Google is sponsoring an open-source security response group called oCERT.
oCERT is a fledgling security reporting group for the open-source community.
Google, long a proponent of open-source software, is now one of three sponsors of oCERT, the Open Source Computer Emergency Response Team.
Launched in late March, oCERT aims to be a clearing house for data on security vulnerabilities in open-source products, keeping open-source distributors on top of flaws and helping small software projects ensure that users of their code are aware of any issues.
oCERT has published four advisories since its inception. In addition to Google, it is sponsored by Inverse Path and the Open Source Lab.
There are already many CERT efforts, which coordinate responses to security threats, but oCERT hopes to meet the unique requirements of the open-source community, where software is often re-used but patches are not always circulated to everyone who needs them.
"It is my hope that this initiative will not only aid in remediating security issues in a timely fashion, but also provide a means for additional security contributions to the open source community," wrote Google's Will Drewry in a Monday post to the company's security blog.