The Linux Foundation’s Core Infrastructure Initiative announced it was releasing to open source data from the Census Project, which uses metrics identify under-resourced open source projects at risk.
Tag Archives: Open Source Security
Ubuntu Patches Privilege-Escalation Bug
There is a privilege-escalation vulnerability in several versions of Ubuntu that results from the fact that the operating system fails to check permissions when users are creating files in some specific circumstances.
OpenSSL Security Audit Ready to Start
NCC Group Cryptography Services announced it will shortly begin an audit of OpenSSL.
TrueCrypt Audit Stirs Back To Life
The organizers of the TrueCrypt audit expect the cryptanalysis of the open source encryption software to begin shortly; phase two will be handled by NCC Group’s Cryptography Services practice.
Enterprise Apps in Scope of Ghost glibc Vulnerability
Researchers at Veracode examined whether enterprise applications were also vulnerable to the Ghost vulnerability in glibc.
Gitrob Combs Github Repositories for Secret Company Data
Gitrob, an open source intelligence tool, helps security analysts search Github organization repositories for files not meant for public consumption.
OpenVPN Patches Denial of Service Vulnerability
Open source VPN software providers OpenVPN released an update Monday that patches a critical denial-of-service vulnerability.
Google Releases Open Source Tool for Testing Web App Security Scanners
Google today released to open source security scanning tool called Firing Range, which is designed to test for cross-site scripting (XSS) and other vulnerabilities on a massive scale.
Bugzilla Vulnerability Puts Bug Collections in Harm’s Way
A vulnerability in the account creation process in Bugzilla, bug-tracking software developed and licensed by Mozilla, exposes vulnerabilities collected by the system. Mozilla is expected to patch the vulnerability today.