How to Upgrade An Unsupported OS: An In-depth Checklist

CloudLinux Enterprise services have been growing steadily for years now. KernelCare, for example, was launched around 6 years ago as a live patching tool for the Linux Kernel. Since then we have added several useful integrations for vulnerability scanners, automation tools and others, and we also released KernelCare+ which adds live patching for OpenSSL and glibc shared libraries.

Last year we also added Extended Lifecycle Support services that let you continue to receive security updates for your systems that are past their original vendor’s End-of-Life date. So if you need more time to migrate to current versions of your distro we can continue to provide patches and updates up to four years past the EOL date.

The KernelCare team is proud to announce the release of KernelCare 2.43-2, bringing new features and bug fixes to the enterprise’s live patching tool of choice. This follows the recent update to ePortal, and signals KernelCare’s continued commitment to support and maintain this important and widely used enterprise tool, giving users the confidence to continue to depend on it for their live patching needs.

When you see so many vulnerabilities being reported and so many security-related issues being exploited, you may think to yourself “I’m lucky not to be using that package or software, I’m not vulnerable to this”. 

Shortly after exploit code was found in a public repository, two new vulnerabilities (CVE-2020-27170 and CVE-2020-27171) have been found in the Linux Kernel code that protects against it.

Both vulnerabilities allow a local user to read kernel memory which could contain sensitive information like encryption keys. Proof-of-concept code has also been made available privately, but it is safe to assume it will eventually reach public outlets.

Increasing Security of MySQL Databases While Eliminating DowntimeOpen-source software (OSS) has quickly transformed how modern applications are built and their underlying code. Access to high-quality and robust open-source software projects has allowed developers to quickly integrate new capabilities into their applications without reinventing the wheel. As a result, it is now estimated that between 80% and 90% of the code in most modern applications is made up of open source components. Likewise, many of the tools that have enabled DevOps and CI/CD growth such as Jenkins, Kubernetes, and Docker are themselves open-source projects.

DevOps is a combination of software development and IT operations that aims to improve and evolve products at a faster than normal pace in order to help organizations compete more effectively and better serve their customers.

No downtime or non-compliant? That is the question for companies that do not use automated patch services. There is no middle ground when it comes to the security of your clients and the well-being of your business. Especially now, when live patching is available not only for Linux kernels but also for Glibc and OpenSSL. KernelCare+ patches shared Glibc and OpenSSL libraries without service restarts or server reboots — and it has already been tested!

At 10 am EST on Thursday, 3 September 2020, we’ll be conducting a live webinar on how to update shared libraries without restarts, using KernelCare+. Sign up and join the conversation about the library-patching capabilities of this new KernelCare variant. 

The beta version of KernelCare⁺ is now available for download for Red Hat Enterprise Linux 7, CloudLinux OS 7, and CentOS 7. More distributions will be added in June 2020.