Table of Contents

Security-Related Open Source Software Information

This is a list of various open source software projects with links to security contacts for the project. Please only list those projects that do have a security contact to list! The contact may be an email address or a web page with more information.

The list should be maintained in alphabetical order.

Apache Software Foundation

Asterisk

ClamAV

CUPS

Drupal

GNOME

KDE

LibreSSL

Linux kernel

Please refer to Documentation/SecurityBugs in a recent Linux kernel source tree for up-to-date information on how to best report security bugs in the Linux kernel, as well as on the public disclosure policy.

Mantis Bug Tracker

MIT krb5

MongoDB

Moodle

Mozilla Foundation

OpenLDAP

OpenSSH

OpenSSL

OpenVZ

Piwik

Samba

Squid

TWiki

TYPO3

unzip

Wireshark

Xen.org

Xine

X.Org

Other Resources

There are separate wiki pages with similar information on distribution vendors and the infrastructure.

OSVDB maintains The Vendor Dictionary, an extensive database of software and appliance vendors (not limited to Open Source ones).