BSD News 27/07/2015

BSD News 27/07/2015

Last week in BSD

Releases: FreeBSD, OPNSense
Other news: c2k15, OpenBSD, docker, zfs, FreeBSD, BSDSec, DragonFly BSD, BSDSec, OPNsense, NetBSD, OctoPkg, HardenedBSD

Please check Introducing BSDHistory article.
 

BSDSec



Releases

FreeBSD 10.2-RC1 Now Available

The first RC build of the 10.2-RELEASE cycle is now available.
Installation images are available for the amd64, i386, ia64, powerpc, powerpc64, and sparc64 architectures.
FreeBSD/arm SD card images are available for the BEAGLEBONE, CUBOX-HUMMINGBOARD, GUMSTIX, RPI-B, PANDABOARD, and WANDBOARD kernels.
FreeBSD 10.2-RC1 is also available on several third-party hosting providers.
See the PGP-signed announcement email for installation image checksums and more information.

OPNsense 15.7.4 Released

Here are the the full patch notes:
  • updated sudo 1.8.14p3 [1], pcre 8.37_2 [2], and FreeBSD 10.1-RELEASE-p15 [3]
  • firmware: fix upgrade when using opnsense-devel package
  • proxy: fix config write for multiple interfaces
  • crash reporter: raise PHP log level to warnings after an extensive cleanup
  • dashboard: made widgets translatable (contributed by Fabian Franz)
  • firewall logs: usability improvements (contributed by Fabian Franz)
  • languages: Simplified Chinsese 64% complete
  • languages: German 40% complete
  • menu: fixed navigation for PPPoE edit

Other news

BSD Gnow | BSD Now 99

This week we’ll be talking with Ryan Lortie and Baptiste Daroussin about GNOME on BSD. Upstream development is finally treating the BSDs as a first class citizen, so we’ll hear about how the recent porting efforts have been since.
Watch it here

HardenedBSD 11-CURRENT amd64 (x86-64) installers


Code stuff



Interesting Articles


Wallpaper of the week

 

from wallpapercave.com/w/QOUmkgJ

Introducing BSDHistory

Hi folks,

I am very happy to introduce #BSDHistory

 

What is it?

#BSDHistory is  kind of "a fact a day", "random fact" website, showing random facts from BSD History.
I guess the best thing you can do is to visit it and see for yourself:
  • minimal design
  • link to the source of the information
  • link to another random fact
  • link to add new fact
  • share to twitter funcionality
  • footer with some more info

 

You can add your own facts. 

Right now, there are 4 facts only, but no worries. Project is open-source and anyone can contribute.
I would be very happy to see people contributing facts, or making the page better. Obviously, the code can always be made better. I will be adding more stuff to the page.

So go ahead and share something by clicking on twitter icon... :)

If you're looking for more details how #BSDHistory was done, please visit my blog post here.

BSD News 20/07/2015

BSD News 20/07/2015

Last week in BSD

Releases: DragonFly BSD, OPNsense, FreeBSD
Other news: BSDnow, DragonFly BSD, Lumina Desktop, OpenBSD

Releases

DragonFly 4.2.3 released

There was a newer release of OpenSSL (1.0.1p) last week, so there’s a new revision of the DragonFly release – 4.2.3.  There’s little major change other than the security fix for OpenSSL.
Those readers who can count past 2 may notice that there wasn’t a 4.2.2.  We went straight from 4.2.1 to 4.2.3.   That’s my fault.  I screwed up tagging and Git doesn’t like repeated, deleted tags.

OPNsense 15.7.3 Released

The full list of changes are as follows:
  • php56 5.6.11 [1], pkg 1.5.5 [2], ca_root_nss 3.19.2, phalcon 2.0.5 [3], isc-dhcp42-server 4.2.8_1 [4]
  • backup: fix infinite reboot loop on interface mismatch
  • firmware: show locally installed packages
  • firmware: reboot dialog now responsively redirects when the system is back up
  • dashboard: upgrade link now directly launches into the firmware upgrade
  • dashboard: added a system log widget (contributed by Sascha Linke)
  • languages: merged German translation progress (contributed by Fabian Franz)
  • xmlrpc: fix sync of static routes
  • bogons: fix overwrite-on-upgrade bug

FreeBSD 10.2-BETA2 Now Available

The second BETA build of the 10.2-RELEASE cycle is now available.
Installation images are available for the amd64, i386, ia64, powerpc, powerpc64, and sparc64 architectures.
FreeBSD/arm SD card images are available for the BEAGLEBONE, CUBOX-HUMMINGBOARD, GUMSTIX, RPI-B, PANDABOARD, and WANDBOARD kernels.
FreeBSD 10.2-BETA2 is also available on several third-party hosting providers.
See the PGP-signed announcement email for installation image checksums and more information. 


Other news

Our Code is Your Code | BSD Now 98

Coming up this time on the show, we’ll be talking with the CTO of Xinuos, David Meyer, about their adoption of FreeBSD. We also discuss the BSD license model for businesses & the benefits of contributing changes back. Watch it here.

Code stuff



Interesting articles



Wallpaper of the week

from http://www.pcbsd.org/en/artwork.html


BSD News 06/07/2015

Last week in BSD

Releases: DragonFly BSD, OPNsense
News:  OctoPkg, FreeBSD, Raspberry Pi, BSDTalk, HardenedBSD, DragonFly BSD, OpenBSD, OPNsense, BSDnow


BSDSec


Releases

DragonFly 4.2.0 released

DragonFly 4.2 is officially released!  You can go to the 4.2 release page for details, go to the mirrors page to download, or read my users@ post for upgrade steps.
Update: news stories and commentary seen on lobste.rs, Hacker News, and linux.fr.
There’s a minor update for DragonFly 4.2 – this covers a problem with i915 support, so it’s worth upgrading if you have an Intel video chipset. 

OPNsense version 15.7 Released

While the summer is hot, we push forward to what now is 15.7 — nicknamed ‘Brave Badger’ — right in front of you. A lot of effort went into this project during the past 6 months, and we dare say it has been worth all of it. We would like to thank our followers and friends and feedback givers and forum lurkers and contributors and doubters and supporters that helped to make 15.7 what it is. We wouldn’t be here without any of you. Thank you.
In itself, 15.7 is a simple upgrade from 15.1.12 which we recommend to everyone. What changes is that development will move to a different branch so that from now on regressions are less likely and therefore stability will increase further. The provided images may also be the only ones for the next 6 months as we are confident in their longevity and the online upgrade path. We have also bumped the LibreSSL flavour to a production-ready state and encourage everyone to try it out. The installer’s import configuration tool coupled with a quick and easy installation can help you move from OpenSSL to LibreSSL and back seamlessly.
The biggest addition is the intrusion detection integration (suricata) as well as new local and remote blacklists options for the proxy server (squid).
Security-wise, it has been rather quiet with only a few CVEs in third-party tools. Please see the full patch notes for details and references:
  • kernel: borrowed a dummynet / ipnat patch from m0n0wall to enable symmetric traffic shaping when NAT is involved
  • kernel: fix recurse lock panic for tmpfs in conjunction with unionfs
  • kernel: applied two stable patches that prevent squid from crashing [1]
  • kernel: retired ALTQ support
  • base: sendmail TLS/DH Interoperability Improvement [2]
  • base: improved iconv(3) UTF-7 support [3]
  • base: inconsistency between locale and rune locale states [4]
  • notable ports updates: phalcon 2.0.3 [5], curl 7.43.0_2 [6], openssh 6.8p1_8, python 2.7.10 [7], perl 5.20.2_5 [8], ntp 4.2.8p3 [9], libxml2 [10] 2.9.2_3, openldap24-server 2.4.41 [11]
  • opnsense-update: will no longer try to reinstall the installed version after a fresh installation
  • bsdinstaller: bring back cpdup to error out on low memory installation (you need 1 GB of RAM, or work around installation using the nano image)
  • traffic shaper: removed legacy queues support in favour of the new traffic shaper functionality
  • traffic shaper: allow direct enable/disable toggle
  • proxy: fix the initial daemon start on bootup
  • proxy: added LAN as the default interface configuration
  • proxy: local and remote blacklists with regex support
  • intrusion detection: initial release of our IDS GUI based on suricata
  • gateways: monitoring mode gained IPv6 support
  • captive portal: fix idle timeout bug
  • captive portal: d
  • not delete the wrong zone when having multiple configurations
  • captive portal: removed include files from exposed web directory
  • backend: always regenerate users and groups to avoid corruption after an unclean shutdown
  • backend: wait for configd socket to come up to address a startup race issue
  • backend: clean up configd socket on exit
  • backend: fixed regression that prevented user scripts from being started via /etc/rc.conf
  • gateways: only show apinger in services when monitoring is enabled for a gateway
  • languages: brought Simplified Chinese to 49% completed, German to 30% completed
  • universal plug and play: make page invoke static to remove exploitability of the legacy packages framework
  • crash reporter: finally enabled the send button and provides human-readable feedback whether the submission was complete
  • console: added non-interactive interface assignment for headless deployments
  • ssh: disable password authentication on factory reset to align with the standard configuration
  • diagnostics: avoid duplicated calls of gethostbyaddr() in NDP table view
  • users: prompt for old password on password change to prevent account hijacking
  • users: stripped the impossible scponly user privileges since said utility has never been part of our ecosystem
Images can be found on any of our mirrors, but they may take a few hours to sync.
https://opnsense.org/download/

Other news

Lost Technology | BSD Now 96

 Coming up this week, we'll be talking with Jun Ebihara about some lesser-known CPU architectures in NetBSD. He'll tell us what makes these old (and often forgotten) machines so interesting. As usual, we've also got answers to your emails and all this week's news on BSD Now - the place to B.. SD. 

bsdtalk254 - PFsense and FreeNAS with Ken Worster

An interview with Ken Worster who is presenting on topics which include PFSense and FreeNAS in schools at the Technology Teacher ME conference in Bethel Maine.
Ogg Link: https://archive.org/download/bsdtalk254/bsdtalk254.ogg

PC-BSD 10.2-PRE-RELEASE and 11.0-CURRENT Images Available for Testing

The PC-BSD project is pleased to announce the availability of two new testing images: 10.2-PRERELEASE and 11.0-CURRENTJULY2015.
WARNING: These images are considered “bleeding-edge” and should be treated as such.
The DVD/USB ISO files can now be downloaded from the following URLs:
http://download.pcbsd.org/iso/10.2-RELEASE/edge/amd64/
http://download.pcbsd.org/iso/11.0-CURRENTJULY2015/amd64/
This is a great way to test features and report bugs well before the release cycle begins for the next major releases.
To report bugs in PC-BSD, use https://bugs.pcbsd.org.
To report FreeBSD / Port / Kernel / World bugs, use https://bugs.freebsd.org/bugzilla/enter_bug.cgi.
To update from 10.1-RELEASE:
# pc-updatemanager chbranch 10.2-RELEASE
or
# pc-updatemanager chbranch 11.0-CURRENTJULY2015
This process will take a while, downloading new packages / world / kernel for the system. When done you can reboot, and the updater will finish up the update process.

Intel® System Studio 2016 for FreeBSD* Beta

Intel has released the beta version of their C++ compiler for FreeBSD. Thanks to Kittur Ganesh (Intel) for informing us about this software. Intel® System Studio (ISS) 2016 for FreeBSD* Beta provides a comprehensive embedded tool suite solution for developing, optimizing, tuning and deploying 64-bit system and application C, C++ code running natively on FreeBSD*

HardenedBSD Introducing True Stack Randomization

When we first implemented ASLR for FreeBSD, we implemented the stack randomization portion as a random gap. This means that the base address for the stack remained constant, but where applications started utilizing the stack would change randomly. We have now implemented true stack randomization. The base address for the stack is now randomized. We still utilize a random stack gap on top of true stack randomization to provide further entropy and security. This means that we can effectively achieve 42 bits of entropy for the stack. This change breaks KBI and we have bumped the HardenedBSD version up to 26 with this change. We will be doing a new package build to ensure packages are up-to-date with this change.
You can find the git commit here. For more details about how the PaX Team recommends doing stack randomization, take a look here.

Code stuff


Interesting Articles


Wallpaper of the week

from http://www.wallpaperdisk.com/download-free%20bsd%20devil-1463-wallpaper.html

BSD News 29/06/2015

Last week in BSD

Releases: pfSense
Other news: DragonFly BSD, pfSense, BSDnow, PC-BSD, FreeBSD, freeNAS, OpenBSD, MidnightBSD

Releases

pfSense 2.2.3-RELEASE Now Available

pfSense® software version 2.2.3 release is now available, bringing a number of bug fixes and some security updates.
Security Fixes
  • pfSense-SA-15_06.webgui: Multiple XSS Vulnerabilities in the pfSense WebGUI
    • The complete list of affected pages and fields is large and all are listed in the linked SA.
  • FreeBSD-SA-15:10.openssl: Multiple OpenSSL vulnerabilities (Including Logjam): CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-4000
The bug fixes and changes in this release are detailed here.


News

PC-BSD Documentation can now be Translated Using Pootle

Kris has finished integrating the source files for the PC-BSD Handbook documentation into Pootle, meaning that translators can now use their web browser to translate the Handbook into their native language. As translations are completed, we’ll make sure that the build server generates HTML copies and includes them in /usr/local/share/pcbsd/doc/html (right away for EDGE users and with the next release for PRODUCTION users).
To translate the documentation, go to http://translate.pcbsd.org/translate/, click the “All Projects” drop-down menu, and select “PC-BSD Handbook”. You can then click the link for the language to translate. Currently, German and French are available. If you want to translate to a different language, send an email to the translations mailing list and request that it be added.


Bitrot Group Therapy | BSD Now 95

This time on the show, we'll be talking some ZFS with Sean Chittenden. He's been using it on FreeBSD at Groupon, and has some interesting stories about how it's saved his data. Answers to your emails and all of this week's headlines, on BSD Now - the place to B.. SD.

Seeking Package Mirrors

HardenedBSD is gaining a lot of traction. We maintain our own packages to ensure proper ABI/API compatibility with HardenedBSD. We are looking for those who would be interested in mirroring our package repositories. You'd be looking at 2x50GB per repository. Right now, we only have one repo for 11-CURRENT/amd64. But we will soon be expanding to also building 10-STABLE/amd64 packages as well. We are currently restructuring the way our repo works. Of course, if you decide to become an official mirror, your name will be listed on our donors page. We appreciate the help and support the community has given us already and we look forward to working further with the community as we grow. Please contact us at [email protected] to discuss further details.

Leap Seconds and FreeBSD Article

A new article, FreeBSD Support for Leap Seconds, gives a quick overview of leap second handling. The next leap second will occur at 2015-Jun-30 23:59:60 UTC.

Handling Leap Seconds the OpenBSD Way

Christian Weisberger (naddy@) let us all know what we need to do to prepare for the impending leap second:
As you may have heard, a leap second will be upon us at 23:59:60
UTC on June 30.

The sky will fall, civilization will end, and dinosaurs will roam
the earth again.  Well, maybe not.

Neither the OpenBSD kernel nor OpenNTPD handle leap seconds in any
way.  So what will happen?
Read more...

Code stuff


Interesting articles


Wallpaper of the week 


from http://gnome-look.org/content/preview.php?preview=1&id=39793&file1=39793-1.jpg&file2=&file3=&name=Unix+Wallpaper