Security Vulnerabilities - A Story About Panic

May 31, 2015

210

Security Vulnerabilities - A Story About Panic

Cory tells a tale of every open-source project's worse nightmare: a report of a serious security flaw in the software. Originally presented at DjangoCon EU 2015, Cardiff.

Cory Benfield

May 31, 2015

More Decks by Cory Benfield

See All by Cory Benfield

Simplicity is a Feature

lukasa

710

You Don't Care About Efficiency

lukasa

280

Hyperactive: HTTP/2 and Python

lukasa

210

Project Calico: A Pure Layer 3 Approach to Virtual Networking

lukasa

400

A Deep Dive into Python Requests

lukasa

2.9k

HTTP/2: Because The Web Was Too Easy

lukasa

750

Other Decks in Programming

See All in Programming

Dev ContainersとGitHub Codespacesの素敵な関係

ymd65536

140

Java ジェネリクス入門 2024

nagise

710

ふかぼれ！CSSセレクターモジュール / Fukabore! CSS Selectors Module

petamoriken

150

C++でシェーダを書く

fadis

4.1k

CPython 인터프리터 구조 파헤치기 - PyCon Korea 24

kennethanceyer

250

카카오페이는 어떻게 수천만 결제를 처리할까? 우아한 결제 분산락 노하우

kakao

PRO

110

タクシーアプリ『GO』のリアルタイムデータ分析基盤における機械学習サービスの活用

mot_techtalk

830

ピラミッド、アイスクリームコーン、SMURF: 自動テストの最適バランスを求めて / Pyramid Ice-Cream-Cone and SMURF

twada

PRO

1.2k

2024/11/8 関西Kaggler会 2024 #3 / Kaggle Kernel で Gemma 2 × vLLM を動かす。

kohecchi

820

初めてDefinitelyTypedにPRを出した話

syumai

310

アジャイルを支えるテストアーキテクチャ設計/Test Architecting for Agile

goyoki

3.2k

色々なIaCツールを実際に触って比較してみる

iriikeita

320

Featured

See All Featured

The MySQL Ecosystem @ GitHub 2015

samlambert

250

12k

Large-scale JavaScript Application Architecture

addyosmani

510

110k

"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)

danielanewman

226

22k

Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything

marktimemedia

2.1k

VelocityConf: Rendering Performance Case Studies

addyosmani

325

24k

5 minutes of I Can Smell Your CMS

philhawksworth

202

19k

The Invisible Side of Design

smashingmag

297

50k

Documentation Writing (for coders)

carmenintech

4.4k

Docker and Python

trallard

3.1k

A Modern Web Designer's Workflow

chriscoyier

693

190k

Producing Creativity

orderedlist

PRO

341

39k

How to train your dragon (web standard)

notwaldorf

5.7k

Security Vulnerabilities - A Story About Panic

Security Vulnerabilities - A Story About Panic

Cory Benfield

More Decks by Cory Benfield

Other Decks in Programming

Featured

Transcript

Panic

Hi

Me @lukasaoz @lukasa

A Story

CVE 2015-2296 A Story About Panic

Act 1: The Distant Past (2014)

TO ACTION!

???

1. Contact Email

2. GPG Keys 90DC AE40 FEA7 4B14 9B70 662D F25F

Good Enough?

Act 2: The Distant Now

Credit: Rachel Kramer https://www.ﬂickr.com/photos/rkramer62/15877419359

3. Lots of Detail

Move Too Fast

4. No Weekends

5. Get a CVE

6. Warn Downstream

7. Identify Versions

8. Policy

docs.python-requests.org/en/latest/ community/vulnerabilities/

Thanks! ✨✨