#HardenedBSD 16-CURRENT build published. Now starting the HardenedBSD 16-CURRENT Cross-DSO CFI flavored build.
hardenedbsd
Gonna carve off a few hundred bucks to get three GL.inet Comet Pro KVMs for the #HardenedBSD development infrastructure. The iDRAC in these servers is ancient, don't even support TLSv1.2. So having a more modern option will help, especially after the boot loop issue this morning during a failed upgrade.
#HardenedBSD 15-STABLE update published to account for recent security advisories published by #FreeBSD and #OpenSSL.
I tried updating our storage server to it. It got stuck in a boot loop. I might yank this build. I plan to do some testing later today.
#HardenedBSD now applies CPU register zeroing to the #OpenSSL 3.x ports: https://git.hardenedbsd.org/hardenedbsd/ports/-/commit/e04fd5e313bf532c8b6d898d041e0334d7b6e810
Seems today is #FreeBSD SA day. I will merge the fixes into the #HardenedBSD quarterly branches and kick off new builds tonight.
Do you use the #HardenedBSD security administration (secadm) tool?
Options: (choose one)
For some reason, #xorg on one of my work laptops (running #HardenedBSD) seems to just present a black screen when starting #i3wm.
I can switch back to a pty, kill xorg, and continue life in the command-line.
But it sure would be nice to use this laptop as more than just another VM host I ssh into. It's my primary work laptop, so I need to do primary work laptop things.
Welcome 0x1eef (Robert) to the #HardenedBSD Development Team!