«

http://news.zdnet.com/2100-1009_22-6...ml?tag=nl.e550
Developers have quickly fixed many bugs in popular open-source packages that
were flagged as part of a U.S. government-sponsered bug hunt.

More than 900 flaws were repaired in the two weeks after Coverity, which
makes tools to analyze source code, announced the results of its first scan
of 32 open-source projects. As a result, some of the software is entirely
bug free, Coverity said in a statement on Monday.
--
Rule 6: There is no Rule 6.

Shane wrote:

> http://news.zdnet.com/2100-1009_22-6...ml?tag=nl.e550
> Developers have quickly fixed many bugs in popular open-source packages
> that were flagged as part of a U.S. government-sponsered bug hunt.
>
> More than 900 flaws were repaired in the two weeks after Coverity, which
> makes tools to analyze source code, announced the results of its first
> scan
> of 32 open-source projects. As a result, some of the software is entirely
> bug free, Coverity said in a statement on Monday.

er **** I better paste some more... thats just the bit about finding flaws
<blush>
The open-source bug hunt is part of a three-year "Open Source Hardening
Project," dedicated to helping make such software as secure as possible. In
January, the U.S. Department of Homeland Security awarded $1.24 million to
Stanford University, Coverity and Symantec to find vulnerabilities in
open-source projects.

In its initial analysis on March 6, Coverity scanned more than 17.5 million
lines of code from 32 open-source projects. On average, 0.434 bugs per
1,000 lines of code were found, the company said at the time.

More than 200 developers registered for access to the online defect database
in the week after the first results were published. Since then, programmers
for the Samba, Amanda and XMMS projects eliminated all the defects that the
initial analysis detected, Coverity said Monday.

Samba, a popular open-source project used to connect Linux and Microsoft
Windows networks, showed the fastest developer response, Coverity said. The
number of flaws was reduced from 216 to 18 in one week and to zero in two
weeks.
--
Rule 6: There is no Rule 6.

On Thu, 06 Apr 2006 13:57:14 +1200, Shane <> wrote:


>In its initial analysis on March 6, Coverity scanned more than 17.5 million
>lines of code from 32 open-source projects. On average, 0.434 bugs per
>1,000 lines of code were found, the company said at the time.
>


Do we hear someone spitting their nice cup of tea all over their monitor?

Invisible wrote:

> On Thu, 06 Apr 2006 13:57:14 +1200, Shane <>
> wrote:
>
>
>>In its initial analysis on March 6, Coverity scanned more than 17.5
>>million lines of code from 32 open-source projects. On average, 0.434 bugs
>>per 1,000 lines of code were found, the company said at the time.
>>
>
>
> Do we hear someone spitting their nice cup of tea all over their monitor?
>
>


No surprises on what you focus on then...

--
Rule 6: There is no Rule 6.

On Thu, 06 Apr 2006 15:10:51 +1200, Invisible wrote:

> On Thu, 06 Apr 2006 13:57:14 +1200, Shane <> wrote:
>
>
>>In its initial analysis on March 6, Coverity scanned more than 17.5 million
>>lines of code from 32 open-source projects. On average, 0.434 bugs per
>>1,000 lines of code were found, the company said at the time.
>
> Do we hear someone spitting their nice cup of tea all over their monitor?

I posted a URL to that article, or to a similar one reporting the exact
same press release weeks ago.


Have A Nice Cup of Tea

--
1/ Migration to Linux only costs money once. Higher Windows TCO is forever.
2/ "Shared source" is a poison pill. Open Source is freedom.
3/ Only the Windows boxes get the worms.