GnuTLS Bug Part 3: You Always Need to Patch New Cloud Servers
Mar 24,
2014
Or at least you have no way of really knowing that you don’t need a patch until you check this particular server very carefully. Last week and the week before I warned you about the GnuTLS bug. By now you must have all your in-house systems patched, right? Right? Amazon Web Service’s EC2 provides you […]
GnuTLS Bug Part 2: What Components Were At Risk?
Mar 17,
2014
A week ago I warned you about the GnuTLS bug. You have patched your systems, right? This is big, and it’s hard to say just how big it really is. A lot of network clients and servers need to use SSL/TLS, but they can call on libraries from various sources. They might be compiled in […]
GnuTLS Bug Puts Network Communications at Risk
Mar 10,
2014
A week ago Apple reported the goto fail bug, a logical coding error in the Mac OS X and iOS implementations of a TLS shared library. Yes, it really happened at a goto statement jumping execution to a code block handling failure. This week the open-source community had egg on its crowd-sourced face as we […]