The US Department of Homeland Security is paying out $1.24m (£730,000) to hunt for bugs in open-source software...
and develop an open-source code scanner to help prevent future errors.
The department is financing the project because an increasing number of mission-critical systems in the internet and IT infrastructure are using open-source solutions.
The bulk of the money is going to Stanford University in the US, with smaller sums going to Coverity, a software engineering company that uses technology developed in the Computer Systems Laboratory at Stanford University, to fund development of an open-source code scanner. Security software giant Symantec will also receive funding.
Open-source software that will be analysed by the project includes Apache, Firebird, Firefox, FreeBSD, KDE, Linux, MySQL, OpenLDAP, OpenSSL, OpenVPN and Samba.
Under the project, Stanford and Coverity will build and maintain a system to conduct daily scans of code contributed to popular open-source projects.
Symantec will provide security intelligence and double-check the database results. The automated system is expected to be running by March and the database of bugs will be accessible to developers.
It is hoped that developers will consult the database before releasing open-source solutions as finished code.