AWS EC2 us-west-2 reboot
Todd Underwood
toddunder at gmail.com
Wed Oct 1 20:59:42 UTC 2014
read: http://www.xenproject.org/security-policy.html
they have a sensible, commonly used security policy that involves private
notification to large customers in advance where it is practical and there
is not evidence of ongoing exploits in the wild.
this is kind of incident handling 101 and shouldn't be surprising to anyone.
t
On Wed, Oct 1, 2014 at 4:38 PM, Bryan Fullerton <fehwalker at gmail.com> wrote:
>
> On 01/10/2014 4:29 PM, Matt Palmer wrote:
>
>> On Wed, Oct 01, 2014 at 11:01:37AM -0700, Grant Ridder wrote:
>>
>>> For those interested, this is the Xen bug they were fixing with the
>>> reboots
>>> http://xenbits.xen.org/xsa/advisory-108.html
>>>
>> Ouch. Good thing Bashpocalypse is still capturing everyone's attention...
>>
>> Interestingly, Amazon *didn't* discover this bug, which makes one wonder
>> why
>> they, out of all the big Xen-based providers out there, got a heads-up in
>> advance of the embargo end. If I was a big provider who didn't get
>> advance
>> notice, I'd be somewhat miffed.
>>
>
> Rackspace did reboots over the weekend for this as well -
> http://www.rackspace.com/blog/an-apology/
>
> Bryan
>
> ---
> This email is free from viruses and malware because avast! Antivirus
> protection is active.
> http://www.avast.com
>
>
More information about the NANOG
mailing list