API tools faq
paste
Advertisement
sean-

Automation vs Security

sean-
Sep 14th, 2016
189
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.65 KB | None | 0 0
raw download clone embed print report
  1. One of my favorite byproducts of automation: the active discussion re: security and productivity. Automated installations can suddenly fail because new packages are called out with outstanding CVEs when changing OS versions. Updating metadata is much easier than updating precompiled packages.
  2.  
  3. module.bastion.google_compute_instance.bastion: Provisioning with 'remote-exec'...
  4. module.bastion.google_compute_instance.bastion (remote-exec): Connecting to remote host via SSH...
  5. module.bastion.google_compute_instance.bastion (remote-exec): Host: 1.5.4.82
  6. module.bastion.google_compute_instance.bastion (remote-exec): User: joe
  7. module.bastion.google_compute_instance.bastion (remote-exec): Password: false
  8. module.bastion.google_compute_instance.bastion (remote-exec): Private key: true
  9. module.bastion.google_compute_instance.bastion (remote-exec): SSH Agent: false
  10. module.bastion.google_compute_instance.bastion (remote-exec): Connected!
  11. module.bastion.google_compute_instance.bastion (remote-exec): Fetching vuln.xml.bz2: 0%
  12. module.bastion.google_compute_instance.bastion (remote-exec): Fetching vuln.xml.bz2: 100% 638 KiB 653.5kB/s 00:01
  13. module.bastion.google_compute_instance.bastion (remote-exec): python27-2.7.11_1 is vulnerable:
  14. module.bastion.google_compute_instance.bastion (remote-exec): Python -- Integer overflow in zipimport module
  15. module.bastion.google_compute_instance.bastion (remote-exec): CVE: CVE-2016-5636
  16. module.bastion.google_compute_instance.bastion (remote-exec): WWW: https://vuxml.FreeBSD.org/freebsd/1d0f6852-33d8-11e6-a671-60a44ce6887b.html
  17.  
  18. module.bastion.google_compute_instance.bastion (remote-exec): python27-2.7.11_1 is vulnerable:
  19. module.bastion.google_compute_instance.bastion (remote-exec): Python -- smtplib StartTLS stripping vulnerability
  20. module.bastion.google_compute_instance.bastion (remote-exec): CVE: CVE-2016-0772
  21. module.bastion.google_compute_instance.bastion (remote-exec): WWW: https://vuxml.FreeBSD.org/freebsd/8d5368ef-40fe-11e6-b2ec-b499baebfeaf.html
  22.  
  23. module.bastion.google_compute_instance.bastion (remote-exec): curl-7.47.0 is vulnerable:
  24. module.bastion.google_compute_instance.bastion (remote-exec): Vulnerabilities in Curl
  25. module.bastion.google_compute_instance.bastion (remote-exec): CVE: CVE-2016-5421
  26. module.bastion.google_compute_instance.bastion (remote-exec): CVE: CVE-2016-5420
  27. module.bastion.google_compute_instance.bastion (remote-exec): CVE: CVE-2016-5419
  28. module.bastion.google_compute_instance.bastion (remote-exec): WWW: https://vuxml.FreeBSD.org/freebsd/e4bc70fc-5a2f-11e6-a1bc-589cfc0654e1.html
  29.  
  30. module.bastion.google_compute_instance.bastion (remote-exec): 2 problem(s) in the installed packages found.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!