Bitnami Community Blog

 View Only

Unlocking Efficiency: When Bitnami Secure Image Java Minimal is the Perfect Fit

By Ivan Lopez
In the world of containerized applications, selecting the right base image is crucial for performance, security, and resource management. While upstream Java images serve their purposes, there are specific use cases where a Bitnami Secure Image Java ...
0 comments

Enhancing OSS vulnerability response prioritization with Tanzu Application Catalog and VulnCheck

By Martin Perez
In a moment where the number of vulnerabilities increases 38% YoY , having the ability to separate what matters from what does not and focus on the important issues is more crucial than ever. A few months ago, we added support for the CISA KEV ...
0 comments

Critical Security Fix Released for Python – CVE-2025-4517

By Carlos Rodriguez
The Python project has released new versions across all supported branches to address a critical security vulnerability ( CVE-2025-4517 , CVSS 9.4/10). This vulnerability impacts core components of the Python runtime and could lead to unexpected behavior ...
0 comments

Reducing vulnerabilities with Red Hat Minimal images

By Alvaro Neira
One of the biggest headaches for any company’s security team is dealing with vulnerabilities. Imagine a huge company running thousands of products across tons of servers, each one potentially packed with vulnerabilities just waiting to be exploited. ...
0 comments

Argo CD fix for critical CVE-2025-47933

By Beltran Rueda Borrego
The Argo CD project just released new versions of all the supported branches for fixing a critical security issue, CVE-2025-47933 Argo CD allows cross-site scripting on repositories page . This vulnerability allows an attacker to perform arbitrary ...
0 comments

Tanzu Application Catalog Customizations

By Javier Aguadero Garcia
What are Tanzu Application Catalog customizations? Tanzu Application Catalog enables you to curate a customized set of trusted, pre-packaged application components that are continuously maintained and verifiably tested for production use. When ...
0 comments

Building your own Tanzu Application Catalog MCP server with Spring AI

By Martin Perez
Model Context Protocol (MCP) has taken the world by storm and that is understandable. What previously were ad hoc integrations with specific LLMs and data sources can now be replaced with a common protocol that promises a write-once-integrate-with-all-LLMs ...
0 comments

Expanding the ClickHouse Ecosystem: New Operator and Keeper Support in the Bitnami Helm Charts

By Juan Ariza
We’re excited to announce that we’ve expanded Tanzu Application Catalog , Bitnami Premium and Bitnami Application Catalog, enriching the ways you can deploy and manage ClickHouse solutions. First, we've introduced a new Helm chart ...
0 comments

Bitnami Helm Charts and CIS Kubernetes Benchmark: Now Using Secret Volumes Files by Default

By Miguel Ruiz
We are excited to announce an important security enhancement across our Bitnami Helm charts: Secrets are now mounted as volume files by default, in alignment with the CIS Kubernetes Benchmark . This change is part of our ongoing security hardening ...
0 comments

Bitnami Ingress-nginx fix for critical CVE-2025-1974 or IngressNightmare

By Beltran Rueda Borrego
Wiz Research team discovered a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes . Today the Ingress-nginx team released a new version fixing critical security issues. The most critical one ...
0 comments

Introducing Minimal Application Runtimes in Tanzu Application Catalog and Bitnami Premium

By Carlos Rodriguez
Recently, we announced the general availability of Bitnami Premium , a new commercial upgrade to Bitnami, as well as a new partnership with Arrow Electronics who facilitate a streamlined purchasing process and support experience. Today we are happy ...
0 comments

Announcing General Availability of Bitnami Premium

By Carlos Rodriguez
Today the Bitnami team, part of VMware Tanzu, is thrilled to make two announcements. The first is that Bitnami Premium, a new commercial upgrade to the Bitnami Application Catalog containers and Helm charts, is now Generally Available. Second, we are ...
0 comments

Bitnami Helm charts moving to OCI

By Carlos Rodriguez
In January 2022, we announced the general availability of Helm charts in OCI registries, coinciding with the release of Helm version 3.8.0 . In January 2023, Bitnami began populating and distributing the largest and most up-to-date Open-Source catalog ...
0 comments

regreSSHion: Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)

By Carlos Rodriguez
The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) on glibc-based Linux systems. This vulnerability has been assigned CVE-2024-6387 . The vulnerability, ...
0 comments

Enhancing the Bitnami Helm Charts Experience: Changelog, tags, and validation images

By Carlos Rodriguez
Bitnami has recently rolled out several initiatives aimed at enhancing the user experience with Helm charts. These improvements focus on better traceability and smoother integrations. Read on to discover the latest updates: Improved Changelog ...
0 comments

Bitnami Helm Charts are Now More Secure Than Ever

By Carlos Rodriguez
Bitnami-packaged open-source software is loved by developers for its ease of use, which enables developers to directly pull a Bitnami package and seamlessly start using it with little effort. The fact that Bitnami-packaged open-source software accounts ...
0 comments

Bitnami-packaged containers and Helm charts in DockerHub are now signed by Notation

By Carlos Rodriguez
Bitnami-packaged open-source software container images and Helm charts available in DockerHub are now signed by Notation , a Cloud Native Computing Foundation (CNCF) incubating project. In December 2023, we announced that the Tanzu ...
0 comments

Bitnami applications unaffected by recently announced CUPS server vulnerabilities

By Carlos Rodriguez
Several critical vulnerabilities for UNIX systems targeting the CUPS server were discovered and disclosed today. The researcher who discovered them published a technical report at https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/ ...
0 comments

Spring Boot 3.3.0-M2’s Support for Bitnami Container Images: Developer’s Guide

By Carlos Rodriguez
As you may already know, starting from version 3.1, Spring Boot has provided Docker Compose support for our projects. What does that mean for us as developers? Simply put, it means that we can easily bootstrap our application infrastructure ...
0 comments

Debian 12 is now the base operating system of Bitnami packages

By Carlos Rodriguez
We are happy to share that we have updated the base operating system (OS) of the community edition of all Bitnami-packaged containers and Helm charts to Debian 12 (bookworm) from Debian 11 (bullseye). This update in our containers and Helm charts helps ...
0 comments