Programmers who create security holes will suffer if those security holes are disclosed; good! They obviously need more incentive to check their work. The security holes are their fault, not yours. If you're worried about them shooting the messenger, post anonymously.
D. J. Bernstein, http://securesoftware.list.cr.yp.to/contributors.html
Mongers have been known to engage in a number of activites. One of these activities is software auditing for the purpose of identifying and fixing security and reliability issues. OpenBSD have been doing this for years and it is time other software gained the increased assurance that follows a code inspection. Please read about this activity before proceeding, which will explain our efforts in detail.
If you have the skills and agree with our approach, you should consider joining our project. More specifically, if you are auditing software to boost your ego, join Sardonix instead.
Applications we have audited (or intend to audit) in alphabetical order. Our audit results only apply to the listed releases as authors may have changed any number of things between releases. In each audit report we list the specific version we reviewed along with MD5 and SHA1 hashes of the source distribution archive.