Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Debian GNU is Not Unix Open Source Red Hat Software Security Ubuntu Linux IT

Not Just Apple: GnuTLS Bug Means Security Flaw For Major Linux Distros 144

Posted by timothy
from the holes-to-plug dept.
According to an article at Ars Technica, a major security bug faces Linux users, akin to the one recently found in Apple's iOS (and which Apple has since fixed). Says the article:"The bug is the result of commands in a section of the GnuTLS code that verify the authenticity of TLS certificates, which are often known simply as X509 certificates. The coding error, which may have been present in the code since 2005, causes critical verification checks to be terminated, drawing ironic parallels to the extremely critical 'goto fail' flaw that for months put users of Apple's iOS and OS X operating systems at risk of surreptitious eavesdropping attacks. Apple developers have since patched the bug." And while Apple can readily fix a bug in its own software, at least for users who keep up on patches, "Linux" refers to a broad range of systems and vendors, rather than a single company, and the affected systems include some of the biggest names in the Linux world, like Red Hat, Debian, and Ubuntu.
This discussion has been archived. No new comments can be posted.

Not Just Apple: GnuTLS Bug Means Security Flaw For Major Linux Distros

Comments Filter:

"Bureaucracy is the enemy of innovation." -- Mark Shepherd, former President and CEO of Texas Instruments

Working...