News for Admins

Tech News

Article from ADMIN 72/2022
By
OpenSSL has issued an advisory (https://www.openssl.org/news/secadv/20221101.txt) relating to two vulnerabilities (CVE-2022-3602 and CVE-2022-3786), which affect OpenSSL version 3.0.0.

OpenSSL 3.0.7 Patches Serious Vulnerabilities

OpenSSL has issued an advisory (https://www.openssl.org/news/secadv/20221101.txt) relating to two vulnerabilities (CVE-2022-3602 and CVE-2022-3786), which affect OpenSSL version 3.0.0. These vulnerabilities have been addressed with the release of OpenSSL 3.0.7, so users should update now.

"Users of OpenSSL 3.0.0--3.0.6 are encouraged to upgrade to 3.0.7 as soon as possible. If you obtain your copy of OpenSSL from your operating system vendor or other third party then you should seek to obtain an updated version from them as soon as possible," the OpenSSL team says (https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/).

In a previous announcement (https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html), these vulnerabilities were described as "critical" – possibly leading to remote code execution. However, the OpenSSL project team has since downgraded the threats to "high," saying they "are not aware of any working exploit that could lead to remote code execution" and have no evidence of the vulnerabilities being exploited at this time.

IBM Introduces Diamondback Tape Library

IBM recently introduced the Diamondback Tape Library, "a high-density archival storage solution that is physically air-gapped to help protect against ransomware and other cyber threats in hybrid cloud environments."

The Diamondback Tape Library (https://www.ibm.com/products/diamondback-tape-library) is aimed at organizations that need to secure hundreds of petabytes of data, such as hyperscale cloud providers and global enterprises aggregating massive data sets, according to the announcement (https://www.hpcwire.com/off-the-wire/ibm-releases-its-diamondback-tape-library/). "It provides long-term storage and is designed to provide a significantly smaller carbon footprint compared to flash or disk storage, and with a lower total cost of ownership."

The main benefits of IBM Diamondback, the announcement says, include:

  • Sustainability
  • Ransomware protection and cyber resiliency
  • Data capacity and storage costs

"The IBM Diamondback Tape Library provides critical protection against a variety of threats, helping minimize data center floor space requirements and organizations' carbon footprint[s]," says Scott Baker, Vice President and Chief Marketing Officer of IBM Storage.

PostgreSQL 15 Released

The PostgreSQL Global Development Group has released version 15 of the open source PostgreSQL (https://www.postgresql.org/) database.

PostgreSQL 15 now also includes the SQL standard MERGE (https://www.postgresql.org/docs/15/sql-merge.html) command, which "lets you write conditional SQL statements that can include INSERT, UPDATE, and DELETE actions within a single statement."

According to the announcement, PostgreSQL 15 also includes performance improvements "with noticeable gains for managing workloads in both local and distributed deployments, including improved sorting." Specifically, PostgreSQL 15 offers improved in-memory and on-disk sorting (https://www.postgresql.org/docs/15/queries-order.html) algorithms, with benchmarks showing increases of 25--400 percent depending on data type.

"The PostgreSQL developer community continues to build features that simplify running high performance data workloads while improving the developer experience," said Jonathan Katz, a PostgreSQL Core Team member.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus