From gvanessen at gmail.com Mon Jul 6 06:04:41 2009 From: gvanessen at gmail.com (Gerard van Essen) Date: Mon Jul 6 14:03:34 2009 Subject: [FreeBSD-Announce] BSD Router Project (bsdrp) Message-ID: Olivier Cochard-Labb?, founder of?FreeNAS, has?released the first alpha (0.1) image of his new project:?BSD?Router Project - http://bsdrp.net bsdrp is an open source, customised distribution of?FreeBSD dedicated to offering IP routing services for small ISP's. The release 0.1 of BSDRP is a fully working prototype, to be used on real or virtual machines that boot from ATA device only (not usb). This first release includes: - Base FreeBSD 8.0-CURRENT system (NanoBSD) for i386 - Customized script (config, upgrade, help, command completion, etc?) - Quagga ready to use (OSPFv2, OSPFv3, RIP, RIPng and BGP) You may ask, what is the difference between BSDRP and?m0n0wall?of?pfSense. The main goal of BSDRP is not firewalling but routing. If you need?a firewall don't use BSDRP: Use m0n0wall or pfSense. BSDRP is not for a home use, but for compagny use (small ISP's for example). BSDRP doesn't have a Web GUI: It's to be configured from a CLI only (like Cisco or Juniper) pfSense can be used for routing, but Olivier wanted to set up?a Cisco or Juniper like project just for routing. Source: www.freebsdnews.net From rwatson at FreeBSD.org Mon Jul 13 13:18:44 2009 From: rwatson at FreeBSD.org (Robert Watson) Date: Mon Jul 13 13:24:07 2009 Subject: [FreeBSD-Announce] Announcing EuroBSCon 2009 Message-ID: EuroBSDcon 2009 Friday 18th - Sunday 20th September, University of Cambridge, UK A day of tutorials followed by 2 days of conference talks covering a wide variety of BSD related topics. This is the European BSD Community's annual event to meet, share and interact across the projects and between friends. This year's line up features... * ISC and *BSD * OpenBSD malloc * How FreeBSD finds oil * NetBSD's LVM * faster packets in OpenBSD * Wireless Mesh networks * Kirk McKusick's FreeBSD Guide * and more, The full talk list and schedule: http://2009.euroBSDcon.org Discounted Early Bird registration runs until 2nd September. Book your place now at http://2009.euroBSDcon.org Final programme may be subject to alteration. EuroBSDcon is a not for profit event open to everyone so please help spread the word online and offline. Thanks for reading! If you're interested to read this far, you can sign up for future announcements about EuroBSDcons by sending an email to eurobsdcon-announce-subscribe@lists.ukuug.org . Your address will only be used to contact you about European BSD events. EuroBSDcon 2009 : September 18-20th, Cambridge, England. http://www.ukuug.org/events/eurobsdcon2009/ EuroBSDcon is grateful to our sponsors; Premier Sponsor iXsystems.com, and The FreeBSD Foundation, NetApp and Google. From deb at freebsdfoundation.org Fri Jul 17 19:41:17 2009 From: deb at freebsdfoundation.org (Deb Goodkin) Date: Fri Jul 17 20:20:27 2009 Subject: [FreeBSD-Announce] Foundation Project Announcement Message-ID: <4A60D3CC.2090302@freebsdfoundation.org> Dear FreeBSD Community, The FreeBSD Foundation is pleased to announce another funded project! Ed Schouten has been awarded a grant to write a new console driver for the FreeBSD project. We are excited to support Ed in providing a more efficient and user friendly console driver. This project will allow Ed to add an additional abstraction layer to the kernel. This new layer, the terminal layer will be a layer that sits between the TTY layer, the kernel console (cngetc, cnputc) and the actual console driver. Right now we have a terminal emulator (libteken) that is part of Syscons. This terminal emulator will be moved into this terminal layer. The advantage of having such a layer, is that the console driver itself does not have to care about any TTY semantics, streams of bytes, processing escape sequences, etc. It will just receive a set of character drawing, filling and copying actions. This should also make it easier to implement Unicode. "During this project I'm going to continue the work I did with the TTY layer, by developing a new console driver for the FreeBSD kernel," said Ed Schouten, FreeBSD Developer. "By moving towards a graphics mode console driver, it will be much easier to make the boot process look nice on desktop systems (i.e. PC-BSD). It will also make it possible to support the industry-standard Unicode character sets by default." This project will be completed by the end of December. Sincerely, The FreeBSD Foundation From deb at freebsd.org Mon Jul 20 19:41:55 2009 From: deb at freebsd.org (Deb Goodkin) Date: Mon Jul 20 20:19:50 2009 Subject: [FreeBSD-Announce] Accepting Travel Grant Applications for EuroBSDCon 2009 Message-ID: <4A64C5F2.6080705@freebsd.org> Calling all FreeBSD developers needing assistance with travel expenses to EuroBSDCon 2009. The FreeBSD Foundation will be providing a limited number of travel grants to individuals requesting assistance. Please fill out and submit the Travel Grant Request Application at http://www.freebsdfoundation.org/documents/TravelRequestForm.pdf by August 20, 2009 to apply for this grant. How it works: This program is open to FreeBSD developers of all sorts (kernel hackers, documentation authors, bugbusters, system administrators, etc). In some cases we are also able to fund non-developers, such as active community members and FreeBSD advocates. (1) You request funding based on a realistic and economical estimate of travel costs (economy airfare, trainfare, ...), accommodations (conference hotel and sharing a room), and registration or tutorial fees. If there are other sponsors willing to cover costs, such as your employer or the conference, we prefer you talk to them first, as our budget is limited. We are happy to split costs with you or another sponsor, such as just covering airfare or board. If you are a speaker at the conference, we expect the conference to cover your travel costs, and will most likely not approve your direct request to us. (2) We review your application and if approved, authorize you to seek reimbursement up to a limit. We consider several factors, including our overall and per-event budgets, and (quite importantly) the benefit to the community by funding your travel. Most rejected applications are rejected because of an over-all limit on travel budget for the event or year, due to unrealistic or uneconomical costing, or because there is an unclear or unconvincing argument that funding the application will directly benefit the FreeBSD Project. Please take these points into consideration when writing your application. (3) We reimburse costs based on actuals (receipts), and by check or bank transfer. We require you submit a report on your trip, which we may show to current or potential sponsors, and may include in our quarterly newsletter. There's some flexibility in the mechanism, so talk to us if something about the model doesn't quite work for you or if you have any questions. The travel grant program is one of the most effective ways we can spend money to help support the FreeBSD Project, as it helps developers get together in the same place at the same time, and helps advertise and advocate FreeBSD in the larger community. Thank You, The FreeBSD Foundation From deb at freebsdfoundation.org Tue Jul 28 21:59:39 2009 From: deb at freebsdfoundation.org (Deb Goodkin) Date: Tue Jul 28 22:36:50 2009 Subject: [FreeBSD-Announce] The FreeBSD Foundation 2009 Semi-Annual Newsletter Message-ID: <4A6F74C5.2060308@freebsdfoundation.org> Dear FreeBSD Community, We are pleased to announce the publication of The FreeBSD Foundation's Semi-Annual Newsletter. Go to http://www.freebsdfoundation.org/press/2009Jul-newsletter.shtml to find out how we have supported the FreeBSD Project and community this year. Sincerely, The FreeBSD Foundation From security-advisories at freebsd.org Wed Jul 29 00:48:36 2009 From: security-advisories at freebsd.org (FreeBSD Security Advisories) Date: Wed Jul 29 00:48:43 2009 Subject: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-09:12.bind Message-ID: <200907290048.n6T0mZYM001207@freefall.freebsd.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:12.bind Security Advisory The FreeBSD Project Topic: BIND named(8) dynamic update message remote DoS Category: contrib Module: bind Announced: 2009-07-29 Credits: Matthias Urlichs Affects: All supported versions of FreeBSD Corrected: 2009-07-28 23:59:22 UTC (RELENG_7, 7.2-STABLE) 2009-07-29 00:14:14 UTC (RELENG_7_2, 7.2-RELEASE-p3) 2009-07-29 00:14:14 UTC (RELENG_7_1, 7.1-RELEASE-p7) 2009-07-29 00:13:47 UTC (RELENG_6, 6.4-STABLE) 2009-07-29 00:14:14 UTC (RELENG_6_4, 6.4-RELEASE-p6) 2009-07-29 00:14:14 UTC (RELENG_6_3, 6.3-RELEASE-p12) CVE Name: CVE-2009-0696 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . NOTE: Due to this issue being accidentally disclosed early, updated binaries are yet not available via freebsd-update at the time this advisory is being published. Email will be sent to the freebsd-security mailing list when the binaries are available via freebsd-update. I. Background BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet Domain Name Server. Dynamic update messages may be used to update records in a master zone on a nameserver. II. Problem Description When named(8) receives a specially crafted dynamic update message an internal assertion check is triggered which causes named(8) to exit. To trigger the problem, the dynamic update message must contains a record of type "ANY" and at least one resource record set (RRset) for this fully qualified domain name (FQDN) must exist on the server. III. Impact An attacker which can send DNS requests to a nameserver can cause it to exit, thus creating a Denial of Service situation. IV. Workaround No generally applicable workaround is available, but some firewalls may be able to prevent nsupdate DNS packets from reaching the nameserver. NOTE WELL: Merely configuring named(8) to ignore dynamic updates is NOT sufficient to protect it from this vulnerability. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE, or 7-STABLE, or to the RELENG_7_2, RELENG_7_1, RELENG_6_4, or RELENG_6_3 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 6.3, 6.4, 7.1, and 7.2 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-09:12/bind.patch # fetch http://security.FreeBSD.org/patches/SA-09:12/bind.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/lib/bind # make obj && make depend && make && make install # cd /usr/src/usr.sbin/named # make obj && make depend && make && make install # /etc/rc.d/named restart VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path - ------------------------------------------------------------------------- RELENG_6 src/contrib/bind9/bin/named/update.c 1.1.1.2.2.5 RELENG_6_4 src/UPDATING 1.416.2.40.2.10 src/sys/conf/newvers.sh 1.69.2.18.2.12 src/contrib/bind9/bin/named/update.c 1.1.1.2.2.3.2.1 RELENG_6_3 src/UPDATING 1.416.2.37.2.17 src/sys/conf/newvers.sh 1.69.2.15.2.16 src/contrib/bind9/bin/named/update.c 1.1.1.2.2.2.2.1 RELENG_7 src/contrib/bind9/bin/named/update.c 1.1.1.5.2.3 RELENG_7_2 src/UPDATING 1.507.2.23.2.6 src/sys/conf/newvers.sh 1.72.2.11.2.7 src/contrib/bind9/bin/named/update.c 1.1.1.5.2.2.2.1 RELENG_7_1 src/UPDATING 1.507.2.13.2.10 src/sys/conf/newvers.sh 1.72.2.9.2.11 src/contrib/bind9/bin/named/update.c 1.1.1.5.2.1.4.1 HEAD src/contrib/bind9/bin/named/update.c 1.4 - ------------------------------------------------------------------------- Subversion: Branch/path Revision - ------------------------------------------------------------------------- head/ r195936 stable/6/ r195934 releng/6.4/ r195935 releng/6.3/ r195935 stable/7/ r195933 releng/7.2/ r195935 releng/7.1/ r195935 - ------------------------------------------------------------------------- VII. References https://www.isc.org/node/474 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538975 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-09:12.bind.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iD8DBQFKb5koFdaIBMps37IRAglLAKCFGXI+MAsksnK5TZB/8L3UFhPS1gCgl7q5 6fCpOeBcf7f83dVfKRDVF0I= =akJW -----END PGP SIGNATURE----- From deb at freebsdfoundation.org Thu Jul 30 16:52:56 2009 From: deb at freebsdfoundation.org (Deb Goodkin) Date: Sat Aug 1 14:34:04 2009 Subject: [FreeBSD-Announce] Be Counted! Message-ID: <4A71CFDD.2070602@freebsdfoundation.org> Dear FreeBSD Community, Millions of systems run FreeBSD. Hundreds of volunteers contribute to FreeBSD's success. But what is the size of FreeBSD's user base? This simple question is very hard to answer, but its answer is vital to the cause of promoting FreeBSD. It is extremely difficult to convince businesses to invest time and money to add FreeBSD support to their products based solely on vague estimates of the size of our community. We should know - working to make FreeBSD a more widely supported platform is a task the FreeBSD Foundation has worked on since its inception. Please help us in our fight to promote FreeBSD. A donation to the FreeBSD Foundation helps fund our work, but it also gives us strength in numbers. Our count of unique donors is a vital indication of the size and buying power of our community. However, we have never broken even one thousand donors in any year. We know in our hearts that this is a small fraction of our user base and of those who want to help expand FreeBSD's presence. So stand up and be counted! Make a donation. Encourage other FreeBSD users to donate as well. No donation amount is too large or too small. Just by becoming a donor you are making a powerful statement about the strength of FreeBSD! You can make a donation by going to: http://www.freebsdfoundation.org/donate/. To find out more about The FreeBSD Foundation, please visit http://www.freebsdfoundation.org. Thank You, Justin T. Gibbs President and Founder The FreeBSD Foundation