nixCraft » important security

Important: Openssl Security Update [CVE-2008-5077]

Vivek Gite — Thu, 08 Jan 2009 21:58:45 +0000

Linux / BSD and UNIX like operating systems includes software from the OpenSSL Project. The OpenSSL is commercial-grade, industry-strength, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as general purpose cryptography library.

The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a malicious server, or able to effect a "man in the middle" attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client and bypass validation.

This update has been rated as having important security impact on FreeBSD, all version of Ubuntu / Debian, Red Hat (RHEL), CentOS, Fedora and other open source operating system that depends upon OpenSSL.

Debian GNU/Linux 4.0 Update 6 Released

Vivek Gite — Thu, 18 Dec 2008 14:07:25 +0000

Didn't take long to release new updated version.
The Debian project is pleased to announce the sixth update of its stable distribution Debian GNU/Linux 4.0 (codename "etch"). This update mainly adds corrections for security problems to the stable release, along with a few adjustment to serious problems. This update has been rated as having important security impact. You are advised to upgrade system ASAP.

Security Update: Debian Linux Kernel Local / Remote Vulnerabilities

Vivek Gite — Thu, 04 Dec 2008 18:54:14 +0000

Debian project today released a pair of security updates to plug at least ten security holes in its core called Linux kernel. Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. This update has been rated as having important security impact.

Red Hat Enterprise Linux 5 IMPORTANT Security Update [ 4-Nov-2008 ]

Vivek Gite — Tue, 04 Nov 2008 21:35:30 +0000

Red Hat today released kernel updates to fix at least 15 security flaws in its core called Linux kernel. RHEL users can grab the latest updates from RHN website or by simply running yum update command. This update has been rated as having important security impact.

Critical Red Hat Enterprise Linux Kernel Update

Vivek Gite — Wed, 01 Oct 2008 08:44:57 +0000

Red Hat issued an update version of Linux operating system core called kernel that plugs various security holes for RHEL 5.x. This update has been rated as having important security impact. All users are advised to upgrade kernel package.

Security Alert: Update FireFox 3.x and 2.x Versions

Vivek Gite — Thu, 03 Jul 2008 06:49:57 +0000

An updated firefox package that fixes several security issues is now available for various Linux distributions. All Mozilla Firefox users should upgrade to this updated package as update has been rated as having critical security impact.

Security Update for Red Hat Linux Kernel

Vivek Gite — Fri, 27 Jun 2008 09:22:49 +0000

Red Hat has issued a security update for its kernel package. The patch plugs a critical flaw that Red Hat said attackers could use to take control of a vulnerable system.

Security Alert: rhpki-common – the Red Hat PKI Common Framework

Vivek Gite — Tue, 03 Jun 2008 09:35:04 +0000

Updated rhpki-common packages that fix a security issue are now available for Red Hat Certificate System 7.2.