惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
WordPress大学
WordPress大学
云风的 BLOG
云风的 BLOG
Stack Overflow Blog
Stack Overflow Blog
MongoDB | Blog
MongoDB | Blog
腾讯CDC
V
V2EX
Martin Fowler
Martin Fowler
A
About on SuperTechFans
大猫的无限游戏
大猫的无限游戏
Blog — PlanetScale
Blog — PlanetScale
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
酷 壳 – CoolShell
酷 壳 – CoolShell
C
Check Point Blog
博客园 - 【当耐特】
Cisco Talos Blog
Cisco Talos Blog
The Hacker News
The Hacker News
K
Kaspersky official blog
Security Latest
Security Latest
H
Help Net Security
博客园_首页
美团技术团队
Spread Privacy
Spread Privacy
博客园 - 司徒正美
Hugging Face - Blog
Hugging Face - Blog
S
SegmentFault 最新的问题
G
Google Developers Blog
NISL@THU
NISL@THU
爱范儿
爱范儿
I
Intezer
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
阮一峰的网络日志
阮一峰的网络日志
N
News and Events Feed by Topic
P
Privacy International News Feed
Application and Cybersecurity Blog
Application and Cybersecurity Blog
S
Security @ Cisco Blogs
Schneier on Security
Schneier on Security
雷峰网
雷峰网
人人都是产品经理
人人都是产品经理
V
Vulnerabilities – Threatpost
W
WeLiveSecurity
P
Palo Alto Networks Blog
G
GRAHAM CLULEY
Hacker News: Ask HN
Hacker News: Ask HN
I
InfoQ
The Cloudflare Blog
F
Full Disclosure
SecWiki News
SecWiki News
宝玉的分享
宝玉的分享
N
Netflix TechBlog - Medium

OpenCloud: Exzellentes Filesharing: Sichere und skalierbare Cloud-Lösungen

Support OpenCloud via GitHub Sponsors OpenCloud Production Release: Digital collaboration with structured content based on Markdown The OpenCloud Production Release enhances digital collaboration with structured, Markdown-based content OpenCloud at the IT Sovereignty and OSS Day II in Nuremberg OpenCloud at the GITEX 2026 OpenCloud and FUAGO: More flexibility for sovereign file collaboration OpenCloud and esatus show EUDI wallet login in OpenCloud New rolling release: Breadcrumb navigation and search shortcut OpenCloud at the Rack & Stack 2026 Rolling Release Feature Highlight: Favourites in OpenCloud OpenCloud and real-cis: Strengthening sovereign IT infrastructures OpenCloud at the Chemnitz Linux Days 2026 OpenCloud at the CS3 Conference 2026 in Oslo OpenCloud at the Digitaler Staat 2026 congress in Berlin OpenCloud and net42: Partnership for sovereign IT infrastructures OpenCloud developers find high severity vulnerability - patch available Rolling release feature highlight: Faster photo viewing in the Preview app OpenCloud and CAIRO: IT security and digital sovereignty We are at the FOSDEM 2026 in Brussels OpenCloud at the Univention Summit 2026 OpenCloud Production Release brings file management to provider level: true multi-tenancy and high availability OpenCloud Production Release: From Multi-tenancy to Helm Charts OpenCloud and Indeno: More performance through collaboration
Vulnerabilities in the code: Why transparency and enterprise licences provide security
Anne Gossing · 2026-02-05 · via OpenCloud: Exzellentes Filesharing: Sichere und skalierbare Cloud-Lösungen

At a time like this, transparency and speed towards customers and the community count. And this is precisely the strength and DNA of open source software compared to proprietary solutions. This is because in open source projects, information on affected parties, measures and fixes is always publicly traceable; transparency is part of the security culture of open source software and a matter of course.

The current discovery by our security team was handled according to responsible disclosure principles: first coordinated clarification and fix, then publication with patch and clear update notes. This process focuses on the security of users.

Collaboration in the open source ecosystem

Even in a competitive environment, a good collegial exchange between projects is a matter of course in open source projects, as different projects can be based on shared code components. In this case, the collaboration between the maintainer teams involved worked very well: OpenCloud recognised the vulnerability and immediately started to analyse and fix it. At the same time, we informed both the nuclear research centre CERN and the ownCloud supplier Kiteworks (from whose code base the problem originally originated). Where necessary, the security fix was checked together and implemented in such a way that it can be reliably rolled out in the respective codebase. This ensured that all affected parties were able to secure their code and that customer installations, such as the BayernCloud Schule (ByCS), were also secure again thanks to OpenCloud's findings.

Responsibly securing infrastructure with enterprise support

Today's requirements, whether based on KRITIS, NIS2 or "only" from the perspective of responsible IT operations and business continuity, require the software used to be reliably secure at all times. Nowadays, security vulnerabilities are exploited so extensively and automatically that every minute counts.

Open source software leads the way here with transparency and clear disclosure processes. But only enterprise licences with the manufacturers enable secure, confidential communication channels in advance and reliably provide customers with tested patches with sufficient lead time to apply them in a coordinated manner before the security problem is published.

Use the expertise of our security team and secure your own IT operations! Information on licences and support can be found here, our team will also be happy to advise you personally on request.