In Other BSDs for 2016/05/28
DragonFlyBSD Digest - May 28, 2016, 12:23 pm UTC
Fun links, this week. BCHS Stack – BSD, C, Httpd, SQLite.  Fun!  (via) How to chroot www/firefox on NetBSD.  (via) [email protected]: ‘NSA addition to ifconfig’.  (via) OpenBSD/loongson on the Lemote Yeeloong 8101B.  (via) Comfort On The Command Line – A primer.  Actually talks about the command line on multiple platforms including BSD, not just “here’s […]
0Comments Direct Link to Article
W^X now mandatory in OpenBSD
Undeadly.org - May 27, 2016, 9:00 pm UTC

Traditional Unix has allowed memory to be mapped W | X. Everyone now knows that’s a bad practice from a security standpoint, but the software ecosystem hasn't made much progress in this area. Theo de Raadt has just committed a change to begin blocking W^X violations in OpenBSD.



CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2016/05/27 13:45:04

Modified files:
lib/libc/sys : mmap.2 mount.2 mprotect.2
sbin/mount : mntopts.h mount.8 mount.c
sbin/mount_ffs : mount_ffs.c
sbin/mount_nfs : mount_nfs.c
sys/kern : kern_sysctl.c vfs_syscalls.c
sys/sys : mount.h sysctl.h
sys/uvm : uvm_mmap.c
usr.sbin/pstat : pstat.c

Log message:
W^X violations are no longer permitted by default. A kernel log message
is generated, and mprotect/mmap return ENOTSUP. If the sysctl(8) flag
kern.wxabort is set then a SIGABRT occurs instead, for gdb use or coredump
creation.

W^X violating programs can be permitted on a ffs/nfs filesystem-basis,
using the "wxallowed" mount option. One day far in the future
upstream software developers will understand that W^X violations are a
tremendously risky practice and that style of programming will be
banished outright. Until then, we recommend most users need to use the
wxallowed option on their /usr/local filesystem. At least your other
filesystems don't permit such programs.

Read more...

0Comments Direct Link to Article
garbage[27]: All these chat programs suck, I’ll create another one
DragonFlyBSD Digest - May 27, 2016, 8:15 pm UTC
The garbage[27] podcast is out, and it’s covering OpenBSD, iOS, and Android topics, or at least that’s what I guess from the summary, cause I’m still at work.
0Comments Direct Link to Article
BSDNow 143: One small step for DRM, one giant leap for BSD
DragonFlyBSD Digest - May 26, 2016, 9:36 pm UTC
BSDNow 143 has the usual roundup of news, plus a conversation with Matthew Macy about graphics improvements in FreeBSD. We need DragonFly people interviewed, since DragonFly graphics improvements have been leading the pack, so to speak.  I’m linking to the Jupiter Broadcasting site again since I don’t see this episode up on the BSDNow site […]
0Comments Direct Link to Article
One small step for DRM, one giant leap for BSD | BSD Now 143
BSDnow - May 26, 2016, 12:14 pm UTC
This week on BSDNow, we have an interview with Matthew Macy, who has some exciting news to share with us regarding the state of graphics on FreeBSD. That plus all the latest news on BSDNow, the place to B...SD!
0Comments Direct Link to Article
Privilege Separation and Pledge (video)
Undeadly.org - May 25, 2016, 1:34 pm UTC

This year's dotSecurity conference featured a presentation from OpenBSD founder Theo de Raadt, titled "Privilege Separation and Pledge."


The video is now available here, in addition to the slides.

0Comments Direct Link to Article
GhostBSD 10.3 ALPHA2 is ready for testing
GhostBSD - May 24, 2016, 11:32 pm UTC

This second ALPHA development release is for testing and debugging new feature in GhostBSD 10.3, MATE and XFCE is available on SourceForge for the i386, amd64, and amd64-uefi architectures.

Language
Undefined
0Comments Direct Link to Article
Huge wifi resync
DragonFlyBSD Digest - May 24, 2016, 3:58 pm UTC
Matthew Dillon and Adrian Chadd have updated the wifi setup in DragonFly, incorporating Adrian’s FreeBSD changes (and merging back some of Matt’s from DragonFly).  This affects the ath, rum, iwm, iwn, run, bwn, urtwn, wi, ral, iwi, ndis, and wpi drivers.  The ‘an’ driver has been removed, too.  I’m not going to even try to […]
0Comments Direct Link to Article
BSD News 23/05/2016
DiscoverBSD - May 24, 2016, 8:10 am UTC
Last week in BSD Releases: HardenedBSD, SoloBSD, SmallWall, pfSense, OPNsense, 
Other news: BSDSec, BSDnow, BSD Magazine, DragonFlyBSD, p2k16, freeNAS, OpenBSD

BSDSec [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-16:19.sendmsg[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-16:18.atkbd
ReleasesHardenedBSD-stable 10-STABLE v46.1 HardenedBSD-10-STABLE-v46.1
----------------------------------------
https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...
https://github.com/HardenedBSD/hardenedBSD-stable/commits/HardenedBSD-10...
This release fixes CVE-1541 and CVE-2015-2304 in libarchive, a lot of Coverity warnings / programing errors and an overflow in amd64's sysarch system call (00696f0, eac2aab, bd784f7).

SoloBSD 10.3-STABLE-v46There is a new build of SoloBSD 10.3-STABLE based on the latest HardenedBSD stable branch version 46
Changelog v46You can grab it from Here. (61.7 Mb)root password: solobsd
SmallWall 1.8.4b10 beta releaseJust released a new beta with updated mini-httpd, and many t1n1wall changes ported in.
New stable version: HardenedBSD-stable 11-CURRENT v46.2HardenedBSD-11-CURRENT-v46.2 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...
UPDATE TO THIS RELEASE IS STRONGLY ADVISED!
This release fixes two locally exploitable security issue, namely the followings:
https://security.freebsd.org/advisories/FreeBSD-SA-16:19.sendmsg.asc
https://security.freebsd.org/advisories/FreeBSD-SA-16:18.atkbd.asc

pfSense 2.3.1-RELEASE Now Available!We are happy to announce the release of pfSense® software version 2.3.1!
This is a maintenance release in the 2.3.x series, bringing a number of bug fixes, two security fixes in the GUI, as well as security fixes for OpenSSL, OpenVPN and FreeBSD atkbd and sendmsg. The full list of changes is on the 2.3.1 New Features and Changes page.
This release includes a total of 103 bug fixes. 79 regressions in 2.3 have been fixed, mostly minor issues in the new GUI. Several of these are significant issues, and have resolved nearly all the post-upgrade problems encountered in 2.3-RELEASE. 24 issues affecting 2.2.x and prior versions have also been fixed.
If you haven’t yet caught up on the changes in 2.3.x, check out the Features and Highlights video. Past blog posts have covered some of the changes, such as the performance improvements from tryforward, and the webGUI update.

OPNsense 16.1.14 releasedHow about an update with your new NetFlow remote export. Or your local reporting frontend? Well, you can always use both if you like. Read all about it here: https://docs.opnsense.org/manual/netflow.html
Furthermore, we have added the brand new AQM CoDel version 0.2.1 to the mix, yesterday’s FreeBSD security advisories, released the HAProxy plugin, bundled a full Japanese translation.
There is also a refreshed website for our general viewing pleasure.
https://opnsense.org/

News Diving for BSD Perls | BSD Now 142This week on the show, we have all the latest news and stories! Plus an interview with BSD developer Alfred Perlstein, that you won’t want to miss. Sit tight, the show starts now on your place to B...SD! View attached file (624 MB, video/mp4)  BSD Magazine for May 2016 outThe May issue of BSD Magazine is available now.  There’s articles on ZFS, OpenBSD’s arc4random, an interview of Fernando Rodríguez of KeepCoding, and more.  It’s a free PDF download if you didn’t know.

eX, clisp, and DragonFlyDragonFly versions of TeX have been available for some time now.  However, Nelson Beebe, who is part of the TeX project, is having trouble building some related binaries – asymptote and clisp.  He could use help from anyone interested, to match up with this summer’s release of TeX 2016.
Mounting as non-root Read this email thread for how to mount devices (e.g. USB drives) in DragonFly when you aren’t root.

Code stuff p2k16 Hackathon Report: pirofti@ on octeon and TPM
DragonFly and xorg/xwayland
Interesting articles[How-To] Installing FreeBSD via a Serial Port
0Comments Direct Link to Article
In Other BSDs for 2016/05/21
DragonFlyBSD Digest - May 21, 2016, 1:02 pm UTC
Summer convention season is coming; start scheduling! Implementing pledge on linux using seccomp.  (via) pkgsrcCon 2016 is in about a month and a half (July 2-3).  They’re accepting talk proposals now, for lightning talks or extended presentations.  (via kamil on EFNet #dragonflybsd) A review of FreeBSD 10.3’s new features.  (via) BSD OS’ include GNU tools re-written […]
0Comments Direct Link to Article
BSDNow 142: Diving for BSD Perls
DragonFlyBSD Digest - May 19, 2016, 10:34 pm UTC
BSDNow 142 is out.  You might think the title is about Perl, the language, on BSD, but it’s because there’s an interview with FreeBSD developer Alfred Perlstein.  I’m sure he gets that a lot.  Among the other news on the episode is a note about ordering BSDNow shirts: do it today because it’s the last day they will […]
0Comments Direct Link to Article
Diving for BSD Perls | BSD Now 142
BSDnow - May 19, 2016, 11:41 am UTC
This week on the show, we have all the latest news and stories! Plus an interview with BSD developer Alfred Perlstein, that you won’t want to miss. Sit tight, the show starts now on your place to B...SD!
0Comments Direct Link to Article