Friday, April 25, 2014

Security fix: Django applications updated on Bitnami

At the beginning of this week, new versions of Django were released to fix some security issues, which are a related to unexpected code-execution issue, a caching issue which can expose CSRF tokens, and a MySQL typecasting issue. We want to let Bitnami users know that all our Django platform stacks (Django 1.4.11, Django 1.5.6, Django 1.6.3) installers, virtual machines and cloud images have been updated and released.

Also, we have updated our Django applications (Pootle, Weblate, ReviewBoard and OSQA) and they are available to download.

For more details about these security issues please check the information provided in the official Django blog. If you have already installed a version of these applications please make sure that you update your environment

Friday, April 18, 2014

Review an app, get a shirt


We want your opinions! What is it like working with your favorite CRM, wiki, bug tracker, or development stack? What advice would you give your friends?

There are an overwhelming number of choices people have for open source software. People can spend a lot of time evaluating a lot of software and still not find something that's quite right. That's why, starting today, we're asking our visitors to comment about their favorite open source apps and developer stacks on our newly released ratings and reviews feature. And, as a special incentive, we're offering free t-shirts for the first 30 people to submit reviews.

With thousands of daily deployments from Bitnami, the Bitnami community has become one of the most knowledgeable groups using open source software in development and production environments. We hope to capture some of that collective knowledge on our website.

To comment, you will need to sign in with your Bitnami account. Once you're in, share your personal experience of any of the 90 or so apps we offer by telling others how you used it, how well it worked – or didn't work – for you or your team.

How to get a free tshirt

Just write a quality review – you know, the kind of review you like to read. What matters most is sharing your experience with the software – pro or con. That's it! Login, write a review and we'll send a shirt. We'll email the first 30 people to write reviews to offer you a choice of shirts – our Bitnami logo shirt or the Cloud Geek shirt. Visit any stack page to add your $.02 and join the conversation.

Tuesday, April 8, 2014

Heartbleed OpenSSL Bug

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure it.

You are likely affected if you configured and run an SSL-enabled website (meaning that you can access it using the https:// prefix instead of http://). You will need to patch the libraries in your system and replace the certificates and keys that may have been compromised. Please notice that remote access using ssh is NOT affected.

You can find detailed information and next steps on how to patch your Bitnami installation at the following URL:  https://wiki.bitnami.com/security/2014-04_Heartbleed_Bug

Earlier today we have notified all Bitnami users that may have been affected and for which we have an email address on file. We have also started building updated images for all cloud providers that we support. Please direct any questions you have about this issue on our community website where we have started a discussion around the Heartbleed Bug http://community.bitnami.com/t/heartbleed-and-bitnami/23497

This is a serious bug. If you are running an SSL production website you need to patch your installation as soon as possible. If you are not running SSL or just using Bitnami stacks for local development, you are not at risk, but is a good idea to upgrade anyway.


Bitnami Cloud Hosting updated with latest Amazon Linux AMI

At Bitnami, we work hard to keep all of our applications, operating systems and components up-to-date with the most recent, stable versions. Which is why we’re happy to announce that we have released updated base images with Amazon Linux AMI 2014.03 in Bitnami Cloud Hosting.

Amazon Linux is a distribution of Linux optimized for the Amazon Cloud that is binary compatible with RHEL and CentOS. We offer the native Amazon Linux stack for deploying the Bitnami applications. This means that it is installed on top of the MySQL, Apache, and other components that come bundled with the operating system, allowing you to make use of the OS tools to keep your server up to date.

We also offer RHEL and Ubuntu OS options.

Spin up servers with ease 

Bitnami was founded to take the pain out of application and server configuration — whether it’s a native installation, as a virtual machine, or in the cloud. Spinning servers up in the cloud is as easy as a few mouse clicks. You can use Bitnami Cloud Hosting — our cloud management console for AWS — and spin up and unlimited number of cloud servers in minutes. What’s more, you can also select from nearly 100 packaged open source applications to add to your servers.

When you create a cloud new server, you can configure it with the application servers, database servers, frameworks and operating systems of your choice.

Click “Launch” and your server will be configured in minutes. Easy and done. Try Bitnami Cloud Hosting free to see how easy it is.


Thursday, April 3, 2014

Azure Japan is available now through the Bitnami Launchpad

Microsoft recently added two new regions to Windows Azure — Japan East and Japan West — and we're pleased to announced that users can now launch images in the new regions through the Bitnami Launchpad for Azure.

The Launchpad is the easiest way for an individual or organization to get up and running in the Azure cloud. It allows you to very quickly select an application (WordPress, Redmine, Drupal, PrestaShop, etc.), size a server, and pick a region. Best of all, Bitnami application packages are completely free to use. Windows Azure offers $200 credit to anyone who wants to try hosting on Azure.