Still running FreeBSD 11.3? Time to upgrade as it reaches EOL. We also take a look at the rest of BSD world with latest SAs, releases, news and tutorials.
FreeBSD 11.3 end-of-life
As of September 30, 2020, FreeBSD 11.3 will reach end-of-life and will no longer be supported by the FreeBSD Security Team. Users of FreeBSD 11.3 are strongly encouraged to upgrade to a newer release as soon as possible.
The currently supported branches and releases and their expected end-of-life dates are:
| Branch | Release | Release Date | Estimated EoL |
|---|---|---|---|
| stable/12 | N/A | N/A | June 30, 2024 |
| releng/12.1 | 12.1-RELEASE | November 4, 2019 | 12.2-RELEASE + 3 months |
| stable/11 | N/A | N/A | September 30, 2021 |
| releng/11.4 | 11.4-RELEASE | June 16, 2020 | stable/11 end-of-life |
Releases
OPNsense 20.7.2 Released: While team is still looking closer at netmap/iflib performance on 12.1, they are rolling out a kernel with Intel em/igb updates that should avoid bad packet counts in the default installation. Syslog-ng received a workaround for the diagnosed startup issue and alias now supports MAC address content similar to how host content works.
MidnightBSD 1.2.8: There was a security issue in dhclient. They’ve created new ISOs for 1.2.8 for those installing from scratch. If you are on 1.2.7, you can simply update the source from git for stable/1.2 branch and rebuild dhclient.
BSDSec
5 new FreeBSD Security Announcements and Errata notices: There have been 5 new Security Announcements and Errata notices for FreeBSD. They concern linuxthread, ipv6, sctp, getfsstat and dhclient.
Following FreeBSD, there are multiple advisories affecting MidnightBSD 1.2.x and current.
OpenBSD Errata: September 5th, 2020 (amdgpu): Errata patches for the kernel have been released for OpenBSD 6.6 and 6.7. A buffer overflow was discovered in an amdgpu ioctl. Binary updates for the amd64 and arm64 platforms are available via the syspatch utility. As these affect the kernel, a reboot will be needed after patching.
As always, it’s worth following BSDSec. RSS feed and Twitter account available.
News
CVE-2020-7460: FreeBSD Kernel Privilege Escalation: In August, an update to FreeBSD was released to address a time-of-check to time-of-use (TOCTOU) bug that could be exploited by an unprivileged malicious userspace program for privilege escalation. This vulnerability was reported to the ZDI program by a researcher who goes by the name m00nbsd. He has graciously provided this write-up and proof-of-concept code detailing ZDI-20-949/CVE-2020-7460.
If you’ve got a newer i219 ethernet chipset – it’s now supported in DragonFly.
The FreeBSD Foundation is pleased to announce that Kevin Bowling and Andrew Wafaa have joined the Board of Directors.
bhyve: The FreeBSD Hypervisor: bhyve was originally designed and implemented by Neel Natu, and a small team at NetApp grew the functionality over time. This project was eventually shelved, but the code was open sourced and contributed to FreeBSD in May of 2011. After that, it has seen continuous development ever since.
Tutorials
What FreeBSD can offer you that other operating systems does not? This post is not here to convince you to use or try FreeBSD – this you will have to do by yourself. This article will show you why FreeBSD is valuable or better alternative to other operating systems and is definitely not dying.
Find which package provides a given file in OpenBSD: There is one very hand package on OpenBSD and it’s pkglocatedb which provides the command pkglocate. If you need to find a file or binary/program and you don’t know which package contains it, use pkglocate.
More
As always, there are more sources of BSD goodness. Latest BSD Now talks about OpenZFS with ZSTD lands in FreeBSD 13, LibreSSL doc status update, FreeBSD on SPARC64 (is dead), Bringing zpool checkpoints to a FreeBSD bootloader, and more.
The Valuable News weekly series is dedicated to providing summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems. The latest is from 2020-09-07.
In Other BSDs for 2020/09/05 is out, too.
Did we miss anything?
This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.
Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.
Thanks for reading and see you next week! Stay home and stay safe!