Account confirmers, Anti-spam team, Confirmed users, Bureaucrats and Sysops emeriti
4,925
edits
MOSS/Secure Open Source/Completed: Difference between revisions
Add links to the projects themselves
(Add links to audit reports and validation logs) |
(Add links to the projects themselves) |
||
| Line 3: | Line 3: | ||
==PCRE== | ==PCRE== | ||
PCRE (Perl-Compatible Regular Expressions) is a C library for implementing [https://en.wikipedia.org/wiki/Regular_expression regular expressions] in a codebase. It is used in various open source projects including Exim, Apache, PHP and KDE, as well as Apple Safari. We audited PCRE2, a newer version which is currently less commonly-used but which is expected to become increasingly common. The audit was performed by [https://cure53.de/ Cure53]. | [http://www.pcre.org/ PCRE] (Perl-Compatible Regular Expressions) is a C library for implementing [https://en.wikipedia.org/wiki/Regular_expression regular expressions] in a codebase. It is used in various open source projects including Exim, Apache, PHP and KDE, as well as Apple Safari. We audited PCRE2, a newer version which is currently less commonly-used but which is expected to become increasingly common. The audit was performed by [https://cure53.de/ Cure53]. | ||
The team found the following vulnerabilities: | The team found the following vulnerabilities: | ||
| Line 19: | Line 19: | ||
==libjpeg-turbo== | ==libjpeg-turbo== | ||
libjpeg-turbo is a fork of the libjpeg codebase which is particularly focussed on speed, and on compatibility with the most commonly-used standard profiles of JPEG. It is used by a number of open source projects, including Chrome, LibreOffice, Firefox and various flavours of VNC. The audit was performed by [https://cure53.de/ Cure53]. | [http://www.libjpeg-turbo.org/ libjpeg-turbo] is a fork of the libjpeg codebase which is particularly focussed on speed, and on compatibility with the most commonly-used standard profiles of JPEG. It is used by a number of open source projects, including Chrome, LibreOffice, Firefox and various flavours of VNC. The audit was performed by [https://cure53.de/ Cure53]. | ||
The team found the following vulnerabilities: | The team found the following vulnerabilities: | ||
| Line 35: | Line 35: | ||
==phpMyAdmin== | ==phpMyAdmin== | ||
phpMyAdmin is a web-based administration tool for MySQL databases. The audit was performed by [https://www.nccgroup.trust/ NCC Group]. | [https://www.phpmyadmin.net/ phpMyAdmin] is a web-based administration tool for MySQL databases. The audit was performed by [https://www.nccgroup.trust/ NCC Group]. | ||
The team found the following vulnerabilities: | The team found the following vulnerabilities: | ||