FOSS is immune if you only provide source code. As source != product. It's only software after it's compiled by a compiler into machine code, which the original developer is not responsible for. Also, yes I believe commercial developers who charge money should be held liable for every mistake they make, after all, a carpenter is held liable for mistakes, as is a builder, plumber and/or electrician. If the workmanship is not up to standard, the client should be compensated for any actual damages as a result of said bad workmanship. This applies to bugs in software too. Commercial software companies have been given a free ride for too long. $5.00 for an update that causes downtime is pittance from Microsoft.

or the software is free and you pay for download access, like indie developers do to avoid needing to pay lawyers to write contracts/licenses which indemnify the developer.

You can indemnify yourself if you're providing free software, completely free products/services can never have a mandatory contractual agreement provided under law; that's why in some countries Apple had to charge people a penny for some products/services. Also, if you don't provide binaries, you're not liable for those binaries. No-one can be held liable for the source code itself. Software people pay for should come with a contract whereby the company is liable if disruption to business, loss of profits and other harms are caused due to bugs.

Only paid software would be affected by this. So the industry would change to revolve around the support market, so as to shut out the need for insurance. Indie devs will continue to be paid because they can charge a fee for signed download/update access, rather than for the software itself. This type of legislation would only ruin companies charging money for evil proprietary software, companies that already deliver SLAs like Red Hat would be in the clear.

If a business wants to charge people money for a proprietary product, then there should be liability attached. Why? Because DRM has screwed up too many computers, look at Ubisoft, Sony and any company using StarForce for examples. Also, if a program which is fully patched within 7 days of the latest release causes damage or renders inoperable a computer system due to exploited bugs, the developer/publisher should be held liable. Why? Because they wrote a program which specifically allowed malicious attackers to cause damage.

To follow the Microsoft analogy: If a burglar manages to kick a door through because the hinges weren't screwed in correctly or if a burglar manages to break the lock easily because the lock was not fitted properly; then the manufacturers are held liable.

Free Software which is free as in freedom and free as in free beer would naturally be exempt, as it is provided free of charge and the end user is expected to be able to audit the software herself.