[Whonix-devel] Security Fixes and Transparency of Free Software

• Previous message: [Whonix-devel] Fix in Whonix's repository: Tor no longer starts after upgrade / no Tor pid error – Testers wanted!
• Next message: [Whonix-devel] Whonix 9.1 Maintenance Release - Testers wanted!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Within a day there has been a raft of some major security bug reports coming in on. A summary:

-Bash bug that allows remote arbitrary execution of malicious input


- RSA Signature Forgery in NSS - FireFox's crypto-library

- Apt-get remote Buffer Overflow

There is no need to be uneasy about these recent events. If anything it is encouraging to see the transparency of the security pen-testing community and the benefits of Free Software in action. Security researchers can easily find flaws and within the source code because its available for all to see. Bugs could be fixed quickly without anyone's permission. That's a few 0days governments won't have.

This post has been automatically cross-posted by whonix.org/blog To see the original (including links), go to http://www.whonix.org/blog/security-fixes-transparency-free-software

• Previous message: [Whonix-devel] Fix in Whonix's repository: Tor no longer starts after upgrade / no Tor pid error – Testers wanted!
• Next message: [Whonix-devel] Whonix 9.1 Maintenance Release - Testers wanted!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]