Issue 198
Published August 14, 2024

FreeBSD 13.4 second Beta and more.

Releases

FreeBSD 13.4-BETA2 Available: The second BETA build for the FreeBSD 13.4 release cycle is now available. ISO images for the amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv6, armv7, aarch64, and riscv64 architectures are FreeBSD mirror sites.

BSDSec

FreeBSD Security Advisory FreeBSD-SA-24:07.nfsclient [REVISED]: For example, a program copying files from an NFS mount could be tricked into copying from outside the intended source directory, and/or to a location outside the intended destination directory.

FreeBSD Security Advisory FreeBSD-SA-24:08.openssh: As a result of calling functions that are not async-signal-safe in the privileged sshd(8) context, a race condition exists that a determined attacker may be able to exploit to allow an unauthenticated remote code execution as root.

FreeBSD Security Advisory FreeBSD-SA-24:07.nfsclient: For example, a program copying files from an NFS mount could be tricked into copying from outside the intended source directory, and/or to a location outside the intended destination directory.

FreeBSD Security Advisory FreeBSD-SA-24:06.ktrace: The bug may be used by an unprivileged user to read the contents of files to which they would not otherwise have access, such as the local password database.

FreeBSD Security Advisory FreeBSD-SA-24:05.pf: ICMPv6 packets with identifier value of zero bypass firewall rules written on the assumption that the incoming packets are going to create a state in the state table.

FreeBSD Errata Notice FreeBSD-EN-24:14.ifconfig: FreeBSD hosts which still rely on default network mask assignment and have addresses in the old class A (0.0.0.0-127.255.255.255) or class C (192.0.0.0-223.255.255.255) ranges will have an incorrect network mask. The exact consequences will vary depending on the direction of the error and the relative positions of the affected host and its default router within the local address space. Affected hosts should still be able to communicate with at least a subset of their local network, and may also be able to communicate with a subset of the wider network, but will typically lose the ability to communicate with any address which is not within both the actual local address space and the misconfigured local address space. This may include their default router.

As always, it’s worth following BSDSec. RSS feed available.

News

Valuable News – 2024/08/12: The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX/BSD/Linux systems.

BSD Now 571: Cloud Chaos: Navigating FreeBSD’s New Quarterly and Biennial Release Schedule, EuroBSDCon 2024 Schedule, From Cloud Chaos to FreeBSD Efficiency, Local-to-anchors tables in PF rules, CloudBSD, and more.

OpenBSD -current moves to 7.6-beta: OpenBSD -current has moved to 7.6-beta in preparation for the next release. The release is traditionally about November 1st, but we shall see what happens this year. Snapshots are already beginning to show up on the mirrors.

Valuable News – 2024/08/05: The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX/BSD/Linux systems.

Tutorials

Bhyve Virtual-Machine Control Panel: This article is a short walk-through of BVCP, a management platform for Bhyve, featuring a Web-based administration console.

Running Splunk forwarder on a FreeBSD 14 host: Splunk has not upgraded their splunk forwarder agent to support FreeBSD 14.x. In this article you’ll see how you can use the Linux splunk forwarder agent on FreeBSD.

How to deploy a Cardano relay on FreeBSD: Thanks to cardanobsd.org getting a Cardano relay setup is a very easy task. In fact, if you have a working FreeBSD 13.2 installation ( AMD64 OR ARM64 ) this task can take under 5 minutes.

Extract text from a PNG and PDF with FreeBSD: There are times when the ability to grab text from an image file or PDF can be very useful. This video will show you how using Tesseract.

Remote Desktop using RDP and VNC: Author’s initial questioning was on the opportunity to run a desktop environment using virtual machines provided by the OpenBSD vmd(8). But vmd(8) doesn’t feature graphics, as of OpenBSD 7.5. Let’s see if this can be achieved anyway.

Did we miss anything?

This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.

Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).

Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.

Thanks for reading and see you next week! Stay safe!

Become a Sponsor! Become a Patron!

We won't spam you. Unsubscribe any time.