funsec mailing list archives
DHS Funds Open-Source Security Project
From: "Gary Funck" <gary () intrepid com>
Date: Sun, 5 Mar 2006 22:48:38 -0800
[This is likely old news, however, there was a recent sighting on the GCC list, http://gcc.gnu.org/ml/gcc/2006-03/msg00187.html where the CEO of Coverity mentions that they'd like to include GCC into their study of software defects.] http://www.eweek.com/article2/0,1895,1909946,00.asp DHS Funds Open-Source Security Project January 11, 2006 By Ryan Naraine The U.S. government's Department of Homeland Security plans to spend $1.24 million over three years to fund an ambitious software auditing project aimed at beefing up the security and reliability of several widely deployed open-source products. The grant, called the "Vulnerability Discovery and Remediation Open Source Hardening Project," is part of a broad federal initiative to perform daily security audits of approximately 40 open-source software packages, including Linux, Apache, MySQL and Sendmail. The plan is to use source code analysis technology from San Francisco-based Coverity Inc. to pinpoint and correct security vulnerabilities and other potentially dangerous defects in key open-source packages. Software engineers at Stanford University will manage the project and maintain a publicly available database of bugs and defects. Anti-virus vendor Symantec Corp. is providing guidance as to where security gaps might be in certain open-source projects. [...] _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- DHS Funds Open-Source Security Project Gary Funck (Mar 05)