All in all, I am impressed with what the PC-BSD team has managed to deliver with their 10.0.3 release. The project has taken on additional polish with the last few releases. The graphical front ends look nicer, some bugs I spotted in previous releases (especially with Life Preserver) have been fixed and the way ZFS integrates with the other PC-BSD tools was very useful to me. There are a lot of great features in this release I would love to see ported to Linux and there were no serious problems during my trial, beyond the video driver issue I was able to work around. I definitely recommend giving PC-BSD a try, it offers a great deal of power in an attractive package.
While OpenBSD generally prides itself on being a secure, open-source operating system and focusing more on code corectness and security rather than flashy features, it turns out a potential security bug has been living within OpenBSD for the past decade.
Phoronix German ready "FRIGN" wrote in to Phoronix this afternoon with a subject entitled, "10 year old critical bug in OpenBSD discovered." He pointed out a post today about a bug discovered in OpenBSD's polling subsystem that could allow DDoS-style attacks on servers, "a critical bug in the polling-subsystem in OpenBSD has been uncovered which allows DDoS-attacks on servers using a non-standard derivation from the POSIX-standard in marking file descriptors non-readable when they should return EOF."
The first RC build of the 10.1-RELEASE release cycle is now available
on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64
and sparc64 architectures.
The image checksums follow at the end of this email.
Installer images and memory stick images are available here:
GhostBSD 4.0-RELEASE is now available for the amd64 and i386 architectures, it GhostBSD 4.0 can be installed from bootable ISO images or from a USB memory stick. The required files can be downloaded via SourceForge or TorrentFTP as described in the section below.
MD5 and SHA256 hashes for the release ISOs and memory stick images are included the bottom of this message and in Download page.
Instead, libressl is here because of a tragic comedy of other errors. Let's start with the obvious. Why were heartbeats, a feature only useful for the DTLS protocol over UDP, built into the TLS protocol that runs over TCP? And why was this entirely useless feature enabled by default? Then there's some nonsense with the buffer allocator and freelists and exploit mitigation countermeasures, and we keep on digging and we keep on not liking what we're seeing. Bob's talk has all the gory details.
But why fork? Why not start from scratch? Why not start with some other contender? We did look around a bit, but sadly the state of affairs is that the other contenders aren't so great themselves. Not long before Heartbleed, you may recall Apple dealing with goto fail, aka the worst bug ever, but actually about par for the course.
The boycotting of systemd has led to the creation of uselessd, a new init daemon based off systemd that tries to strip out the "unnecessary" features.
Uselessd in its early stages of development is systemd reduced to being a basic init daemon process with "the superfluous stuff cut out". Among the items removed are removing of journald, libudev, udevd, and superfluous unit types.