104
Security audits of Home Assistant (www.home-assistant.io)
submitted 2 years ago by Undearius@lemmy.ca to c/homeassistant@lemmy.world
8 comments fedilink hide all child comments

All reported issues have been addressed as part of Home Assistant 2023.9, released on September 6, 2023

  • Cure53 found issues in Home Assistant, 3 of which were marked as “critical” severity
  • The GitHub Security Lab also audited Home Assistant and found six non-critical issues. Two of the issues overlapped with Cure53.
  • No authentication bypasses have been found
you are viewing a single comment's thread
view the rest of the comments
[-] AliasAKA@lemmy.world 27 points 2 years ago* (last edited 2 years ago)

This is really awesome — open source allows for auditing. Not great that there are vulnerabilities, but these vulnerabilities also exist (and possibly more) in closed source software that doesn’t get audited to be fixed, just exploited. Hopefully these get patched soon!

[-] monty33@lemmy.ml 13 points 2 years ago

Article says all were patched in 2023-09 release!

[-] AliasAKA@lemmy.world 3 points 2 years ago* (last edited 2 years ago)

Ah thank you, I should’ve read more closely :)

load more comments (4 replies)
this post was submitted on 23 Oct 2023
104 points (100.0% liked)

homeassistant

15073 readers
1 users here now

Home Assistant is open source home automation that puts local control and privacy first.
Powered by a worldwide community of tinkerers and DIY enthusiasts.

Home Assistant can be self-installed on ProxMox, Raspberry Pi, or even purchased pre-installed: Home Assistant: Installation

Discussion of Home-Assistant adjacent topics is absolutely fine, within reason.
If you're not sure, DM @GreatAlbatross@feddit.uk

founded 2 years ago
MODERATORS
GreatAlbatross@feddit.uk
greatalbatross@lemmy.world