Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] Red Hat Release Security Report for RHEL4

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Risk report: Four years of Red Hat Enterprise Linux 4

,----[ Quote ]
| Red Hat® Enterprise Linux® 4 was released on February 15th, 2005. This report 
| takes a look at the state of security for the first four years from release. 
| We look at key metrics, specific vulnerabilities, and the most common ways 
| users were affected by security issues. We will show some best practices that 
| could have been used to minimise the impact of the issues, and also take a 
| look at how the included security innovations helped.      
`----

http://magazine.redhat.com/2009/03/10/risk-report-four-years-of-red-hat-enterprise-linux-4/


Recent:

Has security become a non-issue for enterprise Open Source?

,----[ Quote ]
| A two-year-old piece of Open Source code is likely to have far fewer security
| flaws than proprietary code, according to security expert Bruce Schneier.
|
| Now, at a time when Open Source is gaining momentum in Australia, Schneier’s
| perspective could contribute to increased uptake in the enterprise, education
| and government sectors.
|
| The recent Australian Open Source Industry & Community Report portrayed
| a ‘very strong’, ‘rapidly growing’ local market for Open Source in both
| private and public sectors.
`----

http://www.itnews.com.au/Feature/4872,has-security-become-a-nonissue-for-enterprise-open-source.aspx


Is visibility the key open source value?

,----[ Quote ]
| In past discussions about open source values I’ve gone on about many subjects
| which struck some as political.
|
| But is the key open source value something simpler and more basic?
|
| Like the mere visibility of the code?
|
| Code visibility is the first thing that distinguishes open source from other
| types of software.
`----

http://blogs.zdnet.com/open-source/?p=2812


Open source good for security

,----[ Quote ]
| Jacobson recommends that before implementing any application, including a
| security product, users should check the “pedigree” of the product.
|
| This would include determining whether any vulnerabilities or flaws had been
| detected in the product; and how well or quickly the vendor had responded to
| these reports. Most of this information is to be found on websites like
| www.securityfocus.com, a vendor-neutral site that provides objective, timely
| and comprehensive security information to all members of the global IT
| security community.
|
| “The SecurityFocus Vulnerability Database, for example, delivers an
| invaluable service by providing security professionals with the most
| up-to-date information on vulnerabilities for all platforms and services.
| Another SecurityFocus service is BugTraq, a high volume, full disclosure
| mailing list for the detailed discussion and announcement of computer
| security vulnerabilities. BugTraq is, without doubt, the cornerstone of the
| Internet-wide security community,” he adds.
`----

http://www.tectonic.co.za/?p=2780


Study Says Linux More Secure

,----[ Quote ]
| More than 70 percent people surveyed said they found Red Hat Linux less
| vulnerable to security issues than Microsoft's operating system.
`----

http://www.techtree.com/India/News/Study_Says_Linux_More_Secure/551-88850-580.html


Study: 70 percent say Red Hat more secure than Windows

http://arstechnica.com/news.ars/post/20080425-study-70-percent-say-red-hat-more-secure-than-windows.html


SELinux and Security changes in the 2.6.27 Kernel

,----[ Quote ]
| # SELinux deferred mapping of filesystem contexts
| This patch by Stephen Smalley addresses the case where "alien" SELinux
| security labels need to be written to the local filesystem, for example, in
| the case of building RPMs where the local policy is different to the policy
| on the system where the RPM is to be installed. This will help with enabling
| SELinux on build systems (e.g. in the Fedora infrastructure) and more
| generally with packagers and ISVs shipping third party policy with RPMS.
`----

http://james-morris.livejournal.com/35287.html


Ubuntu gets SELinux

,----[ Quote ]
| It's official: SELinux is now available in the Ubuntu development ("Hardy
| Heron") distribution. "This is the result of the amazing work of the
| ubuntu-security and ubuntu-hardened teams, as well as the huge contributions
| from the folks at Tresys. (note: SELinux will not be the default, but is
| available as a security option.)" Installing it is a simple apt operation.
`----

http://lwn.net/Articles/273992/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkm4dWkACgkQU4xAY3RXLo5SJQCbB5GQwqF8IOLYy0MgafVvaxoB
bKIAnRx1dMhlGaNSNAPrblS2COVdJq1f
=07K6
-----END PGP SIGNATURE-----

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index