MidnightBSD 1.2

Scritto il

MidnightBSD

MidnightBSD è un sistema operativo che deriva da FreeBSD (in origine è stato un fork di FreeBSD 6.1 beta). L’obiettivo principale del progetto è di creare un sistema desktop semplice da usare.

Versione 1.2

Questa versione contiene (in Inglese):

I’m happy to announce the availability of MidnightBSD 1.2 for amd64 and i386. This release focused on updating base system libraries and security. A significant effort has been put into updating various mports.

Portsnap is now included in the base system. You can use it to fetch mports. As this is a relatively new feature, please report any issues.

Bug Fixes

Fixed spell(1) by bringing back deroff(1).

Fixed a bug with the mdnsd startup script (/etc/rc.d/mdnsd) where it wouldn’t modify the /etc/nsswitch.conf properly when enabling mDNSresponder.

Security fixes

The kernel driver for /dev/midistat implements a handler for read(2). This handler is not thread-safe, and a multi-threaded program can exploit races in the handler to cause it to copy out kernel memory outside the boundaries of midistat’s data buffer.

System calls operating on file descriptors obtain a reference to relevant struct file which due to a programming error was not always put back, which in turn could be used to overflow the counter of affected struct file.

Security patch for CVE-2019-5611.
Due do a missing check in the code of m_pulldown(9) data returned may not be contiguous as requested by the caller.

Fix some buffer overflows in telnet client
The code which handles a close(2) of a descriptor created by posix_openpt(2) fails to undo the configuration which causes SIGIO to be raised. This bug can lead to a write-after-free of kernel memory.
Due to insufficient initialization of memory copied to userland in the components listed above small amounts of kernel memory may be disclosed to userland processes.

3rd party software

  • OpenSSH 7.9p1
  • bzip2 1.0.7

bsnmp bug fix – A function extracting the length from type-length-value encoding is not properly validating the submitted length.

Hardware

jedec_dimm – some modules falsely report supporting temp sensors. Handle this better.

Some work was also completed on the USB stack.

  • add some quirks for sandisk sdcz48_32 ultra 32gb, ploytec spl crimson rev 1, edirol ua-25ex
  • Fix for reception of large full speed isochronous frames via the transaction translator.
  • In xhci(4) there is no stream ID in the completion TRB. instead interate all the stream idds in stream mode to find the matching USB transfer.
  • Fix a lost completion event issue towards libusb(3).
  • Reduce timeout for reading the USB HUB port status to 1000ms and try to filter out dead USB HUB devices by implemention of an error counter.

Mport Package Manager

Several bug fixes to existing SQL queries were done in this release. It should improve lookups of packages when searching or installing updates. Error handling improvements were also done.

Some bug fixes around absolute paths should improve installation when plists contain absoluate paths.

Risorse

La distribuzione può essere scaricata da:

Il sito web della distribuzione è: http://www.midnightbsd.org/

Conclusioni

Si può aggiornare dalle versioni precedenti seguendo le indicazioni sul sito.

Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *

Questo sito usa Akismet per ridurre lo spam. Scopri come i tuoi dati vengono elaborati.

Tema Seamless Primrose, sviluppato da Altervista

Apri un sito e guadagna con Altervista - Disclaimer - Segnala abuso - Privacy Policy - Personalizza tracciamento pubblicitario