FreeBSD Errata Notices and Security Advisories

submited 09 July 2020

  • FreeBSD Security Advisory FreeBSD-SA-20:19.unbound - Malformed answers from upstream name servers can send Unbound into an infinite loop, resulting in denial of service. A malicious query can cause a traffic amplification attack against third party authoritative nameservers.
  • FreeBSD Security Advisory FreeBSD-SA-20:20.ipv6 - The IPV6_2292PKTOPTIONS set handler was missing synchronization, so racing accesses could modify freed memory.
  • FreeBSD Security Advisory FreeBSD-SA-20:18.posix_spawnp - posix_spawnp spawns a new thread with a limited stack allocated on the heap before delegating to execvp for the final execution within that thread. execvp would previously make unbounded allocations on the stack, directly proportional to the length of the user-controlled PATH environment variable.
  • FreeBSD Errata Notice FreeBSD-EN-20:14.linuxkpi - A bug in one of the LinuxKPI subroutines could cause a kernel panic.
  • FreeBSD Errata Notice FreeBSD-EN-20:15.mps - mps(4) implements a pass-through interface which allows privileged user processes to submit commands directly to disks behind the controller. A bug in the code which copies command results out to the requesting process could cause a kernel panic.
  • FreeBSD Errata Notice FreeBSD-EN-20:13.bhyve - When an attempt is made to pass through a PCI device to a bhyve(8) VM (causing initialization of IOMMU) on certain Intel chipsets using VT-d the PCI bus stops working entirely resulting in a host crash. This issue occurs at least on the Intel Skylake series processors and those released later. A device passed through to a guest VM running OpenBSD at least since version 6.4 on both AMD and Intel processors may not fully work in the guest. OpenBSD issues 4-byte PCI configuration-space register reads and writes to consecutive 2-byte fields, which were not handled correctly by bhyve(8).
The BSD community linklog
Made a script? Written a blog post? Found a useful tutorial? Share it with the BSD community here or just enjoy what everyone else has found!


14 August 2020
How it fits BSD?  

Need to check desired computer model for BSD compatibility? Try the new approach described in this article.

13 August 2020
The BSDCan 2020 videos now available  

The videos from BSDCan 2020.

Enjoying DiscoverBSD? There is more...

Subscribe to BSD Weekly, our free, once–weekly e-mail round-up of BSD news and articles. It is currated from your content on DiscoverBSD and BSDSec (a deadsimple BSD Security Advisories and Announcements).

You can also support the work on Patreon.
12 August 2020
GSoC Reports: Benchmarking NetBSD, second evaluation report  

This report was written by Apurva Nandan as part of Google Summer of Code 2020.

DRM update to 4.12.14  

DragonFly’s direct rendering has been updated to match Linux 4.12.15, which means improved support for a number of Intel processors.

11 August 2020
Installing a jitsi server - in detail  

A very detailed explanation of how to set up Jitsi on FreeBSD and how the various packages interact.

OpenBSD Errata: August 11th, 2020 (libssl)  

Errata patches for LibreSSL have been released for OpenBSD 6.7. The TLSv1.3 client could hang, crash, leak memory or not interoperate with some TLSv1.3 servers. Binary updates for the amd64, i386, and arm64 platforms are available via the syspatch utility.

10 August 2020
GhostBSD 20.08.04 Now Available  

This release comes with kernel, OS and software application updates. We updated the MATE desktop to 1.24.0. A new interesting feature is the boot environment backup before updates.

How to try FuguIta  

FuguIta is OpenBSD based live CD. Learn how to create FuguIta LiveDVD, LiveUSB and how to boot it.

load more