CRITICAL OpenSSL Vulnerability “Heartbleed” in OpenSSL 1.0.1 to 1.0.1f – How to patch this bug on your CentOS system

Heartbleed Bug Summary A new bug in OpenSSL has been discovered that allows a remote attacker to access parts of memory on systems using vulnerable versions of OpenSSL (eg: HTTPS). This can allow an attacker to gain access to private keys, usernames, passwords and eavesdrop on encrypted traffic. For more information, ... Read More...

CentOS Linux Kernel Update 2.6.32-431.11.2 Released

CentOS Linux kernel 2.6.32-431.11.2 has just been released. Update type(s): security and bug fix Resolved CVEs: CVE-2013-1860 CVE-2014-0055 CVE-2014-0069 CVE-2014-0101 * A flaw was found in the way the get_rx_bufs() function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc() function. A privileged guest user could use this flaw to crash the host. (CVE-2014-0055, Important) * A ... Read More...

Bug in GnuTLS library discovered – allows attackers to bypass SSL trivially – update your GnuTLS now!

What is the GnuTLS bug? Red Hat has discovered a bug in the GnuTLS (GNU Transport Layer Security) package that may allow attackers to trivially bypass SSL (CVE-2014-0092). RHEL, CentOS, Debian and other popular Linux distributions are susceptible to potential eavesdropping due to this bug. What version of GnuTLS is affected? At this ... Read More...

11 Useful Yum Commands on CentOS Linux

Yum is the package management system that is used on CentOS Linux. It is responsible for managing packages and their dependencies from Yum repositories, as defined in /etc/yum.repos.d/ In this post, we'll cover a few common and useful yum commands: 1. Install a yum package: 2. Remove a yum package: 3. Reinstall a yum ... Read More...