The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws.

  • onlinepersona@programming.devEnglish
    0·
    5 months ago

    First of all, yes CVE generating languages have been here a while, unfortunately. They are very ingrained and difficult to root out.

    But most importantly

    Ultimately, CISA recommends that software developers write new code in memory-safe languages such as Rust, Java, and GO and transition existing projects, especially critical components, to those languages.

    Fucking pay them or write them yourselves. Y’all have endless money. You can of course wait and hope the situation resolves itself, or really it along if you rely on it so much.

    Anti Commercial-AI license