As the new CTO for the Americas, I&#rsquo;d like to shout out a &#rsquo;howdy&#rdquo; (yes, I am a Texan) to everyone reading my first blog post at VMware. I&#rsquo;m very excited to be in this role and I also recognize that I have some huge footsteps to follow-in from my predecessor (and now boss), Chris […]

The post Get to know VMware&#rsquo;s New CTO of Americas, Cameron Haight appeared first on VMware | OCTO Blog.

One of the most distinguishing features of VMware vSAN is the availability of stretched cluster deployment. Stretched clusters allow vSAN customers to configure two geographically located sites, while synchronously replicating data between the two sites. This provides high availability and protection against a single site failure. Not a new concept with traditional storage…. or is

The post vSpeaking Podcast Episode 54: vSAN Stretched Cluster appeared first on Virtual Blocks.

Sheep Versus Goats My high school German teacher had a saying: &#rsquo;Midterm exams separate the sheep from the goats.&#rdquo; From a sheep-herder&#rsquo;s perspective, sheep are superior. I grew up in cattle country with little regard for the neighboring county&#rsquo;s sheep-herder population, but I still held onto the idea. Someday, I would understand its meaning. When […]

The post 6 Criteria That Help You Separate the EMM &#rsquo;Sheep&#rdquo; from &#rsquo;Goats&#rdquo; appeared first on VMware End-User Computing Blog.

Get ready to hear some of the greatest leaders in the cloud industry discuss best practices and insights on navigating the cloud native journey during the Cloud Expert Panel Discussion [CNA3158PU] on Weds, Aug. 30. Check out the panel participants and be sure to add it to your conference schedule today. Attendees will also hear […]

The post VMware, Cognizant, Capgemini, Accenture, & HCL Technologies to Host Joint Cloud Expert Panel at VMworld 2017 US appeared first on Partner News.

With cloud adoption predicted to continue its significant growth curve through 2021,[1] you know the question is not &#rsquo;if&#rdquo; customers will make the leap, but when, how and who will lead their journey to the cloud. Fortunately, VMware partners are uniquely positioned with innovative software and service offerings to support customers along this trajectory. Here&#rsquo;s […]

The post Driving Extension to Public Cloud: 4 Factors appeared first on Power of Partnership.

Today, VMware has released the following new security advisory: VMSA-2017-0014 – VMware NSX-V Edge updates address OSPF Protocol LSA DoS The advisory documents a hard to exploit denial of service vulnerability in the implementation of the OSPF protocol in NSX-V Edge. This issue is present due to incorrect handling of link-state advertisements (LSA). NSX-V Edge […]

The post New VMware Security Advisory VMSA-2017-0014 appeared first on VMware Security & Compliance Blog.

Dear vRealize Operations Customers,   Would you like to help define the next generation of vRealize Operations? We invite you to participateintheVMware Design StudioatVMworld 2017 US.   What Kind of Study Is This? In the VMware Design Studio, we will show a few key product directions and design prototypes. This is a unique opportunity to

The post Come and Participate in VMworld Design Studio! appeared first on VMware Cloud Management.

NVIDIA today reported record revenue for the second quarter ended July 30, 2017, of $2.23 billion, up 56 percent from $1.43 billion a year earlier, and up 15 percent from $1.94 billion in the previous quarter.

VMworld 2017 Europe ???????? ??? 11 ????????! ???? ?? ?? …

Read More

En VMware siempre intentamos ofrecer a nuestros usuarios …

Read More

Don&#rsquo;t you love it when a good thing just gets even better? Like when your smartphone can double as your SLR camera or your thermostat can also water the plants. We at VMware definitely do and recently worked our magic on our VMware Horizon® Cloud Service™. Earlier this year, we announced the Horizon Cloud service. […]

The post Horizon Cloud on Microsoft Azure—It Keeps Getting Better! appeared first on VMware End-User Computing Blog.

Access the Education Services website to explore the AirWatch learning paths and register for a 4-day, instructor-led and Live, Online Bootcamp in September or October.

The post Become AirWatch Accredited to Broaden Your Mobility Knowledge and Sell Effectively appeared first on Partner News.

Watch this video to learn more about Deloitte’s iMCM solution. Founded on VMware Validated Design (VVD), it provides a common platform that allows numerous cloud providers to be managed through a single multi-tenant portal for the various stakeholders across an organization. If you’re heading to VMworld 2017 in Las Vegas, be sure to add this […]

The post Deloitte’s Integrated Multi-Cloud Management Solution to be Showcased at VMworld 2017 US appeared first on Partner News.

Exploring Part I of the *New* Digital Workspace Story Map Getting the Digital Workspace Story Map Straight Here at VMware, we have talked about the digital workspace story for years. But if you put 10 people in a room and ask them what a digital workspace is or how to get there, you will get […]

The post Is Standardization IT&#rsquo;s Friend or Foe—or Both? appeared first on VMware End-User Computing Blog.

VMware announced upcoming releases for its portfolio of operations management products – vRealize Operations 6.6, vRealize Log Insight 4.5, vRealize Business for Cloud 7.3 and vRealize Network Insight 3.4. vRealize Operations 6.6 This release delivers several game-changing innovations, redesigned user experience, and greater/deeper integration across software-defined data center technologies and multiple public clouds. VMware vRealize […]

The post Recent Updates to the VMware Operations Management Portfolio appeared first on VMware Tech Alliances (TAP) Blog.

During this interactive, 1-hour workshop we’ll cover Assessment Campaign Overview, Assessment Marketing Program Demo, and throughout you will have the opportunity to collaborate, discuss best practices, and preview marketing resources on VMware’s Partner Demand Center. Register today.

The post Register to Attend AMER’s Quarterly Partner Marketing Workshop on Aug 17 appeared first on Partner News.

VMworld 2017 Las Vegas is just around the corner and with over 500 session choices across all categories. I would like to help navigate to the sessions around DevOps topic. As you can see the list below, there are a LOT of them for you to choose from and update your calendars.   Monday, Aug

The post DevOps Sessions at VMworld 2017 Las Vegas appeared first on VMware Cloud Management.

VMworld US is around the corner and the VMware vSAN team couldn&#rsquo;t be more excited to welcome you to Las Vegas. The conference will be running fromAugust 27 – August 31, 2017 and you will definitely want to explore more about vSAN offerings at VMworld. One of the experiences to look forward to this year

The post HCI Zone – Discover the Possibilities appeared first on Virtual Blocks.

Now it’s time to come clean and admit it… I’ve never been much of a fan of the traditional vCenter Operations / vRealize Operations user interface (there, I said it for all the world to hear). BUT, let me also say this - I LOVE THE NEW vROPS 6.6 INTERFACE. You see, being a visual

The post Exploring the Awesome New vRealize Operations 6.6 HTML5 User Interface - David Davis on vROps Post #41 appeared first on VMware Cloud Management.

Famous words from William Shakespeare’s play Hamlet. Act III, Scene I. This is true even in the Virtualization world for Oracle Business Critical Applications where one wonders which way to go when it comes to provisioning shared disks for Oracle RAC disks, Raw Device Mappings (RDM) or VMDK ? Much has been written and discussed […]

The post To be &#rsquo;RDM for Oracle RAC&#rdquo;, or not to be, that is the question appeared first on Virtualize Business Critical Applications.

In the classic 1966 science fiction film “Fantastic Voyage,” a team of doctors and a space-aged submarine are shrunken and injected into an injured scientist to repair a brain clot. While microscopic medical teams are not yet journeying into the human body, a combination of AI, deep learning and GPUs is giving us a similar […]

The post 20,000 Leagues Into Your Bowels: How GPUs Are Helping to Diagnose Gastrointestinal Anomalies appeared first on The Official NVIDIA Blog.

Some robots played soccer. Others tackled picking and packing duties in a simulated warehouse. Still others competed to see which could tackle household chores, like setting the table. 100,000 spectators — including 3,000 students and scientists — joined thousands of robots like these last week in Nagoya, Japan, for RoboCup 2017, the world’s largest robotics […]

The post Researchers and Robots Swarm Japan’s RoboCup Competition appeared first on The Official NVIDIA Blog.

Whether it’s helping neural networks learn how to learn or getting them to work with pseudo-labeled data, most of the advances in deep learning and artificial intelligence have happened in research labs. Researchers at the University of California at Berkeley, Switzerland’s IDSIA and the University of Tokyo have used the DGX-1 to take their deep […]

The post NVAIL Partners Showcase Groundbreaking Work at World’s Top Machine Learning Conference appeared first on The Official NVIDIA Blog.

The PostgreSQL Global Development Group announces today that the third beta release of PostgreSQL 10 is available for download. This release contains previews of all of the features which will be available in the final release of version 10, including fixes to many of the issues found in the second beta. Users are encouraged to begin testing their applications against 10 beta3.

Upgrading to Beta3

PostgreSQL 10 beta3 requires an upgrade from beta1, beta2, or earlier either using pg_dump / pg_restore or pg_upgrade.

Any bugfixes applied to 9.6 or earlier that also affected 10 are included in beta3. Our users and contributors also reported bugs against 10 beta 2, and many of them have been fixed in this release. We urge our community to re-test to ensure that these bugs are actually fixed, including:

• hash: Fix write-ahead logging bugs related to init forks
• Fix oddity in error handling of constraint violation in ExecConstraints for partitioned tables
• Use a real RT index when setting up partition tuple routing
• Fix serious performance problems in json(b) to_tsvector()
• Fix problems defining multi-column range partition bounds
• Fix partitioning crashes during error reporting
• Fix race conditions in replication slot operations
• Fix very minor memory leaks in psql's command.c
• PL/Perl portability fix: avoid including XSUB.h in plperl.c
• Fix inadequate stack depth checking in the wake of expression execution changes
• Allow creation of C/POSIX collations without depending on libc behavior
• Fix OBJECT_TYPE/OBJECT_DOMAIN confusion
• Remove duplicate setting of SSL_OP_SINGLE_DH_USE option
• Fix crash with logical replication on a function index
• Teach map_partition_varattnos to handle whole-row expressions
• Fix lock upgrade hazard in ATExecAttachPartition
• Apply ALTER ... SET NOT NULL recursively in ALTER ... ADD PRIMARY KEY
• hash: Increase the number of possible overflow bitmaps by 8x
• Only kill sync workers at commit time in subscription DDL
• Fix bug in deciding whether to scan newly-attached partition
• Make pg_stop_backup's wait_for_archive flag work on standbys
• Fix handling of dropped columns in logical replication
• Fix local/remote attribute mix-up in logical replication

Note that some known issues remain unfixed. Before reporting a bug in the beta, please check the Open Items page.

Beta Schedule

This is the third beta release of version 10. The PostgreSQL Project will release additional betas as required for testing, followed by one or more release candidates, until the final release in late 2017. For further information please see the Beta Testing page. Links

• Downloads Page

• Beta Testing Information

• 10 Beta Release Notes

• What's New in 10

• 10 Open Items

The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 9.6.4, 9.5.8, 9.4.13, 9.3.18, and 9.2.22. This release fixes three security issues. It also patches over 50 other bugs reported over the last three months. Users who are affected by the below security issues should update as soon as possible. Users affected by CVE-2017-7547 will need to perform additional steps after upgrading to resolve the issue. Other users should plan to update at the next convenient downtime.

Security Issues

Three security vulnerabilities have been closed by this release:

• CVE-2017-7546: Empty password accepted in some authentication methods
• CVE-2017-7547: The "pg_user_mappings" catalog view discloses passwords to users lacking server privileges
• CVE-2017-7548: lo_put() function ignores ACLs

CVE-2017-7546: Empty password accepted in some authentication methods

libpq, and by extension any connection driver that utilizes libpq, ignores empty passwords and does not transmit them to the server. When using libpq or a libpq-based connection driver to perform password-based authentication methods, it would appear that setting an empty password would be the equivalent of disabling password login. However, using a non-libpq based connection driver could allow a client with an empty password to log in.

To fix this issue, this update disables empty passwords from being submitted in any of the password-based authentication methods. The server will reject any empty passwords from being set on accounts.

CVE-2017-7547: The "pg_user_mappings" catalog view discloses passwords to users lacking server privileges

This fix pertains to the usage of the foreign data wrapper functionality, particularly for the user mapping feature.

Before this fix, a user had access to see the options in pg_user_mappings even if the user did not have the USAGE permission on the associated foreign server. This meant that a user could see details such as a password that might have been set by the server administrator rather than the user.

This fix will only fix the behavior in newly created clusters utilizing initdb. To fix this issue on existing systems, you will need to follow the below steps. For more details, please see the release notes.

1. In your postgresql.conf file, add the following:

   allow_system_table_mods = true
   

2. After adding that line, you will need to restart your PostgreSQL cluster.

3. In each database of the cluster, run the following commands as a superuser:

   SET search_path = pg_catalog;
   CREATE OR REPLACE VIEW pg_user_mappings AS
   SELECT
       U.oid       AS umid,
       S.oid       AS srvid,
       S.srvname   AS srvname,
       U.umuser    AS umuser,
       CASE WHEN U.umuser = 0 THEN
           'public'
       ELSE
           A.rolname
       END AS usename,
       CASE WHEN (U.umuser <> 0 AND A.rolname = current_user
                    AND (pg_has_role(S.srvowner, 'USAGE')
                         OR has_server_privilege(S.oid, 'USAGE')))
                   OR (U.umuser = 0 AND pg_has_role(S.srvowner, 'USAGE'))
                   OR (SELECT rolsuper FROM pg_authid WHERE rolname = current_user)
                   THEN U.umoptions
                ELSE NULL END AS umoptions
   FROM pg_user_mapping U
   LEFT JOIN pg_authid A ON (A.oid = U.umuser)
   JOIN pg_foreign_server S ON (U.umserver = S.oid);
   

4. You also need to run the command on your template0 and template1 databases, otherwise the vulnerability will exist in future databases that you create.

   First, you will need to allow template0 to accept connections. In PostgreSQL 9.5 you can run the following:

   ALTER DATABASE template0 WITH ALLOW_CONNECTIONS true;
   

   In PostgreSQL 9.4 and below, you will have to run this command:

   UPDATE pg_database SET datallowconn = true WHERE datname = 'template0';
   

   Then, in your template0 and template1 databases, run the commands as describe in Step 3

   When you are done, you will need to disallow connections from template0. In PostgreSQL 9.5, you can run the following:

   ALTER DATABASE template0 WITH ALLOW_CONNECTIONS false;
   

   In PostgreSQL 9.4 and below, you will have to run the following:

   UPDATE pg_database SET datallowconn = false WHERE datname = 'template0';
   

5. Remove the following line from your postgresql.conf file:

   allow_system_table_mods = false
   

6. Restart your PostgreSQL cluster

For more details, please see the release notes.

CVE-2017-7548: lo_put() function ignores ACLs

The lo_put() function should require the same permissions as lowrite(), but there was a missing permission check which would allow any user to change the data in a large object.

To fix this, the lo_put() function was changed to check the UPDATE privileges on the target object.

Bug Fixes and Improvements

This update also fixes a number of bugs reported in the last few months. Some of these issues affect only version 9.6, but many affect all supported versions:

• pg_upgrade: corrected the documentation about the process for upgrading standby servers to ensure the primary and standbys synchronized safely. Also includes a fix to ensure the last WAL record does not have "wal_level = minimum" which would prevent standbys from connecting upon restart
• Fix for issue with a concurrent locking race condition that could cause some of the updates to fail
• Several fixes for low probability data corruption scenarios
• Fix to prevent crash when sorting more than one billion tuples in-memory
• Fix on Windows to retry creating a process if shared memory addresses could not be allocated, typically caused from antivirus software interference
• Fix in libpq to ensure that failed connection attempts using GSS/SASL and SSPI authentication are reset properly
• Fixes for SSL connection handling and logging
• Fix to allow window functions to be used in sub-SELECT statements that are within the arguments of an aggregate function
• Allow parallelism in the query plan when COPY when copying from a query
• Several fixes to ALTER TABLE
• Fix to ensure that ALTER USER ... SET and ALTER ROLE ... SET accepts the same syntax variants
• Fixes for the statistics collector, ensuring statistics requests made just after a postmaster shutdown request will be written to disk
• Fix possible creation of an invalid WAL segment during standby promotion
• Several walsender / walreceiver fixes, particularly around signal handling and shutdowns / restarts
• Several logic decoding fixes, including removing leakage of small subtransactions to disk
• Allow a CHECK constraints to be initially NOT VALID when executing CREATE FOREIGN TABLE
• Fixes to postgres_fdw for applying changes promptly after ALTER SERVER / ALTER USER MAPPING commands and improving ability to escape from an unresponsive server
• Several fixes for pg_dump and pg_restore, including a fix for pg_dump output to stdout on Windows
• Fix pg_basebackup output to stdout on Windows, similar to the fix for pg_dump
• Fix pg_rewind to correctly handle files exceeding 2GB, though files of such size should rarely appear in a data directory
• Several fixes for building PostgreSQL with Microsoft Visual C (MSVC), primarily around sourcing libraries

EOL Warning for Version 9.2

PostgreSQL version 9.2 will be End-of-Life in September, 2017. The project expects to only release one more update for that version. We urge users to start planning an upgrade to a later version of PostgreSQL as soon as possible. See our Versioning Policy for more information.

Updating

All PostgreSQL update releases are cumulative. As with other minor releases, users are not required to dump and reload their database or use pg_upgrade in order to apply this update release; you may simply shut down PostgreSQL and update its binaries.

Links:

• Download

• Release Notes

• Security Page

• Versioning Policy