Buffer Overflow Vulnerability in FreeBSD Discovered by Norse

Norse_LNorse announced today that they discovered a buffer overflow vulnerability in FreeBSD which they privately disclosed to the FreeBSD security team, who subsequently issued a security advisory with some details on the flaw and options for remedy (FreeBSD-SA-14:27.stdio).

FreeBSD is an advanced computer operating system employed to power modern servers, desktops and embedded platforms, according to the project’s organizers, who have collaborated with a large community of developers for more than thirty years.

Read the full blog with instructions on how to patch: http://blog.norsecorp.com/2014/12/10/buffer-overflow-vulnerability-in-freebsd-discovered-by-norse/

The FreeBSD Foundation introduces new board member

Recently, The FreeBSD Foundation announced the addition of Cheryl R. Blain to the Board of Directors. We sat down with Cheryl to find out more about her background and what brought her to the Foundation. Take a look at what she has to say:

Tell us a little about yourself, and how you got involved with FreeBSD?
I was bit by the entrepreneur bug in 1999 when working for a non-profit. I’ve worked with high-tech, venture-backed, small-cap companies ever since.  My typical engagement finds me streamlining operations and sales teams to prepare companies for their next step forward, which most often involves financing.

Check out the full blog and interview here: http://freebsdfoundation.blogspot.com/2014/12/more-from-your-newest-board-member.html

FreeNAS 9.3-RELEASE is now available

FreeNAS_logo_lightThe developers of FreeNAS have made available the long awaited 9.3 RELEASE. This version features numerous updates ranging from security patches to new features. Some of the changes are listed:

  • New simplified UI
  • New update manager
  • New configuration wizard
  • Boot from ZFS device
  • Support for WebDAV
  • And much, much more

FreeNAS 9.3 - System Info

Full release notes: http://download.freenas.org/9.3/RELEASE/ReleaseNotes

Download the ISO/image: http://www.freenas.org/download/


In addition, FreeNAS Team released these tutorials to get you started on installing and upgrading to FreeNAS 9.3.

For more helpful tutorials, check out their channel: https://www.youtube.com/user/FreeNASTeam

How To: Install OTRS 4.0.2 on FreeBSD 10.1 (with ZFS, MySQL56, Apache24)

User kuantem wrote this tutorial on how to install OTRS Help Desk software onto FreeBSD.

http://www.otrs.com/wp-uploads//2013/10/OTRS_Logo.pngAfter dealing with OTRS Help Desk on Ubuntu Server for a couple of years (which actually worked quite well for our small IT firm!), I’ve finally decided to migrate this great Help Desk platform over to FreeBSD, simply because I love it! I’m no FreeBSD master, but I’ve figured out just enough to get this working. So here we go…
~Alex

Step 1: Pre Installation Tasks

(Assuming you have a new FreeBSD 10.1 installation with ZFS. Which I’ve installed on MS Hyper-V Server 2012 R2.)

Edit /etc/rc.conf and verify the hostname of your FreeBSD/OTRS server as well as the static IP address. Which may look something like this:

Code:
# Networking
hostname="OTRS"
ifconfig_de0="inet 192.168.1.20 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
sshd_enable="YES"
zfs_enable="YES"
apache24_enable="YES"
mysql_enable="YES"

Full instructions here: https://forums.freebsd.org/threads/how-to-install-otrs-4-0-2-on-freebsd-10-1-with-zfs-mysql56-apache24.49365/

 

BSD Magazine November 2014

BSD_11_2014-1

In this November issue of BSD Magazine, Tiago presents an article on how to use PPoE Concentrator Dual-Stack. Rob Somerville has articles on how to use GIMP, and the difference between geeks and nerds. In addition, Craig S. Wright shows us how to use 100+ UNIX commands, and Michael Ortega introduces Acunetix Web Vulnerability Scanner.

Download it from this link:

http://bsdmag.org/download/2896/

FreeBSD Foundation 2014 Year-End Fundraising Appeal

logo_freebsdfoundationDear FreeBSD community,
 
I’m writing to you today because I know you are passionate about FreeBSD. You care that it’s innovative, secure, stable, reliable, well engineered and documented, and loved.
 
For 14 years, the FreeBSD Foundation has been providing funding and support for the FreeBSD Project and community worldwide. We are fully funded by donations from people like you. That’s why I’m excited to tell you that we’ve kicked off our year-end fundraising campaign!
 
This has been an exciting time for the Foundation and FreeBSD community. As you may have heard, we kicked off this fundraiser with the largest donation we’ve ever received. Whether you are a developer, writer, advocate, organizer, user, or investor, this donation is a positive reflection on the work you are doing for FreeBSD…..

Read the rest of the announcement from Deb Goodkin here: http://freebsdfoundation.blogspot.com/2014/12/freebsd-foundation-2014-year-end.html

How to configure full disk encryption in PC-BSD 10.1

This article by LinuxBSDOS shows us how to configure full disk encryption in PC-BSD 10.1.

Disk partition of PC-BSD 10.1Full disk encryption is supported in the graphical installer of PC-BSD 10.1, which was released on November 16 and which I just reviewed just three days ago (see PC-BSD 10.1 review).

In this article, you’ll read how to install a default PC-BSD 10.1 system on a single hard drive with full disk encryption configured. The installation image I used is the same one I used for the review, which I transferred to a USB stick by using the dd command. You may download an installation image of PC-BSD 10.1 from here.

For this tutorial, the test computer is a recent build using a motherboard with UEFI firmware, and the target hard drive is a 500 GB unit. If you wish to follow along, boot into the installer, then click through the first few steps until you get to the step shown in Figure 1. Full disk encryption is not part of the configuration in a default installation of PC-BSD 10.1, so you’ll have to click on the Customize button.

Full article with instructions: http://www.linuxbsdos.com/2014/11/27/how-to-configure-full-disk-encryption-in-pc-bsd-10-1/

ruBSD 2014 (13 December, Moscow)

ruBSD, a Russian technical BSD conference set up last year, will again take place this year on 13 December in Moscow.

The conference is free to attend, though registration is required as there are only a limited number of places.

The talks will be around highly loaded web servers, ZFS and iSCSI, package management, embedded-systems and IPv6 use in practice.

Among the presenters are Scott Long from Netflix, FreeBSD developer Baptiste Daroussin and Aleksandr Motin from iXsystems.

For more information visit the ruBSD 2014 event page.