On 21/08/2023 09:06, Christos Chatzaras wrote:
I am aware that work is currently being done for upcoming FreeBSD 14
release and there may not be available human resources, but is there
anyone working on this?
The FreeBSD project doesn't have the capability to fix this
independently of the
On 2016/11/03 09:41, Kimmo Paasiala wrote:
> Both 10.1 and 10.2 are going to be unsupported by the end of this
> year, that's probably the reason the fix was not included in them.
>
> https://www.freebsd.org/security/#sup
>
Yes, but 10.1 and 10.2 are still supported for the next two months.
On 26/09/2016 08:42, Ronald F. Guilmette wrote:
>
> Sorry folks. I'm almost entirely ignorant about everything crypto,
> and these questions would probably be better asked elsewhere, but
> you all on this list are nicer that folks elsewhere, and probably
> will have the kindness not to poke too
On 13/09/2016 22:07, Ronald F. Guilmette wrote:
> One set of such decisions has to do with the following files:
>
> ~ftp/etc/group
> ~ftp/etc/pwd.db
>
> Thinking about how the contents of these files affects the behavior of
> the ftp DIR command caused me to realize that I actually would
On 2015/12/18 15:47, rhi wrote:
> Matthew Seaman freebsd.org> writes:
>
>> Is that the ports or the base version of openssl? I can recreate your
>> results with the base openssl, but everything works as expected with the
>> ports version:
>
> Yes, it's
On 10/30/15 17:21, Matthew Seaman wrote:
> On 2015/10/30 10:32, Dag-Erling Smørgrav wrote:
>> Can those of you who are experiencing this bug on 10 please try to build
>> and run a kernel from head@287591 or newer (with your 10 userland) and
>> report back?
>>
>> #
On 2015/10/30 10:32, Dag-Erling Smørgrav wrote:
> Can those of you who are experiencing this bug on 10 please try to build
> and run a kernel from head@287591 or newer (with your 10 userland) and
> report back?
>
> # svnlite co svn://svn.freebsd.org/base/head@287591 /tmp/head
> # cd /tmp/head
> #
On 10/27/15 22:51, Robert Sargent via freebsd-security wrote:
> there is a simple workaround if you don't want to or can't reboot your
> machines: install the ntp pkg
>
> pkg install ntp
>
> and add the following line to /etc/rc.conf
>
> ntpd_program="/usr/local/sbin/ntpd"
>
> then kill
On 13/06/2015 22:28, rollingbits (Lucas) wrote:
On Fri, Jun 12, 2015 at 07:43:30AM +, FreeBSD Security Advisories wrote:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
Do I need rebuild my packages
On 05/20/15 23:48, Xin Li wrote:
The document at https://weakdh.org/sysadmin.html gives additional
information for individual daemons, including Apache (mod_ssl), nginx,
lighttpd, Tomcat, postfix, sendmail, dovecot and HAProxy.
The part of that https://weakdh.org/ site that concerns me most is
On 30/04/2014 19:58, Xin Li wrote:
On 04/30/14 11:51, Corey Smith wrote:
It would be interesting to find out if we could teach net-snmpd
to use alternative methods to access data it needs
It is not necessary if you build net-mgmt/net-snmp with the
UNPRIVILEGED knob set.
Will there be any
On 11/04/2014 15:34, Erik Trulsson wrote:
Quoting sbre...@hotmail.com:
I receive daily email from the host which normally shows port audits
and vulnerabilities. However, I did not sport anything related to
CVE-2014-0160 in this email. I expected the same info comes in this
email about the
On 09/04/2014 18:28, Dag-Erling Smørgrav wrote:
RedHat had prior notice since one of the OpenSSL devs is on their
security team. They had an update ready to roll out before the issue
was leaked (the builds are dated 2014-04-07 11:34:45 UTC), and were
basically just waiting for the
On 18/03/2014 03:56, Ronald F. Guilmette wrote:
(It was explained to me at the time that NTP operates a bit like DNS...
with which I am more familiar... i.e. that all outbound requests originate
on high numbered ports, well and truly away from all low numbered ports,
including, in particular,
On 21/11/2012 03:37, Mark Andrews wrote:
The certificates are self-signed. Whilst the hashes are published on
the FreeBSD website, that site is only available via HTTP so there's
still a bootstrap issue - which I don't have a general solution for.
See DANE, RFC 6698.
Which means getting
On 20/11/2012 10:01, Ollivier Robert wrote:
According to Gary Palmer on Sun, Nov 18, 2012 at 01:04:21PM -0500:
In other words: while signed updates via freebsd-update and portsnap
are great for a good chunk of users, they don't address everyones needs.
Hopefully, with the move toward kngng,
On 09/08/2012 23:13, Glen Barber wrote:
On Thu, Aug 09, 2012 at 03:31:25PM -0600, Brett Glass wrote:
I realize that sysinstall is deprecated in favor of the new installer, but
the new installer doesn't have the ability to install binary packages.
Until and unless there's a convenient
On 18/11/2011 04:22, sys Admin wrote:
On Thursday, November 17, 2011, Mike Tancsa m...@sentex.net wrote:
On 11/17/2011 9:29 PM, sys Admin wrote:
Hi
Any plans to apply these patches to the bind version shipped with
FreeBSD ?
http://www.isc.org/software/bind/advisories/cve-2011-tbd
Hi,
On 04/10/2011 21:38, Mark Duller wrote:
On 10/04/11 20:15, FreeBSD Security Advisories wrote:
=
FreeBSD-SA-11:05.unix Security
Advisory
The FreeBSD Project
Topic:
On 02/10/2011 05:53, Brett Glass wrote:
Another question. Suppose one has built a custom kernel (as I always
do). Does FreeBSD-update update the kernel sources such that I can do a
simple make buildkernel installkernel? Or do I also have to csup my
kernel sources to some specific tag and
On 02/04/2011 00:30, Chad Perrin wrote:
I don't think that either of the two options currently under discussion
(quietly provide a trusted CA list or quietly failing to provide one)
is optimal. In the best-case scenario, I guess there would be some
self-evident system for letting the user
On 25/07/2010 19:06:30, ajtiM wrote:
Hi!
portaudit -a shows:
Affected package: mDNSResponder-214
Type of problem: mDNSResponder -- corrupted stack crash when parsing bad
resolv.conf.
Reference:
http://portaudit.FreeBSD.org/1cd87e2a-81e3-11df-81d8-00262d5ed8ee.html
Affected package:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 17/04/2010 17:01:13, Tim Gustafson wrote:
This isn't an answer to your question, but you could
always use OpenSSL from the ports tree.
I'm hesitant to do so because in the past I've had problem when I've
used the ports to upgrade base
FreeBSD Security Advisories wrote:
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is
a collaborative effort to develop a robust, commercial-grade, full-featured
Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)
and Transport Layer
Jason Stone wrote:
If people really would like to see these kind of notifications (i.e.,
security-related PRs for ports) in mailing-list format, I think that a
separate mailing list would be appropriate (e.g.,
freebsd-security-ports@).
There's already a freebsd-vuxml@ list which hasn't seen
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Ian Smith wrote:
On Thu, 17 Apr 2008, Peter Pentchev wrote:
On Thu, Apr 17, 2008 at 04:07:56PM +1000, Ian Smith wrote:
On Thu, 17 Apr 2008, FreeBSD Security Advisories wrote:
IV. Workaround
Disable support for
26 matches
Mail list logo