Coverity Scan projects for OpenSSL?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> openssl/openssl is for current maser.
> OpenSSL_release is for 1.0.2
>
> Note1: we might review that now that 1.1.0 has been released.
>
> Note2: we recently changed our policy on Coverity access. Previously we
> did not typically allow access to the defect reports. Now we allow
> Defect viewer access to anyone that requests it.

These numbers are outstanding.

    Defect Density - 0.02
    Outstanding Defects - 4

Why aren't you announcing them?

You might also consider providing an announcement when new results are
available at a significant point in time for those interested in this
sort of thing. "Significant point in time" might be after a major
merge or passing through the release process security gate.

The announcement also raises awareness for the folks who are not
following the project on Coverity Scan. Ideally, your announcement
would be picked up by users of OpenSSL. They would register their
projects and start raising the bar in their software, too.

Jeff
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux