Displaying 20 results from an estimated 6000 matches similar to: "please test: Secure ports tree updating"
2006 Mar 30
3
Fundraising for FreeBSD security development
Dear FreeBSD users,
Slightly more than three years ago, I released FreeBSD Update, my first
major contribution to FreeBSD. Since then, I have become a FreeBSD
committer, joined the FreeBSD Security Team, released Portsnap, and
become the FreeBSD Security Officer. However, as I have gone from
being a graduate student at Oxford University -- busy writing my thesis
-- to a researcher at Simon
2005 Aug 18
4
New FreeBSD Security Officer
Hello Everyone!
It has been my pleasure and privilege to serve as the FreeBSD
Security Officer for the past 3+ years. With the crucial support of
the FreeBSD Security Team members, a lot has been accomplished:
hundreds of security issues have been researched and tracked, with
some resulting in security advisories and patches; software in the
Ports Collection are updated more quickly
2005 Nov 26
7
Reflections on Trusting Trust
or "How do I know my copy of FreeBSD is the same as yours?"
I have recently been meditating on the issue of validating X.509
root certificates. An obvious extension to that is validating
FreeBSD itself.
Under "The Cutting Edge", the handbook lists 3 methods of
synchronising your personal copy of FreeBSD with the Project's copy:
Anonymous CVS, CTM and CVSup. There are
2003 Jun 24
5
IPv6 CVSUP mirrors?
Hi.
I am looking for an IPv6 capable CVSUP mirror. I found a discussion
from one year ago where it was stated that CVSUP was not IPv6-capable.
Does anyone know if this has changed?
Sam
--
Samuel Tardieu -- sam@rfc1149.net -- http://www.rfc1149.net/sam
2004 Mar 05
2
Security Officer-supported branches update
The FreeBSD Security Officer would normally be sending out this email,
but he's a bit busy right now and it is clear from reactions to FreeBSD
Security Advisory FreeBSD-SA-04:04.tcp that many people are unaware of
the current status of the RELENG_5_1 branch, so I'm going to send out
this reminder myself.
The branches supported by the FreeBSD Security Officer have been
updated to reflect
2006 Jan 11
5
FreeBSD Security Advisory FreeBSD-SA-06:01.texindex
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-06:01.texindex Security Advisory
The FreeBSD Project
Topic: Texindex temporary file privilege escalation
Category: contrib
Module: texinfo
2003 Aug 03
12
FreeBSD Security Advisory FreeBSD-SA-03:08.realpath
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-03:08.realpath Security Advisory
The FreeBSD Project
Topic: Single byte buffer overflow in realpath(3)
Category: core
Module: libc
Announced:
2003 Aug 06
2
Checking realpath file up to date
On the advisory about the realpath problem it says that it was corrected:
RELENG_4_8
src/UPDATING 1.73.2.80.2.3
src/lib/libc/stdlib/realpath.c 1.9.14.1
src/sys/conf/newvers.sh 1.44.2.29.2.2
I ran cvsup and when I look at my src/lib/libc/stdlib/realpath.c I see
2005 Apr 12
2
Will 5.4 be an "Extended Life" release?
In the next month or two I've got to upgrade a number of servers that
are currently on an EOL'd version of 4-STABLE. I foresee that I'll
have very limited time to do full OS upgrades on these systems in the
coming several years, so I want to make sure I bring them onto an
extended-life branch.
Right now 4.11 has the furthest projected EOL date (Jan 31 2007), and
the projected EOL
2005 Mar 05
2
Heads up: End of RELENG_4_8 support
At the end of March, the RELENG_4_8 (sometimes called 4.8-SECURITY)
branch will reach its designated End of Life and cease to be supported
by the FreeBSD Security Team.
Released in April 2003, FreeBSD 4.8 was the first release designated
for "extended" two-year security support instead of the normal one-year
support. Over this time, 27 security advisories have been issued which
have
2004 Sep 24
1
sharing /etc/passwd
How 'bout PAM? /usr/ports/security/pam_ldap. If you have machines that
can't do PAM, perhaps NIS is the way to go (assuming, of course, you're
behind a firewall). You can store login information in LDAP like you want,
then use a home-grown script to extract the information to a NIS map. Or,
if you have a Solaris 8 machine lying around, you can cut out the middle
step and use
2006 May 10
4
Freebsd-update and 6.1-RELEASE
Hi guys,
Does anybody know if freebsd-update is going to be available for
6.1-RELEASE before the end of Colin's "summer of FreeBSD work"?
I wouldn't like to bother Colin directly via e-mail, so if anyone
already asked for this or something....
Thanx, regards
--
Pietro Cerutti
<pietro.cerutti@gmail.com>
2004 Jun 07
1
FreeBSD Security Advisory FreeBSD-SA-04:12.jailroute
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-04:12.jailroute Security Advisory
The FreeBSD Project
Topic: Jailed processes can manipulate host routing tables
Category: core
Module: kernel
2005 Apr 05
2
About the FreeBSD Security Advisories
Hello..
I've noticed a delay between when the security advisories are sent and
when the cvsup servers, ftp mirrors and web mirrors are updated. Is this
delay on purpose to give the users some time to update/patch their
system(s) before it hit pages like bugtraq, etc.. or is it just a caused
by the delay between when the ftp/cvsup servers are synced?
Best regard,
Jesper Wallin
2003 Jul 04
1
Updating from 4.8 release to 4.8 stable
Hello,
I am very new to FreeBSD and just installed 4.8 release. I want to upgrade this to stable. I have printed some of the pages out for makeworld and CVSUP, I am wondering what the best method for doing the updates are, downloading the individual packages and installing or using the CVSUP to do this? Currently I used mostly Red Hat Linux but have wanted to give this a try for some time
2004 Mar 01
3
openssh
I have done a cvsup of the openssh port. It builds correctly, but refuses
to install with the following:
===> Installing for openssh-3.6.1_5
===> openssh-3.6.1_5 conflicts with installed package(s):
ssh2-3.2.9.1_1
They install files into the same place.
Please remove them first with pkg_delete(1).
*** Error code 1
Stop in /usr/ports/security/openssh.
I was unable to
2003 Sep 23
3
OpenSSH: multiple vulnerabilities in the new PAM code
This affects only 3.7p1 and 3.7.1p1. The advice to leave
PAM disabled is far from heartening, nor is the semi-lame
blaming the PAM spec for implementation bugs.
I happen to like OPIE for remote access.
Subject: Portable OpenSSH Security Advisory: sshpam.adv
This document can be found at: http://www.openssh.com/txt/sshpam.adv
1. Versions affected:
Portable OpenSSH versions 3.7p1
2004 May 19
1
FreeBSD Security Advisory FreeBSD-SA-04:10.cvs
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-04:10.cvs Security Advisory
The FreeBSD Project
Topic: CVS pserver protocol parser errors
Category: contrib
Module: contrib_cvs
Announced:
2004 Feb 26
3
Environment Poisoning and login -p
There's been an ongoing discussion (started by
Colin Percival's recent work on nologin) about
environment-poisoning attacks via "login -p".
I thought I saw a way to address this, but the more I learn,
the uglier this looks. Maybe some of the good folks who read
freebsd-security can puzzle this one out:
Problem: login -p can be used to propagate environment flags
in order to
2005 Oct 28
2
Is the server portion of freebsd-update open source?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'm wondering if/where I can get the server side component for
freebsd-update. Presumably such a component would build and sign the
binary patches and prepare them to be served via HTTP to the
freebsd-update client.
I need a system for distributing binary updates to a collection of
customized FreeBSD machines, jails, and embedded systems.