Red Hat Security Blog: February 2013 archives

  • Enterprise Linux 6.3 to 6.4 risk report

    Red Hat Enterprise Linux 6.4 was released last week, eight months since the release of 6.3 in June 2012. In this report we take a look back over the vulnerabilities and security updates since that last update, specifically for Red Hat Enterprise Linux 6 Server. Errata count The chart below illustrates the total number of security updates issued for Red Hat Enterprise Linux 6 Server if you had installed 6.3, up to and including the 6.4 release, broken down by severity. It's split into two...
    Posted 2013-02-27T13:00:29+00:00 - 0
  • Red Hat Secure Development Videos

    Red Hat products are used by many organizations in some of the most secure computing environments in the world. We have relationships and collaborations with many U.S. Government agencies, stock exchanges, banks, and health care companies. As a result, the topic of secure coding is discussed both internally and with our partners and customers on a regular basis in an effort to create the needed resources to make secure coding an everyday practice. To make secure coding work we understand that...
    Posted 2013-02-20T13:00:22+00:00 - 0
  • How Red Hat uses CVSSv2 Scoring to assist in rating flaws

    Red Hat rates all security flaws using a four-point scale: critical, important, moderate, and low. A number of factors contribute to this rating: How easily can a flaw be exploited? What kind of damage can be done if exploited? Are there typically other factors involved that lower the impact of the flaw (such as firewalls, Security-Enhanced Linux, compiler directives, and so forth)? CVSSv2 (Common Vulnerability Scoring System version 2.0) can also help to determine the rating. Out of all of...
    Posted 2013-02-13T13:00:46+00:00 - 0