Eclipse Kuksa Security Audit Has Been Completed
Today, the Eclipse Foundation released the results of our security audit for the Eclipse Kuksa project . Findings from the...
security
OCX 2024: Celebrating Community, Code and Collaboration
TL;DR - Don't miss the opportunity to participate in Open Community Experience 2024, a new conference for our vibrant community...
202404-01 Eclipse Foundation Security Advisory
The Eclipse Foundation Security Team has been made aware of the vulnerability VU#421644 affecting multiple HTTP/2 implementations, that could cause...
The Open Source Community is Building Cybersecurity Processes for CRA Compliance
tl;dr – Apache Software Foundation, Blender Foundation, OpenSSL Software Foundation, PHP Foundation, Python Software Foundation, Rust Foundation, and Eclipse Foundation...
Understanding Software Provenance Attestation: The Roles of SLSA and in-toto
A software provenance attestation is a signed document that associates metadata with an artifact, encompassing details like the artifact’s origin...
Understanding Software Provenance
In the ever-evolving landscape of open-source software development, the creation and distribution of artifacts—such as compiled binaries, libraries, and documentation—represent...
Eclipse Foundation Embraces Sigstore
As part of our ongoing commitment to fortifying the security of our software development processes, we’re excited to announce a...
Unveiling Open Community Experience
TL;DR - We’re thrilled to announce Open Community Experience 2024, a new conference for our vibrant community of communities. 2023...
Elevating Software Supply Chain Security: Eclipse Foundation's 2FA Milestone
In the realm of open-source software, security of the supply chain is not just a concern—it’s a crucial battleground. The...
Eclipse Foundation CVE Program in 2023
Eclipse Foundation’s vulnerability reporting programme has seen an important revamp in 2023.