BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.devconf.info//devconf-cz-2026//talk//XAJLYJ
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-devconf-cz-2026-XAJLYJ@pretalx.devconf.info
DTSTART;TZID=CET:20260618T093000
DTEND;TZID=CET:20260618T100500
DESCRIPTION:There’s been a monumental increase in the number of CVEs (vul
 nerabilities) tracked in Open Source. Nearly 50\,000 identified in the las
 t year. 130 a day. This is the latest big shift in how Open Source works\,
  let's discuss where it came from.\n\nDue to the explosion in CVEs it has 
 become hard for users to determine which software they use is actually vul
 nerable. Many users now have very different expectations: they want distri
 butions that make all of this noise just “go away”. It’s impossible 
 to evaluate this waterfall of CVES for actual security impact.\n\nManually
  backporting all these patches\, the way RHEL and long term other stable d
 istributions do\, is becoming untenable. Other approaches are popping up\,
  and let's look at one of them: Hummingbird. A large set of minimal contai
 ners that are built as close to upstream as possible\, and thus have as ma
 ny fixes for identified vulnerabilities as possible. Built on fully automa
 ted large scale supply chain\, no humans involved until required.
DTSTAMP:20260430T131652Z
LOCATION:D105 (capacity 300)
SUMMARY:Keynote: How I learned to stop worrying and love CVEs - Hummingbird
  - Valentin Rothberg\, Stef Walter
URL:https://pretalx.devconf.info/devconf-cz-2026/talk/XAJLYJ/
END:VEVENT
END:VCALENDAR