• Bash specially-crafted environment variables code injection attack

    Update 2014-09-30 19:30 UTC Questions have arisen around whether Red Hat products are vulnerable to CVE-2014-6277 and CVE-2014-6278.  We have determined that RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312 successfully mitigate the vulnerability and no additional actions need to be taken.   Update 2014-09-26 12:00 UTC We have written a FAQ to address some of the more common questions seen regarding the recent bash issues. Frequently Asked Questions about the Shellshock Bash flaws...
    Posted 2014-09-24T14:00:08+00:00 - 0
  • Kickstart Configuration Tool

    We're proud to introduce a new Red Hat Access Labs app: Kickstart Configuration Tool. Kickstart provides a way for users to automate a Red Hat Enterprise Linux installation. Using kickstart, a system administrator can create a single file containing the answers to all the questions that would normally be asked during a typical installation. Once a kickstart file has been generated it can either be included with boot media or made available on the network for easy and consistent configuration of...
    Posted 2014-09-18T14:22:39+00:00 - 0
  • Enterprise Linux 5.10 to 5.11 risk report

    Red Hat Enterprise Linux 5.11 was released this month (September 2014), eleven months since the release of 5.10 in October 2013. So, as usual, let's use this opportunity to take a look back over the vulnerabilities and security updates made in that time, specifically for Red Hat Enterprise Linux 5 Server. Red Hat Enterprise Linux 5 is in Production 3 phase, being over seven years since general availability in March 2007, and will receive security updates until March 31st 2017. Errata count The...
    Posted 2014-09-18T13:30:49+00:00 - 0
  • TLS landscape

    Transport Layer Security (TLS) or, as it was known in the beginnings of the Internet, Secure Sockets Layer (SSL) is the technology responsible for securing communications between different devices. It is used everyday by nearly everyone using the globe-spanning network. Let's take a closer look at how TLS is used by servers that underpin the World Wide Web and how the promise of security is actually executed. Adoption Hyper Text Transfer Protocol (HTTP) in versions 1.1 and older make encryption...
    Posted 2014-09-10T13:30:54+00:00 - 0
  • Satellite 6 is Here… We Hope You Enjoy It

    The Satellite Team is proud to announce the release of Satellite 6.0. This release is the culmination of several years of collaboration between some incredibly active open source communities, many savvy and technically strong customers, and a very passionate Red Hat engineering team. We have worked together upstream, and downstream through two Managed Design Programs, and two beta cycles. First and foremost, thank you for your efforts and the feedback which have helped us to deliver this next...
    Posted 2014-09-08T13:27:14+00:00 - 34
  • Is your software fixed?

    A common query seen at Red Hat is “our auditor says our Red Hat machines are vulnerable to CVE-2015-1234, is this true?” or “Why hasn’t Red Hat updated software package foo to version 1.2.3?” In other words, our customers (and their auditors) are not sure whether or not we have fixed a security vulnerability, or if a given package is up to date with respect to security issues. In an effort to help our security-conscious customers, Red Hat make this information available in an easy to consume...
    Posted 2014-09-03T13:30:04+00:00 - 1
  • Satellite 6.0 Bare Metal Provisioning Without DHCP

    Satellite 6.0 provisioning fully supports booting over the network (PXE) but it is not always possible to have DHCP and TFTP services under the control of the Satellite server. For these cases, Satellite ships with a plug-in called Bootdisk that allows you to create ISO files that can be written to CD or DVD, or to USB sticks or memory cards. There are two types of boot disk that you can create: per-host and generic images. Two Types of Images You can use the host and subnet data in Satellite...
    Posted 2014-09-02T18:32:39+00:00 - 4
  • Red Hat Satellite and Puppet

    Red Hat Satellite and Puppet Welcome to the second of our blog posts for Satellite. The topic this week is the usage of Puppet with Satellite 5 and 6. If you have not yet heard, Red Hat will be using and supporting Puppet as the configuration management platform within Satellite 6. The Puppet integration comes from many years of hands-on feedback and experiences within The Foreman community from users such as yourself. As part of the Satellite 6 release process we had many customer discussions...
    Posted 2014-08-26T14:05:20+00:00 - 1
  • We are working on some great stuff

    The Satellite Engineering Team at Red Hat is working on some really great features, and we are always looking for ways to tell you all more about what is cooking in the upstream. Lukas Zapletal, in our Brno office, suggested that we start a blog to get some of this information out. The goal of this blog will be for us in Engineering to publish tips and tricks about how to use our products, videos which showcase new features, and to point you at new content on the Customer Portal. If you have...
    Posted 2014-08-19T18:18:01+00:00 - 3
  • Fedora Security Team

    Vulnerabilities in software happen.  When they get fixed it's up to the packager to make those fixes available to the systems using the software.  Duplicating much of the response efforts that Red Hat Product Security performs for Red Hat products, the Fedora Security Team (FST) has recently been created to assist packagers get vulnerability fixes downstream in a timely manner. At the beginning of July, there were over 500 vulnerability tickets open* against Fedora and EPEL.  Many of these...
    Posted 2014-08-13T13:30:31+00:00 - 0
  • Controlling access to smart cards

    Smart cards are increasingly used in workstations as an authentication method. They are mainly used to provide public key operations (e.g., digital signatures) using keys that cannot be exported from the card. They also serve as a data storage, e.g., for the corresponding certificate to the key. In RHEL and Fedora systems low-level access to smart cards is provided using the pcsc-lite daemon, an implementation of the PC/SC protocol, defined by the PC/SC industry consortium. In brief the PC/SC...
    Posted 2014-07-30T13:30:32+00:00 - 0
  • KVM Bridge Configuration

    We're proud to introduce a new Red Hat Access Labs app: KVM Bridge Configuration By default, KVM uses Network Address Translation (NAT) networking through a libvirt-managed bridge called virbr0. You can use a bridged interface to get your guest box to appear as another host on the same network as the hypervisor. This app is designed to help you configure a bridged network interface for KVM using Red Hat Enterprise Linux 5.4 or later. You will have two options: 1.Download an all-in-one script...
    Posted 2014-07-29T02:54:23+00:00 - 1
  • Towards efficient security code audits

    Conducting a code review is often a daunting task, especially when the goal is to find security flaws. They can, and usually are, hidden in all parts and levels of the application - from the lowest level coding errors, through unsafe coding constructs, misuse of APIs, to the overall architecture of the application. Size and quality of the codebase, quality of (hopefully) existing documentation and time restrictions are the main complications of the review. It is therefore useful to have a plan...
    Posted 2014-07-16T13:30:44+00:00 - 0
  • Explore certified partner solutions with the new Red Hat Certification Catalog

    Today, we are excited to announce the addition of a new Red Hat Certification Catalog to the numerous resources within the Customer Portal. Red Hat collaborates with hundreds of companies that develop hardware, devices, plug-ins, software applications, and services that are tested, supported, and certified to run on Red Hat technologies. Empowered with the new Red Hat Certification Catalog, you can explore a wide variety of partner solutions to: Ensure your Red Hat solution is running on...
    Posted 2014-07-14T21:00:01+00:00 - 2
  • Red Hat Customer Portal Wins Association of Support Professionals Award

    We're excited to announce that for the fourth consecutive year, the Red Hat Customer Portal has been named one of the industry’s "Ten Best Web Support Sites” by the Association of Support Professionals (ASP). ASP is an international membership organization for customer support managers and professionals. The "Ten Best Web Support Sites" competition is an awards program that showcases excellence in online service and support, and this year we were honored alongside other technology industry...
    Posted 2014-07-14T19:21:28+00:00 - 2
  • Network Bonding Helper

    We're proud to introduce a new Red Hat Access Labs app: Network Bonding Helper. Red Hat Enterprise Linux allows administrators to bind network interface controllers (NICs) together into a single channel using the bonding kernel module and a special network interface known as a bonding (or channel bonding) interface. Bonding enables two or more network interfaces to act as one, simultaneously increasing the bandwidth and providing redundancy. This app is designed to help you configure bonding....
    Posted 2014-07-04T01:44:49+00:00 - 0
  • It's all a question of time - AES timing attacks on OpenSSL

    This blog post is co-authored with Andy Polyakov from the OpenSSL core team. Advanced Encryption Standard (AES) is the mostly widely used symmetric block cipher today. Its use is mandatory in several US government and industry applications. Among the commercial standards AES is a part of SSL/TLS, IPSec, 802.11i, SSH and numerous other security products used throughout the world. Ever since the inclusion of AES as a federal standard via FIPS PUB 197 and even before that when it was known as...
    Posted 2014-07-02T13:30:15+00:00 - 0
  • Red Hat Enterprise Virtualization (RHEV) Upgrade Helper

    We're proud to introduce a new Red Hat Access Labs app: RHEV Upgrade Helper. This app is designed to help you upgrade RHEV to a later version. All you need to provide is information about your upgrade path. We will not only present you the steps to upgrade RHEV, but we'll also give you some extra steps that will prevent known issues specific to your upgrade scenario. This app supports the following upgrade paths: 2.x to 3.1 3.1 to 3.2 3.2 to 3.3 3.3 to 3.4 The app will ask you a few general...
    Posted 2014-06-23T03:14:03+00:00 - 0
  • Kernel Oops Analyzer

    We're proud to introduce a new Red Hat Access Labs app: Kernel Oops Analyzer. This tool is designed to help you diagnose a kernel crash. When you input a text or a file including one or more kernel oops messages, we will walk you through diagnosing the kernel crash issue. To use this app, copy and paste a text or choose a file including kernel oop messages and click the Detect button. All kernel messages will be extracted and shown on the right side of the page. If only one kernel oops message...
    Posted 2014-06-20T07:50:34+00:00 - 2
  • OpenSSL Privilege Separation Analysis

    As part of the security response process, Red Hat Product Security looks at the information that we obtain in order to align future endeavors, such as source code auditing, to where problems occur in order to attempt to prevent repeats of previous issues. Private key isolation When Heartbleed was first announced, a patch was proposed to store private keys in isolated memory, surrounded by an unreadable page. The idea was that the process would crash due to a segmentation violation before the...
    Posted 2014-06-18T13:30:11+00:00 - 0
  • LVM RAID Calculator

    We're proud to introduce a new Red Hat Access Labs app: LVM RAID Calculator. To create Logical Volume Manager (LVM) on RAID, you usually need to execute several commands and carefully provide parameters for each. A subtle error in a command parameter might cause the execution to fail or affect the performance of your LVM. This app is designed to walk you though creating LVM on RAID by dividing the creation procedure into a few steps and generating all necessary commands with appropriate...
    Posted 2014-06-12T06:11:58+00:00 - 2
  • Red Hat Enterprise Linux 7 is here: new improvements to downloads, product page, and documentation

    With the upcoming release of Red Hat Enterprise Linux 7 on Tuesday June 10th, we've improved several things for our customers to provide the best experience yet. Two new ways to download a product- A product page download section, and a revamped downloads area: A refined getting started guide, using icons to help prep and set expectations for a basic deployment of RHEL 7 Curated content for user tasks to help customers accomplish their most important tasks A redesigned look and feel to the docs...
    Posted 2014-06-09T20:33:19+00:00 - 1
  • Log Analyzer moves to React

    The latest release of Log Analyzer on June 3rd includes a major internal rewrite to the React library by Facebook. The rewrite to React opened up a great deal interaction between UI components that wasn't previously elegant to implement. Let's take a look at some of the more significant changes. Main Log Analyzer page Now when you navigate to Log Analyzer there is a Quick Start section and a demo video VDSM (Virtualized Server and Desktop Management) - NEW! Log Analyzer now supports VDSM...
    Posted 2014-06-05T13:03:40+00:00 - 0
  • OpenSSL MITM CCS injection attack (CVE-2014-0224)

    In the last few years, several serious security issues have been discovered in various cryptographic libraries. Though very few of them were actually exploited in the wild before details were made public and patches were shipped, important issues like Heartbleed have led developers, researchers, and users to take code sanity of these products seriously. Among the recent issues fixed by the OpenSSL project in version 1.0.1h, the main one that will have everyone talking is the "Man-in-the-middle...
    Posted 2014-06-05T12:29:11+00:00 - 3
  • Introducing comments for documentation

    We're excited to announce the new ability to comment on new documentation within the Customer Portal. This is live and available today and we'll begin to roll this out for future documentation releases as well. For an example see the Red Hat Enterprise Linux 7 Release Notes. Several months ago we introduced a survey for our documentation to gather feedback from the people who use it the most. With this most recent release we wanted to take that a step further, as we felt it was really...
    Posted 2014-05-27T16:59:17+00:00 - 0

Pages

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.