CentOS ist die dritthäufigste Distribution des Linux-Kernels. Die Abkürzung CentOS steht für „Community Enterprise Operating System“.
-
Red Hat Security Advisory 2019-0782-01
Operating System: RedHat ≈ Packet Storm Apr 18, 2019 | 01:19 amRed Hat Security Advisory 2019-0782-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Issues addressed include code execution and deserialization vulnerabilities.
Read more... -
Red Hat Security Advisory 2019-0778-01
Operating System: RedHat ≈ Packet Storm Apr 17, 2019 | 19:35 pmRed Hat Security Advisory 2019-0778-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include a slow conversion of BigDecimal to long.
Read more... -
Red Hat Security Advisory 2019-0775-01
Operating System: RedHat ≈ Packet Storm Apr 17, 2019 | 19:34 pmRed Hat Security Advisory 2019-0775-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an out of bounds access vulnerability.
Read more... -
Red Hat Security Advisory 2019-0774-01
Operating System: RedHat ≈ Packet Storm Apr 17, 2019 | 19:26 pmRed Hat Security Advisory 2019-0774-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an out of bounds access vulnerability.
Read more... -
Red Hat Security Advisory 2019-0766-01
Operating System: RedHat ≈ Packet Storm Apr 17, 2019 | 01:52 amRed Hat Security Advisory 2019-0766-01 - The mod_auth_mellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants access based on the attributes received in assertions generated by an IdP[…]
Read more... -
Red Hat Security Advisory 2019-0765-01
Operating System: RedHat ≈ Packet Storm Apr 17, 2019 | 00:23 amRed Hat Security Advisory 2019-0765-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as[…]
Read more... -
Red Hat Security Advisory 2019-0746-01
Operating System: RedHat ≈ Packet Storm Apr 11, 2019 | 16:11 pmRed Hat Security Advisory 2019-0746-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. Issues[…]
Read more... -
Red Hat Security Advisory 2019-0747-01
Operating System: RedHat ≈ Packet Storm Apr 11, 2019 | 16:11 pmRed Hat Security Advisory 2019-0747-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. A file[…]
Read more... -
Red Hat Security Advisory 2019-0739-01
Operating System: RedHat ≈ Packet Storm Apr 11, 2019 | 16:09 pmRed Hat Security Advisory 2019-0739-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Security fix: jenkins-plugin-script-security: Sandbox bypass in script security plug-in jenkins-plugin-script-security: Sandbox[…]
Read more... -
Red Hat Security Advisory 2019-0741-01
Operating System: RedHat ≈ Packet Storm Apr 11, 2019 | 16:09 pmRed Hat Security Advisory 2019-0741-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include bypass and traversal vulnerabilities.
Read more... -
The Product Security Blog has moved!
Red Hat Security Blog Blog Posts Mar 19, 2019 | 20:38 pmRed Hat Product Security has joined forces with other security teams inside Red Hat to publish our content in a common venue using the Security channel of the Red Hat Blog.This move provides a wider variety of important Security topics,[…]
Read more... -
Security Technologies: FORTIFY_SOURCE
Red Hat Security Blog Blog Posts Sep 26, 2018 | 15:30 pmFORTIFY_SOURCE provides lightweight compile and runtime protection to some memory and string functions (original patch to gcc was submitted by Red Hat). It is supposed to have no or a very small runtime overhead and can be enabled for all[…]
Read more... -
New Red Hat Product Security OpenPGP key
Red Hat Security Blog Blog Posts Aug 22, 2018 | 15:30 pmRed Hat Product Security has transitioned from using its old 1024-bit DSA OpenPGP key to a new 4096-bit RSA OpenPGP key.This was done to improve the long-term security of our communications with our customers and also to meet current key[…]
Read more... -
Security Technologies: Stack Smashing Protection (StackGuard)
Red Hat Security Blog Blog Posts Aug 20, 2018 | 15:30 pm
Read more...
In our previous blog, we saw how arbitrary code execution resulting from stack-buffer overflows can be partly mitigated by marking segments of memory as non-executable, a technology known as Execshield. However stack-buffer overflow exploits can still effectively overwrite the function[…] -
Managing risk in the modern world
Red Hat Security Blog Blog Posts Aug 14, 2018 | 17:30 pm
Read more...
Things can be pretty scary out there today. There are a lot of things that could occur that make even the calmest amongst us take pause. Everything we do is a series of risk-based decisions that we hope leads to[…] -
How SELinux helps mitigate risk while facilitating compliance
Red Hat Security Blog Blog Posts Aug 9, 2018 | 15:30 pmLanguage EnglishMany of our customers are required to meet a variety of regulatory requirements. Red Hat Enterprise Linux includes security technologies that help meet these requirements. Improving Linux security also benefits our layered products, such as Red Hat OpenShift Container[…]
Read more... -
Security Technologies: ExecShield
Red Hat Security Blog Blog Posts Jul 25, 2018 | 15:30 pm
Read more...
The world of computer security has changed dramatically in the last few years. Keeping your operating system updated with the latest security patches is no longer sufficient. Operating system providers need to be more proactive in combating security problems. A[…] -
SPECTRE Variant 1 scanning tool
Red Hat Security Blog Blog Posts Jul 18, 2018 | 15:30 pmAs part of Red Hat's commitment to product security we have developed a tool internally that can be used to scan for variant 1 SPECTRE vulnerabilities. As part of our commitment to the wider user community, we are introducing this[…]
Read more... -
Insights Security Hardening Rules
Red Hat Security Blog Blog Posts Jul 12, 2018 | 15:30 pmMany users of Red Hat Insights are familiar with the security rules we create to alert them about security vulnerabilities on their system, especially concerning high-profile issues such as Spectre/Meltdown or Heartbleed. In this post, I'd like to talk about[…]
Read more... -
Red Hat’s disclosure process
Red Hat Security Blog Blog Posts Jul 10, 2018 | 15:00 pmLast week, a vulnerability (CVE-2018-10892) that affected CRI-O, Buildah, Podman, and Docker was made public before some affected upstream projects were notified. We regret that this was not handled in a way that lives up to our own standards around[…]
Read more... -
RHBA-2019:0500-1: nss-pem bug fix update
Red Hat Errata Jan 1, 1970 | 01:00 amRed Hat Enterprise Linux:Updated nss-pem packages that fix one bug are now available for Red HatEnterprise Linux 7.6.
Read more... -
RHBA-2019:0499-1: resource-agents bug fix update
Red Hat Errata Jan 1, 1970 | 01:00 amRed Hat Enterprise Linux:Updated resource-agents packages that fix one bug are now available for Red HatEnterprise Linux 7.
Read more... -
RHBA-2019:0498-1: rear bug fix update
Red Hat Errata Jan 1, 1970 | 01:00 amRed Hat Enterprise Linux:Updated rear packages that fix several bugs are now available for Red HatEnterprise Linux 7.
Read more... -
RHBA-2019:0497-1: gnome-tweak-tool bug fix update
Red Hat Errata Jan 1, 1970 | 01:00 amRed Hat Enterprise Linux:Updated gnome-tweak-tool packages that fix two bugs are now available for RedHat Enterprise Linux 7.
Read more... -
RHBA-2019:0496-1: tuned bug fix update
Red Hat Errata Jan 1, 1970 | 01:00 amRed Hat Enterprise Linux:Updated tuned packages that fix two bugs are now available for Red HatEnterprise Linux 7.
Read more... -
RHBA-2019:0488-1: Red Hat Certification bug fix and enhancement update for RHEL6 and RHEL7
Red Hat Errata Jan 1, 1970 | 01:00 amRed Hat Enterprise Linux:An updated redhat-certification package that fixes several bugs and adds variousenhancements is now available for Red Hat Enterprise Linux 6 and Red HatEnterprise Linux 7.
Read more... -
RHBA-2019:0484-1: dpdk bug fix update
Red Hat Errata Jan 1, 1970 | 01:00 amRed Hat Enterprise Linux:Updated dpdk packages that fix one bug are now available in the Extras channelof Red Hat Enterprise Linux 7.
Read more... -
RHSA-2019:0544-1: Important: .NET Core on Red Hat Enterprise Linux security update for March 2019
Red Hat Errata Jan 1, 1970 | 01:00 amRed Hat Enterprise Linux:Updates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore,rh-dotnet21-dotnet, and rh-dotnet22-dotnet are now available for .NET Core onRed Hat Enterprise Linux.Red Hat Product Security has rated this update as having a security impact ofImportant. A Common Vulnerability Scoring System (CVSS) base score,[…]
Read more... -
RHEA-2019:0543-1: new packages: rh-jmc
Red Hat Errata Jan 1, 1970 | 01:00 amRed Hat Enterprise Linux:New rh-jmc packages are now available as a part of Red Hat Software Collections3.2 for Red Hat Enterprise Linux 7.
Read more...
Let’s Encrypt empfiehlt einige Clients, die mit CentOS kompatibel sind. Wir denken, dass CertBot von der non-profit Electronic Frontier Foundation eine sehr gute Wahl ist, wenn dieser richtig eingerichtet ist und beschreiben daher diesen.