Shulou(Shulou.com)11/24 Report--

Thanks to CTOnews.com netizens Xing Han roaming clues delivery! CTOnews.com, August 15, OpenHarmony Open Source Project is an open source project incubated and operated by the Open Atomic Open Source Foundation (OpenAtom Foundation). OpenHarmony, which is contributed by Huawei and co-built by many companies, is a full-domain, new-generation, open-source and open intelligent terminal operating system with the characteristics of full-scene and distributed.

This evening, open source Hongmeng OpenAtom OpenHarmony officially announced that it has been added to the program through CNA (generic vulnerability Disclosure number Authorization) on August 3 to become the numbered authorization of CVE (General vulnerability Disclosure Organization).

CTOnews.com learned that CVE, whose full name is Common Vulnerabilities & Exposures (General vulnerability Disclosure), is a global non-profit organization. In September 1999, CVE Program (generic vulnerability Disclosure Program) was established, consisting of IT vendors, security companies, and security research organizations from around the world. Through the unique CVE code, stakeholders can quickly find the vulnerability scope and patch information in the vulnerability database or security tools, so as to quickly confirm that the system is affected by the vulnerability and obtain solutions.

At present, the industry usually uses CVE numbers to track vulnerabilities. Discoverers use CVE numbers to track vulnerabilities by requesting CVE numbers, such as several high-risk Apache Log4j vulnerabilities that caused a sensation in the industry, whose CVE numbers are CVE-2021-44228, CVE-2021-45046 and so on.

After OpenAtom OpenHarmony became the CVE numbering authority, it was qualified to issue and manage CVE numbers related to the OpenHarmony community.

The full name of CNA is Common Vulnerabilities & Exposures Numbering Authority, that is, the general vulnerability disclosure number authorization agency. Members of CNA include vendors, open source projects, vulnerability researchers, country / industry CERT / CC (computer Security Emergency response team), etc. Members of CNA will be responsible for assigning CVE numbers and describing vulnerabilities within the scope of authorization. As of August 3, 234 organizations / enterprises from 35 countries had joined the CNA.

OpenHarmony vulnerability handling strategy: click here to view

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.