A new Google program OSS-Fuzz is aimed at continuously fuzzing open source software and has already detected over 150 bugs.
Tag Archives: open source software
Socat Warns Weak Prime Number Could Mean It’s Backdoored
Socat published a security advisory warning users that a hard-coded 1024 Diffie-Hellman prime number was not prime, and that an attacker could listen and recover secrets from a key exchange.
Census Project Identifies Open Source Tools at Risk
The Linux Foundation’s Core Infrastructure Initiative announced it was releasing to open source data from the Census Project, which uses metrics identify under-resourced open source projects at risk.
ICU Project Overflow Vulnerabilities Patched
Buffer and integer overflow vulnerabilities have been patched in the ICU Project ICU4C library, used in hundreds of open source and enterprise software packages.