Issue 121
Published September 7, 2022

Releases

No releases.

BSDSec

FreeBSD Security Advisory FreeBSD-SA-22:13.zlib: Applications that call inflateGetHeader may be vulnerable to a buffer overflow. Note that inflateGetHeader is not used by anything in the FreeBSD base system, but may be used by third party software.

FreeBSD Errata Notice FreeBSD-EN-22:20.tzdata: Several changes to future and past timestamps have been recorded in the IANA Time Zone Database after previous FreeBSD releases were released. This affects many users in different parts of the world. Because of these changes, the data in the zoneinfo files need to be updated. If the local timezone on the running system is affected, tzsetup(8) needs to be run to update /etc/localtime.

As always, it's worth following BSDSec. RSS feed and Twitter account available.

News

g2k22 Hackathon Report snmpd(8): Report on the recently-concluded g2k22 hackathon from Martijn van Duren (martijn@).

OpenBSD may soon gain further memory protections: immutable userland mappings: In a September 1st post to tech@ titled immutable userland mappings, Theo de Raadt (deraadt@) gave the a preview of code that may soon land in -current. This is about work that is upcoming, still not committed.

August Foundation Fundraising Update : The goal this year is to raise at a minimum $1,400,000 towards a spending budget of around $2,000,000. As of writing this report, they’ve brought in under $200,000 towards that goal.

HardenedBSD August 2022 Status Report: Report of activities in src, ports and hbsdfw.

Tutorials

New FreeBSD Quick Guide: Video Playback on FreeBSD: Setting up basic video playback on FreeBSD is quick and simple! In this guide, we’ll download and set up the xine video player on a fresh FreeBSD install. The xine multimedia player relies on the XWindow system and the XVideo extension to provide a graphical video playback interface.

Writing FreeBSD Kernel Modules in Rust: At present all major operating system kernels are written in C/C++, languages which provide no or minimal assistance in avoiding common security problems. Modern languages such as Rust provide better security guarantees by default and prevent many of the common classes of memory safety security bugs. In this post we will take a brief look at existing community efforts towards this goal and build a basic “Hello World” proof-of-concept kernel module for FreeBSD.

Did we miss anything?

This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.

Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).

Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.

Thanks for reading and see you next week! Stay safe!

Become a Sponsor! Become a Patron!