Issue 282
Published June 10, 2026

FreeBSD 15.1-RC3 release, OpenBSD boot-time relinking for httpd/smtpd, NetBSD AGM updates and more.

Releases

FreeBSD 15.1-RC3 Available: The third release candidate build for the FreeBSD 15.1 release cycle is now available. ISO images for the amd64, armv7, aarch64, powerpc64, powerpc64le, and riscv64 architectures are FreeBSD mirror sites.

BSDSec

No security announcements.

As always, it’s worth following BSDSec. RSS feed available.

News

Valuable News - 2026/06/08: This week’s roundup covers FreeBSD 15.1-RC3, OpenBSD updating clang/lld to 22.1.6 and adding boot-time relinking for httpd and smtpd, NetBSD’s GSoC 2026 contributors, an analysis of a compromised pfSense firewall, using object storage with OpenZFS and SeaweedFS, and more.

NetBSD Foundation 2026 Annual General Meeting: Board, Core, and Team Reports: The NetBSD Foundation’s 2026 AGM covers progress on NetBSD 11.0 (now at RC5), the CVS-to-Git/Mercurial migration, and infrastructure challenges like LLM scraping and hardware aging. Highlights include five Google Summer of Code projects, CNA onboarding for security advisories, and plans to streamline release cycles. The full IRC log details team updates from core, admins, releng, and security.

Random relinking at boot comes to httpd(8) and smtpd(8): OpenBSD now randomizes the link order of httpd and smtpd at boot, extending the anti-exploit measure already used by sshd. Theo de Raadt’s commits split smtpd into six privsep binaries for finer-grained relinking and add a generalized RELINK mechanism in bsd.prog.mk to simplify future adoption. The changes are available in snapshots for testing.

BSD Now 666: Everyone gets an LPE: fatgid exploit details, why ZFS excels for multi-user media production, and a guide to hosting a private pkg repo behind mutual TLS for secure BSD package distribution.

April 2026 Frankfurt FreeBSD Hackathon Recap: The FreeBSD community hosted its first regional hackathon in Frankfurt, Germany, from April 24–26, 2026, drawing 25 participants from across Europe, including experienced committers and newcomers. Held at a sponsored Innovation Lab, the event featured intensive hacking sessions and yielded key contributions, such as closing 120 bugs, implementing Software Bill of Materials (SBOM) functionality, and completing a German translation of the Sylve tool. The hackathon also facilitated networking and informal discussions during a sponsored barbecue lunch, with organizers expressing plans to repeat the event in future years due to its success.

EuroBSDCon 2026 Travel Grant Applications Now Open: The FreeBSD Foundation announced that travel grant applications are now open for EuroBSDCon 2026, taking place September 9–13, 2026, in Brussels, Belgium. Application deadline: July 7, 2026.

Tutorials

Aggressive caching for a Mastodon reverse proxy on FreeBSD: Author details how to cache Mastodon with nginx on FreeBSD while handling content negotiation correctly, covering cache keys for HTML/ActivityPub/JSON variants, bypass rules for private traffic, and TTL strategies for assets, media, and dynamic pages. The guide includes production-tested configurations for thundering-herd protection, failover, and logging to verify cache behavior.

Did we miss anything?

This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.

Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).

Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.

Thanks for reading and see you next week! Stay safe!

Become a Sponsor! Become a Patron!

We won't spam you. Unsubscribe any time.