#securityaudit

Homebrew Security Audit Finds 25 Vulnerabilities

by

August 1, 2024 at 08:06AM A security audit sponsored by the Open Tech Fund in August 2023 found 25 security defects in Homebrew, a popular package manager for macOS and Linux. The vulnerabilities allowed for code execution, privilege escalation, and secrets exfiltration. Trail of Bits notes the lack of explicit security documentation and the informal … Read more

Squid games: 35 security holes still unpatched in proxy after 2 years, now public

by

October 12, 2023 at 08:26PM 35 vulnerabilities in the Squid caching proxy remain unfixed after more than two years, according to the person who reported them. The researcher found 55 flaws in Squid’s source code, but only 20 have been fixed. The remaining vulnerabilities do not have patches or workarounds, and some have not been … Read more