security: updates

website/content/en/security/_index.adoc

@@ -10,7 +10,8 @@ include::shared/releases.adoc[]
 
 == Introduction
 
-FreeBSD takes security very seriously and its developers are constantly working on making the operating system as secure as possible. This page will provide information about what to do in the event of a security vulnerability affecting your system
+FreeBSD takes security very seriously and its developers are constantly working on making the operating system as secure as possible.
+This page will provide information about what to do in the event of a security vulnerability affecting your system.
 
 == Table of Contents
 
@@ -24,12 +25,14 @@ FreeBSD takes security very seriously and its developers are constantly working
 [[reporting]]
 == Reporting FreeBSD security incidents
 
-FreeBSD security issues specific to the base system should be reported via email to the mailto:secteam@FreeBSD.org[FreeBSD Security Team] or, if a higher level of confidentiality is required, via PGP encrypted email to the mailto:security-officer@FreeBSD.org[Security Officer Team] using the link:so_public_key.asc[Security Officer PGP key]. Additional information can be found at the link:reporting/[reporting FreeBSD security incidents] page.
+FreeBSD security issues specific to the base system should be reported via email to the mailto:secteam@FreeBSD.org[FreeBSD Security Team] or, if a higher level of confidentiality is required, via PGP encrypted email to the mailto:security-officer@FreeBSD.org[Security Officer Team] using the link:so_public_key.asc[Security Officer PGP key].
+Additional information can be found at the link:reporting/[reporting FreeBSD security incidents] page.
 
 [[when-reporting]]
 == When is a Security Advisory considered?
 
-For every issue that gets reported, an internal tracking number is created, unless something is very obviously not a security issue. To determine whether or not a Security Advisory is warranted we use the following scheme:
+For every issue that gets reported, an internal tracking number is created, unless something is very obviously not a security issue.
+To determine whether or not a Security Advisory is warranted we use the following scheme:
 
 * Is it a privilege escalation vulnerability?
 * Is it a code injection vulnerability?
@@ -42,7 +45,8 @@ For every issue that gets reported, an internal tracking number is created, unle
 * Is it an unassisted jailbreak vulnerability?
 * Is it a malfunction that could lead to generating insecure crypto keys, such as a PRNG bug?
 
-For items that fall under these categories, a Security Advisory is very likely. Items that are not on this list are looked into individually and it will be determined then whether or not it will receive a Security Advisory or an Errata Notice.
+For items that fall under these categories, a Security Advisory is very likely.
+Items that are not on this list are looked into individually and it will be determined then whether or not it will receive a Security Advisory or an Errata Notice.
 
 Once it had been determined that a Security Advisory is warranted, either the submitter delivers a CVE number if he/she already requested one, or we use one from the FreeBSD pool available.
 
@@ -66,10 +70,11 @@ The list of released advisories can be found on the link:advisories[FreeBSD Secu
 
 Advisories are always signed using the FreeBSD Security Officer link:so_public_key.asc[PGP key] and are archived, along with their associated patches, at the https://security.FreeBSD.org web server in the https://security.FreeBSD.org/advisories/[advisories] and https://security.FreeBSD.org/patches/[patches] subdirectories.
 
-The FreeBSD Security Officer provides security advisories for _-STABLE Branches_ and the _Security Branches_. (Advisories are not issued for the _-CURRENT Branch_, which is primarily oriented towards FreeBSD developers.)
+The FreeBSD Security Officer provides security advisories for _-STABLE Branches_ and the _Security Branches_.
+(Advisories are not issued for the _-CURRENT Branch_, which is primarily oriented towards FreeBSD developers.)
 
-* The -STABLE branch tags have names like `stable/13`. The corresponding builds have names like `FreeBSD 13.2-STABLE`.
-* Each FreeBSD Release has an associated Security Branch. The Security Branch tags have names like `releng/13.2`. The corresponding builds have names like `FreeBSD 13.2-RELEASE-p1`.
+* The -STABLE branch tags have names like `stable/13`. The corresponding builds have names like `FreeBSD 13.3-STABLE`.
+* Each FreeBSD Release has an associated Security Branch. The Security Branch tags have names like `releng/13.3`. The corresponding builds have names like `FreeBSD 13.3-RELEASE-p1`.
 
 Issues affecting the FreeBSD Ports Collection are covered separately in https://vuxml.FreeBSD.org/[the FreeBSD VuXML document].
 
@@ -78,15 +83,16 @@ Errata affecting the base system but not classified as security vulnerabilities
 [[how]]
 == How to update your system
 
-For users that have previously installed a binary version of FreeBSD (e.g., {rel131-current} or {rel123-current}), commands:
+If you have previously installed a binary version of FreeBSD (e.g., {rel132-current} or {rel140-current}), run two commands:
 
 `# freebsd-update fetch`
 
 `# freebsd-update install`
 
 If that fails, follow the other instructions in the security advisory you care about.
 
-Note that the above procedure is only for users who have previously installed a binary distribution. Those who have built from source will need to update their source tree to upgrade.
+Note that the above procedure is only for users who have previously installed a binary distribution.
+Those who have built from source will need to update their source tree to upgrade.
 
 For more details, read link:{handbook}cutting-edge/#freebsdupdate-security-patches[how to apply security patches].
 
@@ -95,7 +101,9 @@ For more details, read link:{handbook}cutting-edge/#freebsdupdate-security-patch
 
 Each release is supported by the Security Officer for a limited time only.
 
-The designation and expected lifetime of all currently supported branches and their respective releases are given below. The _Expected EoL (end-of-life)_ column indicates the earliest date on which support for that branch or release will end. Please note that these dates may be pushed back if circumstances warrant it.
+The designation and expected lifetime of all currently supported branches and their respective releases are given below.
+The _Expected EoL (end-of-life)_ column indicates the earliest date on which support for that branch or release will end.
+Please note that these dates may be pushed back if circumstances warrant it.
 
 link:unsupported[Older releases] are not supported and users are strongly encouraged to upgrade to one of these supported releases:
 
@@ -110,7 +118,9 @@ link:unsupported[Older releases] are not supported and users are strongly encour
 |releng/13.2 |13.2-RELEASE |April 11, 2023 |June 30, 2024
 |===
 
-In the run-up to a release, a number of -BETA and -RC releases may be published for testing purposes. These releases are only supported for a few weeks, as resources permit, and will not be listed as supported on this page. Users are strongly discouraged from running these releases on production systems.
+In the run-up to a release, a number of -BETA and -RC releases may be published for testing purposes.
+These releases are only supported for a few weeks, as resources permit, and will not be listed as supported on this page.
+Users are strongly discouraged from running these releases on production systems.
 
 [[model]]
 == The FreeBSD support model