Hi friends,
I spent some time looking into our 30 reported security problems reported to
curl and libcurl over the years. Like how long they existed in the code until
found and how that has changed (or not) over time. It also includes a few
graphs.
Read the whole thing on my blog:
http://daniel.haxx.se/blog/2015/02/23/bug-finding-is-slow-in-spite-of-many-eyeballs/
--
/ daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html