Fri, 08 Jul 2016 00:26
MidnightBSD 0.7.9 RELEASE
Fix four security issues with MidnightBSD. The implementation of TIOCGSERIAL ioctl(2) does not clear the output struct before sending to userland in the linux emulation layer. The compat 43 stat(2) system call exposes kernel stack to userland. libarchive - CVE-2015-2304 and CVE-2013-0211 fix issues with cpio directory traversal and an integer signedness error in the archive write zip data routine. ...
Fri, 08 Jul 2016 00:26
Downloads and traffic to midnightbsd.org
We?ve had 1370 downloads from our CDN in the last month for 0.7 release.? Website traffic from April 20 to May 20: 1840 sessions 1504 users 3558 page views 31% traffic from Russia 17.66% from US 5% from Germany Browser stats: 48% Chrome 27% Firefox 6% Safari 5% Opera ...
Thu, 22 Aug 2013 11:59
0.4-RELEASE-p2 : Fix IP MULTICAST and SCTP vulnerabilities
Fix two security vulnerabilities.Fix an integer overflow in IP_MSFILTER (IP MULTICAST). This could be exploited to read memory by a user process.When initializing the SCTP state cookie being sent in INIT-ACK chunks,a buffer allocated from the kernel stack is not completely initialized.Patches obtained from: FreeBSD...
Wed, 17 Jul 2013 23:00
Bug in 0.4-RELEASE
We've identified a bug related to package management in MidnightBSD .0.4-RELEASE.
The hash check that is part of libmport is improperly working. This means you can't install packages with the mport command.
To work around this issue, please checkout the 0.4-RELEASE source from CVS using the directions onthe site and then rebuild and install libmport.
Mon, 08 Jul 2013 12:23
In addition to our mirrors, we have some other options for downloading 0.4 release popping up....
Sat, 06 Jul 2013 19:41
MidnightBSD 0.4-RELEASEMidnightBSD 0.4 has been released on July 5, 2013. It includes many new features, butof particular interest is the new package management tool, mport.This release is a bit different from previous releases in that we plan to updatepackages during the support period for 0.4. Rather than upload packages andsit on them for the life of the release, you will be able to download updatedpackages for i386 and amd64 periodically.Due to this new feature, our initial package offering is smaller than we've donefor previous releases as many things had to get migrated and updated. We planto expand the packages available in the coming weeks.In addition to mport, we've imported a large number of features from FreeBSD 9.1including ZFS with ZPOOL 28/dedup support, LLVM + CLANG in base, migration to GPTas the default in the installer, bsdinstall, BSD licensed sort and grep,cpucontrol(8), and UFS2 + SUJ (journaling). We've also imported the newer FreeBSDUSB stack, NFSv4 client, syscons, and CAM based ATA.Support for newer hardware includes Intel Sandybridge and Ivy Bridge graphics,various wifi chipsets, updates to Intel and Realtek ethernet adapters, and acpi.The default system compiler is still GCC 4.2, but it has been updated to a newer release.We also removed libobjc from base as it was GCC specific and we want to migrate tolibobjc2. We offer libobjc2 in mports and it will work with GCC and LLVM.MidnightBSD now has it's own GPT partition types and offers a new search command,msearch.libc gains strnlen(3), memrchr(3), stpncpy(3).We've also imported and updated many third party libraries:bzip2 version 1.0.6Diffutils 3.2FILE 5.05OpenSSH 5.8p2SQLite 126.96.36.199MKSH R44NetBSD's iconvBIND 9.8tcsh 6.18.01Perl 5.14.2mDNSResponder 333.10less v436libarchive 3.0.3libdialog (lgpl version)libffi 3.0.10wide-dhcpv6openresolvsendmail 8.14.5sudo 1.7.4-p6tzdata_2012jThis release is a bit disruptive due to the number of changes, but it was decidedto move forward with it due to the age of 0.3-RELEASE. The next release is planned
as a stability release and meant to work on desktop related functionality....
Wed, 26 Jun 2013 12:26
There have been two snapshots release in the last few months, i386 and amd64. The former appears to be bug free and was created this month. You can find it in the snapshots directory under i386 and0.4-130610-SNAP. The amd64 snap has a few bugs, but can be installed.
Both of these snapshots are for 0.4-CURRENT. Recently, we created a branch for 0.4 and there are a few large big fixes and one security update since the snapshots were released. It is strongly recommended to rebuild from the 0.4 branch after installing a snapshot.
There are currently no packages for i386 available. The index does not work with the newer mport tool in RELENG_0_4. As the ports tree is in the middle of a major update, it's not stable enough to release packages yet. I'm working on this problem.
Most notebly QT4 is broken right now. X.org ports, dbus, gcc and many other ports have been updated in the last month. There have been many architecture changes to the mports/Mk extensions as well. We now support some FreeBSD ports USES statements (pathfix, charset, ncurses, pkgconfig) which makes migrating ports from FreeBSD easier.
Magus has been running lately and churning out test builds of packages. The results for the last 3 runs were quite bad....
Sun, 14 Apr 2013 16:30
0.4 amd64 snap on FTP
We have a new snapshot uploading to the FTP server. It's the first snap in a year. This snapshot is a little buggy, but does allow you to install MidnightBSD.
Please note there are many changes from 0.3-RELEASE:
1. Uses new midnightbsd partition types: mnbsd-ufs, mnbsd-boot, etc on GPT
2. ZFS is much newer than 0.3. If you upgrade your pools, you can't use them with 0.3 anymore.
3. KMS with Intel Ivy Bridge graphics
4. Installer is completely different
6. updated mksh, BIND, tcsh, file, diff, binutils, mDNSResponder, libffi, openpam, openresolv, tnftp, tzcode, tzdata, wpa, xz, compiler_rt, sqlite3, ncurses, netcat, pf, traceroute, perl, openssh, openssl, less
7. updated from FreeBSD: make ipfw & ash, forth menus for the loader, bsdinstall, bsd sort, new USB stack, new cam based ATA, geom
8. llvm + clang
mport is the default package manager!
Major hardware support updates.. several wifi adapters, etc....
Thu, 21 Feb 2013 03:44
New Magus run
Here's the latest run from magus. Package count was just shy of 1800. Many of these failures are related to Java ports. I've made a change tonight to fix most of these.
238 0.4 amd64 active 2013-02-19 16:13:36
Tue, 19 Feb 2013 11:43
Latest magus run results
We started up our package build cluster again. A run was queued up on the 10th and run over the weekend on the new server hardware. The results are much better than I expected after such a long time without magus.
ID OSVersion Arch Status Created 237 0.4 amd64 active 2013-02-10 16:49:31
Fri, 01 Feb 2013 03:59
There have been many updates in current lately. BIND 9.8 is in progress.
Here's a brief changelog.20130125: MKSH R41 imported 20130122: OpenSSH 5.8p2 imported SQLite 188.8.131.52 imported Fixed a longstanding bug in libmport extrating new index files.
Fri, 01 Feb 2013 03:57
Fix a longstanding bug with libmport's return status. As this affects installation of ports, an update was applied to this branch. This is not a security update and not needed for pkg_tools....
Tue, 03 Jul 2012 12:50
MidnightBSD 0.3-RELEASE-p9Bind vulnerability related to resource records. See CVE-2012-1667.
Tue, 03 Jul 2012 12:49
MidnightBSD 0.3-RELEASE-p8Fix a problem with cyrpt's DES implementation when used with non 7-bit ascii passwords.
Thu, 31 May 2012 13:26
MidnightBSD 0.3-RELEASE-p7 fixes a new security issue found in OpenSSL. It is recommended for all users.
0.4-CURRENT has also been updated....