Tweet
Happy new year! January saw a few changes in the src repository:
As detailed in this announcement, HardenedBSD will slow its OS/update build cadence from bi-weekly to monthly.
The issue plaguing git clone https://... of src or ports has been resolved! Major thanks to h3artbl33d for helping resolve this issue.
- Update some internal netlink(4) functions to use an unsigned integer for buffer size.
- The NETLINK option is now effectively required by our upstream FreeBSD. I would encourage the community to study its code for potential issues.
- The sysctl knobs vm.objects and vm.swap_objects are now only made available to privileged unjailed processes.
- A new sysctl node is introduced that disables new USB device connections: hardening.pax.prohibit_new_usb. Possible values to set it to:
- 0: disabled
- 1: enabled
- 2: enabled without possibility to disable without incurring a reboot
- An unneeded patch for dns/c-ares was remooved now that the port has been updated by upstream
- Fix build of devel/ivykis
- Bump default llvm ports version to 17
As detailed in this announcement, HardenedBSD will slow its OS/update build cadence from bi-weekly to monthly.
The issue plaguing git clone https://... of src or ports has been resolved! Major thanks to h3artbl33d for helping resolve this issue.