Some FreeBSD and OpenBSD erratas and more.
Releases
No releases.
BSDSec
FreeBSD Errata Notice FreeBSD-EN-23:16.openzfs: FreeBSD has included a version of the powerful and feature-rich ZFS file system beginning with FreeBSD 7.0 released in 2008. The ZFS implementation in FreeBSD 12 and earlier is based on the Illumos ZFS codebase. In FreeBSD 13 and later OpenZFS is used as the ZFS implementation. Sparse files in a file system refer to a technique that optimizes storage space by allowing the creation of files with unallocated or unwritten gaps, known as holes. When reading a file, holes appear as zero or NUL bytes. Certain system calls can access hole location metadata, including lseek(2) with SEEK_HOLE and copy_file_range(2). In OpenZFS a dnode is a data structure used to represent and manage metadata about files and directories. In file systems, “dirty” refers to data or metadata that has been modified in memory but not yet written to the storage device. Thus, a dirty dnode is one which has uncommitted data or metadata. In FreeBSD 13.2 and FreeBSD 14.0 cp(1) uses copy_file_range(2) to perform the data copying in the kernel. copy_file_range attempts to find file holes in the source file and preserve them in the copy. In FreeBSD 12.4 cp does not use copy_file_range. A check did not test both the dnode itself and its data for dirtiness. This provides a very small window of time while a file is being modified where the dirtiness check can falsely report that the dnode is clean. If this happens a hole may incorrectly be reported where data was written. If an access occurs while a file is being modified and a hole is incorrectly reported, the data may instead be interpreted as zero bytes. Any application which checks for holes may be affected by this issue; if this occurs during a file copy it will result in a corrupt copy that retains the incorrect data. Note that the source file remains intact (a subsequent read will return the correct data).
FreeBSD Errata Notice FreeBSD-EN-23:15.sanitizer: Compiler-RT is an implementation of various compiler runtime support routines, provided by the LLVM project. This library also provides a number of so-called Sanitizers, which help to catch buffer overruns, thread data races, and so on: AddressSanitizer, ThreadSanitizer, UndefinedBehaviorSanitizer, and more. Some of the Sanitizers cannot work correctly when ASLR is enabled. Therefore, at the initialization of such Sanitizers, ASLR is detected via procctl(2). If ASLR is enabled, it is first disabled, and then the main executable containing the Sanitizer is re-executed, after printing an appropriate message. However, the Sanitizers work by intercepting various function calls, and by mistake the already-intercepted procctl(2) function was used. This causes an internal error, which usually results in a segfault. Binaries linked to AddressSanitizer (using -fsanitizedress), MemorySanitizer (using -fsanitize=memory) or ThreadSanitizer (using -fsanitize=thread) can crash at startup with a segfault, if ASLR is enabled. Other binaries are not affected.
OpenBSD Errata: November 29, 2023 (perl): Errata patches for Perl have been released for OpenBSD 7.4 and 7.3. Binary updates for the amd64, arm64 and i386 platform are available via the syspatch utility.
As always, it’s worth following BSDSec. RSS feed and Twitter account available.
News
Valuable News – 2023/12/04: The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems.
BSD Now 535: Untitled Episode: FreeBSD 14 has been released, Reading your RSS feed on FreeBSD, Manipulate PDF files easily with pdftk, clang(1)/llvm updated to version 16 in OpenBSD, NetBSD Security Advisory: multiple vulnerabilities in ftpd(8), and more.
Tutorials
OpenZFS Storage Best Practices and Use Cases – Part 2: File Serving and SANs: In our continuing series of ZFS best practices, they examine several of the most common use cases around file serving, and provide configuration tips and best practices to get the most out of your storage.
Did we miss anything?
This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.
Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).
Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.
Thanks for reading and see you next week! Stay safe!