funsec mailing list archives

Previous By Date Next
Previous By Thread Next

DHS Funds Open-Source Security Project

From: "Gary Funck" <gary () intrepid com>
Date: Sun, 5 Mar 2006 22:48:38 -0800
[This is likely old news, however, there was a recent sighting
on the GCC list,
http://gcc.gnu.org/ml/gcc/2006-03/msg00187.html
where the CEO of Coverity mentions that they'd like to include
GCC into their study of software defects.]

http://www.eweek.com/article2/0,1895,1909946,00.asp

DHS Funds Open-Source Security Project
January 11, 2006

By  Ryan Naraine
The U.S. government's Department of Homeland Security plans to spend $1.24
million over three years to fund an ambitious software auditing project
aimed at beefing up the security and reliability of several widely deployed
open-source products.
The grant, called the "Vulnerability Discovery and Remediation Open Source
Hardening Project," is part of a broad federal initiative to perform daily
security audits of approximately 40 open-source software packages, including
Linux, Apache, MySQL and Sendmail.

The plan is to use source code analysis technology from San Francisco-based
Coverity Inc. to pinpoint and correct security vulnerabilities and other
potentially dangerous defects in key open-source packages.

Software engineers at Stanford University will manage the project and
maintain a publicly available database of bugs and defects.

Anti-virus vendor Symantec Corp. is providing guidance as to where security
gaps might be in certain open-source projects.
[...]


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: