Issue 208
Published November 06, 2024

BSD Security news and more.

Releases

FreeBSD 14.2-BETA1 Available: The first BETA build for the FreeBSD 14.2 release cycle is now available. ISO images for the amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv7, aarch64, and riscv64 architectures are FreeBSD mirror sites.

BSDSec

OpenBSD Errata: October 31, 2024 (aplsmc): Errata patches for Apple system management controller have been released for OpenBSD 7.6 and 7.5. Binary updates for the arm64 platform are available via the syspatch utility.

FreeBSD Security Advisory FreeBSD-SA-24:19.fetch: The fetch(3) library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch(1) to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a certificate included in the revocation file passed to the –crl option.

FreeBSD Security Advisory FreeBSD-SA-24:18.ctl: The command ctl_persistent_reserve_out allows the caller to specify an arbitrary size which will be passed to the kernel’s memory allocator. A malicious guest could cause a Denial of Service (DoS) on the host. IV. Workaround No workaround is available. Systems not using virtio_scsi(4) or ctld(8) are not affected.

FreeBSD Security Advisory FreeBSD-SA-24:17.bhyve: Several vulnerabilities were found in the bhyve hypervisor’s device models. The NVMe driver function nvme_opc_get_log_page is vulnerable to a buffer over- read from a guest-controlled value. (CVE-2024-51562) The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race condition. (CVE-2024-51563) A guest can trigger an infinite loop in the hda audio driver. (CVE-2024-51564) The hda driver is vulnerable to a buffer over-read from a guest-controlled value. (CVE-2024-51565) The NVMe driver queue processing is vulernable to guest-induced infinite loops. (CVE-2024-51565).

FreeBSD Errata Notice FreeBSD-EN-24:17.pam_xdg: As a user logs in, if the per user XDG_RUNTIME_DIR directory already exists, a file descriptor to that directory is leaked in the calling process. This leaked directory file descriptor is inherited by all descendant processes that do not explicitly close it. In particular, it prevents an administrator from using jexec(8) or launching a new jail via jail(8), as both commands use the jail_attach(2) system call which fails with EPERM if the calling process has an open directory in its file descriptor table, as a security measure to prevent jail escape. This file descriptor leak is normally harmless from a security standpoint as the XDG_RUNTIME_DIR directory’s content is usually readable and modifiable only by its owner and its group.

OpenBSD Errata: October 29, 2024 (xserver ssh): Errata patches for X11 server have been released for OpenBSD 7.6 and 7.5. Errata patch for OpenSSH has been released for OpenBSD 7.6. Binary updates for the amd64, arm64 and i386 platform are available via the syspatch utility. OpenSSH update only affects big-endian architectures, syspatch is not provided for such platforms.

As always, it’s worth following BSDSec. RSS feed and Twitter account available.

News

FreeBSD At 30: The History And Future Of The Most Popular BSD-Based OS: Probably not too many people around the world celebrated November 1st, 2023, but on this momentous date FreeBSD celebrated its 30th birthday. As the first original fork of the first complete and open source Unix operating system (386BSD) it continues the legacy that the Berkeley Software Distribution (BSD) began in 1978 until its final release in 1995. The related NetBSD project saw its beginnings somewhat later after this as well, also forking from 386BSD. NetBSD saw its first release a few months before FreeBSD’s initial release, but has always followed a different path towards maximum portability unlike the more generic nature of FreeBSD which – per the FAQ – seeks to specialize on a limited number of platforms, while providing the widest range of features on these platforms.

Valuable News – 2024/11/04: The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX/BSD/Linux systems.

HardenedBSD October 2024 Status Report: This status report covers both September and October 2024 and talks about changes in source tree, ports and more.

BSD Now 583: A host of self-hosters: Run Linux Containers on FreeBSD 14 with Podman, Open Source FreeBSD NAS: Maintenance Best Practices, Self-hosting Bitwarden / VaultWarden on FreeBSD, I most definitely should (self-host)!, My 71 TiB ZFS NAS After 10 Years and Zero Drive Failures, Make Your Own CDN With OpenBSD Base and Just 2 Packages, and more.

Tutorials

Operate Android Device on FreeBSD: Do you want to run some software that does not have FreeBSD package? With the help of SCRCPY you can control any Android device from a desktop computer.

Did we miss anything?

This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.

Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).

Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.

Thanks for reading and see you next week! Stay safe!

Become a Sponsor! Become a Patron!

We won't spam you. Unsubscribe any time.