-
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #261 from DiscoverBSD/219
219
- Loading branch information
Showing
1 changed file
with
52 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| --- | ||
| title: Issue 219 | ||
| date: 2025-02-05T15:44:26Z | ||
| --- | ||
| FreeBSD security updates on etcupdate, ktrace, and NFS, FreeBSD Foundation's laptop project, and FOSDEM 2025 highlights and more. | ||
| <!-- more --> | ||
|
|
||
| ## Releases | ||
| No releases. | ||
|
|
||
| ## BSDSec | ||
| [FreeBSD Security Advisory: Unprivileged Access to System Files](https://bsdsec.net/articles/freebsd-security-advisory-freebsd-sa-25-03-etcupdate?utm_source=bsdweekly): The FreeBSD Project has released a security advisory for a vulnerability in the etcupdate utility, which manages updates to system files. A flaw allows unprivileged local users to access sensitive files, such as /etc/master.passwd, under certain conditions. This issue affects all supported versions of FreeBSD and has been corrected in the latest stable and release branches. Users are advised to update their systems via binary patches or source code patches to mitigate this risk. This advisory is crucial for FreeBSD administrators to ensure the security of their systems. | ||
|
|
||
| [FreeBSD Security Advisory on ktrace Vulnerability](https://bsdsec.net/articles/freebsd-security-advisory-freebsd-sa-25-04-ktrace?utm_source=bsdweekly): The FreeBSD Project has issued a security advisory for a vulnerability in the ktrace utility that can lead to uninitialized kernel memory disclosure. This issue, tracked as CVE-2025-0662, affects FreeBSD 14.2 and can allow an unprivileged userspace program to leak up to 14 bytes of kernel heap memory. The advisory provides details on the problem, its impact, and the steps to update and patch affected systems. Users are advised to upgrade to the corrected versions or apply the provided patches to mitigate the risk. | ||
|
|
||
| [FreeBSD Security Advisory: Buffer Overflow in NFS](https://bsdsec.net/articles/freebsd-security-advisory-freebsd-sa-25-02-fs?utm_source=bsdweekly): FreeBSD has issued a security advisory addressing a buffer overflow vulnerability in certain filesystems when exported via NFS. The affected filesystems include cd9660, tarfs, and ext2fs. This vulnerability can cause the NFS server to panic and potentially allow further exploitation. The advisory provides detailed information on the impact, affected versions, and steps to update and mitigate the issue. Users are urged to update their systems to the corrected versions to prevent potential security risks. | ||
|
|
||
| [FreeBSD Security Advisory: OpenSSH Keystroke Obfuscation Bypass](https://bsdsec.net/articles/freebsd-security-advisory-freebsd-sa-25-01-openssh?utm_source=bsdweekly): The FreeBSD Project has released a security advisory addressing a vulnerability in OpenSSH that affects keystroke timing obfuscation. The flaw, identified as CVE-2024-39894, allows a passive observer to detect keystrokes based on packet timing. This issue impacts FreeBSD versions 14.1 and earlier. Users are advised to upgrade their systems to the latest stable or release branch to mitigate the risk. The advisory provides detailed instructions for applying binary and source code patches. | ||
|
|
||
| [FreeBSD Errata Notice FreeBSD-EN-25:03.tzdata](https://bsdsec.net/articles/freebsd-errata-notice-freebsd-en-25-03-tzdata?utm_source=bsdweekly): The FreeBSD Project has released an errata notice for an update to the IANA Time Zone Database. This update affects all supported versions of FreeBSD and is crucial for users who rely on accurate time zone information. The notice provides detailed instructions for updating the system via binary patches or source code patches. Users are advised to update their systems to avoid displaying incorrect times and to ensure the proper functioning of applications that depend on the system time. | ||
|
|
||
| [FreeBSD Errata Notice FreeBSD-EN-25:02.audit](https://bsdsec.net/articles/freebsd-errata-notice-freebsd-en-25-02-audit?utm_source=bsdweekly): FreeBSD has released an errata notice addressing an issue where system call auditing is disabled by DTrace. This notice affects all supported versions of FreeBSD. The problem arises from a logic error when both system call auditing and DTrace system call tracing are enabled, leading to auditing being silently disabled. Privileged users can exploit this by running a DTrace script, which inhibits system call audit logging. The issue has been corrected in the latest stable and release branches, and users are advised to update their systems accordingly. | ||
|
|
||
| [FreeBSD Errata Notice FreeBSD-EN-25:01.rpc](https://bsdsec.net/articles/freebsd-errata-notice-freebsd-en-25-01-rpc?utm_source=bsdweekly): The FreeBSD Project has released an errata notice addressing a NULL pointer dereference in the NFSv4 client. This vulnerability can cause a kernel panic in FreeBSD systems mounting a NFSv4 server with delegations enabled. The issue affects FreeBSD 14.1 and has been corrected in stable and release branches. Users are advised to update their systems and reboot to apply the fix. | ||
|
|
||
| As always, it's worth following [BSDSec](https://bsdsec.net). [RSS feed](https://bsdsec.net/articles.atom) and [Twitter account](https://twitter.com/bsdsec) available. | ||
| ## News | ||
| [Laptop Support and Usability Project: First Monthly Report](https://freebsdfoundation.org/blog/laptop-support-and-usability-project-update-first-monthly-report-community-initiatives/?utm_source=bsdweekly): The FreeBSD Foundation's Laptop Support and Usability Project has released its first monthly report. Key updates include new documentation for updating DRM drivers from Linux to FreeBSD, progress on the Intel WiFi driver, and porting graphics drivers from Linux 6.7. The report also highlights the launch of the Laptop Desktop Working Group, which aims to enhance FreeBSD usability on laptops and desktops through community collaboration. This initiative is valuable for BSD users interested in improving and staying updated on FreeBSD's laptop support. | ||
|
|
||
| [FOSDEM 2025: Insights from BSD Devroom and Open Source Conference](https://gyptazy.com/fosdem-2025-insights-from-the-opensource-conference-amp-the-bsd-devroom-in-brussels-belgium/?utm_source=bsdweekly): FOSDEM 2025 in Brussels, Belgium, celebrated its 25th anniversary as a premier open-source conference. The event featured a BSD Devroom, talks on security audits, modern standby implementations, and discussions on making NetBSD a faster-booting microVM. Highlights included socializing with fellow BSD enthusiasts and discussions on the BoxyBSD project. The conference also marked Global Switch Day, encouraging the transition to open-source alternatives. Despite organizational challenges and overcrowding, FOSDEM remains a vital gathering for the open-source community, offering valuable insights and networking opportunities for BSD users. | ||
|
|
||
| [BSD Now 596: Globbing etc ](https://www.bsdnow.tv/596?utm_source=bsdweekly): Ridding my home network of IP addresses, Tools for Identifying and Resolving Storage Bottlenecks, OpenBGPD 8.7 released, Let's port the GNAT Ada compiler to macOS/aarch64, Modify an OmniOS service parameters, The history and use of /etc/glob in early Unixes, and more. | ||
|
|
||
| [FreeBSD Software Pick for February 2025](https://www.youtube.com/watch?v=NQfuKF85hdE&utm_source=bsdweekly): It's not all serious work with FreeBSD, we users can have a little bit of fun too....and in this video we present some games that we have picked for you to try during February. They all revolve around shapes ...sort of. | ||
|
|
||
| ## Tutorials | ||
| [Tweaking the GhostBSD Sound System](https://www.youtube.com/watch?v=1ipB7AWJwuU&utm_source=bsdweekly): GhostBSD is pretty much complete out of the box, but perhaps you need to tweak the sound subsystem a little? Well, we do just that in this video. | ||
|
|
||
| [FreeBSD Alongside Windows](https://vermaden.wordpress.com/2025/02/02/freebsd-alongside-windows/?utm_source=bsdweekly): This guide provides detailed instructions on how to install FreeBSD alongside an existing Windows installation without altering the Windows bootloader. The article explains the process of shrinking the Windows partition, creating a temporary FAT32 partition, and using FreeBSD tools to install the operating system. It also covers adding a FreeBSD entry to the Windows bootloader for seamless dual-booting. This resource is valuable for BSD enthusiasts looking to run FreeBSD natively on their PCs while keeping their Windows setup intact. The step-by-step approach ensures that users can safely experiment with FreeBSD without risking their existing Windows environment. | ||
|
|
||
| [OPNsense 25.1 Is Here! What's Hidden Inside? ](https://www.youtube.com/watch?v=5nSSJbe6-ms&utm_source=bsdweekly): The latest version of OPNsense, 25.1, has arrived - and it’s packed with exciting updates and improvements. This video walks you through all the major updates and new features packed into this release, including the upgrade to the latest version of FreeBSD, 14.2-RELEASE. This base system upgrade ensures better performance, enhanced stability, and cutting-edge compatibility for your network environment. | ||
|
|
||
| [Mastering DNS for Enhanced Network Efficiency](https://klarasystems.com/articles/controlling-core-infrastructure-dns-server-setup/?utm_source=bsdweekly): This article discusses the importance of setting up and managing your own DNS server to improve network performance, privacy, and control. It highlights the limitations of relying on ISP-provided DNS servers and provides a step-by-step guide to configuring a local DNS server using FreeBSD. Key points include the basics of DNS queries, the benefits of caching DNS lookups locally, and how to mitigate issues with IoT devices. The article also covers the configuration of Unbound, a popular DNS server software, and offers insights into optimizing DNS performance. | ||
|
|
||
| ### Did we miss anything? | ||
| This newsletter is made from your content on [DiscoverBSD](https://discoverbsd.com) and [BSDSec](https://bsdsec.net). Submit the stuff we missed so it can appear next time. | ||
|
|
||
| Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free). | ||
|
|
||
| **Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.** | ||
|
|
||
| Thanks for reading and see you next week! Stay safe! |