[pkgsrc/trunk]: pkgsrc/doc/guide/files Improve section on handling packages w...

[wiz <wiz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/8db599f8008d
branches:  trunk
changeset: 495439:8db599f8008d
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Thu Jun 09 18:30:33 2005 +0000

description:
Improve section on handling packages with security problems.

diffstat:

 doc/guide/files/fixes.xml |  31 ++++++++++++++-----------------
 1 files changed, 14 insertions(+), 17 deletions(-)

diffs (48 lines):

diff -r 789fdb397a94 -r 8db599f8008d doc/guide/files/fixes.xml
--- a/doc/guide/files/fixes.xml Thu Jun 09 18:22:32 2005 +0000
+++ b/doc/guide/files/fixes.xml Thu Jun 09 18:30:33 2005 +0000
@@ -1,4 +1,4 @@
-<!-- $NetBSD: fixes.xml,v 1.21 2005/06/05 23:14:33 wiz Exp $ -->
+<!-- $NetBSD: fixes.xml,v 1.22 2005/06/09 18:30:33 wiz Exp $ -->
 
 <chapter id="fixes"> <?dbhtml filename="fixes.html"?>
   <title>Notes on fixes for packages</title>
@@ -360,25 +360,22 @@
     <sect2 id="security-handling">
       <title>Handling packages with security problems</title>
       
-      <para> When a vulnerability is found, this should be noted in
+      <para>When a vulnerability is found, this should be noted in
         <filename>localsrc/security/advisories/pkg-vulnerabilities</filename>,
-        and after the commit of that file, it should be copied to both
-        <filename>/pub/NetBSD/packages/distfiles/pkg-vulnerabilities</filename>
-        and
-        <filename>/pub/NetBSD/packages/distfiles/vulnerabilities</filename>
-        on ftp.NetBSD.org using
-        <filename>localsrc/security/advisories/Makefile</filename>.  In
-        addition, if a <filename>buildlink3.mk</filename> file exists
-        for an affected package, bumping <varname>PKGREVISION</varname>
-        and creating a corresponding
+        and after committing that file, use <command>make upload</command>
+       in the same directory to update the file on ftp.NetBSD.org.</para>
+
+      <para>After fixing the vulnerability by a patch, its
+       <varname>PKGREVISION</varname> should be increased (this
+       is of course not necessary if the problem is fixed by using
+       a newer release of the software).  In addition, if a
+       <filename>buildlink3.mk</filename> file exists for an
+       affected package, a corresponding
         <varname>BUILDLINK_RECOMMENDED.<replaceable>pkg</replaceable></varname>
-        entry should be considered. See <xref linkend="buildlink"/> for
-        more information about writing
-        <filename>buildlink3.mk</filename> files and
-        <varname>BUILDLINK_*</varname> definitions. </para>
+       entry should be added or updated in it.</para>
 
-      <para> Also, if the fix should be applied to the stable pkgsrc
-        branch, be sure to submit a pullup request!  </para>
+      <para>Also, if the fix should be applied to the stable pkgsrc
+        branch, be sure to submit a pullup request!</para>
     </sect2>