The EU has announced a nice amount of funding for 14 open-source projects as part of the 3rd FOSSA,

The 14 projects that they have listed, in a tidy alphabetical order are – 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services (DSS), Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PuTTY, the Symfony PHP framework, VLC Media Player, and WSO2,

These applications build on the previous 2 FOSSA events adding a huge selection of open source applications for audit, if you haven’t heard of some of these they are well worth checking out!

FOSSA returns for its third edition with budgets for 14 bug bounty programs, with the highest budgets being reserved for PuTTY and the Drupal CMS.

Software ProjectBug Bounty Amount (Euro)Start DateEnd DateBug Bounty Platform
Filezilla58.000,00 €07/01/201915/08/2019HackerOne
Apache Kafka58.000,00 €07/01/201915/08/2019HackerOne
Notepad++71.000,00 €07/01/201915/08/2019HackerOne
PuTTY90.000,00 €07/01/201915/12/2019HackerOne
VLC Media Player58.000,00 €07/01/201915/08/2019HackerOne
FLUX TL34.000,00 €15/01/201915/10/2019Intigriti/Deloitte
KeePass71.000,00 €15/01/201931/07/2019Intigriti/Deloitte
7-zip58.000,00 €30/01/201915/04/2020Intigriti/Deloitte
Digital Signature Services (DSS)25.000,00 €30/01/201915/10/2019Intigriti/Deloitte
Drupal89.000,00 €30/01/201915/10/2020Intigriti/Deloitte
GNU C Library (glibc)45.000,00 €30/01/201915/12/2019Intigriti/Deloitte
PHP Symfony39.000,00 €30/01/201915/10/2019Intigriti/Deloitte
Apache Tomcat39.000,00 €30/01/201915/10/2019Intigriti/Deloitte
WSO258.000,00 €30/01/201915/04/2020Intigriti/Deloitte
midPoint58.000,00 €01/03/201915/08/2019HackerOne

Starting with January, security researchers and security companies can hunt vulnerabilities in these open source projects and report them to the bug bounty programs linked above, in the hopes of a monetary reward, if the bug report is approved and results in a patch.