A recent security study’s findings are probably likely to shock a little bit the increasing number of open source projects’ fans. Nowadays, writing open source software seems to have become kind of a trend, but despite its obvious benefits, this set of principles and practices seems to be prone to security glitches and this is quite a risky side effect.

The United States’ Department of Homeland Security and a security firm’s experts spent two years with conducting a study that eventually revealed an average of one security glitch per 1,000 lines of code in no less than 180 widely used open source software projects. Called the Open Source Hardening Project, the $300,000 program is sponsored by the Department of Homeland Security and carried out by Coverity and Stanford University and it was initially launched in 2006 to review the code of 180 widely used open source software projects.

According to Coverity, the program’s findings showed that all of the 180 open sources software projects had significant numbers of security flaws. The company also said that since 2006 the study had helped fix no less than 7,826 open source flaws in 250 projects, out of 50 million lines of code scanned.

On Wednesday Coverity advanced the first batch of 11 open source projects to the second step of the bug-cleansing process, called Rung 2. These projects are Amanda, NTP, OpenPAM, OpenVPN, Overdose, Perl, PHP, Postfix, Python, Samba, and TCL. Rung 2 represents the highest security level reached until now under the Department of Homeland Security’s project.