similar to: Fundraising for FreeBSD security development

freebsd-security-request@freebsd.org wrote: > Send freebsd-security mailing list submissions to > freebsd-security@freebsd.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.freebsd.org/mailman/listinfo/freebsd-security > or, via email, send a message with subject or body 'help' to > freebsd-security-request@freebsd.org > > You

I've seen that is possible to use switch port blocking with freeradius and cisco switches via 802.1X and EAP protocol. Here is more info: http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO What if I don't have switch that supports 802.1X or I want that blocking is done by FreeBSD, not the switch. Because FreeBSD is the firewall or gateway to some networks. Is there

Updated from ports collection from ver. dovecot-1.0.a3 to 1.0.a4_1. And it wan't work. Here's the log Nov 8 10:51:07 ot-group dovecot: Dovecot v1.0.alpha4 starting up Nov 8 10:51:08 ot-group dovecot: Auth process died too early - shutting down Nov 8 10:51:08 ot-group dovecot: auth(default): Unknown userdb driver 'passdb' Nov 8 10:51:08 ot-group dovecot: child 17872 (auth)

CVSup is slow, insecure, and a memory hog. However, until now it's been the only option for keeping an up-to-date ports tree, and (thanks to all of the recent work on vuxml and portaudit) it has become quite obvious that keeping an up-to-date ports tree is very important. To provide a secure, lightweight, and fast alternative to CVSup, I've written portsnap. As the name suggests, this

Hello. My server was hacked. The CPU has been loaded on 99 % by "sh -i" process. I found out that someone has started phpshell through a hole in one of phpbb forums. Also has filled in scripts for flud and spam and "vadim script" in "/tmp". I has made it noexec. Recently has found out the same process. May be i have left again /tmp opened, or other hole may

Dear FreeBSD users, On April 4th, I thought that I had reached my donations target for funding my summer of FreeBSD security development, and asked people to stop sending further donations. Sadly, it seems that this assessment was premature, as it relied upon two large pledges, and it now appears that one of them will not be arriving. Fortunately, Pair Networks -- the other large donor -- has

I have been using Freebsd for along time. I have a client of mine that wants me to use Centos for his email server and web server. Anyway with Freebsd to update the packages file you use the following commands. portsnap fetch fetches all the current port trees portsnap update adds all the new ports to the tree on the server portupgrade -arR will install all the ports that are installed on the

We are currently using cvs for both source and ports. I have begun changing to portsnap for ports, and I would also like to try changing at least some of our servers to freebsd-update. But all servers have been patched, using either RELENG_8_3 or RELENG_9_0 as cvs tag. I need to revert them to their respective RELEASE to be able to use freebsd-update. Complete reinstall from eg CD is not an

Hi everyone, Not sure if you've read http://www.win.tue.nl/hashclash/SoftIntCodeSign/ . should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? : " MD5 has not yet (2001-09-03) been broken, but sufficient attacks have been made that its security is in some doubt. The attacks on MD5 are in the

Dear members, It may sound a silly question. I have curl installed: # pkg_info |grep curl curl-7.24.0_3 Non-interactive tool to get files from FTP, GOPHER, HTTP(S) Today portsnap updated the ftp/curl port, and patch-CVE-2013-2174 appeared in files/, but the port version remained such that portaudit, and portupgrade still complain about curl's version. What is the recommended way to

On which versions of FreeBSD is it now possible to un-reserve ports? ( I've been waiting for this since forever ... have spent countless days - $$$ - trying to install workarounds, only to junk them later. I've even been paid a consulting gig to develop this, and declined to deploy it on my own servers :-/ ) iang

Back in 2001 Patrick Godeau posted to this list a link to an awesome track called stonehenge. A bunch of us here downloaded it. Somehow I managed to hose my copy and was wondering if anyone on this list still has it around and could post a link or email it to me? I absolutely love that track and I can't even see where I could purchase it... as far as I know it's a one of a kind gem,

I''ve posted a FreeBSD portsnap class for those wanting to automate the use of portsnap for ports maintenance (fetch, extraction, cron, and update). http://reductivelabs.com/trac/puppet/wiki/PuppetFreeBSD#portsnap ## EXAMPLE import ''freebsd.pp'' import ''schedule.pp'' node ''freebsd.local'' { include freebsd::portsnap } ## END

Hello Everyone! It has been my pleasure and privilege to serve as the FreeBSD Security Officer for the past 3+ years. With the crucial support of the FreeBSD Security Team members, a lot has been accomplished: hundreds of security issues have been researched and tracked, with some resulting in security advisories and patches; software in the Ports Collection are updated more quickly

Hello, Probably the wrong mailinglist. But portsnap is not updating since a few days while there are commits on the ports tree. [1] After some searching I found I am not the only one. Apparently there is maintenance being done on the servers. http://www.mail-archive.com/freebsd-ports at freebsd.org/msg45395.html I read a lot of blogs/RSS/etc. Nowhere any signs of maintenance on the

In http://www.freebsd.org/releases/7.0R/announce.html says Updating Existing Systems > An upgrade of any existing system to FreeBSD 7.0-RELEASE constitutes > a major version upgrade, so no matter which method you use to update > an older system you should reinstall any ports you have installed on > the machine. This will avoid binaries becoming linked to inconsistent > sets

Bill Moran wrote: > This report seems pretty vague. I'm unsure as to whether the alleged > "bug" gives the user any more permissions than he'd already have? Anyone > know any details? This is a local denial of service bug, which was fixed 6 weeks ago in HEAD and RELENG_6. There is no opportunity for either remote denial of service or any privilege escalation. >

Hello, I'm experiencing a kernel panic that appears to be caused by zfs. No errors are making it into /var/log/messages, but here is the error message that appears on my screen after panic (transcribed): panic solaris assert BSWAP_32(sa_hdr_phys->sa_magic) == SA_MAGIC, file: /src/sys/modules/zfs/../../cddl/contrib/opensolaris/uts/common/fs/zfs/sa.c, line 1262 I can reproduce this by

Hi list, after the security announcement (http://www.freebsd.org/news/2012-compromise.html) I use svn to update my local ports tree. I've found out that the port index is not updated. What is the preferred/recommended way to update port indexes when using svn? Thanks, Serguey.