Sveriges mest populära poddar

Open Source Security

CVE for EOL with Aaron Frost

30 min•14 april 2025

Aaron Frost explores the overly complex world of vulnerability identifiers for end of life software. We discuss how incomplete CVE reporting creates blind spots for users while arming attackers with knowledge. The conversation uncovers the ethical tensions between resource constraints and security transparency, highlighting why the "vulnerable until proven otherwise" approach is the best path forward for end of life software.

The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-04-cve_eol_aaron_frost/

Fler avsnitt av Open Source Security

AIBOM, CBOM, and HBOM with Allan Friedman

29 juni•35 min

Packagist and Composer security with Jordi Boggiano

22 juni•35 min

Sustaining Open VSX with Mike and Thabang

15 juni•37 min

Hacking your CI/CD with François Proulx

8 juni•36 min

Open source verification with Sal Kimmich

1 juni•32 min

Vulnerability disclosure with Casey Ellis

25 maj•38 min

F-Droid the open app store with Hans

18 maj•37 min

Open source is critical infrastructure with Kat Cosgrove

11 maj•38 min

How to actually test a disaster plan with David Bernstein

Open Source Pledge with Vlad-Stefan Harbuz

27 apr.•35 min

Open Source Security med Josh Bressers finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.