This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2022-03-16
Channels
- # aleph (1)
- # announcements (16)
- # babashka (36)
- # beginners (62)
- # calva (15)
- # cider (21)
- # cljsrn (5)
- # clojure (84)
- # clojure-dev (3)
- # clojure-europe (22)
- # clojure-italy (2)
- # clojure-nl (2)
- # clojure-uk (3)
- # clojurescript (36)
- # core-async (2)
- # cursive (4)
- # datomic (8)
- # emacs (14)
- # events (1)
- # fulcro (4)
- # hyperfiddle (6)
- # introduce-yourself (3)
- # jobs (1)
- # leiningen (4)
- # lsp (100)
- # nrepl (3)
- # off-topic (36)
- # pathom (17)
- # podcasts-discuss (1)
- # polylith (4)
- # portal (14)
- # react (1)
- # reagent (3)
- # reitit (8)
- # releases (3)
- # remote-jobs (1)
- # reveal (7)
- # shadow-cljs (19)
- # sql (16)
- # web-security (3)
Our security team is concerned about "dirty pipe" exploit. Do we have any guidance on which remediation to apply?
Hi @m0smith, if the bastions are your primary concern you can upgrade your Datomic Cloud system to the latest release which doesn't have bastions anymore.
This is the CVE we are looking at https://securelist.com/cve-2022-0847-aka-dirty-pipe-vulnerability-in-linux-kernel/106088/