Category: FreeBSD
-
- All supported FreeBSD releases include versions of xz that predate the affected releases.
- The main, stable/14, and stable/13 branches do include the affected version (5.6.0), but the backdoor components were excluded from the vendor import.
- Additionally, FreeBSD does not use the upstream’s build tooling, which was a required part of the attack. Lastly, the attack specifically targeted x86_64 Linux systems using glibc.
- The FreeBSD ports collection does not include xz/liblzma.
https://lists.freebsd.org/archives/freebsd-security/2024-March/000248.html
-
“The new cluster configuration is designed to optimize the FreeBSD Project’s operational efficiency and includes:
- 2 routers: For directing network traffic.
- 5 package builders: Aimed at accelerating the package release process.
- 3 general-purpose servers: These will enhance the availability and performance of the FreeBSD Project’s public and developer-facing services (Bugzilla, Git, Phabricator, Wiki, etc.).
- 2 package mirrors: One hosted in the new cluster in Chicago and one hosted by ISC in California. These are part of the FreeBSD Project’s growing network of pkg.FreeBSD.org and download.FreeBSD.org servers, strategically positioned around the world to offer faster package downloads.
- 2 CI servers: To improve the speed and efficacy of automated code testing.
- 1 admin bastion: A secure entry point for managing the cluster, which runs custeradm, cluster DNS, monitoring, and other services needed to administer the systems.”
-
First beta will be available for download on May 3rd.
-
“At the November 2023 #FreeBSD Vendor Summit, Klara Inc. hosted a panel to highlight FreeBSD’s capabilities as a platform for future technology. Many companies have chosen FreeBSD, find out why you should as well!
Learn why these companies chose to use FreeBSD, and how they leveraged FreeBSD for success.”
/root 