similar to: HEADS UP: Ports support for 5.X is no more

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This is a heads-up that OpenSSH keys are deprecated upstream by OpenSSH, and will be deprecated effective 11.0-RELEASE (and preceeding RCs). Please see r303716 for details on the relevant commit, but upstream no longer considers them secure. Please replace DSA keys with ECDSA or RSA keys as soon as possible, otherwise there will be issues when

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This is a heads-up that OpenSSH keys are deprecated upstream by OpenSSH, and will be deprecated effective 11.0-RELEASE (and preceeding RCs). Please see r303716 for details on the relevant commit, but upstream no longer considers them secure. Please replace DSA keys with ECDSA or RSA keys as soon as possible, otherwise there will be issues when

In preparation for 7.3-RELEASE, the ports tree is now in feature freeze. Normal upgrade, new ports, and changes that only affect other branches are allowed without prior approval but with the extra Feature safe: yes tag in the commit message. Any commit that is sweeping, i.e. touches a large number of ports, infrastructural changes, commts to ports with unusually high number of dependent ports,

Hi, FreeBSD libc Berkeley DB can leak sensitive information to database files. The problem is that it writes uninitialized memory obtained from malloc(3) to database files. You can use this simple test program to reproduce the behavior: http://www.saunalahti.fi/~jh3/dbtest.c Run the program and see the resulting test.db file which will contain a sequence of 0xa5 bytes directly from malloc(3).

Ports and Package users, Ports now have SSP enabled by default. The package repository will now build SSP by default as well. SSP is "Stack Smashing Protection" and can be read about at https://en.wikipedia.org/wiki/Buffer_overflow_protection. This only applies to the head (/latest) packages, not the Quarterly branch packages. This applies to the ports checkout that portsnap uses.

Ports and Package users, Ports now have SSP enabled by default. The package repository will now build SSP by default as well. SSP is "Stack Smashing Protection" and can be read about at https://en.wikipedia.org/wiki/Buffer_overflow_protection. This only applies to the head (/latest) packages, not the Quarterly branch packages. This applies to the ports checkout that portsnap uses.

Ports and Package users, Ports now have SSP enabled by default. The package repository will now build SSP by default as well. SSP is "Stack Smashing Protection" and can be read about at https://en.wikipedia.org/wiki/Buffer_overflow_protection. This only applies to the head (/latest) packages, not the Quarterly branch packages. This applies to the ports checkout that portsnap uses.

At the end of March, the RELENG_4_8 (sometimes called 4.8-SECURITY) branch will reach its designated End of Life and cease to be supported by the FreeBSD Security Team. Released in April 2003, FreeBSD 4.8 was the first release designated for "extended" two-year security support instead of the normal one-year support. Over this time, 27 security advisories have been issued which have

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 FreeBSD Project Quarterly Status Report - 3rd Quarter 2016 As focused as we are on the present and what is happening now, it is sometimes useful to take a fresh look at where we have come from, and where we are going. This quarter, we had our newest doc committer working to trace through the tangled history of many utilities, and we

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 FreeBSD Project Quarterly Status Report - 3rd Quarter 2016 As focused as we are on the present and what is happening now, it is sometimes useful to take a fresh look at where we have come from, and where we are going. This quarter, we had our newest doc committer working to trace through the tangled history of many utilities, and we

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, On May 31st, FreeBSD 5.5, FreeBSD 6.1, and FreeBSD 6.2 will have reached their End of Life and will no longer be supported by the FreeBSD Security Team. Since FreeBSD 5.5 is the last remaining supported release from the FreeBSD 5.x stable branch, support for the FreeBSD 5.x stable branch will also cease at the same point. Users of

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, On May 31st, FreeBSD 5.5, FreeBSD 6.1, and FreeBSD 6.2 will have reached their End of Life and will no longer be supported by the FreeBSD Security Team. Since FreeBSD 5.5 is the last remaining supported release from the FreeBSD 5.x stable branch, support for the FreeBSD 5.x stable branch will also cease at the same point. Users of

...Vulnerability - CVE-2007-6015" http://www.freshports.org/net/samba3/ ============================================================================ samba3 3.0.26a_2,1 <http://www.freshports.org/net/>net<http://www.freshports.org/faq.php#watchlistcount> <http://www.freshports.org/search.php?stype=depends_all&method=match&query=net/samba3>=220 FORBIDDEN:

FreeBSD Quarterly Status Report, January-March 2013 Introduction This report covers FreeBSD-related projects between January and March 2013. This is the first of four reports planned for 2013. Highlights from this status report include the busy preparations of 8.4-RELEASE, restoration of binary package building, steady progress of several porting efforts, like work on the FreeBSD

Hi, On 8/10/06, Mark Bucciarelli <mark@gaiahost.coop> wrote: > > > There's a scary security alert from yesterday out and no port > update so I judged it to be isp-related. I looked for > ports-security list but didn't see one. > > You know, that might be a very good ideea -- e.g. have a security team and list for ports as we have one for the base distribution.

On 9/21/2013 5:49 AM, Bryan Drewery wrote: > Ports now support enabling Stack Protector [1] support on FreeBSD 10 > i386 and amd64, and older releases on amd64 only currently. > > Support may be added for earlier i386 releases once all ports properly > respect LDFLAGS. > > To enable, just add WITH_SSP=yes to your make.conf and rebuild all ports. > > The default

On 9/21/2013 5:49 AM, Bryan Drewery wrote: > Ports now support enabling Stack Protector [1] support on FreeBSD 10 > i386 and amd64, and older releases on amd64 only currently. > > Support may be added for earlier i386 releases once all ports properly > respect LDFLAGS. > > To enable, just add WITH_SSP=yes to your make.conf and rebuild all ports. > > The default

On Fri, Feb 14, 2003 at 12:44:50AM -0800, Kris Kennaway wrote: > On Sat, Jan 18, 2003 at 05:50:05PM -0500, Tim Vanderhoek wrote: > > On Sat, Jan 18, 2003 at 10:38:27PM +0100, Gunnar Flygt wrote: > > > > > > Actually it seems more that some of the pors have huge "include's" > > > as /usr/ports/devel/cdk as it includes the big maninfo.mk, or >

postmaster@ reports that <security@FreeBSD.org> is now an alias for the secteam list. -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org

Hi all, There are rumours flying around about a supposed vulnerability in OpenSSH. Two details which I've seen mentioned many times are (a) that this exploit was used to break into a RedHat system running OpenSSH 4.3 plus backported security patches, and (b) that "recent" versions of OpenSSH are not affected; but it's not clear if there is any basis for these rumours. Given