FreeBSD Bugzilla – Attachment 175809 Details for
Bug 213526
[patch] refactor Security page on website
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
major patch to security/security.xml
security_reorg_diff.out (text/plain), 9.49 KB, created by
Mark Linimon
on 2016-10-16 00:55:12 UTC
(
hide
)
Description:
major patch to security/security.xml
Filename:
MIME Type:
Creator:
Mark Linimon
Created:
2016-10-16 00:55:12 UTC
Size:
9.49 KB
patch
obsolete
>Index: en_US.ISO8859-1/htdocs/security/security.xml >=================================================================== >--- en_US.ISO8859-1/htdocs/security/security.xml (revision 49522) >+++ en_US.ISO8859-1/htdocs/security/security.xml (working copy) >@@ -21,6 +21,18 @@ > possible. This page will provide information about what to do in > the event of a security vulnerability affecting your system</p> > >+ <h2>Table of Contents</h2> >+ >+ <ul> >+ <li><a href="#reporting">Reporting FreeBSD security incidents</a></li> >+ <li><a href="#recent">Recent FreeBSD security vulnerabilities</a></li> >+ <li><a href="#advisories">Understanding FreeBSD security advisories</a></li> >+ <li><a href="#how">How to update your system</a></li> >+ <li><a href="#sup">Supported FreeBSD releases</a></li> >+ <li><a href="#model">The FreeBSD support model</a></li> >+ </ul> >+ >+ <a name="reporting"></a> > <h2>Reporting FreeBSD security incidents</h2> > > <p>FreeBSD security issues specific to the operating system >@@ -36,19 +48,55 @@ > href="reporting.html">reporting FreeBSD security incidents</a> > page.</p> > >- <h2>Table of Contents</h2> >+ <a name="recent"></a> >+ <h2>Recent FreeBSD security vulnerabilities</h2> > >+ <p>A full list of all security vulnerabilities affecting the base system >+ can be found <a >+ href="advisories.html">on this page</a>.</p> >+ >+ <a name="advisories"></a> >+ <h2>Understanding FreeBSD security advisories</h2> >+ >+ <p>Advisories affecting the base system are sent to the following mailing lists:</p> > <ul> >- <li><a href="#recent">Recent FreeBSD security vulnerabilities</a></li> >- <li><a href="#how">How to update your system</a></li> >+ <li>FreeBSD-security-notifications@FreeBSD.org</li> >+ <li>FreeBSD-security@FreeBSD.org</li> >+ <li>FreeBSD-announce@FreeBSD.org</li> > </ul> > >- <a name="recent"></a> >- <h2>Recent FreeBSD security vulnerabilities</h2> >+ <p>The list of released advisories can be found on the <a >+ href="advisories.html">FreeBSD Security Advisories</a> page.</p> > >- <p>A full list of all security vulnerabilities can be found <a >- href="advisories.html">on this page</a>.</p> >+ <p>Advisories are always signed using the FreeBSD Security Officer >+ <a href="so_public_key.asc">PGP >+ key</a> and are archived, along with their associated patches, at >+ the <a href="http://security.FreeBSD.org/">http://security.FreeBSD.org/</a> >+ web server in the <a >+ href="http://security.FreeBSD.org/advisories/">advisories</a> and <a >+ href="http://security.FreeBSD.org/patches/">patches</a> >+ subdirectories.</p> > >+ <p>The FreeBSD Security Officer provides security advisories for >+ <em>-STABLE Branches</em> and the <em>Security Branches</em>. >+ (Advisories are not issued for the <em>-CURRENT Branch</em>, >+ which is primarily oriented towards &os; developers.)</p> >+ >+ <ul> >+ <li><p>The -STABLE branch tags have >+ names like <tt>stable/10</tt>. The corresponding builds have >+ names like <tt>FreeBSD 10.1-STABLE</tt>.</p></li> >+ >+ <li><p>Each FreeBSD Release has an associated Security Branch. >+ The Security Branch tags have names like <tt>releng/10.1</tt>. >+ The corresponding builds have names like <tt>FreeBSD >+ 10.1-RELEASE-p4</tt>.</p></li> >+ </ul> >+ >+ <p>Issues affecting the FreeBSD Ports Collection are covered separately in <a >+ href="http://vuxml.FreeBSD.org/">the FreeBSD VuXML >+ document</a>.</p> >+ > <a name="how"></a> > <h2>How to update your system</h2> > >@@ -65,6 +113,9 @@ > <a name="sup"></a> > <h2>Supported FreeBSD releases</h2> > >+ <p>Each release is supported by the Security Officer for a limited >+ time only.</p> >+ > <p>The designation and expected lifetime of all currently supported > branches are given below. The <em>Expected EoL (end-of-life)</em> > column indicates the earliest date on which support for that >@@ -71,20 +122,11 @@ > branch or release will end. Please note that these dates may be > pushed back if circumstances warrant it.</p> > >- <p>Effective &os; 11.0-RELEASE, the support model has been >- changed to allow more rapid development while also providing >- timely security updates for all supported releases.</p> >+ <p>Older releases are not maintained and users are strongly >+ encouraged to upgrade to one of the supported releases mentioned >+ above. A list of unsupported releases can be found <a >+ href="unsupported.html">here</a>.</p> > >- <p>Under the new support model, each major version's stable branch >- is explicitly supported for 5 years, while each individual point >- release is only supported for three months after the next point >- release.</p> >- >- <p>The details and rationale behind this change can be found in the >- <a >- href="https://lists.freebsd.org/pipermail/freebsd-announce/2015-February/001624.html">official >- announcement</a> sent in February 2015.</p> >- > <!-- > Please also update head/en_US.ISO8859-1/htdocs/releng/index.xml > when updating this list of supported branches. >@@ -141,57 +183,36 @@ > </tr> > </table> > >- <p>Older releases are not maintained and users are strongly >- encouraged to upgrade to one of the supported releases mentioned >- above. A list of unsupported releases can be found <a >- href="unsupported.html">here</a>.</p> >+ <p>In the run-up to a release, a number of -BETA >+ and -RC releases may be published for testing purposes. These releases are only >+ supported for a few weeks, as resources permit, and will not be >+ listed as supported on this page. Users are strongly discouraged >+ from running these releases on production systems.</p> > >- <p>Advisories are sent to the following FreeBSD mailing lists:</p> >- <ul> >- <li>FreeBSD-security-notifications@FreeBSD.org</li> >- <li>FreeBSD-security@FreeBSD.org</li> >- <li>FreeBSD-announce@FreeBSD.org</li> >- </ul> >+ <a name="model"></a> >+ <h2>The FreeBSD support model</h2> > >- <p>The list of released advisories can be found on the <a >- href="advisories.html">FreeBSD Security Advisories</a> page.</p> >+ <p>Effective &os; 11.0-RELEASE, the support model has been >+ changed to allow more rapid development while also providing >+ timely security updates for all supported releases.</p> > >- <p>Advisories are always signed using the FreeBSD Security Officer >- <a href="so_public_key.asc">PGP >- key</a> and are archived, along with their associated patches, at >- the <a href="http://security.FreeBSD.org/">http://security.FreeBSD.org/</a> >- web server in the <a >- href="http://security.FreeBSD.org/advisories/">advisories</a> and <a >- href="http://security.FreeBSD.org/patches/">patches</a> >- subdirectories.</p> >+ <p>Under the new support model, each major version's stable branch >+ is explicitly supported for 5 years, while each individual point >+ release is only supported for three months after the next point >+ release.</p> > >- <p>The FreeBSD Security Officer provides security advisories for >- <em>-STABLE Branches</em> and the <em>Security Branches</em>. >- (Advisories are not issued for the <em>-CURRENT Branch</em>.)</p> >+ <p>The details and rationale behind this change can be found in the >+ <a >+ href="https://lists.freebsd.org/pipermail/freebsd-announce/2015-February/001624.html">official >+ announcement</a> sent in February 2015.</p> > >- <ul> >- <li><p>The -STABLE branch tags have >- names like <tt>stable/10</tt>. The corresponding builds have >- names like <tt>FreeBSD 10.1-STABLE</tt>.</p></li> >- >- <li><p>Each FreeBSD Release has an associated Security Branch. >- The Security Branch tags have names like <tt>releng/10.1</tt>. >- The corresponding builds have names like <tt>FreeBSD >- 10.1-RELEASE-p4</tt>.</p></li> >- </ul> >- >- <p>Issues affecting the FreeBSD Ports Collection are covered in <a >- href="http://vuxml.FreeBSD.org/">the FreeBSD VuXML >- document</a>.</p> >- >- <p>Each branch is supported by the Security Officer for a limited >- time only, and is designated as either <em>Normal</em> or >- <em>Extended</em>. The designation is used as a guideline for >+ <p>Previously, branches were designated as either <em>Normal</em> or >+ <em>Extended</em>. The designation was used as a guideline for > determining the lifetime of the branch as follows:</p> > > <dl> > <dt>Normal</dt> >- <dd>Releases which are published from a -STABLE branch will be >+ <dd>Releases which are published from a -STABLE branch were > supported by the Security Officer for a minimum of 12 months after the > release, and for sufficient additional time (if needed) to ensure > that there is a newer release for at least 3 months before the >@@ -199,7 +220,7 @@ > </dd> > <dt>Extended</dt> > <dd>Selected releases (normally every second release plus the last >- release from each -STABLE branch) will be supported by the >+ release from each -STABLE branch) were supported by the > Security Officer for a minimum of 24 months after the release, > and for sufficient additional time (if needed) to ensure that > there is a newer Extended release for at least 3 months before the >@@ -206,11 +227,5 @@ > older Extended release expires. > </dd> > </dl> >- >- <p>In the run-up to a Normal or Extended release, a number of -BETA >- and -RC releases may be published. These releases are only >- supported for a few weeks, as resources permit, and will not be >- listed as supported on this page. Users are strongly discouraged >- from running these releases on production systems.</p> > </body> > </html>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=175809">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 213526
: 175809