Hi, Since November 7th 2013, SECURITY files are not present anymore in the ports tree [1]. So don't mention them in the guide.
[1] : https://marc.info/?l=openbsd-ports-cvs&m=138380816223024&w=2 Cheers, Daniel Index: faq/ports/guide.html =================================================================== RCS file: /cvs/www/faq/ports/guide.html,v retrieving revision 1.65 diff -u -p -r1.65 guide.html --- faq/ports/guide.html 31 Dec 2016 21:51:45 -0000 1.65 +++ faq/ports/guide.html 5 Feb 2017 15:21:31 -0000 @@ -546,19 +546,6 @@ Stripped files have no symbols in the <t <b>Check port for security holes again</b>. This is especially important for network-facing programs. See <a href="#PortsSecurity">our security recommendations</a> for that. -Log interesting stuff and fixes in the <tt>pkg/SECURITY</tt> file. -This file should list audited potential problems, along with relevant patches, -so that another person can see at first glance what has been done. -Example: - -<blockquote><pre> -$OpenBSD$ - -${WRKDIR}/receiver.c - call to mktemp (wrapper function do_mktemp) does seem to be correct. - -The server makes extensive use of strlcpy/strlcat/snprintf. -</pre></blockquote> <br><br><li> Make sure your <tt>/etc/mtree</tt> directory is up to date.
