Coverity problems?

[Ivan Voras]

Hi,

I got a link to this article via ACM TechNews: 
http://www.informationweek.com/story/showArticle.jhtml?articleID=205600229&%0Acid=RSSfeed_IWK_All

"""
Linux came in with far fewer defects than average as did a number of 
other open source projects. The version 2.6 of the Linux kernel had a 
security bug rate of .127 per thousand lines of code. The kernel scan 
covered 3,639,322 lines of code. As exposures were identified by 
repeated scans, 452 defects have been fixed by kernel developers; 48 
have been verified but not yet fixed; another 413 remain to be verified 
and fixed, according to code scanning results posted on the Coverity Web 
site.

FreeBSD, sometimes posed as an alternative to Linux, has been slower to 
respond to the Coverity scans. In 1,582,166 lines of code, it has fixed 
zero defects, verified six and has another 605 to go.
"""

These numbers seem strange and out of proportion. I know there has been 
prior cooperation with Coverity - is this just old data?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20080111/76eb842c/signature.pgp