A catchup sweep of changes in the last week or so.
There are a couple of grammar errors in the issues.dbk section on
openssl:
+++ b/en/issues.dbk
@@ -172,7 +172,7 @@ $ sudo update-initramfs -u
version has been changed from TLSv1 to TLSv1.2.
</para>
<para>
- The default security level for TLS connections has also be increased from
+ The default security level for TLS connections has also been increased
from
level 1 to level 2. This moves from the 80 bit security level to the 112
bit security level and will require 2048 bit or larger RSA and DHE keys,
224 bit or larger ECC keys, and SHA-2.
@@ -185,7 +185,7 @@ $ sudo update-initramfs -u
<para>
In the default <filename>/etc/ssl/openssl.cnf</filename> there is a
<literal>MinProtocol</literal> and <literal>CipherString</literal>
- line. The <literal>CipherString</literal> can also sets the security
+ line. The <literal>CipherString</literal> can also set the security
level. Information about the security levels can be found in the <ulink
url="https://manpages.debian.org/SSL_CTX_set_security_level(3ssl)">SSL_CTX_set_security_level(3ssl)</ulink>
manpage. The list of valid strings for the minimum protocol version can
Plus a bit of generally odd phrasing here:
@@ -197,15 +197,15 @@ $ sudo update-initramfs -u
url="https://manpages.debian.org/config(5ssl)">config(5ssl)</ulink>.
</para>
<para>
- Changing back the defaults in <filename>/etc/ssl/openssl.cnf</filename>
- to previous system wide defaults can be done using:
+ Changing the system wide defaults in
<filename>/etc/ssl/openssl.cnf</filename>
+ back to their previous values can be done by setting:
<programlisting>
MinProtocol = None
CipherString = DEFAULT
</programlisting>
</para>
And a misuse of "in case" (which usually means "as a precaution
against X", not "conditional on X"):
<para>
- It's recommended that you contact the remote site in case the defaults
+ It's recommended that you contact the remote site if the defaults
cause problems.
</para>
</section>
There's also one piece of un-English adverb placement in the section
about reindexing postgreSQL:
@@ -482,8 +482,8 @@ $ sudo update-initramfs -u
corruption, such indexes need to be <literal>REINDEX</literal>ed
immediately after upgrading the <systemitem
role="package">locales</systemitem> or <systemitem
- role="package">locales-all</systemitem> packages, before putting back the
- database into production.
+ role="package">locales-all</systemitem> packages, before putting the
+ database back into production.
</para>
<para>
Suggested command: <screen>sudo -u postgres reindexdb --all</screen>
(But I don't see anything to nitpick in the new Secure Boot info.)
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
diff --git a/en/issues.dbk b/en/issues.dbk
index 52e988ca..bf661db7 100644
--- a/en/issues.dbk
+++ b/en/issues.dbk
@@ -172,7 +172,7 @@ $ sudo update-initramfs -u
version has been changed from TLSv1 to TLSv1.2.
</para>
<para>
- The default security level for TLS connections has also be increased from
+ The default security level for TLS connections has also been increased from
level 1 to level 2. This moves from the 80 bit security level to the 112
bit security level and will require 2048 bit or larger RSA and DHE keys,
224 bit or larger ECC keys, and SHA-2.
@@ -185,7 +185,7 @@ $ sudo update-initramfs -u
<para>
In the default <filename>/etc/ssl/openssl.cnf</filename> there is a
<literal>MinProtocol</literal> and <literal>CipherString</literal>
- line. The <literal>CipherString</literal> can also sets the security
+ line. The <literal>CipherString</literal> can also set the security
level. Information about the security levels can be found in the <ulink
url="https://manpages.debian.org/SSL_CTX_set_security_level(3ssl)">SSL_CTX_set_security_level(3ssl)</ulink>
manpage. The list of valid strings for the minimum protocol version can
@@ -197,15 +197,15 @@ $ sudo update-initramfs -u
url="https://manpages.debian.org/config(5ssl)">config(5ssl)</ulink>.
</para>
<para>
- Changing back the defaults in <filename>/etc/ssl/openssl.cnf</filename>
- to previous system wide defaults can be done using:
+ Changing the system wide defaults in <filename>/etc/ssl/openssl.cnf</filename>
+ back to their previous values can be done by setting:
<programlisting>
MinProtocol = None
CipherString = DEFAULT
</programlisting>
</para>
<para>
- It's recommended that you contact the remote site in case the defaults
+ It's recommended that you contact the remote site if the defaults
cause problems.
</para>
</section>
@@ -482,8 +482,8 @@ $ sudo update-initramfs -u
corruption, such indexes need to be <literal>REINDEX</literal>ed
immediately after upgrading the <systemitem
role="package">locales</systemitem> or <systemitem
- role="package">locales-all</systemitem> packages, before putting back the
- database into production.
+ role="package">locales-all</systemitem> packages, before putting the
+ database back into production.
</para>
<para>
Suggested command: <screen>sudo -u postgres reindexdb --all</screen>
