Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
79
encryptionOpenSSLencryption methodOpenSSL 3.2 Introduces TCP Fast Open Along with Argon2 KDF Support
The open source project OpenSSL has released version 3.2, which includes support for TCP Fast Open on Linux, new Argon2 password hashing algorithm, and other improvements. . The release announcement details the changes in the new version: "This release is a snapshot of the code base at the time of its release. This means it is intended to be a stable release, suitable for deployment in production environments. The next major release will be v3.3 in October 2016." The most important changes are: Support for more than 1 billion keys in memory (the previous limit was around 32K); New Argon2 password hashing algorithm; - Updates to ChaCha20 and Poly1305 ciphers; A new X25519-based Diffie-Hellman key exchange method; An experimental port to Windows XP and Windows 2003 platforms; Support for IPv6 over IPsec SAD payloads (RFC 7296); New functions for dtls1_listen(). The link for this article located at 9 to 5 Linux is no longer available. . OpenSSL 3.2 introduces capabilities for TCP Fast Open, Argon2 password hashing, and sophisticated cryptographic methods to bolster security.. OpenSSL 3.2, TCP Fast Open, Argon2 KDF, encryption methods, secure applications. . LinuxSecurity.com Team
Nov 27, 2023
•
Security Projects
215
hardware supportsystem enhancementsrelease announcementLinux Mint 21.1 Release Announcement With Hardware Enhancements
The new version will land around the 2022 holiday season with improved hardware support and USB stick creation. . Linux Mint users received a very early Christmas present in September 2022 when it was announced that Linux Mint 21.1, codenamed "Vera," would arrive around the 2022 holiday season. Linux Mint, a customized Ubuntu version will come with a raft of new features when it launches around Christmas 2022, according to a Linux Mint newsletter by team leader Clement Lefebvre. Lefebvre thanked the developers and donors to the project. It's not clear exactly which version 21.1 will be based on, but given that this is a point release, it will likely be based on Ubuntu 22.04 "Jammy Jellyfish" released earlier in 2022, since the existing Linux Mint 21 is based on that version. . Linux Mint 21.2 is set to deliver upgraded system compatibility and refined tools for creating bootable USB drives, as part of its holiday launch.. Linux Mint 21.1, Hardware Support Enhancements, USB Creation Improvements. . Brittany Day
Oct 09, 2022
•
Desktop Security
79
open source securityrelease announcementipv6 supportOSSEC 2.6 Release With IPV6 Support and Enhanced Key Management Tools
The OSSEC team is pleased to announce the general availability of v2.6. This version includes support for IPV6, a new tool for key management of . Major kudos for this release go to Dan Patriot (ddpbsd). Dan is the most active person helping OSSEC users today on the mailing list and IRC. He also seems to find time to write documentation, which The link for this article located at Immutable Security is no longer available. . OSSEC v2.6 rolls out enhanced features with IPV6 compatibility and robust key management utilities, bolstering the security measures for its users.. OSSEC, IPV6 Support, Key Management, Open Source Security. . LinuxSecurity.com Team
Jul 21, 2011
•
Security Projects
78
security advisorynetwork functionalitysystem improvementsOpenBSD 3.6 Release: Major Enhancements in System Functionality
We are pleased to announce the official release of OpenBSD 3.6. This is our 16th release on CD-ROM (and 17th via FTP). We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install. As in our previous releases, 3.6 provides significant improvements, including new features, in nearly all areas of the system: . . .. We are pleased to announce the official release of OpenBSD 3.6. This is our 16th release on CD-ROM (and 17th via FTP). We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install. As in our previous releases, 3.6 provides significant improvements, including new features, in nearly all areas of the system: - New platform: o OpenBSD/luna88k Expanding the mvme88k porting effort by supporting Omron's line of 88100-based workstations. - SMP support on OpenBSD/i386 and OpenBSD/amd64 platforms. - New functionality: o A cleaned up DHCP server and client implementation, now featuring privilege separation and safe defaults. o A new NTP daemon written from scratch, which ought to fit the needs of most NTP users. o pfctl(8) now provides a rules optimizer to help improve filtering speed. o The packet filter, pf(4), now supports nested anchors. o tcpdrop(8), a command to drop TCP connections. o The NMBCLUSTERS option has been eliminated, replaced by a sysctl with higher default values on many platforms. o Added support for cksum (three flavours), md4, sha256, sha384 and sha512 to the md5(1) command. o Memory file systems created by the mount_mfs(8) command now can be populated immediately after creation. o New hotplugd(8) daemon and hotplug(4) device that watch for newly attached devices. o isakmpd(8) now supports NAT-traversal and Dead Peer Detection (RFC 3706). . We are excited to present the launch of OpenBSD 3.6, highlighting major enhancements and innovative functionalities.. OpenBSD Release,System Improvements,Network Functionalities. . LinuxSecurity.com Team
Nov 01, 2004
•
Vendors/Products
79
software releasesecurity enhancementsystem updateOpenBSD 3.4 Release Announcement: Major Enhancements and Features
We are pleased to announce the official release of OpenBSD 3.4. This is our 14th release on CD-ROM (and 15th via FTP). We remain proud of OpenBSD's record of seven years with only a single remote hole in the default install. As in our previous releases, 3.4 provides significant improvements, including new features, in nearly all areas of the system.. . .. We are pleased to announce the official release of OpenBSD 3.4. This is our 14th release on CD-ROM (and 15th via FTP). We remain proud of OpenBSD's record of seven years with only a single remote hole in the default install. As in our previous releases, 3.4 provides significant improvements, including new features, in nearly all areas of the system. From : Ted Unangst To : announce-AT-openbsd.org Subject : OpenBSD 3.4 Released Date : Thu, 30 Oct 2003 18:22:32 -0500 (EST) We just couldn't wait another 2 days, so now you can enjoy OpenBSD 3.4 a little early and protect yourself from ghosts and goblins. ------------------------------------------------------------------------ - OpenBSD 3.4 RELEASED ------------------------------------------------- Nov 1, 2003. We are pleased to announce the official release of OpenBSD 3.4. This is our 14th release on CD-ROM (and 15th via FTP). We remain proud of OpenBSD's record of seven years with only a single remote hole in the default install. As in our previous releases, 3.4 provides significant improvements, including new features, in nearly all areas of the system: - Ever-improving security ( OpenBSD: Security ) o W^X (pronounced: "W xor X") improvements, especially on the i386 architecture. Native i386 binaries have their executable segments rearranged to support isolating code from data, and the cpu CS limit is used to impose a best effort limit on code execution. o ld.so on ELF platforms now loads libraries in a randomized order. Furthermore, on the i386 architecture, libraries and executable code are mapped at randomaddresses. Together with W^X and ProPolice, these changes increase the difficulty of successfully exploiting an application error. o A static bounds checker has been added to the system compiler, designed to detect improper use of string and buffer manipulation functions. Through use of this checker, hundreds of bugs of in the source and ports trees were found and fixed. o Privilege separation has been implemented for the syslog daemon, making it much more robust against future errors. The child which listens to network traffic now runs as a normal user and chroots itself, while the parent process tracks the state of the child and performs privileged operations on its behalf. o Thousands of occurrences of unsafe library calls such as strcpy(), strcat() and sprintf() have been changed to the safer alternatives strlcpy(), strlcat(), and snprintf() or asprintf() in one of the most intensive audits yet performed by the OpenBSD project. The kernel is now completely free of these functions, as is most of the userland source tree. o Many improvements and bug fixes in the ProPolice stack protector. Several other code generation bugs for RISC architectures were also found and fixed. o The kernel is now also compiled with the ProPolice stack protector. o Privilege separation has been implemented in the X server. The privileged child process is responsible for the operations that cannot be done after the main process has switched to a non-privileged user. This greatly reduces the potential damage that could be caused by malicious X clients, in case of bugs in the X server. o Emulation support for binary compatibility is now controlled via sysctl. Emulation is now disabled by default to limit exposure to malicious binaries, and can be enabled in sysctl.conf(5). o The ports tree now supports building programs with systrace(1), reducing the risk of harm at compile time via trojaned configure scripts. -Improved hardware support ( OpenBSD: Platforms ) o Support for AES instruction on just released VIA C3 processors, capable of 1.6Gbit/s AES128-CBC in openssl(1) speed tests. o Kauai ATA controllers (Apple ATA100 wdc) enabling support for Powerbook 12" and 17" models. o Support for controlling LongRun registers on Transmeta CPUs. o Many fixes to aac(4), ahc(4), osiop(4), siop(4) SCSI drivers. o New it(4), lm(4) and viaenv(4) hardware monitor drivers. o New safe(4) driver for SafeNet crypto accelerators. o New mtd(4) driver for Myson Technologies network cards. o More ethernet cards supported by sk(4), wi(4), fxp(4), and dc(4). o Massive overhaul and sync with NetBSD of the entire usb(4) system. o New and better support for various controllers in pciide(4), including experimental support for Serial ATA controllers. o New drivers to support mgx(4) and pninek(4) SPARC framebuffers. The vigra(4) driver also supports more models. o pcmcia(4) support for Tadpole SPARCBooks and SPARCs with pcmcia-sbus bridges. - Major improvements in the pf packet filter, including: o Packet tagging (e.g. filter on tags added by bridge based on MAC address) o Stateful TCP normalization (prevent uptime calculation and NAT detection) o Passive OS detection (filter or redirect connections based on source OS) o SYN proxy (protect servers against SYN flood attacks) o Adaptive state timeouts (prevent state table overflows under attack) - New features and significant bug-fixes included with 3.4 o Symbol caching in ld.so reducing the start up time of large applications. o More licenses fixes, including the removal of the advertising clause for large parts of the source tree. o Replacement of GNU diff/diff3, grep/egrep/fgrep/zgrep/zegrep/zfgrep, and gzip/zcat/gunzip/gzcat/zcmp/zmore/zdiff/zforce/gzexe/znew with BSD licensed equivalents. o Addition of read-only support for NTFS file systems. o Reliability improvements to layeredfile systems, enabling NULLFS to work again. o Import of growfs(8) utility, allowing expansion of existing file systems. o Improvements to the Linux emulator enabling more applications to run with greater stability. o Significant improvements to the pthread library. o Replace many static fd_set uses, to instead use poll(2) or dynamic allocation. o ANSIfication and stricter prototypes for a large portion of the source tree. o Legacy KerberosIV support has been removed, and the remaining KerberosV codebase has been restructured for easier management. o USER_LDT option now controllable via sysctl. o Many, many man page improvements. - The "ports" tree is greatly improved ( ) o The 3.4 CD-ROMs ship with many pre-built packages for the common architectures. The FTP site contains hundreds more packages (for the important architectures) which we could not fit onto the CD-ROMs (or which had prohibitive licenses). - The system includes the following major components from outside suppliers: o XFree86 4.3.0 (+ patches). o gcc 2.95.3 (+ patches and ProPolice). o Perl 5.8.0 (+ patches). o Apache 1.3.28 and mod_ssl 2.8.15, DSO support (+ patches). o OpenSSL 0.9.7b (+ patches). o Groff 1.15. o Sendmail 8.12.9. o Bind 9.2.2 (+ patches). o Lynx 2.8.4rel.1 with HTTPS and IPv6 support (+ patches) o Sudo 1.6.7p5. o Ncurses 5.2. o KAME-stable IPv6. o Heimdal 0.6rc1 (+ patches) o Arla-current o OpenSSH 3.7.1 If you'd like to see a list of what has changed between OpenBSD 3.3 and 3.4, look at OpenBSD 3.4 Changelog Even though the list is a summary of the most important changes made to OpenBSD, it still is a very very long list. ------------------------------------------------------------------------ - SECURITY AND ERRATA -------------------------------------------------- We provide patches for known security threats and other important issues discovered after each CD release. As usual, between the creation of theOpenBSD 3.4 FTP/CD-ROM binaries and the actual 3.4 release date, our team found and fixed some new reliability problems (note: most are minor, and in subsystems that are not enabled by default). Our continued research into security means we will find new security problems -- and we always provide patches as soon as possible. Therefore, we advise regular visits to OpenBSD: Security and OpenBSD: Errata and Patches Security patch announcements are sent to the security-announce-AT-OpenBSD.org mailing list. For information on OpenBSD mailing lists, please see: OpenBSD: Mailing Lists ------------------------------------------------------------------------ - CD-ROM SALES ---------------------------------------------------------- OpenBSD 3.4 is also available on CD-ROM. The 3-CD set costs $40USD (EUR 45) and is available via mail order and from a number of contacts around the world. The set includes a colorful booklet which carefully explains the installation of OpenBSD. A new set of cute little stickers are also included (sorry, but our FTP mirror sites do not support STP, the Sticker Transfer Protocol). As an added bonus, the second CD contains an exclusive audio track, "The Legend of Puffy Hood." Lyrics for the song may be found at: OpenBSD: Release Songs Profits from CD sales are the primary income source for the OpenBSD project -- in essence selling these CD-ROM units ensures that OpenBSD will continue to make another release six months from now. The OpenBSD 3.4 CD-ROMs are bootable on the following four platforms: o i386 o macppc o sparc o sparc64 (UltraSPARC) (Other platforms must boot from floppy, network, or other method). For more information on ordering CD-ROMs, see: The above web page lists a number of places where OpenBSD CD-ROMs can be purchased from. For our default mail order, go directly to: or, for European orders: .eu All of our developers strongly urge you to buy a CD-ROM and support our future efforts. Additionally,donations to the project are highly appreciated, as described in more detail at: OpenBSD: Project Goals ------------------------------------------------------------------------ - T-SHIRT SALES -------------------------------------------------------- The project continues to expand its funding base by selling t-shirts and polo shirts. And our users like them too. We have a variety of shirts available, with the new and old designs, from our web ordering system at: and for Europe: .eu The OpenBSD 3.4 and OpenSSH t-shirts are available now! ------------------------------------------------------------------------ - FTP INSTALLS --------------------------------------------------------- If you choose not to buy an OpenBSD CD-ROM, OpenBSD can be easily installed via FTP. Typically you need a single small piece of boot media (e.g., a boot floppy) and then the rest of the files can be installed from a number of locations, including directly off the Internet. Follow this simple set of instructions to ensure that you find all of the documentation you will need while performing an install via FTP. With the CD-ROMs, the necessary documentation is easier to find. 1) Read either of the following two files for a list of ftp mirrors which provide OpenBSD, then choose one near you: OpenBSD: Mirrors As of Nov 1, 2003, the following ftp sites have the 3.4 release: Alberta, Canada (above is master site, please USE A MIRROR below) Boulder, CO, USA West Lafayette, IN, USA Sydney, Australia Lovendegem, Belgium Amsterdam, Netherlands Stockholm, Sweden Turkey Other mirrors will take a day or two to update. 2) Connect to that ftp mirror site and go into the directory pub/OpenBSD/3.4/ which contains these files and directories. This is a list of what you will see: ANNOUNCEMENT XF4.tar.gz mac68k/ sparc/ Changelogs/ alpha/ macppc/ sparc64/ HARDWARE ftplist mvme68k/ src.tar.gz PACKAGES hp300/ packages/ sys.tar.gz PORTS hppa/ ports.tar.gz tools/ README i386/ root.mail vax/ It is quite likely that you will want at LEAST the following files which apply to all the architectures OpenBSD supports. README - generic README HARDWARE - list of hardware we support PORTS - description of our "ports" tree PACKAGES - description of pre-compiled packages root.mail - a copy of root's mail at initial login. (This is really worthwhile reading). 3) Read the README file. It is short, and a quick read will make sure you understand what else you need to fetch. 4) Next, go into the directory that applies to your architecture, for example, i386. This is a list of what you will see: CKSUM INSTALL.os2br cdrom34.fs index.txt INSTALL.ata INSTALL.pt comp34.tgz man34.tgz INSTALL.chs MD5 etc34.tgz misc34.tgz INSTALL.dbr base34.tgz floppy34.fs xbase34.tgz INSTALL.i386 bsd floppyB34.fs xfont34.tgz INSTALL.linux bsd.rd floppyC34.fs xserv34.tgz INSTALL.mbr cd34.iso game34.tgz xshare34.tgz If you are new to OpenBSD, fetch _at least_ the file INSTALL.i386 and the appropriate floppy*.fs or cd34.iso file. Consult the INSTALL.i386 file if you don't know which of the floppy images you need (or simply fetch all of them). 5) If you are an expert, follow the instructions in the file called README; otherwise, use the more complete instructions in the file called INSTALL.i386. INSTALL.i386 may tell you that you need to fetch other files. 6) Just in case, take a peek at: OpenBSD: Errata and Patches This is the page where we talk about the mistakes we made while creating the 3.4 release, or the significant bugs we fixed post-release which we think our users should have fixes for. Patches and workarounds are clearly describedthere. Note: If you end up needing to write a raw floppy using Windows, you can use "fdimage.exe" located in the pub/OpenBSD/3.4/tools directory to do so. ------------------------------------------------------------------------ - XFree86 FOR MOST ARCHITECTURES --------------------------------------- XFree86 has been integrated more closely into the system. This release contains XFree86 4.3.0. Most of our architectures ship with XFree86, including sparc, sparc64 and macppc. During installation, you can install XFree86 quite easily. Be sure to try out xdm(1) and see how we have customized it for OpenBSD. On the i386 platform a few older X servers are included from XFree86 3.3.6. These can be used for cards that are not supported by XFree86 4.3.0 or where XFree86 4.3.0 support is buggy. Please read the /usr/X11R6/README file for post-installation information. ------------------------------------------------------------------------ - PORTS TREE ----------------------------------------------------------- The OpenBSD ports tree contains automated instructions for building third party software. The software has been verified to build and run on the various OpenBSD architectures. The 3.4 ports collection, including many of the distribution files, is included on the 3-CD set. Please see the PORTS file for more information. Note: some of the most popular ports, e.g., the Apache web server and several X applications, come standard with OpenBSD. Also, many popular ports have been pre-compiled for those who do not desire to build their own binaries (see BINARY PACKAGES, below). ------------------------------------------------------------------------ - BINARY PACKAGES WE PROVIDE ------------------------------------------- A large number of binary packages are provided. Please see the PACKAGES file ( ) for more details. ------------------------------------------------------------------------ - SYSTEM SOURCE CODE --------------------------------------------------- The CD-ROMs contain sourcecode for all the subsystems explained above, and the README ( ) file explains how to deal with these source files. For those who are doing an FTP install, the source code for all four subsystems can be found in the pub/OpenBSD/3.4/ directory: XF4.tar.gz ports.tar.gz src.tar.gz sys.tar.gz ------------------------------------------------------------------------ - THANKS --------------------------------------------------------------- OpenBSD 3.4 includes artwork and CD artistic layout by Ty Semaka, who also wrote the lyrics and arranged an audio track on the OpenBSD 3.4 CD set. Ports tree and package building by Christian Weisgerber and Peter Valchev. System builds by Theo de Raadt, Henning Brauer, and Michael Shalayeff. ISO-9660 filesystem layout by Theo de Raadt. We would like to thank all of the people who sent in bug reports, bug fixes, donation cheques, and hardware that we use. We would also like to thank those who pre-ordered the 3.4 CD-ROM or bought our previous CD-ROMs. Those who did not support us financially have still helped us with our goal of improving the quality of the software. Our developers are: Aaron Campbell, Alexander Yurchenko, Andreas Gunnarsson, Angelos D. Keromytis, Anil Madhavapeddy, Artur Grabowski, Ben Lindstrom, Bjorn Sandell, Bob Beck, Brad Smith, Brandon Creighton, Brian Caswell, Brian Somers, Bruno Rohee, Camiel Dobbelaar, Can Erkin Acar, Cedric Berger, Chad Loder, Chris Cappuccio, Christian Weisgerber, Constantine Sapuntzakis, Dale Rahn, Damien Couderc, Damien Miller, Dan Harnett, Daniel Hartmeier, David B Terrell, David Krause, David Lebel, David Leonard, Dug Song, Eric Jackson, Federico G. Schwindt, Grigoriy Orlov, Hakan Olsson, Hans Insulander, Heikki Korpela, Henning Brauer, Henric Jungheim, Hiroaki Etoh, Horacio Menezo Ganau, Hugh Graham, Ian Darwin, Jakob Schlyter, Jan-Uwe Finck, Jason Ish, Jason McIntyre, Jason Peel, Jason Wright, Jean-Baptiste Marchand, Jean-Francois Brousseau, Jean-Jacques Bernard-Gundol, Jim Rees, Jolan Luff, Jose Nazario, Joshua Stein, Jun-ichiro itojun Hagino, Kenjiro Cho, Kenneth R Westerback, Kevin Lo, Kevin Steves, Kjell Wooding, Louis Bertrand, Magnus Holmberg, Marc Espie, Marc Matteo, Marco S Hyman, Marcus Watts, Margarida Sequeira, Mark Grimes, Markus Friedl, Mats O Jansson, Matt Behrens, Matt Smart, Matthew Jacob, Matthieu Herrb, Michael Shalayeff, Michael T. Stolarchuk, Mike Frantzen, Mike Pechkin, Miod Vallat, Nathan Binkert, Nick Holland, Niels Provos, Niklas Hallqvist, Nikolay Sturm, Nils Nordman, Oleg Safiullin, Otto Moerbeek, Paul Janzen, Peter Galbavy, Peter Stromberg, Peter Valchev, Philipp Buehler, Reinhard J. Sammer, Rich Cannings, Ryan Thomas McBride, Shell Hin-lik Hung, Steve Murphree, Ted Unangst, Theo de Raadt, Thierry Deval, Thomas Nordin, Thorsten Lockert, Tobias Weingartner, Todd C. Miller, Todd T. Fries, Vincent Labrecque, Wilbern Cobb, Wim Vandeputte. . OpenBSD 3.4 has officially launched, showcasing improvements in security features, performance boosts, and expanded hardware compatibility to ensure enhanced stability.. OpenBSD 3.4, Security Features, Packet Filter Improvements, Hardware Compatibility, System Update. . LinuxSecurity.com Team
Oct 31, 2003
•
Security Projects
78
security advisorysecurity toolsOpenwall GNU/LinuxOpenwall GNU/Linux 1.0 Release: Security Tools and Features
For those who don't know yet, Openwall GNU/*/Linux (or Owl) is a security-enhanced operating system with Linux and GNU software as its core, intended as a server platform. And, of course, it's free. More detailed information is available on the web site. . .. For those who don't know yet, Openwall GNU/*/Linux (or Owl) is a security-enhanced operating system with Linux and GNU software as its core, intended as a server platform. And, of course, it's free. More detailed information is available on the web site : Openwall GNU/*/Linux (Owl) - a security-enhanced server platform After over a year of development and many public Owl-current snapshots, we're pleased to announce that Owl 1.0 is finally out. The major changes made since 0.1-prerelease are documented: Openwall GNU/*/Linux (Owl) - changes made between 0.1-prerelease and 1.0 The release may be freely downloaded from our FTP mirrors or ordered on a CD. Of course, we prefer the latter, but it's your choice. Similarly, you may choose to pay just what it costs to get the CD to you, or you may also support our project. CDs (and ISO-9660 images available via the FTP mirrors) are bootable on x86 and include a live system and x86 binary packages, as well as full source code which may be rebuilt with one simple command ("make buildworld"). Security tools such as John the Ripper are usable right off the CD, without requiring a hard disk -- this way Owl may also be considered an alternative to Trinux. Currently available via the FTP mirrors only are the Owl 1.0 binary packages for SPARC and Alpha architectures. PGP-signed mtree(8) specifications for all of the above are available via FTP and in the root directory of Owl CDs (such that you don't even have to blindly trust CDs arriving via mail). The 0.1-stable branch is now officially unsupported, in favor of the 1.0 release and its corresponding stable branch. The change logs for 0.1-stable (which include security fix information) are no longer on the web site, however 0.1-stable is still availableon the FTP mirrors (for reference only) and will of course remain available via anoncvs. Owl 1.0-stable already exists in the CVS (in fact, it's been started prior to the 1.0 release this time) and will also be made available via FTP once the need arises (that is, a critical post-release fix is applied). Development will continue primarily in Owl-current, although we might make another release based on 1.0-stable as well. -- /sd From : Solar Designer To :
Oct 16, 2002
•
Vendors/Products
67
software updateopensslcompatibilityOpenSSL 0.9.7 Release Announcement: Enhancements And Transition Steps
The OpenSSL developers team is pleased to announce the upcoming release of OpenSSL 0.9.7. OpenSSL 0.9.7 contains several changes and enhancements in many fields; please check out the NEWS and CHANGES files for details. Some of the changes made break compatibility, so that application developers and distribution providers may need a transition period.. . .. The OpenSSL developers team is pleased to announce the upcoming release of OpenSSL 0.9.7. OpenSSL 0.9.7 contains several changes and enhancements in many fields; please check out the NEWS and CHANGES files for details. Some of the changes made break compatibility, so that application developers and distribution providers may need a transition period. Date: Tue, 16 Apr 2002 16:56:50 +0200 From: Lutz Jaenicke Reply-To: openssl-users@openssl.org To: openssl-announce@openssl.org, openssl-dev@openssl.org, openssl-users@openssl.org Subject: Announcement of OpenSSL 0.9.6d and 0.9.7 Release Plan and Schedule Announcement of OpenSSL 0.9.6d and 0.9.7 Release Plan and Schedule ================================================================== The OpenSSL developers team is pleased to announce the upcoming release of OpenSSL 0.9.7. OpenSSL 0.9.7 contains several changes and enhancements in many fields; please check out the NEWS and CHANGES files for details. Some of the changes made break compatibility, so that application developers and distribution providers may need a transition period. We have therefore decided for a 2-step strategy: * Release 0.9.6d: OpenSSL 0.9.6d will be the last release of the 0.9.6 series, containing all of the latest bugfixes while maintaining compatibility. * Release 0.9.7: OpenSSL 0.9.7 contains many enhancements and some incompatible changes. It also includes the bugfixes found in 0.9.6d (except for those obsoleted by other changes). We intend to provide releases according to the following schedule: 16 Apr 2002: 0.9.6d-beta1 30 Apr 2002: 0.9.6d The changes between 0.9.6c and 0.9.6d are quite small so that we donot expect too many problems. Therefore only one beta release is planned. 30 Apr 2002: 0.9.7-beta1 13 May 2002: 0.9.7-beta2 ... As the changes between 0.9.6x and 0.9.7 are numerous, we are prepared to handle more beta releases. The number of beta releases may change with error reports coming in. If no more errors are found after beta2, the final release will be made. If more errors are found in beta2, beta3 will be introduced and so on. Testing 0.9.7-beta... does not only mean to download and call "make install" and/or "make test" on different platforms. We explicitely ask application developers and users to test out the functionality of applications and/or integrate new functionality or adjust to the API changes. If these checks are not done in the beta phase and applications are only tested once 0.9.7 is released, bug fixes may be delayed until the release of 0.9.7a, if required. Be reminded that changes are also available via the daily snapshots. Incompatible Changes with 0.9.7: ================================ - List will be provided with the 0.9.7-beta releases. Known Problems with 0.9.7: ========================== > From the OpenSSL STATUS file: o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc and other 64-bit platforms Checked on Result alpha-cc (Tru64 version 4.0) works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain OpenBSD-sparc64 doesn't work. BN_mod_mul breaks. Needs checked on [add platforms here] - BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm Bug reports: ============ - Bug reports should be sent to
Apr 17, 2002
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More