Fix several typos and replace tabs by spaces for correct conversion

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@27514 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 30 insertions, 30 deletions

diff --git a/doc/security-team.d.o/security_tracker b/doc/security-team.d.o/security_tracker
index a49161782d..1275353307 100644
--- a/doc/security-team.d.o/security_tracker
+++ b/doc/security-team.d.o/security_tracker
@@ -298,7 +298,7 @@ and marks other distributions that still contain the package automagically
 as unfixed.  For example, if libxml is in oldstable, but not stable or
 unstable, then:
 
-	- libxml <removed>
+        - libxml <removed>
 
 will track oldstable as affected, but stable and unstable as `not-affected`.
 
@@ -311,18 +311,18 @@ checks after a new release.
 
 ### end-of-life packages
 
-In some rare cases (i.e. webprowsers) security support for some packages
+In some rare cases (i.e. webbrowsers) security support for some packages
 needed to be stopped before the end of the regular security maintenance
 life cycle.
 
 Packages which are not anymore supported by the security team in a
-(old-stable release are marked with the end-of-life tag:
+(old-)stable release are marked with the end-of-life tag:
 
     CVE-2011-3973 (cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 ...)
-	{DSA-2336-1}
-	- libav 4:0.7.1-7 (bug #641478)
-	- ffmpeg <removed>
-	- ffmpeg-debian <end-of-life>
+        {DSA-2336-1}
+        - libav 4:0.7.1-7 (bug #641478)
+        - ffmpeg <removed>
+        - ffmpeg-debian <end-of-life>
 
 
 #### <a id="NoteTodo">`NOTE` and `TODO` entries</a>
@@ -333,7 +333,7 @@ time. These entries can have their TODO line changed to something
 descriptive so that it is clear what remains to be done. For example:
 
     CVE-2005-3990 (Directory traversal vulnerability in FastJar 0.93 allows remote ...)
-	TODO: check, whether fastjar from the gcc source packages is affected
+        TODO: check, whether fastjar from the gcc source packages is affected
 
 If you are not sure about some decision (e.g. which package is affected) or
 triaging (e.g. bug severity) you can leave a TODO note for reviewing, 
@@ -366,36 +366,36 @@ assess these levels.
 
 **unimportant**: This problem does not affect the Debian binary package, e.g.
              a vulnerable source file, which is not built, a vulnerable file
-	     in `doc/foo/examples/`, PHP Safe mode bugs, path disclosure (doesn't
-	     matter on Debian).
-	     All "non-issues in practice" fall also into this category, like
-	     issues only "exploitable" if the code in question is setuid root,
-	     exploits which only work if someone already has administrative
-	     privileges or similar.
+             in `doc/foo/examples/`, PHP Safe mode bugs, path disclosure (doesn't
+             matter on Debian).
+             All "non-issues in practice" fall also into this category, like
+             issues only "exploitable" if the code in question is setuid root,
+             exploits which only work if someone already has administrative
+             privileges or similar.
 
 **low**    : A security problem, which has only mild security implications
              (local DoS, `/tmp` file races and so on).
 
 **medium** : For anything which permits code execution after user interaction.
-	     Local privilege escalation vulnerabilities are in this category as
-	     well, or remote privilege escalation if it's constrained to the
-	     application (i.e. no shell access to the underlying system, such
-	     as simple cross-site scripting). Most remote DoS vulnerabilities
-	     fall into this category, too.
+             Local privilege escalation vulnerabilities are in this category as
+             well, or remote privilege escalation if it's constrained to the
+             application (i.e. no shell access to the underlying system, such
+             as simple cross-site scripting). Most remote DoS vulnerabilities
+             fall into this category, too.
 
 **high**   : A typical, exploitable security problem, which you'll really
              like to fix or at least implement a workaround. This could
              be because the vulnerable code is very broadly used, because
              an exploit is in the wild or because the attack vector is
              very wide. 
-	     Should be put into that category anything that permits an attacker
-	     to execute arbitrary code on the vulnerable system (with or
-	     without root privileges) and high-impact denial-of-service bugs
-	     (for instance, an IPv4 forwarding path vulnerability which
-	     requires only very few packets to exploit).
-	     Significant defects in security software can be rated "high" as
-	     well (for instance, a vulnerability in a piece of cryptographic
-	     software which flags forged digital signatures as genuine).
+             Should be put into that category anything that permits an attacker
+             to execute arbitrary code on the vulnerable system (with or
+             without root privileges) and high-impact denial-of-service bugs
+             (for instance, an IPv4 forwarding path vulnerability which
+             requires only very few packets to exploit).
+             Significant defects in security software can be rated "high" as
+             well (for instance, a vulnerability in a piece of cryptographic
+             software which flags forged digital signatures as genuine).
 
 Certain packages may get higher or lower rating than usual, based on
 their importance.
@@ -408,8 +408,8 @@ To request a CVE for public issues, you can
 In the meantime, you can add an entry of the form
 
     CVE-2009-XXXX [optipng array overflow]
-	- optipng 0.6.2.1-1 (low)
-	NOTE: http://secunia.com/advisories/34035/
+        - optipng 0.6.2.1-1 (low)
+        NOTE: http://secunia.com/advisories/34035/
 
 It is desirable to include references
 which uniquely identify the issue, such as a permanent link to an
@@ -496,7 +496,7 @@ team. This information is used to derive information about the state
 of security problems for the stable and oldstable distribution. An
 entry for a DSA looks like this:
 
-[21 Nov 2005] DSA-903-1 unzip - race condition
+    [21 Nov 2005] DSA-903-1 unzip - race condition
         {CVE-2005-2475}
         [woody] - unzip 5.50-1woody4
         [sarge] - unzip 5.52-1sarge2