End-to-End Secrets Security: Making a Plan to Secure Your Machine Identities

At the heart of every application are secrets. Credentials that allow human-to-machine and machine-to-machine communication. Machine identities outnumber human identities by a factor of 45-to-1 and represent the majority of secrets we need to worry about. According to CyberArk's recent research,...

HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

GHSA-9VRM-V9XV-X3XR HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

CVE-2023-0690

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

CVE-2023-0690

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

Design/Logic Flaw

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

CVE-2023-0690 Boundary Workers Store Rotated Credentials in Plaintext Even When a Key Management Service Configured

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service KMS defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the...

[SECURITY] Fedora 36 Update: logrotate-3.20.1-1.fc36

The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log...

Moderate: Red Hat Security Advisory: logrotate security update

An updated logrotate package that fixes multiple security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...