Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, February 6 • 14:10 - 14:50
shellshock!

Sign up or log in to save this to your schedule and see who's attending!

In September 2014, internet was rocked by a widespread security flaw called shellshock. It seemed to affect everything from web servers serving CGI, to dhcpclient etc, and even some satellite television settop boxes.

The presenter was responsible for ensuring Red Hat / Fedora and its customers/users were protected against this. Red Hat not only pioneered the patch which was used, but also provided guidance to other distros/upstream.

This presentation is a brief look at how these kind of security issues affect open source, provide a brief time line of what happened and why and how developers can often help ease out the pain :)

https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
https://securityblog.redhat.com/2014/09/26/frequently-asked-questions-about-the-shellshock-bash-flaws/

Speakers
HS

Huzaifa Sidhpurwala

I work as a Senior Product Security Engineer in Red Hat Product Security Team. Have been involved with plenty of critical issues handled by Red Hat. | | Fedora contributor, Security Researcher and part of a lot of open source security Teams and regular speaker at a lot of conferences.


Friday February 6, 2015 14:10 - 14:50
D0206

Attendees (49)