MidnightBSD 0.8 released

The MidnightBSD team has announced availability of MidnightBSD 0.8, latest stable release of FreeBSD based operating system targeting desktop users. MidnightBSD ships all day-to-day software packages like web browser, media player, email client ..etc in default installation. This helps MidnightBSD to be a BSD distribution oriented towards end users.

MidnightBSD 0.8 is coming with several refinements and fixes for longstanding bugs. One of the major change is, use of Clang/LLVM 3.3 as system compiler instead of GCC 4.2. This will help project to provide more optimized packages, which will have reduced resource usage and package size.

Following are some bugs addressed in MidnightBSD 0.8 release.
  • The implementation of TIOCGSERIAL ioctl(2) does not clear the output struct before sending to userland in the linux emulation layer.
  • The compat 43 stat(2) system call exposes kernel stack to userland.
  • atkbd(4) - Incorrect signedness comparison in the ioctl(2) handler allows a malicious local user to overwrite a portion of the kernel memory.
  • Incorrect argument handling in sendmsg(2)
  • Incorrect argument handling in the socket code allows malicious local user to overwrite large portion of the kernel memory.
  • TCP MD5 signature denial of service
  • A programming error in processing a TCP connection with both TCP_MD5SIG and TCP_NOOPT socket options may lead to kernel crash.
  • SCTP : A lack of proper input checks in the ICMPv6 processing in the SCTP stack can lead to either a failed kernel assertion or to a NULL pointer dereference.  In either case, a kernel panic will follow.
  • libarchive : CVE-2015-2304 and CVE-2013-0211 fix issues with cpio directory traversal and an integer signedness error in the archive write zip data routine.
  • OpenSSL : The padding check in AES-NI CBC MAC was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes. [CVE-2016-2107]
  • An overflow can occur in the EVP_EncodeUpdate() function which is used for Base64 encoding of binary data. [CVE-2016-2105]
You may check release announcement posted in MidnightBSD user mailing list, to see a detailed list of bug fixes and enhancements.

Share this