Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks


  • Please log in to reply
2 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,854 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:08:24 AM

Posted 03 June 2014 - 11:24 PM

 

A recently discovered bug in the GnuTLS cryptographic code library puts users of Linux and hundreds of other open source packages at risk of surreptitious malware attacks until they incorporate a fix developers quietly pushed out late last week.

http://arstechnica.com/security/2014/06/critical-new-bug-in-crypto-library-leaves-linux-apps-open-to-drive-by-attacks/

 

 

 

 

http://www.webmasterworld.com/linux/4651233.htm



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,517 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:24 PM

Posted 04 June 2014 - 09:07 AM

I received the security updates/ patches for that bug a few days ago in my Ubuntu OSes.

So far, there have been no reports of any exploiting of that bug.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 globalinternethostin

globalinternethostin

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 07 June 2014 - 07:31 AM

BAH HUMBUG. as is stated by a poster on ARSTECHNICA, "This is not a bug in Linux kernel. This is a bug in an obscure SSL library, hardly used by Linux software. Android, as well as most of Linux software, use OpenSSL."

and it is sooooo true and soooooooo not-to-worry nor panic. and sooooooo, compared to the softy ONCEAWEAKS cracks crevices and catastrophes, i will take the OPEN SOURCE once in a blue moon flicker any day.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users