Trailrunner7 writes "A researcher has published an explanation of a new flaw in FreeBSD that allows a remote attacker to take control of a vulnerable machine. The vulnerability could give an attacker root access to the FreeBSD machine, and the FreeBSD developers have published a patch for the flaw early Tuesday. The vulnerability lies in run-time link-editor and, if exploited, gives an attacker the ability to run arbitrary code. The researcher, Kingcope, has posted an explanation of the flaw on the Full Disclosure mailing list. In a message to FreeBSD users, Colin Percival, the project's security officer, said that because of the severity of the flaw and the fact that exploit code already is available, he felt it was necessary to post the patch as soon as possible, without even publishing a security advisory."
An anonymous reader writes "The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 8 stable release. Some of the highlights: Xen DomU support, network stack virtualization, stack-smashing protection, TTY layer rewrite, much improved ZFS v13, a new USB stack, multicast updates including IGMPv3, vimage — a new virtualization container, Fedora 10 Linux binary compatibility to run Linux software such as Flash 10 and others, trusted BSD MAC (Mandatory Access Control), and rewritten NFS client/server introducing NFSv4. Inclusion of improved device mmap() extensions will allow the technical implementation of a 64-bit Nvidia display driver for the x86-64 platform. The GNOME desktop environment has been upgraded to 2.26.3, KDE to 4.3.1, and Firefox to 3.5.5. There is also an in-depth look at the new features and major architectural changes in FreeBSD 8.0, including a screenshot tour, upgrade instructions are posted here. You can grab the latest version from FreeBSD from the mirrors (main ftp server) or via BitTorrent. Please consider making a donation and help us to spread the word by tweeting and blogging about the drive and release."
pgilman writes "The release of OpenBSD 4.6 was announced today. Highlights of the new release include a new privilege-separated smtpd; numerous improvements to packet filtering, software RAID, routing daemons, and the TCP stack; a new installer; and lots more. Grab a CD set or download from a mirror, and please support the project (which also brings you OpenSSH and lots of other great free software) if you can."
bonch writes "Apple's Grand Central Dispatch, which was recently open sourced, has been ported to FreeBSD and is planned to be included by default in FreeBSD 8.1. Also known as libdispatch, the API allows the use of function-based callbacks but will also support blocks if built using FreeBSD's clang compiler package. There's already discussion of modifying BSD's system tools to use the new technology." The port was originally unveiled last month at the 2009 Developer Summit in Cambridge. Slides from that presentation are available via the Dev Summit wiki.
Reader tail.man points out this press release from Debian which says that the port of the Debian system to the FreeBSD kernel will be given equal footing alongside Debian's several other release ports, starting with the release of Squeeze. Excerpting from this release: "The kFreeBSD architectures for the AMD64/Intel EM64T and i386 processor architectures are now release architectures. Severe bugs on these architectures will be considered release critical the same way as bugs on other architectures like armel or i386 are. If a particular package does not build or work properly on such an architecture this problem is considered release-critical. Debian's main motivation for the inclusion of the FreeBSD kernel into the official release process is the opportunity to offer to its users a broader choice of kernels and also include a kernel that provides features such as jails, the OpenBSD Packet Filter and support for NDIS drivers in the mainline kernel with full support."
An anonymous reader writes "Phoronix has brought benchmarks comparing the FreeBSD 8.0-RC and Ubuntu 9.10 Alpha 6 operating systems. FreeBSD rather ends up taking a wallop to Ubuntu Linux, but there are a few areas where FreeBSD 8 ran well. They also posted benchmarks comparing this near-final FreeBSD 8.0 build to that of FreeBSD 7.2 to show performance improvements there but with a few regressions."
electrostaticcarrot writes "DragonFly — that fourth major BSD — has had its 2.4 release. The 'most invasive change' is the addition and usage of a DevFS for /dev; building on this, drives are now also recognized by serial number (along with /etc/devtab for aliases) as listed in /dev/serno. This is also the first release with a x86-64 ISO, stable but with limited pkgsrc support. Other larger changes include a ported and feature-extended (with full hotplug and port multiplier support) AHCI driver (and SILI driver based on it) originally taken from OpenBSD, major NFS changes, and HAMMER updates. A pkgsrc GIT mirror has also been set up and put in use to make future pkgsrc updates quicker and smoother. Here are two of the mirrors."
Adam Dunkels writes "Inspired by the Twitter-sized program that crashes Mac OS X, I just wrote a really, really rudimentary IP stack called twIP, small enough to fit in a Twitter tweet. Although twIP is very far away from a real IP stack, it can do the first task of any IP stack: respond to pings. The entire source code can be found in this 128-character-long tweet. For those who are interested in low-level network programming, a code walkthrough with instructions on how to run the code under FreeBSD is available here. The FAQ: Q: why? A: for fun."
Handbrewer writes "The FreeBSD developer Poul-Henning Kamp (phk) has sued Lenovo in Denmark (Google translation, original here) over their refusal to refund the Windows Vista Business license, even though he declined the EULA during installation. Lenovo argues that they sell the computer as a full product, and that they cannot refund it partially, such as the power supply or the OS even if people intend to use a different one. This seems to be contrary to previous rulings in the EU where Acer and HP has been forced to refund the 'Microsoft tax.'"
An anonymous reader writes "Twelve years ago OpenBSD developers started engineering a release process that has resulted in quality software being delivered on a consistent 6 month schedule — 25 times in a row, exactly on the date promised, and with no critical bugs. This on-time delivery process is very different from how corporations manage their product releases and much more in tune with how volunteer driven communities are supposed to function. Theo de Raadt explains in this presentation how the OpenBSD release process is managed (video) and why it has been such a success."
An anonymous reader writes "KDE 4.2.4 has been released. See the release announcement for details." Barring a "security issue or another grave bug," this is the end of the KDE 4.2 line, which means for distros based on long-term support, it might be the thing to get used to for a while.
Siker writes in to tell us about the experience of email transfer service YippieMove, which ditched VMware and switched to FreeBSD jails. "We doubled the amount of memory per server, we quadrupled SQLite's internal buffers, we turned off SQLite auto-vacuuming, we turned off synchronization, we added more database indexes. We were confused. Certainly we had expected a performance difference between running our software in a VM compared to running on the metal, but that it could be as much as 10X was a wake-up call."
Zadok_Allan writes "It's a bit late, but since many readers will remember the SGI O2 fondly, this might interest a few. The gist of the story is this: NetBSD now supports hardware accelerated graphics on the O2 both in X and in the kernel. We didn't get any help from SGI, and the documentation available doesn't go beyond a general description and a little theory of operation, which is why it took so long to figure it out. The X driver still has a few rough edges (all the acceleration frameworks pretty much expect a mappable linear framebuffer, if you don't have one — like on most SGI hardware — you'll have to jump through a lot of hoops and make sure there's no falling back to cfb and friends) but it supports XRENDER well enough to run KDE 3.5. Yes, it's usable on a 200MHz R5k O2. Not quite as snappy as any modern hardware but nowhere near as sluggish as you'd expect, and since Xsgi doesn't support any kind of XRENDER support, let alone hardware acceleration, pretty much anything using anti-aliased fonts gets a huge performance boost out of this compared to IRIX."
An anonymous reader writes "The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 7.2-RELEASE. This is the third release from the 7-STABLE branch which improves on the functionality of FreeBSD 7.1 and introduces some new features. Some of the highlights: Support for fully transparent use of superpages for application memory; Support for multiple IPv4 and IPv6 addresses for jails; csup(1) now supports CVSMode to fetch a complete CVS repository; Gnome updated to 2.26, KDE updated to 4.2.2; Sparc64 now supports UltraSparc-III processors. For a complete list of new features and known problems, please see the online release notes and errata list." Adds another anonymous reader, "You can grab the latest version from FreeBSD from the mirrors or via BitTorrent. There is also a quick review of the new features and upgrade instructions."
portscan writes "OpenBSD 4.5 has been released. New and extended platforms include sparc64, and added device drivers. OpenSSH 5.2 is included, plus a number of tweaks, bugfixes, and enhancements. See the announcement page for a full list. OpenBSD is a security-oriented UNIX/BSD operating system." As per OpenBSD tradition, of course there's a song.