Log4Shell vulnerability
Hello Community! Everyone is talking about the CVE-2021-44228 vulnerability recently found in the Log4j logging library, which was nicknamed Log4Shell because i...
The post categories:
infrastructure
security
VyOS 1.2.6-S1 security release
VyOS 1.2.6 release was found to be suspectible to CVE-2020-10995. It's a low-impact vulnerability in the PowerDNS recursor that allows an attacker to cause perf...
The post categories:
release
security
On security of GRE/IPsec scenarios
As we've already discussed, there are many ways to setup GRE (or something else) over IPsec and they all have their advantages and disadvantages. Recently an is...
Update on the AWS SSH key fetching issue
We have fixed the issue with key fetching and submitted the updated AMI for review. It passed the automated scan, but manual review and deployment to the market...
1.1.7 maintenance release
1.1.7 maintenance release is available for download: http://packages.vyos.net/iso/release/1.1.7/ (mirrors are syncing up).
CVE-2015-7547
We know you are concerned (or should be concerned) with the vulnerability in glibc’s getaddrinfo() that allows remote code execution via specially crafted DNS r...
The post categories:
security
Uncategorized