DHS Open Source Hardening Project
Bruno Wolff III
bruno at wolff.to
Tue May 20 07:28:27 UTC 2008
On Mon, May 19, 2008 at 14:13:05 -0400,
"McGuffey, David C." <DAVID.C.MCGUFFEY at saic.com> wrote:
> I understand that DHS is funding an effort to use commercial tools to
> find bugs in open source software. I guess the official name is
> Vulnerability Discovery and Remediation, Open Source Hardening Project,
> but the common handle seems to be simply Open Source Hardening Project.
>
> There was an interesting article at ZDnet...some pros and some cons:
> http://news.zdnet.com/2100-1009_22-6025579.html
>
> Question...is the Fedora development community benefiting from this
> effort?
I wouldn't expect there to be direct visibility to Fedora as that kind
of work is going to be upstream of Fedora. I am aware of Coverity providing
information (though I am not sure if it was funded by DHS, it may have
been part of their marketing strategy) for some projects that have code
in Fedora (e.g. Postgres).
More information about the fedora-list
mailing list