Announcement

Collapse
No announcement yet.

Apache Software Foundation Saw Assigned CVEs Up 24%, Security Issues Up 53% For 2020

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Apache Software Foundation Saw Assigned CVEs Up 24%, Security Issues Up 53% For 2020

    Phoronix: Apache Software Foundation Saw Assigned CVEs Up 24%, Security Issues Up 53% For 2020

    The Apache Software Foundation that oversees 340+ Apache projects saw a measurable rise in security related issues during the course of 2020...

    http://www.phoronix.com/scan.php?pag...y-2020-Details

  • #2
    Originally posted by tildearrow
    This is one of the reasons why do I not use the Apache web server anymore...
    The Apache Software Foundation that oversees 340+ Apache projects...
    They have different languages, communities, management, and security models...
    How exactly do you know that the rise in reported security issues has anything to do with Apache httpd? From my understanding, httpd is very mature and battle-tested software, do correct me if I'm wrong. Either way, you can't infer from the article alone that httpd (the web server) is insecure.
    Last edited by board; 25 January 2021, 12:21 PM.

    Comment


    • #3
      How's OpenOffice coming along ?

      Comment


      • #4
        Originally posted by Slartifartblast View Post
        How's OpenOffice coming along ?
        It's not.

        Comment


        • #5
          Originally posted by board View Post




          How exactly do you know that the rise in reported security issues has anything to do with Apache httpd? From my understanding, httpd is very mature and battle-tested software, do correct me if I'm wrong. Either way, you can't infer from the article alone that httpd (the web server) is insecure.
          Tbh, the article is worded so that you can infer anything you want. No absolute numbers, no break down by product, version, severity... Just a big "Uuuh, Apache baaad".
          I'm not even sure I understand the difference between a CVE and a security issue.

          Comment


          • #6
            Originally posted by bug77 View Post

            Tbh, the article is worded so that you can infer anything you want. No absolute numbers, no break down by product, version, severity... Just a big "Uuuh, Apache baaad".
            I'm not even sure I understand the difference between a CVE and a security issue.
            Indeed. It's kind of an expected outcome when they inherit new projects

            Comment

            Working...
            X