Archives For Security

OpenSSH currently has a bug that will help would-be attackers figure out actual account names on your system by timing how long the server responds to incorrect logins.

You can read the full info on Linux Forum.


There have been updates to the nss, nss-util and nspr packages to address moderate security flaws (CVE-2016-1978, CVE-2016-1979). The new packages are syncing through the various mirrors currently.
Continue Reading…


Back in June of 2015, CVE-2015-1805 a kernel patch was released to implement a fix for vectored pipe read and write functionality which could potentially result in memory corruption. A local, unprivileged user could use the flaw in an unpatched kernel to crash the system or escalate their privileges on the system.
Continue Reading…


On March 21st, the openssh package was updated to patch two moderate vulnerabilities; CVE-2015-5600 and CVE-2016-3115.
Continue Reading…

If you’re running a nameserver using BIND, you likely want to update before someone zeros in on you causing named to crash.
Continue Reading…