diff options
Diffstat (limited to 'documentation/content/en/books/porters-handbook/security/_index.po')
| -rw-r--r-- | documentation/content/en/books/porters-handbook/security/_index.po | 62 |
1 files changed, 53 insertions, 9 deletions
diff --git a/documentation/content/en/books/porters-handbook/security/_index.po b/documentation/content/en/books/porters-handbook/security/_index.po index c7e691c683..d4e82d6313 100644 --- a/documentation/content/en/books/porters-handbook/security/_index.po +++ b/documentation/content/en/books/porters-handbook/security/_index.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: FreeBSD Documentation VERSION\n" -"POT-Creation-Date: 2025-05-01 19:56-0300\n" +"POT-Creation-Date: 2025-08-17 20:54+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -561,17 +561,61 @@ msgstr "" #. type: Title === #: documentation/content/en/books/porters-handbook/security/_index.adoc:319 #, no-wrap -msgid "Cross-checking Derivatives" +msgid "VuXML new entry checklist" msgstr "" #. type: Plain text -#: documentation/content/en/books/porters-handbook/security/_index.adoc:326 +#: documentation/content/en/books/porters-handbook/security/_index.adoc:323 msgid "" -"If an upstream project has a known vulnerability, check whether derivatives " -"or forks of the project included in the ports tree are also affected. For " -"example, if a vulnerability is discovered in package:www/firefox[], assess " -"whether derivatives like package:www/librewolf[], package:www/waterfox[] or " -"other similar projects share the same vulnerability. Include all affected " +"Check the name of the port. Sometimes the upstream project name is not " +"exactly the same as the port name." +msgstr "" + +#. type: Plain text +#: documentation/content/en/books/porters-handbook/security/_index.adoc:327 +msgid "" +"Add all flavors. When a port has flavors all the package names need to be " +"added as a `<package>` in the entry. Use the following script to generate " +"all flavored package names:" +msgstr "" + +#. type: delimited block . 4 +#: documentation/content/en/books/porters-handbook/security/_index.adoc:331 +#, no-wrap +msgid "% for flavor in $(make -V FLAVORS); do FLAVOR=\"${flavor}\" make -VPKGNAME;done\n" +msgstr "" + +#. type: Plain text +#: documentation/content/en/books/porters-handbook/security/_index.adoc:336 +msgid "" +"Check if the port has `PORTEPOCH`. The above script snippet helps with " +"that. If the port uses `PORTEPOCH` it is mandatory to add it to the " +"`<range>` tag." +msgstr "" + +#. type: Plain text +#: documentation/content/en/books/porters-handbook/security/_index.adoc:340 +msgid "" +"Double check ranges. In the case of ranges limited on both sides, make sure " +"that the `<ge>` and `<lt>` elements are inside the same `<range>` tag. " +"Otherwise the entry might end up defining an overlapping range." +msgstr "" + +#. type: Plain text +#: documentation/content/en/books/porters-handbook/security/_index.adoc:349 +msgid "" +"Cross-check derivatives. Check whether derivatives or forks of the project " +"included in the ports tree are also affected. For example, if a " +"vulnerability is discovered in package:www/firefox[], assess whether " +"derivatives like package:www/librewolf[], package:www/waterfox[] or other " +"similar projects share the same vulnerability. Include all affected " "derivatives in the VuXML entry, ensuring that users of these ports are " -"informed." +"informed. Also check if there are Linux versions of the same port in the " +"tree. For instance, package:databases/sqlite3[] vulnerabilities most likely " +"affect packages like package:databases/linux-c7-sqlite3[] too." +msgstr "" + +#. type: Plain text +#: documentation/content/en/books/porters-handbook/security/_index.adoc:349 +msgid "Do not commit an entry without running `make validate` first." msgstr "" |