Remove myself as so-deputy. It had been a journey. Thanks all!

This commit is contained in:
Remko Lodder 2019-04-26 19:16:46 +00:00
parent 01ce8998b7
commit e08d682f8a
Notes: svn2git 2020-12-08 03:00:23 +00:00
svn path=/head/; revision=52958
4 changed files with 39 additions and 8 deletions

View file

@ -167,7 +167,6 @@
<li>&a.joneum.email;</li>
<li>&a.feld.email;</li>
<li>&a.miwi.email;</li>
<li>&a.remko.email;</li>
<li>&a.zi.email;</li>
<li>&a.simon.email;</li>
<li>&a.sbz.email;</li>
@ -197,7 +196,6 @@
<li>&a.blackend.email;</li>
<li>&a.rgrimes.email;</li>
<li>&a.delphij.email;</li>
<li>&a.remko.email; (Security Team Liaison)</li>
<li>&a.hrs.email;</li>
<li>&a.glebius.email;</li>
<li>&a.marius.email; (Deputy Lead)</li>
@ -278,7 +276,6 @@
<li>&a.des.email; (Officer Emeritus)</li>
<li>&a.gjb.email; (Cluster Administrators Team Liaison)</li>
<li>&a.emaste.email; (Officer Deputy)</li>
<li>&a.remko.email; (Officer Deputy)</li>
<li>&a.brooks.email; (Core Team Liaison)</li>
</ul>

View file

@ -88,10 +88,6 @@
<td>&a.emaste.email;</td>
<td>Deputy Security Officer</td>
</tr>
<tr valign="top">
<td>&a.remko.email;</td>
<td>Deputy Security Officer</td>
</tr>
<tr valign="top">
<td>&a.delphij.email;</td>
<td>Security Officer Emeritus</td>

View file

@ -52,6 +52,44 @@
href="reporting.html">reporting FreeBSD security incidents</a>
page.</p>
<a name="when-reporting"></a>
<h2>When is a Security Advisory considered?</h2>
<p>For every issue that gets reported, an internal tracking number is
created, unless something is very obviously not a security issue.
To determine whether or not a Security Advisory is warranted we use
the following scheme:</p>
<ul>
<li>Is it a privilege escalation vulnerability?</li>
<li>Is it a code injection vulnerability?</li>
<li>Is it a memory disclosure or dataleak vulnerability?
<ul>
<li>From either the kernel</li>
<li>From a privileged process</li>
<li>From a process owned by another user?</li>
</ul>
</li>
<li>Is it a Denial of Service vulnerability?
<ul>
<li>Only when remotely exploitable, where remotely means that it
comes from a different broadcast domain, so ARP and/or NDP based
attacks do not qualify.</li>
</ul>
</li>
<li>Is it an unassisted jailbreak vulnerability?</li>
<li>Is it a malfunction that could lead to generating insecure crypto keys,
such as a PRNG bug?</li>
</ul>
<p>For items that fall under these categories, a Security Advisory is very likely.
Items that are not on this list are looked into individually and it will be determined
then whether or not it will receive a Security Advisory or an Errata Notice.</p>
<p>Once it had been determined that a Security Advisory is warranted, either the
submitter delivers a CVE number if he/she already requested one, or we use one
from the FreeBSD pool available.</p>
<a name="recent"></a>
<h2>Recent FreeBSD security vulnerabilities</h2>

View file

@ -2662,7 +2662,7 @@
<!ENTITY a.so '&a.gordon;'>
<!ENTITY a.so.email '&a.gordon.email;'>
<!ENTITY a.so-team '&a.delphij;, &a.des;, &a.gavin;, &a.gjb;, &a.glebius;, &a.remko;'>
<!ENTITY a.so-team '&a.delphij;, &a.des;, &a.emaste; &a.gavin;, &a.gjb;'>
<!-- FreeBSD cluster entities -->
<!ENTITY a.keymaster "Self-Serve SSH key changer">