Another set of OpenSSL Bugs discovered. Upgrade OpenSSL on your CentOS Linux servers!

A new set of bugs have been identified and patched in OpenSSL. The following new bugs have been patched in the latest release of OpenSSL: CVE-2010-5298 - possible use of memory after free CVE-2014-0195 - buffer overflow via invalid DTLS fragment CVE-2014-0198 - possible NULL pointer dereference CVE-2014-0221 - DoS from invalid DTLS handshake ... Read More...

CentOS Linux Kernel Update 2.6.32-431.17.1 Released

CentOS Linux kernel 2.6.32-431.17.1 has just been released. Update type(s): security and bug fix Resolved CVEs: CVE-2013-6383 CVE-2014-0077 CVE-2014-2523 * A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash ... Read More...