svn commit: r278275 - in stable: 8/release/doc/share/xml 9/release/doc/share/xml
Glen Barber
gjb at FreeBSD.org
Thu Feb 5 19:31:43 UTC 2015
Author: gjb
Date: Thu Feb 5 19:31:41 2015
New Revision: 278275
URL: https://svnweb.freebsd.org/changeset/base/278275
Log:
Add the 'security.url' macro to stable/9 and stable/8
branches, and replace hard-coded (and inconsistent) URLs
in security.xml and errata.xml.
Prefer https:// over http://.
Sponsored by: The FreeBSD Foundation
Modified:
stable/8/release/doc/share/xml/errata.xml
stable/8/release/doc/share/xml/release.ent
stable/8/release/doc/share/xml/security.xml
Changes in other areas also in this revision:
Modified:
stable/9/release/doc/share/xml/errata.xml
stable/9/release/doc/share/xml/release.ent
stable/9/release/doc/share/xml/security.xml
Modified: stable/8/release/doc/share/xml/errata.xml
==============================================================================
--- stable/8/release/doc/share/xml/errata.xml Thu Feb 5 19:17:37 2015 (r278274)
+++ stable/8/release/doc/share/xml/errata.xml Thu Feb 5 19:31:41 2015 (r278275)
@@ -19,14 +19,14 @@
<tbody>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-13:01.fxp.asc">FreeBSD-EN-13:01.fxp</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-13:01.fxp.asc">FreeBSD-EN-13:01.fxp</link></entry>
<entry>28 June 2013</entry>
<entry><para>Fixed a problem where &man.dhclient.8; would
infinitely try to intialize &man.fxp.4;</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-13:02.vtnet.asc">FreeBSD-EN-13:02.vtnet</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-13:02.vtnet.asc">FreeBSD-EN-13:02.vtnet</link></entry>
<entry>28 June 2013</entry>
<entry><para>Fixed a problem frames sent to additional MAC
addresses are not forwarded to the &man.vtnet.4;
@@ -34,80 +34,80 @@
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-13:04.freebsd-update.asc">FreeBSD-EN-13:04.freebsd-update</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-13:04.freebsd-update.asc">FreeBSD-EN-13:04.freebsd-update</link></entry>
<entry>26 October 2013</entry>
<entry><para>Multiple fixes</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-13:05.freebsd-update.asc">FreeBSD-EN-13:05.freebsd-update</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-13:05.freebsd-update.asc">FreeBSD-EN-13:05.freebsd-update</link></entry>
<entry>28 November 2013</entry>
<entry><para>Fix INDEX generation</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:01.random.asc">FreeBSD-EN-14:01.random</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-14:01.random.asc">FreeBSD-EN-14:01.random</link></entry>
<entry>14 January 2014</entry>
<entry><para>Disable hardware RNGs by default</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:02.mmap.asc">FreeBSD-EN-14:02.mmap</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-14:02.mmap.asc">FreeBSD-EN-14:02.mmap</link></entry>
<entry>14 January 2014</entry>
<entry><para>Fix incorrect coalescing of stack
entry</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:03.pkg.asc">FreeBSD-EN-14:03.pkg</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-14:03.pkg.asc">FreeBSD-EN-14:03.pkg</link></entry>
<entry>15 May 2014</entry>
<entry><para>Add pkg bootstrapping, configuration and public
keys</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:04.kldxref.asc">FreeBSD-EN-14:04.kldxref</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-14:04.kldxref.asc">FreeBSD-EN-14:04.kldxref</link></entry>
<entry>15 May 2014</entry>
<entry><para>Improve build repeatability for
&man.kldxref.8;</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:06.exec.asc">FreeBSD-EN-14:06.exec</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-14:06.exec.asc">FreeBSD-EN-14:06.exec</link></entry>
<entry>3 June 2014</entry>
<entry><para>Fix triple-fault when executing from a threaded
process</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:08.heimdal.asc">FreeBSD-EN-14:08.heimdal</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-14:08.heimdal.asc">FreeBSD-EN-14:08.heimdal</link></entry>
<entry>24 June 2014</entry>
<entry><para>Fix <literal>gss_pseudo_random()</literal>
interoperability issue</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:09.jail.asc">FreeBSD-EN-14:09.jail</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-14:09.jail.asc">FreeBSD-EN-14:09.jail</link></entry>
<entry>8 July 2014</entry>
<entry><para>Fix jail fails to start if
WITHOUT_INET/WITHOUT_INET6 is use</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:10.tzdata.asc">FreeBSD-EN-14:10.tzdata</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-14:10.tzdata.asc">FreeBSD-EN-14:10.tzdata</link></entry>
<entry>21 October 2014</entry>
<entry><para>Time zone data file update</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:12.zfs.asc">FreeBSD-EN-14:12.zfs</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-14:12.zfs.asc">FreeBSD-EN-14:12.zfs</link></entry>
<entry>4 November 2014</entry>
<entry><para>Fix NFSv4 and ZFS cache consistency
issue</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:13.freebsd-update.asc">FreeBSD-EN-14:13.freebsd-update</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-EN-14:13.freebsd-update.asc">FreeBSD-EN-14:13.freebsd-update</link></entry>
<entry>23 December 2014</entry>
<entry><para>Fix directory deletion issue</para></entry>
</row>
Modified: stable/8/release/doc/share/xml/release.ent
==============================================================================
--- stable/8/release/doc/share/xml/release.ent Thu Feb 5 19:17:37 2015 (r278274)
+++ stable/8/release/doc/share/xml/release.ent Thu Feb 5 19:31:41 2015 (r278275)
@@ -22,6 +22,9 @@
<!-- The URL for obtaining this version of FreeBSD. -->
<!ENTITY release.url "ftp://ftp.FreeBSD.org/">
+<!-- The URL for Security Advisories and Errata Notices. -->
+<!ENTITY security.url "https://www.FreeBSD.org/security/advisories">
+
<!-- The type of release (usually this will be either "snapshot"
or "release" -->
<!-- WARNING: Do not forget to also change the release type in
@@ -43,7 +46,7 @@
<!ENTITY release ''>
<!-- The manpaths for man page references -->
-<!ENTITY release.man.url "http://www.FreeBSD.org/cgi/man.cgi">
+<!ENTITY release.man.url "https://www.FreeBSD.org/cgi/man.cgi">
<!ENTITY release.manpath.xorg "7.5">
<!ENTITY release.manpath.netbsd "5.1">
<!ENTITY release.manpath.freebsd-ports "Ports">
Modified: stable/8/release/doc/share/xml/security.xml
==============================================================================
--- stable/8/release/doc/share/xml/security.xml Thu Feb 5 19:17:37 2015 (r278274)
+++ stable/8/release/doc/share/xml/security.xml Thu Feb 5 19:31:41 2015 (r278275)
@@ -19,14 +19,14 @@
<tbody>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:07.bind.asc">FreeBSD-SA-13:07.bind</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-13:07.bind.asc">FreeBSD-SA-13:07.bind</link></entry>
<entry>26 July 2013</entry>
<entry><para>Denial of Service vulnerability in
&man.named.8;</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:09.ip_multicast.asc">FreeBSD-SA-13:09.ip_multicast</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-13:09.ip_multicast.asc">FreeBSD-SA-13:09.ip_multicast</link></entry>
<entry>21 August 2013</entry>
<entry><para>Integer overflow in computing the size of
a temporary buffer can result in a buffer which is too
@@ -34,14 +34,14 @@
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:10.sctp.asc">FreeBSD-SA-13:10.sctp</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-13:10.sctp.asc">FreeBSD-SA-13:10.sctp</link></entry>
<entry>21 August 2013</entry>
<entry><para>Fix a bug that could lead to kernel memory
disclosure with SCTP state cookie</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:12.ifioctl.asc">FreeBSD-SA-13:12.ifioctl</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-13:12.ifioctl.asc">FreeBSD-SA-13:12.ifioctl</link></entry>
<entry>10 September 2013</entry>
<entry><para>In IPv6 and NetATM, stop
<literal>SIOCSIFADDR</literal>,
@@ -53,7 +53,7 @@
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:13.nullfs.asc">FreeBSD-SA-13:13.nullfs</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-13:13.nullfs.asc">FreeBSD-SA-13:13.nullfs</link></entry>
<entry>10 September 2013</entry>
<entry><para>Prevent cross-mount hardlinks between different
nullfs mounts of the same underlying
@@ -61,157 +61,157 @@
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:01.bsnmpd.asc">FreeBSD-SA-14:01.bsnmpd</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:01.bsnmpd.asc">FreeBSD-SA-14:01.bsnmpd</link></entry>
<entry>14 January 2014</entry>
<entry><para>bsnmpd remote denial of service
vulnerability</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:02.ntpd.asc">FreeBSD-SA-14:02.ntpd</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:02.ntpd.asc">FreeBSD-SA-14:02.ntpd</link></entry>
<entry>14 January 2014</entry>
<entry><para>ntpd distributed reflection Denial of Service
vulnerability</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:04.bind.asc">FreeBSD-SA-14:04.bind</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:04.bind.asc">FreeBSD-SA-14:04.bind</link></entry>
<entry>14 January 2014</entry>
<entry><para>BIND remote denial of service
vulnerability</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:05.nfsserver.asc">FreeBSD-SA-14:05.nfsserver</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:05.nfsserver.asc">FreeBSD-SA-14:05.nfsserver</link></entry>
<entry>8 April 2014</entry>
<entry><para>NFS deadlock vulnerability</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:06.openssl.asc">FreeBSD-SA-14:06.openssl</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:06.openssl.asc">FreeBSD-SA-14:06.openssl</link></entry>
<entry>8 April 2014</entry>
<entry><para>ECDSA Cache Side-channel Attack in
OpenSSL</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:08.tcp.asc">FreeBSD-SA-14:08.tcp</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:08.tcp.asc">FreeBSD-SA-14:08.tcp</link></entry>
<entry>30 April 2014</entry>
<entry><para>TCP reassembly vulnerability</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:11.sendmail.asc">FreeBSD-SA-14:11.sendmail</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:11.sendmail.asc">FreeBSD-SA-14:11.sendmail</link></entry>
<entry>5 June 2014</entry>
<entry><para>sendmail improper close-on-exec flag
handling</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:12.ktrace.asc">FreeBSD-SA-14:12.ktrace</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:12.ktrace.asc">FreeBSD-SA-14:12.ktrace</link></entry>
<entry>5 June 2014</entry>
<entry><para>ktrace memory disclosure</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:14.openssl.asc">FreeBSD-SA-14:14.openssl</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:14.openssl.asc">FreeBSD-SA-14:14.openssl</link></entry>
<entry>5 June 2014</entry>
<entry><para>OpenSSL multiple vulnerabilities</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:16.file.asc">FreeBSD-SA-14:16.file</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:16.file.asc">FreeBSD-SA-14:16.file</link></entry>
<entry>5 June 2014</entry>
<entry><para>Multiple vulnerabilities in &man.file.1; and
&man.libmagic.3;</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:17.kmem.asc">FreeBSD-SA-14:17.kmem</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:17.kmem.asc">FreeBSD-SA-14:17.kmem</link></entry>
<entry>8 July 2014</entry>
<entry><para>kernel memory disclosure in control message and
SCTP notifications</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:18.openssl.asc">FreeBSD-SA-14:18.openssl</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:18.openssl.asc">FreeBSD-SA-14:18.openssl</link></entry>
<entry>9 September 2014</entry>
<entry><para>Multiple vulnerabilities in
OpenSSL</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:19.tcp.asc">FreeBSD-SA-14:19.tcp</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:19.tcp.asc">FreeBSD-SA-14:19.tcp</link></entry>
<entry>16 September 2014</entry>
<entry><para>Denial of Service in TCP packet
processing</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:21.routed.asc">FreeBSD-SA-14:21.routed</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:21.routed.asc">FreeBSD-SA-14:21.routed</link></entry>
<entry>21 October 2014</entry>
<entry><para>&man.routed.8; denial of service
vulnerability</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:23.openssl.asc">FreeBSD-SA-14:23.openssl</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:23.openssl.asc">FreeBSD-SA-14:23.openssl</link></entry>
<entry>21 October 2014</entry>
<entry><para>Multiple vulnerabilities in
OpenSSL</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:25.setlogin.asc">FreeBSD-SA-14:25.setlogin</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:25.setlogin.asc">FreeBSD-SA-14:25.setlogin</link></entry>
<entry>4 November 2014</entry>
<entry><para>kernel stack disclosure in &man.setlogin.2; and
&man.getlogin.2;</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:26.ftp.asc">FreeBSD-SA-14:26.ftp</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:26.ftp.asc">FreeBSD-SA-14:26.ftp</link></entry>
<entry>4 November 2014</entry>
<entry><para>Remote command execution in
&man.ftp.1;</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:28.file.asc">FreeBSD-SA-14:28.file</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:28.file.asc">FreeBSD-SA-14:28.file</link></entry>
<entry>10 December 2014</entry>
<entry><para>Multiple vulnerabilities in &man.file.1; and
&man.libmagic.3;</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:29.bind.asc">FreeBSD-SA-14:29.bind</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:29.bind.asc">FreeBSD-SA-14:29.bind</link></entry>
<entry>10 December 2014</entry>
<entry><para>BIND remote denial of service
vulnerability</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:31.ntp.asc">FreeBSD-SA-14:31.ntp</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-14:31.ntp.asc">FreeBSD-SA-14:31.ntp</link></entry>
<entry>23 December 2014</entry>
<entry><para>Multiple vulnerabilities in NTP
suite</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-15:01.openssl.asc">FreeBSD-SA-15:01.ntp</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-15:01.openssl.asc">FreeBSD-SA-15:01.ntp</link></entry>
<entry>14 January 2015</entry>
<entry><para>Multiple vulnerabilities in
OpenSSL</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-15:02.kmem.asc">FreeBSD-SA-15:02.kmem</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-15:02.kmem.asc">FreeBSD-SA-15:02.kmem</link></entry>
<entry>27 January 2015</entry>
<entry><para>Fix SCTP SCTP_SS_VALUE kernel memory corruption
and disclosure vulnerability</para></entry>
</row>
<row>
- <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-15:03.sctp.asc">FreeBSD-SA-15:03.sctp</link></entry>
+ <entry><link xlink:href="&security.url;/FreeBSD-SA-15:03.sctp.asc">FreeBSD-SA-15:03.sctp</link></entry>
<entry>27 January 2015</entry>
<entry><para>Fix SCTP stream reset
vulnerability</para></entry>
More information about the svn-src-stable-8
mailing list