MidnightBSD Notes de version
Informations de denière minute:
Précédentes notes de version
(02/02/2019) MidnightBSD 1.1
Je suis heureux d'annoncer l'arrivée de MidnightBSD 1.1 pour amd64 et i386. C'est une version mineure qui permet de sécuriser des failles matérielles et de sécurité qui sont arrivées depuis la version 1.0. Il vous est fortement recommandé de faire la mise à jour, en particulier si vous possédez du nouveau matériel Intel.
Cette version inclut également une nouvelle version d'OpenSSL. Elle est un simple changement de la version 1.0.1 à la version 1.0.2. Beaucoup de mports sont construits avec un paquetage et ne sont probablement plus affectés. Il vous est toujours recommandé de reconstruire tout paquetage mport utilisant SSL ou de mettre à jour chaque paquetage comme recommandé.
OpenSSH a aussi été mis à jour et le support des anciennes connexions SSH v1 a été retiré.
[Traduction en cours...] A bug fix for ICMP underwrites is included. The icmp_error routine allocates either an mbuf or a cluster depending on the size of the data to be quoted in the ICMP reply, but the calculation failed to account for additional padding on 64-bit platforms when using a non-default sysctl value for net.inet.icmp.quotelen.
Perl 5.28.0 fixes a number of security issues present in the older 5.26 version included with 1.0.
3rd party software
- ACPICA 20170728
- Perl 5.28.0
- mksh R56c
- OpenSSH 7.5p1
- OpenSSL 1.0.2p
Hardware
Add the ability to disable TRIM on specific controllers or drives that have bugs. This includes some ASMedia controllers using on AMD hardware.Several bugs with Intel em(4) and igb(4) network card drivers have been fixed. - Or in the DMA coalescing Rx threshold so the other bits set in E1000_DMACR remain intact as intended in igb_init_dmac(). [1] - Fix igb corrupting checksums with BPF and VLAN
Fix MSI-X to properly fail allocations when full. The off-by-one errors in 332735 weren't actual errors and were preventing the last MSI interrupt source from being used.
Mport Package Manager
Introduced new setting to set the mirror region you wish to use. Currently, we have two mirrors including the main site in Ypsilanti, MI and another in Japan.
Lookup current setting:
mport config get mirror_region
Set the a new mirror location:
mport config set mirror_region jp
Known Issues
There is a known issue with scp in OpenSSH. While this version does not fix the issue, it is new enough that we expect to be able to release a patch for it soon. We chose to release anyway due to issues with OpenSSL and Perl.
Several issues were reported with the 1.0 release an the LiveCD functionality. These have not been corrected yet. We recommend installing MidnightBSD in a virtual machine to try it out before committing to dedicated hardware with it.
At the time of release, several packages are still getting updated in mports. Initial package availability will be limited, but we expect better support going forward.
mports/devel/p5-version must be updated in order to work with the system perl.
If you are updating an existing system, after installing 1.1, you can use mport upgrade to update packages with 1.1 versions. It is recommended that you delete /usr/mports/Packages and run mport clean to remove old package remnants.
You may use svnlite (part of the base system) to checkout mports or src, if you do not wish to install the
svn package.
e.g.
cd /usr/ && svnlite co http://svn.midnightbsd.org/svn/mports/trunk mports