May 2022 Security Announcement
The Flux Team has found three security vulnerabilities in Flux, Today we will go through them and talk about what this may mean to you. We strongly advise you to upgrade your clusters as soon as you can. 🔒
Tag: security
Security: Using Pod Security Standard "restricted"
pod security standards is a recent addition to Kubernetes, coming to replace pod security policies. Alongside seccomp, it provides greater isolation levels to workloads. Read up on how we moved all Flux controllers to ‘restricted’ mode and how that’s going to keep you safer.
Security: More confidence through Fuzzing
ADA Logics helped us moving to Fuzzing as part of their security audit. We finally implemented this for all Flux controllers. Learn here how this keeps you safer.
Security: Image Provenance
Next up in our series of blog posts about Flux’s security considerations. This time: image provenance - how to make it part of your workflow and how it keeps you safe.
Security: The Value of SBOMs
The first in our series of blog posts about Flux’s security considerations. This time: what a Software Bill of Materials can do to keep you safe.
Flux Security Audit has concluded
Flux just went through a CNCF-funded Security Audit. Here we publicly release and discuss the report. We also disclose our first CVE, which was fixed in Flux v0.18.0 - please upgrade as soon as you can!