RealNews

Security flaws could corrupt open source databases

Is this part of the trend of security attacks on Linux? Flaws in two popular source code database applications could allow attackers to access and corrupt open-source software projects, according to a security researcher. One vulnerability affects the Concurrent Versions System (CVS), an application used by many developers to store program code. The other flaw affects a newer, less widely used system known as Subversion, said Stefan Esser, the researcher who discovered the security holes. The CVS software, in particular, is run by many large open-source projects to create servers that maintain the versions of a program under development. Groups developing the Gnome and KDE Linux desktops, the Apache web server and large Linux distributions, are among those that use servers with the source code databases. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.