Fedora's Security Team Continues Closing Old Vulnerabilities

The Fedora Security Team is in the middle of a quest to close all critical and important CVEs / security vulnerabilities present in Fedora and EPEL packages that originate from 2014 and prior.

There were thirty-eight security vulnerabilities originally targeted for this 90-day challenge, of which 37 were marked important and one was critical. Now being two-thirds the way through the challenge, 14 have been closed, one is going through QA, and 23 remain open.

While it's great that there's 14 fewer CVEs present in Fedora/EPEL packages, there's still more than half-way to go in accomplishing their goal. As such, they're looking for more individuals to help out.

Among the packages with outstanding CVEs include Tomcat, OpenStack Keystone, phpMemcachedAdmin, Sahana, OpenSAML Java, and DirectFB, among others. Those wishing to lend a hand to the Fedora Security Team or wishing to learn more about this 90 day challenge, see this blog post.