BSD News 23/05/2016

BSD News 23/05/2016

Last week in BSD

Releases: HardenedBSD, SoloBSD, SmallWall, pfSense, OPNsense, 
Other news: BSDSec, BSDnow, BSD Magazine, DragonFlyBSD, p2k16, freeNAS, OpenBSD

BSDSec


Releases

HardenedBSD-stable 10-STABLE v46.1

HardenedBSD-10-STABLE-v46.1
----------------------------------------
https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...
https://github.com/HardenedBSD/hardenedBSD-stable/commits/HardenedBSD-10...
This release fixes CVE-1541 and CVE-2015-2304 in libarchive, a lot of Coverity warnings / programing errors and an overflow in amd64's sysarch system call (00696f0, eac2aab, bd784f7).

SoloBSD 10.3-STABLE-v46

There is a new build of SoloBSD 10.3-STABLE based on the latest HardenedBSD stable branch version 46
You can grab it from Here. (61.7 Mb)
root password: solobsd

SmallWall 1.8.4b10 beta release

Just released a new beta with updated mini-httpd, and many t1n1wall changes ported in.

New stable version: HardenedBSD-stable 11-CURRENT v46.2

HardenedBSD-11-CURRENT-v46.2 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...
UPDATE TO THIS RELEASE IS STRONGLY ADVISED!
This release fixes two locally exploitable security issue, namely the followings:
https://security.freebsd.org/advisories/FreeBSD-SA-16:19.sendmsg.asc
https://security.freebsd.org/advisories/FreeBSD-SA-16:18.atkbd.asc

pfSense 2.3.1-RELEASE Now Available!

We are happy to announce the release of pfSense® software version 2.3.1!
This is a maintenance release in the 2.3.x series, bringing a number of bug fixes, two security fixes in the GUI, as well as security fixes for OpenSSL, OpenVPN and FreeBSD atkbd and sendmsg. The full list of changes is on the 2.3.1 New Features and Changes page.
This release includes a total of 103 bug fixes. 79 regressions in 2.3 have been fixed, mostly minor issues in the new GUI. Several of these are significant issues, and have resolved nearly all the post-upgrade problems encountered in 2.3-RELEASE. 24 issues affecting 2.2.x and prior versions have also been fixed.
If you haven’t yet caught up on the changes in 2.3.x, check out the Features and Highlights video. Past blog posts have covered some of the changes, such as the performance improvements from tryforward, and the webGUI update.

OPNsense 16.1.14 released

How about an update with your new NetFlow remote export. Or your local reporting frontend? Well, you can always use both if you like. Read all about it here: https://docs.opnsense.org/manual/netflow.html
Furthermore, we have added the brand new AQM CoDel version 0.2.1 to the mix, yesterday’s FreeBSD security advisories, released the HAProxy plugin, bundled a full Japanese translation.
There is also a refreshed website for our general viewing pleasure.
https://opnsense.org/

News

Diving for BSD Perls | BSD Now 142

This week on the show, we have all the latest news and stories! Plus an interview with BSD developer Alfred Perlstein, that you won’t want to miss. Sit tight, the show starts now on your place to B...SD!
 

BSD Magazine for May 2016 out

The May issue of BSD Magazine is available now.  There’s articles on ZFS, OpenBSD’s arc4random, an interview of Fernando Rodríguez of KeepCoding, and more.  It’s a free PDF download if you didn’t know.

eX, clisp, and DragonFly

DragonFly versions of TeX have been available for some time now.  However, Nelson Beebe, who is part of the TeX project, is having trouble building some related binaries – asymptote and clisp.  He could use help from anyone interested, to match up with this summer’s release of TeX 2016.

Mounting as non-root

Read this email thread for how to mount devices (e.g. USB drives) in DragonFly when you aren’t root.

Code stuff 

p2k16 Hackathon Report: pirofti@ on octeon and TPM

Interesting articles


BSD News 16/05/2016

BSD News 16/05/2016

Last week in BSD

Releases: HardenedBSD, SoloBSD
Other news: BSDnow, OpenBSD, p2k16, LibreSSL, DragonFlyBSD, FreeBSD

BSDSec

seems to be none SA warnings

Releases

New stable version: HardenedBSD-stable HardenedBSD-10-STABLE-v44.6

HardenedBSD-10-STABLE-v44.6 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...
 

SoloBSD 10.3-STABLE-v44.6

Aventuras BSDeras by Guillermo García Rojas C.
There is a new build of SoloBSD 10.3-STABLE based on the latest HardenedBSD stable branch version 44.6
Changelog v44.6
- Switched to Python3.5 interpreter.
- Now with PIE on base!
You can grab it from Here. (60.6 Mb)
root password: solobsd
 

News

BSD Likes Ike! | BSD Now 141

This week on the show, we have all the latest news & stories! Plus we’ll be hearing more about OpnSense from the man himself, Ike! Sit tight, the show starts now on your place to B…SD!
 

Code stuff

libressl - more vague promises

Interesting articles


Wallpaper of the week

BSD News 09/05/2016

BSD News 09/05/2016

Last week in BSD

Releases:SoloBSD, HardenedBSD,
Other news:BSDSec, FreeBSD, OpenBSD, pkgsrc, SoloBSD, HardenedBSD, BSDnow, DragonFly BSD, LibreSSL, MirOS


BSDSec

Releases

SoloBSD 10.3-STABLE-v44.5

There is a new build of SoloBSD 10.3-STABLE based on the latest HardenedBSD stable branch version 44.5
- Changelog v44.5
- Python3.5 interpreter has been added.
You can grab it from Here. (58.7 Mb)
root password: solobsd

New stable version: HardenedBSD-stable 11-CURRENT v46.1

HardenedBSD-11-CURRENT-v46.1 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

News

Tracing it back to BSD | BSD Now 140

This week on BSDNow, Allan is back in down from Europe! We’ll get to hear some of his wrap-up and get caught up on the latest BSD news. That plus our interview about Backtrace.io! Keep it tuned to BSDNow, the place to B….SD!

modules.local now possible

If you happen to be testing kernel modules, DragonFly can now load them from a modules.local directory.  This keeps modules that aren’t part of the base system, separate.  This is probably of most use to developers.  Set local_modules=”YES” in rc.conf to enable.

LibreSSL in HardenedBSD Base

A few months ago, we added Bernard Spil to the HardenedBSD team with a goal to bring in and maintain LibreSSL in base. Given the effort involved in maintaining such a complex piece of software, we at HardenedBSD have made the decision to keep it as a feature branch in the playground repo for now. Those who wish to check out Bernard's awesome, hard work can check out the repo here. We will soon start auto-syncing that feature branch on our normal six-hour cycle and we will produce periodic binary updates. As of today, the first binary update has been published. You can use this hbsd-update.conf file to tell hbsd-update to switch to the LibreSSL branch. If you wish to compile your own version of HardenedBSD with LibreSSL base, you will need to add WITH_LIBRESSL=yes to src.conf.
We would like to thank Bernard for volunteering. He has been a tremendous help. Here is a teaser screenshot.

New SSH hostkey for fish, taking over AnonCVS/AnonRSYNC service

As announced in the earlier wlog entry about server reorg I’ve now switched over most services from the soon-to-be-defunct eurynome to fish, with gecko2’s www.ig42.org providing the redirection HTTP vhost for hostname-less mirbsd.org requests (i.e. people who don’t know how this works) and, soon, fallback HTTP services should they be needed. (He’s trusted with the SSL key and certificate.)
This also involves switching SSH hostkeys for AnonCVS, unfortunately; I’ve taken the chance to generate a fresh key for fish. Look in /MirOS/ for the files (gzsig(1) signed) hostkeys.gz or (PGP signed) hostkeys.asc for a less-dependent source for the new keys.


Code stuff

Interesting articles


BSD News 02/05/2016

BSD News 02/05/2016

Last week in BSD

Releases: FreeBSD, BSDSec, OpenBSD, BSDnow, CheriBSD, BSDTalk, NFS, p2k16
Other news: SoloBSD, GhostBSD, OPNsense, pfSense, HardenedBSD


BSDSec


Releases

New stable release: HardenedBSD-stable 10-STABLE v44.3

New stable release: HardenedBSD-stable 10-STABLE v44.4

New stable version: HardenedBSD-stable HardenedBSD-11-CURRENT v46

HardenedBSD-11-CURRENT-v46 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...
 

pfSense 2.3 Update 1 Available

Since the new pkg system enables us to update pieces of the system individually, rather than the monolithic updates of the past, we have released a patch that fixes the NTP CVEs covered by FreeBSD SA 16:16.ntp. Updating ntpd from 4.2.8p6 to 4.2.8p7 is the only change.
This update appears as 2.3_1, for update 1. This should not be confused with 2.3.1, which is a full maintenance release coming soon. 2.3_1 is only available for those already running 2.3 release.
Note for this update, your version number will remain the same afterwards, still showing as 2.3-RELEASE.
This update does not trigger a reboot. The NTP service needs to be manually restarted under Status>Services afterwards.

OPNsense 16.1.12 released

The progress for our upcoming version 16.7 now accumulates to 3 full months. To that end we are making the transition from ALPHA to BETA on the 16.7 development series. And since we have been asked to incorporate development change logs as well, look no further (well, look below).
Anyway, 16.1.12 brings a handful of anticipated additions like FreeBSD’s package manager version 1.7.2 and the ability to use CoDel / FQ-Codel in the traffic shaper. We have also started to move services to the plugin framework instead of having them in the base installation. And, maybe as a last point, initial work for fixing the trusty apinger utility for gateway monitoring has surfaced.
Het bericht OPNsense 16.1.12 released verscheen eerst op OPNsense.

GhostBSD 10.3 ALPHA1 is now ready for Testing

Yes we skip 10.2 for 10.3 since was FreeBSD 10.3 was coming we thought we should wait for 10.3. This is the first ALPHA development release for testing and debugging for GhostBSD 10.3, only as MATE been released yet which is available on SourceForge and for the amd64 and i386 architectures.

SoloBSD 10.3-STABLE-v44.3

SoloBSD 10.3-STABLE-v44.4

There is a new build of SoloBSD 10.3-STABLE based on the latest HardenedBSD stable branch version 44.4
You can grab it from Here. (45.8 Mb)
root password: solobsd

News

Cheri-picking BSD | BSD Now 139

This week, Allan is out of town, but since when has that ever stopped us from bringing you a new episode of BSDNow? We have news, feedback & an excellent interview with Brooks Davis telling us about CheriBSD that you won’t want to miss.
View attached file (449 MB, video/mp4)

bsdtalk264 - Down the Gopher Hole

Playing around with the gopher protocol.   Description of gopher from the 1995 book "Student's Guide to the Internet" by David Clark. Also, at the end of the episode is audio from an interview with Mark McCahilll and Farhad Anklesaria that can be found at https://www.youtube.com/watch?v=oR76UI7aTvs
Check out http://gopher.floodgap.com/gopher/
File Info: 27 Min, 13 MB.
Ogg Link:https://archive.org/download/bsdtalk264/bsdtalk264.ogg

Code stuff 


Interesting articles



BSD News 25/04/2016

BSD News 25/04/2016

Last week in BSD

Releases:SoloBSD, HardenedBSD, DragonFly BSD
Other news: BSDSec, BSDnow, p2k16, OpenBSD, NetBSD


BSDSec



Releases

SoloBSD 10.3-STABLE-v44.2

There is a new build of SoloBSD 10.3-STABLE based on the latest HardenedBSD stable branch version 44.2
You can grab it from Here. (45.8 Mb)
root password: solobsd

New stable release: HardenedBSD-stable 10-STABLE v44.2

HardenedBSD-10-STABLE-v44.2 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...
 

DragonFly 4.4.3 released

The DragonFly 4.4.3 point release is out.  There’s a commit page listing the changes between 4.4.2 and 4.4.3.  Nobody will be surprised that there’s an OpenSSL update in there.
If you want a complete image, it’s available for download at your nearest mirror.  If you want to upgrade an existing install:
cd /usr; make src-update 
    (or  src-create-shallow if you don't already have source)
make buildworld && make buildkernel
make installkernel && make installworld
make upgrade
reboot
 

News

The p2k16 hackathon has begun

OpenBSD developers from around the world have just gathered in Nantes, France for the p2k16 hackathon. This event is technically a ports hackathon, but many non-porters have showed up too, which means you can expect a variety of different improvements. As an early example, ajacoutot@ has just set sysmerge to run automatically during the upgrade process.
Head over to the hackathons page to see the artwork, and stay tuned to Undeadly for some post-hackathon reports.

Rushing into BSD | BSD Now 138

This week on the show, we will be talking to Benedict Reushling about his role with the FreeBSD foundation and the journey that took him there. That plus a few weeks worth of news to get caught up on, coming up next on BSDNow!

Code stuff