MidnightBSD Release Notes
Late breaking information:
Due to a bug in mport tools, it's recommended to use at least version 0.5.2.
Previous Release Notes
(09/22/2014) MidnightBSD 0.5-RELEASE
MidnightBSD 0.5 has been released on September 22, 2014.
Security
- Fixed a security issue with TCP SYN packet processing that could result in a denial of service attack.
- Fixed a bug with clearenv(3) that could result in a segfault
- Several OpenSSL security issues were addressed in this release including [CVE-2014-3506], [CVE-2014-3507], [CVE-2014-3508] and [CVE-2014-3510]
- Fix a vulnerability in the control message API. A buffer is not properly cleared before sharing with userland.
- Sendmail failed to properly set close-on-exec for open file descriptors.
- ktrace page fault kernel trace entries were set to an incorrect size which resulted in a leak of information.
- Fix a TCP reassembly bug that could result in a DOS attack
- bsnmpd contains a stack overflow when sent certain queries.
Enhancements
- Jails now run shutdown scripts.
- Support for username with length 32. Previous limit was 16
- Imported FreeBSD 9.2 usb stack (plus z87 patches from stable)
- Updated em(4), igb(4) and ixgbe(4)
- MidnightBSD now works with Z87 Intel chipsets.
- rarpd supports vlan(4) and has a pid flag. (from FreeBSD)
- Support for 65,536 routing tables was added. (up from 16)
- Added subversion to base (as svnlite)
- virtio(4) imported from FreeBSD 9-stable. SCSI support not included
Removed Features
- Sparc64 platform support
- Remove (BIND) named from base. We still include the client utilities for now until replacements are found.
New Software Versions
- File 5.19
- MKSH R50
- less v458
- Perl 5.18.2
- Sendmail 8.14.7 (plus AAAA record patch)
- Subversion 1.8.1
- zlib 1.2.7
mports & package tools
libmport was modified to support the concept of “upgrade” to migrate from one OS release to another. Packages now contain OS version they were built with. mport list now displays the OS version of the package to help with updating and mport list updates was changed to suggest upgrading to the current version.
Several bug fixes around checksum handling were resolved.
Package builds for the release are not yet complete.
KDE was removed from mports due to lack of a maintainer for our ports. KDE 3.x was too insecure and 4.x has not worked correctly for some time on MidnightBSD.
Currently, we’re recommending xfce 4.x as a desktop environment.
Contributors
I'd like to thank several contributors that made this release possible.
Christian Reinhardt (ctriv@) (mport/magus)
Caryn Holt (raven@)
Thorsten Glaser (MKSH assistance, etc)
BSD Magazine - helping us get the word out
Midnight the Cat for mascot assistance :)