[FreeBSD-Announce] Reminder: FreeBSD 10.0 end-of-life approaching

Dear FreeBSD community,
At 00:00 UTC, February 28, 2015, FreeBSD 10.0 will reach end-of-life and will
no longer be supported by the FreeBSD Security Team.  Users of FreeBSD 10.0
are strongly encouraged to upgrade to a newer release as soon as possible.

The currently supported branches and releases and their expected
end-of-life dates are:

 |   Branch  |   Release  |  Type  |   Release Date   |     Estimated EoL     |
 |stable/8   |n/a         |n/a     |n/a               |June 30, 2015          |
 |releng/8.4 |8.4-RELEASE |Extended|June 9, 2013      |June 30, 2015          |
 |stable/9   |n/a         |n/a     |n/a               |last release + 2 years |
 |releng/9.3 |9.3-RELEASE |Extended|July 16, 2014     |December 31, 2016      |
 |stable/10  |n/a         |n/a     |n/a               |last release + 2 years |
 |releng/10.0|10.0-RELEASE|Normal  |January 20, 2014  |February 28, 2015      |
 |releng/10.1|10.1-RELEASE|Extended|November 14, 2014 |December 31, 2016      |

Please refer to https://security.freebsd.org/ for an up-to-date list of
supported releases and the latest security advisories.

- --
Xin Li
FreeBSD Deputy Security Officer

Official announcement: http://www.mail-archive.com/freebsd-announce@freebsd.org/msg00629.html

Build your own FreeBSD update server

This tutorial by Tobias Feldhaus will show you how to create your own FreeBSD update server, eliminating the need to manually update each one individually.

FreeBSD is an operating system that we use to power various things at work. Its most significant advantage lays in the advanced filesystem ZFS and it’s proven stability. As of this writing we run 39 servers with FreeBSD and we update them regularly. While normal patches are quite fast to fetch and install, the upgrade from version 9.2 to 9.3 took a significant amount of time to fetch all the necessary files from the official servers.

That is why we started to run our own internal FreeBSD update server. There exists some documentation for this inside the official handbook which formed the basis for this blog post.


Important to know is that the update server has to run a newer version than the version you are trying to distribute. Thus I first upgraded the update server machine to 9.3 via the freebsd-update -r 9.3-RELEASE upgrade command as described in point 24.2.3 in the handbook.

When running on the newest version, proceed with checking out the SVN repository that holds all the configuration and scripts for the update server via:

cd /usr/local/
svn co http://svn.freebsd.org/base/user/cperciva/freebsd-update-build freebsd-update-server

I suggest to use /usr/local as this is the ‘standard’ path of most scripts within the repository.

Check out the full tutorial: http://james-woods.github.io/freebsd-update-server.html

How To Add a Swap on FreeBSD Unix Systems

This tutorial by shows us how to add a swap on FreeBSD 9.0 and 10.0 or later.

Fig.01: How to create a swap file on FreeBSD version 9.X and Earlier Commands

I need additional swap space to improve my FreeBSD Unix server/desktop performance. How do I add a swap file to FreeBSD system using command line options without creating a new partitions? How do I encrypt swap space on a FreeBSD Unix server for security purpose?

Tutorial details
Difficulty Intermediate (rss)
Root privileges Yes
Requirements FreeBSD
Estimated completion time 10m

A swap is nothing but space or file on a disk that can used as virtual memory. In FreeBSD and Unix-like operating systems, it is common to use a whole partition of a hard disk for swapping. When a FreeBSD based server runs out of memory, the kernel can move sleeping or inactive processes into swap area. A dedicated Swap partition goes a long way to avoid system freeze but if you notice you are running out of RAM or your applications are consuming too much of it then you may want to setup a swapfile. This guide helps you add a swap space on FreeBSD based Unix server.

Check out the full tutorial: http://www.cyberciti.biz/faq/create-a-freebsd-swap-file/

Researchers at Core Security Technologies issued an advisory on vulnerabilities affecting FreeBSD

Core Security Technologies, a network security company that specializes in attack intelligence and vulnerability management, has recently discovered several vulnerabilities in FreeBSD.

Researchers at Core Security Technologies issued an advisory today on three vulnerabilities in affecting the FreeBSD operating system.

FreeBSD is a Unix-like operating system used to power servers, desktops and embedded platforms. According to the advisory from Core Security, several vulnerabilities were spotted in the FreeBSD kernel code that implements the vt console driver previously known as Newcons as well as the code the implements Stream Control Transmission Protocol [SCTP] sockets. These issues could enable a local, unprivileged attacker to crash the system, disclose kernel memory containing sensitive information and execute arbitrary code with super user privileges.

The FreeBSD Project issued fixes for the issues that are available to users who upgrade to FreeBSD 10.1-RELENG or one of the following reasons: stable/10, 10.1-STABLE releng/10.1, 10.1-RELEASE-p5 releng/10.0, 10.0-RELEASE-p17 stable/9, 9.3-STABLE releng/9.3, 9.3-RELEASE-p9 stable/8, 8.4-STABLE releng/8.4 and 8.4-RELEASE-p23.

Original announcement: http://www.securityweek.com/freebsd-patches-kernel-security-vulnerabilities

FreeBSD Foundation January 2015 Update

FreeBSD foundation logoThis month’s update from the FreeBSD Foundation includes development updates, conference updates, stories from developers, as well as 2015’s fundraising goal.


Dear FreeBSD Community Member,

January is that exciting time of year where everything feels new again. It radiates with opportunities and allows us to embark on plans to make this year the best one yet. Here at the Foundation, we are using that energy to get a running start in a number of areas. Our Project Updates continue to show great progress in key areas such as arm64. We’ve kicked off our 2015 fundraising campaign(our most ambitious to date) and we’re launching a new series of articles. Plus, our conference calendar is quickly filing up and includes more new events.  2015 is shaping up to be an awesome year for the Foundation and FreeBSD Community. We can’t wait to show you what’s in store.  Until then, take a minute and check out all that’s happened since our last update.
Happy New Year!

Read the full announcement here: https://www.freebsdfoundation.org/press/2015janupdate.pdf

Ice 3.6b: Build Ice, IcePy and IcePHP on FreeBSD

iceUser grembo wrote this short tutorial on how to set up Ice on FreeBSD.

The attached patch allows building Ice 3.6b on FreeBSD.

To install Ice, IcePy and IcePHP do:

cd /usr/ports
patch -p1 <ice36b-freebsd-port.patch.txt

# install Ice for C++
cd /usr/ports/devel/ice-beta
make install clean

# install Ice for Python
cd /usr/ports/devel/py-ice-beta
make install clean

# install Ice for PHP
cd /usr/ports/devel/php5-ice-beta
make install clean

(includes https://www.zeroc.com/forums/patches…rformance.html).

Original post: https://www.zeroc.com/forums/patches/6380-ice-3-6b-build-ice-icepy-icephp-freebsd.html