System News
 1 2 3 4 5 6 7 8 9 10 next
Articles for the keywords: OpenSSL
14 Dec 2016 NexentaStor 4.0.5 [58998]
Nexenta, December 14th, 2016

NexentaStor 4.0.5, Nexenta's latest and greatest maintenance update, is now generally available for online upgrades and download from

This release further hardens Nexenta's core product and rolls up all Fix Packs and customer specific patches released since 4.0.4 went GA (a bit more than a year ago now). It also includes a number of enhancements, such as:

  • Support for Data At Rest Encryption on Self-Encrypting Drive based configurations
  • Numerous security updates, including update to OpenSSL 1.0.2
  • Support for Intel XL710 40GbE NIC, and X710 10GbE NICs
  • Support for QLogic 16Gbps FC
  • Numerous chassis management additions (e.g. Ericsson HDS8k, Dell MD1280, Amax)
  • and more (see release notes for details)
(Get More Information . .) open to premium members only

20 Jul 2016 Two Years After Heartbleed, An Improved OpenSSL Aims For Government Approval [54556]
FCW, July 20th, 2016

"When the Heartbleed bug was discovered in 2014, federal agencies reported no significant fallout from the OpenSSL vulnerabilities on government websites. But as that vital open-source software library has been revised and strengthened in the two years since, a different problem has emerged: the newer, more secure OpenSSL 1.1 lacks a critical federal validation for cryptographic software.

Using it in federal systems, in fact, would be against the law..."
(Get More Information . .) open to premium members only

04 May 2016 Linux Foundation Offers Badges To Certify Open Source Code Quality [52259]
The VAR Guy, May 4th, 2016

"Which open source projects can users trust? That's a question the Linux Foundation hopes to help answer by the introduction of "badges" from the Core Infrastructure Initiative (CII) project, which recognize open source platforms deemed to be safe and stable.

Launched in 2014 in the wake of Heartbleed, which exposed an embarrassing security vulnerability in the widely used open source toolkit OpenSSL, CII is an effort to shore up security and quality in important open source projects. Previously, the support focused on providing financial resources to assist open source developers in honing their code..."
(Get More Information . .) open to premium members only

07 Jul 2015 OpenSSL on Oracle Solaris 11.3 [44157]
EOL SSLv2 Support

Misaki Miyashita blogs, "As with Solaris 11.2, Solaris 11.3 delivers two versions of OpenSSL: the non-FIPS 140 version (default) and the FIPS 140 version. They are both based on OpenSSL 1.0.1o (as of July 7th, 2015).

There are no major features added to Solaris 11.3 OpenSSL; however, there are a couple of things that I would like to note..."
(Get More Information . .) open to premium members only

28 Jun 2015 Why Are There Still So Many Website Vulnerabilities? [43655]
CSO Online, June 19th, 2015

"The cracks in the armor of most enterprise websites are many including recurring holes in OpenSSL, PHP, and WordPress and are largely due to a combination of extensive customizations paired with a shortage of testing and fixing of vulnerabilities when compared with that of long-standing commercial OS software," notes David Geer CSO Online,

"CSO Magazine traverses the treacherous terrain of the massive security craters present in today's websites. Find out what it takes to fix these holes from the start and throughout the development life cycle..."
(Get More Information . .) open to premium members only

 1 2 3 4 5 6 7 8 9 10 next

!-- end archive_section.tpl -->