Table of contents:
The FreeBSD Ports Security Team is formed to provide rapid response to security incidents that affects the FreeBSD ports collection and protect the FreeBSD user community by keeping the community informed of bugs, exploits, popular attacks, and other risks.
The responsibilities of the FreeBSD Ports Security Team include:
- Keeping community informed of bugs that affects FreeBSD ports collection.
- Help other committers in preparing VuXML entries regarding security vulnerabilities.
- Resolving software bugs that affect the security of FreeBSD ports collection in a timely fashion.
- Maintaining the latest quarterly branch to make sure they receive same security updates as development trunk does.
- Monitoring the appropriate channels for reports of bugs, exploits, and other circumstances that may affect the security of a port in the FreeBSD ports collection.
The Security Officer has delegated power subject to accountability constraints, and the ports security team members are accountable to the Security Officer Team in the use of this power:
- Expedited commits: The ports security team is may forgo maintainership of individual ports.
The Ports Management Team has granted implicit approval for the Ports Security Team to the latest quarterly branch for security related updates.
The FreeBSD Ports Security Team members are volunteers selected by the Security Officer from active ports committers who have made commits in the ports tree in the last 90 days. Team members are accountable to the Security Officer and to the Ports Management Team.
The Ports Security Team members are expected to remain active in their duties.
There is no Ports Secteam section on the Project Administration page, but there should be.
See the Committers Guide
Security updates for non-broken ports require review/approval.
Typically, ports-secteam approves security updates if they don't cause shared library bumps and they don't cause new breakages OR if they are leaf ports (i.e. no other ports depends on them). The goal is to make sure that we don't cause additional breakage to quarterly branch.