From owner-freebsd-announce Wed Sep 27 0: 8:16 2000 Delivered-To: freebsd-announce@freebsd.org Received: from zippy.osd.bsdi.com (zippy.osd.bsdi.com [204.216.27.228]) by hub.freebsd.org (Postfix) with ESMTP id E682337B423 for ; Wed, 27 Sep 2000 00:07:52 -0700 (PDT) Received: (from jkh@localhost) by zippy.osd.bsdi.com (8.11.0/8.11.0) id e8R77ow00728 for announce@freebsd.org; Wed, 27 Sep 2000 00:07:50 -0700 (PDT) (envelope-from jkh) Date: Wed, 27 Sep 2000 00:07:50 -0700 (PDT) From: "Jordan K. Hubbard" Message-Id: <200009270707.e8R77ow00728@zippy.osd.bsdi.com> To: announce@freebsd.org Subject: FreeBSD 4.1.1-RELEASE is now available Sender: owner-freebsd-announce@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org As always, I'm pleased to announce the availability of FreeBSD 4.1.1-RELEASE, a point release update for 4.1-RELEASE and, of course, the very latest in 4.x-STABLE branch technology. Since 4.1-RELEASE was produced in August 2000, RSA released their code into the public domain and a number of other security enhancements were made possible through the FreeBSD project's permission to export cryptographic code from the United States. These changes are fully reflected in 4.1.1-RELEASE, making it one of the most secure "out of the box" releases of FreeBSD we've ever done. We also took the opportunity to include support for new features like IDE ATA100 support, drivers for additional Gigabit ethernet cards and hardware watchpoints in gdb. Please see the release notes for more information. The 4.1.1-RELEASE is available right now for the i386 architecture (alpha to follow in several days) in "FTP installable" and ISO image form. For the appropriate bits, please see: ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/4.1.1-RELEASE/ ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/ISO-IMAGES/4.1.1-install.iso When the Alpha release follows in several days, it will be available from: ftp://ftp.freebsd.org/pub/FreeBSD/releases/alpha/4.1.1-RELEASE/ ftp://ftp.freebsd.org/pub/FreeBSD/releases/alpha/ISO-IMAGES/4.1.1-install.iso Please watch the alpha@freebsd.org mailing list for an announcement. IMPORTANT NOTE: This is a network only point release and will not be made generally available for sale on CDROM, at least not from BSDi or anyone else we currently have knowledge of. The next official CD release will be FreeBSD 4.2-RELEASE, still scheduled for mid-November 2000. FreeBSD is also available via anonymous FTP from mirror sites in the following countries: Argentina, Australia, Brazil, Bulgaria, Canada, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Hong Kong, Hungary, Iceland, Ireland, Israel, Japan, Korea, Latvia, Malaysia, the Netherlands, Poland, Portugal, Rumania, Russia, Slovenia, South Africa, Spain, Sweden, Taiwan, Thailand, Elbonia, the Ukraine and the United Kingdom (and quite possibly several others which I've never even heard of :). Before trying the central FTP site, please check your regional mirror(s) first by going to: ftp://ftp..freebsd.org/pub/FreeBSD Any additional mirror sites will be labeled ftp2, ftp3 and so on. Thanks! - Jordan This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message From owner-freebsd-announce Wed Sep 27 10:12:50 2000 Delivered-To: freebsd-announce@freebsd.org Received: from dns.enet.interop.net (dns.enet.interop.net [45.0.12.20]) by hub.freebsd.org (Postfix) with ESMTP id 1D47937B424 for ; Wed, 27 Sep 2000 10:12:28 -0700 (PDT) Received: from envy.geekhouse.net (root@bsdi-7.enet.interop.net [45.18.2.76]) by dns.enet.interop.net (8.9.3/8.8.7) with ESMTP id KAA26398 for ; Wed, 27 Sep 2000 10:12:26 -0700 Received: (from jim@localhost) by envy.geekhouse.net (8.11.0/8.11.0) id e8RH5MK00363 for announce@FreeBSD.org; Wed, 27 Sep 2000 10:05:22 -0700 (PDT) (envelope-from jim) Date: Wed, 27 Sep 2000 10:05:11 -0700 From: Jim Mock To: announce@FreeBSD.org Subject: BSDCon Reminder Message-ID: <20000927100510.A333@envy.geekhouse.net> Reply-To: jim@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-announce@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a duplicate copy of the announcement I sent last week, just to serve as a reminder for those who forgot about it, or didn't see it at all. As many of you are already aware, BSDCon 2000 is happening in about a month. The purpose of this message is to provide some updates and the schedule as it currently stands. For those of you who missed the original announcement back in May, BSDCon 2000 will be held at the Hyatt Regency in Monterey, California. Please see http://www.hyatt.com/usa/monterey/hotels/hotel_mrydm.html for more information about the hotel, their location, and so on. The floor plan is available at http://bsdcon.com/floorplan1.php3 for those who are curious. Pricing is as follows: Conference (Oct. 18-20): $495 Tutorial 1 (Oct. 14-15): $495 Tutorial 2 (Oct. 16-17): $495 Room rates at the Hyatt: $129/night In order to get the room rate, simply mention that you're attending BSDCon (or if they sound confused, BSD or BSDi). For more information about Monterey and the surrounding area, please visit the Lodging & Travel section of our web site at http://bsdcon.com/lodging.php3. You can register for BSDCon 2000 by calling 1-925-691-2800, or online, at http://bsdcon.com/registration.php3. Please note the last day for pre-registration is October 5th. After this date, only on-site registration will be done. If you are interested in being a sponsor or exhibitor at BSDCon 2000, please visit our web site and read the information available there. Papers and Tutorials ==================== For more information on the tutorials being presented, please visit http://bsdcon.com/tutorials.php3 for a brief overview and outline of each. For a list of papers being presented, along with who is presenting them, please see http://bsdcon.com/schedule.php3. Please keep in mind that the rooms and speakers may change. If you have any questions about the conference, please contact us at info@bsdcon.com. Alternatively, you can contact us by phone at 1-925-691-2800 or fax at 1-925-674-0821. Thanks, and hope to see you in Monterey next month! - jim -- jim mock work: jim@osd.bsdi.com | jim@FreeBSD.org http://soupnazi.org/ BSDi Open Source Div | http://bsdi.com This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message From owner-freebsd-announce Wed Sep 27 10:14:14 2000 Delivered-To: freebsd-announce@freebsd.org Received: from dns.enet.interop.net (dns.enet.interop.net [45.0.12.20]) by hub.freebsd.org (Postfix) with ESMTP id 82AB937B443 for ; Wed, 27 Sep 2000 10:13:38 -0700 (PDT) Received: from envy.geekhouse.net (root@bsdi-7.enet.interop.net [45.18.2.76]) by dns.enet.interop.net (8.9.3/8.8.7) with ESMTP id KAA26407 for ; Wed, 27 Sep 2000 10:13:17 -0700 Received: (from jim@localhost) by envy.geekhouse.net (8.11.0/8.11.0) id e8RHD0p00420 for announce@FreeBSD.org; Wed, 27 Sep 2000 10:13:00 -0700 (PDT) (envelope-from jim) Date: Wed, 27 Sep 2000 10:12:50 -0700 From: Jim Mock To: announce@FreeBSD.org Subject: BSDCon Reminder Message-ID: <20000927101250.C333@envy.geekhouse.net> Reply-To: jim@osd.bsdi.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-announce@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a duplicate copy of the announcement I sent last week, just to serve as a reminder for those who forgot about it, or didn't see it at all. As many of you are already aware, BSDCon 2000 is happening in about a month. The purpose of this message is to provide some updates and the schedule as it currently stands. For those of you who missed the original announcement back in May, BSDCon 2000 will be held at the Hyatt Regency in Monterey, California. Please see http://www.hyatt.com/usa/monterey/hotels/hotel_mrydm.html for more information about the hotel, their location, and so on. The floor plan is available at http://bsdcon.com/floorplan1.php3 for those who are curious. Pricing is as follows: Conference (Oct. 18-20): $495 Tutorial 1 (Oct. 14-15): $495 Tutorial 2 (Oct. 16-17): $495 Room rates at the Hyatt: $129/night In order to get the room rate, simply mention that you're attending BSDCon (or if they sound confused, BSD or BSDi). For more information about Monterey and the surrounding area, please visit the Lodging & Travel section of our web site at http://bsdcon.com/lodging.php3. You can register for BSDCon 2000 by calling 1-925-691-2800, or online, at http://bsdcon.com/registration.php3. Please note the last day for pre-registration is October 5th. After this date, only on-site registration will be done. If you are interested in being a sponsor or exhibitor at BSDCon 2000, please visit our web site and read the information available there. Papers and Tutorials ==================== For more information on the tutorials being presented, please visit http://bsdcon.com/tutorials.php3 for a brief overview and outline of each. For a list of papers being presented, along with who is presenting them, please see http://bsdcon.com/schedule.php3. Please keep in mind that the rooms and speakers may change. If you have any questions about the conference, please contact us at info@bsdcon.com. Alternatively, you can contact us by phone at 1-925-691-2800 or fax at 1-925-674-0821. Thanks, and hope to see you in Monterey next month! - jim -- jim mock work: jim@osd.bsdi.com | jim@FreeBSD.org http://soupnazi.org/ BSDi Open Source Div | http://bsdi.com This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message From owner-freebsd-announce Wed Sep 27 17:49:48 2000 Delivered-To: freebsd-announce@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id B030B37B424; Wed, 27 Sep 2000 17:48:35 -0700 (PDT) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory: FreeBSD-SA-00:53.catopen Reply-To: security-advisories@freebsd.org Message-Id: <20000928004835.B030B37B424@hub.freebsd.org> Date: Wed, 27 Sep 2000 17:48:35 -0700 (PDT) Sender: owner-freebsd-announce@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:53 Security Advisory FreeBSD, Inc. Topic: catopen() may pose security risk for third party code Category: core Module: libc Announced: 2000-09-27 Affects: FreeBSD 5.0-CURRENT, 4.x and 3.x prior to the correction date. Corrected: Problem 1: 2000-08-06 (FreeBSD 5.0-CURRENT) 2000-08-22 (FreeBSD 4.1-STABLE) 2000-09-07 (FreeBSD 3.5-STABLE) Problem 2: 2000-09-08 (FreeBSD 5.0-CURRENT, 4.1-STABLE and 3.5-STABLE) Credits: Problem 1: Discovered during internal auditing Problem 2: Ivan Arce FreeBSD only: NO I. Background catopen() and setlocale() are functions which are used to display text in a localized format, e.g. for international users. II. Problem Description There are two problems addressed in this advisory: 1) The catopen() function did not correctly bounds-check an internal buffer which could be indirectly overflowed by the setting of an environment variable. A privileged application which uses catopen() could be made to execute arbitrary code by an unprivileged local user. 2) The catopen() and setlocale() functions could be made to use an arbitrary file as the source for localized data and message catalogs, instead of one of the system files. An attacker could create a file which is a valid locale file or message catalog but which contains special formatting characters which may allow certain badly written privileged applications to be exploited and execute arbitrary code as the privileged user. This second vulnerability is slightly different from the problem originally discovered by Ivan Arce of Core-SDI which affects multiple UNIX operating systems, which involved a different environment variable and which FreeBSD is not susceptible to. However Vulnerability 2 was discovered in FreeBSD after the publication the Core-SDI advisory, and has the same effect on vulnerable applications. NOTE that the FreeBSD base system is not believed to be vulnerable to either of these problems, nor are any vulnerable third party programs (including FreeBSD ports) currently known. Therefore the impact on the majority of FreeBSD systems is expected to be nonexistent. III. Impact Certain setuid/setgid third-party software (including FreeBSD ports/packages) may be vulnerable to a local exploit yielding privileged access. No such software is however currently known. It is believed that no program in the FreeBSD base system is vulnerable to these bugs. The problems were corrected prior to the release of FreeBSD 4.1.1. IV. Workaround Vulnerability 1 described above is the more serious of the two, since it does not require the application to contain a coding flaw in order to exploit it. A scanning utility is provided to detect privileged binaries which use the catopen() function (both statically and dynamically linked binaries), which should be either rebuilt, or have their privileges limited to minimize potential risk. It is not feasible to detect binaries which are vulnerable to the second vulnerability, however the provided utility will also report statically linked binaries which use the setlocale() functions and which *may* potentially be vulnerable. Most of the binaries reported will not in fact be vulnerable, but should be recompiled anyway for maximum assurance of security. Note that some FreeBSD system binaries may be reported as possibly vulnerable by this script, however this is not the case. Statically linked binaries which are identified as vulnerable or potentially vulnerable should be recompiled from source code after patching and recompiling libc, if possible, in order to correct the vulnerability. Dynamically linked binaries will be corrected by simply patching and recompiling libc as described below. As an interim measure, consider removing any identified setuid or setgid binary, removing set[ug]id privileges from the file, or limiting the file access permissions, as appropriate. Of course, it is possible that some of the identified files may be required for the correct operation of your local system, in which case there is no clear workaround except for limiting the set of users who may run the binaries, by an appropriate use of user groups and removing the "o+x" file permission bit. 1) Download the 'scan_locale.sh' and 'test_locale.sh' scripts from ftp://ftp.freebsd.org/pub/FreeBSD/CERT/tools/SA-00:53/scan_locale.sh ftp://ftp.freebsd.org/pub/FreeBSD/CERT/tools/SA-00:53/test_locale.sh e.g. with the fetch(1) command: # fetch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/tools/SA-00:53/scan_locale.sh Receiving scan_locale.sh (337 bytes): 100% 337 bytes transferred in 0.0 seconds (1.05 MBps) # fetch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/tools/SA-00:53/test_locale.sh Receiving test_locale.sh (889 bytes): 100% 889 bytes transferred in 0.0 seconds (1.34 MBps) 2) Verify the md5 checksums and compare to the value below: # /sbin/md5 scan_locale.sh MD5 (scan_locale.sh) = efea80f74b05e7ddbc0261ef5211e453 # /sbin/md5 test_locale.sh MD5 (test_locale.sh) = 2a485bf8171cc984dbc58b4d545668b4 3) Run the scan_locale.sh script against your system: # sh scan_locale.sh ./test_locale.sh / This will scan your entire system for setuid or setgid binaries which make use of the exploitable function catopen(), or the potentially exploitable function setlocale(). Each returned binary should be examined (e.g. with 'ls -l' and/or other tools) to determine what security risk it poses to your local environment, e.g. whether it can be run by arbitrary local users who may be able to exploit it to gain privileges. Note that this script reports setlocale() usage (i.e. vulnerability 2) only in statically linked binaries, not dynamically linked binaries, because of the high rate of false positives. It is likely that the majority of such setlocale() binaries identified are not insecure and their identification by this script should not be taken as evidence that they are vulnerable, but they should be recompiled anyway for maximum assurance of security. 4) Remove the binaries, or reduce their file permissions, as appropriate. V. Solution Upgrade your vulnerable FreeBSD system to 4.1-STABLE or 3.5-STABLE after the correction date, or patch your present system source code and rebuild. Then run the scan_locale.sh script as instructed in section IV and identify any statically-linked binaries as reported by the script. These should either be removed, recompiled, or have privileges restricted to secure them against this vulnerability (since statically-linked binaries will not be affected by simply recompiling the shared libc library). To patch your present system: save the patch below into a file, and execute the following commands as root: cd /usr/src/lib/libc patch < /path/to/patch/file make all make install Patches for FreeBSD systems before the correction date: Index: msgcat.c =================================================================== RCS file: /usr2/ncvs//src/lib/libc/nls/msgcat.c,v retrieving revision 1.21 retrieving revision 1.27 diff -u -r1.21 -r1.27 --- nls/msgcat.c 2000/01/27 23:06:33 1.21 +++ nls/msgcat.c 2000/09/01 11:56:31 1.27 @@ -91,8 +91,9 @@ __const char *catpath = NULL; char *nlspath; char *lang; - long len; char *base, *cptr, *pathP; + int spcleft; + long len; struct stat sbuf; if (!name || !*name) { @@ -106,10 +107,10 @@ } else { if (type == NL_CAT_LOCALE) lang = setlocale(LC_MESSAGES, NULL); - else { - if ((lang = (char *) getenv("LANG")) == NULL) - lang = "C"; - } + else + lang = getenv("LANG"); + if (lang == NULL || strchr(lang, '/') != NULL) + lang = "C"; if ((nlspath = (char *) getenv("NLSPATH")) == NULL #ifndef __NETBSD_SYSCALLS || issetugid() @@ -129,13 +130,22 @@ *cptr = '\0'; for (pathP = path; *nlspath; ++nlspath) { if (*nlspath == '%') { + spcleft = sizeof(path) - (pathP - path); if (*(nlspath + 1) == 'L') { ++nlspath; - strcpy(pathP, lang); + if (strlcpy(pathP, lang, spcleft) >= spcleft) { + free(base); + errno = ENAMETOOLONG; + return(NLERR); + } pathP += strlen(lang); } else if (*(nlspath + 1) == 'N') { ++nlspath; - strcpy(pathP, name); + if (strlcpy(pathP, name, spcleft) >= spcleft) { + free(base); + errno = ENAMETOOLONG; + return(NLERR); + } pathP += strlen(name); } else *(pathP++) = *nlspath; } else *(pathP++) = *nlspath; @@ -186,7 +196,7 @@ MCSetT *set; long lo, hi, cur, dir; - if (!cat || setId <= 0) return(NULL); + if (cat == NULL || setId <= 0) return(NULL); lo = 0; if (setId - 1 < cat->numSets) { @@ -212,8 +222,8 @@ if (hi - lo == 1) cur += dir; else cur += ((hi - lo) / 2) * dir; } - if (set->invalid) - (void) loadSet(cat, set); + if (set->invalid && loadSet(cat, set) <= 0) + return(NULL); return(set); } @@ -225,7 +235,7 @@ MCMsgT *msg; long lo, hi, cur, dir; - if (!set || set->invalid || msgId <= 0) return(NULL); + if (set == NULL || set->invalid || msgId <= 0) return(NULL); lo = 0; if (msgId - 1 < set->numMsgs) { @@ -318,7 +328,7 @@ off_t nextSet; cat = (MCCatT *) malloc(sizeof(MCCatT)); - if (!cat) return(NLERR); + if (cat == NULL) return(NLERR); cat->loadType = MCLoadBySet; if ((cat->fd = _open(catpath, O_RDONLY)) < 0) { @@ -351,7 +361,7 @@ cat->numSets = header.numSets; cat->sets = (MCSetT *) malloc(sizeof(MCSetT) * header.numSets); - if (!cat->sets) NOSPACE(); + if (cat->sets == NULL) NOSPACE(); nextSet = header.firstSet; for (i = 0; i < cat->numSets; ++i) { Index: setlocale.c =================================================================== RCS file: /home/ncvs/src/lib/libc/locale/setlocale.c,v retrieving revision 1.27 retrieving revision 1.28 diff -u -r1.27 -r1.28 --- locale/setlocale.c 2000/09/04 03:43:24 1.27 +++ locale/setlocale.c 2000/09/08 07:29:48 1.28 @@ -129,7 +129,7 @@ if (!env || !*env) env = getenv("LANG"); - if (!env || !*env) + if (!env || !*env || strchr(env, '/')) env = "C"; (void) strncpy(new_categories[category], env, ENCODING_LEN); -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBOdKTo1UuHi5z0oilAQH9QwQAhEdiXOU7A/hZpMBKU5bWz6alLqr7o4wp YcypPTnSoMQ2OkFlmuX9sdcgRfwl3gZ1z3QfjhE/eXG7rYSerEyxqcBqgQOBbCUH vURxPEIRqV90DMMZAp62viA1X1Vyx/Ie2WXG/r5Wck1/Zu6BSxsUo3yiWD4gFoVb L1f0kBgl2/A= =YtCH -----END PGP SIGNATURE----- This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message From owner-freebsd-announce Fri Sep 29 14:53:53 2000 Delivered-To: freebsd-announce@freebsd.org Received: from vnode.vmunix.com (vnode.vmunix.com [209.112.4.20]) by hub.freebsd.org (Postfix) with ESMTP id ED5F937B503 for ; Fri, 29 Sep 2000 14:53:40 -0700 (PDT) Received: by vnode.vmunix.com (Postfix, from userid 1005) id 5DD24E; Fri, 29 Sep 2000 17:53:34 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by vnode.vmunix.com (Postfix) with ESMTP id 53A9449A13 for ; Fri, 29 Sep 2000 17:53:34 -0400 (EDT) Date: Fri, 29 Sep 2000 17:53:34 -0400 (EDT) From: Chris Coleman To: announce@freebsd.org Subject: BSD Real Quick Newsletter Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-announce@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org BSD Real Quick(TM) News Letter. Things Happening in BSD. Presented by Daemon News Hi Everyone, I have been writing Real Quick newsletters for over two years now. They actually pre-date Daemon News. They started out as the FreeBSD Real Quick Newsletter and recently I have been writing four different newsletters, one for each BSD. I have decided to take a different approach to the newsletter. Its going to become more regular, unified, and more personalized. I'll try to take the best of each week and summarize it here. As always feedback is welcome. Chris Coleman Daemon News O'Reilly Networks -- Open Source Editor http://www.daemonnews.org http://www.oreillynet.com/ --- A Sexier BSD: Mac OS X(XX) September 28, 2000 In these last couple of weeks the online community has been buzzing about one thing, and it's not the Olympics. Sure, most of Australia's bandwidth is now taken up by International tourists checking their email on Sydney's Internet terminals, and the rest is taken up with the frenzied attempts of would-be-Olympic ticket holders trying to convince IBM's Olympics e-commerce site that they are more worthy of getting tickets than anyone else, but that's not all. It's bigger than the Olympics, it has more colours, more devoted fans and more people wearing shirts advertisingit. It's a new and improved UNIX BSD Distribution, and it's poised to take the world by storm. MORE: http://daily.daemonnews.org/view_story.php3?story_id=1223 --- BSD System takes on Linux September 27, 2000 The buzz in operating systems today seems to center on Linux. But there's another OS generating a lot of interest - BSD. Both Linux and BSD are growing faster as server systems on the Internet than their competitors, including Microsoft's Windows NT and Windows 2000 combined, according to Nancy Stewart, senior analyst at Survey.com, an Internet market research firm that surveys information technology executives on their purchasing plans. In addition, Linux and FreeBSD, an open-source version of the BSD OS, are expected to grow 177 percent as Web server systems by the end of 2001, Stewart says, compared with a loss of 7 percent for Windows NT/2000 and a loss of 11.2 percent for proprietary Unix, such as Hewlett-Packard's HP-UX and Sun Microsystems' Solaris. MORE: http://daily.daemonnews.org/view_story.php3?story_id=1215 --- FreeBSD 4.1.1 includes RSA September 26, 2000 Finally the announcement for FreeBSD 4.1.1 is out. Changes are the inclusion of the RSA libraries and other security things that were made possible because of RSA. MORE: http://daily.daemonnews.org/view_story.php3?story_id=1213 --- Open Packages Mailing Lists September 26, 2000 The OpenPackages.org project now has public mailing lists that people can join. Archives of the op-tech mailing list are also available on line. MORE: http://daily.daemonnews.org/view_story.php3?story_id=1210 LINK: --- Delphi poll September 25, 2000 There is a poll about to which platforms Delphi should be ported after Linux. For those not familiar with Delphi, it is a rapid application development tool (RAD). Thought by many, including myself, to be one of the best development tools around. The Linux port is expected in the coming months. MORE: http://daily.daemonnews.org/view_story.php3?story_id=1208 --- --- From the BSD Support Forum: --- --- Is there a way to increase the difficulty of TCP Sequence Prediction? September 27, 2000 I scanned a newly made OpenBSD firewall running ipf, ipnat and all current patches using nmap. The result were good except that the TCP Sequence Prediction was only at (worthy challenge) this was a big blow to me as I anticipated the OpenBSD box would be much better than a local SuSE linux server that got a better (Good Luck) rating. Myself and another sysadmin have a friendly rivalry going on with the bsd vs linux debate. This last scan did not help my cause much. Any ideas on what I could do to increase the prediction difficulty? Thanks in advance. MORE: http://daily.daemonnews.org/view_story.php3?story_id=1222 --- Plea for help September 27, 2000 Here's my problem - FreeBSD4.0 runs out of memory and crashes. Currently, I have one box with FreeBSD, P-2/450 w/256MB RAM. It crashed Monday morning and was rebooted, a couple hours later it crashed again. It's been up for 1+17:50 now according to top. Free was 135 MB, I tar -cvzf'ed the customer directories to a backup, now top is showing 23M Active, 186M Inactive, 33M Wired, 7156K Cache 17M Buf, 1324K Free. Something is drastically wrong here. The boot message says to look on the errata page for problems/fixes, but this isn't mentioned at all. Any clues/fixes as to why it doesn't free up the inactive RAM? MORE: http://daily.daemonnews.org/view_story.php3?story_id=1217 This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message