Difference between revisions of "Security Updates"

From OSNEXUS Online Documentation Site
Jump to: navigation, search
m
m (OpenSSL Security Updates and fix for Heartbleed CVE-2014-0076, CVE-2014-0160 and POODLE CVE-2014-3566, CVE-2014-3567)
Line 15: Line 15:
  
  
== OpenSSL Security Updates and fix for Heartbleed CVE-2014-0076, CVE-2014-0160 and POODLE CVE-2014-3566, CVE-2014-3567==
+
== OpenSSL Security Updates and fix for Heartbleed CVE-2014-0076, CVE-2014-0160 and POODLE CVE-2014-3566 and OpenSSL CVE-2014-3513, CVE-2014-3568, CVE-2014-3567==
  
 
Ubuntu Security update notifications:  
 
Ubuntu Security update notifications:  
Line 25: Line 25:
 
http://www.ubuntu.com/usn/usn-2385-1/
 
http://www.ubuntu.com/usn/usn-2385-1/
  
You can upgrade your OpenSSL release to the latest which includes the fixes for CVE-2014-0076, CVE-2014-0160 'heartbleed' and CVE-2014-3566, CVE-2014-3567 'POODLE' with the below console commands as the 'qadmin' administrative user:
+
You can upgrade your OpenSSL release to the latest which includes the latest fixes with the below console commands as the 'qadmin' administrative user:
  
 
<pre>
 
<pre>

Revision as of 06:31, 17 October 2014

QuantaStor uses the Ubuntu Server linux distribution as a basis and utilizes the security patches packaged by Canonical to address the needs of customers to patch various parts of the operating system for security and stability of the system.

All Security Notifications for Ubuntu are provided at the below link:

http://www.ubuntu.com/usn/

We recommend customers perform periodic auditing of their systems and install any and all security updates. It is highly recommended that systems are updated to the latest patched before being initially deployed.

To apply these updates you should login to the system as the administrator 'qadmin' account and run the following commands:

sudo apt-get update
sudo apt-get upgrade


OpenSSL Security Updates and fix for Heartbleed CVE-2014-0076, CVE-2014-0160 and POODLE CVE-2014-3566 and OpenSSL CVE-2014-3513, CVE-2014-3568, CVE-2014-3567

Ubuntu Security update notifications:

http://www.ubuntu.com/usn/usn-2165-1/

http://www.ubuntu.com/usn/usn-2367-1/

http://www.ubuntu.com/usn/usn-2385-1/

You can upgrade your OpenSSL release to the latest which includes the latest fixes with the below console commands as the 'qadmin' administrative user:

sudo apt-get update
sudo apt-get install openssl libssl1.0.0

Bash Security Updates CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187

Ubuntu Security update notifications:

http://www.ubuntu.com/usn/usn-2362-1/

http://www.ubuntu.com/usn/usn-2363-2/

http://www.ubuntu.com/usn/usn-2364-1/

You can upgrade your Bash release to the latest which includes the fix for CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187 'shellshock' with the below console commands as the 'qadmin' administrative user:

sudo apt-get update
sudo apt-get install bash