Wednesday, November 25, 2015

Django 1.7.11 & 1.8.7 security release

The Django project has just released new versions that fix the security issue "CVE-2015-8213: Fixed settings leak possibility in date template filter".

Have questions about Bitnami Django or the security issue? Post to our community forum, and we would be happy to help.

Find out more here: Django blog post.

We want to let Bitnami users know that Django 1.7.11 and Django 1.8.7 installers, virtual machines and cloud images have been updated and released. It is strongly suggested that you update your Django to the latest version. 

Sunday, November 22, 2015

Bitnami Welcomes Our Newest Software Partner Cloud9!

Most developers recognize Cloud9 as the popular IDE that is bringing software development into the cloud. This flexible development environment comes with a wide variety of functions out of the box, and if it doesn’t currently have what you need there’s an SDK to create your own plugins. We are pleased to announce that users who would like to create their own plugins for the Cloud9 IDE can now get started in just a few clicks using the new Bitnami Cloud9 stack!

The stack comes complete with a working version of the Cloud9 IDE bundled with an SDK that enables developers to come up with their own awesome functionality! Whether you prefer to launch the Cloud9 stack in the cloud, locally, or as a VM, Bitnami has you covered.

Some of the key features of Bitnami Cloud9 stack:
  • Live browser preview: Check and preview your web application in any one of 300+ browser/OS platform combinations.
  • Language tools: Benefit from code completion, outline views and other language tools for PHP, Ruby, Python, JavaScript, Go, and many more languages.
  • Terminal and debugger: Run UNIX commands in your workspace, set breakpoints and inspect variables with the built-in terminal and debugger.
  • Built-in image editor: Use the built-in image editor to crop, resize, rotate or flip images, all in the same browser window.
  • Integration: Connect with Mercurial and Git repositories.
  • SDK: Build plugins to integrate with enterprise workflows or third-party applications using the Cloud9 SDK.
  • Supports over two dozen themes for highlighting your code in over three dozen languages.
  • Easily run your code from the built-in runners conveniently accessed from the run panel.
  • Easily configurable to run in special modes for VIM, Emacs, or Sublime.

Cloud9 SDK is available to launch now in Bitnami! To get started adding awesome new functionality to your Cloud9 IDE in just a few clicks, you can deploy Cloud9 in the cloud, as a virtual machine, or with a local installer. The application is absolutely free, and can be up and running in as little as a few minutes- give it a try now!

Thursday, November 19, 2015

Waiting for Drupal 8? Drupal 8 already available in Bitnami!

Drupal, one of the most famous open source content management platforms, has just released its new stable version Drupal 8.0.0. With over 200 new features and improvements, this is the first supported release of Drupal 8 and is ready for use on production sites. 

If you are not familiar with Bitnami, Bitnami Drupal can be deployed using native installers (for Windows, Linux and Mac OS X), virtual machines and Amazon EC2, Azure, VMware, Google, DigitalOcean and Oracle cloud images. 

You can find more info about this new version and all its features here

Drupal 8 dashboard

Do you have any questions about Bitnami Drupal 8? Post to our community forum, and we would be happy to help you.

Monday, November 16, 2015

Security Notification: libpng multiple buffer overflows CVE-2015-8126

A new security vulnerability was recently discovered in certain versions of libpng. You can find out more about the vulnerability here:

Any Bitnami-packaged applications using affected versions of libpng that were installed or launched after April 9th, 2012 are vulnerable.

We believe it is the utmost importance to quickly address any security issues in applications distributed by Bitnami and our team are working to update all of the affected applications available through Bitnami and other cloud marketplaces.

We also created a patch that can be applied to fix this vulnerability in applications that are already deployed. Please take a moment to update existing installations of Bitnami-packaged applications by following the instructions in our wiki:

If you have any questions about this process, please post to our community support forum and we will be happy to help!

Thursday, November 12, 2015

Jenkins 1.638 security release

The Jenkins project has just released a new version that fixes multiple security issues, including a fix for the CLI 0-day.

It is strongly suggested that you update your Jenkins website to the latest version.

You can find more info about these issue at this Jenkins Security Advisory.

We have released Bitnami Jenkins 1.638 installers, virtual machines and Amazon EC2, Google, VMware vCloud AirDigitalOcean, Oracle and Azure cloud images that fix these issues.

Have questions about Bitnami Jenkins or the security issue? Post to our community forum, and we would be happy to help you.

Friday, November 6, 2015

Moodle 3.0.0-rc1 now available. New features and improvement

We are happy to announce a new version of Bitnami Moodle Stack.

Moodle, the popular Open Source e-learning platform, has added new interesting features and improvements:
        • Competencies and learning plans
        • Grading interfaces
        • Improvements to
        • Element library
        • Navigation
        • Improvements to Moodle Plugins Directory
For more information about Moodle 3.0.0-rc1:

Moodle 3.0.0-rc1 is now ready to install in a few clicks with the Bitnami Moodle 3.0.0-rc1 Installers for Linux, Windows, OS XVirtual Machine images (VMs), Cloud images for Amazon EC2, Azure, Digital Ocean, Oracle and vCloud.

Have questions about Bitnami Moodle? Post to our community forum, and we would be happy to help you.

Thursday, November 5, 2015

Add Automated Quality Checks to Your Development Workflow with Code Dx and Bitnami

Whether you're an independent developer or part of a large enterprise software team, assessing and correcting software quality and security issues is one of those tasks you just can't ignore. One of the best ways to achieve this is with the Bitnami Code Dx Stack, which integrates a set of analysis tools (both open source and commercial) against your code to identify security issues and other weaknesses. The analysis produced by Code Dx then serves as a roadmap for you to begin battle-proofing your software.

This is exactly as awesome as it sounds...but it gets even better when you realize that Code Dx isn't just a static observer/inspector of your code, but can be integrated with every stage of your development workflow in a more proactive role.
  • IDE Integration: If you use Eclipse or Visual Studio, Code Dx comes with ready-to-use plugins for these IDEs. Developers can review Code Dx findings directly in their IDE, switch to the offending lines of code, and fix problems immediately. When software projects use more than one programming language (for example, Java or Python on the server, JavaScript on the client), Code Dx's IDE plugins also collate and centralize results in one place, making it easy to get a handle on the scale and scope of the work involved. Read more about Code Dx’s IDE integration.

  • SCM Integration: If you're using Code Dx in your IDE, you're probably going to fix the problems it identified before committing the code to your SCM. But what if you're using an unsupported IDE, or you're auditing an existing project? If your project uses Git, you can use Code Dx's Git integration to directly analyze a Git repository for quality and security issues. Or, if the project uses Subversion, Mercurial or TFVC, you can upload a zip file containing your source code into Code Dx for analysis. Read more about Code Dx’s SCM integration.
  • CI/CD Integration: If you use build automation, you can integrate Code Dx into your build pipeline and benefit from continuous auditing of your source code. Put simply, this means that once your project is built, you can send it to Code Dx for analysis and optionally choose to break the build/mark it as unstable based on the Code Dx results. If you're using Jenkins, Code Dx has a native Jenkins plugin designed for this, or you can use the Code Dx REST API to achieve the same result with other CI servers. Read about more Code Dx’s CI integration.

Do you like the idea of integrating quality assurance into your development/deployment workflow? Get started right away with the Bitnami Code Dx Stack, available as a native installer on Windows, Mac OS X, and Linux.

Tuesday, November 3, 2015

Neos joins the Bitnami Library!

Neos is now part of the Bitnami App Catalog!

Neos is a next-generation open source content management system made by the Neos community. Based on the PHP framework Flow, Neos is designed to make editing and updating the content on your website simple and intuitive. It is responsive so your website can be too, and makes building SEO into your content plan a breeze. Perhaps most importantly, Neos makes it easy to get started but also comes fully ready to scale up when your business takes off!

Here are some key features that Neos offers:

  • Fine-grained Access Control: selectively control access to certain backend tools and parts of the content
  • Translated Neos User Interface: just click where you want to edit and start typing
  • Integration with Google Analytics
  • Easy content editing and multiple preview modes for different browsers

Neos is now ready to install in a few clicks with the Bitnami Neos Installers for Linux, Virtual Machine images (VMs), Cloud Images for Amazon EC2, Azure , Digital Ocean and vCloud.

You can try Neos launching a free cloud demo server. If you are interested you just have to click on the following button to create a 1 hour free server:

Friday, October 30, 2015

SEO Panel joins the Bitnami Library!

SEO Panel is now part of the Bitnami App Catalog!

SEO Panel is a open source control panel for managing site search engine optimization. This contains SEO tools to increase and track website performance.

It's a high-quality, free PHP-based app that you can use to audit your entire website in a simple and intuitive way.

These are some of the major features that SEO Panel offers:
  •  Keyword Position Checker.
  •  Google and Alexa Rank Checker.
  •  Site Auditor.
  •  Search Engine Saturation Checker.
  •  Automatic Directory Submission Tool

Seo Panel main page

Seo Panel is now ready to install in a few clicks with the Bitnami Seo Panel Installers for Linux, Windows, OS X, Virtual Machine images (VMs), Cloud images for Amazon EC2, Azure, Digital Ocean, Oracle and vCloud.

You can try SEO Panel launching a free cloud demo server. If you are interested you just have to click on the following button to create a 1 hour free server.

Thursday, October 29, 2015

DreamFactory 2.0 Now Available in Bitnami!

We are excited that our software partner DreamFactory has announced a new version 2.0, built completely from the ground up! DreamFactory is a popular open source REST API backend for mobile, web, and Internet of Things applications. With DreamFactory, developers can easily connect elements of their backend (SQL, NoSQL, file storage, email, push notifications or external web services) to any mobile device, desktop computer, or IoT device using any of the most popular client frameworks. Bitnami offers a great deployment experience for DreamFactory in the cloud, as a Virtual Machine, and locally through our marketplace. You can even launch a free one-hour demo!

DreamFactory has been hard at work on rebuilding the product from scratch using the latest PHP frameworks and web standards, with a focus on improving three critical areas: Security, API Customizability, and Modularity/Scalability. For an overview of the new app, take a look at their video introduction.

Some specifics of their new features:

  • Easy integration with Active Directory and LDAP.
  • Easy integration with Facebook, Twitter, Google, and GitHub OAuths.
  • More flexible role-based access controls. End users can now have different security permissions for different apps.
  • More flexible authentication with JSON web tokens (JWT) and API keys. You can now set session timeout rules, authenticate users with usernames and passwords, make APIs public, or distribute API keys to specific developers.
API Customizability
  • Implement and automatically document RESTful APIs from scratch with custom scripts.
  • Customize API business logic with server-side scripting in either JavaScript or PHP, with additional languages to follow.
  • Improved API configuration UI for building custom APIs.
Modularity & Scalability
  • Fully modular architecture re-built using the Laravel PHP framework.
  • Install only the packages you need.
  • Use either NGINX or Apache web server (we like NGINX).
  • Pick default SQL database of choice (no longer limited to MySQL).
  • MongoDB is pre-installed and the REST API for Mongo is ready to go “out of the box”.
  • Higher scalability and performance for large-scale transactional mobile and IoT applications.
Launch Bitnami DreamFactory 2.0 in just a few clicks with our Local Installers (available for Linux, Windows and Mac OS X), Virtual Machine images (VMs), or cloud images!

If you are an existing DreamFactory user and would like to see how to upgrade to DreamFactory 2.0 beta, see our wiki page here for easy-to-follow instructions.

Check out Review Board’s new Version 2.5 on Bitnami!

Software engineers and managers the world over know the importance of having code review built into every step of the production process, and thousands of savvy developers at companies like Amazon and LinkedIn make that happen with Review Board. This popular web-based code review app removes the friction from checking each other’s code with features like side-by-side diffs and commenting for pre- and post-review commits. It enables dev teams to ship the highest quality software possible in the least amount of time, while learning from each other along the way!

Now, Review Board just got better with the announcement of their new version 2.5! With this latest release, the Review Board team makes even greater productivity possible with increased extensibility and improvements to mobile support and collaboration that were requested by their users. They also gave the visual design a great facelift!

Here’s a rundown of key improvements:
  • Mobile support: Important reviews don’t only happen between the hours of 9 and 5. Review Board 2.5 is mobile-friendly, so developers can contribute to important/urgent review even while they are not sitting at their desks
  • Expandable diff fragments: Instantly see more context for a comment - one click expands the diff right in the review.

  • Auto-versioning and diffing of file attachments, including images: Review Board will automatically track changes to file attachments. Simply upload your files, and everyone can see the changes side-by-side and comment on them like just like in the diff viewer.

  • Mute and Archive for review requests: You can now archive old review requests and mute any that don’t require your attention, allowing you to remove the clutter from your inbox and focus on what really matters.

  • Live HD Thumbnails: To view more of a large image, all you have to do is hover over the thumbnail.
  • API tokens: Third-party tools/services and custom scripts can now securely log in as a Review Board user. No need to give out passwords, and the access can be tightly restricted. This paves the way for future integrations with third-party automated code review services and tools.
  • Webhooks: Review Board 2.5 can notify other services like collaboration and CI tools of events. Now when you post or update a review request, it will already be in a format these tools understand.
Review Board 2.5 is available now in Bitnami! Enjoy a more seamless code review process in just a few clicks by deploying Review Board in the cloud, as a virtual machine, or with a local installer. You can even launch a one-hour demo in the cloud, absolutely free!

Wednesday, October 28, 2015

‘Take 5’ with the Founder: CEO/Founder of ProcessMaker, Brian Reale

Brian Reale, CEO and Founder of ProcessMaker, a popular workflow tool that improves information flow between data and systems, was kind enough to participate in our popular “Take 5 with the Founder’ series this month. ProcessMaker’s mission is to simplify your workflow and their clients range from major universities and banks to government agencies. It is truly a global company, with offices in North America, Latin America, and Europe, and a network of over 35 partners that extends across five continents.

Learn more about ProcessMaker:

What is the most rewarding part of running your own business? 
The most rewarding part of running your own business is being so close to every part of the business from engineering to sales to support. There is never a problem where I can just leave the office early and think that it is not my problem. At the same time, this means that it is really easy to work hard and make a difference almost every day. 

What advice would you give yourself before founding ProcessMaker? 
In retrospect I probably would have not jumped right into founding my second company (or my first company for that matter). I think that I could have probably benefited from working in a few other companies before setting out on my own. Being part of something started by someone else provides a perspective that is equally important as starting something oneself. 

What advantage does ProcessMaker have over its competitors? 
ProcessMaker takes a much simpler and more intuitive approach to Business Process Management than our competitors do. Our customers consistently tell us that ProcessMaker is more intuitive and much easier to understand than other BPM & Workflow software. The problem with BPM Software is that the boundaries are not very well defined. As a result it is very easy to get ugly products that are filled with feature and scope creep. The result is not pretty from a usability perspective. ProcessMaker, on the other hand, focuses on usability and simplicity first. 

Do you see ProcessMaker as an underdog? 
Yes. If you still see yourself as a startup, then by definition you still see yourself as an underdog. The good thing about seeing yourself as the underdog is that it keeps you focused on working harder than everyone else. ProcessMaker has decided to grow organically from the get go. We raised less than $200k of initial seed capital when we started the business more than 15 years ago. Since then we have never spent time looking for investors. Instead, our philosophy has always been about building great products and services that customers wanted to buy and making sure that our income was always greater than our expenses. Most of our competitors have grown based on VC financing. They seem happy to throw money around to fuel their unprofitable growth. We prefer to be the underdog focused on smart, profitable growth. 

Why did you choose to enter this particular business? 
I love thinking about how complex operations can work or “flow” better. My very first job after college was working in a donations warehouse in a Refugee Camp in Guantanamo Bay, Cuba. After about 4 weeks on the job, I had completely changed the distribution system by inventing an artificial currency, setting up a reverse auction system, and insisting on full inventory turnover on a weekly basis. Like I said, I like to make things flow better. One way or another – ProcessMaker was bound to happen. 

Now for the Lightning Round! 

Coffee or tea? 
Tea with Milk. 

PC or MAC? 

Early bird or night owl? 
Night owl 

Bagels or muffins? 

Classic or modern? 

Detailed or abstract? 

Washing dishes or doing laundry? 

Saver or spender? 

Hardwood or carpet? 

ProcessMaker is available in both Open Source and Enterprise versions at Bitnami! You can start creating seamless workflows with little or no programming experience in just a few clicks with our cloud images, Virtual Machines, and local installers. You can even launch a one-hour demo absolutely free- give it a try now!

Tuesday, October 27, 2015

Magento security release

The Magento project has just released a new version that provides protection against several types of security-related issues, including remote code execution, information leaks and cross-site scripting.

It is strongly suggested that you update your Magento website to the latest version. Important! This patch breaks backward compatibility, and can impact extensions and customizations.

You can find more info about these issue at the Magento release news.

We have released Bitnami Magento installers, virtual machines and Amazon EC2, Google, VMware vCloud Air, DigitalOcean and Azure cloud images that fix these issues. 

Do you already have a Magento installation? You can follow our guide about how to upgrade the application and you won't have to be worried about these vulnerabilities. 

Have questions about Bitnami Magento or the security issue? Post to our community forum, and we would be happy to help you.

Thursday, October 22, 2015

Joomla! 3.4.5 security release

The Joomla! project has just released a new version that fix multiple SQL injection and ACL violation vulnerabilities. 

This is a security release for the 3.x series and it only contains the security fixes, no other changes have been made. It is strongly suggested that you update your Joomla! website to the latest version. 

You can find more info about these issue at the Joomla! release news.

We have released Bitnami Joomla! 3.4.5 installersvirtual machines and Amazon EC2GoogleVMware vCloud Air, DigitalOcean and Azure cloud images that fix these issues. 

Do you already have a Joomla! installation? You can follow our guide about how to upgrade the application and you won't have to be worried about these vulnerabilities. 

Have questions about Bitnami Joomla! or the security issue? Post to our community forum, and we would be happy to help you.