===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.438
retrieving revision 1.439
diff -u -r1.438 -r1.439
--- www/security.html	2019/02/19 10:17:31	1.438
+++ www/security.html	2019/02/19 11:01:49	1.439
@@ -136,7 +136,7 @@
 have fixed many simple and obvious careless programming errors in code
 and only months later discovered that the problems were in fact
 exploitable.  (Or, more likely someone on
-<a href="http://online.securityfocus.com/archive/1">BUGTRAQ</a>
+<a href="https://www.securityfocus.com/archive/1">BUGTRAQ</a>
 would report that other operating systems were vulnerable to a `newly
 discovered problem', and then it would be discovered that OpenBSD had
 been fixed in a previous release).  In other cases we have been saved
@@ -178,7 +178,7 @@
 Our proactive auditing process has really paid off.  Statements like
 ``This problem was fixed in OpenBSD about 6 months ago'' have become
 commonplace in security forums like
-<a href="http://online.securityfocus.com/archive/1">BUGTRAQ</a>.<p>
+<a href="https://www.securityfocus.com/archive/1">BUGTRAQ</a>.<p>
 
 The most intense part of our security auditing happened immediately
 before the OpenBSD 2.0 release and during the 2.0-&gt;2.1 transition,