Welcome to MidnightBSD

MidnightBSD is a BSD-derived operating system developed with desktop users in mind. It includes all the software you'd expect for your daily tasks — email, web browsing, word processing, gaming, and much more.

With a small community of dedicated developers, MidnightBSD strives to create an easy-to-use operating system everyone can use, freely. Available for x86, AMD64 and as Virtual Machines.

Get MidnightBSD

Latest Release - 3.1.3

Release Notes

News »

Sun, 04 Feb 2024 21:42

We're in the process of migrating to perl in mports from base.  Perl went into midnightbsd many y

Read more...

Fri, 12 Jan 2024 18:47

It seems that mport install doesn't work sometimes and gives no output. Workaround: mport download p

Read more...

Tue, 09 Jan 2024 18:51

Here are our plans for 2024: * 3.2 release - bug fix release with some base system third-party libra

Read more...

Security »

MNBSD-2023-17MNBSD-2023-17

December 28, 2023

MidnightBSD 3.0.2
pam_krb5 authenticates the user by essentially running kinit(1) with the password, getting a `ticket-granting ticket' (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password.

Normally, the system running the pam_krb5 module will also have a keytab, a key provisioned by the KDC. The pam_krb5 module will use the tgt to get a service ticket and validate it against the keytab, ensuring the tgt is valid and therefore, the password is valid.

However, if a keytab is not provisioned on the system, pam_krb5 has no way to validate the response from the KDC, and essentially trusts the tgt provided over the network as being valid.

Read more ...

August 2, 2023

MidnightBSD 3.0.2
pam_krb5 authenticates the user by essentially running kinit(1) with the password, getting a `ticket-granting ticket' (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password.

Normally, the system running the pam_krb5 module will also have a keytab, a key provisioned by the KDC. The pam_krb5 module will use the tgt to get a service ticket and validate it against the keytab, ensuring the tgt is valid and therefore, the password is valid.

However, if a keytab is not provisioned on the system, pam_krb5 has no way to validate the response from the KDC, and essentially trusts the tgt provided over the network as being valid.

Read more ...

April 9, 2023

MidnightBSD 2.2.8
Fix a CVE in the APR used by svnlite CVE-2022-25147

Read more ...