The Linux Foundation's "security mobilization plan"

25.05.2022 um 17:54 Uhr

The Linux Foundation has posted an "Open Source Software Security Mobilization Plan" that aims to address a number of perceived security problems with the expenditure of nearly $140 million over two years.

While there are considerable ongoing efforts to secure the OSS supply chain, to achieve acceptable levels of resilience and risk, a more comprehensive series of investments to shift security from a largely reactive exercise to a proactive approach is required. Our objective is to evolve the systems and processes used to ensure a higher degree of security assurance and trust in the OSS supply chain.
This paper suggests a comprehensive portfolio of 10 initiatives which can start immediately to address three fundamental goals for hardening the software supply chain. Vulnerabilities and weaknesses in widely deployed software present systemic threats to the security and stability of modern society as government services, infrastructure providers, nonprofits and the vast majority of private businesses rely on software in order to function.

...

Kompletten Artikel lesen (externe Quelle: https://lwn.net/Articles/896244/)

Zur Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

USN-4041-1: Linux kernel update

vom 29.06.2019 um 05:23 Uhr 437.18 Punkte
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon update A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubun

USN-4017-1: Linux kernel vulnerabilities

vom 17.06.2019 um 23:11 Uhr 403.31 Punkte
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubun

USN-4135-1: Linux kernel vulnerabilities

vom 18.09.2019 um 12:10 Uhr 377.49 Punkte
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives

USN-3256-1: Linux kernel vulnerability

vom 05.04.2017 um 07:03 Uhr 274.25 Punkte
Ubuntu Security Notice USN-3256-1 4th April, 2017 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon, linux-ti-omap4 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LT

USN-4404-2: Linux kernel vulnerabilities

vom 25.06.2020 um 22:58 Uhr 261.34 Punkte
linux kernel vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 20.04 LTS Ubuntu 19.10 Ubuntu 18.04 LTS Summary Several security issues were fixed in the NVIDIA graphics driver kernel modules. Software D

USN-3328-1: Linux kernel vulnerabilities

vom 20.06.2017 um 00:34 Uhr 256.5 Punkte
Ubuntu Security Notice USN-3328-1 19th June, 2017 linux, linux-meta vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software descripti

USN-4115-2: Linux kernel regression

vom 11.09.2019 um 07:29 Uhr 219.4 Punkte
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary USN 4115-1 i

USN-4287-1: Linux kernel vulnerabilities

vom 18.02.2020 um 21:25 Uhr 219.4 Punkte
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04

USN-4227-1: Linux kernel vulnerabilities

vom 07.01.2020 um 03:24 Uhr 216.17 Punkte
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04

util-linux bis 2.31 erweiterte Rechte [CVE-2018-7738]

vom 07.03.2018 um 01:00 Uhr 211.33 Punkte
In util-linux bis 2.31 wurde eine kritische Schwachstelle ausgemacht. Dabei geht es um eine unbekannte Funktion. Mittels dem Manipulieren mit einer unbekannten Eingabe kann eine erweiterte Rechte-Schwachstelle ausgenutzt werden. CWE definiert das Problem al

USN-4094-1: Linux kernel vulnerabilities

vom 13.08.2019 um 18:01 Uhr 208.11 Punkte
linux, linux-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04 LTS S

USN-4345-1: Linux kernel vulnerabilities

vom 29.04.2020 um 01:54 Uhr 208.11 Punkte
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04

Team Security Diskussion über The Linux Foundation's "security mobilization plan"

Sharing is caring

Join the Community (beta)

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

Team Security Diskussion über The Linux Foundation's "security mobilization plan"