Wednesday, August 20, 2014

BSD News 18/08/2014

Releases: DragonFly BSD
Other News: LibreSSL, Haswell, g2k14, BSDnow, ZFS


Releases

DragonFly 3.8.2 images uploaded 

DragonFly 3.8.2 images are uploaded now to the main site.  Check the 3.8.2 changelog if you didn’t before.  This is a recommended upgrade for the newer OpenSSL, and should otherwise have little impact on the programs you have installed.

Other news

LibreSSL: openssl fixes backport 

Some fixes from OpenSSL 1.0.1i have been backported to 5.5 and 5.4. See http://www.openbsd.org/errata55.html

 VPN, My Dear Watson | BSD Now 50 

It's our 50th episode, and we're going to show you how to protect your internet traffic with a BSD-based VPN. We'll also be talking to Robert Watson, of the FreeBSD core team, about security research, exploit mitigation and a whole lot more. The latest news and answers to all of your emails, on BSD Now - the place to B.. SD. 

HardenedBSD: New Site

Welcome to HardenedBSD! This project aims to provide security enhancements to the FreeBSD project. We plan to upstream most, if not all, our projects. As this site is new, please expect changes and occasional downtime.


Interesting articles
Unix: Gaining network insights with tcpdump
BSDCan Trip Report: Baptiste Daroussin
Simple ZFS Backup Script

Code stuff
Haswell GPU support in DragonFly
g2k14: Antoine Jacoutot on GNOME, rc(8) and /etc cleanup
mandoc 1.13.1 Released 
In Other BSDs for 2014/08/16

Tuesday, August 12, 2014

BSD News 11/08/2014

Last week in BSD
Releases: GhostBSD, FreeNAS
Other new: Unix, OpenBSD, LibreSSL, BSDCan, FreeBSD, ZFS, BSDnow,NetBSD, FreeBSD Foundation, FreeBSD Journal

Releases

GhostBSD 4.0 RC 1 now available

The GhostBSD team is pleased to announce the availability the fist RC build of the 4.0-RELEASE release cycle which is available on SourceForge for the amd64 and i386 architectures.

FreeNAS 9.2.1.7 Now Available

Appended are the release notes for 9.2.1.7. We encourage all existing 9.2.1.x users to upgrade. Thanks!
- The FreeNAS Development Team
  •    Samba updated to 4.1.11. This addresses http://www.samba.org/samba/security/CVE-2014-3560
  •    Increase performance of Directory Copy from CIFS
  •    Add support for the None Cipher in SSH. This can be used to improve replication performance at the expense of sending your data over the wire in cleartext. (Think private 10Gbe interlink)
  •    Resolve issue with vlan interface locking that could cause a kernel panic when creating a number of VLAN interfaces.
  •    Add support for compressing replication jobs with lz4

Other news

LibreSSL 2.0.4 released 
LibreSSL 2.0.5 released   

We have released LibreSSL 2.0.5, which should be arriving in the LibreSSL directory of an OpenBSD mirror near you. This version forward-ports security fixes from OpenSSL 1.0.1i, including fixes for the following CVEs: CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 (partially vulnerable) CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 LibreSSL 2.0.4 was not found vulnerable to the following CVEs: CVE-2014-5139 CVE-2014-3512 CVE-2014-3505 We welcome feedback and support from the community as we continue to work on LibreSSL.

OpenBSD product distribution will move 

After many years of faithfully serving the OpenBSD community, Austin Hook (austin@) will be retiring from mailing you your delicious Puffy-flavored merch. As such, the old stock (CDs, tshirts, baby mulchers) will become unavailable. Order now before they go extinct!

Keep your FreeBSD install secure 

This article by twisteddaemon shows you how to keep your FreeBSD install secure in 5 different ways. FreeBSD installed. Your Next Five Moves Should be….. The answer to the question in the title is not to break it.  Although that can very will be number six.  Instead make these next five changes to secure it.  […]

[08/05/2014] Simple ZFS Backup Script 

ZFS is a powerful filesystem that helps to maintain integrity by avoiding data corruption. A useful feature of ZFS is its ability to clone filesystems. Creating snapshots allows for filesystems to be cloned and restored if anything happens to the original data. ...

The PC-BSD Tour | BSD Now 49 
 Coming up this week on the show, we've got something special for you! We'll be giving you an in-depth look at all of the graphical PC-BSD utilities. That's right, BSD doesn't have to be command line only anymore! There's also the usual round of answers to your emails and all the latest headlines, on BSD Now - the place to B.. SD.

July/August Issue of The FreeBSD Journal Now Available   

The fourth issue of the online FreeBSD Journal is now available! The issue is all about FreeBSD and Virtualization and includes topics such as FreeBSD on Amazon's EC2, and FreeBSD's own native virtualization system, bhyve. Plus, you'll find pieces on Xen, the USE Method, and more. The FreeBSD Journal is available at the Apple, Google, and Kindle stores at $19.99/year for six (6) issues or $6.99 for a single issue. Not a subscriber? Find out more and subscribe today!

Code stuff
phessler: emergency g2k14 hackathon 
OpenBSD dhcp reliability erratum  
drm/i915 support update 
In Other BSDs for 2014/08/09 

Interesting articles
Facebook Seeks Devs To Make Linux Network Stack As Good As FreeBSD's
BSDCan Trip Report: Mark Linimon
Unix: Top networking commands and what they tell you 
An Internet-Ready OS From Scratch in a Week — Rump Kernels on Bare Metal
Keeping freebsd up to date

Tuesday, August 5, 2014

BSD News 04/08/2014

Last week in BSD
Releases: None
Other news: BSDTalk, g2k14, Unix, EuroBSDCon, FreeBSD Foundation, BSDnow, Rust, DragonFly BSD, BSDSec, ZFS


Other news

Announcing BSDSec.net 

I would like to announce the little hobby project I've been working for some time now: BSDSec.net: "deadsimple BSD Security Advisories and Announcements"


bsdtalk243 – mandoc with Ingo Schwarze

 Interview about mandoc with Ingo Schwarze.  The project webpage describes mandoc as "a suite of tools compiling mdoc, the roff macro language of choice for BSD manual pages, and man, the predominant historical language for UNIX manuals."

Recorded at BSDCan 2014.

File Info: 16Min, 8MB.

Ogg Link: http://cis01.uma.edu/~wbackman/bsdtalk/bsdtalk243.ogg

EuroBSDCon 2014 Registrations Open 

Registration has recently opened for EuroBSDCon 2014. Hurry now as the early-bird special ends on August 18, and late registration goes until September 12. EuroBSDcon is the premier European conference on the open source BSD operating systems attracting about 250 highly skilled engineering professionals, software developers, computer science students and professors, and users from all […]

Foundation is Accepting Travel Grant Applications for EuroBSDCon 2014 

The FreeBSD Foundation will be providing a limited number of travel grants to individuals requesting assistance. Please fill out and submit  the Travel Grant Request Application at http://www.freebsdfoundation.org/documents/TravelRequestForm.pdf by August 15th, 2014 to apply for this grant.

Liberating SSL | BSD Now 48


Coming up in this week's episode, we'll be talking with one of OpenBSD's newest developers - Brent Cook - about the portable version of LibreSSL and how it's developed. We've also got some important information about the FreeBSD port of LibreSSL. The latest news and your emails, on BSD Now - the place to B.. SD. 

July 2014 Semi-Annual Newsletter is Now Available 

We're excited to announce the publication of the latest semi-annual newsletter. From the new online Journal to the most recent conference reports and project updates, be sure to check out what we've accomplished in the past 6 months.


Code stuff
g2k14: Andrew Fresh on Programming Perl 
g2k14: Christian Weisgerber on Package Building without sudo 
g2k14: Ted Unangst on the Art of the Tedu 
Call for Testers: radeondrm(4) updates
Rust ported to DragonFly 
In Other BSDs for 2014/08/02

Interesting articles
Unix: Controlling privileged access 
Hammer and mirrored disks 
Using ifstated to monitor links and dynamically adjust PF config on event 
Using the xdev target with qemu-user-static on #FreeBSD 
Five Things to Know About pfSense 
Receive Side Scaling: figuring out how to handle IP fragments 
Simple ZFS Backup Script

Thursday, July 31, 2014

Announcing BSDSec.net

Hi there guys, 

I would like to announce the little hobby project I've been working for some time now: BSDSec.net 



It's very-alfa but let's talk about why and so.



Prelude: 

I might be administrator of more BSD-based systems. I want to check fresh Security Advisories (SA) and Announcements (A) very often.

How I do it now:

1. I might be checking Websites of single BSD projects for latest SA and A.
2. I might have subscribed to mailing lists of those BSD projects.
3. I might be checking twitter or other media (IRC as well)


Problem:

As you might imagine, all of them might bring some non-comfort. I might miss emails, be lazy to check more websites (some might have not be nice to my eyes) and so on. I am human, anyway. I would like to have some easy way.

Wanna-be Solution

BSDSec.net



As title says, website want to be "deadsimple BSD Security Advisories and Announcements"

Current status:

SA and A from: OpenBSD, FreeBSD, NetBSD.
DragonFly BSD doesn't seems to have any platform for SA. Need to check the rest. 

I take SA and A, and publish them on BSDSec.net website. Aim for website is to be very simple,  intuitive and mobile-whatever frendly. Tags are available for better search (in case you want only FreeBSD). I also publish on Twitter. Discussion is available via Reddit.

All process is done by my application, so I do not need to do anything.

How it works?

App is open-source, built with Ruby on Rails.  I will write details in my next post, as well with how-to on contributing and so. I have few ideas and anyone is welcome to join me and make this app better!

Any criticism very welcome!
Do criticise, please! 

(And share if you find this useful.)

Thanks,
Jan Hovancik, blogger at DiscoverBSD.com 



Monday, July 28, 2014

BSD News 28/07/2014

Last week in BSD
Releases: none
Other news: Unix, OpenBSD, FreeBSD, DragonFly BSD, LibreSSL, FreeBSD Foundation, BSDnow, pkg, freeNAS, g2k14


Releases

seems like none


Other news

Hibernating to Encrypted softraid(4) Now Supported

With this commit, Mike Larkin (mlarkin@) has added support for hibernating to encrypted softraid(4) devices. This is what he had to say when asked about it:
After RLE support (which went in in Slovenia), the next thing on the list to tackle was softraid crypto. Theo provided the initial idea on how to get the block transforms and crypto bits working over lunch one day in Slovenia and after about three or four days of on-and-off hacking this week, we had it working. Read more...

USB tethering on DragonFly 

Tethering now works via the urndis(4) device, from a patch contributed by Sascha Wildner/tested by Yellow Rabbit.

LibreSSL 2.0.3 Released

Bob Beck (beck@) has announced the release of LibreSSL 2.0.3:
We have released an update, LibreSSL 2.0.3 - which should
be arriving in the LibreSSL directory of an OpenBSD mirror near
you very soon. 
                                                                                
This release includes a number of portability fixes based on the
the feedback we have received from the community. It also includes
some improvements to the fork detection support. 
                                                                                
As noted before, we welcome feedback from the broader community.                
                                                                                
Enjoy,                                                                          
                                                                                
-Bob 
Minimalist HTTP Daemon Activated in Base
 
Reyk Flöter (reyk@) recently committed the rc(8) glue to make his forked-from-relayd http server usable:
CVSROOT: /cvs
Module name: src
Changes by: reyk@cvs.openbsd.org 2014/07/22 11:37:16

Modified files:
 usr.sbin       : Makefile 
 etc            : Makefile changelist rc.conf 
Added files:
 etc/rc.d       : httpd 

Log message:
Enable httpd(8) in the builds to get more testing, feedback and
improvements.  It is not "finished" but serves static files.

ok deraadt@
Read more... 

FreeBSD: April-June, 2014 Status Report

The April-June, 2014 Status Report is now available with 24 entries.

DES Challenge IV | BSD Now 47


Coming up this week on the show!
We've got an interview with Dag-Erling Smørgrav, the current security officer of FreeBSD, to discuss what exactly being in such an important position is like.
The latest news, answers to your emails and even some LibreSSL drama, on BSD Now - the place to B.. SD.

rcreload in DragonFly 

Thanks to Zachary Crownover, rcreload is available in DragonFly.  (It’s always good to see a new contributor name.)

pkg 1.3.0 out

So much has happened that it is hard to summarize so I’ll try to highlight the
major points:
- New solver, now pkg has a real SAT solver able to automatically handle
conflicts and dynamically discover them. (yes pkg set -o is deprecated now)
- pkg install now able to install local files as well and resolve their
dependencies from the remote repositories
- Lots of parts of the code has been sandboxed
- Lots of rework to improve portability
- Package installation process has been reworked to be safer and handle properly
the schg flags
- Important modification of the locking system for finer grain locks
- Massive usage of libucl
- Simplification of the API
- Lots of improvements on the UI to provide a better user experience.
- Lots of improvements in multi repository mode
- pkg audit code has been moved into the library
- pkg -o A=B that will overwrite configuration file from cli
- The ui now support long options
- The unicity of a package is not anymore origin
- Tons of bug fixes
- Tons of behaviours fixes
- Way more!

How to Upgrade FreeNAS 9.2.x 

This short tutorial by the FreeNAS team will show you how to upgrade any version of FreeNAS 9.2.x to the latest version. Check out more video tutorials from the FreeNAS channel at https://www.youtube.com/user/FreeNASTeam How to Upgrade FreeNAS 9.2.x was originally posted on FreeBSD News.

Linux, FreeBSD servers infected to run like Windows bot

A malware with the code name “Mayhem” has recently been found infecting Linux and FreeBSD servers throughout the world. Malware dubbed Mayhem is spreading through Linux and FreeBSD web servers, researchers say. The software nasty uses a grab bag of plugins to cause mischief, and infects systems that are not up to date with security […]

Interesting articles
Unix: Knowing your memory commands
Application awareness of receive side scaling (RSS) on FreeBSD  
Interview: Brent Cook Talks About Porting LibreSSL 

Code stuff
g2k14: Landry Breuil on Taming Mozilla 

g2k14: Matthieu Herrb on Bringing X Forward 

g2k14: Ingo Schwarze on manly stuff 
g2k14: Florian Obser in IPv6 land 
g2k14: Stefan Sperling on wireless drivers 
g2k14: Ken Westerback on DHCP and dump(8) 

mrsas(4) made default for Thunderbolt RAID  
In Other BSDs for 2014/07/26