6 Jun 2005 mjcox   » (Master)

Fedora Security

Just finished the security audit for FC4 candidate - For 20030101-20050605 there are a potential 861 CVE named vulnerabilities that could have affected FC4 packages. 759 (88%) of those are fixed because FC4 includes an upstream version that includes a fix, 8 (1%) are still outstanding, and 94 (11%) are fixed with a backported patch. I'll post all the details to fedora-devel-list later in the week. I'm also giving a keynote about Fedora and security response at FudCon later this month.

OpenSSL Security

A CSO remarked to me a couple of weeks ago that their perception was that OpenSSL had a lot of serious security issues over the years. In fact it's really only had a couple of serious issues, and in total only 15 issues in the last 4 years. So in the style of the Apache vulnerability database I did one for OpenSSL. This is now publically available and we'll keep it up to date. The page is built from a XML database of the issues.


Completed our 100th cache last weekend after a day out to grab some caches just north of Edinburgh. Took us a year to get to 100, but rather than try to do as many caches as possible we're trying to do a selection of interesting ones in interesting places. Since most caches in Scotland seem to involve 2 mile hikes we don't tend to do many each weekend. A cache last weekend took us within a few hundred yards of a certain blue and yellow swedish furniture store, which proved amazingly expensive with more bookcases, a new bed, shelving, and a packet of mini-daim bars needed to make the construction process less stressful.

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!