Posts in category deadsimple BSD Security Advisories and Announcements
[FreeBSD-Announce] FreeBSD 12.0-RELEA...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
FreeBSD 12.0-RELEASE Announcement
The FreeBSD Release Engineering Team is pleased to announce the
availability of FreeBSD 12.0-RELEASE. This is the first release of the
stable/12 branch.
Some of the highlights:
* OpenSSL has been updated to version 1.1 [...]
[FreeBSD-Announce] FreeBSD Security A...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-18:14.bhyve Security Advisory
The FreeBSD Project
Topic: Insufficient bounds checking in bhyve(8) dev [...]
OpenBSD Errata: November 29th, 2018 (...
Errata patches for vmd have been released for OpenBSD 6.4.
Writing more than 4GB to a qcow2 volume corrupts the virtual disk.
Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. Source code patches can be found on the errata page:
https://www.openbsd.org/errata64.html
After patching, restart the vmd s [...]
OpenBSD Errata: November 29th, 2018 (...
Errata patches for OpenSMTPD have been released for OpenBSD 6.4.
The mail.mda and mail.lmtp delivery agents were not reporting temporary
failures correctly, causing smtpd to bounce messages in some cases where
it should have retried them.
Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source [...]
OpenBSD Errata: November 29th, 2018 (...
Errata patches for the kernel have been released for OpenBSD 6.3 and 6.4.
UNIX domain sockets leak kernel memory with MSG_PEEK on SCM_RIGHTS, or can
attempt excessive memory allocations leading to a crash.
Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the
[...]
OpenBSD Errata: November 29th, 2018 (...
Errata patches for perl have been released for OpenBSD 6.3 and 6.4.
Various overflows exist in perl.
Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata63.html
https://www.openbsd.org/errata64.html
[FreeBSD-Announce] Interim support gu...
Dear FreeBSD community,
The Core Team, in consultation with Release Engineering, the Security
Team, and Port Manager has decided that we need to reevaluate the 5-year
support of stable branches starting with stable/12. A changed security
landscape, increased toolchain velocity, and shorter support windows for
our upstream components necessi [...]
[FreeBSD-Announce] FreeBSD Errata Not...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-18:13.icmp Errata Notice
The FreeBSD Project
Topic: ICMP buffer underwrite
Category: core [...]
[FreeBSD-Announce] FreeBSD Errata Not...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-18:14.tzdata Errata Notice
The FreeBSD Project
Topic: Timezone database information update
Catego [...]
[FreeBSD-Announce] FreeBSD Errata Not...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-18:15.loader Errata Notice
The FreeBSD Project
Topic: Deferred kernel loading breaks loader passwo [...]
[FreeBSD-Announce] FreeBSD Security A...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-18:13.nfs Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in NFS server code
[...]
OpenBSD Errata: November 17th, 2018 (...
Errata patches for the kernel have been released for OpenBSD 6.3 and 6.4.
A recent change to POSIX file locks could cause incorrect results during
lock acquisition.
Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.op [...]
OpenBSD Errata: November 17th, 2018 (...
Errata patches for libcrypto have been released for OpenBSD 6.4.
The portsmash vulnerability allows exfiltration of elliptic curve keys.
Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the errata
page:
https://www.openbsd.org/errata64.html
Users compilin [...]
OpenBSD Errata: November 17th, 2018 (...
Errata patches for libcrypto have been released for OpenBSD 6.3.
Timing side channels may leak information about DSA and ECDSA private keys.
Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the errata
page:
https://www.openbsd.org/errata63.html
Users comp [...]
[FreeBSD-Announce] FreeBSD 10.4 end-o...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Dear FreeBSD community,
As of October 31, 2018, FreeBSD 10.4 reached end-of-life and is no longer
supported by the FreeBSD Security Team. Users of FreeBSD 10.4 are strongly
encouraged to upgrade to a newer release as soon as possible.
The currently supported branches and releases and their e [...]
OpenBSD Errata: November 2nd, 2018 (s...
Errata patches for syspatch have been released for OpenBSD 6.3 and 6.4.
The syspatch utility incorrectly handles symbolic links.
Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the
respective errata pages:
https://www.openbsd.org/errata63.html
https://w [...]
OpenBSD Errata: October 25th, 2018 (x...
Errata patches for Xorg have been released for OpenBSD 6.3 and 6.4.
The Xorg X server incorrectly validates certain options, allowing arbitrary
files to be overwritten.
Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the
respective errata pages:
https://w [...]
LibreSSL 2.8.2 Released
We would like to announce that we have released LibreSSL 2.8.2, which is
available in the LibreSSL directory of your local OpenBSD mirror. This
announcement comes a few days after it was first available on October
18th, 2018, along with OpenBSD 6.4. This is the first stable release from
the 2.8 series.
It includes the following changes from [...]
[Midnightbsd-security] MidnightBSD 1....
I am happy to announce the immediate availability of MidnightBSD 1.0.
You can download it from one of our mirrors
http://www.midnightbsd.org/download/
Check out the release notes
http://www.midnightbsd.org/notes/
Note updated packages for i386 are coming.
Lucas Holt
Luke@FoolishGames.com
______________________________________________ [...]
OpenBSD 6.4 released – Oct 18, ...
------------------------------------------------------------------------
- OpenBSD 6.4 RELEASED -------------------------------------------------
October 18, 2018.
We are pleased to announce the official release of OpenBSD 6.4.
This is our 45th release. We remain proud of OpenBSD\'s record of more
than twenty years with only two remote hol [...]
