Date: Tue, 25 Oct 2016 16:35:19 +0000 (UTC) From: Glen Barber <gjb@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r49578 - head/en_US.ISO8859-1/htdocs/security Message-ID: <201610251635.u9PGZJVa060706@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: gjb Date: Tue Oct 25 16:35:19 2016 New Revision: 49578 URL: https://svnweb.freebsd.org/changeset/doc/49578 Log: Refactor Security page for further clarity, and break into sections that can be directly linked. PR: 213526 Submitted by: linimon Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/security/security.xml Modified: head/en_US.ISO8859-1/htdocs/security/security.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/security/security.xml Tue Oct 25 16:28:41 2016 (r49577) +++ head/en_US.ISO8859-1/htdocs/security/security.xml Tue Oct 25 16:35:19 2016 (r49578) @@ -21,6 +21,20 @@ possible. This page will provide information about what to do in the event of a security vulnerability affecting your system</p> + <h2>Table of Contents</h2> + + <ul> + <li><a href="#reporting">Reporting FreeBSD security + incidents</a></li> <li><a href="#recent">Recent FreeBSD + security vulnerabilities</a></li> + <li><a href="#advisories">Understanding FreeBSD security + advisories</a></li> <li><a href="#how">How to update your + system</a></li> + <li><a href="#sup">Supported FreeBSD releases</a></li> + <li><a href="#model">The FreeBSD support model</a></li> + </ul> + + <a name="reporting"></a> <h2>Reporting FreeBSD security incidents</h2> <p>FreeBSD security issues specific to the base system @@ -36,18 +50,56 @@ href="reporting.html">reporting FreeBSD security incidents</a> page.</p> - <h2>Table of Contents</h2> + <a name="recent"></a> + <h2>Recent FreeBSD security vulnerabilities</h2> + + <p>A full list of all security vulnerabilities affecting the base + system can be found <a href="advisories.html">on this + page</a>.</p> + + <a name="advisories"></a> + <h2>Understanding FreeBSD security advisories</h2> + + <p>Advisories affecting the base system are sent to the following + mailing lists:</p> <ul> - <li><a href="#recent">Recent FreeBSD security vulnerabilities</a></li> - <li><a href="#how">How to update your system</a></li> + <li>FreeBSD-security-notifications@FreeBSD.org</li> + <li>FreeBSD-security@FreeBSD.org</li> + <li>FreeBSD-announce@FreeBSD.org</li> </ul> - <a name="recent"></a> - <h2>Recent FreeBSD security vulnerabilities</h2> + <p>The list of released advisories can be found on the <a + href="advisories.html">FreeBSD Security Advisories</a> page.</p> + + <p>Advisories are always signed using the FreeBSD Security Officer + <a href="so_public_key.asc">PGP key</a> and are archived, along + with their associated patches, at the <a + href="http://security.FreeBSD.org/">http://security.FreeBSD.org/</a>; + web server in the <a + href="http://security.FreeBSD.org/advisories/">advisories</a>; + and <a href="http://security.FreeBSD.org/patches/">patches</a>; + subdirectories.</p> + + <p>The FreeBSD Security Officer provides security advisories for + <em>-STABLE Branches</em> and the <em>Security Branches</em>. + (Advisories are not issued for the <em>-CURRENT Branch</em>, + which is primarily oriented towards &os; developers.)</p> + + <ul> + <li><p>The -STABLE branch tags have + names like <tt>stable/10</tt>. The corresponding builds have + names like <tt>FreeBSD 10.1-STABLE</tt>.</p></li> - <p>A full list of all security vulnerabilities can be found <a - href="advisories.html">on this page</a>.</p> + <li><p>Each FreeBSD Release has an associated Security Branch. + The Security Branch tags have names like <tt>releng/10.1</tt>. + The corresponding builds have names like <tt>FreeBSD + 10.1-RELEASE-p4</tt>.</p></li> + </ul> + + <p>Issues affecting the FreeBSD Ports Collection are covered separately in <a + href="http://vuxml.FreeBSD.org/">the FreeBSD VuXML + document</a>.</p> <a name="how"></a> <h2>How to update your system</h2> @@ -70,6 +122,9 @@ <a name="sup"></a> <h2>Supported FreeBSD releases</h2> + <p>Each release is supported by the Security Officer for a limited + time only.</p> + <p>The designation and expected lifetime of all currently supported branches and their respective releases @@ -78,19 +133,10 @@ branch or release will end. Please note that these dates may be pushed back if circumstances warrant it.</p> - <p>Effective &os; 11.0-RELEASE, the support model has been - changed to allow more rapid development while also providing - timely security updates for all supported releases.</p> - - <p>Under the new support model, each major version's stable branch - is explicitly supported for 5 years, while each individual point - release is only supported for three months after the next point - release.</p> - - <p>The details and rationale behind this change can be found in the - <a - href="https://lists.freebsd.org/pipermail/freebsd-announce/2015-February/001624.html">official - announcement</a> sent in February 2015.</p> + <p>Older releases are not maintained and users are strongly + encouraged to upgrade to one of the supported releases mentioned + above. A list of unsupported releases can be found <a + href="unsupported.html">here</a>.</p> <!-- Please also update head/en_US.ISO8859-1/htdocs/releng/index.xml @@ -162,57 +208,36 @@ </tr> </table> - <p>Older releases are not maintained and users are strongly - encouraged to upgrade to one of the supported releases mentioned - above. A list of unsupported releases can be found <a - href="unsupported.html">here</a>.</p> - - <p>Advisories are sent to the following FreeBSD mailing lists:</p> - <ul> - <li>FreeBSD-security-notifications@FreeBSD.org</li> - <li>FreeBSD-security@FreeBSD.org</li> - <li>FreeBSD-announce@FreeBSD.org</li> - </ul> - - <p>The list of released advisories can be found on the <a - href="advisories.html">FreeBSD Security Advisories</a> page.</p> - - <p>Advisories are always signed using the FreeBSD Security Officer - <a href="so_public_key.asc">PGP - key</a> and are archived, along with their associated patches, at - the <a href="http://security.FreeBSD.org/">http://security.FreeBSD.org/</a>; - web server in the <a - href="http://security.FreeBSD.org/advisories/">advisories</a>; and <a - href="http://security.FreeBSD.org/patches/">patches</a>; - subdirectories.</p> + <p>In the run-up to a release, a number of -BETA + and -RC releases may be published for testing purposes. These releases are only + supported for a few weeks, as resources permit, and will not be + listed as supported on this page. Users are strongly discouraged + from running these releases on production systems.</p> - <p>The FreeBSD Security Officer provides security advisories for - <em>-STABLE Branches</em> and the <em>Security Branches</em>. - (Advisories are not issued for the <em>-CURRENT Branch</em>.)</p> + <a name="model"></a> + <h2>The FreeBSD support model</h2> - <ul> - <li><p>The -STABLE branch tags have - names like <tt>stable/10</tt>. The corresponding builds have - names like <tt>FreeBSD 10.1-STABLE</tt>.</p></li> + <p>Effective &os; 11.0-RELEASE, the support model has been + changed to allow more rapid development while also providing + timely security updates for all supported releases.</p> - <li><p>Each FreeBSD Release has an associated Security Branch. - The Security Branch tags have names like <tt>releng/10.1</tt>. - The corresponding builds have names like <tt>FreeBSD - 10.1-RELEASE-p4</tt>.</p></li> - </ul> + <p>Under the new support model, each major version's stable branch + is explicitly supported for 5 years, while each individual point + release is only supported for three months after the next point + release.</p> - <p>Issues affecting the FreeBSD Ports Collection are covered in <a - href="http://vuxml.FreeBSD.org/">the FreeBSD VuXML - document</a>.</p> + <p>The details and rationale behind this change can be found in the + <a + href="https://lists.freebsd.org/pipermail/freebsd-announce/2015-February/001624.html">official + announcement</a> sent in February 2015.</p> - <p>Each branch is supported by the Security Officer for a limited - time only, and is designated as either <em>Normal</em> or - <em>Extended</em>. The designation is used as a guideline for + <p>Previously, branches were designated as either <em>Normal</em> or + <em>Extended</em>. The designation was used as a guideline for determining the lifetime of the branch as follows:</p> <dl> <dt>Normal</dt> - <dd>Releases which are published from a -STABLE branch will be + <dd>Releases which are published from a -STABLE branch were supported by the Security Officer for a minimum of 12 months after the release, and for sufficient additional time (if needed) to ensure that there is a newer release for at least 3 months before the @@ -220,18 +245,12 @@ </dd> <dt>Extended</dt> <dd>Selected releases (normally every second release plus the last - release from each -STABLE branch) will be supported by the + release from each -STABLE branch) were supported by the Security Officer for a minimum of 24 months after the release, and for sufficient additional time (if needed) to ensure that there is a newer Extended release for at least 3 months before the older Extended release expires. </dd> </dl> - - <p>In the run-up to a Normal or Extended release, a number of -BETA - and -RC releases may be published. These releases are only - supported for a few weeks, as resources permit, and will not be - listed as supported on this page. Users are strongly discouraged - from running these releases on production systems.</p> </body> </html>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201610251635.u9PGZJVa060706>