Red Hat Security Blog: February 2015 archives

  • Common Criteria

    What is Common Criteria? Common Criteria (CC) is an international standard (ISO/IEC 15408) for certifying computer security software. Using Protection Profiles, computer systems can be secured to certain levels that meet requirements laid out by the Common Criteria. Established by governments, the Common Criteria treaty agreement has been signed by 17 26 countries, and each country recognizes the other's certifications. In the U.S., Common Criteria is handled by the National Information...
    Posted 2015-02-25T14:30:56+00:00 - 1
  • Samba vulnerability (CVE-2015-0240)

    Samba is the most commonly used Windows interoperability suite of programs, used by Linux and Unix systems. It uses the SMB/CIFS protocol to provide a secure, stable, and fast file and print services. It can also seamlessly integrate with Active Directory environments and can function as a domain controller as well as a domain member (legacy NT4-style domain controller is supported, but the Active Directory domain controller feature of Samba 4 is not supported yet). CVE-2015-0240 is a security...
    Posted 2015-02-23T11:56:16+00:00 - 0
  • Life-cycle of a Security Vulnerability

    Security vulnerabilities, like most things, go through a life cycle from discovery to installation of a fix on an affected system. Red Hat devotes many hours a day to combing through code, researching vulnerabilities, working with the community, and testing fixes–often before customers even know a problem exists. Discovery When a vulnerability is discovered, Red Hat engineers go to work verifying the vulnerability and rating it to determine it’s overall impact to a system. This is a most...
    Posted 2015-02-04T14:30:39+00:00 - 0