Envoy, the open source edge and service proxy designed for cloud-native applications, worked with OSTIF and X41 D-Sec to help improve the project’s security posture. The multi-phased engagement, sponsored by Google, focused first on the triaging and closing of bugs, then upon further improving the core fuzzers that continually monitor…
OSTIF and X41 are excited to announce the completion of our security audit of libjpeg-turbo! X-41 DSec and OSTIF collaborated in May of 2023 on a source code audit of libjpeg-turbo, the accelerated JPEG image decoding software. The audit’s emphasis was on reviewing input validation, memory management practices, and analysis…
OSTIF is proud to announce the publication of our fourteenth completed audit this year! In association with X41 D-Sec and go-tuf, OSTIF publishes another FOSS security audit after weeks of hard work and dedication. Go-tuf is used to securely run software update systems in Go as part of The Update…
It’s our privilege to announce that OSTIF’s sixth security audit of 2023 is with libcap! This was only possible with the fantastic work of X41 D-Sec and generous support of AWS. Libcap is a library for getting and setting POSIX.1e draft 15 capabilities. The 26 year old project is maintained…
Open Source Technology Improvement Fund is thrilled to report the results of another security audit. Python-TUF is a reference implementation written in Python for The Update Framework (TUF); a framework for secure content delivery and updates. The primary result of the work is one medium and four low-severity issues. Details…