diff --git a/project-security/canary.md b/project-security/canary.md index 31174f6d..f7ea2e98 100644 --- a/project-security/canary.md +++ b/project-security/canary.md @@ -9,9 +9,9 @@ ref: 208 title: Qubes canaries --- -A **Qubes Canary** is a security announcement periodically issued by the [Qubes -Security Team](/security/#qubes-security-team) through the [Qubes Security -Pack](/security/pack/) consisting of several statements to the effect that the +A **Qubes canary** is a security announcement periodically issued by the [Qubes +security team](/security/#qubes-security-team) through the [Qubes security +pack](/security/pack/) consisting of several statements to the effect that the signers of the canary have not been compromised. The idea is that, as long as signed canaries including such statements continue to be published, all is well. However, if the canaries should suddenly cease, if one or more signers diff --git a/project-security/qsb.md b/project-security/qsb.md index 0c956aa8..75d96b8b 100644 --- a/project-security/qsb.md +++ b/project-security/qsb.md @@ -13,9 +13,9 @@ ref: 218 title: Qubes security bulletins (QSBs) --- -A **Qubes Security Bulletin (QSB)** is a security announcement issued by the +A **Qubes security bulletin (QSB)** is a security announcement issued by the [Qubes Security Team](/security/#qubes-security-team) through the [Qubes -Security Pack](/security/pack/). A QSB typically provides a summary and impact +security pack](/security/pack/). A QSB typically provides a summary and impact analysis of one or more recently-discovered software vulnerabilities, including details about patching to address them. diff --git a/project-security/security-pack.md b/project-security/security-pack.md index 4aac5f24..ae22e8dc 100644 --- a/project-security/security-pack.md +++ b/project-security/security-pack.md @@ -18,7 +18,7 @@ ref: 213 title: Qubes security pack (qubes-secpack) --- -The **Qubes Security Pack** (qubes-secpack) is a Git repository that contains: +The **Qubes security pack (qubes-secpack)** is a Git repository that contains: - [Qubes security bulletins (QSBs)](/security/qsb/) - [Qubes canaries](/security/canary/) diff --git a/project-security/xsa.md b/project-security/xsa.md index d2221fd4..77dfe88f 100644 --- a/project-security/xsa.md +++ b/project-security/xsa.md @@ -6,10 +6,10 @@ ref: 214 title: Xen security advisory (XSA) tracker --- -This tracker shows whether Qubes OS is affected by any given [Xen Security -Advisory (XSA)](https://xenbits.xen.org/xsa/). Shortly after a new XSA is +This tracker shows whether Qubes OS is affected by any given [Xen security +advisory (XSA)](https://xenbits.xen.org/xsa/). Shortly after a new XSA is published, we will add a new row to this tracker. Whenever Qubes is -significantly affected by an XSA, a [Qubes Security Bulletin +significantly affected by an XSA, a [Qubes security bulletin (QSB)](/security/qsb/) is published, and a link to that QSB is added to the row for the associated XSA. @@ -19,7 +19,7 @@ or **No**. * **Yes** means that the *security* of Qubes OS *is* affected. * **No** means that the *security* of Qubes OS is *not* affected. -## Important Notes +## Important notes * For the purpose of this tracker, we do *not* classify mere [denial-of-service (DoS) attacks](https://en.wikipedia.org/wiki/Denial-of-service_attack) as @@ -33,10 +33,10 @@ or **No**. any XSAs on this page, since patches are almost always published concurrently with QSBs. Please read the QSB (if any) for each XSA for patching details. * Embargoed XSAs are excluded from this tracker until they are publicly - released, since the [Xen Security - Policy](https://www.xenproject.org/security-policy.html) does not permit us + released, since the [Xen security + policy](https://www.xenproject.org/security-policy.html) does not permit us to state whether Qubes is affected prior to the embargo date. * Unused and withdrawn XSA numbers are included in the tracker for the sake of - completeness, but they are excluded from the [Statistics](#statistics) + completeness, but they are excluded from the [statistics](#statistics) section for the sake of accuracy. * All dates are in UTC.