-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent EoL (end-of-life) events. The new list is below and at <URL: http://security.freebsd.org/ >. FreeBSD 5.5, FreeBSD 6.1, and FreeBSD 6.2 have `expired' and are no longer supported effective June 1, 2008. Users of these releases are advised to upgrade promptly to FreeBSD 6.3 or FreeBSD 7.0, either by downloading an updated source tree and building updates manually, or (for i386 and amd64 systems) using the FreeBSD Update utility as described in the FreeBSD 6.3 and FreeBSD 7.0 release announcements. This marks the end of support by the FreeBSD Security Team for the FreeBSD 5-STABLE branch, and at this time support for running software from the ports tree on FreeBSD 5.x is also ceasing: Packages for binary installations will no longer be built for FreeBSD 5.5, building ports from source on FreeBSD 5.x will no longer be supported, and the ports INDEX will no longer be built and made available via portsnap or the 'make fetchindex' target. Patches for individual ports specific for their functioning on FreeBSD 5.5 may still be accepted at the discretion of the port maintainer. [Excerpt from http://security.freebsd.org/ follows] FreeBSD Security Advisories The FreeBSD Security Officer provides security advisories for several branches of FreeBSD development. These are the -STABLE Branches and the Security Branches. (Advisories are not issued for the -CURRENT Branch.) * There is usually only a single -STABLE branch, although during the transition from one major development line to another (such as from FreeBSD 5.x to 6.x), there is a time span in which there are two -STABLE branches. The -STABLE branch tags have names like RELENG_6. The corresponding builds have names like FreeBSD 6.1-STABLE. * Each FreeBSD Release has an associated Security Branch. The ...
Hi Everyone, The FreeBSD Status Reports for the Fourth Quarter of 2007 are now available at: http://www.freebsd.org/news/status/report-2007-10-2007-12.html Regards, Brad Davis _______________________________________________ freebsd-announce@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-announce To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-06:01.texindex Security Advisory
The FreeBSD Project
Topic: Texindex temporary file privilege escalation
Category: contrib
Module: texinfo
Announced: 2006-01-11
Credits: Frank Lichtenheld
Affects: All FreeBSD releases.
Corrected: 2006-01-11 08:02:16 UTC (RELENG_6, 6.0-STABLE)
2006-01-11 08:03:18 UTC (RELENG_6_0, 6.0-RELEASE-p2)
2006-01-11 08:03:55 UTC (RELENG_5, 5.4-STABLE)
2006-01-11 08:04:33 UTC (RELENG_5_4, 5.4-RELEASE-p9)
2006-01-11 08:05:54 UTC (RELENG_5_3, 5.3-RELEASE-p24)
2006-01-11 08:06:47 UTC (RELENG_4, 4.11-STABLE)
2006-01-11 08:07:18 UTC (RELENG_4_11, 4.11-RELEASE-p14)
2006-01-11 08:08:08 UTC (RELENG_4_10, 4.10-RELEASE-p20)
CVE Name: CAN-2005-3011
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
<URL:http://www.freebsd.org/security/>.
I. Background
TeX is a document typesetting system which is popular in the mathematics,
physics, and computer science realms because of its ability to typeset
complex mathematical formulas. texindex(1) is a utility which is often
used to generate a sorted index of a TeX file.
II. Problem Description
The "sort_offline" function used by texindex(1) employs the "maketempname"
function, which produces predictable file names and fails to validate that
the paths do not exist.
III. Impact
These predictable temporary file names are problematic because they
allow an attacker to take advantage of a race condition in order to
execute a symlink attack, which could enable them to overwrite files
on the system in the c...Dear FreeBSD users, The FreeBSD project is finally, after much work, pleased to announce the availability of an official FreeBSD web based discussion forum. It is our hope that this forum will serve as a public support channel for FreeBSD users around the world and as a complement to our fine mailing lists. You can register and start using our new service here: http://forums.FreeBSD.org The structure of the forum is still in a late beta stage, so if you have ideas, suggestions for improvements or bug reports, send them to: forum-moderators at FreeBSD dot org. Please also have a look at our rules before you create your first thread or post your first message. You can find our official list of forum rules here: http://forums.freebsd.org/faq.php?faq=vb_faq#faq_rules Also, FreeBSD developers (people with commit access to our CVS/SVN trees) can be distinguished by having an '@' character at the end of their username. It is our hope that both users and developers will find this new service useful. Please help spread the word. Sincerely, The FreeBSD Forums Admin Team _______________________________________________ freebsd-announce@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-announce To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
--------------------------------------- Call for Papers 2007 USENIX Annual Technical Conference June 17-22, 2006, Santa Clara, CA Paper Submissions Deadline: January 9, 2007 http://www.usenix.org/usenix07/cfpa/ --------------------------------------- Dear Colleague, On behalf of the 2007 USENIX Annual Technical Conference program committee, we request your ideas, proposals, and papers for tutorials, refereed papers, and a poster session. The program committee invites you to submit original and innovative papers to the Refereed Papers Track of the 2007 USENIX Annual Technical Conference. Authors are required to submit full papers by 11:59 p.m. PST, Tuesday, January 9, 2007. We seek high-quality submissions that further the knowledge and understanding of modern computing systems, with an emphasis on practical implementations and experimental results. We encourage papers that break new ground or present insightful results based on experience with computer systems. The USENIX conference has a broad scope. Specific topics of interest include but are not limited to: * Architectual interaction * Benchmarking * Deployment experience * Distributed and parallel systems * Embedded systems * Energy/power management * File and storage systems * Networking and network services * Operating systems * Reliability, availability, and scalability * Security, privacy, and trust * System and network management * Usage studies and workload characterization * Virtualization * Web technology * Wireless and mobile systems More information on these and other submission guidelines is available on our Web site: http://www.usenix.org/usenix07/cfpa/ IMPORTANT DATES: Paper submissions due: Tuesday, January 9, 2007, 11:59 p.m. PST Notification to authors: Monday, March 19, 2007 Final papers due: Tuesday, April 24, 2007 Please note that January 9 is a hard deadline; no extensions will be given. We look forward to your submissions. On behalf of the Annual Tech '07 Confe...
The FreeBSD Release Engineering Team is pleased to announce the availability
of FreeBSD 6.2-RELEASE. This release continues the development of the
6-STABLE branch providing performance and stability improvements, many
bug fixes and new features. Some of the highlights:
- freebsd-update(8) provides officially supported binary updates for
security fixes and errata patches
- Experimental support for CAPP security event auditing
- OpenBSM audit command line tool suite and library
- KDE updated to 3.5.4, GNOME updated to 2.16.1
- csup(1) integrated cvsup client now included
- Disk integrity protection and authentication added to geli(4)
- New amdsmb(4), enc(4) ipmi(4), nfsmb(4), stge(4) drivers
- IPFW(4) packet tagging
- Linux emulation support for sysfs
- BIND updated to 9.3.3
- Many driver updates including em(4), arcmsr(4), ath(4), bce(4),
ata(4), and iwi(4)
For a complete list of new features and known problems, please see the
online release notes and errata list, available at:
http://www.FreeBSD.org/releases/6.2R/relnotes.html
http://www.FreeBSD.org/releases/6.2R/errata.html
For more information about FreeBSD release engineering activities,
please see:
http://www.FreeBSD.org/releng/
Availability
-------------
FreeBSD 6.2-RELEASE is now available for the alpha, amd64, i386, ia64,
pc98, powerpc, and sparc64 architectures. It can be installed from bootable
ISO images or over the network; the required files can be downloaded
via FTP or BitTorrent as described in the sections below. While some of
the smaller FTP mirrors may not carry all architectures, they will all
generally contain the more common ones, such as i386 and amd64.
MD5 and SHA256 hashes for the release ISO images are included at the
bottom of this message.
The contents of the ISO images provided as part of the release has changed
for most of the architectures. Using the i386 architecture as an example,
there are ISO images named "bootonly", "disc1", "disc2", and...-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-08:05.openssh Security Advisory
The FreeBSD Project
Topic: OpenSSH X11-forwarding privilege escalation
Category: contrib
Module: openssh
Announced: 2008-04-17
Credits: Timo Juhani Lindfors
Affects: All supported versions of FreeBSD
Corrected: 2008-04-16 23:58:33 UTC (RELENG_7, 7.0-STABLE)
2008-04-16 23:58:52 UTC (RELENG_7_0, 7.1-RELEASE-p1)
2008-04-16 23:59:35 UTC (RELENG_6, 6.3-STABLE)
2008-04-16 23:59:48 UTC (RELENG_6_3, 6.3-RELEASE-p2)
2008-04-17 00:00:04 UTC (RELENG_6_2, 6.2-RELEASE-p12)
2008-04-17 00:00:28 UTC (RELENG_6_1, 6.1-RELEASE-p24)
2008-04-17 00:00:41 UTC (RELENG_5, 5.5-STABLE)
2008-04-17 00:00:54 UTC (RELENG_5_5, 5.5-RELEASE-p20)
CVE Name: CVE-2008-1483
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.
I. Background
OpenSSH is an implementation of the SSH protocol suite, providing an
encrypted and authenticated transport for a variety of services,
including remote shell access. The OpenSSH server daemon (sshd)
provides support for the X11 protocol by binding to a port on the
server and forwarding any connections which are made to that port.
II. Problem Description
When logging in via SSH with X11-forwarding enabled, sshd(8) fails to
correctly handle the case where it fails to bind to an IPv4 port but
successfully binds to an IPv6 port. In this case, applications which
use X11 will connect to the IPv4 port, even though it had not been
bound by sshd(8) and is therefore not being securely forwarded.
III....Calling all FreeBSD developers needing assistance with travel expenses to BSDCan 2007. The Foundation will be providing a limited number of travel grants to individuals requesting assistance. Please fill out and submit the Travel Grant Request Form at www.freebsdfoundation.org/documents/ by April 10, to apply for this grant. Though we would like to support everyone who applies, priority will be given to FreeBSD developers speaking at the conference. Due to constrained resources, we would appreciate if developers could look to their employers first for sponsorship or cost-splitting. Also, to be considered for the grant, you must provide a detailed justification for attending this conference in the application. Please describe, not only your purpose for attending, but how the FreeBSD community will benefit by you attending this conference. Please note, the deadline for submitting Travel Grant Request forms is April 10, 2007. Applications will not be accepted after this date. Thank You, The FreeBSD Foundation _______________________________________________ freebsd-announce@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-announce To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
----------------------------------------------- 2007 USENIX Annual Technical Conference June 17-22, 2006, Santa Clara, CA Early Bird Registration Deadline: June 1, 2007 http://www.usenix.org/usenix07/proga ----------------------------------------------- Dear Colleague, We're pleased to invite you to attend the 2007 USENIX Annual Technical Conference. This year we're offering 6 days of training running alongside a 3-day conference program filled with the latest research, security breakthroughs, and practical approaches to the questions and problems you wrestle with. You'll also have many opportunities to chat with peers who share your concerns and interests. Training: Sunday-Friday, June 17-22, 2007 The 6-day training program at USENIX '07 provides in-depth and immediately useful training on the latest techniques, effective tools, and best strategies, including: * Richard Bejtlich on TCP/IP Weapons School, Layers 2-3 * Peter Baer Galvin on Solaris 10 Security Features * AEleen Frisch on Administering Linux in Production Environments * Steve VanDevender on High-Capacity Email System Design New in 2007: SANS at USENIX Annual Tech. In addition to the top-notch USENIX training, we're partnering with the SANS Institute to offer two 6-day security classes: * SANS Security 504: Hacker Techniques, Exploits, and Incident Handling * SANS Security 617: Assessing and Securing Wireless Networks Technical Sessions: Wednesday-Friday, June 20-22, 2007 The 3-day technical program begins with the keynote address by Mendel Rosenblum of Stanford University,
=46reeBSD Mall (via iXsystems) has merged with BSD Mall. =A0Over the next m= onth=20 the BSDMall.com website will be transitioned to FreeBSDMall.com, after whic= h=20 time FreeBSD Mall will take over order fulfillment for all products. =A0As = a=20 result of this joining of forces, existing customers can expect faster=20 shipping, better selection, and more BSD community support. We've also got several new t-shirts up at FreeBSDMall.com that you may have= =20 seen at BSDCan or floating around on the web, including a FreeBSD Jails=20 shirt, an artistic take on the new logo, and the current FreeBSD logo on=20 black. =A0Expect additional new products up on the FreeBSDMall.com site ove= r=20 the next few months, including posters and more t-shirts. =A0The FreeBSD Ma= ll=20 will also soon be offering AMD64 versions of FreeBSD as well. We've setup a suggestions (at) freebsdmall.com alias and will follow up wit= h a=20 submission form on the website. We'd love to hear the community's ideas for= =20 products and shirts or ways FreeBSD Mall can better serve the community. best, =2Dmatt =2D-=20 Matt Olander CTO, iXsystems - "Servers for Open Source" =A0http://www.iXsystems.com Public Relations, The FreeBSD Project =A0 =A0 =A0 =A0 http://www.FreeBSD.org BSD on the Desktop! =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= http://www.pcbsd.org Phone: (408)943-4100 ext. 113 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Fax: = (408)943-4101=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0=20 =46ax: (408)943-4101 _______________________________________________ freebsd-announce@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-announce To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Dear FreeBSD Community, I am pleased to announce the publication of the FreeBSD Foundation's Semi-Annual July Newsletter. Go to http://www.freebsdfoundation.org/press/2008Jul-newsletter.shtml to find out what we've been doing to help the FreeBSD project and community. Thank You, Deb Goodkin The FreeBSD Foundation _______________________________________________ freebsd-announce@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-announce To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
I am proud to announce that BSDCan 2008 registration is now open.
http://www.bsdcan.org/2008/registration.php
We have added a new tutorial to the schedule:
http://www.bsdcan.org/2008/schedule/events/107.en.html
Wireless networking facilities in FreeBSD. Hands-on experience
setting up and inspecting wireless networks. - Sam Leffler
Also, BSDCan 2008 will be the first BSD conference at which you
can sit the BSD Certification exam. Start studying now!
http://www.bsdcertification.org/
BTW, if you're into PostgeSQL, consider PGCon, right after BSDCan.
http://www.pgcon.org/2008/
See you in May!
--
Dan Langille -- http://www.langille.org/
dan@langille.org
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"It was 15 years ago that Internet history was forever changed when FreeBSD 1.0 was released. We will be hosting the 15 Year Anniversary Party at the meetBSD California conference in Mountain View, California. meetBSD California, based on the popular meetBSD conference in Poland, is a 2 day event on Saturday and Sunday, November 15th and 16th, 2008. Besides the intimate BSD conference with notable BSD speakers and great FreeBSD Anniversary/meetBSD schwag, we'll be having the private FreeBSD Anniversary party at Buddha Lounge in Mountain View on Saturday night. Anybody attending the FreeBSD 10 Year Anniversary Party can attest to the fact that this is not to be missed! Of course, there will be a commemorative anniversary t-shirt for attendees as well as other exciting prizes ;-) The cost to attend is a nominal $50 dollars. If any profits are made from the conference attendees and sponsors, after costs are deducted, they will be donated to the FreeBSD Foundation. What: meetBSD California When: Saturday & Sunday, November 15th and 16th, 2008 Where: Googleplex in Mountain View, California, USA Who: Any and all BSD developers, administrators, advocates Registration is available at http://www.meetBSD.com. The site accepts credit card, paypal, and mail-in payment. More details will be posted on the site as they become available and as the speaker schedule is confirmed. Lunches will be provided for as well as dinner on Saturday night and we have already reserved discounted hotel rooms nearby. Buses will be on-hand to shuttle us from the Googleplex to the party and back to the hotels on Saturday evening. If your company may be interested in sponsorship, please have them contact us at info@meetbsd.com. Space is limited, so please plan accordingly. See you there! -matt & the meetBSD California conference team _______________________________________________ freebsd-announce@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-announce To uns...
FreeBSD Quarterly Status Report
Introduction
This report covers FreeBSD related projects between July and October
2007. The sixth EuroBSDCon was held in Denmark in September. The Google
Summer of Code project came to a close and lots of participants are
working getting their code merged back into FreeBSD.
The bugs in the FreeBSD HEAD branch are being shaked out and it is
being prepared for the FreeBSD 7 branching. If your are curious about
what's new in FreeBSD 7.0 we suggest reading Ivan Voras' excellent
summary here .
Thanks to all the reporters for the excellent work! We hope you enjoy
reading.
__________________________________________________________________
Google Summer of Code
* Summer of Code
* finstall
* FreeBSD-update Front End
* gvirstor
* MTund - Magic Tunnel Daemon
* Porting OpenBSD's sysctl Hardware Sensors Framework to FreeBSD
* Ports Collection infrastructure improvements
Projects
* Apple's MacBook on FreeBSD
* Multi-link PPP daemon (MPD) 5.x
* Multicast DNS
* Porting Linux KVM to FreeBSD
* USB
FreeBSD Team Reports
* FreeBSD.org Admins Report
* Ports Collection
Network Infrastructure
* Network Stack Virtualization
Documentation
* PC-BSD Handbook
* The Hungarian Documentation Project
* The Spanish Documentation Project
Miscellaneous
* EuroBSDcon 2007
* GNATS graphs
__________________________________________________________________
Apple's MacBook on FreeBSD
URL: http://wiki.freebsd.org/AppleMacbook
Contact: Rui Paulo <rpaulo@FreeBSD.org>
The Summer of Code project went well and we reached interesting
results. At least the Mac Mini should be fully supported by now.
Regarding the other Apple systems, we still need to polish some edges.
Open tasks:
1. Integrate rpaulo-macbook p4 branch into CVS.
2. Continue the work on the remaining issues.
...
| Pardo | Re: pthread_create() slow for many threads; also time to revisit 64b context switc... |
| Andrew Morton | 2.6.23-rc4-mm1 |
| Albert Cahalan | JIT emulator needs |
| Jack Stone | [PATCH 5/7] Replace DPRINTK with pr_debug in ncpfs |
git: | |
| Theodore Tso | Re: git on MacOSX and files with decomposed utf-8 file names |
| Johan Herland | [PATCH 0/6] Refactor the tag object |
| Ingo Molnar | [OT] Your branch is ahead of the tracked remote branch 'origin/master' by 50 commi... |
| Johannes Schindelin | [WIP PATCH] Add 'git fast-export', the sister of 'git fast-import' |
| Mark Reitblatt | US Export of Cryptography |
| Rico Secada | About non-free software in OpenBSD |
| Reza Muhammad | Dell PowerEdge 1950 III / R200 |
| Ivo Chutkin | problem installing some packages on 4.2 |
| David Miller | Re: [RFC PATCH 05/13] ip: support for TX timestamps on UDP and RAW sockets |
| Adrian Bunk | [2.6 patch] remove CONFIG_NET_SCH_RR |
| Erik Mouw | Lots of "BUG eth1 code -5 qlen 0" messages in 2.6.24 |
| David Miller | Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock(). |
