From deb at freebsd.org Wed Dec 3 08:43:12 2008 From: deb at freebsd.org (Deb Goodkin) Date: Wed Dec 3 09:47:34 2008 Subject: [FreeBSD-Announce] FreeBSD Foundation Project Announcement Message-ID: <4936B706.1020400@freebsd.org> Dear FreeBSD Community, The FreeBSD Foundation is very pleased to announce the next in a series of developer grants. This grant has been awarded to Lawrence Stewart and Swinburne University of Technology's Centre for Advanced Internet Architectures (CAIA, http://caia.swin.edu.au) for improvements to the FreeBSD TCP stack. This three-part project will include implementing Appropriate Byte Counting (ABC) RFC3465 support, adapting and merging CAIA's Statistical Information for TCP Research (SIFTR) TCP analysis tool into FreeBSD, and making improvements to the TCP reassembly queue. "These changes target both improved performance and improved quality of the FreeBSD TCP stack through feature enhancements and integrated testing," said Professor Grenville Armitage, CAIA's Director. He also added, "We use FreeBSD daily in our IP networking research testbeds and for our centre's various servers, so we're looking forward to contributing these TCP improvements to the FreeBSD community." "Supporting the technology transfer of advanced systems research, such as CAIA's work on the FreeBSD network stack, is a critically important role for The FreeBSD Foundation to play," said Robert Watson, president of The FreeBSD Foundation. The project will be completed by July 2009. Sincerely, The FreeBSD Foundation From murray at freebsd.org Wed Dec 3 17:20:35 2008 From: murray at freebsd.org (Murray Stokely) Date: Wed Dec 3 19:41:27 2008 Subject: [FreeBSD-Announce] New channel on YouTube for BSD technical talks In-Reply-To: <2a7894eb0812030713t2b7a3742m9ab3d42764cdbc7b@mail.gmail.com> References: <2a7894eb0812030713t2b7a3742m9ab3d42764cdbc7b@mail.gmail.com> Message-ID: <2a7894eb0812031654i22b0a3ewc7b160bdec7319f@mail.gmail.com> I'm pleased to announce the availability of a dedicated YouTube channel for technical lectures about FreeBSD and other BSD operating systems : http://www.youtube.com/bsdconferences This channel allows us to post full hour long lectures from FreeBSD conferences. The first four videos that Julian Elisher recorded at MeetBSD 2008 have been posted : Isolating Cluster Jobs for Performance and Predictability, Brooks Davis, MeetBSD 2008 BSD Certification, Dru Lavigne, MeetBSD 2008 Embedding FreeBSD, Warner Losh, MeetBSD 2008 FreeBSD Foundation Update & Recognition, Robert Watson, MeetBSD 2008 This channel provides the rich YouTube API for extracting and embedding these videos in other websites. You can also simply subscribe to the RSS feed in your feedreader to be notified when new videos are posted. Work is ongoing to integrate the video content here with the multimedia area of the FreeBSD web site. If you have video content from a previous BSD conference that you would like to see added to this channel, please let me know. Thanks to the Google Open Source Program Office for their help in setting up this special channel for the BSD community. - Murray From hrs at FreeBSD.org Tue Dec 9 22:50:48 2008 From: hrs at FreeBSD.org (Hiroki Sato) Date: Wed Dec 10 06:13:00 2008 Subject: [FreeBSD-Announce] Reminder: Call for Papers: AsiaBSDCon 2009 (deadline extended: Dec 20) Message-ID: <20081210.153842.180419415.hrs@allbsd.org> Hello, This is a reminder of AsiaBSDCon 2009 paper submission and tutorial proposal deadline. The deadline is extended to December 20, 2008. The next AsiaBSDCon will be held on 12-15 March 2009 in Tokyo. You can find the details at: http://2009.asiabsdcon.org and the CFP can be found at: http://2009.asiabsdcon.org/cfp.html Please spread this to your friends in BSD communities and encourage them to attend (and write a paper), and let us know if you have a questions about the conference. Thank you. -- | Hiroki SATO -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 195 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-announce/attachments/20081210/bf94de4f/attachment.pgp From deb at freebsd.org Wed Dec 10 08:24:29 2008 From: deb at freebsd.org (Deb Goodkin) Date: Wed Dec 10 08:57:25 2008 Subject: [FreeBSD-Announce] Foundation End-of-Year Fund Raising Drive Update Message-ID: <493FED25.2020003@freebsd.org> Dear FreeBSD Community, First, we would like to thank everyone who has donated to the FreeBSD Foundation this year. We have raised $198,583 towards our 2008 goal of $300,000! We are almost 2/3 of the way to reaching our goal! Like most non-profits, we are seeing the affects of the weak economy. This time last year we had raised $346,587. By meeting our goal this year will allow us to continue the same amount of support next year, as well as continue to invest some of the funds. Why do we need donations? The goal of the FreeBSD Project is to provide software that may be used for any purpose -- and without strings attached. Our mission is to support the FreeBSD Project and community. Our funding comes from people like you ? those who are determined to keep FreeBSD free! How have we spent the money this year? ? Sponsored FreeBSD related conferences like BSDCan, EuroBSDCon, AsiaBSDCon, meetBSD, and NYCBSDCon. We also sponsored FreeBSD developer summits in Ottawa and Cambridge. ? Provided 23 travel grants and funding to individuals to attend these conferences this year. ? Provided legal support for the project on issues like understanding the GPLv3 impact on FreeBSD, providing a privacy policy, trademark ownership and permission, and other legal issues that come up. ? Provided grants for projects that improve FreeBSD, like Java binaries, Network Stack Virtualization, Improving Hardware Performance Counter Support, making improvements to the TCP stack, making FreeBSD tolerate the removal of active disk devices, and a couple of other projects that we will be announcing soon. ? Provided equipment for developers working to improve FreeBSD and projects like the NetPerf cluster. Facilitated donation of NetApp filer, 32-core hardware, and 10 Gigabit equipment for project continuity planning and the NetPerf Cluster. How can you help? Your financial support is critical for the FreeBSD Project. Please help us keep FreeBSD free. Go to http://www.freebsdfoundation.org/donate/ to donate (any amount will help). And thank you for your continued support of the FreeBSD Foundation. Thank You, The FreeBSD Foundation From lgj at usenix.org Fri Dec 19 12:24:09 2008 From: lgj at usenix.org (Lionel Garth Jones) Date: Fri Dec 19 13:57:09 2008 Subject: [FreeBSD-Announce] USENIX '09 Call For Papers Deadline Approaching Message-ID: <494BFDEC.4090708@usenix.org> On behalf of the 2009 USENIX Annual Technical Conference program committee, we would like to remind you that the deadlines for your submissions of refereed papers and proposals for invited talks and workshops are quickly approaching. Authors are invited to submit original and innovative papers to the Refereed Papers Track of the 2009 USENIX Annual Technical Conference. Papers can be either full papers of at most 14 pages or short papers of at most 6 pages. Authors are required to submit papers by 11:59 p.m. PST, Friday, January 9, 2009. http://www.usenix.org/usenix09/cfpc/ In full papers, we seek high-quality submissions that further the knowledge and understanding of modern computing systems, with an emphasis on implementations and experimental results. Short papers should describe early ideas, advocate a controversial position, or present interesting results that do not require a full-length paper. We encourage papers that break new ground or present insightful results based on practical experience. The USENIX conference has a broad scope. Specific topics of interest include but are not limited to: --Architectural interaction --Cloud computing --Deployment experience --Distributed and parallel systems --Embedded systems --Energy/power management --File and storage systems --Mobile, wireless, and sensor systems --Networking and network services --Operating systems --Reliability, availability, and scalability --Security, privacy, and trust --System and network management and troubleshooting --Usage studies and workload characterization --Virtualization --Web technology More information on these and other submission guidelines is available on our Web site: http://www.usenix.org/usenix09/cfpc/ IMPORTANT DATES: -Paper submissions due: Friday, January 9, 2009, 11:59 p.m. PST (hard deadline) -Invited talk and workshop proposals due: Monday, February 2, 2009 -Notification to authors: Friday, March 13, 2009 -Final papers due: Tuesday, April 21, 2009 -Poster submissions due: Tuesday, May 5, 2009 We look forward to your submissions. On behalf of the 2009 USENIX Annual Technical Conference organizers, Geoffrey M. Voelker, University of California, San Diego Alec Wolman, Microsoft Research 2009 USENIX Annual Technical Conference Program Co-Chairs usenix09chairs@usenix.org --------------------------------------- Call for Papers 2009 USENIX Annual Technical Conference June 14-19, 2009, San Diego, CA Paper Submissions Deadline: January 9, 2009, 11:59 p.m. PST http://www.usenix.org/usenix09/cfpc/ --------------------------------------- From matt at ixsystems.com Fri Dec 19 21:01:01 2008 From: matt at ixsystems.com (Matt Olander) Date: Sat Dec 20 05:41:32 2008 Subject: [FreeBSD-Announce] FreeBSD 6.4 CDs/DVDs Now Shipping from FreeBSDMall Message-ID: FreeBSD Mall, Inc. is happy to announce the availability of FreeBSD 6.4-based products. The four CD set and DVD are now shipping to subscribers around the world. If you haven't yet placed your order, you may do so at http://www.freebsdmall.com. You may also elect to start your subscription with the upcoming 7.1 release. In addition to CD and DVD products, we also have a large collection of FreeBSD shirts, hats, jackets, boxer shorts, stickers, case-plates, coffee mugs, mouse pads, and other promotional materials. Thanks and enjoy! - Matt Olander iXsystems / FreeBSD Mall, Inc. From security-advisories at freebsd.org Mon Dec 22 17:39:23 2008 From: security-advisories at freebsd.org (FreeBSD Security Advisories) Date: Mon Dec 22 17:39:31 2008 Subject: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-08:13.protosw Message-ID: <200812230139.mBN1dNeJ029495@freefall.freebsd.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:13.protosw Security Advisory The FreeBSD Project Topic: netgraph / bluetooth privilege escalation Category: core Module: sys_kern Announced: 2008-12-23 Credits: Christer Oberg Affects: All FreeBSD releases Corrected: 2008-12-23 01:23:09 UTC (RELENG_7, 7.1-PRERELEASE) 2008-12-23 01:23:09 UTC (RELENG_7_1, 7.1-RC2) 2008-12-23 01:23:09 UTC (RELENG_7_0, 7.0-RELEASE-p7) 2008-12-23 01:23:09 UTC (RELENG_6, 6.4-STABLE) 2008-12-23 01:23:09 UTC (RELENG_6_4, 6.4-RELEASE-p1) 2008-12-23 01:23:09 UTC (RELENG_6_3, 6.3-RELEASE-p7) For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The FreeBSD kernel provides support for a variety of different types of communications sockets, including IPv4, IPv6, ISDN, ATM, routing protocol, link-layer, netgraph(4), and bluetooth sockets. As an early form of object-oriented design, much of the functionality specific to different types of sockets is abstracted via function pointers. II. Problem Description Some function pointers for netgraph and bluetooth sockets are not properly initialized. III. Impact A local user can cause the FreeBSD kernel to execute arbitrary code. This could be used by an attacker directly; or it could be used to gain root privilege or to escape from a jail. IV. Workaround No workaround is available, but systems without local untrusted users are not vulnerable. Furthermore, systems are not vulnerable if they have neither the ng_socket nor ng_bluetooth kernel modules loaded or compiled into the kernel. Systems with the security.jail.socket_unixiproute_only sysctl set to 1 (the default) are only vulnerable if they have local untrusted users outside of jails. If the command # kldstat -v | grep ng_ produces no output, the system is not vulnerable. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE, or 7-STABLE, or to the RELENG_7_0, RELENG_6_4, or RELENG_6_3 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 6.3, 6.4, and 7.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 6.x] # fetch http://security.FreeBSD.org/patches/SA-08:13/protosw6x.patch # fetch http://security.FreeBSD.org/patches/SA-08:13/protosw6x.patch.asc [FreeBSD 7.x] # fetch http://security.FreeBSD.org/patches/SA-08:13/protosw.patch # fetch http://security.FreeBSD.org/patches/SA-08:13/protosw.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path - ------------------------------------------------------------------------- RELENG_6 src/sys/kern/uipc_domain.c 1.44.2.4 RELENG_6_4 src/UPDATING 1.416.2.40.2.4 src/sys/conf/newvers.sh 1.69.2.18.2.7 src/sys/kern/uipc_domain.c 1.44.2.3.6.2 RELENG_6_3 src/UPDATING 1.416.2.37.2.12 src/sys/conf/newvers.sh 1.69.2.15.2.11 src/sys/kern/uipc_domain.c 1.44.2.3.4.1 RELENG_7 src/sys/kern/uipc_domain.c 1.51.2.2 RELENG_7_1 src/UPDATING 1.507.2.13.2.2 src/sys/kern/uipc_domain.c 1.51.2.1.2.2 RELENG_7_0 src/UPDATING 1.507.2.3.2.11 src/sys/conf/newvers.sh 1.72.2.5.2.11 src/sys/kern/uipc_domain.c 1.51.4.1 - ------------------------------------------------------------------------- Subversion: Branch/path Revision - ------------------------------------------------------------------------- stable/6/ r186405 releng/6.4/ r186405 releng/6.3/ r186405 stable/7/ r186405 releng/7.1/ r186405 releng/7.0/ r186405 - ------------------------------------------------------------------------- VII. References The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-08:13.protosw.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAklQP9QACgkQFdaIBMps37KL2gCfRlQ7kTB24DYnDEGRUC+px4bX 214AoJJrJjaeS6ITyk73AL/OK+rNAM4u =7qyU -----END PGP SIGNATURE----- From security-advisories at freebsd.org Mon Dec 22 17:39:29 2008 From: security-advisories at freebsd.org (FreeBSD Security Advisories) Date: Mon Dec 22 17:39:50 2008 Subject: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-08:12.ftpd Message-ID: <200812230139.mBN1dTkJ029537@freefall.freebsd.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:12.ftpd Security Advisory The FreeBSD Project Topic: Cross-site request forgery in ftpd(8) Category: core Module: ftpd Announced: 2008-12-23 Credits: Maksymilian Arciemowicz Affects: All supported versions of FreeBSD. Corrected: 2008-12-23 01:23:09 UTC (RELENG_7, 7.1-PRERELEASE) 2008-12-23 01:23:09 UTC (RELENG_7_1, 7.1-RC2) 2008-12-23 01:23:09 UTC (RELENG_7_0, 7.0-RELEASE-p7) 2008-12-23 01:23:09 UTC (RELENG_6, 6.4-STABLE) 2008-12-23 01:23:09 UTC (RELENG_6_4, 6.4-RELEASE-p1) 2008-12-23 01:23:09 UTC (RELENG_6_3, 6.3-RELEASE-p7) CVE Name: CVE-2008-4247 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background ftpd(8) is a general-purpose implementation of File Transfer Protocol (FTP) server that is shipped with the FreeBSD base system. It is not enabled in default installations but can be enabled as either an inetd(8) server, or a standard-alone server. A cross-site request forgery attack is a type of malicious exploit that is mainly targeted to a web browser, by tricking a user trusted by the site into visiting a specially crafted URL, which in turn executes a command which performs some privileged operations on behalf of the trusted user on the victim site. II. Problem Description The ftpd(8) server splits long commands into several requests. This may result in the server executing a command which is hidden inside another very long command. III. Impact This could, with a specifically crafted command, be used in a cross-site request forgery attack. FreeBSD systems running ftpd(8) server could act as a point of privilege escalation in an attack against users using web browser to access trusted FTP sites. IV. Workaround No workaround is available, but systems not running FTP servers are not vulnerable. Systems not running the FreeBSD ftp(8) server are not affected, but users of other ftp daemons are advised to take care since several other ftp daemons are known to have related bugs. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE, or 7-STABLE, or to the RELENG_7_1, RELENG_7_0, RELENG_6_4, or RELENG_6_3 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 6.3, 6.4, 7.0, and 7.1 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-08:12/ftpd.patch # fetch http://security.FreeBSD.org/patches/SA-08:12/ftpd.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/libexec/ftpd # make obj && make depend && make && make install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path - ------------------------------------------------------------------------- RELENG_6 src/libexec/ftpd/ftpcmd.y 1.64.2.3 src/libexec/ftpd/extern.h 1.19.14.1 src/libexec/ftpd/ftpd.c 1.206.2.4 RELENG_6_4 src/UPDATING 1.416.2.40.2.4 src/sys/conf/newvers.sh 1.69.2.18.2.7 src/libexec/ftpd/ftpcmd.y 1.64.2.2.4.2 src/libexec/ftpd/extern.h 1.19.30.2 src/libexec/ftpd/ftpd.c 1.206.2.3.4.2 RELENG_6_3 src/UPDATING 1.416.2.37.2.12 src/sys/conf/newvers.sh 1.69.2.15.2.11 src/libexec/ftpd/ftpcmd.y 1.64.2.2.2.1 src/libexec/ftpd/extern.h 1.19.26.1 src/libexec/ftpd/ftpd.c 1.206.2.3.2.1 RELENG_7 src/libexec/ftpd/ftpcmd.y 1.66.2.1 src/libexec/ftpd/extern.h 1.19.24.1 src/libexec/ftpd/ftpd.c 1.212.2.1 RELENG_7_1 src/UPDATING 1.507.2.13.2.2 src/libexec/ftpd/ftpcmd.y 1.66.6.2 src/libexec/ftpd/extern.h 1.19.32.2 src/libexec/ftpd/ftpd.c 1.212.6.2 RELENG_7_0 src/UPDATING 1.507.2.3.2.11 src/sys/conf/newvers.sh 1.72.2.5.2.11 src/libexec/ftpd/ftpcmd.y 1.66.4.1 src/libexec/ftpd/extern.h 1.19.28.1 src/libexec/ftpd/ftpd.c 1.212.4.1 - ------------------------------------------------------------------------- Subversion: Branch/path Revision - ------------------------------------------------------------------------- stable/6/ r186405 releng/6.4/ r186405 releng/6.3/ r186405 stable/7/ r186405 releng/7.1/ r186405 releng/7.0/ r186405 - ------------------------------------------------------------------------- VII. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4247 The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-08:12.ftpd.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAklQP8wACgkQFdaIBMps37ITvgCePP8oVI6cffvQu229Qg7eNshN A0kAn3A6kjr+QovEwOVKNzjow1aCtU8K =sDxD -----END PGP SIGNATURE----- From deb at freebsd.org Tue Dec 23 17:49:52 2008 From: deb at freebsd.org (Deb Goodkin) Date: Tue Dec 23 18:16:21 2008 Subject: [FreeBSD-Announce] The FreeBSD Foundation End-of-Year Newsletter Message-ID: <4951952E.5060503@freebsd.org> Dear FreeBSD Community, I am pleased to announce the publication of The FreeBSD Foundation's End-of-Year Newsletter. Go to http://www.freebsdfoundation.org/press/2008Dec-newsletter.shtml to find out how we have supported the FreeBSD Project and community this year. Thank You, Deb Goodkin The FreeBSD Foundation From deb at freebsd.org Tue Dec 30 03:14:03 2008 From: deb at freebsd.org (Deb Goodkin) Date: Tue Dec 30 03:25:03 2008 Subject: [FreeBSD-Announce] Foundation Fundraising Update Message-ID: <495991F4.4010007@freebsd.org> Dear FreeBSD Community, The FreeBSD Foundation is pleased to announce we are only $38,000 away from our 2008 fundraising goal of $300,000! We have received so many donations in the last few weeks. We want to thank everyone who has made a donation. By donating to the foundation, you are helping to support the FreeBSD Project and community. The good news is that you still have time to make a donation to help us meet our goal. Please go to http://www.freebsdfoundation.org/donate/ to make your donation. If you would like to mail a check, please make sure it is postmarked by December 31, 2008 for it to count as a 2008 donation. Thank you again to everyone who has helped support the foundation and project. Sincerely, Deb Goodkin The FreeBSD Foundation