to build an image registry that not only allowed you to manage your container images, but do so securely and reliably. Over the past few months we have noticed an accelerated interest in Quay and containers in general. One of the main forces driving this growth is the adoption of container orchestration and in particular, Kubernetes. And with the introduction of a new platform came a new set of challenges around deploying ever increasingly complex applications.

An admission plugin security vulnerability related to PodSecurityPolicies was patched with the release of Kubernetes v1.5.5. This vulnerability could allow users to make use of any PodSecurityPolicies object, including those they are not authorized to use.

Am I affected by this vulnerability?

This vulnerability only affects Kubernetes v1.5.0-1.5.4 and, more specifically, installations that do all of the following:

In 2014 Google packaged their experience building massive and automated container clusters into a remarkable system of open source software known by a Greek word for “helmsman”: Kubernetes. Successor to the internal Borg system and its research-oriented successor, Omega, the introduction of Kubernetes garnered massive interest. The open source project quickly took on new developers outside Google.

Today CoreOS and Docker made a combined proposal to add rkt and containerd as new projects for inclusion in the Cloud Native Computing Foundation (CNCF). During today's CNCF Technical Oversight Committee (TOC) meeting, Jonathan Boulle, a rkt project lead and co-founder, proposed rkt, and Michael Crosby, a containerd project lead and co-founder, proposed containerd.

Every year, we love getting the CoreOS community together to celebrate distributed systems, Kubernetes and CoreOS technologies at CoreOS Fest. This year, CoreOS Fest gathers the community on May 31 and June 1 at Pier 27 in San Francisco. In addition to keynotes and announcements from Alex Polvi, CEO of CoreOS, and Brandon Philips, CTO of CoreOS, we have an intriguing lineup of speakers that will bring timely topics to light.

KubeCon and Cloud Native Con Europe is coming up this month and we hope to see you there! Meet us in March at the following events:

CoreOS Fest San Francisco, coming up May 31 and June 1, is rapidly approaching, which means it’s time to get those speaking proposals in! To help you in your proposal writing process, here’s a quick guide.

The 2017 Open Source Leadership Summit, put on by the Linux Foundation, brought together leaders from the open source community in Lake Tahoe last week to discuss timely open source topics. The topics that came up most throughout the conference included: open source becoming mainstream, future open source business models, security in a time where everything is connected, and a call to action to be active in technology policy.

The Double-Free vulnerability in the Linux kernel, as reported in CVE-2017-6074, has been patched in CoreOS Container Linux. This vulnerability could allow a local user to escalate to root privileges.

If you’ve ever heard someone from CoreOS speak on stage, you’ve probably heard them say something similar to, “Our plan is to dramatically improve the security of the internet.” That is the mission our founders set for the company when starting CoreOS.

Subscribe to CoreOS Blog