diff --git a/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml b/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml
index d5f285ba8a..eb8d182269 100644
--- a/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml
+++ b/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml
@@ -97,12 +97,13 @@
the community of port users about the jeopardy. Such
notification serves two purposes. First, if the danger is
really severe it will be wise to apply an instant workaround.
- For example, stop the affected network service or even deinstall the
- port completely until the vulnerability is closed. Second, a
- lot of users tend to upgrade installed packages only
- occasionally. They will know from the notification that they
- must update the package without delay as
- soon as a corrected version is available.
+ For example, stop the affected network service or even
+ deinstall the port completely until the vulnerability is
+ closed. Second, a lot of users tend to upgrade installed
+ packages only occasionally. They will know from the
+ notification that they must update the
+ package without delay as soon as a corrected version is
+ available.
Given the huge number of ports in the tree, a security
advisory cannot be issued on each incident without creating a
@@ -115,12 +116,14 @@
intervention.Committers can update the VuXML
- database themselves, assisting the Security Officer Team
- and delivering crucial information to the community more
- quickly. Those who are not committers or have discovered
- an exceptionally severe vulnerability should not hesitate
- to contact the Security Officer Team directly, as described
- on the &os; Security Information page.
+ database themselves, assisting the Security Officer Team and
+ delivering crucial information to the community more quickly.
+ Those who are not committers or have discovered an
+ exceptionally severe vulnerability should not hesitate to
+ contact the Security Officer Team directly, as described on
+ the &os;
+ Security Information page.
The VuXML database is an XML document.
Its source file vuln.xml is kept right
@@ -204,8 +207,8 @@
</vuln>
The tag names are supposed to be self-explanatory so we
- shall take a closer look only at fields which needs to be filled
- in:
+ shall take a closer look only at fields which needs to be
+ filled in:
@@ -232,10 +235,10 @@
important build-time configuration options.
- It is the submitter's responsibility to find all such related
- packages when writing a VuXML entry. Keep in mind that
- make search name=foo is helpful.
- The primary points to look for are:
+ It is the submitter's responsibility to find all
+ such related packages when writing a VuXML entry. Keep
+ in mind that make search name=foo is
+ helpful. The primary points to look for are:
@@ -267,8 +270,8 @@
<le>,
<eq>,
<ge>, and
- <gt> elements. Check that the version
- ranges given do not overlap.
+ <gt> elements. Check that the
+ version ranges given do not overlap.
In a range specification, *
(asterisk) denotes the smallest version number. In
@@ -408,12 +411,11 @@
Testing Changes to the VuXML Database
- This example describes a new entry for a
- vulnerability in the package dropbear that
- has been fixed in version dropbear-2013.59.
+ This example describes a new entry for a vulnerability in
+ the package dropbear that has been fixed in
+ version dropbear-2013.59.
- As a prerequisite,
- install a fresh version of
+ As a prerequisite, install a fresh version of
security/vuxml port.First, check whether there already is an entry for this
@@ -434,8 +436,8 @@
&prompt.user; make validate
- At least one of these packages needs to be
- installed: textproc/libxml2,
+ At least one of these packages needs to be installed:
+ textproc/libxml2,
textproc/jade.
@@ -464,4 +466,3 @@ WWW: http://portaudit.FreeBSD.org/8c9b48d1-3715-11e3-a624-00262d8b701d.html
-