From dayten at trustedleadpro.com Thu Apr 3 01:09:27 2025 From: dayten at trustedleadpro.com (Dayten Rynsburger) Date: Thu, 03 Apr 2025 05:09:27 +0000 Subject: [Midnightbsd-users] mport-manager expansion Message-ID: <603725c4-fe26-46e4-8ca9-8ce700acdba3@trustedleadpro.com> Hi there, saw you?ve got a new mport-manager out with that graphical package release. That sounds super handy! Just curious if you guys are looking at any business capital needs or maybe thinking about some lines of credit for future projects?? With the recent rate drop and election, there hasn?t been a better time to borrow in quite a while. Your communication is appreciated either way! Thanks, Dayten Rynsburger? Niche Capital Co-Founder From luke at foolishgames.com Thu Apr 3 11:44:54 2025 From: luke at foolishgames.com (Lucas Holt) Date: Thu, 3 Apr 2025 11:44:54 -0400 Subject: [Midnightbsd-users] MNBSD-2025-2: stack overflow in expat Message-ID: <873860b7-ac96-4a6f-b7ae-460481c7a3f8@foolishgames.com> There have been several recent security vulnerabilities in expat (which is bsdxml in the base system) This has been updated in mports, and we have updated to expat 2.7.1 in current and stable/3.2 branches.? The update will be included in a future MidnightBSD 3.2.3 release. advisory url: https://www.midnightbsd.org/security/adv/MNBSD-2025-2.html (will get updated after 3.2.3 is released) -- Lucas Holt Luke at FoolishGames.com ________________________________________________________ MidnightBSD.org (Free OS) JustJournal.com (Free blogging) From luke at foolishgames.com Thu Apr 3 13:04:33 2025 From: luke at foolishgames.com (Lucas Holt) Date: Thu, 3 Apr 2025 13:04:33 -0400 Subject: [Midnightbsd-users] MNBSD-2025-3 Message-ID: <099312c6-4fe5-432e-bf11-02e26d717b1b@foolishgames.com> MidnightBSD versions using xz 2.4.x or higher are vulnerable to a DOS in the multithreaded liblzma decompress code. This includes 3.2.x before 3.2.3 and 4 current before earlier today. Patch applied to stable/3.2 branch. 4-current updated to 5.6.3 and then patch applied. details: https://github.com/tukaani-project/xz/security/advisories/GHSA-6cc8-p5mm-29w2 https://www.midnightbsd.org/security/adv/MNBSD-2025-3.html -- Lucas Holt Luke at FoolishGames.com ________________________________________________________ MidnightBSD.org (Free OS) JustJournal.com (Free blogging)