Secure Secrets Management: Leveraging Laravel with HashiCorp Vault
https://github.com/digitlimit/vaulitfy/tree/main/app/Services/Vault
https://www.youtube.com/watch?v=bZdzxcJ0cUg
https://github.com/digitlimit/vaulitfy/tree/main/app/Services/Vault
https://www.youtube.com/watch?v=bZdzxcJ0cUg
Forwarded from Infrastructure Artists
خوشگایی که hashicorp vault دارین تو زیرساخت استفاده میکنید آپدیت کنید که بساط نشید
Vault and Vault Enterprise are vulnerable to an unauthenticated denial of service when processing JSON payloads.https://nvd.nist.gov/vuln/detail/CVE-2025-12044
See also: https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393
The Community edition needs upgrade to 1.20.3 and Vault Enterprise to 1.21.0, 1.20.5, 1.19.11, or 1.16.27.
Vault and Vault Enterprise are vulnerable to an unauthenticated denial of service when processing JSON payloads.https://nvd.nist.gov/vuln/detail/CVE-2025-12044
See also: https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393
The Community edition needs upgrade to 1.20.3 and Vault Enterprise to 1.21.0, 1.20.5, 1.19.11, or 1.16.27.
HashiCorp Discuss
HCSEC-2025-24 - Vault Denial of Service Though Complex JSON Payloads
Bulletin ID: HCSEC-2025-24 Affected Products / Versions: Vault Community Edition from 1.15.0 up to 1.20.4, fixed in 1.21.0. Vault Enterprise from 1.15.0 up to 1.20.4, 1.19.10, 1.18.15, and 1.16.26, fixed in 1.21.0, 1.20.5, 1.19.11, and 1.16.27 Publication…
❤1
https://www.chainguard.dev/unchained/secure-and-free-minio-chainguard-containers
https://images.chainguard.dev/directory/image/minio/overview
https://images.chainguard.dev/directory/image/minio-client/overview
https://www.minimus.io/post/minio-docker-image-changes-how-to-find-a-secure-minio-alternative
https://images.chainguard.dev/directory/image/minio/overview
https://images.chainguard.dev/directory/image/minio-client/overview
https://www.minimus.io/post/minio-docker-image-changes-how-to-find-a-secure-minio-alternative
www.chainguard.dev
Secure and Free MinIO Chainguard Containers
MinIO pulled its free images—but Chainguard has you covered. Get zero-CVE, continuously built MinIO and MinIO Client containers, free and secure from Chainguard.
👍2
Apache Kafka 4.0 released 🎉
Download: https://kafka.apache.org/downloads
Release notes: https://dlcdn.apache.org/kafka/4.0.0/RELEASE_NOTES.html
Apache Kafka 4.0 is a significant milestone, marking the first major release to operate entirely without Apache ZooKeeper®. By running in KRaft mode by default, Kafka simplifies deployment and management, eliminating the complexity of maintaining a separate ZooKeeper ensemble. This change significantly reduces operational overhead, enhances scalability, and streamlines administrative tasks. We want to take this as an opportunity to express our gratitude to the ZooKeeper community and say thank you! ZooKeeper was the backbone of Kafka for more than 10 years, and it did serve Kafka very well. Kafka would most likely not be what it is today without it. We don’t take this for granted, and highly appreciate all of the hard work the community invested to build ZooKeeper. Thank you!
Download: https://kafka.apache.org/downloads
Release notes: https://dlcdn.apache.org/kafka/4.0.0/RELEASE_NOTES.html
Apache Kafka 4.0 is a significant milestone, marking the first major release to operate entirely without Apache ZooKeeper®. By running in KRaft mode by default, Kafka simplifies deployment and management, eliminating the complexity of maintaining a separate ZooKeeper ensemble. This change significantly reduces operational overhead, enhances scalability, and streamlines administrative tasks. We want to take this as an opportunity to express our gratitude to the ZooKeeper community and say thank you! ZooKeeper was the backbone of Kafka for more than 10 years, and it did serve Kafka very well. Kafka would most likely not be what it is today without it. We don’t take this for granted, and highly appreciate all of the hard work the community invested to build ZooKeeper. Thank you!