Linux Today: Linux News On Internet Time.

Are You Using Insecure Open Source Components?

Mar 27, 2012, 03:00 (0 Talkback[s])
(Other stories by Sean Michael Kerner)

"I'm always suspicious when I see press releases and studies that claim that somehow open source software is less secure than other forms of software. That's why I was particularly suspicious of a new study out today sponsored by Apache Maven sponsor Sonatype, claiming that there is widespread use of insecure open source components.

According to the study:

There were more than 46 million downloads of insecure versions of the 31 most popular open-source security libraries and web frameworks.

Complete Story

Related Stories: