BSD News 24/08/2015

Last week in BSD

Releases: SmallWall, NetBSD, OPNsense, PC-BSD
Other news: BSDSec,RaspBSD, OpenBSD, BSDnow, HardenedBSD, Wallpaper

BSDSec

 

Releases

SmallWall 1.8.4b9 beta release

Just released a new beta with a MUCH newer version of SNMP. Now supports v2 and 64bit counters for network monitoring. Also may have fixed some memory and CPU monitoring bugs from a long way back. 

NetBSD 7.0_RC3

The full list of changes can be found near the bottom of http://ftp.NetBSD.org/pub/NetBSD/NetBSD-7.0_RC3/CHANGES-7.0
Binaries of NetBSD 7.0_RC3 are available for download at:
http://ftp.NetBSD.org/pub/NetBSD/NetBSD-7.0_RC3/
Those who prefer to build from source can either use the netbsd-7-0-RC3 tag or follow the netbsd-7 branch.

OPNsense 15.7.9 Released

These are the full patch notes:
  • firmware: functional rework of update fetch and install, show reboot needed in alert box
  • interfaces: fixed spurious truncated interface names from showing up in the assignments
  • intrusion detection: improved rule select/deselect behaviour and alert querying
  • firewall/rules: fix missing apply button when another language is being used
  • crash reporter: multiple fixes, layout and submission improvements
  • firewall/logs: can now filter using IP version
  • firewall/nat: add anti-lockout rule for redirection
  • certificates: fix generation for LibreSSL flavour
  • openvpn: allow advanced settings for all server types
  • openvpn: reworked all configuration pages (especially client export)
  • ipsec: reworked all configuration pages

PC-BSD 10.2-RELEASE Now Available

  • FreeBSD 10.2-RELEASE base system
  • Many bugfixes and enhancements to installer to dual-boot setups
  • New CD-sized network installation media, with Wifi Configuration via GUI
  • Switched to “iocage” for jail management backend
  • Disk Manager GUI now available via installer GUI
  • Bug-fixes and improvements to Life-Preserver replications
  • Improved localization options for login manager
  • Options to Enable / Disable SSHD or IPv6 at installation
  • New “Plugins” system for AppCafe, allowing download of pre-built jail environments
  • Improvements to look-n-feel of AppCafe for package management
  • Improved fonts and better support for 4K monitor setups
  • Enterprise package repo, which only has security updates, allowing users to run a server / desktop or jail with fairly consistent package versions.
  • Firefox 40.0_1,1
  • Chromium 44.0.2403.130
  • Thunderbird 38.1.0
  • Lumina 0.8.6
  • GNOME 3.16.2

Other news

Raspberry Pi gains new FreeBSD distribution

Raspberry Pi owners can dig out their SD-card formatting tools of choice again, because a new version of FreeBSD has emerged for the machines,
RaspBSD will work on the Pi models B and B+ and promises to run on more “soon”. The “more” looks like including the BeagleBone Black and the Banana Pi.
FreeBSD has been available on the Pi for some time, as recorded in this post by the Pi foundation. This cut of the OS is the work of FreeBSD contributor and forum administrator Brad Davis, who says “The Goal of this project is to build images easily useable by anyone. Sometimes that means images preloaded with different packages to help new users get started.”
“Initially they will start off pretty basic, but will expand in different directions to support different goals. Initial goals include Education and Entertainment. All of our images are built using publicly available tools and any enhancements will be pushed upstream.”
If that sounds like you, raspbsd.org offers you the chance to download and play with the new OS.

OpenBSD 5.8 Preorders Enabled, Release Song Published

Two important events of the OpenBSD 5.8 release cycle happened today:
  • On the Orders page, pre-orders for the new release have been enabled
  • On the Lyrics page, the OpenBSD 5.8 release song has been published, with links to OGG and MP3 formats available.
The release date is October 18th, to mark the 20th anniversary of creation the OpenBSD CVS tree, as Theo de Raadt (deraadt@) noted in the announcement:
Read more...

Ubuntu Slaughters Kittens | BSD Now 103

Allan's away at BSDCam this week, but we've still got an exciting episode for you. We sat down with Bryan Cantrill, CTO of Joyent, to talk about a wide variety of topics: dtrace, ZFS, pkgsrc, containers & much more. This is easily our longest interview to date!
 

Code stuff


Interesting articles


Wallpaper of the week


BSD News 27/07/2015

BSD News 27/07/2015

Last week in BSD

Releases: FreeBSD, OPNSense
Other news: c2k15, OpenBSD, docker, zfs, FreeBSD, BSDSec, DragonFly BSD, BSDSec, OPNsense, NetBSD, OctoPkg, HardenedBSD

Please check Introducing BSDHistory article.
 

BSDSec



Releases

FreeBSD 10.2-RC1 Now Available

The first RC build of the 10.2-RELEASE cycle is now available.
Installation images are available for the amd64, i386, ia64, powerpc, powerpc64, and sparc64 architectures.
FreeBSD/arm SD card images are available for the BEAGLEBONE, CUBOX-HUMMINGBOARD, GUMSTIX, RPI-B, PANDABOARD, and WANDBOARD kernels.
FreeBSD 10.2-RC1 is also available on several third-party hosting providers.
See the PGP-signed announcement email for installation image checksums and more information.

OPNsense 15.7.4 Released

Here are the the full patch notes:
  • updated sudo 1.8.14p3 [1], pcre 8.37_2 [2], and FreeBSD 10.1-RELEASE-p15 [3]
  • firmware: fix upgrade when using opnsense-devel package
  • proxy: fix config write for multiple interfaces
  • crash reporter: raise PHP log level to warnings after an extensive cleanup
  • dashboard: made widgets translatable (contributed by Fabian Franz)
  • firewall logs: usability improvements (contributed by Fabian Franz)
  • languages: Simplified Chinsese 64% complete
  • languages: German 40% complete
  • menu: fixed navigation for PPPoE edit

Other news

BSD Gnow | BSD Now 99

This week we’ll be talking with Ryan Lortie and Baptiste Daroussin about GNOME on BSD. Upstream development is finally treating the BSDs as a first class citizen, so we’ll hear about how the recent porting efforts have been since.
Watch it here

HardenedBSD 11-CURRENT amd64 (x86-64) installers


Code stuff



Interesting Articles


Wallpaper of the week

 

from wallpapercave.com/w/QOUmkgJ

Introducing BSDHistory

Hi folks,

I am very happy to introduce #BSDHistory

 

What is it?

#BSDHistory is  kind of "a fact a day", "random fact" website, showing random facts from BSD History.
I guess the best thing you can do is to visit it and see for yourself:
  • minimal design
  • link to the source of the information
  • link to another random fact
  • link to add new fact
  • share to twitter funcionality
  • footer with some more info

 

You can add your own facts. 

Right now, there are 4 facts only, but no worries. Project is open-source and anyone can contribute.
I would be very happy to see people contributing facts, or making the page better. Obviously, the code can always be made better. I will be adding more stuff to the page.

So go ahead and share something by clicking on twitter icon... :)

If you're looking for more details how #BSDHistory was done, please visit my blog post here.

BSD News 20/07/2015

BSD News 20/07/2015

Last week in BSD

Releases: DragonFly BSD, OPNsense, FreeBSD
Other news: BSDnow, DragonFly BSD, Lumina Desktop, OpenBSD

Releases

DragonFly 4.2.3 released

There was a newer release of OpenSSL (1.0.1p) last week, so there’s a new revision of the DragonFly release – 4.2.3.  There’s little major change other than the security fix for OpenSSL.
Those readers who can count past 2 may notice that there wasn’t a 4.2.2.  We went straight from 4.2.1 to 4.2.3.   That’s my fault.  I screwed up tagging and Git doesn’t like repeated, deleted tags.

OPNsense 15.7.3 Released

The full list of changes are as follows:
  • php56 5.6.11 [1], pkg 1.5.5 [2], ca_root_nss 3.19.2, phalcon 2.0.5 [3], isc-dhcp42-server 4.2.8_1 [4]
  • backup: fix infinite reboot loop on interface mismatch
  • firmware: show locally installed packages
  • firmware: reboot dialog now responsively redirects when the system is back up
  • dashboard: upgrade link now directly launches into the firmware upgrade
  • dashboard: added a system log widget (contributed by Sascha Linke)
  • languages: merged German translation progress (contributed by Fabian Franz)
  • xmlrpc: fix sync of static routes
  • bogons: fix overwrite-on-upgrade bug

FreeBSD 10.2-BETA2 Now Available

The second BETA build of the 10.2-RELEASE cycle is now available.
Installation images are available for the amd64, i386, ia64, powerpc, powerpc64, and sparc64 architectures.
FreeBSD/arm SD card images are available for the BEAGLEBONE, CUBOX-HUMMINGBOARD, GUMSTIX, RPI-B, PANDABOARD, and WANDBOARD kernels.
FreeBSD 10.2-BETA2 is also available on several third-party hosting providers.
See the PGP-signed announcement email for installation image checksums and more information. 


Other news

Our Code is Your Code | BSD Now 98

Coming up this time on the show, we’ll be talking with the CTO of Xinuos, David Meyer, about their adoption of FreeBSD. We also discuss the BSD license model for businesses & the benefits of contributing changes back. Watch it here.

Code stuff



Interesting articles



Wallpaper of the week

from http://www.pcbsd.org/en/artwork.html


BSD News 06/07/2015

Last week in BSD

Releases: DragonFly BSD, OPNsense
News:  OctoPkg, FreeBSD, Raspberry Pi, BSDTalk, HardenedBSD, DragonFly BSD, OpenBSD, OPNsense, BSDnow


BSDSec


Releases

DragonFly 4.2.0 released

DragonFly 4.2 is officially released!  You can go to the 4.2 release page for details, go to the mirrors page to download, or read my users@ post for upgrade steps.
Update: news stories and commentary seen on lobste.rs, Hacker News, and linux.fr.
There’s a minor update for DragonFly 4.2 – this covers a problem with i915 support, so it’s worth upgrading if you have an Intel video chipset. 

OPNsense version 15.7 Released

While the summer is hot, we push forward to what now is 15.7 — nicknamed ‘Brave Badger’ — right in front of you. A lot of effort went into this project during the past 6 months, and we dare say it has been worth all of it. We would like to thank our followers and friends and feedback givers and forum lurkers and contributors and doubters and supporters that helped to make 15.7 what it is. We wouldn’t be here without any of you. Thank you.
In itself, 15.7 is a simple upgrade from 15.1.12 which we recommend to everyone. What changes is that development will move to a different branch so that from now on regressions are less likely and therefore stability will increase further. The provided images may also be the only ones for the next 6 months as we are confident in their longevity and the online upgrade path. We have also bumped the LibreSSL flavour to a production-ready state and encourage everyone to try it out. The installer’s import configuration tool coupled with a quick and easy installation can help you move from OpenSSL to LibreSSL and back seamlessly.
The biggest addition is the intrusion detection integration (suricata) as well as new local and remote blacklists options for the proxy server (squid).
Security-wise, it has been rather quiet with only a few CVEs in third-party tools. Please see the full patch notes for details and references:
  • kernel: borrowed a dummynet / ipnat patch from m0n0wall to enable symmetric traffic shaping when NAT is involved
  • kernel: fix recurse lock panic for tmpfs in conjunction with unionfs
  • kernel: applied two stable patches that prevent squid from crashing [1]
  • kernel: retired ALTQ support
  • base: sendmail TLS/DH Interoperability Improvement [2]
  • base: improved iconv(3) UTF-7 support [3]
  • base: inconsistency between locale and rune locale states [4]
  • notable ports updates: phalcon 2.0.3 [5], curl 7.43.0_2 [6], openssh 6.8p1_8, python 2.7.10 [7], perl 5.20.2_5 [8], ntp 4.2.8p3 [9], libxml2 [10] 2.9.2_3, openldap24-server 2.4.41 [11]
  • opnsense-update: will no longer try to reinstall the installed version after a fresh installation
  • bsdinstaller: bring back cpdup to error out on low memory installation (you need 1 GB of RAM, or work around installation using the nano image)
  • traffic shaper: removed legacy queues support in favour of the new traffic shaper functionality
  • traffic shaper: allow direct enable/disable toggle
  • proxy: fix the initial daemon start on bootup
  • proxy: added LAN as the default interface configuration
  • proxy: local and remote blacklists with regex support
  • intrusion detection: initial release of our IDS GUI based on suricata
  • gateways: monitoring mode gained IPv6 support
  • captive portal: fix idle timeout bug
  • captive portal: d
  • not delete the wrong zone when having multiple configurations
  • captive portal: removed include files from exposed web directory
  • backend: always regenerate users and groups to avoid corruption after an unclean shutdown
  • backend: wait for configd socket to come up to address a startup race issue
  • backend: clean up configd socket on exit
  • backend: fixed regression that prevented user scripts from being started via /etc/rc.conf
  • gateways: only show apinger in services when monitoring is enabled for a gateway
  • languages: brought Simplified Chinese to 49% completed, German to 30% completed
  • universal plug and play: make page invoke static to remove exploitability of the legacy packages framework
  • crash reporter: finally enabled the send button and provides human-readable feedback whether the submission was complete
  • console: added non-interactive interface assignment for headless deployments
  • ssh: disable password authentication on factory reset to align with the standard configuration
  • diagnostics: avoid duplicated calls of gethostbyaddr() in NDP table view
  • users: prompt for old password on password change to prevent account hijacking
  • users: stripped the impossible scponly user privileges since said utility has never been part of our ecosystem
Images can be found on any of our mirrors, but they may take a few hours to sync.
https://opnsense.org/download/

Other news

Lost Technology | BSD Now 96

 Coming up this week, we'll be talking with Jun Ebihara about some lesser-known CPU architectures in NetBSD. He'll tell us what makes these old (and often forgotten) machines so interesting. As usual, we've also got answers to your emails and all this week's news on BSD Now - the place to B.. SD. 

bsdtalk254 - PFsense and FreeNAS with Ken Worster

An interview with Ken Worster who is presenting on topics which include PFSense and FreeNAS in schools at the Technology Teacher ME conference in Bethel Maine.
Ogg Link: https://archive.org/download/bsdtalk254/bsdtalk254.ogg

PC-BSD 10.2-PRE-RELEASE and 11.0-CURRENT Images Available for Testing

The PC-BSD project is pleased to announce the availability of two new testing images: 10.2-PRERELEASE and 11.0-CURRENTJULY2015.
WARNING: These images are considered “bleeding-edge” and should be treated as such.
The DVD/USB ISO files can now be downloaded from the following URLs:
http://download.pcbsd.org/iso/10.2-RELEASE/edge/amd64/
http://download.pcbsd.org/iso/11.0-CURRENTJULY2015/amd64/
This is a great way to test features and report bugs well before the release cycle begins for the next major releases.
To report bugs in PC-BSD, use https://bugs.pcbsd.org.
To report FreeBSD / Port / Kernel / World bugs, use https://bugs.freebsd.org/bugzilla/enter_bug.cgi.
To update from 10.1-RELEASE:
# pc-updatemanager chbranch 10.2-RELEASE
or
# pc-updatemanager chbranch 11.0-CURRENTJULY2015
This process will take a while, downloading new packages / world / kernel for the system. When done you can reboot, and the updater will finish up the update process.

Intel® System Studio 2016 for FreeBSD* Beta

Intel has released the beta version of their C++ compiler for FreeBSD. Thanks to Kittur Ganesh (Intel) for informing us about this software. Intel® System Studio (ISS) 2016 for FreeBSD* Beta provides a comprehensive embedded tool suite solution for developing, optimizing, tuning and deploying 64-bit system and application C, C++ code running natively on FreeBSD*

HardenedBSD Introducing True Stack Randomization

When we first implemented ASLR for FreeBSD, we implemented the stack randomization portion as a random gap. This means that the base address for the stack remained constant, but where applications started utilizing the stack would change randomly. We have now implemented true stack randomization. The base address for the stack is now randomized. We still utilize a random stack gap on top of true stack randomization to provide further entropy and security. This means that we can effectively achieve 42 bits of entropy for the stack. This change breaks KBI and we have bumped the HardenedBSD version up to 26 with this change. We will be doing a new package build to ensure packages are up-to-date with this change.
You can find the git commit here. For more details about how the PaX Team recommends doing stack randomization, take a look here.

Code stuff


Interesting Articles


Wallpaper of the week

from http://www.wallpaperdisk.com/download-free%20bsd%20devil-1463-wallpaper.html