login
Search
Hi everyone,
There are only 5 days left until meetBSD California at the Googleplex
in Mountain View, California starting Saturday, November 15th at 10am.
The first meetBSD in the United States also marks the 15th Anniversary
of the FreeBSD operating system, which will be commemorated with an
After-Party on Saturday night hosted at the Buddha Lounge.We still have a few spots left (around 25-30, I believe) but
registration will be closing at some point over the next few days, so
if you've been putting off registering, now is the time! The
conference is *free* to attend and only $50 dollars for you and a
guest to attend the After-Party, which includes dinner and drinks :-)More information as well as the registration form can be found at http://www.meetBSD.com
. If you are attending the conference but not the party, leave the
party checkbox blank and select Mail-In Payment and you will not be
billed.See you all there!
-matt--
Matt Olander
meetBSD Conference Team
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Calling all FreeBSD developers needing assistance with travel expenses
to BSDCan 2008.The FreeBSD Foundation will be providing a limited number of travel
grants to individuals requesting assistance. Please fill out and submit
the Travel Grant Request Application at
www.freebsdfoundation.org/documents/ by April 1, 2008 to apply for this
grant.We have increased our travel grant budget for 2008! Now we have the
resources to help send more FreeBSD developers to conferences. We still
ask you to look to your employers first for sponsorship or cost-splitting.Also, to be considered for the grant, you must provide a detailed
justification for attending this conference in the application. Please
describe, not only your purpose for attending, but how the FreeBSD
project and community will benefit from you attending this conference.Please include only costs that you would like the Foundation to
reimburse in the application. If there are other sponsors covering some
portion of your expenses, please include that in your application, too.We will not accept applications after April 1, 2008.
Thank You,
The FreeBSD Foundation
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
The deadline for submitting your project proposal is August 15th!
The FreeBSD Foundation is soliciting the submission of proposals for
work relating to any of the major subsystems or infrastructure within
the FreeBSD operating system. A budget of $80,000 was allocated for
2008 to fund multiple development projects. Proposals will be evaluated
based on desirability, technical merit and cost-effectiveness.To find out more about the proposal process go to
http://www.freebsdfoundation.org/documents/FreeBSD%20Foundation%20Propos...
and http://www.freebsdfoundation.org/documents/ProposalHelp.shtml.Sincerely,
The FreeBSD Foundation
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Congratulations to the successful students and their FreeBSD Project
mentors for participating in another productive Google Summer of Code.
This program encourages students to contribute to an open source
project over the summer break with generous funding from Google. We
have had a total of over 50 successful students working on FreeBSD as
part of this program in 2005, 2006, and 2007. These student projects
included security research, improved installation tools, filesystems
work, new utilities, and more. Many of the students have continued
working on their FreeBSD projects even after the official close of the
program. We have gained many new FreeBSD committers from previous
summer of code projects already, and more are in the process.Information about the student projects is available from our Summer of
Code wiki (http://wiki.FreeBSD.org/SummerOfCode2007) and all of the
code is checked into Perforce. A summary of each individual project
is provided at http://www.FreeBSD.org/projects/summerofcode-2007.html
and the text is included below.Please join me in congratulating these students and thanking them for
their significant contributions to FreeBSD this summer.Regards,
- Murray Stokely
Robert Watson
(FreeBSD Summer of Code Organizers)2007 Student Projects :
* Project: GNOME front-end to freebsd-update(8)
Student: Andrew Turner
Mentor: Joe Marcus Clarke
Summary:The FreeBSD update front-end is a GTK+ interface to
freebsd-update. It is split into a GUI to allow system
administrators to select the binary patches to update or
rollback and a back-end that communicates with
freebsd-update. Development of both parts has moved to Berlios
at http://developer.berlios.de/projects/facund/.Ready to enter CVS: The back-end is not yet ready to enter CVS,
but a port is being made for the front-end* Project: Multicast DNS responder (BSD-licensed)
Student: Fredrik Lindberg
Me...
Hi,
In this email:
- coming soon
- sponsors
- mapComing Soon:
There are only a few weeks to go until BSDCan 2008. I hope
you've made your travel bookings. If you are coming in from
other than USA or Canada, we can provide you with a Letter
of Invitation after you have registered and paid. This letter
can help you if you need to apply for visa.We have an amazing line up of talks and speakers. Full
details here: http://www.bsdcan.org/2008/schedule/Sponsors:
The preparations are well underway. We've had tremendous support
from our sponsors:The FreeBSD Foundation
USENIX
XipLink
Juniper NetworksFor more about our sponsors, please see http://www.bsdcan.org/2008/
sponsors.phpMaps:
This year we have added a Google map of the venue
and surrounding area. It is available from the home
page of http://bsdcan.org/ or from http://tinyurl.com/2lzthwPeople keep telling me how much they're looking forward
to BSDCan. So much so that we've alerted the pubs.--
Dan Langille -- http://www.langille.org/
dan@langille.org_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1=============================================================================
FreeBSD-SA-09:13.pipe Security Advisory
The FreeBSD ProjectTopic: kqueue pipe race conditions
Category: core
Module: kern
Announced: 2009-10-02
Credits: Przemyslaw Frasunek
Affects: FreeBSD 6.x
Corrected: 2009-10-02 18:09:56 UTC (RELENG_6, 6.4-STABLE)
2009-10-02 18:09:56 UTC (RELENG_6_4, 6.4-RELEASE-p7)
2009-10-02 18:09:56 UTC (RELENG_6_3, 6.3-RELEASE-p13)For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.I. Background
Pipes are a form of inter-process communication (IPC) provided by the
FreeBSD kernel. kqueue is an event management API that applications can
use to monitor pipes and other kernel services.II. Problem Description
A race condition exists in the pipe close() code relating to kqueues,
causing use-after-free for kernel memory, which may lead to an
exploitable NULL pointer vulnerability in the kernel, kernel memory
corruption, and other unpredictable results.III. Impact
Successful exploitation of the race condition can lead to local kernel
privilege escalation, kernel data corruption and/or crash.To exploit this vulnerability, an attacker must be able to run code on
the target system.IV. Workaround
An errata notice, FreeBSD-EN-09:05.null has been released simultaneously to
this advisory, and contains a kernel patch implementing a workaround for a
more broad class of vulnerabilities. However, prior to those changes, no
workaround is available.V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 6-STABLE, or to the RELENG_6_4, or
RELENG_6_3 security...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1FreeBSD-EN-05:04.nfs Errata Notice
The FreeBSD ProjectTopic: NFS Client may panic when encounted errors
Category: core
Module: nfsclient
Announced: 2005-12-19
Credits: Mohan Srinivasan, Xin LI
Affects: FreeBSD 6.0-RELEASE
Corrected: 2005-12-19 10:58:58 UTCI. Background
The Network File System (NFS) allows a system to share directories and files
with others over a network. By using this, users and programs can access
files on remote systems almost as if they were local files.II. Problem Description
Due to a locking issue in nfs_lookup() a call to vrele() might be made
while holding the vnode mutex, which results in kernel panic when doing
VFS operations under certain load patterns.III. Impact
NFS clients that encountered the load pattern would crash and reboot.
IV. Solution
Do one of the following to update the source tree:
1) Upgrade your affected system to the RELENG_6_0 errata branch dated
after the correction date using cvsup(1) or cvs(1). This is the
preferred method.2) Obtain the updated files using the cvsweb interface. Cvsweb is a
Web interface to the CVS repository. The URL to the general
interface is "http://cvsweb.freebsd.org/". You can obtain any of
the source files for the RELENG_6_0 branch by going to the src
directory ("http://cvsweb.freebsd.org/src") and then selecting
the "RELENG_6_0" branch tag. With the branch tag set navigate
to the files listed below in the "Correction details" section and
download them, making sure you get the correct revision numbers.
Copy the downloaded files into your /usr/src tree.If using the second procedure you should make sure you have used that
same procedure to download all previous Errata Notices and Security
Advisories. We strongly discourage this proce...
Hi Everyone,
The FreeBSD Status Reports for the First Quarter of 2008 are now
available at:http://www.freebsd.org/news/status/report-2008-01-2008-03.html
Regards,
Brad Davis
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
The FreeBSD Foundation is pleased to announce we are soliciting the
submission of proposals for work relating to any of the major subsystems
or infrastructure within the FreeBSD operating system. A budget of
$80,000 was allocated for 2008 to fund multiple development projects.
Proposals will be evaluated based on desirability, technical merit and
cost-effectiveness.To find out more about the proposal process please read the attached
document. You can also find the document on our website at
http://www.freebsdfoundation.org/documents/FreeBSD%20Foundation%20Propos....We look forward to reading all the interesting project proposals!
Sincerely,
The FreeBSD Foundation
FreeBSD Status Report
Introduction
This report covers FreeBSD related projects between June and October
2006. This includes the conclusion of this year's Google Summer of
Code with 13 successful students. Some of last year's and the current
SoC participants have meanwhile joined the committer ranks, kept
working on their projects, and improving FreeBSD in general.This year's EuroBSDCon in Milan, Italy has meanwhile published an
exciting program. Many developers will be there to discuss these
current and future projects at the Developer Summit prior the
conference. Next year's conference calendar has a new entry - in
addition to the now well established BSDCan in Ottawa - AsiaBSDCon
will take place in Tokyo at the begining of March.As we are closing in on FreeBSD 6.2 release many bugs are being fixed
and new features have been MFCed. On the other hand a lot of the
projects below already are focusing on FreeBSD 7.0 and promise a lot
of exciting news and features to come.Thanks to all the reporters for the excellent work! We hope you enjoy
reading.
_________________________________________________________________Google Summer of Code
* Analyze and Improve the Interrupt Handling Infrastructure
* Bundled PXE Installer
* Gvirstor
* IPv6 Stack Vulnerabilities
* Jail Resource Limits
* Nss-LDAP importing and nsswitch subsystem improvement
* Porting the seref policy and setools to SEBSD
* Porting Xen to FreeBSD
* SNMP monitoring (BSNMP)
* Summer of Code Summary
* Update of the Linux compatibility environment in the kernelProjects
* CScout on the FreeBSD Source Code Base
* DTrace
* Embedded FreeBSD
* FreeSBIE
* GJournal
* iSCSI Initiator
* Porting ZFS to FreeBSD
* Summer of FreeBSD security development
* TrustedBSD Audit
* USBFreeBSD Team Reports
* FreeBSD Security Officer and Security Te...
Calling all FreeBSD developers needing assistance with travel expenses
to AsiaBSDCon 2007.The Foundation will be providing a limited number of travel grants to
individuals requesting assistance. Please fill out and submit the Travel
Grant Request Form at www.freebsdfoundation.org/documents/ by January
21, to apply for this grant.Though we would like to support everyone who applies, priority will be
given to FreeBSD developers speaking at the conference. Due to
constrained resources, we would appreciate if developers could look to
their employers first for sponsorship or cost-splitting.Also, to be considered for the grant, you must provide a detailed
justification for attending this conference in the application. Please
describe, not only your purpose for attending, but how the FreeBSD
community will benefit by you attending this conference.Please note, the deadline for submitting Travel Grant Request forms is
January 21, 2007. Applications will not be accepted after this date.Thank You,
The FreeBSD Foundation
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Dear FreeBSD Community,
Just a reminder that our application deadline is August 20. If you are
interested in a travel grant for attending EuroBSDCon 2009, please
submit your application by this date.Thank you to everyone who has already submitted an application. You
should be hearing from us soon.Sincerely,
Deb Goodkin
The FreeBSD Foundation-------- Original Message --------
Subject: Accepting Travel Grant Applications for EuroBSDCon 2009
Date: Mon, 20 Jul 2009 13:30:58 -0600
From: Deb Goodkin <deb@freebsd.org>
To: freebsd-announce@freebsd.orgCalling all FreeBSD developers needing assistance with travel expenses
to EuroBSDCon 2009.The FreeBSD Foundation will be providing a limited number of travel
grants to individuals requesting assistance. Please fill out and submit
the Travel Grant Request Application at
http://www.freebsdfoundation.org/documents/TravelRequestForm.pdf by
August 20, 2009 to apply for this grant.How it works:
This program is open to FreeBSD developers of all sorts (kernel hackers,
documentation authors, bugbusters, system administrators, etc). In some
cases we are also able to fund non-developers, such as active community
members and FreeBSD advocates.(1) You request funding based on a realistic and economical estimate of
travel costs (economy airfare, trainfare, ...), accommodations
(conference hotel and sharing a room), and registration or tutorial
fees. If there are other sponsors willing to cover costs, such as your
employer or the conference, we prefer you talk to them first, as our
budget is limited. We are happy to split costs with you or another
sponsor, such as just covering airfare or board.If you are a speaker at the conference, we expect the conference to
cover your travel costs, and will most likely not approve your direct
request to us.(2) We review your application and if approved, authorize you to seek
reimbursement up to a limit. We consider several factors, including our
overall and per-event b...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1=============================================================================
FreeBSD-EN-07:05.freebsd-update Errata Notice
The FreeBSD ProjectTopic: FreeBSD Update problems updating SMP kernels
Category: core
Module: usr.sbin
Announced: 2007-03-15
Affects: FreeBSD 6.2
Corrected: 2007-03-08 05:43:12 UTC (RELENG_6, 6.2-STABLE)
2007-03-15 08:06:11 UTC (RELENG_6_2, 6.2-RELEASE-p3)For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:http://security.freebsd.org/>.I. Background
FreeBSD Update is a system for building, distributing, and installing
binary security and errata updates to the FreeBSD base system. Starting
with FreeBSD 6.2-RELEASE, the FreeBSD Update client software,
freebsd-update(8), has been included in the FreeBSD base system.II. Problem Description
Due to a programming error in the FreeBSD Update client, kernels built
from the default SMP kernel configuration (including those distributed
as part of the release) are not correctly identified as such. On the
i386 platform, they are not recognized; on the amd64 platform, they are
mis-identified as GENERIC kernels.III. Impact
On the i386 platform, if a system is running a kernel built from the
default SMP kernel configuration, and this kernel is installed somewhere
other than /boot/SMP/kernel, the FreeBSD Update client will not download
and install updates for it.On the amd64 platform, if a system is running a kernel built from the
default SMP kernel configuration, and this kernel is installed somewhere
other than /boot/SMP/kernel, the FreeBSD Update client will replace it
with a kernel built from the GENERIC (single-processor) kernel
configuration.IV. W...
Introduction
This report covers FreeBSD related projects between January and March
2007. This quarter ended with a big bang as a port of Sun's critically
acclaimed ZFS was added to the tree and thus will be available in the
upcoming FreeBSD 7.0 release. Earlier this year exciting benchmark
results showed the fruits of our SMP work. Read more on the details in
the "SMP Scalability" report.During the summer, FreeBSD will once again take part in Google's
Summer of Code initiative. Student selection is underway and we are
looking forward to a couple of exciting projects to come.BSDCan is approaching rapidly, and will be held May 16-19th in Ottawa.
Thanks to all the reporters for the excellent work! We hope you enjoy
reading.
_________________________________________________________________Projects
* FreeBSD and ZFS
* SMP Scalability
* USBFreeBSD Team Reports
* FreeBSD Security Officer and Security Team
* Problem Report Database
* Release Engineering
* The FreeBSD FoundationKernel
* Building Linux Device Drivers on FreeBSD
* Update of the Linux compatibility environment in the kernelNetwork Infrastructure
* FAST_IPSEC Upgrade
* Importing trunk(4) from OpenBSD
* Intel 3945ABG Wireless LAN Driver: wpi
* Multi-link PPP daemon (MPD)Userland Programs
* GCC 4.1 integration
* malloc(3)Ports
* Ports Collection
* X.Org 7.2 integrationMiscellaneous
* BSDCan 2007
* EuroBSDCon 2007
_________________________________________________________________BSDCan 2007
URL: http://www.bsdcan.org/2007/
Contact: Dan Langille <dan@langille.org>
The Schedule and the Tutorials have been released. Once again, we have
a very strong collection of Speakers .BSDCan: Low Cost. High Value. Something for Everyone.
Everyone is going to be there. Make your plans now.
_______________...
Dear FreeBSD Users,
Within the next 24 hours, the long-awaited update to the X.org 7.2
windowing system will be committed to the ports tree. This upgrade
has been 6 months in the making and would not have been possible
without the dedicated work of Florent Thoumie <flz@FreeBSD.org>,
Dejan Lesjak <lesi@FreeBSD.org> and many others in our army of
developers.For the past two weeks the ports tree has been frozen while our
developer community has concentrated on testing and refining the
upgrade process. This is a major upgrade, but we have worked hard to
smooth out the road bumps that have been encountered during testing so
far. We believe that the upgrade is now ready for general deployment,
but particularly cautious users may wish to delay their upgrades and
monitor the freebsd-ports@FreeBSD.org and freebsd-x11@FreeBSD.org
mailing lists for discussion of remaining issues that may be
encountered by users.Please note that it will unfortunately not be possible to perform this
update without some manual intervention. Please refer to the
/usr/ports/UPDATING file to learn about the steps necessary, and the
changes involved. One important aspect of the upgrade is that X.org
7.x is no longer installed in the /usr/X11R6 directory; instead it
installs in /usr/local along with the other ports.If you are running an automatic port rebuild script from e.g. cron,
you will want to disable that. In general we do not recommend
automatic updates because of the potential to cause unrecoverable
errors when problems are encountered.Thank you for your patience while we have prepared this change. The
tree will remain semi-frozen for another few days after the import
takes place while we wait for all the changes to settle out (the
duration of this freeze will depend on any problem reports we receive
from the user community).We hope you all enjoy the new X version!
Kris
(for portmgr@)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1=============================================================================
FreeBSD-SA-08:03.sendfile Security Advisory
The FreeBSD ProjectTopic: sendfile(2) write-only file permission bypass
Category: core
Module: sys_kern
Announced: 2008-02-14
Credits: Kostik Belousov
Affects: All supported versions of FreeBSD
Corrected: 2008-02-14 11:45:00 UTC (RELENG_7, 7.0-PRERELEASE)
2008-02-14 11:45:41 UTC (RELENG_7_0, 7.0-RELEASE)
2008-02-14 11:46:08 UTC (RELENG_6, 6.3-STABLE)
2008-02-14 11:46:41 UTC (RELENG_6_3, 6.3-RELEASE-p1)
2008-02-14 11:47:06 UTC (RELENG_6_2, 6.2-RELEASE-p11)
2008-02-14 11:47:39 UTC (RELENG_6_1, 6.1-RELEASE-p23)
2008-02-14 11:49:39 UTC (RELENG_5, 5.5-STABLE)
2008-02-14 11:50:28 UTC (RELENG_5_5, 5.5-RELEASE-p19)
CVE Name: CVE-2008-0777For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.I. Background
The sendfile(2) system call allows a server application (such as a
HTTP or FTP server) to transmit the contents of a file over a network
connection without first copying it to application memory. High
performance servers such as the Apache HTTP Server and ftpd use sendfile.II. Problem Description
When a process opens a file (and other file system objects, such as
directories), it specifies access flags indicating its intent to read,
write, or perform other operations. These flags are checked against
file system permissions, and then stored in the resulting file
descriptor to validate future operations against.The sendfile(2) system call does not check the file descriptor access
flags before ...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1=============================================================================
FreeBSD-SA-09:11.ntpd Security Advisory
The FreeBSD ProjectTopic: ntpd stack-based buffer-overflow vulnerability
Category: contrib
Module: ntpd
Announced: 2009-06-10
Credits: Chris Ries
Affects: All supported versions of FreeBSD.
Corrected: 2009-06-10 10:31:11 UTC (RELENG_7, 7.2-STABLE)
2009-06-10 10:31:11 UTC (RELENG_7_2, 7.2-RELEASE-p1)
2009-06-10 10:31:11 UTC (RELENG_7_1, 7.1-RELEASE-p6)
2009-06-10 10:31:11 UTC (RELENG_6, 6.4-STABLE)
2009-06-10 10:31:11 UTC (RELENG_6_4, 6.4-RELEASE-p5)
2009-06-10 10:31:11 UTC (RELENG_6_3, 6.3-RELEASE-p11)
CVE Name: CVE-2009-1252For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.I. Background
The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP)
used to synchronize the time of a computer system to a reference time
source.Autokey is a security model for authenticating Network Time Protocol
(NTP) servers to clients, using public key cryptography.II. Problem Description
The ntpd(8) daemon is prone to a stack-based buffer-overflow when it is
configured to use the 'autokey' security model.III. Impact
This issue could be exploited to execute arbitrary code in the context of
the service daemon, or crash the service daemon, causing denial-of-service
conditions.IV. Workaround
Use IP based restrictions in ntpd(8) itself or in IP firewalls to
restrict which systems can send NTP packets to ntpd(8).Note that systems will only be affected if they have the "autokey" option
set in /etc/ntp.conf; ...
Hi,
The subject should read "FreeBSD Project Status Report - Third Quarter of
2006"Sorry for the confusion.
Regards,
Brad Davis
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
