From owner-svn-doc-all@freebsd.org Fri Apr 26 19:16:48 2019
Return-Path:
Delivered-To: svn-doc-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mailman.ysv.freebsd.org (Postfix) with ESMTP id 12B8E159BAC7;
Fri, 26 Apr 2019 19:16:48 +0000 (UTC)
(envelope-from remko@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
[IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
server-signature RSA-PSS (4096 bits)
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org",
Issuer "Let's Encrypt Authority X3" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id A60FF81903;
Fri, 26 Apr 2019 19:16:47 +0000 (UTC)
(envelope-from remko@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
[IPv6:2610:1c1:1:6068::e6a:0])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7CE3218003;
Fri, 26 Apr 2019 19:16:47 +0000 (UTC)
(envelope-from remko@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x3QJGlBL071422;
Fri, 26 Apr 2019 19:16:47 GMT (envelope-from remko@FreeBSD.org)
Received: (from remko@localhost)
by repo.freebsd.org (8.15.2/8.15.2/Submit) id x3QJGkwj071419;
Fri, 26 Apr 2019 19:16:46 GMT (envelope-from remko@FreeBSD.org)
Message-Id: <201904261916.x3QJGkwj071419@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: remko set sender to
remko@FreeBSD.org using -f
From: Remko Lodder
Date: Fri, 26 Apr 2019 19:16:46 +0000 (UTC)
To: doc-committers@freebsd.org, svn-doc-all@freebsd.org,
svn-doc-head@freebsd.org
Subject: svn commit: r52958 - in head: en_US.ISO8859-1/htdocs
en_US.ISO8859-1/htdocs/security share/xml
X-SVN-Group: doc-head
X-SVN-Commit-Author: remko
X-SVN-Commit-Paths: in head: en_US.ISO8859-1/htdocs
en_US.ISO8859-1/htdocs/security share/xml
X-SVN-Commit-Revision: 52958
X-SVN-Commit-Repository: doc
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: A60FF81903
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.97 / 15.00];
local_wl_from(0.00)[FreeBSD.org];
NEURAL_HAM_SHORT(-0.98)[-0.978,0];
ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
NEURAL_HAM_MEDIUM(-1.00)[-0.996,0];
NEURAL_HAM_LONG(-1.00)[-1.000,0]
X-BeenThere: svn-doc-all@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "SVN commit messages for the entire doc trees \(except for "
user" , " projects" , and " translations"
\)"
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
X-List-Received-Date: Fri, 26 Apr 2019 19:16:48 -0000
Author: remko
Date: Fri Apr 26 19:16:46 2019
New Revision: 52958
URL: https://svnweb.freebsd.org/changeset/doc/52958
Log:
Remove myself as so-deputy. It had been a journey. Thanks all!
Modified:
head/en_US.ISO8859-1/htdocs/administration.xml
head/en_US.ISO8859-1/htdocs/security/reporting.xml
head/en_US.ISO8859-1/htdocs/security/security.xml
head/share/xml/authors.ent
Modified: head/en_US.ISO8859-1/htdocs/administration.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/administration.xml Wed Apr 24 18:33:03 2019 (r52957)
+++ head/en_US.ISO8859-1/htdocs/administration.xml Fri Apr 26 19:16:46 2019 (r52958)
@@ -167,7 +167,6 @@
&a.joneum.email;
&a.feld.email;
&a.miwi.email;
- &a.remko.email;
&a.zi.email;
&a.simon.email;
&a.sbz.email;
@@ -197,7 +196,6 @@
&a.blackend.email;
&a.rgrimes.email;
&a.delphij.email;
- &a.remko.email; (Security Team Liaison)
&a.hrs.email;
&a.glebius.email;
&a.marius.email; (Deputy Lead)
@@ -278,7 +276,6 @@
&a.des.email; (Officer Emeritus)
&a.gjb.email; (Cluster Administrators Team Liaison)
&a.emaste.email; (Officer Deputy)
- &a.remko.email; (Officer Deputy)
&a.brooks.email; (Core Team Liaison)
Modified: head/en_US.ISO8859-1/htdocs/security/reporting.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/security/reporting.xml Wed Apr 24 18:33:03 2019 (r52957)
+++ head/en_US.ISO8859-1/htdocs/security/reporting.xml Fri Apr 26 19:16:46 2019 (r52958)
@@ -89,10 +89,6 @@
Deputy Security Officer |
- &a.remko.email; |
- Deputy Security Officer |
-
-
&a.delphij.email; |
Security Officer Emeritus |
Modified: head/en_US.ISO8859-1/htdocs/security/security.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/security/security.xml Wed Apr 24 18:33:03 2019 (r52957)
+++ head/en_US.ISO8859-1/htdocs/security/security.xml Fri Apr 26 19:16:46 2019 (r52958)
@@ -52,6 +52,44 @@
href="reporting.html">reporting FreeBSD security incidents
page.
+
+ When is a Security Advisory considered?
+
+ For every issue that gets reported, an internal tracking number is
+ created, unless something is very obviously not a security issue.
+ To determine whether or not a Security Advisory is warranted we use
+ the following scheme:
+
+
+ - Is it a privilege escalation vulnerability?
+ - Is it a code injection vulnerability?
+ - Is it a memory disclosure or dataleak vulnerability?
+
+ - From either the kernel
+ - From a privileged process
+ - From a process owned by another user?
+
+
+ - Is it a Denial of Service vulnerability?
+
+ - Only when remotely exploitable, where remotely means that it
+ comes from a different broadcast domain, so ARP and/or NDP based
+ attacks do not qualify.
+
+
+ - Is it an unassisted jailbreak vulnerability?
+ - Is it a malfunction that could lead to generating insecure crypto keys,
+ such as a PRNG bug?
+
+
+ For items that fall under these categories, a Security Advisory is very likely.
+ Items that are not on this list are looked into individually and it will be determined
+ then whether or not it will receive a Security Advisory or an Errata Notice.
+
+ Once it had been determined that a Security Advisory is warranted, either the
+ submitter delivers a CVE number if he/she already requested one, or we use one
+ from the FreeBSD pool available.
+
Recent FreeBSD security vulnerabilities
Modified: head/share/xml/authors.ent
==============================================================================
--- head/share/xml/authors.ent Wed Apr 24 18:33:03 2019 (r52957)
+++ head/share/xml/authors.ent Fri Apr 26 19:16:46 2019 (r52958)
@@ -2662,7 +2662,7 @@
-
+