Headline FeedsLinuxInsider Talkback
|
|
Re: Is Hidden Open Source Code Putting Your Apps at Risk?
Posted by: Jack M. Germain 2008-01-15 08:38:46
See Full Story
Many companies are running software on their Web servers that contains open source code with known vulnerabilities, a security firm has found. Software risk management solutions firm Palamida has expanded its Vulnerability Reporting Solution detection capabilities to include 431 open source security alerts. The alerts include 148 that are considered to have high-severity common vulnerability and exposures ranging from cross-site scripting and buffer overflows, to SQL injections.
Re: Is Hidden Open Source Code Putting Your Apps at Risk?
Posted by: joncweaver 2008-01-15 10:07:01 In reply to: Jack M. Germain
Are there things we should do as an Open Source development community to ensure we have patched all of the OS libraries we are using in our products?
Let me restate that question.
Is there somewhere I should go to findout how to ensure that our Open Source products have all the necessary patches for the Open Source libraries we use? Or do I have to go to each community to check for security patches?
Thanks for your help.
Let me restate that question.
Is there somewhere I should go to findout how to ensure that our Open Source products have all the necessary patches for the Open Source libraries we use? Or do I have to go to each community to check for security patches?
Thanks for your help.
