Univention has made the first patch level release of UCS 4 so a new ISO image is available. This release aggregates more than 80 errata updates since the last major release in November 2014.
Univention has released patches for the “GHOST” CVE-2015-0235 security vulnerability for UCS.
Important Google Safe Search information for CensorNet Cloud web filtering customers. Google has recently announced plans to remove the popular ‘NoSSLSearch’ feature in December which helps enforce Safe Search on the network. Unless action is taken the Safe Search mode may not function correctly after 1st December 2014.
This is important information for Smoothwall customers filtering Google searches without HTTPS inspection: Google recently announced that, in December 2014, they will be removing their ‘NoSSLSearch’ functionality.
Smoothwall IN06 and “Shellshock” updates are available.
Following the disclosure of the vulnerability in Bash (CVE-2014-6271, CVE-2014-7169), Smoothwall will be rolling out a priority update over the next 2 weeks to address the issue.
Univention has promptly released patches for all “current” releases of UCS: 3.2, 3.1, 3.0 and 2.4.
“Shellshock” is a serious security vulnerability in the bash shell that is found in almost every UNIX and UNIX like system including Linux, Mac OS X and BSD.
An information disclosure revealed an injection vulnerability in OpenSSL’s ChangeCipherSpec processing making it possible for malicious third parties to force the use of weak keying material in OpenSSL SSL/TLS clients and servers.
As reported in the press, the so-called “Heartbleed bug” has enabled the reading of private keys, security certificates, user names and passwords.