Mender blog

Remote OTA Updates for Wind River Linux

22nd Aug 2022

Wind River is one of the biggest enterprise grade Yocto-based Linux providers. In late 2019 they released their LTS19 version based on Yocto Zeus (3.0).

As Mender is also compatible with selected Yocto releases including Zeus, the integration with Wind River Linux just requires some small tweaks to make it work seamlessly. In this tutorial we will describe basic steps required to make both wor...

Read the article

Two Factor Authentication is now available in all the Hosted Mender plans

18th Aug 2022

Two Factor Authentication (2FA) is an extra layer of protection for user authentication with OTP-compatible applications like Authly and Google Authenticator.

This feature is now available to all the Hosted Mender users independently from their subscription plan.

You can enable Two Factor Authentication on your profile’s page, selecting the “Enable Two Factor authentication” option and followi...

Read the article

Personal Access Tokens simplify the API-based integration with Hosted Mender

1st Aug 2022

It is now possible to generate and use Personal Access Tokens on Hosted Mender when performing management API calls.

Before the introduction of this feature, the only way to obtain a JWT token to perform API calls was using the log-in end-point. However, the token returned lasts one week only. Therefore, storing and reusing it, for example, from a CI/CD pipeline or a scheduled job, is not practi...

Read the article

Using QEMU Virtualized Environments to Develop and Deploy Embedded Software for x86 Linux

12th Jul 2022


Before shipping software for embedded devices, it is crucial to test it on real devices, in an environment as close to the actual operating environment as possible. But that does not mean that development and testing necessarily has to happen this way. Running on real devices can often be tedious, time consuming and in some cases may be impractical.

This article will be a step-b...

Read the article

CVE-2022-32290 - Mender Client listening on all the interfaces

1st Jul 2022

We recently discovered a vulnerability in the Mender Client versions 3.2.0, 3.2.1, and 3.2.2.

The client listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network interfaces instead of only the localhost interface. Therefore, any client on the same network can connect to...

Read the article