Security Advisory

UCS 4.0-1 ISO released
Tuesday, Mar 31, 2015

UCS 4.0-1 ISO released

Univention has made the first patch level release of UCS 4 so a new ISO image is available. This release aggregates more than 80 errata updates since the last major release in November 2014.

Univention patches for "GHOST" security vulnerability
Monday, Feb 9, 2015

Univention patches for "GHOST" security vulnerability

Univention has released patches for the “GHOST” CVE-2015-0235 security vulnerability for UCS.

Google Safe Search - Important Information
Tuesday, Dec 23, 2014

Google Safe Search - Important Information

Important Google Safe Search information for CensorNet Cloud web filtering customers. Google has recently announced plans to remove the popular ‘NoSSLSearch’ feature in December which helps enforce Safe Search on the network. Unless action is taken the Safe Search mode may not function correctly after 1st December 2014.

Smoothwall and Google SafeSearch changes
Friday, Dec 5, 2014

Smoothwall and Google SafeSearch changes

This is important information for Smoothwall customers filtering Google searches without HTTPS inspection: Google recently announced that, in December 2014, they will be removing their ‘NoSSLSearch’ functionality.

Smoothwall IN06 and "Shellshock" updates
Friday, Oct 24, 2014

Smoothwall IN06 and "Shellshock" updates

Smoothwall IN06 and “Shellshock” updates are available.

Smoothwall and the "Shellshock" bash vulnerability
Tuesday, Sep 30, 2014

Smoothwall and the "Shellshock" bash vulnerability

Following the disclosure of the vulnerability in Bash (CVE-2014-6271, CVE-2014-7169), Smoothwall will be rolling out a priority update over the next 2 weeks to address the issue.

Univention patches for "Shellshock" - bash security vulnerability
Tuesday, Sep 30, 2014

Univention patches for "Shellshock" - bash security vulnerability

Univention has promptly released patches for all “current” releases of UCS: 3.2, 3.1, 3.0 and 2.4.

"Shellshock" - bash security vulnerability
Tuesday, Sep 30, 2014

"Shellshock" - bash security vulnerability

“Shellshock” is a serious security vulnerability in the bash shell that is found in almost every UNIX and UNIX like system including Linux, Mac OS X and BSD.

NoMachine OpenSSL security vulnerability
Thursday, Jun 12, 2014

NoMachine OpenSSL security vulnerability

An information disclosure revealed an injection vulnerability in OpenSSL’s ChangeCipherSpec processing making it possible for malicious third parties to force the use of weak keying material in OpenSSL SSL/TLS clients and servers.

Univention Corporate Server not affected by "Heartbleed bug"
Friday, May 9, 2014

Univention Corporate Server not affected by "Heartbleed bug"

As reported in the press, the so-called “Heartbleed bug” has enabled the reading of private keys, security certificates, user names and passwords.