Release Notes icon MidnightBSD Release Notes

(08/14/2016) MidnightBSD 0.8-RELEASE

MidnightBSD 0.8 includes several enhancements to the system. We switched system compilers from GCC 4.2 to llvm/clang 3.3 with plans to update to newer versions. We’re making use of libdispatch in our package manager. Several longstanding bugs with the mports framework have been fixed.

Security

Kernel

The implementation of TIOCGSERIAL ioctl(2) does not clear the output struct before sending to userland in the linux emulation layer.

The compat 43 stat(2) system call exposes kernel stack to userland.

atkbd(4) - Incorrect signedness comparison in the ioctl(2) handler allows a malicious local user to overwrite a portion of the kernel memory.

Incorrect argument handling in sendmsg(2)

Incorrect argument handling in the socket code allows malicious local user to overwrite large portion of the kernel memory.

A special combination of sysarch(2) arguments, specify a request to uninstall a set of descriptors from the LDT. The start descriptor is cleared and the number of descriptors are provided. Due to invalid use of a signed intermediate value in the bounds checking during argument validity verification, unbound zero'ing of the process LDT and adjacent memory can be initiated from usermode.

TCP MD5 signature denial of service

A programming error in processing a TCP connection with both TCP_MD5SIG and TCP_NOOPT socket options may lead to kernel crash.

SCTP

A lack of proper input checks in the ICMPv6 processing in the SCTP stack can lead to either a failed kernel assertion or to a NULL pointer dereference. In either case, a kernel panic will follow.

libarchive

CVE-2015-2304 and CVE-2013-0211 fix issues with cpio directory traversal and an integer signedness error in the archive write zip data routine.

OpenSSL

The padding check in AES-NI CBC MAC was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes. [CVE-2016-2107]

An overflow can occur in the EVP_EncodeUpdate() function which is used for Base64 encoding of binary data. [CVE-2016-2105]

An overflow can occur in the EVP_EncryptUpdate() function, however it is believed that there can be no overflows in internal code due to this problem. [CVE-2016-2106]

When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio() a short invalid encoding can cause allocation of large amounts of memory potentially consuming excessive resources or exhausting memory.[CVE-2016-2109]

The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. [CVE-2015-3194]

When presented with a malformed X509_ATTRIBUTE structure, OpenSSL will leak memory. [CVE-2015-3195]

If PSK identity hints are received by a multi-threaded client then the values are incorrectly updated in the parent SSL_CTX structure. [CVE-2015-3196]

OpenSSH

Fix a security issue with OpenSSH X11 forwarding that can allow an attacker run shell commands on the call to xauth.

bsnmpd

Fix security on bsnmpd configuration file during installation.

Enhancements

top now displays information on ZFS arc cache.

llvm + clang 3.3 is now the default compiler in MidnightBSD.

Introduce pipe2 to linux emulation layer.

Increase kern.ipc.somaxconn default to 256.

In rpcbind(8), netbuf structures are copied directly, which would result in two netbuf structures that reference to one shared address buffer. When one of the two netbuf structures is freed, access to the other netbuf structure would result in an undefined result that may crash the rpcbind(8) daemon.

Fix kqueue write events for files > 2GB

libdispatch is now configured to use the blocks runtime. Removed Features This may be the last release with i386 support. We’re considering dropping it and focusing on amd64 as most modern PCs are 64 bit capable.

P4tcc is now disabled by default. You can edit the device.hints file to turn this back on. This will result in no CPU frequency changing features on old devices, but it causes less confusion on modern CPUs. If you notice that your CPU is not detecting frequency, turn this back on to allow powerd to scale.

New Software Versions

mports & Package Tools

mport and libmport is now multithreaded and makes use of the libdispatch library and Blocks runtime.

Add initial statistics api to libmport and a driver to print it in mport(1).

libmport now supports @preexec, @postexec, @preunexec and @postunexec to replace @exec and @unexec.

pre exec runs afer pre-install scripts but before actual installation. post exec runs after install but before post install scripts and pkg message. pre unexec runs before pre uninstall scripts post unexec runs before de-install scripts and after file removal.

Several issues have been fixed with package installation including better error handling and reporting to failures, fixes to @sample and @(root,wheel,4555) permissions handling, and optimizations to upgrading databases, initialization and the configuration of the sqlite3 databases with respect to performance. Installs should be significantly quicker as a result.

There is one known issue. The @mode with no parameters is currently causing crashes. While this only affects a small number of ports, it will be fixed in a future update to the stable branch some time after release. Packages

A significant amount of work went into fixing bugs with the mports framework and the package manager in this release. We now have over 3,000 ports. QT5 went in just after packages were built for the release.

There are 2600 packages available for i386 and about 1800 for amd64 currently. We’re planning on rolling new packages for amd64 soon. An issue with the package manager delayed the release and caused failures during the amd64 build. This bug has been fixed, but there wasn’t time to update packages before the release went out. This means desktop environments were not fully built for amd64 yet, but will be available in the next few days.

Notable mports to try:

Note: this release is a little weak on packages and that will be corrected over time. Many ports actually work if you build from source such as ruby, gnome 3, node/npm, etc. We also made progress on the openjdk 6 port. It’s not working with some software, most notably Tomcat but you can run some desktop applications on it.

If you are updating an existing system, after installing 0.8, you can use mport upgrade to update packages with 0.8 versions. It is recommended that you delete /usr/mports/Packages and run mport clean to remove old package remnants.

You may use svnlite (part of the base system) to checkout mports or src, if you do not wish to install the svn package.
e.g.
cd /usr/ && svnlite co http://svn.midnightbsd.org/svn/mports/trunk mports