*** empty log message ***
diff --git a/policy_2011.php b/policy_2011.php
index 4022d1a..4b6d57a 100755
--- a/policy_2011.php
+++ b/policy_2011.php
@@ -39,14 +39,19 @@
Policy should at all times be interpreted in a manner that is
consistent with the Purposes of the Eclipse Foundation as set forth
in the Eclipse Foundation Bylaws.</p>
- <p>
+ <p>The document uses the ISO 27005 definition of vulnerability:
+ "A weakness of an asset or group of assets that can be exploited
+ by one or more threats."
+ </p>
This document uses terms from the <a
- href="http://www.eclipse.org/projects/dev_process/development_process.php"
- class="external text"
- title="http://www.eclipse.org/projects/dev_process/development_process.php"
- rel="nofollow">Eclipse Development Process</a>.
+ href="http://www.eclipse.org/projects/dev_process/development_process.php"
+ class="external text"
+ title="http://www.eclipse.org/projects/dev_process/development_process.php"
+ rel="nofollow">Eclipse Development Process</a>.
</p>
+
<a name="Eclipse_Security_Team"></a>
+
<h2>Eclipse Security Team</h2>
<p>The Security Team is the first line of defense: it is effectively a
triage unit with security expertise. Ultimately, Vulnerabilities are
