John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, lots of other hashes and ciphers are added in the community-enhanced version (-jumbo), and some are added in John the Ripper Pro.
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel. In addition to the new features, some versions of the patch contain various security fixes. The "hardening" features of the patch, while not a complete method of protection, provide an extra layer of security against the easier ways to exploit certain classes of vulnerabilities and/or reduce the impact of those vulnerabilities. The patch can also add a little bit more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing.
passwdqc is a password/passphrase strength checking and policy enforcement tool set, including an optional PAM module (pam_passwdqc), command-line programs (pwqcheck and pwqgen), and a library (libpasswdqc). On systems with PAM, pam_passwdqc is normally invoked on password changes by programs such as passwd(1). It is capable of checking password or passphrase strength, enforcing a policy, and offering randomly-generated passphrases, with all of these features being optional and easily (re-)configurable. pwqcheck and pwqgen are standalone password/passphrase strength checking and random passphrase generator programs, respectively, and are usable from scripts. libpasswdqc is the underlying library, which may also be used from third-party programs.
Owl (Openwall GNU/*/Linux) is a small security-enhanced Linux distribution for servers. Owl also makes a good base system for customized virtual machine images and embedded systems, and Owl live CDs with remote SSH access are good for recovering or installing systems (whether with Owl or not). A single Owl CD includes the full live system, installable packages, the installer program, as well as full source code and the build environment capable of rebuilding the entire system from source. Owl supports multiple architectures (x86, x86-64, SPARC, and Alpha) and offers some compatibility for packages developed for other Linux distributions. The primary approaches to security are proactive source code review, privilege reduction, privilege separation, careful selection of third-party software, safe defaults, and "hardening" to reduce the likelihood of successful exploitation of security flaws.
crypt_blowfish is an efficient implementation of a modern password hashing algorithm, based on the Blowfish block cipher, provided via the crypt(3) and a reentrant interface. It is compatible with bcrypt as used in OpenBSD. It is adaptable to future processor performance improvements, allowing you to arbitrarily increase the processing cost of checking a password while still maintaining compatibility with your older password hashes. The hashes it produces are several orders of magnitude stronger than traditional Unix DES-based or FreeBSD-style MD5-based hashes.
msulogin is the single-user mode login program used to force the console user to login under a root account before a shell is started. Unlike other implementations of sulogin, this one supports having multiple root accounts on a system. msulogin has been developed as a part of Openwall GNU/*/Linux and is being made available separately primarily for use by other distributions. Currently, msulogin supports only systems with getspnam(3).
The tcb suite implements the alternative password shadowing scheme on Openwall GNU/*/Linux (Owl) which allows many core system utilities (passwd(1) being the primary example) to operate with little privilege. It is being made available separately from Owl primarily for use by other distributions. This package contains three core components of the tcb suite: pam_tcb (a PAM module which supersedes pam_unix), libnss_tcb (the accompanying NSS module), and libtcb (a library for accessing tcb shadow files, used by the PAM and NSS modules as well as by user management tools on Owl).
pam_userpass is a PAM module for use specifically by services implementing non-interactive protocols and wishing to verify a username/password pair. It uses Linux-PAM binary prompts to make it possible for applications to no longer make the flawed assumption that PAM_PROMPT_ECHO_ON requests the username and PAM_PROMPT_ECHO_OFF requests the password. It doesn't perform any actual user authentication; that is left up to further modules in the PAM stack (e.g., to pam_tcb or pam_unix).
phpass is a portable password hashing framework for use in PHP applications. The preferred (most secure) hashing method supported by phpass is the OpenBSD-style bcrypt (known in PHP as CRYPT_BLOWFISH), with a fallback to BSDI-style extended DES-based hashes (known in PHP as CRYPT_EXT_DES), and a last resort fallback to an MD5-based variable iteration count password hashing method implemented in phpass itself.
blists is a Web interface to mailing list archives. It works off indexed mbox files. It includes two programs: bindex and bit. bindex generates or updates the index file (incremental updates are supported). bit is a CGI/SSI program that generates Web pages on the fly. Both programs are written in C and are very fast.
php_mt_seed finds possible seeds given the very first PHP mt_rand() output after possible seeding with mt_srand(). With advanced invocation modes, php_mt_seed is also able to match multiple, non-first, and/or inexact mt_rand() outputs to possible seed values. php_mt_seed is written in C with optional SIMD intrinsics (SSE4.1/AVX, XOP, AVX2, MIC) and OpenMP. On a modern quad-core CPU, it is able to search the full 32-bit seed space in one minute (or in just seven seconds on Xeon Phi).
As what I think could be a better alternative to djzort's suggestion to "syndicate automatically", how about encouraging Freshmeat^WFreecode users to submit high-quality updates to projects other than their own? Introduce some kind of rankings, prizes (even something as simple as free Freecode t-shirts for active contributors, which would also serve to promote Freecode). Maybe hire someone to submit updates to popular (at Freecode) and to other major projects (not necessarily popular at Freecode yet, because some major projects are only "non-popular" at Freecode for lack of update postings here). Currently, I am aware of exactly one Freecode user who regularly posts updates to major projects that are not his own (such as the FSF/GNU stuff - the maintainers of those projects typically do not post updates on their own). This is user barsnick. I thanked him for this activity via private e-mail a while ago, but a more tangible thanks from Freecode is in order, I think.
Impressive progress during the first month after initial public release. :-)