DiscoverBSD update

Maybe you have noticed, that there has not been any DiscoverBSD News for some time now. Reason is very simple:  I'm getting more and more busy.

Bot no worries, BSDSec.net is still up, and I am trying to keep posting on social media. Other stuff is on as well.



Thanks,
Jan


BSD News 05/09/2016

BSD News 05/09/2016

Last week in BSD

Releases: DesktopBSD, HardenedBSD, OPNsense, GhostBSD, OpenBSD
Other news: OpenBSD, BSDnow, ZFS, Let's Encrypt, g2k16, DragonFlyBSD,

BSDSec


Releases

DesktopBSD-2.0 Gnome test version

We are pleased to announce that DesktopBSD-2.0 Gnome test version is available,  more flavours will come soon.

Based on FreeBSD-10.3 amd64, mainly because UEFI is supported by FreeBSD only for amd64 architecture.

Before burning the ISO to a DVD, please check the md5 or sha256 of the downloaded ISO against those  from our repo

DesktopBSD ISOs are hybrid, UEFI enabled, and can be written to USB sticks using the 'dd' command:
dd if=DESKTOPBSD-2.0-FBSD-20160903-152502-gnome-amd64.iso of=/dev/daN bs=1M conv=sync

(where /dev/daN is your's usb stick)
Bsdstats is included as in DesktopBSD-1.7 Release, so DesktopBSD will be counted in www.bsdstats.org.
Bsdstats can be launched or is launched from console using bsdstats.send, via rc.conf or via cron from /usr/local/etc/poeriodic/monthly/300.statistics.

We have included tools to:
  • Connect to desktopbsd irc channel to get help using desktopbsd-irc
  • Open bugtracker page in forums using desktopbsd-bug-report
  • Get system information using inxi scripts ported from linux

Inxi can be run from console, terminal and even under irc client to send informations in irc channel directly.
desktopbsd-irc plus inxi are great tools to help users in #desktopbsd channel.

ISOs are installable using gbi (GhostBSD Installer) and includes another GhostBSD tools.
Please notice that Eric Turgeon ( GhostBSD founder and developer ) is also in our's dev team.
 
Please test and send bugs using desktopbsd-bug-report to be able to fix them.

To enable desktop icons on desktop please run dconf-editor and go to org.gnome.desktop.background and check show-desktop-icons. (desktop icons are not enabled by default due to a gnome bug)

We'll use for support www.desktopbsd.weebly.com website, desktopbsd.boards.net forum and #desktopbsd irc channel on irc.freenode.server.


New stable version: HardenedBSD-stable 11-STABLE v46.2

HardenedBSD-11-STABLE-v46.2 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...
Installers: http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...
Git repo: https://github.com/HardenedBSD/hardenedBSD-stable.git
Highlights:
libarchive update (CVE fixes, FreeBSD SA candidate)
sqlite update (CVE fixes, FreeBSD SA candidate)

OPNsense 16.7.3 released

Patch notes:
  • system: allow selection of secondary console
  • system: added EFI as a console option
  • system: fixed status display of tiered gateway groups
  • system: allow to configure sudo usage for administrators
  • system: package manager can no longer uninstall the GUI package (marked as “vital”)
  • system: also beep on factory reset
  • system: added opnsense-code command line utility
  • interfaces: do not store packet captures in /root
  • interfaces: sort interface listings by name only
  • interfaces: do not prevent configuring an IP used by the PPTP and L2TP plugins
  • firewall: add normalisation options for source port and direction
  • firewall: improved parsing of alias input
  • firewall: fixed nesting of aliases with underscores in their names
  • openvpn: fix script mismatch on export page
  • openvpn: added reneg-sec option to server to allow persistent TOTP sessions
  • openvpn: added option to prevent usage of username-as-common-name
  • services: fix WOL widget link
  • services: aligned backend calls of DNS and DHCP
  • services: fix writing of DNS resolver host entries
  • services: simplify configuring of DNS resolver listening addresses
  • services: allow proxy to match against SSL URLs only (contributed by Fabio Mello)
  • lang: updated Source Sans Pro font to improve the cyrillic experience
  • lang: Italian is now a release language (contributed by Antonio Prado)
  • lang: minor updates for Russian (contributed by Smart-Soft Ltd.)
  • lang: minor updates for German and French
  • ports: haproxy 1.6.8[1], php 5.6.25[2], sqlite 3.14.1[3]
  • ports: openvpn 2.3.12[4], libxml 2.9.4[5]

GhostBSD 10.3 Enoch Finally Available

After a year of development, testing and debugging we are pleased to announce the release of GhostBSD 10.3 MATE & XFCE which is available on SourceForge and torrents for the amd64 and i386 architectures.
What's new in GhostBSD 10.3
  • ZFS support
  • UEFI support
  • Installer custom partition creation subjection
  • VirtualBox support get setup at boot time if needed.
  • 4k partition alignment by default
  • GhostBSD Software will be updated Quarterly which will bring more stability to GhostBSD still user will be able to change it to latest to have the latest software update.
What changed in GhostBSD 10.3
  • The installer partition editor UI and partitioning have been improved
  • VirtualBox additions would be uninstall after installer if it is not runnig in a VirtualBox
  • Slim is replacing GDM.
  • Networkmgr display the full SSID
  • Replaced the HTML/CSS installation slide with a GTK/CSS the slide.
What has been fix.
  • Networkmgr SSID list
  • VirtualBox supports
  • Installer MBR partition issue
  • Some installer text error
  • Keyboard layout after installation with MATE
  • Network Manager slowness to open the menu
  • Network Manager icon tray crash
  • Localtime time as been fix
  • Fix boot partition for GPT to supports freebsd-boot, bios-boot and efi
  • System Update duplicating the whole install under /boot/kernel.old
  • sudo configuration
  • Wifi down by default
  • Locales are not correctly set up on installation
Where to download:
The image checksum's, hybrid ISO(DVD, USB) images are available here:
http://www.ghostbsd.org/download


OpenBSD 6.0 released

September 1st, 2016: The OpenBSD team announces the availability of 6.0!
We are pleased to announce the official release of OpenBSD 6.0.
This is our 40th release on CD-ROM (and 41st via FTP/HTTP).  We remain
proud of OpenBSD's record of more than twenty years with only two remote
holes in the default install.

As in our previous releases, 6.0 provides significant improvements,
including new features, in nearly all areas of the system:
Read more...

News

ZFS, The “Universal” Filesystem | BSD Now 157

This week on BSDNow, we have an interview with Richard Yao, who will be telling us about the experience & challenges of porting ZFS to Linux. That plus the latest news & feedback is coming your way, on your place to B….SD!

Let's Encrypt client imported into -current

Kristaps Dzonsons' Let's Encrypt client, letskencrypt, has been imported into OpenBSD-current as acme-client.
letskencrypt, which has previously been available as a port, is a privilege-separated Let's Encrypt (ACME protocol) client written in C.


Code stuff


Interesting articles


BSD News 29/08/2016

BSD News 29/08/2016

Last week in BSD

Releases: FreeBSD, pfSense
Other news: BSDNow, OpenBSD


BSDSec

there seems to be none SA

Releases

FreeBSD 11.0-RC2 Available

The second RC build for the FreeBSD 11.0 release cycle is now available. ISO images for the amd64, armv6, i386, aarch64, powerpc, powerpc64 and sparc64 architectures are available on most of our FreeBSD mirror sites.

2.4 pre-alpha snapshots now available.

pfSense® software version 2.4 pre-alpha snapshots are now available.
pfSense 2.4 will use FreeBSD 11 as a base, and 11.0-RELEASE has not yet occurred.  There will be additional work to use 11.0-RELEASE as a base.
More work at “reduction of technical debt” is occurring in 2.4.  We have decided to not carry forward the kernel patches for Captive Portal.  Instead, it is being re-written to use stock IPFW.  That work is only about 75% complete.  Simultaneously, work is occurring to convert several subsystems (e.g. radius) to use the PEAR equivalents:
There appears to be a bug in pf (likely due to the interaction of one of our patches).  This only manifests under high usage.
New features and changes are listed here.
Full change list:
source and build tools
ports
FreeBSD source
Outstanding bugs/features/todo items:
Everything else
We advise that you do not use this on a production system yet. If you have the time and interest, we encourage you to try this on a scratch system or VM and provide feedback for any issues you find.

News

The Fresh BSD experience | BSD Now 156

This week on BSDNow, Allan is back from his UK trip & we’ll get to hear his thoughts on the developer summit. That plus all the latest news & an interview with Drew Gurkowski discussing tutorial writing for FreeBSD. Keep it tuned to your place to B...SD!

Code stuff

BSD News 22/08/2016

BSD News 22/08/2016

Last week in BSD

Releases: OPNsense, HardenedBSD
Other news:HardenedBSD, BSDnow, NetBSD, DragonFly BSD, FreeBSD,

BSDSec

seems to be none warnings

Releases

OPNsense 16.7.2 released

  • src: revert fix ICMP translation in pf
  • src: better handle unknown options received from a DHCP server
  • src: void using spin locks for channel message locks
  • src: enable INQUIRY result check only on Windows 10 host systems
  • src: register time counter early enough for TSC freq calibration
  • src: disable incorrect callout in hv_storvsc(4)
  • src: better handle the GPADL setup failure in Hyper-V
  • src: fix SCSI INQUIRY checks and error handling
  • ports: lighttpd 1.4.41, strongswan 5.5.0, curl 7.50.1
  • ports: ca_root_nss 3.26, openssh 7.3p1
  • ports: enabled LDAP SASL bindings
  • system: remove source maps to prevent further Chrome breakage during API calls
  • system: switch to individual registration of PHP extensions
  • system: added UO field to CSR
  • interfaces: properly remove PPPoE server from list of firewall interfaces when deactivated
  • interfaces: extended logging for 4G modems
  • interfaces: correct download of large packet captures
  • interfaces: add lacp_fast_timeout flag support for LAGG
  • interfaces: fix clearing the DHCP config file when override file is gone
  • interfaces: improve dmesg probe on interface listing (contributed by Per von Zweigbergk)
  • firewall: double-check file availability after alias URL download
  • services: corrected DNS forwarder settings save in mobile layout
  • dashboard: fix gateway widget status text update
  • plugins: corrected firewall interface usage for multi-point VPNs
  • vpn: removed the stale OpenVPN windows installer binaries
  • vpn: default to IPsec main mode
  • lang: assorted translation fixes (contributed by Fabian Franz and Antonio Prado)
  • lang: translation updates for Chinese, French, German and Japanese


New stable version: HardenedBSD-stable 10-STABLE v46.9

HardenedBSD-10-STABLE-v46.9 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...
Oliver Pinter (2):
HBSD: fix build error after kib's 8ef9c6fc5bcfe1b606229a8da024f76b2d5048c1 commit
HBSD: fix build error after kib's 8ef9c6fc5bcfe1b606229a8da024f76b2d5048c1 commit - part 2.
Shawn Webb (1):
HBSD: Temporarily disable PIE with the stdlib ATF tests.

News

Cabling up FreeBSD | BSD Now 155

This week on BSDNow, Allan is away in the UK for BSDCam, but we still have a full episode for you! Don’t miss our interview with Myke Geiger talking about using FreeBSD in the ISP environment & the latest news, here on your place to B...SD!

Code stuff


Interesting articles


BSD News 15/08/2016

BSD News 15/08/2016

Last week in BSD

Releases: GhostBSD
Other news: OPNsense, HardenedBSD, OpenBSD, Linux, BSDnow, n2k16, Wallpaper, DragonFlyBSD

BSDSec



Releases

GhostBSD 10.3 RC1 is ready for testing

This first RC release is ready for testing new feature in GhostBSD 10.3, MATE and XFCE is available on SourceForge for the i386, amd64, and amd64-uefi architectures.
Language Undefined

News

New Core Team Member

The OPNsense project is growing rapidly and it’s with great pleasure that the OPNsense core team may announce that our team will be strengthened with Shawn Webb. Shawn has already  been doing lots of great work and his formal membership is seen as a logical step forward by all of us.
Shawn Webb Over the past year, I have had the wonderful experience of working with the OPNsense core team in porting over HardenedBSD’s robust ASLR
implementation. It is with pleasure and humility that I have accepted their invitation to join the core team. My overarching goal will be to port the main features of HardenedBSD to OPNsense.
Address Space Layout Randomization, or ASLR for short, is an exploit mitigation technology that aims to make certain kinds of vulnerabilities
harder to successfully exploit. In order to fully apply ASLR, applications must be compiled as a Position-Independent Executable (PIE). In the short term, my next goal is to enable PIE fully across OPNsense’s ports tree. I’m using HardenedBSD’s ports tree and package building infrastructure as a test bed prior to importing into OPNsense.
OPNsense is investigating migrating to 11.0-RELEASE for its 17.1 release. The Virtual Memory (VM) subsystem has changed drastically between FreeBSD 10 and FreeBSD 11. Since ASLR deals with the VM subsystem, extreme care must be taken in the update of the codebase from FreeBSD 10.3 to 11.0. I will assist in those efforts by freshly porting over the ASLR implementation from HardenedBSD 11.0 to OPNsense’s FreeBSD 11.0 codebase.
I look forward to being a part of the OPNsense core team. The coordination between HardenedBSD and OPNsense will bring a more solid
foundation on which home users and enterprises alike can build secure and scalable networks.

OpenBSD tmpfs on its last legs

As a result of apparent lack of maintenance, Theo de Raadt has disabled tmpfs.

CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2016/07/25 13:52:56

Modified files:
 sys/conf       : GENERIC 

Log message:
disable tmpfs because it receives zero maintainance.

You probably didn’t use this anyway

The last bits of Linux emulation have been removed from DragonFly.  It’s 32-bit, so it’s been unsupported since DragonFly went to 64-bit only with the 4.0 release.  Also, some other 32-bit only items are gone, including the cs, ep, ex, fe, and vx network drivers.  It’s almost impossible that anyone was using it, but it’s notable because that’s some… 15-20k lines of code gone?  Removal of unused code is also positive.

Myths, Pi's & Features, oh my! | BSD Now 154

This week on BSDNow, we are taking a look at a few different tutorials, including running your very own RPi web-server. (Come-on, you know you’ve thought of it). Plus we have a GhostBSD tutorial, a look at a GitHub project to run Steam Linux on FreeBSD 11 & more!
You’ll want to stick-around for your place to B...SD!


Code stuff


Interesting articles