DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 4th March 2014
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,150
Thanked 182 Times in 149 Posts
Default Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

From

Quote:
This GnuTLS bug is worse than the big Apple "goto fail" bug patched last week.

Hundreds of open source packages, including the Red Hat, Ubuntu, and Debian distributions of Linux, are susceptible to attacks that circumvent the most widely used technology to prevent eavesdropping on the Internet, thanks to an extremely critical vulnerability in a widely used cryptographic code library.

The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn't be surprising if the actual number is much higher.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Torvalds shoots down call to yank 'backdoored' Intel RdRand in Linux crypto J65nko News 0 11th September 2013 01:46 AM
Security Critical open hole in PHP creates risks J65nko News 4 10th May 2012 06:04 AM
Cofounder Jerry Yang leaves Yahoo Beastie News 0 18th January 2012 07:49 AM
Hundreds of thousands of hacked websites spreading scareware J65nko News 0 3rd April 2011 03:02 AM
sound in ALSA using linux apps TerryP FreeBSD General 1 29th May 2009 03:33 PM


All times are GMT. The time now is 03:53 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick