FreeBSD 11.0 Released after initial delay, Why ? Due to bspatch vulnerability, a special procedure must be followed for safe upgrade

FreeBSD is a free Unix-like operating system derived from BSD (Berkeley Software Distribution). FreeBSD offers advanced network & security features, so most of the networking & security companies widely using FreeBSD operating system.

Juniper & Apple OS X operating system using some FreeBSD’s code base. Also Sony’s PlayStation 3 and PlayStation 4 running with FreeBSD.

FreeBSD 11.0 has been released today after bit delay due to several last-minute security bug/issues being discovered and many users have found FreeBSD 11.0-RELEASE ISO images on the Project FTP mirrors. However, please be aware the final 11.0-RELEASE will be rebuilt and republished on the Project mirrors again. This is the first release of the stable/11 branch.

ISO images are rebuilt with patch revision one, once you upgraded to latest release your output will display 11.0-RELEASE-p1. Users whoever installed FreeBSD 11.0-RELEASE from the images originally available on the mirrors or from freebsd-update. They are advised to upgrade their systems to FreeBSD 11.0-RELEASE-p1 immediately.

Some of the Highlights from FreeBSD 11.0

  • OpenSSH DSA key generation has been disabled by default. It is important to update OpenSSH keys prior to upgrading. Additionally, Protocol 1 support has been removed.
  • OpenSSH has been updated to 7.2p2.
  • Wireless support for 802.11n has been added.
  • By default, the ifconfig(8) utility will set the default regulatory domain to FCC on wireless interfaces. As a result, newly created wireless interfaces with default settings will have less chance to violate country-specific regulations.
  • The svnlite(1) utility has been updated to version 1.9.4.
  • The libblacklist(3) library and applications have been ported from the NetBSD Project.
  • Support for the AArch64 (arm64) architecture has been added.
  • Native graphics support has been added to the bhyve(8) hypervisor.
  • Broader wireless network driver support has been added.

For detailed info Refer : FreeBSD 11.0 release notes

Upgrading from FreeBSD 11.0-RELEASE

Upgrade your vulnerable system to a supported FreeBSD stable.

First, check the current FreeBSD version by running below command.

# freebsd-version -k

FreeBSD 11.0-RELEASE amd64

Truncate bspatch to a zero byte file.

# :> /usr/bin/bspatch

FreeBSD-update will fall back to replacing bspatch, rather than applying a binary patch. Proceed with FreeBSD-update as usual.

# freebsd-update fetch
# freebsd-update install

Finally check the Upgraded FreeBSD version by running below command.

# freebsd-version -k

FreeBSD 11.0-RELEASE-p1 amd64

Magesh Maruthamuthu

Love to play with all Linux distribution