- Consistently use lower case HTML tags.
- Fix indention so it's (more or less) standard FDP style. No content change, translators can ignore.
This commit is contained in:
		
							parent
							
								
									6ecbf0d8e8
								
							
						
					
					
						commit
						b0357f0c47
					
				
				
				Notes:
				
					svn2git
				
				2020-12-08 03:00:23 +00:00 
				
			
			svn path=/www/; revision=26055
					 1 changed files with 276 additions and 268 deletions
				
			
		|  | @ -1,318 +1,326 @@ | |||
| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" [ | ||||
| <!ENTITY base CDATA ".."> | ||||
| <!ENTITY date "$FreeBSD: www/en/security/security.sgml,v 1.178 2005/10/04 16:14:41 simon Exp $"> | ||||
| <!ENTITY date "$FreeBSD: www/en/security/security.sgml,v 1.179 2005/10/17 20:27:14 simon Exp $"> | ||||
| <!ENTITY title "FreeBSD Security Information"> | ||||
| <!ENTITY % navincludes SYSTEM "../includes.navsupport.sgml"> %navincludes; | ||||
| <!ENTITY % includes SYSTEM "../includes.sgml"> %includes; | ||||
| <!ENTITY % developers SYSTEM "../developers.sgml"> %developers; | ||||
| <!ENTITY advisories.html.inc SYSTEM "advisories.html.inc"> | ||||
| ]> | ||||
| <!-- $FreeBSD: www/en/security/security.sgml,v 1.178 2005/10/04 16:14:41 simon Exp $ --> | ||||
| <!-- $FreeBSD: www/en/security/security.sgml,v 1.179 2005/10/17 20:27:14 simon Exp $ --> | ||||
| 
 | ||||
| <html> | ||||
|     &header; | ||||
|   &header; | ||||
| 
 | ||||
| <H2>Introduction</H2> | ||||
|   <h2>Introduction</h2> | ||||
| 
 | ||||
| <P>This web page is designed to assist both new and experienced users | ||||
| in the area of FreeBSD security.  FreeBSD | ||||
| takes security very seriously and is constantly working | ||||
| on making the OS as secure as possible.</P> | ||||
|   <p>This web page is designed to assist both new and experienced | ||||
|     users in the area of FreeBSD security.  FreeBSD takes security | ||||
|     very seriously and is constantly working on making the OS as | ||||
|     secure as possible.</p> | ||||
| 
 | ||||
| <P>Here you will find additional information, or links to information, | ||||
| on how to protect your system against various types of attack, | ||||
| on whom to contact if you find a security-related bug, and so on.  There is | ||||
| also a section on the various ways that the systems programmer can | ||||
| become more security conscious so that he is less likely to | ||||
| introduce vulnerabilities.</P> | ||||
|   <p>Here you will find additional information, or links to | ||||
|     information, on how to protect your system against various types | ||||
|     of attack, on whom to contact if you find a security-related bug, | ||||
|     and so on.  There is also a section on the various ways that the | ||||
|     systems programmer can become more security conscious so that he | ||||
|     is less likely to introduce vulnerabilities.</p> | ||||
| 
 | ||||
| <H2>Table of Contents</H2> | ||||
| <UL> | ||||
| <li><a href="#how">How and Where to report a FreeBSD security issue</a></li> | ||||
| <LI><A HREF="#sec">Information about the FreeBSD Security Officer</A></LI> | ||||
| <li><a href="charter.html">Charter for the Security Officer and Team</a></li> | ||||
| <LI><A HREF="#pol">Information handling policies</A></LI> | ||||
| <LI><A HREF="#adv">FreeBSD Security Advisories</A></LI> | ||||
| <li><a href="http://www.freebsd.org/handbook/security-advisories.html"> | ||||
| Reading FreeBSD Security Advisories</a></li> | ||||
| </UL> | ||||
|   <h2>Table of Contents</h2> | ||||
| 
 | ||||
| <a name="how"></a> | ||||
| <p>All FreeBSD Security issues should be reported directly to the | ||||
| <a href="mailto:security@FreeBSD.org">Security Officer Team</a> | ||||
| personally or otherwise to the <a href="mailto:security-officer@FreeBSD.org"> | ||||
| Security Officer</a>.  All reports should at least contain:<br><br> | ||||
| A description of the vulnerability;<br> | ||||
| What versions of FreeBSD seem to be affected if possible;<br> | ||||
| Any plausible workaround;<br> | ||||
| And example code if possible.<br></p> | ||||
|   <ul> | ||||
|     <li><a href="#how">How and Where to report a FreeBSD security issue</a></li> | ||||
|     <li><a href="#sec">Information about the FreeBSD Security Officer</a></li> | ||||
|     <li><a href="charter.html">Charter for the Security Officer and Team</a></li> | ||||
|     <li><a href="#pol">Information handling policies</a></li> | ||||
|     <li><a href="#adv">FreeBSD Security Advisories</a></li> | ||||
|     <li><a href="http://www.freebsd.org/handbook/security-advisories.html"> | ||||
|         Reading FreeBSD Security Advisories</a></li> | ||||
|   </ul> | ||||
| 
 | ||||
| <p>After this information has been reported the Security Officer | ||||
| or a Security Team delegate will get back with you.</p> | ||||
|   <a name="how"></a> | ||||
|   <p>All FreeBSD Security issues should be reported directly to the <a | ||||
|     href="mailto:security@FreeBSD.org">Security Officer Team</a> | ||||
|     personally or otherwise to the <a | ||||
|     href="mailto:security-officer@FreeBSD.org"> Security Officer</a>. | ||||
|     All reports should at least contain:<br><br> A description of the | ||||
|     vulnerability;<br> What versions of FreeBSD seem to be affected if | ||||
|     possible;<br> Any plausible workaround;<br> And example code if | ||||
|     possible.<br></p> | ||||
| 
 | ||||
| <A NAME=sec></A> | ||||
| <H2>The FreeBSD Security Officer and the Security Officer Team</H2> | ||||
|   <p>After this information has been reported the Security Officer or | ||||
|     a Security Team delegate will get back with you.</p> | ||||
| 
 | ||||
| <P>To better coordinate information exchange with others in the security | ||||
| community, FreeBSD has a focal point for security-related communications: | ||||
| the FreeBSD Security Officer.</P> | ||||
|   <a name=sec></a> | ||||
|   <h2>The FreeBSD Security Officer and the Security Officer Team</h2> | ||||
| 
 | ||||
| <P>If you need to contact the FreeBSD Project about | ||||
| a possible security issue, you should therefore <A | ||||
| HREF="mailto:security-officer@FreeBSD.org">send mail to the Security | ||||
| Officer</A> with a description of what you have found and the type of | ||||
| vulnerability it represents.</P> | ||||
|   <p>To better coordinate information exchange with others in the | ||||
|     security community, FreeBSD has a focal point for security-related | ||||
|     communications: the FreeBSD Security Officer.</p> | ||||
| 
 | ||||
| <p>In order that the FreeBSD Project may respond to vulnerability | ||||
| reports in a timely manner, there are four members of the Security | ||||
| Officer mail alias: the Security Officer, Security Officer Emeritus, | ||||
| Deputy Security Officer, | ||||
| and one Core Team member.  Therefore, messages sent to the | ||||
| <a | ||||
| href="mailto:security-officer@FreeBSD.org"><security-officer@FreeBSD.org></a> | ||||
| mail alias are currently delivered to:</p> | ||||
|   <p>If you need to contact the FreeBSD Project about a possible | ||||
|     security issue, you should therefore <a | ||||
|       href="mailto:security-officer@FreeBSD.org">send mail to the | ||||
|     Security Officer</a> with a description of what you have found and | ||||
|     the type of vulnerability it represents.</p> | ||||
| 
 | ||||
| <table> | ||||
| <tr valign="top"> | ||||
|   <td>&a.cperciva; <a | ||||
|     href="mailto:cperciva@FreeBSD.org"><cperciva@FreeBSD.org></a></td> | ||||
|   <td>Security Officer</td> | ||||
| </tr> | ||||
| <tr valign="top"> | ||||
|   <td>&a.nectar; <a | ||||
|     href="mailto:nectar@FreeBSD.org"><nectar@FreeBSD.org></a></td> | ||||
|   <td>Security Officer Emeritus</td> | ||||
| </tr> | ||||
| <tr valign="top"> | ||||
|   <td>&a.simon; <a | ||||
|     href="mailto:simon@FreeBSD.org"><simon@FreeBSD.org></a></td> | ||||
|   <td>Deputy Security Officer</td> | ||||
| </tr> | ||||
| <tr valign="top"> | ||||
|   <td>&a.rwatson; <a | ||||
|     href="mailto:rwatson@FreeBSD.org"><rwatson@FreeBSD.org></a></td> | ||||
|   <td>FreeBSD Core Team liaison, Release Engineering liaison,<br> | ||||
|       TrustedBSD Project liaison, system security architecture expert</td> | ||||
| </tr> | ||||
| </table> | ||||
|   <p>In order that the FreeBSD Project may respond to vulnerability | ||||
|     reports in a timely manner, there are four members of the Security | ||||
|     Officer mail alias: the Security Officer, Security Officer | ||||
|     Emeritus, Deputy Security Officer, and one Core Team member. | ||||
|     Therefore, messages sent to the <a | ||||
|     href="mailto:security-officer@FreeBSD.org"><security-officer@FreeBSD.org></a> | ||||
|     mail alias are currently delivered to:</p> | ||||
| 
 | ||||
| <p>The Security Officer is supported by the <a | ||||
| href="mailto:security@FreeBSD.org">FreeBSD Security Team | ||||
| <security@FreeBSD.org></a>, a small group of committers | ||||
| vetted by the Security Officer.</p> | ||||
|   <table> | ||||
|     <tr valign="top"> | ||||
|       <td>&a.cperciva; <a | ||||
|         href="mailto:cperciva@FreeBSD.org"><cperciva@FreeBSD.org></a></td> | ||||
|       <td>Security Officer</td> | ||||
|     </tr> | ||||
|     <tr valign="top"> | ||||
|       <td>&a.nectar; <a | ||||
|         href="mailto:nectar@FreeBSD.org"><nectar@FreeBSD.org></a></td> | ||||
|       <td>Security Officer Emeritus</td> | ||||
|     </tr> | ||||
|     <tr valign="top"> | ||||
|       <td>&a.simon; <a | ||||
|         href="mailto:simon@FreeBSD.org"><simon@FreeBSD.org></a></td> | ||||
|       <td>Deputy Security Officer</td> | ||||
|     </tr> | ||||
|     <tr valign="top"> | ||||
|       <td>&a.rwatson; <a | ||||
|         href="mailto:rwatson@FreeBSD.org"><rwatson@FreeBSD.org></a></td> | ||||
|       <td>FreeBSD Core Team liaison, Release Engineering liaison,<br> | ||||
|           TrustedBSD Project liaison, system security architecture expert</td> | ||||
|     </tr> | ||||
|   </table> | ||||
| 
 | ||||
| <p>Please use the <a | ||||
| href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/public_key.asc">Security | ||||
| Officer PGP key</a> to encrypt your messages to the Security Officer | ||||
| when appropriate.</p> | ||||
|   <p>The Security Officer is supported by the <a | ||||
|       href="mailto:security@FreeBSD.org">FreeBSD Security Team | ||||
|     <security@FreeBSD.org></a>, a small group of committers | ||||
|     vetted by the Security Officer.</p> | ||||
| 
 | ||||
| <a NAME="pol"></a> | ||||
| <h2>Information handling policies</h2> | ||||
|   <p>Please use the <a | ||||
|     href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/public_key.asc">Security | ||||
|     Officer PGP key</a> to encrypt your messages to the Security | ||||
|     Officer when appropriate.</p> | ||||
| 
 | ||||
| <p>As a general policy, the FreeBSD Security Officer favors full | ||||
| disclosure of vulnerability information after a reasonable delay to | ||||
| permit safe analysis and correction of a vulnerability, as well as | ||||
| appropriate testing of the correction, and appropriate coordination | ||||
| with other affected parties.</p> | ||||
|   <a name="pol"></a> | ||||
|   <h2>Information handling policies</h2> | ||||
| 
 | ||||
| <p>The Security Officer <em>will</em> notify one or more of the | ||||
| <a href="mailto:admins@FreeBSD.org">FreeBSD Cluster Admins</a> of | ||||
| vulnerabilities that put the FreeBSD Project's resources under | ||||
| immediate danger.</p> | ||||
|   <p>As a general policy, the FreeBSD Security Officer favors full | ||||
|     disclosure of vulnerability information after a reasonable delay | ||||
|     to permit safe analysis and correction of a vulnerability, as well | ||||
|     as appropriate testing of the correction, and appropriate | ||||
|     coordination with other affected parties.</p> | ||||
| 
 | ||||
| <p>The Security Officer may bring additional FreeBSD developers | ||||
| or outside developers into discussion of a submitted security | ||||
| vulnerability if their expertise is required to fully understand or | ||||
| correct the problem.  Appropriate discretion will be exercised to | ||||
| minimize unnecessary distribution of information about the submitted | ||||
| vulnerability, and any experts brought in will act in accordance of | ||||
| Security Officer policies.  In the past, experts have been brought | ||||
| in based on extensive experience with highly complex components of | ||||
| the operating system, including FFS, the VM system, and the network | ||||
| stack.</p> | ||||
|   <p>The Security Officer <em>will</em> notify one or more of the <a | ||||
|       href="mailto:admins@FreeBSD.org">FreeBSD Cluster Admins</a> of | ||||
|     vulnerabilities that put the FreeBSD Project's resources under | ||||
|     immediate danger.</p> | ||||
| 
 | ||||
| <p>If a FreeBSD release process is underway, the FreeBSD Release | ||||
| Engineer may also be notified that a vulnerability exists, and its | ||||
| severity, so that informed decisions may be made regarding the release | ||||
| cycle and any serious security bugs present in software associated | ||||
| with an up-coming release.  If requested, the Security Officer will | ||||
| not share information regarding the nature of the vulnerability with | ||||
| the Release Engineer, limiting information flow to existence and | ||||
| severity.</p> | ||||
|   <p>The Security Officer may bring additional FreeBSD developers or | ||||
|     outside developers into discussion of a submitted security | ||||
|     vulnerability if their expertise is required to fully understand | ||||
|     or correct the problem.  Appropriate discretion will be exercised | ||||
|     to minimize unnecessary distribution of information about the | ||||
|     submitted vulnerability, and any experts brought in will act in | ||||
|     accordance of Security Officer policies.  In the past, experts | ||||
|     have been brought in based on extensive experience with highly | ||||
|     complex components of the operating system, including FFS, the VM | ||||
|     system, and the network stack.</p> | ||||
| 
 | ||||
| <p>The FreeBSD Security Officer has close working relationships | ||||
| with a number of other organizations, including third-party vendors | ||||
| that share code with FreeBSD (the OpenBSD, NetBSD and | ||||
| DragonFlyBSD projects, | ||||
| Apple, and other vendors deriving software from FreeBSD, as well | ||||
| as the Linux vendor security list), as well as organizations | ||||
| that track vulnerabilities and security incidents, such as CERT. | ||||
| Frequently vulnerabilities may extend beyond the scope of the | ||||
| FreeBSD implementation, and (perhaps less frequently) may have | ||||
| broad implications for the global networking community.  Under such | ||||
| circumstances, the Security Officer may wish to disclose vulnerability | ||||
| information to these other organizations: if you do not wish the | ||||
| Security Officer to do this, please indicate so explicitly in any | ||||
| submissions.</p> | ||||
|   <p>If a FreeBSD release process is underway, the FreeBSD Release | ||||
|     Engineer may also be notified that a vulnerability exists, and its | ||||
|     severity, so that informed decisions may be made regarding the | ||||
|     release cycle and any serious security bugs present in software | ||||
|     associated with an up-coming release.  If requested, the Security | ||||
|     Officer will not share information regarding the nature of the | ||||
|     vulnerability with the Release Engineer, limiting information flow | ||||
|     to existence and severity.</p> | ||||
| 
 | ||||
| <p>Submitters should be careful to explicitly document any special | ||||
| information handling requirements.</p> | ||||
|   <p>The FreeBSD Security Officer has close working relationships with | ||||
|     a number of other organizations, including third-party vendors | ||||
|     that share code with FreeBSD (the OpenBSD, NetBSD and DragonFlyBSD | ||||
|     projects, Apple, and other vendors deriving software from FreeBSD, | ||||
|     as well as the Linux vendor security list), as well as | ||||
|     organizations that track vulnerabilities and security incidents, | ||||
|     such as CERT.  Frequently vulnerabilities may extend beyond the | ||||
|     scope of the FreeBSD implementation, and (perhaps less frequently) | ||||
|     may have broad implications for the global networking community. | ||||
|     Under such circumstances, the Security Officer may wish to | ||||
|     disclose vulnerability information to these other organizations: | ||||
|     if you do not wish the Security Officer to do this, please | ||||
|     indicate so explicitly in any submissions.</p> | ||||
| 
 | ||||
| <p>If the submitter of a vulnerability is interested in a coordinated | ||||
| disclosure process with the submitter and/or other vendors, this | ||||
| should be indicated explicitly in any submissions.  In the absence | ||||
| of explicit requests, the FreeBSD Security Officer will select a | ||||
| disclosure schedule that reflects both a desire for timely disclosure | ||||
| and appropriate testing of any solutions.  Submitters should be aware | ||||
| that if the vulnerability is being actively discussed in public forums | ||||
| (such as bugtraq), and actively exploited, the Security Officer may | ||||
| choose not to follow a proposed disclosure timeline in order to | ||||
| provide maximum protection for the user community.</p> | ||||
|   <p>Submitters should be careful to explicitly document any special | ||||
|     information handling requirements.</p> | ||||
| 
 | ||||
| <p>Submissions may be protected using PGP.  If desired, responses will | ||||
| also be protected using PGP.</p> | ||||
|   <p>If the submitter of a vulnerability is interested in a | ||||
|     coordinated disclosure process with the submitter and/or other | ||||
|     vendors, this should be indicated explicitly in any submissions. | ||||
|     In the absence of explicit requests, the FreeBSD Security Officer | ||||
|     will select a disclosure schedule that reflects both a desire for | ||||
|     timely disclosure and appropriate testing of any solutions. | ||||
|     Submitters should be aware that if the vulnerability is being | ||||
|     actively discussed in public forums (such as bugtraq), and | ||||
|     actively exploited, the Security Officer may choose not to follow | ||||
|     a proposed disclosure timeline in order to provide maximum | ||||
|     protection for the user community.</p> | ||||
| 
 | ||||
| <A NAME=adv></A> | ||||
| <H2>FreeBSD Security Advisories</H2> | ||||
|   <p>Submissions may be protected using PGP.  If desired, responses | ||||
|     will also be protected using PGP.</p> | ||||
| 
 | ||||
| <P>The FreeBSD Security Officer provides security advisories for | ||||
| several branches of FreeBSD development.  These are the <EM>-STABLE | ||||
| Branches</EM> and the <EM>Security Branches</EM>.  (Advisories are not | ||||
| issued for the <EM>-CURRENT Branch</EM>.)</P> | ||||
|   <a name=adv></a> | ||||
|   <h2>FreeBSD Security Advisories</h2> | ||||
| 
 | ||||
| <UL> | ||||
|   <p>The FreeBSD Security Officer provides security advisories for | ||||
|     several branches of FreeBSD development.  These are the | ||||
|     <em>-STABLE Branches</em> and the <em>Security Branches</em>. | ||||
|     (Advisories are not issued for the <em>-CURRENT Branch</em>.)</p> | ||||
| 
 | ||||
| <LI><P>There is usually only a single -STABLE branch, although | ||||
| during the transition from one major development line to another | ||||
| (such as from FreeBSD 4.x to 5.x), there is a time span in which | ||||
| there are two -STABLE branches.  The -STABLE branch tags have names | ||||
| like <TT>RELENG_4</TT>.  The corresponding builds have names like | ||||
| <TT>FreeBSD 4.10-STABLE</TT>.</P></LI> | ||||
|   <ul> | ||||
| 
 | ||||
| <LI><P>Each FreeBSD Release has an associated Security Branch. | ||||
| The Security Branch tags have names like <TT>RELENG_4_10</TT>. | ||||
| The corresponding builds have names like <TT>FreeBSD | ||||
| 4.10-RELEASE-p5</TT>.</P></LI> | ||||
|     <li><p>There is usually only a single -STABLE branch, although | ||||
|       during the transition from one major development line to another | ||||
|       (such as from FreeBSD 4.x to 5.x), there is a time span in which | ||||
|       there are two -STABLE branches.  The -STABLE branch tags have | ||||
|       names like <tt>RELENG_4</tt>.  The corresponding builds have | ||||
|       names like <tt>FreeBSD 4.10-STABLE</tt>.</p></li> | ||||
| 
 | ||||
| </UL> | ||||
|     <li><p>Each FreeBSD Release has an associated Security Branch. | ||||
|       The Security Branch tags have names like <tt>RELENG_4_10</tt>. | ||||
|       The corresponding builds have names like <tt>FreeBSD | ||||
|       4.10-RELEASE-p5</tt>.</p></li> | ||||
|   </ul> | ||||
| 
 | ||||
| <P>Issues affecting the FreeBSD Ports Collection are covered | ||||
| in <A HREF="http://vuxml.FreeBSD.org/">the FreeBSD VuXML | ||||
| document</A>.</P> | ||||
|   <p>Issues affecting the FreeBSD Ports Collection are covered in <a | ||||
|       href="http://vuxml.FreeBSD.org/">the FreeBSD VuXML | ||||
|       document</a>.</p> | ||||
| 
 | ||||
| <P>Each branch is supported by the Security Officer for a limited time | ||||
| only, and is designated as one of `<EM>Early adopter</EM>', | ||||
| `<EM>Normal</EM>', or `<EM>Extended</EM>'.  The designation is used as a | ||||
| guideline for determining the lifetime of the branch as follows.</P> | ||||
|   <p>Each branch is supported by the Security Officer for a limited | ||||
|     time only, and is designated as one of `<em>Early adopter</em>', | ||||
|     `<em>Normal</em>', or `<em>Extended</em>'.  The designation is | ||||
|     used as a guideline for determining the lifetime of the branch as | ||||
|     follows.</p> | ||||
| 
 | ||||
| <DL> | ||||
|   <DT>Early adopter</DT> | ||||
|   <DD>Releases which are published from the -CURRENT branch will be | ||||
|   supported by the Security Officer for a minimum of 6 months after | ||||
|   the release.</DD> | ||||
|   <DT>Normal</DT> | ||||
|   <DD>Releases which are published from the -STABLE branch will be | ||||
|   supported by the Security Officer for a minimum of 12 months after the | ||||
|   release.</DD> | ||||
|   <DT>Extended</DT> | ||||
|   <DD>Selected releases will be supported by the Security Officer for a | ||||
|   minimum of 24 months after the release.</DD> | ||||
| </DL> | ||||
|   <dl> | ||||
|     <dt>Early adopter</dt> | ||||
|     <dd>Releases which are published from the -CURRENT branch will be | ||||
|       supported by the Security Officer for a minimum of 6 months after | ||||
|       the release.</dd> | ||||
|     <dt>Normal</dt> | ||||
|     <dd>Releases which are published from the -STABLE branch will be | ||||
|       supported by the Security Officer for a minimum of 12 months after the | ||||
|       release.</dd> | ||||
|     <dt>Extended</dt> | ||||
|     <dd>Selected releases will be supported by the Security Officer for a | ||||
|       minimum of 24 months after the release.</dd> | ||||
|   </dl> | ||||
| 
 | ||||
| <P>The current designation and estimated lifetimes of the currently | ||||
| supported branches are given below.  The <EM>Estimated EoL | ||||
| (end-of-life)</EM> column gives the earliest date on which that branch | ||||
| is likely to be dropped.  Please note that these dates may be extended | ||||
| into the future, but only extenuating circumstances would lead to a | ||||
| branch's support being dropped earlier than the date listed.</P> | ||||
|   <p>The current designation and estimated lifetimes of the currently | ||||
|     supported branches are given below.  The <em>Estimated EoL | ||||
|     (end-of-life)</em> column gives the earliest date on which that | ||||
|     branch is likely to be dropped.  Please note that these dates may | ||||
|     be extended into the future, but only extenuating circumstances | ||||
|     would lead to a branch's support being dropped earlier than the | ||||
|     date listed.</p> | ||||
| 
 | ||||
| <!-- | ||||
|     Please also update www/en/releng/index.sgml when updating this | ||||
|     list of supported branches. | ||||
| --> | ||||
| <TABLE class="tblbasic"> | ||||
| <TR> | ||||
|   <TH>Branch</TH> | ||||
|   <TH>Release</TH> | ||||
|   <TH>Type</TH> | ||||
|   <TH>Release Date</TH> | ||||
|   <TH>Estimated EoL</TH> | ||||
| </TR> | ||||
| <TR> | ||||
|   <TD>RELENG_4</TD> | ||||
|   <TD>n/a</TD> | ||||
|   <TD>n/a</TD> | ||||
|   <TD>n/a</TD> | ||||
|   <TD>January 31, 2007</TD> | ||||
| </TR> | ||||
| <TR> | ||||
|   <TD>RELENG_4_10</TD> | ||||
|   <TD>4.10-RELEASE</TD> | ||||
|   <TD>Extended</TD> | ||||
|   <TD>May 27, 2004</TD> | ||||
|   <TD>May 31, 2006</TD> | ||||
| </TR> | ||||
| <TR> | ||||
|   <TD>RELENG_4_11</TD> | ||||
|   <TD>4.11-RELEASE</TD> | ||||
|   <TD>Extended</TD> | ||||
|   <TD>January 25, 2005</TD> | ||||
|   <TD>January 31, 2007</TD> | ||||
| </TR> | ||||
| <TR> | ||||
|   <TD>RELENG_5</TD> | ||||
|   <TD>n/a</TD> | ||||
|   <TD>n/a</TD> | ||||
|   <TD>n/a</TD> | ||||
|   <TD>May 31, 2007</TD> | ||||
| </TR> | ||||
| <TR> | ||||
|   <TD>RELENG_5_3</TD> | ||||
|   <TD>5.3-RELEASE</TD> | ||||
|   <TD>Extended</TD> | ||||
|   <TD>November 6, 2004</TD> | ||||
|   <TD>October 31, 2006</TD> | ||||
| </TR> | ||||
| <TR> | ||||
|   <TD>RELENG_5_4</TD> | ||||
|   <TD>5.4-RELEASE</TD> | ||||
|   <TD>Normal</TD> | ||||
|   <TD>May 9, 2005</TD> | ||||
|   <TD>May 31, 2006</TD> | ||||
| </TR> | ||||
| </TABLE> | ||||
|   <!-- | ||||
|       Please also update www/en/releng/index.sgml when updating this | ||||
|       list of supported branches. | ||||
|   --> | ||||
|   <table class="tblbasic"> | ||||
|     <tr> | ||||
|       <th>Branch</th> | ||||
|       <th>Release</th> | ||||
|       <th>Type</th> | ||||
|       <th>Release Date</th> | ||||
|       <th>Estimated EoL</th> | ||||
|     </tr> | ||||
|     <tr> | ||||
|       <td>RELENG_4</td> | ||||
|       <td>n/a</td> | ||||
|       <td>n/a</td> | ||||
|       <td>n/a</td> | ||||
|       <td>January 31, 2007</td> | ||||
|     </tr> | ||||
|     <tr> | ||||
|       <td>RELENG_4_10</td> | ||||
|       <td>4.10-RELEASE</td> | ||||
|       <td>Extended</td> | ||||
|       <td>May 27, 2004</td> | ||||
|       <td>May 31, 2006</td> | ||||
|     </tr> | ||||
|     <tr> | ||||
|       <td>RELENG_4_11</td> | ||||
|       <td>4.11-RELEASE</td> | ||||
|       <td>Extended</td> | ||||
|       <td>January 25, 2005</td> | ||||
|       <td>January 31, 2007</td> | ||||
|     </tr> | ||||
|     <tr> | ||||
|       <td>RELENG_5</td> | ||||
|       <td>n/a</td> | ||||
|       <td>n/a</td> | ||||
|       <td>n/a</td> | ||||
|       <td>May 31, 2007</td> | ||||
|     </tr> | ||||
|     <tr> | ||||
|       <td>RELENG_5_3</td> | ||||
|       <td>5.3-RELEASE</td> | ||||
|       <td>Extended</td> | ||||
|       <td>November 6, 2004</td> | ||||
|       <td>October 31, 2006</td> | ||||
|     </tr> | ||||
|     <tr> | ||||
|       <td>RELENG_5_4</td> | ||||
|       <td>5.4-RELEASE</td> | ||||
|       <td>Normal</td> | ||||
|       <td>May 9, 2005</td> | ||||
|       <td>May 31, 2006</td> | ||||
|     </tr> | ||||
|   </table> | ||||
| 
 | ||||
| <P>Older releases are not maintained and users are strongly encouraged | ||||
| to upgrade to one of the supported releases mentioned above.</P> | ||||
|   <p>Older releases are not maintained and users are strongly | ||||
|     encouraged to upgrade to one of the supported releases mentioned | ||||
|     above.</p> | ||||
| 
 | ||||
| <P>Some statistics about advisories released during 2002:</P> | ||||
| <UL> | ||||
| <LI>44 advisories of varying severity were issued for the base system.</LI> | ||||
| <LI>12 advisories described vulnerabilities found only in FreeBSD. | ||||
| The remaining 32 were problems shared with at least one other OS | ||||
| (often due to shared code).</LI> | ||||
| <LI>6 security notices were issued, covering a total of 95 issues in | ||||
| optional third party applications included in the Ports Collection.</LI> | ||||
| </UL> | ||||
|   <p>Some statistics about advisories released during 2002:</p> | ||||
| 
 | ||||
| <P>Advisories are sent to the following FreeBSD mailing lists:</P> | ||||
| <UL> | ||||
| <LI>FreeBSD-security-notifications@FreeBSD.org</LI> | ||||
| <LI>FreeBSD-security@FreeBSD.org</LI> | ||||
| <LI>FreeBSD-announce@FreeBSD.org</LI> | ||||
| </UL> | ||||
|   <ul> | ||||
|     <li>44 advisories of varying severity were issued for the base | ||||
|       system.</li> | ||||
|     <li>12 advisories described vulnerabilities found only in FreeBSD. | ||||
|       The remaining 32 were problems shared with at least one other OS | ||||
|       (often due to shared code).</li> | ||||
| 
 | ||||
| <P>Advisories are always signed using the FreeBSD Security Officer | ||||
| <A HREF="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/public_key.asc"> PGP key | ||||
| </A> and are archived, along with their associated patches, at our | ||||
| <A HREF="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/index.html">FTP CERT | ||||
| repository</A>.  At the time of this writing, the following advisories are | ||||
| currently available (note that this list may be a few days out of date - | ||||
| for the very latest advisories please check the | ||||
| <A HREF="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/">FTP site</A>):</P> | ||||
|     <li>6 security notices were issued, covering a total of 95 issues | ||||
|       in optional third party applications included in the Ports | ||||
|       Collection.</li> | ||||
|   </ul> | ||||
| 
 | ||||
| &advisories.html.inc; | ||||
|   <p>Advisories are sent to the following FreeBSD mailing lists:</p> | ||||
|   <ul> | ||||
|     <li>FreeBSD-security-notifications@FreeBSD.org</li> | ||||
|     <li>FreeBSD-security@FreeBSD.org</li> | ||||
|     <li>FreeBSD-announce@FreeBSD.org</li> | ||||
|   </ul> | ||||
| 
 | ||||
| 	&footer; | ||||
|     </body> | ||||
|   <p>Advisories are always signed using the FreeBSD Security Officer | ||||
|     <a href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/public_key.asc">PGP | ||||
|       key</a> and are archived, along with their associated | ||||
|     patches, at our <a | ||||
|       href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/index.html">FTP CERT | ||||
|     repository</a>.  At the time of this writing, the following | ||||
|     advisories are currently available (note that this list may be a | ||||
|     few days out of date - for the very latest advisories please check | ||||
|     the <a href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/">FTP | ||||
|       site</a>):</p> | ||||
| 
 | ||||
|   &advisories.html.inc; | ||||
| 
 | ||||
|   &footer; | ||||
| </body> | ||||
| </html> | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue