Comments on: oCERT – Responsing to Flaws in Open Source Software http://www.darknet.org.uk/2008/05/ocert-responsing-to-flaws-in-open-source-software/ Ethical Hacking, Penetration Testing & Computer Security Sat, 21 Nov 2009 06:04:59 +0000 http://wordpress.org/?v=2.8.6 hourly 1 By: Bogwitch http://www.darknet.org.uk/2008/05/ocert-responsing-to-flaws-in-open-source-software/#comment-123101 Bogwitch Mon, 19 May 2008 12:08:40 +0000 http://www.darknet.org.uk/?p=846#comment-123101 @Rob Holland, I assume you are associated in some way with oCERT. A great idea and I hope it gathers some momentum. I am interested as to how you are intending to get vulnerabilities reported to you. Are you only interested in 0-day? Is it worth listing this as a sourceforge project? There is more and more open source product out there so I expect that your site will expand very rapidly. It is a shame that you only have (at the time of writing) four reports in the past two months. Good luck to you! @Rob Holland,

I assume you are associated in some way with oCERT. A great idea and I hope it gathers some momentum. I am interested as to how you are intending to get vulnerabilities reported to you.
Are you only interested in 0-day?
Is it worth listing this as a sourceforge project?

There is more and more open source product out there so I expect that your site will expand very rapidly. It is a shame that you only have (at the time of writing) four reports in the past two months.

Good luck to you!

]]> By: Rob Holland http://www.darknet.org.uk/2008/05/ocert-responsing-to-flaws-in-open-source-software/#comment-123062 Rob Holland Fri, 16 May 2008 07:49:11 +0000 http://www.darknet.org.uk/?p=846#comment-123062 Matt, yes, we'll help those who need it develop fixes or improve their infrastructure security. Matt, yes, we’ll help those who need it develop fixes or improve their infrastructure security.

]]> By: Jinesh http://www.darknet.org.uk/2008/05/ocert-responsing-to-flaws-in-open-source-software/#comment-123045 Jinesh Wed, 14 May 2008 07:07:46 +0000 http://www.darknet.org.uk/?p=846#comment-123045 Wow, that a gr8 news for small open source projects. Actually it is a 1 more step taken by google to trouble micro$oft. Wow, that a gr8 news for small open source projects. Actually it is a 1 more step taken by google to trouble micro$oft.

]]> By: matt http://www.darknet.org.uk/2008/05/ocert-responsing-to-flaws-in-open-source-software/#comment-123038 matt Tue, 13 May 2008 16:51:57 +0000 http://www.darknet.org.uk/?p=846#comment-123038 I am still not getting the full idea of this project. Will the teams at oCERT.org be responsible for patching and deploying fixes for security holes, or are they just a contact for the Open Source projects? It seems as though for the bigger projects, oCERT will just pass information about reports and vulnerabilities, but for the little guys, they will help with the fixing. Am I getting this right? I am still not getting the full idea of this project. Will the teams at oCERT.org be responsible for patching and deploying fixes for security holes, or are they just a contact for the Open Source projects? It seems as though for the bigger projects, oCERT will just pass information about reports and vulnerabilities, but for the little guys, they will help with the fixing. Am I getting this right?

]]>