Issue 65
Published April 21, 2021

This week we look at the new release from FreeBSD, OpenBSD Errata and latest news and tutorials from the BSD world.

Releases

FreeBSD 13.0-RELEASE Now Available: The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 13.0-RELEASE. This is the first release of the stable/13 branch. Some of the highlights:

  • The clang, lld, and lldb utilities and compiler-rt, llvm, libunwind, and libc++ libraries have been updated to version 11.0.1.
  • Removed the obsolete version of the GNU debugger that was installed to /usr/libexec for use by crashinfo(8). Detailed kernel crash information can be obtained by installing modern GDB from ports or packages.
  • Removed the obsolete binutils 2.17 and gcc(1) 4.2.1 from the tree. All supported architectures now use the LLVM/clang toolchain.
  • The BSD version of grep(1) is now installed by default. The obsolete GNU version that was the previous default has been removed.
  • Removed CU-SeeMe support from libalias(3).
  • The qat(4) driver has been added, supporting some of the cryptographic acceleration functions of the Intel QuickAssist (QAT) device. The qat(4) driver supports the QAT devices integrated with Atom C2000 and C3000 and Xeon C620 and D-1500 platforms, and the Intel QAT Adapter 8950.
  • Several deprecated drivers have been removed.
  • Several drivers have been ported to the PowerPC64 architecture.
  • The kernel now supports in-kernel framing and encryption of Transport Layer Security (TLS) data on TCP sockets for TLS versions 1.0 through 1.3. Transmit offload via in-kernel crypto drivers is supported for MtE cipher suites using AES-CBC as well as AEAD cipher suites using AES-GCM. Receive offload via in-kernel crypto drivers is supported for AES-GCM cipher suites for TLS 1.2. Using KTLS requires the use of a KTLS-aware userland SSL library. The OpenSSL library included in the base system does not enable KTLS support by default, but support can be enabled by building with the WITH_OPENSSL_KTLS option
  • The 64-bit ARM architecture known as arm64 or AArch64 is promoted to Tier-1 status for FreeBSD 13.
  • And much more...

BSDSec

OpenBSD Errata: April 13th, 2021 (xi): Errata patches for the X server have been released for OpenBSD 6.7 and 6.8. Input validation failures in X server XInput extension can lead to privileges elevations for authorized clients. Binary updates for the amd64, i386, and arm64 platforms are available via the syspatch utility.

As always, it's worth following BSDSec. RSS feed and Twitter account available.

News

HyperBK (Hyper Berkeley Kernel): HyperBK (Hyper Berkeley Kernel), a BSD descendant kernel with GPL-compatible licenses preserved, non-compatible ones removed, and new code written under GPLv3.

Valuable News – 2021/04/19 : The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems.

Distrowacth reviews helloSystem 0.5.0 : Unfortunately the operating system's live media failed to boot on their test systems, systems which can run FreeBSD, and so they put it aside to try another project.

LibreSSL 3.3.2 Released : This is the last development release for the 3.3.x branch before it is declared stable.

Tutorials

FreeBSD Desktop – Part 23 – Configuration – Herbe Notifications: Very small and compact solution for notifications on X11 desktop – herbe – as its author describes it – its daemon-less notifications without D-Bus. Minimal and lightweight.

How to Configure DNS over TLS (DoT) Using Unbound DNS in OPNsense: Since Unbound DNS in OPNsense does not support DNS over HTTPS (DoH) directly, it was necessary to use the DNSCrypt-Proxy plugin. The plugin also supports DNS over TLS (DoT). However, Unbound gained native support for DoT at some point in time, which is very nice. Because of built-in support for DoT, the configuration of DNS over TLS becomes pretty trivial.

FreeBSD iostat – A Quick Glance: iostat provides a window into the i/o effort of the storage subsystem. You can use it to determine usage patterns, bottlenecks and poor behavior at a glance. It can produce data to support conclusions and suggest further avenues of investigation when used judiciously. In this article, we will dissect its output and introduce disk subsystem troubleshooting using statistical output from iostat.

FreeBSD 13 released: Here is how to upgrade FreeBSD 12 to 13: The FreeBSD project released FreeBSD version 13. The new version comes with updated software and features for a wild variety of architectures. The latest release provides performance improvements and better support for FreeBSD. One can benefit greatly using an upgraded version of FreeBSD. Let us see what’s new and quickly update FreeBSD 12 to 13 using the CLI.

Did we miss anything?

This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.

Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).

Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.

Thanks for reading and see you next week! Stay home and stay safe!