this post was submitted on 23 Oct 2023
115 points (100.0% liked)

homeassistant

12025 readers
125 users here now

Home Assistant is open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts. Perfect to run on a Raspberry Pi or a local server. Available for free at home-assistant.io

founded 1 year ago
MODERATORS
GreatAlbatross@feddit.uk
115
Security audits of Home Assistant (www.home-assistant.io)
submitted 1 year ago by Undearius@lemmy.ca to c/homeassistant@lemmy.world
8 comments fedilink hide all child comments
 

All reported issues have been addressed as part of Home Assistant 2023.9, released on September 6, 2023

  • Cure53 found issues in Home Assistant, 3 of which were marked as “critical” severity
  • The GitHub Security Lab also audited Home Assistant and found six non-critical issues. Two of the issues overlapped with Cure53.
  • No authentication bypasses have been found
you are viewing a single comment's thread
view the rest of the comments
[–] AliasAKA@lemmy.world 1 points 1 year ago

Sure, but closed source audits aren’t often made public. So we don’t know when, or how, closed source software is audited. Beyond just our ability to self audit open source, we often get better reporting on the contracted audits performed on open source software.