HardenedBSD 14-STABLE, many FreeBSD security advisiories and more.
HardenedBSD 14-STABLE Now Available: HardenedBSD 14-STABLE is now officially a thing. Haven’t seen any changelog, yet. Installers are at https://installers.hardenedbsd.org/pub/14-stable/ and package builder at https://hbsd-pkg-14-stable-01.hardenedbsd.org/index.html.
FreeBSD Security Advisory FreeBSD-SA-23:10.pf: IPv6 fragments may bypass firewall rules written on the assumption all fragments have been reassembled and, as a result, be forwarded or processed by the host.
FreeBSD Errata Notice FreeBSD-EN-23:11.caroot: Several certificates were added to the bundle after the latest release of FreeBSD 13.2. TLS connections using the missing root certificates as a trust anchor would not be trusted causing an error.
FreeBSD Errata Notice FreeBSD-EN-23:10.pci: The code which allocated the hot-plug interrupt did not allocate MSI-X vectors properly. When attaching to devices which support only MSI-X messages, the interrupt would not be allocated. PCIe hot-plug would fail to work for certain devices. In particular, this affects certain Amazon EC2 instance types which require functional hot-plug support in order to attach network devices.
FreeBSD Errata Notice FreeBSD-EN-23:09.freebsd-update: freebsd-update incorrectly deleted files in
/etc/ in the event the file to be updated matched the new release and was different than the old release. This has not been an issue previously because the
$FreeBSD$ tag expansion from subversion virtually guaranteed the existing file was going to be different from the new release. With the conversion to git in the 13.x releases,
$FreeBSD$ is no longer expanded, making it much more likely that a file would find this issue.
Valuable News – 2023/09/11: The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems.
BSD Now 523: The Elements Of Style: UNIX As Literature, The shell and its crappy handling of whitespace, Theo de Raadt on Zenbleed, OPNsense 23.7 released, illumos gets a new C compiler, fixing Thinkpad X1 WIFI on FreeBSD, and more.
Valuable News – 2023/09/04: The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems.
Did we miss anything?
Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).
Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.
Thanks for reading and see you next week! Stay safe!