Red Hat Security Blog: November 2013 archives

  • Enterprise Linux 6.4 to 6.5 risk report

    Red Hat Enterprise Linux 6.5 was released last week (November 2013), nine months since the release of 6.4 in February 2013. In this report we take a look back over the vulnerabilities and security updates since that last update, specifically for Red Hat Enterprise Linux 6 Server. Red Hat Enterprise Linux 6 is in its fourth year since release, and will receive security updates until November 30th 2020. Errata count The chart below illustrates the total number of security updates issued for Red...
    Posted 2013-11-27T13:00:55+00:00 - 0
  • Java Deserialization Flaws: Part 1, Binary Deserialization

    Serialization is a feature of programming languages that allows the state of in-memory objects to be represented in a standard format, which can be written to disk or transmitted across a network. Java includes powerful serialization capabilities as a core feature of the language. All classes which implement the java.io.Serializable interface can be serialized and deserialized, with Java handling the plumbing automatically. Serialization is now widely used in Java applications as a mechanism...
    Posted 2013-11-20T14:30:20+00:00 - 0
  • Automated auditing the system using SCAP

    We live in an electronic age. Nowadays, more and more manifestations of human identity are available via electronic media. Besides advantages, this facility brings challenges to us as well. As computer systems are getting more capable and complex, it is ever more important to set and keep the underlying computer system secure against security threats. The objective to secure a computer system is a complex and continuous process. Besides the requirement the system to be designed with security in...
    Posted 2013-11-13T14:30:19+00:00 - 0
  • October: What have we been doing for you?

    The Red Hat Product Security Team is constantly working behind the scenes to protect our customers.  Here are just a few things that we've been working on in October: Auditing packages - One of the big tasks our team members work on is reviewing software packages to make sure they meet our high standards. Prelink is dead - We worked closely with the Fedora community to have prelink removed from the distribution (by default).  Prelink disables address space layout randomization (ASLR) which...
    Posted 2013-11-06T14:30:37+00:00 - 0
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.