Fix conflicts introduced from new changes in master branch

security-info/canaries.md

@@ -32,4 +32,6 @@ Qubes Canaries are published through the [Qubes Security Pack](/security/pack/).
 ----
 
 -   [Qubes Canary \#11](https://github.com/QubesOS/qubes-secpack/blob/master/canaries/canary-011-2017.txt)
+-   [Qubes Canary \#12](https://github.com/QubesOS/qubes-secpack/blob/master/canaries/canary-012-2017.txt)
+-   [Qubes Canary \#13](https://github.com/QubesOS/qubes-secpack/blob/master/canaries/canary-013-2017.txt)
 

security-info/security-bulletins-template.md

@@ -9,9 +9,10 @@ Security Bulletin Template
 ==========================
 
 ~~~
-Dear Qubes community,
+Dear Qubes Community,
 
-We have just published Qubes Security Bulletin (QSB) #<number>: <title>.
+We have just published Qubes Security Bulletin (QSB) #<number>:
+<title>.
 The text of this QSB is reproduced below. This QSB and its accompanying
 signatures will always be available in the Qubes Security Pack (qubes-secpack).
 

security-info/security-bulletins.md

@@ -77,4 +77,9 @@ Qubes Security Bulletins are published through the [Qubes Security Pack](/securi
 
 -   [Qubes Security Bulletin \#29](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-029-2017.txt) (Critical Xen bug in PV memory virtualization code (XSA-212))
 -   [Qubes Security Bulletin \#30](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-030-2017.txt) (Critical Xen bugs related to PV memory virtualization (XSA-213, XSA-214))
+-   [Qubes Security Bulletin \#31](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-031-2017.txt) (Xen hypervisor vulnerabilities with unresearched impact (XSA 216-224))
+-   [Qubes Security Bulletin \#32](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-032-2017.txt) (Xen hypervisor and Linux kernel vulnerabilities (XSA-226 through XSA-230))
+-   [Qubes Security Bulletin \#33](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-033-2017.txt) (Xen hypervisor (XSA-231 through XSA-234))
+-   [Qubes Security Bulletin \#34](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-034-2017.txt) (GUI issue and Xen vulnerabilities (XSA-237 through XSA-244))
+-   [Qubes Security Bulletin \#34](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-035-2017.txt) (Xen hypervisor issue related to grant tables (XSA-236))
 

security-info/verifying-signatures.md

@@ -92,10 +92,29 @@ There should also be a copy of this key at the project's main website, in the
 
 Once you have obtained the Qubes Master Signing Key,
 you should verify the fingerprint of this key very carefully by obtaining
-copies of the fingerprint from trustworthy independent sources and comparing
-them to the downloaded key's fingerprint to ensure they match. Then set its
-trust level to "ultimate" (oh, well), so that it can be used to automatically
-verify all the keys signed by the Qubes Master Signing Key:
+copies of the fingerprint from multiple independent sources and comparing
+them to the downloaded key's fingerprint to ensure they match. Here are some
+ideas:
+
+ * Use the PGP Web of Trust.
+ * Check the key against different keyservers.
+ * Use different search engines to search for the fingerprint.
+ * Use Tor to view and search for the fingerprint on various websites.
+ * Use various VPNs and proxy servers.
+ * Use different Wi-Fi networks (work, school, internet cafe, etc.).
+ * Ask people to post the fingerprint in various forums and chat rooms.
+ * Check against PDFs and photographs in which the fingerprint appears
+   (e.g., slides from a talk or on a T-shirt).
+ * Repeat all of the above from different computers and devices.
+
+In addition, some operating systems have built-in keyrings containing keys
+capable of validating the Qubes Master Signing Key. For example, if you have
+a Debian system, then your debian-keyring may already contain the necessary
+keys.
+
+Once you're confident that you have the legitimate Qubes Master Signing Key,
+set its trust level to "ultimate" (oh, well), so that it can be used to
+automatically verify all the keys signed by the Qubes Master Signing Key:
 
 
     $ gpg --edit-key 0x36879494