svn commit: r52958 - in head: en_US.ISO8859-1/htdocs en_US.ISO8859-1/htdocs/security share/xml
Remko Lodder
remko at FreeBSD.org
Fri Apr 26 19:16:48 UTC 2019
Author: remko
Date: Fri Apr 26 19:16:46 2019
New Revision: 52958
URL: https://svnweb.freebsd.org/changeset/doc/52958
Log:
Remove myself as so-deputy. It had been a journey. Thanks all!
Modified:
head/en_US.ISO8859-1/htdocs/administration.xml
head/en_US.ISO8859-1/htdocs/security/reporting.xml
head/en_US.ISO8859-1/htdocs/security/security.xml
head/share/xml/authors.ent
Modified: head/en_US.ISO8859-1/htdocs/administration.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/administration.xml Wed Apr 24 18:33:03 2019 (r52957)
+++ head/en_US.ISO8859-1/htdocs/administration.xml Fri Apr 26 19:16:46 2019 (r52958)
@@ -167,7 +167,6 @@
<li>&a.joneum.email;</li>
<li>&a.feld.email;</li>
<li>&a.miwi.email;</li>
- <li>&a.remko.email;</li>
<li>&a.zi.email;</li>
<li>&a.simon.email;</li>
<li>&a.sbz.email;</li>
@@ -197,7 +196,6 @@
<li>&a.blackend.email;</li>
<li>&a.rgrimes.email;</li>
<li>&a.delphij.email;</li>
- <li>&a.remko.email; (Security Team Liaison)</li>
<li>&a.hrs.email;</li>
<li>&a.glebius.email;</li>
<li>&a.marius.email; (Deputy Lead)</li>
@@ -278,7 +276,6 @@
<li>&a.des.email; (Officer Emeritus)</li>
<li>&a.gjb.email; (Cluster Administrators Team Liaison)</li>
<li>&a.emaste.email; (Officer Deputy)</li>
- <li>&a.remko.email; (Officer Deputy)</li>
<li>&a.brooks.email; (Core Team Liaison)</li>
</ul>
Modified: head/en_US.ISO8859-1/htdocs/security/reporting.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/security/reporting.xml Wed Apr 24 18:33:03 2019 (r52957)
+++ head/en_US.ISO8859-1/htdocs/security/reporting.xml Fri Apr 26 19:16:46 2019 (r52958)
@@ -89,10 +89,6 @@
<td>Deputy Security Officer</td>
</tr>
<tr valign="top">
- <td>&a.remko.email;</td>
- <td>Deputy Security Officer</td>
- </tr>
- <tr valign="top">
<td>&a.delphij.email;</td>
<td>Security Officer Emeritus</td>
</tr>
Modified: head/en_US.ISO8859-1/htdocs/security/security.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/security/security.xml Wed Apr 24 18:33:03 2019 (r52957)
+++ head/en_US.ISO8859-1/htdocs/security/security.xml Fri Apr 26 19:16:46 2019 (r52958)
@@ -52,6 +52,44 @@
href="reporting.html">reporting FreeBSD security incidents</a>
page.</p>
+ <a name="when-reporting"></a>
+ <h2>When is a Security Advisory considered?</h2>
+
+ <p>For every issue that gets reported, an internal tracking number is
+ created, unless something is very obviously not a security issue.
+ To determine whether or not a Security Advisory is warranted we use
+ the following scheme:</p>
+
+ <ul>
+ <li>Is it a privilege escalation vulnerability?</li>
+ <li>Is it a code injection vulnerability?</li>
+ <li>Is it a memory disclosure or dataleak vulnerability?
+ <ul>
+ <li>From either the kernel</li>
+ <li>From a privileged process</li>
+ <li>From a process owned by another user?</li>
+ </ul>
+ </li>
+ <li>Is it a Denial of Service vulnerability?
+ <ul>
+ <li>Only when remotely exploitable, where remotely means that it
+ comes from a different broadcast domain, so ARP and/or NDP based
+ attacks do not qualify.</li>
+ </ul>
+ </li>
+ <li>Is it an unassisted jailbreak vulnerability?</li>
+ <li>Is it a malfunction that could lead to generating insecure crypto keys,
+ such as a PRNG bug?</li>
+ </ul>
+
+ <p>For items that fall under these categories, a Security Advisory is very likely.
+ Items that are not on this list are looked into individually and it will be determined
+ then whether or not it will receive a Security Advisory or an Errata Notice.</p>
+
+ <p>Once it had been determined that a Security Advisory is warranted, either the
+ submitter delivers a CVE number if he/she already requested one, or we use one
+ from the FreeBSD pool available.</p>
+
<a name="recent"></a>
<h2>Recent FreeBSD security vulnerabilities</h2>
Modified: head/share/xml/authors.ent
==============================================================================
--- head/share/xml/authors.ent Wed Apr 24 18:33:03 2019 (r52957)
+++ head/share/xml/authors.ent Fri Apr 26 19:16:46 2019 (r52958)
@@ -2662,7 +2662,7 @@
<!ENTITY a.so '&a.gordon;'>
<!ENTITY a.so.email '&a.gordon.email;'>
-<!ENTITY a.so-team '&a.delphij;, &a.des;, &a.gavin;, &a.gjb;, &a.glebius;, &a.remko;'>
+<!ENTITY a.so-team '&a.delphij;, &a.des;, &a.emaste; &a.gavin;, &a.gjb;'>
<!-- FreeBSD cluster entities -->
<!ENTITY a.keymaster "Self-Serve SSH key changer">
More information about the svn-doc-all
mailing list