The Flux Team has found three security vulnerabilities in Flux, Today we will go through them and talk about what this may mean to you. We strongly advise you to upgrade your clusters as soon as you can. 🔒
pod security standards is a recent addition to Kubernetes, coming to replace pod security policies. Alongside seccomp, it provides greater isolation levels to workloads. Read up on how we moved all Flux controllers to ‘restricted’ mode and how that’s going to keep you safer.
ADA Logics helped us moving to Fuzzing as part of their security audit. We finally implemented this for all Flux controllers. Learn here how this keeps you safer.
Next up in our series of blog posts about Flux’s security considerations. This time: image provenance - how to make it part of your workflow and how it keeps you safe.
The first in our series of blog posts about Flux’s security considerations. This time: what a Software Bill of Materials can do to keep you safe.
Flux just went through a CNCF-funded Security Audit. Here we publicly release and discuss the report. We also disclose our first CVE, which was fixed in Flux v0.18.0 - please upgrade as soon as you can!