The OpenBSD Foundation is excited to announce that it has received the first 2018 Iridium level donation. This year the first $100K+ donation came from Handshake (https://www.handshake.org).
We thank Handshake for its very generous support! This donation will no doubt fund many exciting projects in the coming years.
This status report covers both September and October 2024 and talks about changes in source tree, ports and more.
The first BETA build for the FreeBSD 14.2 release cycle is now available. ISO images for the amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv7, aarch64, and riscv64 architectures are FreeBSD mirror sites.
Run Linux Containers on FreeBSD 14 with Podman, Open Source FreeBSD NAS: Maintenance Best Practices, Self-hosting Bitwarden / VaultWarden on FreeBSD, I most definitely should (self-host)!, My 71 TiB ZFS NAS After 10 Years and Zero Drive Failures, Make Your Own CDN With OpenBSD Base and Just 2 Packages, and more.
Errata patches for Apple system management controller have been released for OpenBSD 7.6 and 7.5. Binary updates for the arm64 platform are available via the syspatch utility.
The fetch(3) library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch(1) to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a certificate included in the revocation file passed to the --crl option.
The command ctlpersistentreserveout allows the caller to specify an arbitrary size which will be passed to the kernel's memory allocator. A malicious guest could cause a Denial of Service (DoS) on the host. IV. Workaround No workaround is available. Systems not using virtioscsi(4) or ctld(8) are not affected.
Several vulnerabilities were found in the bhyve hypervisor's device models. The NVMe driver function nvmeopcgetlogpage is vulnerable to a buffer over- read from a guest-controlled value. (CVE-2024-51562) The virtiovqrecordon function is subject to a time-of-check to time-of-use (TOCTOU) race condition. (CVE-2024-51563) A guest can trigger an infinite loop in the hda audio driver. (CVE-2024-51564) The hda driver is vulnerable to a buffer over-read from a guest-controlled value. (CVE-2024-51565) The NVMe driver queue processing is vulernable to guest-induced infinite loops. (CVE-2024-51565).
As a user logs in, if the per user XDGRUNTIMEDIR directory already exists, a file descriptor to that directory is leaked in the calling process. This leaked directory file descriptor is inherited by all descendant processes that do not explicitly close it. In particular, it prevents an administrator from using jexec(8) or launching a new jail via jail(8), as both commands use the jailattach(2) system call which fails with EPERM if the calling process has an open directory in its file descriptor table, as a security measure to prevent jail escape. This file descriptor leak is normally harmless from a security standpoint as the XDGRUNTIME_DIR directory's content is usually readable and modifiable only by its owner and its group.
Errata patches for X11 server have been released for OpenBSD 7.6 and 7.5. Errata patch for OpenSSH has been released for OpenBSD 7.6. Binary updates for the amd64, arm64 and i386 platform are available via the syspatch utility. OpenSSH update only affects big-endian architectures, syspatch is not provided for such platforms.
Do you want to run some software that does not have FreeBSD package? With the help of SCRCPY you can control any Android device from a desktop computer.