similar to: SSP now default for ports/packages, ssp/new_xorg repository EOL

On 9/21/2013 5:49 AM, Bryan Drewery wrote: > Ports now support enabling Stack Protector [1] support on FreeBSD 10 > i386 and amd64, and older releases on amd64 only currently. > > Support may be added for earlier i386 releases once all ports properly > respect LDFLAGS. > > To enable, just add WITH_SSP=yes to your make.conf and rebuild all ports. > > The default

On 9/21/2013 5:49 AM, Bryan Drewery wrote: > Ports now support enabling Stack Protector [1] support on FreeBSD 10 > i386 and amd64, and older releases on amd64 only currently. > > Support may be added for earlier i386 releases once all ports properly > respect LDFLAGS. > > To enable, just add WITH_SSP=yes to your make.conf and rebuild all ports. > > The default

Hi, Please commit the attached, it fixes a warning on FreeBSD: ./configure: ],: not found Mirrored here: https://github.com/bdrewery/openssh-portable/commit/5860048c64fd41005697473d4985efa454a191c5.patch Thanks! Bryan Drewery -------------- next part -------------- commit 5860048c64fd41005697473d4985efa454a191c5 Author: Bryan Drewery <bryan at shatow.net> Date: Fri Feb 21 09:08:41

I'm still working on SSP support in LLVM. We have code that is in an IR pass StackProtector, SelectionDAG, FastISel, and some MachineFunction passes. Even in SelectiondDAG we have different code paths. I wonder if we can at least have only two code paths, one for SelectionDAG and the other for FastISel. IR pass may generate two forms of IR: 1) Almost pure IR, which contains only

https://bugzilla.mindrot.org/show_bug.cgi?id=1538 Summary: improve SSP detection Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: unassigned-bugs at mindrot.org ReportedBy: vapier at

I have a network with Kerberos and Squid. My Linux users use Kerberos to authenticate to the KDC and then use Negotiate to use their Kerberos tickets with Squid. LDAP is used for NSS. PAM is also configured to authenticate to Kerberos for services that can't use GSSAPI directly. Enter the Windows 8 user. I have a new user with Windows 8 that needs to use Squid also. It seems that because

Hi, I have encountered this error when attempting a One-way Repeated-measure ANOVA with my data. I have read the "Anova in car: SSPE apparently deficient rank" thread by I'm not sure the within-subject interaction has more degrees of freedom than subjects in my case. I have prepared the following testing script: rm(list = ls())

FreeBSD Quarterly Status Report, January-March 2013 Introduction This report covers FreeBSD-related projects between January and March 2013. This is the first of four reports planned for 2013. Highlights from this status report include the busy preparations of 8.4-RELEASE, restoration of binary package building, steady progress of several porting efforts, like work on the FreeBSD

Hi there, I'm still running 6.2 on various servers without any tweaks (GENERIC kernel, binary updates via freebsd-update etc.) but lots of ports (apache, postgresql, diablo-jdk etc.) and would like to use stack smashing protection in order to harden my boxes and avoid many potential exploits. I've known about ProPolice/SSP for a while now (from the Gentoo world) and am aware that

I''ve posted a FreeBSD portsnap class for those wanting to automate the use of portsnap for ports maintenance (fetch, extraction, cron, and update). http://reductivelabs.com/trac/puppet/wiki/PuppetFreeBSD#portsnap ## EXAMPLE import ''freebsd.pp'' import ''schedule.pp'' node ''freebsd.local'' { include freebsd::portsnap } ## END

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 FreeBSD Project Quarterly Status Report - 3rd Quarter 2016 As focused as we are on the present and what is happening now, it is sometimes useful to take a fresh look at where we have come from, and where we are going. This quarter, we had our newest doc committer working to trace through the tangled history of many utilities, and we

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 FreeBSD Project Quarterly Status Report - 3rd Quarter 2016 As focused as we are on the present and what is happening now, it is sometimes useful to take a fresh look at where we have come from, and where we are going. This quarter, we had our newest doc committer working to trace through the tangled history of many utilities, and we

freebsd-security-request@freebsd.org wrote: > Send freebsd-security mailing list submissions to > freebsd-security@freebsd.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.freebsd.org/mailman/listinfo/freebsd-security > or, via email, send a message with subject or body 'help' to > freebsd-security-request@freebsd.org > > You

Hello, Probably the wrong mailinglist. But portsnap is not updating since a few days while there are commits on the ports tree. [1] After some searching I found I am not the only one. Apparently there is maintenance being done on the servers. http://www.mail-archive.com/freebsd-ports at freebsd.org/msg45395.html I read a lot of blogs/RSS/etc. Nowhere any signs of maintenance on the

Dear FreeBSD users, Slightly more than three years ago, I released FreeBSD Update, my first major contribution to FreeBSD. Since then, I have become a FreeBSD committer, joined the FreeBSD Security Team, released Portsnap, and become the FreeBSD Security Officer. However, as I have gone from being a graduate student at Oxford University -- busy writing my thesis -- to a researcher at Simon

CVSup is slow, insecure, and a memory hog. However, until now it's been the only option for keeping an up-to-date ports tree, and (thanks to all of the recent work on vuxml and portaudit) it has become quite obvious that keeping an up-to-date ports tree is very important. To provide a secure, lightweight, and fast alternative to CVSup, I've written portsnap. As the name suggests, this

In preparation for 7.3-RELEASE, the ports tree is now in feature freeze. Normal upgrade, new ports, and changes that only affect other branches are allowed without prior approval but with the extra Feature safe: yes tag in the commit message. Any commit that is sweeping, i.e. touches a large number of ports, infrastructural changes, commts to ports with unusually high number of dependent ports,

Hi, first sorry for cross-posting but I thought this patch might interest -CURRENT users as well as people concerned by security. I wrote a patch that integrates ProPolice/SSP into FreeBSD, one step further than it has been realized so far. It is available here : http://tataz.chchile.org/~tataz/FreeBSD/SSP/ Everything is explained on the web page, but I will repeat some informations here.

As of June 1, 2008 00:00:00 UTC, FreeBSD 5.X support in the ports tree is End Of Life. This means that a ports tree checked out after this date is not guaranteed to produce usable packages on 5.X. Additionally, 5.X package builds on the cluster will cease. Users are encouraged to upgrade to 6.3 or 7.0 if they wish to continue to track the latest ports tree. A tag, RELEASE_5_EOL, has been laid

I have been using Freebsd for along time. I have a client of mine that wants me to use Centos for his email server and web server. Anyway with Freebsd to update the packages file you use the following commands. portsnap fetch fetches all the current port trees portsnap update adds all the new ports to the tree on the server portupgrade -arR will install all the ports that are installed on the