From luke at foolishgames.com Thu Sep 25 08:16:22 2014 From: luke at foolishgames.com (Lucas Holt) Date: Thu, 25 Sep 2014 12:16:22 -0000 Subject: [Midnightbsd-kernel] MidnightBSD 0.5-RELEASE Message-ID: I'm happy to announce the release of MidnightBSD 0.5. Security Fixed a security issue with TCP SYN packet processing that could result in a denial of service attack. Fixed a bug with clearenv(3) that could result in a segfault Several OpenSSL security issues were addressed in this release including [CVE-2014-3506], [CVE-2014-3507], [CVE-2014-3508] and [CVE-2014-3510] Fix a vulnerability in the control message API. A buffer is not properly cleared before sharing with userland. Sendmail failed to properly set close-on-exec for open file descriptors. ktrace page fault kernel trace entries were set to an incorrect size which resulted in a leak of information. Fix a TCP reassembly bug that could result in a DOS attack bsnmpd contains a stack overflow when sent certain queries. Enhancements Jails now run shutdown scripts. Support for username with length 32. Previous limit was 16 Imported FreeBSD 9.2 usb stack (plus z87 patches from stable) Updated em(4), igb(4) and ixgbe(4) MidnightBSD now works with Z87 Intel chipsets. rarpd supports vlan(4) and has a pid flag. (from FreeBSD) Support for 65,536 routing tables was added. (up from 16) Added subversion to base (as svnlite) virtio(4) imported from FreeBSD 9-stable. SCSI support not included Removed Features Sparc64 platform support Remove (BIND) named from base. We still include the client utilities for now until replacements are found. New Software Versions File 5.19 MKSH R50 less v458 Perl 5.18.2 Sendmail 8.14.7 (plus AAAA record patch) Subversion 1.8.1 zlib 1.2.7 mports & package tools libmport was modified to support the concept of ?upgrade? to migrate from one OS release to another. Packages now contain OS version they were built with. mport list now displays the OS version of the package to help with updating and mport list updates was changed to suggest upgrading to the current version. Several bug fixes around checksum handling were resolved. Package builds for the release are not yet complete. KDE was removed from mports due to lack of a maintainer for our ports. KDE 3.x was too insecure and 4.x has not worked correctly for some time on MidnightBSD. Currently, we?re recommending xfce 4.x as a desktop environment. Learn more at http://www.midnightbsd.org/ Lucas Holt Luke at FoolishGames.com ________________________________________________________ MidnightBSD.org (Free OS) JustJournal.com (Free blogging)