FreeBSD Security Advisory (OpenSSL)

The FreeBSD Security Team has identified a security issue in openssl.

I. Background

FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

II. Problem Description

OpenSSL failes to clear the bytes used as block cipher padding in SSL 3.0 records when operating as a client or a server that accept SSL 3.0 handshakes. As a result, in each record, up to 15 bytes of uninitialized memory may be sent, encrypted, to the SSL peer. This could include sensitive contents of previously freed memory.

OpenSSL support for handshake restarts for server gated cryptograpy (SGC) can be used in a denial-of-service attack.

To find out more about the impact, a work-around and solution, check out the advisory page:FreeBSD Security Advisory (openssl)

FreeBSD upcoming events updates (MeetBSD, EuroBSDCon, GSoC)

MeetBSD California 2012

meetBSD 2012 will be held on Yahoo!’s campus in Sunnyvale, California, from 3 – 4 November 2012 and will be co-hosted by Yahoo! and iXsystems.

MeetBSD California is no normal conference – it’s a meeting of the minds from all over the BSD community. MeetBSD California 2012 will feature community-scheduled break-out sessions, discussions groups, and 5-10 minute “lightning talks,” as well as longer talks from seasoned BSD experts. 

MeetBSD California 2012 aims to engage the best of both worlds between traditional planned-speaker-centered conferences and the community-planned unConference model. Day one will be devoted primarily to planned talks, while day two will be scheduled entirely by the attendees, allowing anything from impromptu tutorials to hacking sessions. This is your conference, and we can’t wait to see you there!

EuroBSDCon 2012

BSDTalk has uploaded a 14 minutes interview with Paul Schenkeveld about the upcoming EuroBSDCon 2012 (Warsaw, Poland, 18-21 October): bsdtalk213 – EuroBSDCon with Paul Schenkeveld

GSoC 2012

Not strictly upcoming, but ongoing: Google’s annual Summer of  Code (2012) has kicked off. FreeBSD is represented by 15 projects.

Google Summer of Code is a global program that offers post-secondary student developers ages 18 and older stipends to write code for various open source software projects. We have worked with open source, free software, and technology-related groups to identify and fund projects over a three month period.

Global Calendar for (Free)BSD Events: bsdevents.org

BSDEvents.org is now online where (Free)BSD related meetings (annual and monthly) are announced. On bsdevents you will find all the details for upcoming gatherings, such as venue maps , presentations, etc.

The site is maintained by Dru Lavigne who looks after the PC-BSD and FreeNAS blogs.

Dru already tweeted events on #bsdevents, but there’s only so much you can squeeze into 140 characters.

OpenJDK 6 updated to Build 25.

Greg Lewis has updated the OpenJDK® 6 port to Build 25. See the JDK 1.6.x page for more details.

This is a native port of OpenJDK to FreeBSD:

cd /usr/ports/java/openjdk6
make install clean

OpenJDK (Open Java Development Kit) is a free and open source implementation of the Java programming language.[2] It is the result of an effort Sun Microsystems began in 2006. The implementation is licensed under the GNU General Public License (GPL) with a linking exception. The linking exception exempts components making use of the Java class library from the GPL licensing terms. OpenJDK is the official Java SE 7 reference implementation. (wikipedia)

Qt 4.8.1 and KDE SC 4.8.3 in ports

The long awaited KDE SC 4.8.3 was just committed to ports, along with Qt 4.8.1, Phonon 4.6.0, PyQt 4.9.1, and many more updates you shouldn’t care about. What you should be aware of is that KDE-Pim was finally updated and put in sync with the Software Compilation. As UPDATING suggests, if you want to stick with 4.4.11.1, you can replace deskutils/kdepim4 with deskutils/kdepim44.

Since Qt started using the raster graphics system engine by default (and the native one seems not to be an option anymore), you should add

kern.ipc.shmmni=1024
kern.ipc.shmseg=1024

to /boot/loader.conf

Howtos: FreeBSD install, ZFS, FreeNAS Serviio, FreeBSD Kernel

HOWTO 1: FreeBSD ZFS Madness

Some time ago I found a good, reliable way of using and installing FreeBSD and described it in my Modern FreeBSD Install HOWTO. Now, more then a year later I come back with my experiences about that setup and a proposal of newer and probably better way of doing it: HOWTO: FreeBSD ZFS Madness.

HOWTO 2: FreeNAS 8.0.3-p1 RELEASE MultiMedia with Serviio 0.6.1 pre-installed

As promised here is a build of FreeNAS 8.0.3 Release-p1 with the latest release of Serviio 0.6.1 integrated. This means NO JAIL IS NEEDED. You will still need to configure some settings from the command line: FreeNAS 8.0.3-p1 RELEASE MultiMedia with Serviio 0.6.1 pre-installed.

Rhyous’ howtos

Jared Barneck has recently added 3 very easy to follow, step-by-step tutorials:

 

FreeBSD Device Drivers: a guide for the intrepid (book)

“Device drivers make it possible for your software to communicate with your hardware, and because every operating system has specific requirements, driver writing is nontrivial.

When developing for FreeBSD, you’ve probably had to scour the Internet and dig through the kernel sources to figure out how to write the drivers you need. Thankfully, that stops now.

In FreeBSD Device Drivers, Joseph Kong will teach you how to master everything from the basics of building and running loadable kernel modules to more complicated topics like thread synchronization. After a crash course in the different FreeBSD driver frameworks, extensive tutorial sections dissect real-world drivers like the parallel port printer driver.”

The book has been reviewed by beginlinux

Buy this book on Amazon or nostarch press  (use DRIVERS for 40% discount)

FreeBSD and Microsoft Hyper-V Interoperability

Microsoft and its partnering companies are finalizing a project that will enable FreeBSD interoperability with Windows Server Hyper-V.

News about the project, which started in October, was announced last week at the BSDCan 2012 event in Ottawa, Canada. The project will produce drivers that will enable the open source FreeBSD server to run as a guest on Microsoft’s hypervisor. The drivers will be licensed under the BSD license, meaning freely usable open source code, with delivery expected “early this summer,” according to Microsoft’s announcement. The drivers will work with Windows Server 2008 R2 and FreeBSD versions 8.2 and 8.3.

… For this project, Microsoft is working with a technical staffing company, Insight Global, to develop a VMBUS driver, which will serve as the interface between Hyper-V and FreeBSD. It also partnered with Citrix and NetApp on the project, which are both contributors to FreeBSD and users of the FreeBSD technology. Citrix is focusing on network aspects of FreeBSD interoperability, while NetApp is handing storage aspects, according to Joe CaraDonna, NetApp’s technical director of core operating systems, in a Microsoft-conducted interview.

CaraDonna said that NetApp has been collaborating with Microsoft on various projects for more than 10 years. NetApp uses FreeBSD in its Data ONTAP-v virtual storage appliance. The company also has developed its own FreeBSD hypervisor, called “BHyVe,” which NetApp released as open source code last year.

Full article and source (redmondmag.com) (via)