===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.79
retrieving revision 1.80
diff -c -r1.79 -r1.80
*** www/security.html 1998/11/16 04:46:31 1.79
--- www/security.html 1998/11/17 01:10:30 1.80
***************
*** 49,55 ****
increase security is simply a comprehensive file-by-file analysis of
every critical software component. Flaws have been found in just
about every area of the system. Entire new classes of security
! problems have been found during our the audit, and often source code
which had been audited earlier needs re-auditing with these new flaws
in mind. Code often gets audited multiple times, and by multiple
people with different auditing skills.
--- 49,55 ----
increase security is simply a comprehensive file-by-file analysis of
every critical software component. Flaws have been found in just
about every area of the system. Entire new classes of security
! problems have been found during our audit, and often source code
which had been audited earlier needs re-auditing with these new flaws
in mind. Code often gets audited multiple times, and by multiple
people with different auditing skills.
***************
*** 86,92 ****
BUGTRAQ.
The most intense part of our security auditing happened immediately
! before the OpenBSD 2.0 release and during the 2.0->2.1 transition,
over the last third of 1996 and first half of 1997. Thousands (yes,
thousands) of security issues were fixed rapidly over this year-long
period; bugs like the standard buffer overflows, protocol
--- 86,92 ----
BUGTRAQ.
The most intense part of our security auditing happened immediately
! before the OpenBSD 2.0 release and during the 2.0->2.1 transition,
over the last third of 1996 and first half of 1997. Thousands (yes,
thousands) of security issues were fixed rapidly over this year-long
period; bugs like the standard buffer overflows, protocol
***************
*** 206,212 ****
Watching our Security Changes
Since we take a proactive stance with security, we are continually
finding and fixing new security problems. Not all of these problems
! get widely reported because (as stated earlier); many of them are not
confirmed to be exploitable; many simple bugs we fix do turn out to
have security consequences we could not predict. We do not have the
time resources to make these changes available in the above format.
--- 206,212 ----
Watching our Security Changes
Since we take a proactive stance with security, we are continually
finding and fixing new security problems. Not all of these problems
! get widely reported because (as stated earlier) many of them are not
confirmed to be exploitable; many simple bugs we fix do turn out to
have security consequences we could not predict. We do not have the
time resources to make these changes available in the above format.
***************
*** 236,242 ****
it is nearly 300MB of source code, and problems do occur as we
transition between major releases.
Install a binary snapshot for your
! architecure, which are made available fairly often. For
instance, an i386 snapshot is typically made available weekly.
--- 236,242 ----
it is nearly 300MB of source code, and problems do occur as we
transition between major releases.
Install a binary snapshot for your
! architecture, which are made available fairly often. For
instance, an i386 snapshot is typically made available weekly.
***************
*** 257,263 ****
www@openbsd.org
! $OpenBSD: security.html,v 1.79 1998/11/16 04:46:31 deraadt Exp $