FreeBSD Patches DoS Vulnerability

shutterstock_32990755FreeBSD has patched a denial-of-service vulnerability that could affect a host of third-party packages built atop the UNIX-like operating system.

The vulnerability—found in the way FreeBSD processes TCP packets—was discovered by a member of Juniper Networks’ incident response team. FreeBSD’s advisory warns that a hacker spoofing IP traffic can “tear down” a TCP connection with only two packets if they have knowledge of the target network and both TPC port numbers.

“When a segment with the SYN flag for an already existing connection arrives, the TCP stack tears down the connection, bypassing a check that the sequence number in the segment is in the expected window,” the advisory said.

See more at: http://threatpost.com/freebsd-patches-dos-vulnerability

FreeBSD 10.1-BETA1 now available

freebsd-logo-largeThe first BETA build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

The image checksums follow are included in the original announcement email.

Installer images and memory stick images are available here.

Check out the announcement here, with a list of instructions on how to update: http://freebsdfoundation.blogspot.com/2014/09/freebsd-101-beta1-now-available.html

pkg(8) is now the only package management tool

portmgrThe ports tree has been modified to only support pkg(8) as package management system for all supported version of FreeBSD.

if you were still using pkg_install (pkg_* tools) you will have to upgrade your system.

The simplest way is

cd /usr/ports/ports-mgmt/pkg
make install

then run

pkg2ng

For full instructions,  head on over to the following link: http://blogs.freebsdish.org/portmgr/2014/09/01/pkg8-is-now-the-only-package-management-tool/