GnuTLS patches TLS vulnerability that could cause MITM attack

The GNU Transport Layer Security Library (GnuTLS) patched a vulnerability hidden in code for nearly two years. The issue applies to a flaw in how TLS 1.3 session resumption works without a master key. As a result, an attacker could exploit and launch man-in-the-middle (MITM) attacks.

Continue Reading GnuTLS patches TLS vulnerability that could cause MITM attack

SaltStack, multiple vendors fix Critical vulnerabilities in Salt

In case you missed it last week, SaltStack released security updates to fix two critical Salt vulnerabilities. Multiple vendors that integrate Salt into their products have also released patches or workarounds to address the flaws.

Continue Reading SaltStack, multiple vendors fix Critical vulnerabilities in Salt