14 DAY TRIAL // Red Hat Enterprise Linux 6.1, an enterprise Linux platform suited for a range of applications across the IT infrastructure, has received an important security update.
Developers from Red Hat have plugged a security hole with a new update. An uninitialized variable use flaw was found in OpenSSL.
This flaw could cause an application using the OpenSSL Certificate Revocation List (CRL) checking functionality to incorrectly accept a CRL that has a nextUpdate date in the past.
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
All OpenSSL users should apply this patch immediately, and all services linked to the OpenSSL library must be restarted or the system rebooted.
The Red Hat Security Response Team has rated this update as having moderate security impact, but still it's not to be ignored.