Friday, June 5th, 2015

Time	Event
2:41p	Security updates for Friday Arch Linux has updated pcre (code execution). CentOS has updated openssl (C7; C6: cipher downgrade). Fedora has updated batik (F22; F21; F20: information leak), netty (F21: httpOnly cookie bypass), and pcs (F22; F21; F20: two vulnerabilities). openSUSE has updated e2fsprogs (13.2; 13.1: two vulnerabilities) and fuse (13.1: privilege escalation). Oracle has updated openssl (OL7; OL6: cipher downgrade). Red Hat has updated openssl (RHEL6&7: cipher downgrade). (Comment on this)
10:41p	Let's Encrypt Root and Intermediate Certificates The Let's Encrypt project has announced that it has created the root and intermediate keys and certificates it will use to sign certificates. Let's Encrypt is the no-cost certificate authority announced by the Electronic Frontier Foundation (EFF) back in November. In April, the Linux Foundation announced that it would be hosting the project. "The keys and certificates that will underlie Let’s Encrypt have been generated. This was done during a key ceremony at a secure facility today." The intermediate certificates will be cross-signed by IdenTrust so that they will be accepted by browsers before the Let's Encrypt root certificate has been propagated. A bit more news from the blog post: "In the next few weeks, we’ll be saying some more about our plans for going live." (Comment on this)

<< Previous Day

2015/06/05 [Calendar]

Next Day >>