惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threatpost
The Hacker News
The Hacker News
AWS News Blog
AWS News Blog
Spread Privacy
Spread Privacy
T
Tenable Blog
C
CERT Recently Published Vulnerability Notes
Cisco Talos Blog
Cisco Talos Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
S
Securelist
P
Privacy & Cybersecurity Law Blog
Know Your Adversary
Know Your Adversary
T
The Exploit Database - CXSecurity.com
Latest news
Latest news
D
Darknet – Hacking Tools, Hacker News & Cyber Security
I
Intezer
F
Fortinet All Blogs
Engineering at Meta
Engineering at Meta
Simon Willison's Weblog
Simon Willison's Weblog
The Register - Security
The Register - Security
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
L
Lohrmann on Cybersecurity
C
Cyber Attacks, Cyber Crime and Cyber Security
Microsoft Azure Blog
Microsoft Azure Blog
P
Proofpoint News Feed
H
Help Net Security
T
Threat Research - Cisco Blogs
D
DataBreaches.Net
S
Schneier on Security
Cyberwarzone
Cyberwarzone
Google DeepMind News
Google DeepMind News
P
Privacy International News Feed
S
Secure Thoughts
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Recorded Future
Recorded Future
C
Cybersecurity and Infrastructure Security Agency CISA
MyScale Blog
MyScale Blog
M
MIT News - Artificial intelligence
Stack Overflow Blog
Stack Overflow Blog
IT之家
IT之家
人人都是产品经理
人人都是产品经理
NISL@THU
NISL@THU
博客园 - Franky
T
Tor Project blog
G
GRAHAM CLULEY
博客园 - 【当耐特】
Jina AI
Jina AI
Security Archives - TechRepublic
Security Archives - TechRepublic
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
A
About on SuperTechFans
Hacker News - Newest:
Hacker News - Newest: "LLM"

OpenCloud: Excellent file sharing: Secure and scalable cloud solutions

Support OpenCloud via GitHub Sponsors OpenCloud Production Release: Digital collaboration with structured content based on Markdown The OpenCloud Production Release enhances digital collaboration with structured, Markdown-based content OpenCloud at the IT Sovereignty and OSS Day II in Nuremberg OpenCloud at the GITEX 2026 OpenCloud and FUAGO: More flexibility for sovereign file collaboration OpenCloud and esatus show EUDI wallet login in OpenCloud New rolling release: Breadcrumb navigation and search shortcut OpenCloud at the Rack & Stack 2026 Rolling Release Feature Highlight: Favourites in OpenCloud OpenCloud and real-cis: Strengthening sovereign IT infrastructures OpenCloud at the Chemnitz Linux Days 2026 OpenCloud at the CS3 Conference 2026 in Oslo OpenCloud at the Digitaler Staat 2026 congress in Berlin OpenCloud and net42: Partnership for sovereign IT infrastructures OpenCloud developers find high severity vulnerability - patch available Rolling release feature highlight: Faster photo viewing in the Preview app OpenCloud and CAIRO: IT security and digital sovereignty We are at the FOSDEM 2026 in Brussels OpenCloud at the Univention Summit 2026 OpenCloud Production Release brings file management to provider level: true multi-tenancy and high availability OpenCloud Production Release: From Multi-tenancy to Helm Charts OpenCloud and Indeno: More performance through collaboration
Vulnerabilities in the code: Why transparency and enterprise licences provide security
Anne Gossing · 2026-02-05 · via OpenCloud: Excellent file sharing: Secure and scalable cloud solutions

At a time like this, transparency and speed towards customers and the community count. And this is precisely the strength and DNA of open source software compared to proprietary solutions. This is because in open source projects, information on affected parties, measures and fixes is always publicly traceable; transparency is part of the security culture of open source software and a matter of course.

The current discovery by our security team was handled according to responsible disclosure principles: first coordinated clarification and fix, then publication with patch and clear update notes. This process focuses on the security of users.

Collaboration in the open source ecosystem

Even in a competitive environment, a good collegial exchange between projects is a matter of course in open source projects, as different projects can be based on shared code components. In this case, the collaboration between the maintainer teams involved worked very well: OpenCloud recognised the vulnerability and immediately started to analyse and fix it. At the same time, we informed both the nuclear research centre CERN and the ownCloud supplier Kiteworks (from whose code base the problem originally originated). Where necessary, the security fix was checked together and implemented in such a way that it can be reliably rolled out in the respective codebase. This ensured that all affected parties were able to secure their code and that customer installations, such as the BayernCloud Schule (ByCS), were also secure again thanks to OpenCloud's findings.

Responsibly securing infrastructure with enterprise support

Today's requirements, whether based on KRITIS, NIS2 or "only" from the perspective of responsible IT operations and business continuity, require the software used to be reliably secure at all times. Nowadays, security vulnerabilities are exploited so extensively and automatically that every minute counts.

Open source software leads the way here with transparency and clear disclosure processes. But only enterprise licences with the manufacturers enable secure, confidential communication channels in advance and reliably provide customers with tested patches with sufficient lead time to apply them in a coordinated manner before the security problem is published.

Use the expertise of our security team and secure your own IT operations! Information on licences and support can be found here, our team will also be happy to advise you personally on request.