Language Selection

English French German Italian Portuguese Spanish

Red Hat Risk Reflex (The Linux Security Flaw That Isn't)

Filed under
Red Hat
Security

News headlines screaming that yet another Microsoft Windows vulnerability has been discovered, is in the wild or has just been patched are two a penny. Such has it ever been. News headlines declaring that a 'major security problem' has been found with Linux are a different kettle of fish. So when reports of an attack that could circumvent verification of X.509 security certificates, and by so doing bypass both secure sockets layer (SSL) and Transport Layer Security (TLS) website protection, people sat up and took notice. Warnings have appeared that recount how the vulnerability can impact upon Debian, Red Hat and Ubuntu distributions. Red Hat itself issued an advisory warning that "GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification... An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid." In all, at least 200 operating systems actually use GnuTLS when it comes to implementing SSL and TLS and the knock-on effect could mean that web applications and email alike are vulnerable to attack. And it's all Linux's fault. Or is it?

Read more ►

More in Tux Machines

Linux Releases

  • The Changes So Far For The Linux 4.11 Kernel
    We are now through week one of two for the Linux 4.11 kernel merge window. I've already written a number of news posts this past week covering features I find interesting for Linux 4.11. If you are short on time and behind in your Phoronix reading, here's a quick overview of the material so far for this next major kernel bump.
  • Container-friendly Alpine Linux may get Java port
    A proposal floated this week on an OpenJDK mailing list calls for porting the JDK (Java Development Kit), including the Java Runtime Environment, Java compiler and APIs, to both the distribution and the musl C standard library, which is supported by Alpine Linux. The key focus here is musl; Java has previously been ported to the standard glibc library, which you can install in Alpine, but the standard Alpine release switched two years ago to musl because it’s much faster and more compact.
  • Linux From Scratch 8.0 Released, Brings New Changes And Features

today's howtos

Jolla inks exclusive license to kick-start its Android alternative in China

Mobile OS maker Jolla, whose Sailfish platform remains one of the few smartphone alternatives in play these days, has signed an exclusive license to a Chinese consortium to develop a Sailfish-based OS for the country. Jolla says the Chinese consortium will be aiming to invest $250M in developing a Sailfish ecosystem for the country, though it’s not specifying exactly is backing the consortia at this point, nor over what timeframe the investment will happen — beyond saying one of its early investors, a local private equity investor Shan Li, will take a “leading role” in building it up. “There are very big players behind it,” Jolla chairman Antti Saarnio tells TechCrunch, speaking ahead of a press conference held to announce the news here at the Mobile World Congress tradeshow in Barcelona. Read more

Khronos and Vulkan