Changeset 321434c

Timestamp:

10/26/2012 06:15:09 AM (12 years ago)

Author:

Chris Staub <chris@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

802f7211

Parents:

0d7beb4

Message:

Text fixups on vuln page

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@10790 af4574ff-66df-0310-9fd7-8a98e5e911e0

File:

• postlfs/security/vulnerabilities.xml (modified) (4 diffs)

postlfs/security/vulnerabilities.xml

@@ -26 +26 @@
     <para>All software has bugs. Sometimes, a bug can be exploited, for example
     to allow users to gain enhanced privileges (perhaps gaining a root shell, or
-    simply accessing or deleting other users&apos; files), or to allow a remote
+    simply accessing or deleting other user&apos;s files), or to allow a remote
     site to crash an application (denial of service), or for theft of data. These
     bugs are labelled as vulnerabilities.</para>
@@ -38 +38 @@
     packages which have long since been updated in BLFS.</para>
 
-    <para>BLFS differs from distributions - there is no BLFS security team and
+    <para>BLFS differs from distributions - there is no BLFS security team, and
     the editors only become aware of vulnerabilities after they are public
     knowledge. Sometimes, a package with a vulnerability will not be updated in
-    the book for a long time.  Issues can be logged in the trac system, which
+    the book for a long time.  Issues can be logged in the Trac system, which
     might speed up resolution.</para>
 
     <para>The normal way for BLFS to fix a vulnerability is, ideally, to update
-    the book to a new fixed releasse of the package.  Sometimes that happens even
+    the book to a new fixed release of the package.  Sometimes that happens even
     before the vulnerability is public knowledge, so there is no guarantee that
     it will be shown as a vulnerability fix in the Changelog. Alternatively, a
@@ -55 +55 @@
 
     <para>To keep track of what is being discovered, you may wish to follow the
-    security announcements of one or more distributions.  For example, debian have
-    <ulink url="http://www.debian.org/security">debian security</ulink>.
-    fedora links on security are at
-    <ulink url="http://fedoraproject.org/wiki/Security">the fedora wiki</ulink>.
-    details of gentoo linux security announcements are discussed at
-    <ulink url="http://www.gentoo.org/security">gentoo security</ulink>.
+    security announcements of one or more distributions.  For example, Debian has
+    <ulink url="http://www.debian.org/security">Debian security</ulink>.
+    Fedora's links on security are at
+    <ulink url="http://fedoraproject.org/wiki/Security">the Fedora wiki</ulink>.
+    details of Gentoo linux security announcements are discussed at
+    <ulink url="http://www.gentoo.org/security">Gentoo security</ulink>.
     and the Slackware archives of security announcements are at
-    <ulink url="http://slackware.com/security">slackware security</ulink>.
+    <ulink url="http://slackware.com/security">Slackware security</ulink>.
     </para>
 
@@ -72 +72 @@
     <ulink url="http://www.cert.hr">cert.hr</ulink> (Croatian). These are not
     linux-specific. There is also a daily update at lwn.net for subscribers
-    (free access to the data after 2 weeks), but their vulnerabilities database at
+    (free access to the data after 2 weeks, but their vulnerabilities database at
     <ulink url="http://lwn.net/Vulnerabilities/">lwn.net/Vulnerabilities</ulink>
     is unrestricted).</para>