BSDSec September 2014 Security Advisories and Announcements

Do you keep up with security updates? Here is what happened last month. 

30 September, 2014 fix for nginx SSL session reuse openbsd

29 September, 2014 FreeBSD CVSup network shutting down. freebsd

16 September, 2014 FreeBSD Security Advisory FreeBSD-SA-14:19.tcp freebsd

9 September, 2014 NetBSD Security Advisory 2014-010: Multiple vulnerabilities in the compatibility layers netbsd

9 September, 2014 NetBSD Security Advisory 2014-009: Multiple vulnerabilities in the execve system call netbsd

9 September, 2014 NetBSD Security Advisory 2014-012: Memory leak in the setsockopt system call netbsd

9 September, 2014 NetBSD Security Advisory 2014-012: Memory leak in the setsockopt system call netbsd
9 September, 2014 NetBSD Security Advisory 2014-011: User-controlled memory allocation in the modctl system call netbsd

9 September, 2014 FreeBSD Security Advisory FreeBSD-SA-14:18.openssl freebsd

4 September, 2014 NetBSD Security Advisory 2014-008: Multiple OpenSSL vulnerabilities (updated) netbsd


Brought to you by BSDSec.net. Consider subscribing ;] We have twitter, reddit and so. Check the website.  

Read More»

Announcing BSDSec.net

Hi there guys, 

I would like to announce the little hobby project I've been working for some time now: BSDSec.net 

It's very-alfa but let's talk about why and so.



Prelude: 

I might be administrator of more BSD-based systems. I want to check fresh Security Advisories (SA) and Announcements (A) very often.

How I do it now:

1. I might be checking Websites of single BSD projects for latest SA and A.
2. I might have subscribed to mailing lists of those BSD projects.
3. I might be checking twitter or other media (IRC as well)


Problem:

As you might imagine, all of them might bring some non-comfort. I might miss emails, be lazy to check more websites (some might have not be nice to my eyes) and so on. I am human, anyway. I would like to have some easy way.

Wanna-be Solution

BSDSec.net

As title says, website want to be "deadsimple BSD Security Advisories and Announcements"

Current status:

SA and A from: OpenBSD, FreeBSD, NetBSD.
DragonFly BSD doesn't seems to have any platform for SA. Need to check the rest. 

I take SA and A, and publish them on BSDSec.net website. Aim for website is to be very simple,  intuitive and mobile-whatever frendly. Tags are available for better search (in case you want only FreeBSD). I also publish on Twitter. Discussion is available via Reddit.

All process is done by my application, so I do not need to do anything.

How it works?

App is open-source, built with Ruby on Rails.  I will write details in my next post, as well with how-to on contributing and so. I have few ideas and anyone is welcome to join me and make this app better!

Any criticism very welcome!
Do criticise, please! 

(And share if you find this useful.)

Thanks,
Jan Hovancik, blogger at DiscoverBSD.com 

Read More»