Two updates are available for EnGarde Secure Linux users.
One fixes a double free() bug in the MySQL daemon that could allow an attacker, with a specially crafted MySQL client, to crash the server. The attacker also requires a valid user account.
For details, click here.
The other relates to OpenSSL and how it is vulnerable to a timing-based attack on CBC cipher suites.
For the details, click here.