[Midnightbsd-users] MidnightBSD 3.2.2 RELEASE
Lucas Holt
luke at foolishgames.com
Sun Feb 9 19:25:56 EST 2025
MidnightBSD 3.2.2 RELEASE is now uploading to our mirrors.
Changes include:
|A NFS server that exports a cd9660, tarfs, or ext2fs file system can be
made to panic by mounting and accessing the export with an NFS client.
Further exploitation (e.g., bypassing file permission checking or remote
kernel code execution) is potentially possible, though this has not been
demonstrated. In particular, release kernels are compiled with stack
protection enabled, and some instances of the overflow are caught by
this mechanism, causing a panic. Fix permissions on etcupdate use.
(security issue) Previously sensitive files could end up in the
conflicts directory world readable. Make kernel modules non executable
on file system. Update portsnap key! pkg-config files are now installed
for base openssl Ravenports bootstrap changed after switch of their
package manager. Base system config(8) updated|
--
Lucas Holt
Luke at FoolishGames.com
________________________________________________________
MidnightBSD.org (Free OS)
JustJournal.com (Free blogging)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.midnightbsd.org/pipermail/midnightbsd-users/attachments/20250209/11f48e99/attachment.htm>
More information about the Midnightbsd-users
mailing list