code audit
Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)
A source code audit has revealed two critical vulnerabilities affecting git, the popular distributed version control system for collaborative software development. The latest …
A 10-point plan to improve the security of open source software
The Linux Foundation and the Open Source Software Security Foundation, with input provided by executives from 37 companies and many U.S. government leaders, delivered a …
OpenSSF announces Alpha-Omega Project to improve global OSS supply chain security
Following a meeting with government and industry leaders at the White House, OpenSSF announced the Alpha-Omega Project to improve the security posture of open source software …
21 vulnerabilities found in Exim, update your instances ASAP!
A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated …
A Boxcryptor audit shows no critical weaknesses in the software
More and more companies, self-employed and private customers are using Boxcryptor to protect sensitive data – primarily in the cloud. Boxcryptor ensures that nobody but …
Mozilla will fund code audits for open source software
The Mozilla Foundation has set up the Secure Open Source (SOS) Fund, whose aim is to help open source software projects get rid their code of vulnerabilities. “The Fund …
Tech giants back initiative for funding crucial open source projects
The nonprofit Linux Foundation has announced the Core Infrastructure Initiative, a multi-million dollar project aimed to fund open source projects critical for the global …
TrueCrypt to go through a crowdfunded, public security audit
After all the revelations about NSA’s spying efforts, and especially after the disclosure of details about its Bullrun program aimed at subverting encryption standards …