English
Related papers

Related papers: Is It Safe to Uplift This Patch? An Empirical Stud…

200 papers

Background: Security regressions are vulnerabilities introduced in a previously unaffected software system. They often happen as a result of source code changes (e.g., a bug fix) and can have severe effects. Aims: To increase the…

Software Engineering · Computer Science 2022-07-06 Larissa Braz , Enrico Fregnan , Vivek Arora , Alberto Bacchelli

System administrators, similar to end users, may delay or avoid software patches, also known as updates, despite the impact their timely application can have on system security. These admins are responsible for large, complex, amalgamated…

Human-Computer Interaction · Computer Science 2023-07-10 Adam Jenkins , Maria Wolters , Kami Vaniea

Security is a requirement of utmost importance to produce high-quality software. However, there is still a considerable amount of vulnerabilities being discovered and fixed almost weekly. We hypothesize that developers affect the…

Software Engineering · Computer Science 2021-09-14 Sofia Reis , Rui Abreu , Luis Cruz

As technology has become more embedded into our society, the security of modern-day systems is paramount. One topic which is constantly under discussion is that of patching, or more specifically, the installation of updates that remediate…

Cryptography and Security · Computer Science 2025-02-26 Jason R. C. Nurse

Timely patching is paramount to safeguard users and maintainers against dire consequences of malicious attacks. In practice, patching is prioritized following the nature of the code change that is committed in the code repository. When such…

Software Engineering · Computer Science 2020-01-27 Arthur D. Sawadogo , Tegawendé F. Bissyandé , Naouel Moha , Kevin Allix , Jacques Klein , Li Li , Yves Le Traon

Numerous security attacks that resulted in devastating consequences can be traced back to a delay in applying a security patch. Despite the criticality of timely patch application, not much is known about why and how delays occur when…

Software Engineering · Computer Science 2022-09-07 Nesara Dissanayake , Mansooreh Zahedi , Asangi Jayatilaka , M. Ali Babar

Open-source software is increasingly reused, complicating the process of patching to repair bugs. In the case of Linux, a distinct ecosystem has formed, with Linux mainline serving as the upstream, stable or long-term-support (LTS) systems…

Software Engineering · Computer Science 2024-02-09 Xingyu Li , Zheng Zhang , Zhiyun Qian , Trent Jaeger , Chengyu Song

Background: Testing and validation of the semantic correctness of patches provided by tools for Automated Program Repairs (APR) has received a lot of attention. Yet, the eventual acceptance or rejection of suggested patches for real world…

Software Engineering · Computer Science 2022-09-19 Aurora Papotti , Ranindya Paramitha , Fabio Massacci

The upgrade problems faced by Free and Open Source Software distributions have characteristics not easily found elsewhere. We describe the structure of packages and their role in the upgrade process. We show that state of the art package…

Software Engineering · Computer Science 2009-02-11 Roberto Di Cosmo , Stefano Zacchiroli , Paulo Trezentos

Each year, thousands of software vulnerabilities are discovered and reported to the public. Unpatched known vulnerabilities are a significant security risk. It is imperative that software vendors quickly provide patches once vulnerabilities…

Cryptography and Security · Computer Science 2017-07-26 Benjamin L. Bullough , Anna K. Yanchenko , Christopher L. Smith , Joseph R. Zipkin

Contemporary development projects benefit from code review as it improves the quality of a project. Large ecosystems of inter-dependent projects like OpenStack generate a large number of reviews, which poses new challenges for collaboration…

Software Engineering · Computer Science 2023-02-15 Dong Wang , Patanamon Thongtanunam , Raula Gaikovina Kula , Kenichi Matsumoto

Dealing with the evolution of operating systems is challenging for developers of mobile apps, who have to deal with frequent upgrades that often include backward incompatible changes of the underlying API framework. As a consequence of…

Software Engineering · Computer Science 2019-11-22 Marco Mobilio , Oliviero Riganelli , Daniela Micucci , Leonardo Mariani

Modifications to open-source software (OSS) are often provided in the form of "patch stacks" - sets of changes (patches) that modify a given body of source code. Maintaining patch stacks over extended periods of time is problematic when the…

Software Engineering · Computer Science 2020-09-03 Ralf Ramsauer , Daniel Lohmann , Wolfgang Mauerer

Many open-source projects land security fixes in public repositories before shipping these patches to users. This paper presents attacks on such projects - taking Firefox as a case-study - that exploit patch metadata to efficiently search…

Cryptography and Security · Computer Science 2011-09-05 Adam Barth , Saung Li , Benjamin I. P. Rubinstein , Dawn Song

Many modern software projects evolve rapidly to incorporate new features and security patches. It is important for users to update their dependencies to safer versions, but many still use older, vulnerable package versions because upgrading…

Software Engineering · Computer Science 2025-12-02 Zhiqing Zhong , Jiaming Huang , Pinjia He

We propose patching for large language models (LLMs) like software versions, a lightweight and modular approach for addressing safety vulnerabilities. While vendors release improved LLM versions, major releases are costly, infrequent, and…

Artificial Intelligence · Computer Science 2026-04-28 Huzaifa Arif , Keerthiram Murugesan , Ching-Yun Ko , Pin-Yu Chen , Payel Das , Alex Gittens

Patch reviewing is critical for software development, especially in distributed open-source development, which highly depends on voluntary work, such as Linux. This paper studies the past 10 years of patch reviews of the Linux memory…

Software Engineering · Computer Science 2026-03-27 Chih-En Lin , Attreyee Mukherjee , Ajay Rawat , Ruqi Zhang , Pedro Fonseca

Automated program repair is an emerging technology that seeks to automatically rectify bugs and vulnerabilities using learning, search, and semantic analysis. Trust in automatically generated patches is necessary for achieving greater…

Software Engineering · Computer Science 2022-02-14 Yannic Noller , Ridwan Shariffdeen , Xiang Gao , Abhik Roychoudhury

Context: Mining software repositories is a popular means to gain insights into a software project's evolution, monitor project health, support decisions and derive best practices. Tools supporting the mining process are commonly applied by…

Software Engineering · Computer Science 2025-11-13 Nicole Hoess , Carlos Paradis , Rick Kazman , Wolfgang Mauerer

Applying security patches in open source software timely is critical for ensuring the security of downstream applications. However, it is challenging to apply these patches promptly because notifications of patches are often incomplete and…

Cryptography and Security · Computer Science 2024-06-11 Tianyu Chen , Lin Li , Taotao Qian , Jingyi Liu , Wei Yang , Ding Li , Guangtai Liang , Qianxiang Wang , Tao Xie
‹ Prev 1 2 3 10 Next ›