Status: Add FreeBSD Foundation security engineering report

website/content/en/status/report-2024-10-2024-12/foundation-security.adoc

@@ -0,0 +1,23 @@
+=== Security engineering at the FreeBSD Foundation
+
+Links: +
+link:https://freebsdfoundation.org/news-and-events/latest-news/freebsd-foundation-releases-bhyve-and-capsicum-security-audit-funded-by-alpha-omega-project/[FreeBSD Foundation Releases Bhyve and Capsicum Security Audit Funded by Alpha-Omega Project] URL: link:https://freebsdfoundation.org/news-and-events/latest-news/freebsd-foundation-releases-bhyve-and-capsicum-security-audit-funded-by-alpha-omega-project/[] +
+link:https://fosdem.org/2025/schedule/event/fosdem-2025-6152-how-freebsd-security-audits-have-improved-our-security-culture/[How FreeBSD security audits have improved our security culture] URL: link:https://fosdem.org/2025/schedule/event/fosdem-2025-6152-how-freebsd-security-audits-have-improved-our-security-culture/[] +
+link:https://github.com/orcwg/orcwg[Home of the ORC WG] URL: link:https://github.com/orcwg/orcwg[] +
+link:https://freebsdfoundation.org/about-us/contact-us/[FreeBSD Foundation: Contact Us] URL: link:https://freebsdfoundation.org/about-us/contact-us/[] +
+link:https://openssf.org/projects/osv-schema/[Open Source Vulnerability schema (OSV Schema)] URL: link:https://openssf.org/projects/osv-schema/[] +
+link:https://github.com/ossf/osv-schema/pull/237[ossf/osv-schema tools: import a conversion tool to and from VuXML (#237)] URL: link:https://github.com/ossf/osv-schema/pull/237[]
+
+Contact: Pierre Pronchery <pierre@freebsdfoundation.org>
+
+My tasks at the FreeBSD Foundation continue to revolve around Security Engineering for the FreeBSD Project.
+
+First, we keep working on the outcome of the source code audit on bhyve and Capsicum, documenting and researching how to prevent and mitigate similar issues from occurring again in the future.
+This includes the processes relevant for contributions to the FreeBSD Project, as well as the preparation of a joint presentation with Alpha-Omega at the BSD Devroom during the coming FOSDEM conference in 2025.
+
+At the same time, I am liaising with the Open Regulatory Compliance Working Group (ORC WG), where an FAQ is being elaborared jointly by a number of stakeholders on the European Union's newly introduced Cyber Resilience Act (CRA).
+This is all related to our ongoing collaboration with OpenSSF, notably the self-assessment initiative; note that the FreeBSD Foundation can provide assistance in this regard for projects deploying FreeBSD.
+
+Finally, possibilities around the integration of OSV tooling into the FreeBSD ecosystem are under investigation as well.
+
+Sponsored by:	The FreeBSD Foundation

website/content/en/status/report-2024-10-2024-12/installer.adoc

@@ -7,6 +7,8 @@ link:https://github.com/freebsd/freebsd-src/pull/1424[bsdinstall: Add pkg instal
 link:https://github.com/freebsd/freebsd-src/pull/1427[bsdinstall: Add repair scripts to installer menu (#1427)] URL: link:https://github.com/freebsd/freebsd-src/pull/1427[]
 link:https://wiki.freebsd.org/LaptopDesktopWorkingGroup[Laptop and Desktop Working Group] URL: link:https://wiki.freebsd.org/LaptopDesktopWorkingGroup[]
 
+Contact: Pierre Pronchery <pierre@freebsdfoundation.org>
+
 As part of 2024's GSoC Project on the FreeBSD installer, I had the pleasure to mentor Chun Cheng Yeh (aka "Leaf") with his implementation of additional capabilities.
 The aim was to add support for repairing or updating an existing installation of FreeBSD, as well as allowing packages to be installed in the Live environment.
 This work has been consolidated into three distinct pull-requests, available on GitHub.