https://forum.defcon.org/ DEF CON Forums are the main portal to the DEF CON Hacking Conference and iniatives like DEF CON Groups, the Voting Village, and DC SecureDrop. Open to all, come get involved! en Sat, 18 Apr 2026 10:37:18 GMT vBulletin 60 https://forum.defcon.org/images/misc/rss.png https://forum.defcon.org/ https://forum.defcon.org/node/255596 Thu, 09 Apr 2026 00:22:43 GMT Hey I notice the forums are a little dead but ill try anyway. This is going to be my first time attending defcon and im still a begginer. I am currently transitioning from accounting work to security. Ive started with my Google cs cert and am doing try hack me now and will go for my comptia +... Hey I notice the forums are a little dead but ill try anyway. This is going to be my first time attending defcon and im still a begginer. I am currently transitioning from accounting work to security. Ive started with my Google cs cert and am doing try hack me now and will go for my comptia + after. My questions are first any suggestions on what villages I should focus on as someone in my position and begginer skill level . Im aiming to get Soc level 1 job to start when I can get my foot in the door. Second is there potential for job networking ? Also I noticed there are classes the week after is that just a more in depth teaching conference or ? Any advice I would appreciate it as a first timer . Any recommendations of things I should bring with me . General Conversations TheeBattousai https://forum.defcon.org/node/255596 https://forum.defcon.org/node/255574 Wed, 01 Apr 2026 19:42:16 GMT DEF CON Training Las Vegas 2026 Course Lineup is now live! We’re thrilled to share the full slate of courses for DEF CON Training in Las Vegas! Join us in August for hands-on courses led by top practitioners from across the community. For the first time ever, we will offer 1-day, 2-day, and...
We’re thrilled to share the full slate of courses for DEF CON Training in Las Vegas! Join us in August for hands-on courses led by top practitioners from across the community.

For the first time ever, we will offer 1-day, 2-day, and 4-day classes! Whatever your needs, whether you’re sharpening fundamentals or diving deep into advanced techniques, there’s something here for you!

Explore the full lineup and course details here: https://training.defcon.org/

Explore our offerings, grab your seat, and get ready to learn and build.


]]> Announcements sleestak https://forum.defcon.org/node/255574 https://forum.defcon.org/node/255567 Mon, 30 Mar 2026 19:54:39 GMT
Not staying at a hotel nearby, but instead about 10 minutes away. Hotel prices are considerably cheaper. How bad is parking at the convention center? Will it be an issue finding a place to park? If I need to park way out in the boondocks, I'll live. I just have no idea on LVCC parking conditions.

I'm buying my tickets ahead of time online. Will I need to worry about badge availability? Will I need to worry about linecon if I already have my ticket/badge?]]> General Conversations Bart https://forum.defcon.org/node/255567 https://forum.defcon.org/node/255560 Fri, 27 Mar 2026 18:08:51 GMT
https://defcon.org/html/defcon-singa...-demolabs.html

There's a full slate of fascinating open-source tools and projects to learn about, so make sure to schedule some into your DEF CON plans.

See you soon. Just a month to go!
]]> Announcements sleestak https://forum.defcon.org/node/255560 https://forum.defcon.org/node/255509 Fri, 13 Mar 2026 03:03:52 GMT Announcements sleestak https://forum.defcon.org/node/255509 https://forum.defcon.org/node/255508 Fri, 13 Mar 2026 02:51:17 GMT Announcements sleestak https://forum.defcon.org/node/255508 https://forum.defcon.org/node/255503 Tue, 10 Mar 2026 22:52:27 GMT General Conversations GhostOfNoNation https://forum.defcon.org/node/255503 https://forum.defcon.org/node/255501 Tue, 10 Mar 2026 01:16:57 GMT DEF CON 34’s theme is ‘Agency’. We’re focusing on self-determination in our use of tech. Charting our own course and helping others do the same. Let’s start moving our valuable attention to tech that supports our agency. Let’s find the places we can help and choose to act. Read more at:... DEF CON 34’s theme is ‘Agency’. We’re focusing on self-determination in our use of tech. Charting our own course and helping others do the same.

Let’s start moving our valuable attention to tech that supports our agency. Let’s find the places we can help and choose to act.

Read more at: https://defcon.org/html/defcon-34/dc-34-theme.html

Visual style guide and homework assignments coming soon!
]]> Announcements sleestak https://forum.defcon.org/node/255501 https://forum.defcon.org/node/255479 Wed, 04 Mar 2026 21:39:21 GMT
As I write this, I'm narrowing that down further to the specific commit. I'm hoping to have this resolved this month. If I find and fix the problem this week, I will create new builds for folks to use. Otherwise, the next scheduled regular quarterly build is for 01 Apr 2026.

I appreciate everyone's patience on this. This has been a tricky bug (at times, it fit the description of a "heisenbug"). My spare time is limited (I have a rather large amount of tasks/obligations in everyday ${LIFE} right now), so it has naturally taken a long while to get to this point.

While inbetween clients at my dayjob, I have been granted the opportunity to research meshtastic and other mesh networking projects. I'm getting a lot closer in my censorship- and surveillance-resistant mesh network proof-of-concept. I'm now at the point where I need to port Linux-specific code to HardenedBSD. I'm hoping to get normal tcp/ip packets flowing through Reticulum nodes on the inside of six months. This project, announced in partnership with Protectli one-and-a-half years ago[1], is starting to move along at a nice pace. I will have more to share on that by the next status report.

On Saturday, 28 Feb 2026, I had given my local Hackers N' Hops chapter a little show & tell of Meshtastic, Reticulum, and HardenedBSD. I met with a bunch of really cool hacckers there, and demoed two Reticulum RNodes backed by Reticulum instances on two HardenedBSD laptops. I demoed an exec-over-meshtastic Python script I wrote the day prior. The script is available on Radicle as rad:z44pvAJS7SiQf2CGtpn8hY44GDMyu.

Speaking of Radicle, I plan to migrate some of my personal repos away from our self-hosted GitLab and onto the Radicle network. With time, I'm hoping to migrate us completely towards Radicle. Now would be a good time for those who want to contribute to HardenedBSD to start playing around and experimenting with Radicle.

In src:

1. Contributor "gmg" hardened the kernel crashdump interface.
2. Opt zlib kernel module into -ftrivial-var-auto-init=zero.
3. bsdinstall(8): Align us more closely with FreeBSD.

In ports:

1. net-p2p/reticulum was updated to 1.1.3_2
2. Disable PaX PAGEEXEC and PaX NOEXEC for science/zotero
3. Bring in candidate patch to fix dns/unbound
4. Hook hardenedbsd/ctrl into the build
5. 0x1eef added a new port: hardenedbsd/ctrl
6. Bump ports-mgmt/pkg to 3.5.1_1
7. 0x1eef updated a port: portzap v2.1.1
8. 0x1eef updated a port: sourcezap v2.1.1

Once I have figured out what's going on with the 15-STABLE panic and have a proper fix in place, I plan to quickly switch gears towards hbsdfw. I haven't produced a working hbsdfw build in a long time, and it's far past due. After that, I plan to switch right back to the Reticulum research and development.

I'll make sure to keep the community informed of the 15-STABLE findings and fixes.
]]> HardenedBSD shawn.webb https://forum.defcon.org/node/255479 https://forum.defcon.org/node/255478 Wed, 04 Mar 2026 15:53:35 GMT The wait is over. Preregistration for DEF CON 34 opens TODAY! Reminder – the cash route is unchanged: Cash at the door registration (LineCon) will continue in its traditional, vibey fashion (think hacker slumber party). Doors open Thursday, August 6 and the price is $520. Those who...

The wait is over. Preregistration for DEF CON 34 opens TODAY!

Reminder – the cash route is unchanged: Cash at the door registration (LineCon) will continue in its traditional, vibey fashion (think hacker slumber party). Doors open Thursday, August 6 and the price is $520.

Those who pre-register are guaranteed a human badge, even if we run out. To receive this badge, you must redeem your ticket onsite. The badge entitles one human full access to the DEF CON floor during open hours. Tickets are fully transferrable, so which human gets that access is up to the purchaser.

Pre-reg is open at shop.defcon.org until July 31 at 8:59 PM EDT. After that date registration is LineCon only. If you have any questions or need to make bulk purchases please email us at info@defcon.org.

There are some pricing benefits to early registration, too. Early bookers save money, so don’t procrastinate. August will be here before you know it.

TIcket Pricing:

Early BIrd - $560 ($540 + $20 CC Processing Fee) - Good until May 22 at 8:59pm EDT

Regular - $580 ($560 + $20 CC Processing Fee) - Good from May 23 to July 17 at 8:59pm EDT

Late - $600 ($580 + $20 CC Processing Fee) - Good from July 18 to July 31 at 8:59pm EDT

Ticket Cancellation Fee:

Before July 18 - $34

After July 18 - $84














]]> Announcements sleestak https://forum.defcon.org/node/255478 https://forum.defcon.org/node/255475 Tue, 03 Mar 2026 21:07:03 GMT https://bbbirds.org. Info about our legendary CTF can be found at https://www.defcon.org/html/links/dc-ctf.html. We hope we'll see you in the arena.]]> Announcements sleestak https://forum.defcon.org/node/255475 https://forum.defcon.org/node/255428 Mon, 16 Feb 2026 00:08:39 GMT Good news, everyone! The DEF CON 34 room blocks are live! While supplies last, you can get a special room rate at the following hotels: Fontainebleau Swanky, luxurious and conveniently located across the street from the LVCC. For those who must be first in line.
The DEF CON 34 room blocks are live! While supplies last, you can get a special room rate at the following hotels:

Fontainebleau

Swanky, luxurious and conveniently located across the street from the LVCC.

For those who must be first in line.

https://book.passkey.com/go/DefCon2026FBLV

Sahara

Legendary Vegas spot with next-level pools and right on the monorail.

https://book.passkey.com/e/51206158

Wynn and Encore

Lovely accommodations and tons of cool places to eat and be entertained.

https://book.passkey.com/go/DefCon26

Circus Circus

Budget friendly and has a haunted house AND an arcade. We promise the clowns are friendly.

https://book.passkey.com/go/DEF6CC

We’re halfway there. DEF CON 34 will be upon us before you know it - be prepared and save yourself some coin.

See you soon!
]]> Announcements sleestak https://forum.defcon.org/node/255428 https://forum.defcon.org/node/255389 Wed, 04 Feb 2026 16:50:03 GMT
Now that we have the new quarterlies, I plan to "MFC" (old FreeBSD CVS/SVN term for "Merge From Current".) Kids these days call it `git cherry-pick`. MFC is shorter to type, so that's what I'll use. I plan to MFC a number of commits made in hardened/current/master to the hardened/15-stable/main branch this week.

I've also received multiple reports of crashes with the 15-STABLE installer. I haven't been able to work on this just yet, but am hoping to in the next two weeks. It is almost my current first priority (the MFCs being first.) I figure that if testing the cherry-picked code proves successful, I could cherry-pick those commits into the relevant quarterly branch. Kind of a "thank you" gesture for being patient with me. :-)

I applied relevant updates across the entire infrastructure. I migrated the package repos from being served by a leased server with limited storage to out of my home with plenty of storage. My next goal is to fully automate the build, including syncing. This will mark a good next step to eventually supporting mirroring our package repos. It's much easier to transfer a 140GB package repo over a local 2.5Gbps LAN than a 150Mbps link upstream.

I spent some time experimenting with Meshtastic and Reticulum. I'm getting a better picture from a user's perspective on the current state of mesh networking. My next goal is to teach Reticulum's BackboneInterface implementation how to work on FreeBSD/HardenedBSD.

Two of the four donated Protectli devices are providing the testing lab for this Meshtastic and Reticulum research. Even though the timeframe has shifted pretty dramatically, I'm grateful for their donations and their support.

In src:

1. Opt ipfw into -ftrivial-var-auto-init=zero
2. Remove our old MAC hook for jail/prison destruction (this commit breaks building secadm. I'm waiting on upstream to implement a specific MAC hook, and a patch for (for src, not for secadm) is being worked on by FreeBSD's Kyle Evans.)
3. Disable WITNESS' checking of vnode locks by default. FreeBSD changed some vnode locking semantics and not all filesystem code paths have been updated. As such, we are seeing vnode locking-related panics. I need to get a consequtive block of time to dive in. I'm not a filesytems developer, so this one might take a while to figure out unless someone beats me to it.
4. rc.subr: Ignore required_modules failures in jails (patch submission by leper4{ _AT_ }protnmail.com.)

In ports:

1. Bump ftp/curl to 8.18.0
2. Update Reticulum to latest git HEAD
3. Disable HARDCFLAGS for devel/avr-gcc
4. Enable ZEROREG for security/openssl3*. This could induce a noticeable performance hit. Please let me know if you have any serious performance issues after this next package build.

]]> HardenedBSD shawn.webb https://forum.defcon.org/node/255389 https://forum.defcon.org/node/255379 Mon, 02 Feb 2026 23:23:29 GMT Good news,everyone! We consulted the groundhog and DEF CON 34 content call season is officially open! Starting today, the calls for Villages Contests Communities Parties Meetups Events Music Good news,everyone! We consulted the groundhog and DEF CON 34 content call season is officially open!

Starting today, the calls for
Villages
Contests
Communities
Parties
Meetups
Events
Music
Soundtrack
Authors
Vendors
Exhibitors
Sponsors
Press Reg

Are all ready to accept your submissions.

https://defcon.org/html/defcon-34/dc-34-cfi.html

CFP, Workshops, Demo Labs and Policy calls will open shortly.

Let’s go.
]]> Announcements sleestak https://forum.defcon.org/node/255379 https://forum.defcon.org/node/255375 Sat, 31 Jan 2026 13:01:54 GMT I am an independent investigative journalist. I believe that the Chinese Communist Party has long been implementing systematic censorship, surveillance, and repression abroad. Through this piece, I want to appeal to insiders, hackers, and anyone concerned with the truth to contact me.​​ I am an independent investigative journalist. I believe that the Chinese Communist Party has long been implementing systematic censorship, surveillance, and repression abroad. Through this piece, I want to appeal to insiders, hackers, and anyone concerned with the truth to contact me.​​]]> DEF CON Groups S2025ax https://forum.defcon.org/node/255375 https://forum.defcon.org/node/255368 Thu, 29 Jan 2026 23:22:54 GMT The wait is over - online reg for DEF CON Singapore is open! It’s all happening at the Marina Bay Sands, April 28-30. You can learn all about it at https://defcon.org/html/defcon-singapore/dc-singapore-index.html Online registration will be open until April 24, but if you secure your spot...
It’s all happening at the Marina Bay Sands, April 28-30. You can learn all about it at https://defcon.org/html/defcon-singa...ore-index.html

Online registration will be open until April 24, but if you secure your spot before February 15 there’s an Early Bird discount available, along with a Student discount.

DEF CON Singapore Training registration is open as well! Join us before the conference (April 26-27) if you’re looking to level up your skills with some intense, hands-on education from our world class trainers. Sessions and pricing are online at https://training.defcon.org.

Tickets for the conference and the trainings are waiting for you at https://sg.shop.defcon.org.

See you in Singapore!]]> Announcements sleestak https://forum.defcon.org/node/255368 https://forum.defcon.org/node/255341 Sun, 25 Jan 2026 13:32:46 GMT Hi. I sent a message to the email address for the All Hacking Cons YouTube channel regarding a privacy request that I suspect found their way into the spam folder. Just reaching out. All Hacking Cons YouTube channel regarding a privacy request that I suspect found their way into the spam folder. Just reaching out.]]> infocon.org c1ph0r https://forum.defcon.org/node/255341 https://forum.defcon.org/node/255285 Tue, 06 Jan 2026 10:44:34 GMT Hello Hackers! Vulnerable firmware-based IoT and OT devices are hosted. Give it a try:


IP------------Username

54.46.50.131 --> user1

43.218.134.118 --> apc

51.84.215.16 --> webuser

202.122.18.66 --> administrator

43.212.249.31 --> AnEngineer

52.215.236.124 --> admin
]]> General Conversations cyberhub001 https://forum.defcon.org/node/255285 https://forum.defcon.org/node/255271 Mon, 29 Dec 2025 17:03:12 GMT This status report is going to be a lengthy one. Due to scheduling conflicts, I was unable to get out the November status report, this one will cover the two months November - December 2025. A large portion of my focus has been on the infrastructure, getting a build environment for the...
A large portion of my focus has been on the infrastructure, getting a build environment for the recently-created hardened/15-stable/main branch. As discussed in a previous mailing list thread[1], the 14-STABLE build infrastructure has now been migrated to 15-STABLE. We have archived the last 14-STABLE package build, which last completed on 24 Dec 2025.

We self-host nearly the entirety of our infrastructure out of my home. We have only one leased server, from the fine folks at NetActuate (previously RootBSD). This leased server hosts our main website, the hbsd-update build artifacts, and the package repos. Our package repos, naturally, grow over time. Back when we started this, each package repo was at most 75GB in size. Now we're encroaching 135GB.

We now have a 30TB NAS in the home-based infrastructure. In order to support the growth, we will be migrating the package repo to the home infra. The package repos themselves have already been migrated. The only thing left to do is adjust the various DNS entries. I plan to do that once we have a usable 15-STABLE package repo. We will update this[2] mailing list thread when the migration has completed, DNS records and all. There will likely be a little blip in HTTPS/TLS connections as we regenerate LetsEncrypt certs. There's a delicate dance here. I plan to keep everyone informed as to when I begin and complete the process.

The 14-STABLE build server (which is now being migrated to 15-STABLE) housed two VMs:

1. The OS installer/update build VM. This builds the artifacts published at https://installers.hardenedbsd.org/ and mirrors.
2. The package build VM.

When we deployed that (stupendously) slow server to test its capabilities as a build server for 15-STABLE, we followed the same pattern: two separate VMs. We are going to keep the 15-STABLE OS installer/update build VM on that slow server. We're going to power off the 14-STABLE OS build VM and increase the resources to the package build VM. This means we should be able to decrease the time it takes for that server to produce a usable package repo. Naturally, this comes at a cost of a slow build time for the OS installer/updates, but that process can tolerate **a lot** of slowness. So long as it can produce its build artifacts in less than 48 hours, I'm satisfied. It's the package building (36,000+ packages) that takes the most resources.

I spent a lot of time in the ports tree over the past couple months. The focus was on fixing ports broken by the various hardening techniques we employ. The introduction of -Werror=format-security caused a large amount of fallout, which I have been addressing. While addressing those, I figured I might as well fix ports broken by the other techniques.

I'm working on enhancing libhbsdcontrol with better error handling. I'm hoping to have that work committed in early January 2026.

I'm hoping in January to spend some time on hbsdfw. The VM I've been using to build hbsdfw has been panicking when the Poudriere build finishes when building the hbsdfw packages. In Q1 2026, I plan to migrate hbsdfw from HardenedBSD 14-STABLE to 16-CURRENT. Following the hardened/current/master src branch will lighten my load in maintaining this little hobby subproject.

I need to file a bug report upstream in FreeBSD/OpenZFS to track this kernel panic. The panic happens when something during the build checks whether PaX PAGEEXEC is enabled through looking up a filesystem extended attribute. OpenZFS recently changed how filesystem extended attributes work, so it's possible we're hitting a unique edge case.

In January, I'm going to get two lab environments set up:

1. Internal Reticulum nodes to test the Reticulum protocol and its potential for use with our censorship- and surveillance-resistant mesh network R&D.
2. Internal Radicle nodes to start concerted testing to eventually replace GitLab with Radicle.

I feel somewhat down for not making more progress this year on the censorship- and surveillance-resistant networks. I'm hoping to place more emphasis on this in 2026.

In src:

1. Always build elftc-nm and elft-ar
2. TPE: Ensure user-owned vnodes are unwritable
3. ASLR: Use VMFS_NO_SPACE to map the stack
4. Add various C/C++ hardening flags:
   1. -fno-delete-null-pointer-checks
   2. -Werror=format-security
5. Unlock the sound mutex on error
6. Fix branch detection in release
7. Disable SafeStack for the Unbound daemon
8. Some pkgbase-related work

In ports (this is gonna be a long list (our longest to date)):

1. Disable LINUX for x11/nvidia-kmod
2. ftp/curl: Fixup .onion patch
3. Add "general compilation hardening" USES
4. Delete unneeded patch for databases/redis
5. Fix archivers/zip
6. Disable hardcflags for devel/m4
7. Disable hardcflags for lang/gcc13
8. Disable HARDCFLAGS for devel/t1lib
9. Fix HARDCFLAGS errors for devel/ctags
10. Disable HARDCFLAGS for archivers/unzip
11. Fix HARDCFLAGS for net-mgmt/libsmi
12. Disable HARDCFLAGS for x11-toolkits/open-motif
13. Disable HARDCFLAGS for devel/expect
14. Fix the devel/ivykis port
15. Fix HARDCFLAGS for multimedia/webcamd
16. Disable HARDCFLAGS for lang/gcc12
17. Disable HardenedBSD features for lang/gcc14
18. Disable HardenedBSD features for lang/gcc15
19. Disable HardenedBSD features for lang/gcc16-devel
20. Fix HARDCFLAGS for multimedia/smpeg
21. Disable HARDCFLAGS for devel/elfutils
22. Fix HARDCFLAGS for converters/recode
23. Disable fortifysource for graphics/netpbm
24. Fix hardcflags for devel/fortytwo-encore
25. Fix HARDCFLAGS for graphics/libvisual04
26. Disable HARDCFLAGS for devel/kBuild
27. Fix HARDCFLAGS for devel/libbegemot
28. Fix HARDCFLAGS for games/pmars-sdl
29. Disable FORTIFYSOURCE for security/signify
30. Disable HARDCFLAGS for mail/mailutils
31. Fix HARDCFLAGS for devel/ta-lib
32. Fix HARDCFLAGS for math/spooles
33. Fix HARDCFLAGS for textproc/wv
34. Fix HARDCFLAGS for databases/sqlite2
35. Disable HARDCFLAGS for graphics/lensfun
36. Fix HARDCFLAGS for devel/rlwrap
37. Disable fortifysource for mail/opensmtpd
38. Fix HARDCFLAGS for x11-toolkits/unique
39. Fix HARDCFLAGS for devel/efivar
40. Fix HARDCFLAGS for lang/f2c
41. Fix HARDCFLAGS for textproc/scim-table-imengine
42. Disable FORTIFYSOURCE and HARDCFLAGS for sysutils/fwupd-efi
43. Fix HARDCFLAGS for games/libmt_client
44. Disable HARDCFLAGS for games/gnugo
45. Fix HARDCFLAGS for comms/rxtx
46. Disable PIE and RELRO for databases/redis
47. Fix build for devel/omniORB
48. Fix build of security/rubygem-bcrypt_pbkdf
49. Fix HARDCFLAGS for math/grace
50. Fix HARDCFLAGS for audio/libbs2b
51. Disable HARDCFLAGS for graphics/plotutils
52. Fix HARDCFLAGS for emulators/libretro-reicast
53. Add -Wformat for HARDCFLAGS
54. Disable HARDCFLAGS for graphics/gracula
55. Fix HARDCFLAGS for mail/spmfilter
56. Add cheat support in games/ioquake3
57. Fix HARDCFLAGS for print/catdvi
58. Fix HARDCFLAGS for graphics/seom
59. Fix HARDCFLAGS for deskutils/presage
60. Fix HARDCFLAGS for graphics/alpng
61. Enable SLH for games/ioquake3
62. Fix -Werror=format-security bug in games/ioquake3
63. Fix HARDCFLAGS for x11-toolkits/fox16
64. Disable HARDCFLAGS for graphics/glslang
65. Re-enable PIE and RELRO for databases/redis
66. Fix HARDCFLAGS for converters/uudeview
67. Fix HARDCFLAGS for textproc/gdome2
68. Disable FORTIFYSOURCE for misc/mbuffer
69. Disable HARDCFLAGS for archivers/unarj
70. Disable FORTIFYSOURCE for misc/amanda-{client,server}
71. Disable FORTIFYSOURCE for net/dante
72. Fix HARDCFLAGS for archivers/sharutils
73. Fix HARDCFLAGS for lang/squeak
74. Disable FORTIFYSOURCE for devel/socket_wrapper
75. Fix HARDCFLAGS for net/pvm
76. Fix HARDCFLAGS for audio/snack
77. Fix HARDCFLAGS for textproc/sgmlformat
78. Fix HARDCFLAGS for cad/iverilog
79. Fix HARDCFLAGS for sysutils/genisoimage
80. Disable HARDCFLAGS for games/libretro-boom3
81. Fix HARDCFLAGS for math/testu01
82. Disable FORTIFYSOURCE for devel/pcc-libs
83. Disable PIE for security/cryptlib
84. Fix HARDCFLAGS for mail/addresses-goodies
85. Fix build of devel/ivykis on 14-stable
86. Disable HARDCFLAGS for security/pgpin
87. (0x1eef) Fix grub2-bhyve build error
88. Disable HARDCFLAGS for devel/cunit
89. Disable FORTIFYSOURCE for editors/dte
90. Disable FORTIFYSOURCE for mail/akpop3d
91. Disable HARDCFLAGS for emulators/x48
92. Fix HARDCFLAGS for net/osrtspproxy
93. Fix HARDCFLAGS for mail/qmailmrtg7
94. Fix HARDCFLAGS for print/transfig
95. Disable PIE for graphics/nsxiv
96. Disable FORTIFYSOURCE for devel/uid_wrapper
97. Disable HARDCFLAGS for devel/cweb
98. Fix FORTIFYSOURCE for multimedia/ffmpeg
99. Fix build of lang/gcc14
100. Fix FORTIFYSOURCE for devel/tex-libtexluajit
101. Disable FORTIFYSOURCE and HARDCFLAGS for security/barnyard2
102. Fix build of lang/gcc12
103. Fix build of databases/arrow

[1]: https://groups.google.com/a/hardenedbsd.org/g/users/c/51IARO8noYo/m/asRq...
[2]: https://groups.google.com/a/hardenedbsd.org/g/users/c/G6HbsE8DA5w/m/I4ou...
]]> HardenedBSD shawn.webb https://forum.defcon.org/node/255271