Tuesday, October 28, 2014

BSD News 27/10/2014

Last week in BSD
Releases: FreeBSD, PC-BSD
Other news:  FreeBSD, PC-BSD, BSDSec, BSDnow, OpenBSD, DragonFly BSD, EuroBSDCon, kde,


FreeBSD 10.1-RC3 Now Available 

Changes between 10.1-RC2 and 10.1-RC3 include:
  • Several fixes to the UDPLite protocol implementation.
  • The vt(4) driver has been updated to save and restore keyboard mode and LED states when switching windows.
  • Several fixes to the SCTP protocol implementation.
  • A potential race condition in obtaining a file pointer has been corrected.
  • Fix ZFS ZVOL deadlock and rename issues.
  • Restore libopie.so ABI compatibility with 10.0-RELEASE.
  • Removed the last vestige of MD5 password hashes.
  • Several rc(8) script updates and fixes.
  • bsdinstall(8) has been updated to allow selecting local_unbound in the default services to enable at first boot.
  • Prevent ZFS leaking pool free space.
  • Fix rtsold(8) remote buffer overflow vulnerability. [SA-14:20]
  • Fix routed(8) remote denial of service vulnerability. [SA-14:21]
  • Fix memory leak in sandboxed namei lookup. [SA-14:22]
  • OpenSSL has been updated to version 1.0.1j. [SA-14:23]
  • Fix an issue where a FreeBSD virtual machine provisioned in the Microsoft Azure service does not recognize the second attached disk on the system.
Pre-installed virtual machine images for 10.1-RC3 are also available for amd64 and i386 architectures.

PC-BSD 10.1-RC1 Released 

PC-BSD Notable Changes
* KDE 4.14.2
* GNOME 3.12.2
* Cinnamon 2.2.16
* Chromium 38.0.2125.104_1
* Firefox 33.0
* NVIDIA Driver 340.24
* Lumina desktop 0.7.0-beta
* Pkg 1.3.8_3
* New AppCafe HTML5 web/remote interface, for both desktop / server usage
* New CD-sized text-installer ISO files for TrueOS / server deployments
* New Centos 6.5 Linux emulation base
* New HostAP mode for Wifi GUI utilities
* Misc bug fixes and other stability improvements

OpenSSL errata Oct 20 
kernexec errata Oct 20 
errata patch to disble sslv3 
FreeBSD Security Advisory FreeBSD-SA-14:20.rtsold 
FreeBSD Security Advisory FreeBSD-SA-14:21.routed 
FreeBSD Security Advisory FreeBSD-SA-14:22.namei 
FreeBSD Security Advisory FreeBSD-SA-14:23.openssl

Other news

Don't Buy a Router | BSD Now 60 

This week on the show we're joined by Olivier Cochard-Labbé, the creator of both FreeNAS and the BSD Router Project! We'll be discussing what the BSD Router Project is, what it's for and where it's going. All this week's headlines and answers to viewer-submitted questions, on BSD Now - the place to B.. SD. 

The Book of PF 3rd ed Is Out, Win First Signed Copy by Donating to OpenBSD! 

As you may have heard elsewhere, The Book of PF is out in its third edition. Now author Peter Hansteen has received his author copies, and he has teamed up with the OpenBSD Foundation to auction off the first ever signed copy of the book.

More details are to be found over at Peter's blog, but the main item is that the first physical copy of the new edition ever touched by and subsequently signed by its author is up on an ebay auction where all proceeds will go to the OpenBSD Foundation. For unsuccessful bidders, Peter urges them to donate the amount of their highest bid to the OpenBSD Foundation.

Code stuff
 led(4) for you and me
 Clang support in DragonFly 
 In Other BSDs for 2014/10/25

Interesting articles
EuroBSDCon Trip Report: Bjoern Heidotting

Tuesday, October 21, 2014

BSD News 20/10/2014

Last week in BSD
Releases: JabirOS, FreeBSD
Other news: BSDSec, FreeBSD, Unix, LibreSSL, DragonFly BSD, OpenBSD, FreeBSD Foundation, pfSense, HardenedBSD


First beta release of #JabirOS 2.1 
  1. Based on FreeBSD 10.1’s codebase
  2. bsdinstall problems solved
  3. Used Jabir Project’s GENERIC configuration.
  4. based on JPPSL license
(JPPSL won’t be used anymore )

FreeBSD 10.1-RC2 Now Available   

The second RC build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

The image checksums follow are included in the original announcement email.

Changes between 10.1-RC1 and 10.1-RC2 include:
  • Fix XHCI driver for devices which have more than 15 physical root HUB ports.
  • Fix old iSCSI initiator to work with new CAM locking.
  • Fix page length reported for Block Limits VPD page.
  • Add QCOW v1 & v2 support to mkimg(1).

LibreSSL 2.1.0 released. 
LibreSSL 2.1.1 released. 
[FreeBSD-Announce] Reminder: FreeBSD 9.1 and 9.2 end-of-life approaching 

Other news

July–September, 2014 Status Report 

The July–September, 2014 Status Report is now available.

This report covers FreeBSD-related projects between July and September 2014. This is the third of four reports planned for 2014.
The third quarter of 2014 was another productive quarter for the FreeBSD project. A lot of work has been done on various ARM platforms, with the goal of bringing them to Tier 1 status in FreeBSD 11. The various ports teams have also worked hard to improve the state of FreeBSD as a desktop operating system. As usual, performance improvements feature in several places in this report and many of these can benefit from user benchmarking to validate our results.

faster pf 

As I’ve written elsewhere, we are starting to focus on performance in pfSense 2.2 and beyond.  The first project was to implement AES-GCM with AES-NI acceleration (on CPUs that support it) for IPSec.   This project was accomplished in partnership between the FreeBSD Foundation, ESF, and Netgate, and has been stable in pfSense 2.2 snapshots for several weeks.

BSDって聞いたことある? | BSD Now 59   

This week on the show we'll be talking with Hiroki Sato about the status of BSD in Japan. We also get to hear about how he got on the core team, and we just might find out why NetBSD is so popular over there! Answers to all your emails, the latest news, and even a brand new segment, on BSD Now - the place to B.. SD.

Interesting articles
Unix: Expiring passwords with chage
Hardening procfs and linprocfs 
MineOS (Minecraft) Plugin for FreeNAS 
FreeBSD 10.1 Is to Support Secure Boot Capabilities

Code stuff
OpenBSD Passes 300,000 Commits 
Pile of point upgrades 
A Sneak Peek at the Upcoming OpenBSD 5.6 Release
OpenSSH update and incompatibility 
ingo@ incorporates man into mandoc 
/dev/upmap and /dev/kpmap added 

Tuesday, October 14, 2014

BSD News 13/10/2014

Last Week in BSD
Releases: NetBSD, MidnightBSD
Other news: PC-BSD, NetBSD, mksh, LibreSSL, BSDNow


NetBSD 6.1.5 and 6.0.6 released 

The NetBSD Project is pleased to announce NetBSD 6.1.5, the fifth security/bugfix update of the NetBSD 6.1 release branch, and NetBSD 6.0.6, the sixth security/bugfix update of the NetBSD 6.0 release branch. They represent a selected subset of fixes deemed important for security or stability reasons, and if you are running a prior release of either branch, we strongly suggest that you update to one of these releases.
For more details, please see the NetBSD 6.1.5 release notes or NetBSD 6.0.6 release notes.
Complete source and binaries for NetBSD are available for download at many sites around the world. A list of download sites providing FTP, AnonCVS, SUP, and other services may be found at http://www.NetBSD.org/mirrors/.

#midnightbsd 0.5.2-RELEASE is available via SVN. It fixes a regression with #mksh R50c and includes R50d.  

Other news

mksh R50d released 

The last MirBSD Korn Shell update broke update-initramfs because I accidentally introduced a regression in field splitting while fixing other bugs – sorry!
mksh R50d was just released to fix that, and a small NULL pointer dereference found by Goodbox on IRC. Thanks to my employer tarent for a bit of time to work on it.

Behind the Masq | BSD Now 58 

LibreSSL 2.1.0 Released 
Bob Beck (beck@) has announced the release of LibreSSL 2.1.0:
We have released LibreSSL 2.1.0 - which should be arriving in the
LIbreSSL directory of an OpenBSD mirror near you very soon.

This release continues on with further work from after OpenBSD 5.6
code freeze. Our intention is to finalize LibreSSL 2.1 with OpenBSD

As noted before, we welcome feedback from the broader community.



Code stuff
Testers: CentOS 6.5 Emulation and New AppCafe 

Thursday, October 9, 2014

BSDSec now using SSL

Kind of.

I went with free SSL from CloudFlare. Right now it's only from your browser to CF, but I plan to add stuff to my server as well so everything is covered with SSL. I am going to make my own cert, not buying as it's pretty pricey. Consider that this is all my personal expense. (Any BSD hosting company willing to host Rails app for free as BSDSec sponsor?)

To be honest, I have no idea how am I gonna do it, as I use Ninefold and I don't have access to server, and I never did all that SSL stuff, but hey, I am gonna learn. Pretty sure there are bunch of tutorials.

And I'll also have something to blog about.

Tuesday, October 7, 2014

BSD News 06/10/2014

Last week in BSD
Releases: FreeNAS, GhostBSD, FreeBSD
Other news: bsd, freeNAS, OpenBSD, HardenedBSD, EuroBSDCon, FreeBSD, SSL, FreeBSD, NetBSD, FreeBSD Foundation, DiscoverBSD



The list of bugs fixed in can be found here. The release notes for
  • Fix bug where use of NONE cipher in replication erroneously reported an error on a successful replication.
  • Don’t enable lz4 compression on replication by default if upgrading from a pre- release.
  • Multiple kernel iSCSI / CTL improvements. This includes VMWare VAAI and Microsoft ODX acceleration support, improved performance and fixes for number of bugs. Kernel iSCSI can be activated by checking the experimental target checkbox under services -> iSCSI.
  • Improve performance of viewing snapshots when replication tasks are set up.
  • Allow binding CIFS to specific IPs.
  • Fix LDAP bind URL when using TLS.
  • Validate AD advanced settings. If the GC or DC are manually specified make sure they are reachable.
  • Set UNIX permissions when the Mac permissions radio button is selected. Netatalk does not play nicely with ACLs.
  • Fix a bug in the mail sending routines used by FreeNAS. With some mailserver configurations the To: address could’ve been set to root instead of the address specified in the root user.
  • Fix a bug that prevented the system from showing the replicated status of a snapshot if the remote path differed from the local path.
  • “Shellshock” security vulnerability in bash (which is not the system shell FreeNAS or FreeBSD) proactively closed.
  • GCC is no longer installed by default, clang is the default compiler.
  • make(1) has been replaced with bmake(1), obtained from the NetBSD Project.
  • pkg(7) is now the default package management utility.
  • pkg_add(1), pkg_delete(1), bxpkg and related tools have been removed.
  • Networkmgr is the default network manager.
  • Mate is the default Desktop.
  • 3 workstation to chose

FreeBSD 10.1-RC1 Now Available   

Changes between 10.1-BETA3 and 10.1-RC1 include:
  • A bug that would cause all processes to appear to have the parent PID of '1' has been fixed.
  • Various updates to bsdinstall(8) and bsdconfig(8).
  • The Hyper-V KVP (key-value pair) driver has been added, and enabled by default on amd64 and i386 architectures.

BSDSec September 2014 Security Advisories and Announcements 

[FreeBSD-Announce] FreeBSD CVSup network shutting down.
fix for nginx SSL session reuse 
Announcing the pkgsrc-2014Q3 Release 

BSD Releases September 2014 

Other news

OpenBSDs EuroBSDCon 2014 Papers Online

 OpenBSD 5.6 Pre-Orders Available

OpenBSD 5.6 CD sets are available for pre-order
Be the first kid on your block to serve up man pages in a brand-spanking-new httpd(8)!

The Daemon's Apprentice | BSD Now 57 

We're back from EuroBSDCon! This week we'll be talking with Steve Wills about mentoring new BSD developers. If you've ever considered becoming a developer or helping out, it's actually really easy to get involved. We've also got all the BSD news for the week and answers to your emails, on BSD Now - the place to B.. SD.

FreeBSD Foundation and Cavium Inc. Collaborate on FreeBSD ARMv8 Based Implementation 

The FreeBSD Foundation is pleased to announce a collaboration with Cavium Inc. to  develop and deliver the first ARMv8 reference design and implementation of the FreeBSD Operating System based on the ThunderX™ workload optimized processor family.  Find out more at here

Code stuff
EuroBSDCon and ARM
UDP improvements
DragonFlyBSD Powersaving tips 
mksh R50c released, security fix 
In Other BSDs for 2014/10/04

Interesting Articles
bsdtalk245 - Looking for a new /home 

Introducing ASLR In FreeBSD 
Installing MySQL on FreeBSD 
Installing tomcat7 on FreeBSD 
A Sneak Peek at the Upcoming OpenBSD 5.6 Release
NetBSD developer summit at EuroBSDCon 2014 in Sofia 
Package building without sudo (part 2) 
Unix: The aftershock of shellshock