[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-19:21.bhyve

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-19:21.bhyve Security Advisory
The FreeBSD Project

Topic: Insufficient validation of guest-supplied data (e1000 device)

Category: core
Module: bhyve
Announced: 2019-08-06
Credits: Reno Robert
Affects: All supported versions of FreeBSD.
Corrected: 2019-08-05 22:04:16 UTC (stable/12, 12.0-STABLE)
2019-08-06 17:13:17 UTC (releng/12.0, 12.0-RELEASE-p9)
2019-08-05 22:04:16 UTC (stable/11, 11.3-STABLE)
2019-08-06 17:13:17 UTC (releng/11.3, 11.3-RELEASE-p2)
2019-08-06 17:13:17 UTC

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-19:20.bsnmp

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-19:20.bsnmp Security Advisory
The FreeBSD Project

Topic: Insufficient message length validation in bsnmp library

Category: contrib
Module: bsnmp
Announced: 2019-08-06
Credits: Guido Vranken
Affects: All supported versions of FreeBSD.
Corrected: 2019-08-06 16:11:16 UTC (stable/12, 12.0-STABLE)
2019-08-06 17:12:17 UTC (releng/12.0, 12.0-RELEASE-p9)
2019-08-06 16:12:43 UTC (stable/11, 11.3-STABLE)
2019-08-06 17:12:17 UTC (releng/11.3, 11.3-RELEASE-p2)
2019-08-06 17:12:17 UTC

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-19:18.bzip2

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-19:18.bzip2 Security Advisory
The FreeBSD Project

Topic: Multiple vulnerabilities in bzip2

Category: contrib
Module: bzip2
Announced: 2019-08-06
Affects: All supported versions of FreeBSD.
Corrected: 2019-07-04 07:29:18 UTC (stable/12, 12.0-STABLE)
2019-08-06 17:09:47 UTC (releng/12.0, 12.0-RELEASE-p9)
2019-07-04 07:32:25 UTC (stable/11, 11.3-STABLE)
2019-08-06 17:09:47 UTC (releng/11.3, 11.3-RELEASE-p2)
2019-08-06 17:09:47 UTC (releng/11.2, 11.2-RELEASE-p13)
CVE Name: CVE-2016-3189, CVE-2019-12900

(Read more...)

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-19:15.libunwind

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-19:15.libunwind Errata Notice
The FreeBSD Project

Topic: Incorrect exception handling

Category: contrib
Module: libunwind
Announced: 2019-08-06
Affects: FreeBSD 11.2, FreeBSD 12.0
Corrected: 2019-08-06 17:08:30 UTC (releng/12.0, 12.0-RELEASE-p9)
2019-08-06 17:08:30 UTC (releng/11.2, 11.2-RELEASE-p13)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-19:19.mldv2

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-19:19.mldv2 Security Advisory
The FreeBSD Project

Topic: ICMPv6 / MLDv2 out-of-bounds memory access

Category: core
Module: net
Announced: 2019-08-06
Credits: CJD of Apple
Affects: All supported versions of FreeBSD.
Corrected: 2019-08-06 17:13:41 UTC (stable/12, 12.0-STABLE)
2019-08-06 17:11:17 UTC (releng/12.0, 12.0-RELEASE-p9)
2019-08-06 17:15:46 UTC (stable/11, 11.3-STABLE)
2019-08-06 17:11:17 UTC (releng/11.3, 11.3-RELEASE-p2)
2019-08-06 17:11:17 UTC

(Read more...)

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-19:14.epoch

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-19:14.epoch Errata Notice
The FreeBSD Project

Topic: Incorrect locking in epoch(9)

Category: core
Module: kernel
Announced: 2019-08-06
Credits: Mark Johnston
Affects: FreeBSD 12.0
Corrected: 2019-07-27 16:11:04 UTC (stable/12, 12.0-STABLE)
2019-08-06 17:07:43 UTC (releng/12.0, 12.0-RELEASE-p9)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and

(Read more...)

Zen 2 and DragonFly

It’s supported, and given how well DragonFly supports SMP and the number of processors Zen 2 supports, it’s a no-brainer if you’re in the market for a new server.

Lazy Reading for 2019/08/04

This week’s material filled up fast.  It’s vacation season in the northern hemisphere, so let’s see what next week brings… “Anyway my point here is that all of crypto should be run entirely by tweens.”  Look for the Utility Token section, though it’s all fun. How to calculate leap second variation for the year 3000.  …

Continue reading “Lazy Reading

(Read more...)

BSD Now 309: Get Your Telnet Fix

This week’s BSD Now talks about some recent security discussions with telnet and (unrelateD) OpenSSH history, and points to a recent discussion on DragonFly I haven’t even gotten to link yet, cause it’s ongoing.
(telnet is awful but i…