CentOS 7 Released! How to Download CentOS 7

Today, the general availability of CentOS 7 has been announced for 64-bit x86 based systems. This is the first version of CentOS 7, and the version is marked as 7.0-1406 CentOS 7 release notes can be found here - http://wiki.centos.org/Manuals/ReleaseNotes/CentOS7 To obtain the CentOS 7 release ISO, head over to http://isoredirect.centos.org/centos/7.0.1406/isos/x86_64/ While CentOS 7 ...

Read More...

CentOS Linux Kernel Update 2.6.32-431.20.3 Released

CentOS Linux kernel 2.6.32-431.20.3 has just been released. Update type(s): security and bug fix Resolved CVEs: CVE-2013-6378 CVE-2014-0203 CVE-2014-1737 CVE-2014-1738 CVE-2014-1874 CVE-2014-2039 CVE-2014-3153 * A flaw was found in the way the Linux kernel's futex subsystem handledthe requeuing of certain Priority Inheritance (PI) futexes. A local,unprivileged user could use this flaw to escalate their privileges on thesystem. (CVE-2014-3153, Important)* A flaw was ...

Read More...

CentOS Linux Kernel Update 2.6.32-431.17.1 Released

CentOS Linux kernel 2.6.32-431.17.1 has just been released. Update type(s): security and bug fix Resolved CVEs: CVE-2013-6383 CVE-2014-0077 CVE-2014-2523 * A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash ...

Read More...

CRITICAL OpenSSL Vulnerability “Heartbleed” in OpenSSL 1.0.1 to 1.0.1f – How to patch this bug on your CentOS system

Heartbleed Bug Summary A new bug in OpenSSL has been discovered that allows a remote attacker to access parts of memory on systems using vulnerable versions of OpenSSL (eg: HTTPS). This can allow an attacker to gain access to private keys, usernames, passwords and eavesdrop on encrypted traffic. For more information, ...

Read More...

CentOS Linux Kernel Update 2.6.32-431.11.2 Released

CentOS Linux kernel 2.6.32-431.11.2 has just been released. Update type(s): security and bug fix Resolved CVEs: CVE-2013-1860 CVE-2014-0055 CVE-2014-0069 CVE-2014-0101 * A flaw was found in the way the get_rx_bufs() function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc() function. A privileged guest user could use this flaw to crash the host. (CVE-2014-0055, Important) * A ...

Read More...