Language Selection

English French German Italian Portuguese Spanish

OpenSSL Issues Fix

Filed under
Software
Security

The OpenSSL server has been patched to repair a critical security glitch that could be exploited in remote code execution attacks.

OpenSSL is a toolkit that implements Secure Sockets Layer and Transport Layer Security protocols, as well as a full strength, general purpose cryptography library.

The race condition flaw was found in the OpenSSL TLS server extension parsing code, affecting some multithreaded OpenSSL applications. Researchers at Red Hat Security, which relies on OpenSSL for an array of Red Hat Enterprise Linux products, warned in an advisory that under certain conditions, attackers could exploit the vulnerability by triggering a race condition that could cause the OpenSSL application to crash, or enable them to launch of a malicious attack.

The vulnerability, which Red Hat Security researchers ranked as "important" on their Common Vulnerability Scoring System, affects all versions of the OpenSSL supporting TLS extensions, including OpenSSL 0.9.8f through 0.9.8o, 1.0.0 and 1.0.0a.

rest here




More in Tux Machines

Leftovers: KDE

diff -u: What's New in Kernel Development

Boot times can become slow on systems with many CPUs, partly because of the time it takes to crank up all the RAM chips. Mel Gorman recently submitted some patches to start up RAM chips in parallel instead of one after the other. One of the main problems with trying to implement such a feature—and one of the main reasons such patches haven't made it into the kernel before—is the need to avoid slowing things down for smaller systems. Read more

I so cannot wait until this Friday when Seed of Chucky is released!

Weber State vs Oregon State Live Stream

IT&C sector – engine of the economy : Kogaion and Argent – operating systems created in Cluj-Napoca

This goes for the Romanian Group for the Development of Gentoo-Derivative Technologies too. Gentoo is an operating system based on Linux or FreeBSD, which can be automatically optimized or personalized for almost any application or need. Last week the Cluj-based team launched in Bucharest and Cluj two PC operating systems that are one hundred per cent Romanian, which could be used by regular users or within public administration, the education system or defence institutions. Read more