hubertf's NetBSD Blog
Send interesting links to hubert at feyrer dot de!
 
[20080109] Article: PHP, Perl and Python pass Homeland Security test
In 2006, the US Department of Homeland Security joined up with Coverity to scan Open Source software for security problems, and provide the results to the projects for fixing. Here's an intermediate(?) status report of the project now: ``Coverity, which creates automated source-code analysis tools, announced late Monday its first list of open-source projects that have been certified as free of security defects.''

There were three "rungs" of projects, with eleven being rated as "bug free" in "rung 2": Amanda, NTP, OpenPAM, OpenVPN, Overdose, Perl, PHP, Postfix, Python, Samba, and TCL. Rung 1 now includes 86 projects. Rung 0, the lowest level, currently lists 173 projects.

NetBSD is part of the scans, and it currently ranks in "rung 1", which currently contains 86 projects. NetBSD shows 1.316 fixed bugs, 196 verified bugs and 1405 uninspected bugs in 4.7mio lines of code, resulting in an average of 0.335 bugs per 1000 lines of code.

Rung 0, the "worst" category currently lists 173 projects, so NetBSD is about average - but there's always room to improve!

[Tags: , , ]


Disclaimer: All opinion expressed here is purely my own. No responsibility is taken for anything.

Access count: 36182836
Copyright (c) Hubert Feyrer