OpenBSD and FreeBSD News
-
Data Swamp ☛ Why I stopped using OpenBSD
Last month, I decided to leave the OpenBSD team as I have not been using OpenBSD myself for a while. A lot of people asked me why I stopped using OpenBSD, although I have been advocating it for a while. Let me share my thoughts.
First, I like OpenBSD, it has values, and it is important that it exists. It just does not fit all needs, it does not fit mine anymore.
-
FreeBSD ☛ Strengthening FreeBSD: Addressing Vulnerabilities Through Synacktiv’s Code Audit
With funding from the Alpha-Omega Project, the FreeBSD Foundation recently partnered with the offensive security firm Synacktiv to perform an in-depth security audit of critical FreeBSD components, focusing on the bhyve hypervisor and the Capsicum security framework.
The comprehensive findings from the audit, available in the full report, highlight several vulnerabilities. Most of these vulnerabilities have been addressed through official FreeBSD Project security advisories, which offer detailed information about each vulnerability, its impact, and the measures implemented to improve the security of FreeBSD systems.
The audit uncovered 27 vulnerabilities and issues within various FreeBSD subsystems. 7 issues were not exploitable and were robustness or code quality improvements rather than immediate security concerns.
Below is an overview of the key security fixes and what FreeBSD users need to know to keep their systems secure.
-
LWN ☛ FreeBSD Foundation releases Bhyve and Capsicum security audit
The FreeBSD Foundation has announced the release of a security audit report conducted by security firm Synacktiv. The audit uncovered a number of vulnerabilities: [...]
The third weekly beta release of FreeBSD 14.2 is now available for testing ahead of the planned stable release in early December. Besides a few fixes notable to FreeBSD 14.2-BETA3 is that they are now putting out OCI container images among their release media...
-
FreeBSD ☛ FreeBSD 14.2-BETA3 Now Available
The third BETA build of the 14.2-RELEASE release cycle is now available.
Installation images are available for:
o 14.2-BETA3 amd64 GENERIC o 14.2-BETA3 i386 GENERIC o 14.2-BETA3 powerpc GENERIC o 14.2-BETA3 powerpc64 GENERIC64 o 14.2-BETA3 powerpc64le GENERIC64LE o 14.2-BETA3 powerpcspe MPC85XXSPE o 14.2-BETA3 armv7 GENERICSD o 14.2-BETA3 aarch64 GENERIC o 14.2-BETA3 aarch64 RPI o 14.2-BETA3 aarch64 PINE64 o 14.2-BETA3 aarch64 PINE64-LTS o 14.2-BETA3 aarch64 PINEBOOK o 14.2-BETA3 aarch64 ROCK64 o 14.2-BETA3 aarch64 ROCKPRO64 o 14.2-BETA3 riscv64 GENERIC o 14.2-BETA3 riscv64 GENERICSD
Note regarding arm SD card images: For convenience for those without console access to the system, a freebsd user with a password of freebsd is available by default for ssh(1) access. Additionally, the root user password is set to root. It is strongly recommended to change the password for both users after gaining access to the system.
Installer images and memory stick images are available here:
https://download.freebsd.org/releases/ISO-IMAGES/14.2/
The image checksums follow at the end of this e-mail.
If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list.
If you would like to use Git to do a source based update of an existing system, use the "releng/14.2" branch.
A summary of changes since BETA2 includes:
o OCI container images are now being published.
o A bug fix to iichid power management unbreaks some I2C keyboard devices.
o A panic caused by running procstat(1) on a bridge(4) has been fixed.
A list of changes since 14.1 is available in the releng/14.2 release notes:
https://www.freebsd.org/releases/14.2R/relnotes/
Please note, the release notes page is not yet complete, and will be updated on an ongoing basis as the 14.2-RELEASE cycle progresses.