May 2006, October 2006, Novemeber 2007, June 2008, July 2008, October 2008
May 2006, October 2006, November 2007, June 2008, July 2008, October 2008, January 2010
@@ -109,8 +109,8 @@
Vulnerability of existing infrastructure to attacks.
The previous two items make it possible for a skilled attacker to
design an attack and then execute it against specific portions of
-existing infrastructure (eg: Compromise a country-local rsync mirror,
-and totally replace a package and it's Manifest).
+existing infrastructure (e.g.: Compromise a country-local rsync
+mirror, and totally replace a package and it's Manifest).
@@ -153,7 +153,7 @@
direct attacks against Upstream and Users are outside of the scope of
this series of GLEPs as they are not in any way controlled or
controllable by Gentoo - however attacks using Gentoo as a conduit
-(including malicous mirrors) must be considered.
+(including malicious mirrors) must be considered.
2008-04-03, gentoo-dev mailing list, "Re: Monthly Gentoo Council
Reminder for April" - Ciaran McCreesh (ciaranm). A thread in which
Ciaran reminds everybody that simply making all the developers sign the
-tree is not sufficent to prevent all attacks.
+tree is not sufficient to prevent all attacks.
[ http://thread.gmane.org/gmane.linux.gentoo.devel/55508/focus=55542 ]
2008-07-01, gentoo-portage-dev mailing list, "proto-GLEPS for
Tree-signing" - Robin H. Johnson (robbat2). Thread looking for review
@@ -370,7 +370,7 @@