What were this week’s big stories in open source and open source security? ICYMI, Black Duck delivers the top news in our new weekly series, “Open Source Insight.” Watch for it every Friday!
22 new vulnerabilities posted by the NVD this week.
‘A ‘Critical’ bug was found in Xen hypervisor (via Computing UK)
A serious, possibly “fatal” vulnerability according to security researcher Joanna Rutkowska, has been found in the Xen open-source hypervisor used by Amazon, Rackspace and IBMCloud.
Explo-Xen! A Deep Dive into the Xen hypervisor Super-bug (via The Register)
All versions of open-source Xen are affected (CVE-2016-6258, XSA-182 ), although it is only potentially exploitable on x86 hardware running paravirtualized (PV) guests. The bug was discovered by Jérémie Boutoille of Quarkslab, and publicly patched on Tuesday for Xen versions 4.3 to 4.7 and the latest bleeding-edge code.
Here’s 10 Open Source Tools You’ll Want to Look Into (via developer.com)
This slideshow features noteworthy open source development tools, including version control systems, integrated development environments (IDEs), text editors, Web and mobile development frameworks, plus the free Black Duck Security Checker .
Open Source Big Business For Global Retailer (via Forbes.com)
One of the largest retailers in the world is making their application lifecycle management tool OneOps available as an open source project. Companies like Wal-Mart that are turning proprietary work into something shared in the market can reap benefits as others also help innovate and return new features and functionality to their work.
Why Did Black Duck and HPE Partner? ( via DevOps.com)
“Open-source software is just about everywhere, which is why IBM, Microsoft, Red Hat, Docker and now HPE all have embraced the Black Duck Hub. Black Duck may not be the only option on the table, but it is the open-source security option that seems to have the most traction right now.”Follow Us: