Skip to main content

The 2017 Open Source Leadership Summit, put on by the Linux Foundation, brought together leaders from the open source community in Lake Tahoe last week to discuss timely open source topics. The topics that came up most throughout the conference included: open source becoming mainstream, future open source business models, security in a time where everything is connected, and a call to action to be active in technology policy.

The Double-Free vulnerability in the Linux kernel, as reported in CVE-2017-6074, has been patched in CoreOS Container Linux. This vulnerability could allow a local user to escalate to root privileges.

If you’ve ever heard someone from CoreOS speak on stage, you’ve probably heard them say something similar to, “Our plan is to dramatically improve the security of the internet.” That is the mission our founders set for the company when starting CoreOS.

This blog post is the first in a series exploring the performance of three distributed, consistent key-value stores: etcd, Zookeeper, and Consul. The post is written by the etcd team.

Over the past two years, we’ve seen a shift in the way organizations think about and manage distributed applications. At CoreOS, work toward this shift began with fleet, a simple distributed service manager released in 2014. Today, the community is seeing widespread adoption of Kubernetes, a system with origins at Google that is becoming the de facto standard for open source container orchestration.

This past December, we held Tectonic Summit, the premier enterprise Kubernetes conference. It was a successful, sold-out showcase of self-driving infrastructure.

The Kubernetes community released its 1.5 version on December 12 and just about a business month later (which included the holiday season), we are proud to release Tectonic 1.5. Tectonic includes self-driving container infrastructure and ships with the latest Kubernetes version, 1.5.2.

“At CoreOS we are building a company based on open source technologies, meaning we believe at the heart of the company in openness and acceptance. We believe people of all backgrounds are better together than separate, and diversity builds stronger communities. We believe in building a world class team, and celebrating our difference along the way. In addition to open source, security and privacy are a part of everything we do; keeping people and the information they share online protected. As we work to secure the internet, we work equally hard to honor all parts of the human spirit, and create an environment where all human beings can thrive.” – Alex Polvi, CEO of CoreOS

This post is by CoreOS principal security engineer, Matthew Garrett, known for his work in the open source security community. We wish him well in his next endeavor.

Container Linux by CoreOS ships dm-verity, a technology that builds on trusted boot and secure boot to make it impossible for attackers to modify the underlying filesystem containing the OS. This security mechanism is enabled by default, helping ensure that the whole system is in a trustworthy state.

A core part of Container Linux is the automated image-based update strategy. Each Container Linux install has three partitions that are used by the OS:

Subscribe to CoreOS Blog