Language Selection

English French German Italian Portuguese Spanish

Rumours of critical vulnerability in OpenSSH in Red Hat Enterprise Linux

Filed under
Linux
Security

A posting on the Web Hosting Talk forum is feeding speculation about a critical security vulnerability in the OpenSSH server in CentOS/Red Hat Enterprise Linux (RHEL).

According to the posting, the vulnerability is present in the OpenSSL version 4.3 used in this distribution. Although the version number is already several years old, the Red Hat development team tend to backport patches for older versions, with the result that the software may well still be up-to-date.

It is rumoured, however, that the development team have introduced an error during this backporting process which may now be able to be exploited to gain access to servers.

rest here




More in Tux Machines

If You Like the Terminal, You Will Love the Terminal-Only Alpine Linux OS

Security-oriented, lightweight Linux distribution Alpine Linux is based on based on musl libc and Busybox, which make up the terminal, has been upgraded once more and is now available for download. Read more

Android Wear just got very, very smart

Google's Android Wear software just got smart - very smart - simply because it integrates Google Now top to bottom. With an update to Google Now comes an update to Android Wear, and what we're seeing today is an explosive update that'll make the suggestions for directions and sports scores you've been getting so far seem like drops in a barrel of friendly, and I daresay helpful, updates from apps of all kinds. Everything from eBay auction updates to the ability to "Download Venice" - all on your wrist, very soon. Read more

Leftovers: Software

today's howtos