Issue 107
Published April 13, 2022

FreeBSD 13.1 RC plus all the latest news and tutorials from the BSD world.

Releases

FreeBSD 13.1-RC2 Available: The second RC build for the FreeBSD 13.1 release cycle is now available. ISO images for the amd64, i386, arm64, powerpc64, and powerpcspe architectures are FreeBSD mirror sites.

BSDSec

FreeBSD Security Advisory FreeBSD-SA-22:04.netmap: On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.

FreeBSD Security Advisory FreeBSD-SA-22:06.ioctl: Users with access to the mpr, mps or mpt device node may overwrite heap data, potentially resulting in privilege escalation. Note that the device node is only accessible to root and members of the operator group.

FreeBSD Security Advisory FreeBSD-SA-22:05.bhyve: A misbehaving bhyve guest could overwrite memory in the bhyve process on the host, possibly leading to code execution in the host context. The bhyve process runs in a Capsicum sandbox, which (depending on the FreeBSD version and bhyve configuration) limits the impact of exploiting this issue.

FreeBSD Security Advisory FreeBSD-SA-22:08.zlib: Certain inputs can cause zlib’s compression routine to overwrite an internal buffer with compressed data. This issue may require the use of uncommon or non-default compression parameters.

FreeBSD Security Advisory FreeBSD-SA-22:07.wifi_meshid: While a FreeBSD Wi-Fi client is in scanning mode (i.e., not associated with a SSID) a malicious beacon frame may overwrite kernel memory, leading to remote code execution.

As always, it’s worth following BSDSec. RSS feed and Twitter account available.

News

BSD Now 449: FreeBSD Status Report 4th Quarter 2021, Reproducible clean $HOME in OpenBSD using impermanence, Making RockPro64 a NetBSD Server, helloSystem 0.7.0 is out, lazy approach to FreeBSD dual-booting, going to jail, and more.

Tutorials

Building Your Own FreeBSD-based NAS with ZFS: Let’s talk about building your own NAS on FreeBSD. The first step – researching hardware. When it comes to researching NAS hardware, it’s easy to get lost in the dizzying array of technologies, vendor datasheets touting performance and reliability stats. While we can’t tell you what hardware to buy in an article, we can discuss some of the factors to consider as you research which hardware best meets your storage requirements.

Did we miss anything?

This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.

Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).

Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.

Thanks for reading and see you next week! Take a vaccine and stay safe!

Become a Sponsor! Become a Patron!

We won't spam you. Unsubscribe any time.