Coverity Reports Open Source Security Making Great Strides 48
Coverity is claiming they have found and helped to fix more than 7,500 security flaws in open source software since the inception of the governmentally backed project designed to harden open source software. The company has also identified eleven projects that have been especially responsive in correcting security problems. "Eleven projects have been awarded the newly announced status of Rung 2, including those known as Amanda, NTP, OpenPAM, OpenVPN, Overdose, Perl, PHP, Postfix, Python, Samba, and TCL."
Now if only Coverity would release some code.. (Score:4, Insightful)
If DHS spent its money on investing in high quality static analysis plugins for modern (free) development environments, then you would catch all of the old mistakes, and make sure that they did not happen in the future. I just get annoyed when I see how much money goes to these companies whose only concern is treating the symptoms, not the cause, of poor security standards in software development.