Page MenuHomeFreeBSD

Update PH's security chapter: document modern way to work with vulndb
ClosedPublic

Authored by ak on Oct 13 2014, 7:33 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Nov 25, 5:03 PM
Unknown Object (File)
Fri, Nov 1, 10:11 AM
Unknown Object (File)
Thu, Oct 31, 6:25 AM
Unknown Object (File)
Thu, Oct 31, 4:28 AM
Unknown Object (File)
Thu, Oct 31, 3:22 AM
Unknown Object (File)
Oct 27 2024, 12:49 AM
Unknown Object (File)
Oct 22 2024, 11:52 PM
Unknown Object (File)
Oct 17 2024, 8:33 AM
Subscribers

Details

Summary

Update Porter's Handbook Security chapter: document modern way to work with vulnerability database.

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

ak retitled this revision from to Update PH's security chapter: document modern way to work with vulndb.
ak updated this object.
ak edited the test plan for this revision. (Show Details)
ak added a reviewer: mat.
ak set the repository for this revision to rD FreeBSD doc repository - subversion.
ak added a reviewer: doceng.
wblock added inline comments.
porters-handbook/security/chapter.xml
419 ↗(On Diff #1974)

I do not see a reason for the <emphasis>. Also, s/fresh/a fresh/.

445 ↗(On Diff #1974)

This whole sentence can be simpler:
<para>Verify that the <literal>&lt;affected&gt;</literal> section of the entry will match the correct packages:</para>

Thanks for the suggestions, patch updated.

en_US.ISO8859-1/books/porters-handbook/security/chapter.xml
446

Please do not use "package(s)", it's unnecessarily complicated and a legacy of lazy programming. "Packages" means "zero or more" and is simpler.

porters-handbook/security/chapter.xml
8 ↗(On Diff #1974)

Again, <emphasis> seems unnecessary.

Please do not use "package(s)", it's unnecessarily complicated and a legacy of lazy programming. "Packages" means "zero or more" and is simpler.

Fixed.

Again, <emphasis> seems unnecessary.

There are two more left in this chapter, but both seems appropriate:
https://svnweb.freebsd.org/doc/head/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml?annotate=45641#l104
https://svnweb.freebsd.org/doc/head/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml?annotate=45641#l152

Btw, if you reviewing whole chapter, can you please help to reword next paragraph?
https://svnweb.freebsd.org/doc/head/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml?annotate=45641#l117
It looks really ugly.

In D941#10, @ak wrote:

Please do not use "package(s)", it's unnecessarily complicated and a legacy of lazy programming. "Packages" means "zero or more" and is simpler.

Fixed.

Again, <emphasis> seems unnecessary.

There are two more left in this chapter, but both seems appropriate:
https://svnweb.freebsd.org/doc/head/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml?annotate=45641#l104
https://svnweb.freebsd.org/doc/head/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml?annotate=45641#l152

Yes, those are fine.

Btw, if you reviewing whole chapter, can you please help to reword next paragraph?
https://svnweb.freebsd.org/doc/head/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml?annotate=45641#l117
It looks really ugly.

Okay. This is without regard to whitespace:

<para>Committers can update the <acronym>VuXML</acronym> database

themselves, assisting the Security Officer Team and delivering crucial
information to the community more quickly.  Those who are
not committers or have discovered an exceptionally severe 
vulnerability should not hesitate to contact the Security Officer 
Team directly, as described on the <link
  xlink:href="http://www.freebsd.org/security/#how">&os; Security 
  Information</link> page.</para>

Okay. This is without regard to whitespace:

Thank you.

wblock added a reviewer: wblock.

Looks good. Please build-test before commit.

This revision is now accepted and ready to land.Oct 14 2014, 6:44 PM
mat edited edge metadata.
ak updated this revision to Diff 1999.

Closed by commit rD45838 (authored by @ak).