A new Mozilla fund, called Secure Open Source, aims to provide security audits of open-source code, following the discovery of critical security bugs like Heartbleed and Shellshock in key pieces of the software.
Mozilla has set up a $500,000 initial fund that will be used for paying professional security firms to audit project code. The foundation will also work with the people maintaining the project to support and implement fixes and manage disclosures, while also paying for the verification of the remediation to ensure that identified bugs have been fixed.
Read more at ComputerWorld
