Here is February’s long link list of security warnings, drivers, software, blogs, insights, and discussions on getting BSD to work on various hardware. Enjoy and happy BSDing!
KDE FreeBSD updates (february 2020) via bobulate
RCE in OpenSMTPD library impacts BSD and Linux distros via ZDNet
FreeBSD Display Driver 440.59 2020.2.3 – x64 via NVIDIA
CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer via CyberSecurity-Help
CWE-254 – Security Features via CyberSecurity-Help
CWE-200 – Information Exposure via CyberSecurity-Help
FreeBSD : sudo — Potential bypass of Runas user restrictions (b4e5f782-442d-11ea-9ba9-206a8a720317) via Tenable
FreeBSD : Gitlab — Multiple Vulnerabilities (c5bd9068-440f-11ea-9cdb-001b217b3468) via Tenable
FreeBSD : Django — potential SQL injection vulnerability (5a45649a-4777-11ea-bdec-08002728f74c) via Tenable
FreeBSD : clamav — Denial-of-Service (DoS) vulnerability (e7bc2b99-485a-11ea-bff9-9c5c8e75236a) via Tenable
FreeBSD : libexif — privilege escalation (00f30cba-4d23-11ea-86ba-641c67a117d8) via Tenable
FreeBSD : Flash Player — arbitrary code execution (d460b640-4cdf-11ea-a59e-6451062f0f7a) via Tenable
CVE-2020-7450 via Tenable
FreeBSD : FreeBSD — kernel stack data disclosure (6025d173-4279-11ea-b184-f8b156ac3ff9) via Tenable
FreeBSD : dovecot — multiple vulnerabilities (74db0d02-b140-4c32-aac6-1f1e81e1ad30) via Tenable
FreeBSD : FreeBSD — libfetch buffer overflow (22b41bc5-4279-11ea-b184-f8b156ac3ff9) via Tenable
CVE-2019-5613 via Tenable
CVE-2019-15875 via Tenable
FreeBSD up to 12.0-RELEASE-p12 IPsec Packet Processor privilege escalation via VulDB
FreeBSD Security Advisory FreeBSD-SA-20:01.libfetch via FreeBSD-Announce
FreeBSD Security Advisory FreeBSD-SA-20:03.thrmisc via FreeBSD-Announce
Vulnerability of FreeBSD: privilege escalation via IPsec Replay Window Packet Injection via Vigil@nce
Vulnerability of FreeBSD: information disclosure via Core Dump Thrmisc Data Structure via Vigil@nce
grub2-bhyve — multiple privilege escalations via VuXML
Qt-Powered Lumina Desktop 1.6 Released For BSD/Linux Systems via Phoronix
The first FreeBSD conference in Australia (FreeBSD mini conf) via rubenerd
Choosing between OpenBSD and FreeBSD via unixsheikh
Insights into Why Hyperbola GNU/Linux is Turning into Hyperbola BSD via ItsFoss
Finally got around to installing FreeBSD on an old machine. I’m now using it as a simple git server :) from freebsd