From owner-svn-doc-head@FreeBSD.ORG Fri Mar 21 18:12:31 2014 Return-Path: Delivered-To: svn-doc-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A4944505; Fri, 21 Mar 2014 18:12:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 77F66DBF; Fri, 21 Mar 2014 18:12:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LICV62038698; Fri, 21 Mar 2014 18:12:31 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LICVDW038697; Fri, 21 Mar 2014 18:12:31 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403211812.s2LICVDW038697@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 18:12:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44315 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 18:12:31 -0000 Author: dru Date: Fri Mar 21 18:12:30 2014 New Revision: 44315 URL: http://svnweb.freebsd.org/changeset/doc/44315 Log: Finish editorial review of Security Advisory section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 17:58:12 2014 (r44314) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 18:12:30 2014 (r44315) @@ -3172,13 +3172,29 @@ You are advised to update or deinstall t &os; Security Advisories - Like many production quality operating systems, &os; - publishes Security Advisories. These - advisories are usually mailed to the security lists and noted - in the Errata only after the appropriate releases have been - patched. This section explains what an advisory is, how to - understand it, and what measures to take in order to patch a - system. + Like many producers of quality operating systems, the &os; + Project has a security team which is responsible for + determining the End-of-Life (EoL) date for each + &os; release and to provide security updates for supported + releases which have not yet reached their + EoL. More information about the &os; + security team and the supported releases is available on the + &os; security + page. + + One task of the security team is to respond to reported + security vulnerabilities in the &os; operating system. Once a + vulnerability is confirmed, the security team verifies the steps + necessary to fix the vulnerability and updates the source code + with the fix. It then publishes the details as a + Security Advisory. Security + advisories are published on the &os; website + and mailed to the &a.security-notifications.name;, + &a.security.name;, and &a.announce.name; mailing lists. + + This section describes the format of a &os; + security advisory. What Does an Advisory Look Like?