Coverity Reports Open Source Security Making Great Strides

Coverity is claiming they have found and helped to fix more than 7,500 security flaws in open source software since the inception of the governmentally backed project designed to harden open source software. The company has also identified eleven projects that have been especially responsive in correcting security problems. "Eleven projects have been awarded the newly announced status of Rung 2, including those known as Amanda, NTP, OpenPAM, OpenVPN, Overdose, Perl, PHP, Postfix, Python, Samba, and TCL."

Experience with Nmap

[katterjohn]

I've been working with Nmap for nearly 2 years now; I went over a Coverity scan of the Nmap source code and fixed many possible bugs (mostly NULL dereferences). Coverity has a great interface and documented the bugs well.

Update on the article is posted

[ivoras]

There's an update on the article here: http://www.informationweek.com/blog/main/archives/2008/01/oops_look_at_th.html See also http://lists.freebsd.org/pipermail/freebsd-hackers/2008-January/022854.html for discussion on FreeBSD.