MidnightBSD security updates for xz and expat vulnerabilities, BSD Now 605 highlights, and more.
Releases
No releases.
BSDSec
MNBSD-2025-3: MidnightBSD versions using xz 2.4.x or higher are vulnerable to a DOS in the multithreaded liblzma decompress code. This includes 3.2.x before 3.2.3 and 4 current before earlier. Patch applied to stable/3.2 branch. 4-current updated to 5.6.3 and then patch applied.
MNBSD-2025-2: stack overflow in expat: Recent security vulnerabilities have been identified in the expat library (bsdxml in the base system). These issues have been addressed by updating to expat 2.7.1 in the current and stable/3.2 branches. The update will be included in the upcoming MidnightBSD 3.2.3 release. Users are advised to apply the updates to mitigate potential risks.
As always, it’s worth following BSDSec. RSS feed available.
News
Valuable News: UNIX, BSD, Linux Updates for 2025/04/07: The “Valuable News” weekly series provides summaries of news, articles, and updates primarily related to UNIX/BSD/Linux systems. This edition highlights recent developments in OpenBSD, FreeBSD, hardware innovations, and other relevant tech news. Key updates include FreeBSD’s progress on laptop support, OpenBSD’s advancements, and notable hardware releases like the Bolt Graphics Zeus GPU.
BSD Now 605: Fediverse Weather Service and Essential BSD Topics: This episode of BSD Now covers FediMeteo, a global weather service running on a small FreeBSD VPS, and discusses critical topics like controlling NTP for core infrastructure. Additional segments include setting up a 2013 Mac Pro as a FreeBSD desktop, terminal tips, and efficient file copying techniques. The hosts also address listener feedback and provide insights into BSD system management.
Tutorials
Wrangling JSON in base FreeBSD using flua: Flua is Lua, built into FreeBSD base, and includes an ever-growing set of libraries to make it even easier to automate FreeBSD.
Setting Up a Minecraft Server in a FreeBSD Jails Container: This guide walks you through setting up a Minecraft server inside a FreeBSD Jails container. Unlike Docker or Podman, FreeBSD Jails offer a secure and lightweight containerization solution. The process involves preparing the FreeBSD environment, creating and configuring the Jail, building the Minecraft server from FreeBSD Ports, and connecting to the server using the Minecraft client. The steps include fetching the FreeBSD base system, setting up the Jail configuration, installing necessary packages, and configuring the Minecraft server. This method ensures a secure and isolated environment for running the Minecraft server.
OpenZFS Cheat Sheet: A Quick Guide for FreeBSD Users: OpenZFS provides enterprise-level storage features for FreeBSD and other systems, offering stability, data integrity, and cost-effectiveness. This cheat sheet covers essential features like creating storage pools, RAID configurations, and dataset management. It also includes commands for snapshots, clones, encryption, and maintenance tasks like scrub operations. Whether you’re a beginner or an experienced admin, this resource helps you deploy and manage OpenZFS efficiently.
Did we miss anything?
This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.
Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).
Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.
Thanks for reading and see you next week! Stay safe!