OpenSSL 1.1.1l was released yesterday, fixing CVE-2021-3711 and CVE-2021-3712.

We do not believe there was any impact from CVE-2021-3711 on the CDN, which is an exploit in OpenSSL’s implementation of SM2. OpenSSL does not provide support for SM2 in TLS, and we do not currently support its usage via other mechanisms.

On March 2nd 2021, Microsoft warned of several zero-day vulnerabilities in its Exchange Server application, including a critical remote code execution (RCE) vulnerability: CVE-2021-26855. This CVE was listed with a Base Score of 9.8 or critical by NIST. Exploitation complexity of this vulnerability is categorized as low as it requires no authorization, and or local access to implement.

As traffic volumes delivered by our CDN continue to increase, we continue to expand the footprint of our CDN both in terms of number and size of Points of Presence (PoP). As the sizes of PoPs grow, it is important to distribute load across their servers, in order to maintain their health and stability and to guarantee resilience to ephemeral traffic spikes.

Anycast is widely used by Content Delivery Networks (CDNs) and for the Domain Name System (DNS) to efficiently route service to clients from multiple physical points-of-presence (PoPs).

Anycast depends on Border Gateway Protocol (BGP) routing to map users to PoPs. Therefore, its efficiency depends on both the CDN operator and the routing policies of ISPs on the path. Such a distributed environment makes detecting and diagnosing inefficiency challenging.

As part of the Media Platform Video Team we build and maintain a set of web applications that allow customers to manage their video content. We needed a way to be consistent with how we build these applications. Creating consistent layouts and interfaces can be a challenge. There are many areas that can cause bloat or duplication of code. Some examples of this are, coding multiple ways to build the same layout in the app, slight variations of the same red color scattered all over, multiple functions being used to capitalize data returned from the database. To avoid cases like this we built Bindable.