HardenedBSD-stable 10-STABLE and 11-STABLE amd64 installers

10-STABLE
git git clone --single-branch --branch hardened/10-stable/master https://github.com/hardenedbsd/hardenedbsd-stable/ hardenedbsd-10-stable
installers http://installer.hardenedbsd.org/hardened_10_stable_master-LAST/
11-STABLE
git git clone --single-branch --branch hardened/11-stable/master https://github.com/hardenedbsd/hardenedbsd-stable/ hardenedbsd-11-stable
installers http://installer.hardenedbsd.org/hardened_11_stable_master-LAST/

Stable release: HardenedBSD-stable 10-STABLE v46.24

HardenedBSD-10-STABLE-v46.24 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Warning: this is a security update!

Highlights:

  • kyua updates
  • libarchive update (d7477941dbaca1a8f2916a367c2926e5fd74c7e6) [FreeBSD-SA-candidate]
  • hbsd-update improvements (a999c2ec59793a37e6735fa71854287e5921be25)
  • uipc related backports in kernel
  • tmpfs improvements
  • force disable Intel SDBG on HardenedBSD (28e49bc844977cee7afdb388482216378595eb2f)
  • xz update to 5.2.3 (76a56147f47a4e614999c919abd680746d455bfb)
  • openssl security fix (a12ba8665d8c2f94852d5f819104a9a69bc4c8b7)

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:

SHA512 (HardenedBSD-10-STABLE-v46.24-amd64-bootonly.iso) = 729f51b5d17c7bd18d8b3c45950ad8bccef267a185c7f08b1291103c1a70e01514466bb35d0e229722131f83518abf64608e1170ce49a650d1c63a2fd8ddfea2
SHA512 (HardenedBSD-10-STABLE-v46.24-amd64-disc1.iso) = 7ba707a3c415c45bd6ebe697ac944a5295342296584227f5ab726ee02574b830057618250f5e6b9afd15a7413b1dff363b4651151e9e5ce515a5ec593e20b48b
SHA512 (HardenedBSD-10-STABLE-v46.24-amd64-memstick.img) = 6af15c6c68b74340e72f145613122613c205a6fea10175ebaee16c7016be75a246bb844a71c94cda9a861201f6e906ab8238da53e5fea2935f1d055f6eb41950
SHA512 (HardenedBSD-10-STABLE-v46.24-amd64-mini-memstick.img) = 55bc8f7ee6844bdbbe03c7e9bb7b584e6758caa76c4ff2e977506ba9a60bcde4cba41e9170a4ba08702c02e3bb86d0353c9cc276e14e440725fd9d5427ad11a9
SHA512 (HardenedBSD-10-STABLE-v46.24-amd64-uefi-bootonly.iso) = 758bd02830f962c57d4a479eed7640bba7cb86f5c7962376427f924dc0d588f35d4bf9e60efd063c8d1b39ea600f89672b45de063173b4d2e0373093b16acd3c
SHA512 (HardenedBSD-10-STABLE-v46.24-amd64-uefi-disc1.iso) = acec39871086c8f2c44d7b0daefaec167416de6b42baa0b540c00207ea4299ac27069e46377d1b35d4452079d2c543a9f99f646881d709e07e493314241e3a5c
SHA512 (HardenedBSD-10-STABLE-v46.24-amd64-uefi-memstick.img) = 74bc4e9db2ceac1ab0bb1deaea9790dcbb7fab4ce82a320c2c1a8779f47d423404ca06fa3d526e6b4b13ba83ebdf418000f0b84d8d1d8fa4bd36d948e322383a
SHA512 (HardenedBSD-10-STABLE-v46.24-amd64-uefi-mini-memstick.img) = b3ad4ed8e501e74b49a443d0ad1b84e218cd86886155ada55d0e8354eff7e0db71047d3cd3cd07daf9e16c622e73d88d24be060b44fc7e6fd1ad6c26394d20ad

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlijpNgACgkQgZsRom/9
GI3CUBAAtw8z0IDFr/XoR8cXeIN/tpx4VxwiiJkZO/gXeZ2Kyr5Oei+9CVg2RlRB
x5Z79N8RHdX96Gpj8zIPAceoqDYxt7y1lSr7/voT9vN9eSrQQIoFMhT/uBa7d63J
rcZWUQlbnYxnBkmdvot90159robt6Ba7EuPLP+47hRR2Gzo3T7yvZR55RCA7SltU
bD/fxDeg9jwmMykl4j0KPgxRtq7pvvyeXr1Le+MyBuevHwxwUjylid1VdnpcdpHd
UARyTOoynVno52NrWLg5bL/UDItJmIWZi/JVZf0Qyd0c0eu/4qOXF8BQS4Mx7A+Q
o5Qtuu2Zc5Dg22MJv8Svs2jv6XO5/YdfDDH5pAd73Wu4kFjxSzzji8eTOsUU80xB
Z20MUorsbdFZ1kmeuFxSXmpo0YZR1ZjjmeFgNBESaKeJlsU5L1zKf/6GOKD2PIeQ
nn6//PZBlzV/BaNADOEohiyPV+rBGdAIw/pBhj0ov4f+FwiXL+T/013KgaM2ozbY
1vZrZ5yryA6Wg+bwGAb2lnFpeUfzNagBhldAAXAWmZzwo6MoMm+0e+ghnxxyf+YO
Zv9J0PqoVq1Jv6pSqQ3zdL6lXiximdBiS8YgsDP2z+2Q/pIvA1E/lNYkPvWQ65d5
oC4EbCP0tghB2tSqbYHkCrLKK+VHLfj+igyjUPsA5nGiil2v/6U=
=4J91
-----END PGP SIGNATURE-----

Stable release: HardenedBSD-stable 11-STABLE v46.14

HardenedBSD-11-STABLE-v46.14 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Warning: this is a security update!

Highlights:

  • update to OpenSSL 1.0.2k (4aed7e4ccd53660aa6e7f0b024a4ce55a3227abc) [FreeBSD-SA-candidate]
  • disable Intel's Silicion Debug capability on boot time (0ea6d983779e624ab8949a1f6dce9c8f5d69f620)
  • update to xc 5.2.3 (30cbb6108bcfbff283ed03041ab29062a73117aa)
  • Force -fPIC when building PIEs (c64a53fe268b34bc0dac7fccdb7e150e74afa524)

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:

SHA512 (HardenedBSD-11-STABLE-v46.14-amd64-bootonly.iso) = e8f65f3cded1cb300ebd49b9af972447a5d9921b981440be3b45d123f42e765e18b733588c3130c73a2ea879d0fb7c8df5d2996101168993d61e73fb494345f8
SHA512 (HardenedBSD-11-STABLE-v46.14-amd64-disc1.iso) = 3d0e0c053bf4722475bcb6f9b5831412097535b13cca470a5a2ee496721528d017ec240493d9e243c03887e9d47300a5a100cc87d1cd85f9943cf2823cd7aa8c
SHA512 (HardenedBSD-11-STABLE-v46.14-amd64-memstick.img) = e633c7ec351519f90555bc69d045892456aaff8e838c04e5bc2afd31531299ecfd4528a81fadb126135a71c918d673fcab9678c7cd4a97a639eaf399f920effe
SHA512 (HardenedBSD-11-STABLE-v46.14-amd64-mini-memstick.img) = d7055dc066c9d7b55be7d1942c9f7ee82714a485b48d17988e27547221a961dd18448f4630bc56de1e782efbbd184fc103292b08a84ac49339cd3374194275fd

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAliOMBwACgkQgZsRom/9
GI0VxBAAyV1lVw3LJpnn9wsul+l+T3VWvYQ3qbxQ12GEJZw7y5jRu38JxHkGI/4X
oWJKFOjoOWaJi4vmHyEDHEJjTKviIX3bHUtcs0kKWXHWhfj5KyFWx8SntEGYnLtC
1NnWmoM6mxYtjn4zeW27etpmtReVM1iWdiNSplqIcPD/1Q5USJPXi8CGKhhpjXaZ
7+BaR7BSP+7QOd4dv19UueYjzSVkYs+Crtl7NEvtUMKntyoLOLBimEb4Ypsm9tvZ
Cp3o2kfQMPNlzuDyenSW1tmqrvyNBpS3AxgZZ8cZLiR/mPEnPwfi0QEjQI41AGGH
6G3OG/Ev28B/Lsj1I9SapOj9NJY7Ny2DfVFzoh/SkE+/0BOeH2pkeT7cA2rnr1j2
FKYxJm3nEzmcXzmNvUIFE019r6hlKiBSjCOnrCcLKDMGEuBKfwcALE0wY9dpY/0a
r4Dyk2PP7T+bdXl8701J5pVwVyFLeRB+WSZ0ZOLNToLRV/BZDnGETQZBPqutAvOZ
UgMjWsIyvE8MUb1Dw8YUdwejBh/4PVg4mUCzE8WdvpSK6thxwlR94qnmEw4IjWX/
f6j/hskDH7VRjbDR+L4jRlM94glWnl1ZYUeBdoeC3NbrCa+Gyszo6pYZALgCI06q
Sl1egODADSokq0f5Y+ADrO6oYxhuVCuycqqnSg2p8jpw/JOL5DM=
=zcMK
-----END PGP SIGNATURE-----

Stable release: HardenedBSD-stable 11-STABLE v46.13

HardenedBSD-11-STABLE-v46.13 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Warning: this is a security update!

Highlights:

  • Fix multiple OpenSSH vulnerabilities. (6fd1410cc2d705293edb0ae5770cc28507893106) [https://security.freebsd.org/advisories/FreeBSD-SA-17:01.openssh.asc]
  • Changed settings for newsyslog (30d7a97741a4aa2e5059ce55bebac16fab)
  • Added /var/log/pkg.log log to store the packages lifecycle
  • Added support for SafeStack - disabled by default
  • Hypver-V updates
  • Clang 3.9.0
  • am-utils 6.2
  • hbsd-update-build cross-build support (b856ea99242c90b8c61879914f79fc6a19ec9fd4)
  • file 5.29
  • regression fix for SA-16:37.libc (6a7e18ff00902471666a295326db834bf51d175a)

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:

SHA512 (HardenedBSD-11-STABLE-v46.13-amd64-bootonly.iso) = 5ab50a1b2b6f5ababcc7ba31979b1054e867da4f171062630c2ddfac5e1886637a427fe4a00d2dafa3170864983f001aef6dc0296eee01fa348fef07034dae1f
SHA512 (HardenedBSD-11-STABLE-v46.13-amd64-disc1.iso) = 53e08090a71199d2328b080a79053554ac27855c38dbff9cc7b4428a652f7841909ace3f7be70753e998f4db679b166bd8f073e619ad55172db8fab5472f209b
SHA512 (HardenedBSD-11-STABLE-v46.13-amd64-memstick.img) = 33fe65a6b0bd537a5cf772448765b8fac148743008b8be478076a83783889c3beecb334075aad5bbba0ae8724df287f800c8fb5ce1cf6133010ad911a55d0743
SHA512 (HardenedBSD-11-STABLE-v46.13-amd64-mini-memstick.img) = 71b458cdd3913e3328791354e7ec6179a765d420b33cbaa5e34a06a112c82dc6741562f2d508c3f614ff0d1ba295546859eed72692acdcf460d4bd515356008c

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlh28NAACgkQgZsRom/9
GI188BAAnzE0yfMjnG/bpCfCCE9j4HeB7X5F8jnEDmRjiE3X1V+smau9+ILHaZgi
rCafXmM82gUkqTqmHitBVAJUJbNH0PhnmP0O0ohRf2/jbjAVGaly0R50Gj1LH89P
2fttYC97WifiJQffAKZBGnMYZw2zSUa8iio6IZHZh+v7QQwckjiSdhqvxu9tQnyu
W5E8H9hSZg1vwx4I0it41Kc2uxiUUwHvUadfW7gOBXQfSFwUcBn+AHlw62ifU0H1
v3GM10Ej8+4hIh9dkwO2QihjqKk36wd2LScrj6G1KcBVDf13l2+GxUnPrSZIKody
/rW7MHl4N++WFFIxqe2XusrP8I3P+sUoCnuwZNeILu4224UhqX0rR42MUs2ufo7Y
c/fCNdccLDMp4BblzF1/5AYTfUrX/FgmnH/n+44RiTT+IeA6QYGrjs+LEsrd1bvN
6RcERt4SiDOg923TolHO5dSuhQaNCMcWQhZB4B2Govc7QBLufEX9cjJVXV/RNVBP
24bqbTdXhCz6XSY0Fccb727ZcU8LeX0HN8iDc1qVjhCVmC28Tk1MRe+KDHyNAJrl
eqdeQNLV8NBy4yjtU9cMY2QrpTGxojBXpakQBtFK/sbyu5cde2hqP5A2uv9Yw+kX
soxImzgbLieOifOiA/uZfZASJNZb9K2qmigtRirrKiRK8wLOgbY=
=SZ2C
-----END PGP SIGNATURE-----

Stable release: HardenedBSD-stable 10-STABLE v46.23

HardenedBSD-10-STABLE-v46.23 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Warning: this is a security update!

Highlights:

  • Fix multiple OpenSSH vulnerabilities. (01991d8d9a5ef8038fb70e3084e07d1eaeed4e0d) [https://security.freebsd.org/advisories/FreeBSD-SA-17:01.openssh.asc]
  • Skylake support for hwpmc
  • Changed settings for newsyslog (7043b7898cf46d234e9b718d477802ed7805377d)
  • Added /var/log/pkg.log log to store the packages lifecycle
  • Update to ACPICA 2016122 to fix Skylake issues
  • Hyper-V updates

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:

SHA512 (HardenedBSD-10-STABLE-v46.23-amd64-bootonly.iso) = beaeb17d9e57d1cbb99ffc42720ce02c47da022774d15c1e7572f7b740218934687fb881e952eaaf0876a14b15458f592fcdd1c9681873be0f53f57894167f5d
SHA512 (HardenedBSD-10-STABLE-v46.23-amd64-disc1.iso) = 97e534f74b9b05c75eb883190517509204ad5d45793822b7d70d82bbdab4a6bca81d06122c144fdc0f17d26e08f12a9dd50e3ce0ad855689320e0d4ea63cdd5c
SHA512 (HardenedBSD-10-STABLE-v46.23-amd64-memstick.img) = e55c0cbb1494854b84ebd0a32d60c259f2341e100c81c6eaa60faeb95e94aaee6dd855583b1575e2b0dc971f392236c19f8e5759b94df83bdbd70beeaa0eaa5f
SHA512 (HardenedBSD-10-STABLE-v46.23-amd64-mini-memstick.img) = f3df1e031cc56c1abba6cf1577c079b6f9234bac04b6c4ee290c6982cbece49cdc0d0980a3bfe14e28a27c5c796387c4c5a3131e2afe439e6cf0966bad5c7eb3
SHA512 (HardenedBSD-10-STABLE-v46.23-amd64-uefi-bootonly.iso) = 2201d710301b936a7726b82ba5ebd00210d4fef2bb555ee685e9425c29bf4433c95af4cbdb85a26981f00edff4397ff321c39f40b830812abf24c99d0b373ee7
SHA512 (HardenedBSD-10-STABLE-v46.23-amd64-uefi-disc1.iso) = b98006e8905200449cbf50c0e9dcb99a6705eccf9ee21be5d80bade5dd2762da4a16a51d8722cc4db557a7d35b0cf07d7b33e378a9ccac88c46f76f701e57b93
SHA512 (HardenedBSD-10-STABLE-v46.23-amd64-uefi-memstick.img) = a48329729e328b12b90930b1231b3720af41fdf44e7e6c2f2c1cd8307811da4089ab13fa17e66c5098d9320120f1a1eaf34d6a3b29e67520b9aa2371daa36b76
SHA512 (HardenedBSD-10-STABLE-v46.23-amd64-uefi-mini-memstick.img) = 0c71b037d5569da32b87fd749477c51e7d8756f08613b99660a294ae1d502d3d235d5d4323ab82ada3f0922a40a439dafdc309fdb92a435224aa591b32e9cf00

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlh21KwACgkQgZsRom/9
GI1qrA/8CizObUwE2nzZG7PXq0c4si1W/cVeMKFGvrp5MkSLG7hZfxtnNJmck1rF
dS/nNRQ2P1Rur4MI+m1GR33D3uF2bTV03YNXtclJ8D/R3eeYRd0Ee8V8cOh/ZcVa
BukZPhvlWiwJmhMacZh2cv+b85GUbaE9VzWhAYNffKtUeFJMHLhmJmILoHigdwRN
RCUKMl/oQZqcegxFnAoxmStJgkEui8HcrsoKprsWmWon4pmerMw5hkbPq8PBntea
nC79eVWy00QSWeloRHncLnFLQxWpcO2FU5HH3cpXGNV0JXE4G7ihxPaz3KMc318G
Ptvme6nMfKULZMDBVXd7XpXJP56x9fCUlGmJrhumMBfDyv8mAkTud7aJx0yS9PAc
Orl82U3Jbk2BAX/FJjeQhGUoNYKyrBQp19T5/hJO00MqEc+/xkxdQNjc7Cd3f8jL
P/BDdUwqZFEmVjZTONamBaKA5HazD+LXuJv107qTLxO257xwoSJbwlccFh/rcHrE
vgBpULno486o84fEzyOUe4gME04U2VjwlsGF+FCtAIwgciQc1gLXZRfXXLv1KfU1
kzww4hKMy/ubfdoLRawXYCM6AB+AjMg0eoVIYBQaWyV/I/AA2rYHzycanxCaU1yy
O4Mwbl50UW2pnHq5Ebq+I++g2QZTQ07KzPiPPq2UCh7Dz5jkJ9g=
=RvOg
-----END PGP SIGNATURE-----

Stable release: HardenedBSD-stable 10-STABLE v46.22

HardenedBSD-10-STABLE-v46.22 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Highlights:

  • Updated amd from am-utils 6.1.5 to 6.2. (78047153f3f320f60a8264a8a33abb8636dbfc7c)
  • Updated hbsd-update-build to cross-build (99496b88337ff9bc63e69f8128011d3bf5ccfb31)
  • Updated segvguard
  • Updated libarchive [FreeBSD-SA-Candidate]
  • Updated file to 5.29 (884efc61f7391700d81bb717ea62d897524b2184)
  • Fixed integer truncation in uipc_accf (0be920e8edf4ba492677df6ab6f14d3b9b2b6245) [FreeBSD-SA-Candidate]
  • Lot of various MFCs, see the git log for them

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:

SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-bootonly.iso) = 15af65eaa70174c06a8f22ff455b76bc1007ed6548d8b399ba6195b5df000797a3cbeca76adfc85a28befe4257c7ec3b012a35bd5b756d6170b9d53079aa9cae
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-disc1.iso) = e4f5b8ebc9633aaf0d5ea8d57a9f7834271abd457515c595fab40b2dc8dcb80438e9d30f6ef8f1dee658164e7ebfa20d63546157a2502985a06d24be8b6ccabc
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-memstick.img) = d61deb3e9aeac9a719acbef190701621414b1bbffeae398e5775fb4e9368547b543a2fa13a6003b598b10034a6255871c59ebdaab92acb9a987bed51008ca284
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-mini-memstick.img) = 13ce2d0bd82f2112e658deb363fa08587f4016c37bac91ea8668d308924129545733a8b7b68bef5b5f0a675287934059665e94686fe47e844b3992a652daf68b
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-uefi-bootonly.iso) = be43f99c0ad6edea347e011c2c8e72b9a2d70caaff7d48a8416dd2e53877fa6f3558047edb8df930d9beed76a354002bd3cbc3a2b5cb90f26b9b4fb6e45a902b
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-uefi-disc1.iso) = f9dbc1180c07661578141844d0151c82e5912121a0457959d1a28d2874a06b897d19390f03bcb43be6f57e8dd6b2a3bf8b4f6b756efa54e15fc925cba9e0b618
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-uefi-memstick.img) = f65e83999aaa7f3c347b53a83f34b49d5e413a1a9c7d4a7c87e5086b600051ed668e94c759fcf4e8ca113ac138f782236cf275c256ebabb5c29b264e2b08fc1a
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-uefi-mini-memstick.img) = 1464759ebdaa767f5a9d44d6cf04975e30bb6ae92a8e32f1e8e4545892a2983cbdf3ac05a7a944e0a49440d1fdb720903376055f84c01787356aa9cbb1c50f5e

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlhegzEACgkQgZsRom/9
GI1H/g/8CGGXdeW2PEA3OUd6uhiHOLJraPMma0ABbQ2PwJ7xjRF3+i1AdwXqr8kE
GRHFXFF0elZIPq2bQ6AxwrYEehkP8PpMwSd4xe06CV87ZG0MNYTq401REyyPAKU1
/sJdn8Ms1XcGiaaT2R7tdE+ETpymYy8NCHpnSHw0ploWBgDYLoIWHoyyGMalqSrM
3ZQ2GDH/gMRFc0rlcFOGHRxNk+CQSp4bCyic24pqhZw/Rrjo4d0KnOSAOla+5thZ
/s48MGopkLwcRdxFq0GGfo4ls6QZezkp7JCHZfCXPsIzbOdrnBdO/zFYD6En/JOy
Abaw7PYG1mOWp5COWbYdImS5R7yCblRBPgQBnrNAWnyRNRqBq4kIOJA2HX8xrIIE
EzqH/L+kVgCtHFaeZwy7Oz+TiDw+mY39tOKRDDVIuaMAbutMWJodXuAM3bL5V1Zu
d+awV9eojp2PrDFb/2dhfnFLwG++OOS5mp/jqaqkTwzgyjNeY4dTSfWfRP5aZ2DH
hF9Wu6Fa/+S71wY6r/Ai+P2kvrmo+FWkYA3i8Pqf+lVSGxlOesOSkcYiDViSWgGD
lb0uFSbx0vzSQnBl8yjLfkblvuxFlTPOTgmE0LcE130RqsFumU4LVXeaKYv9zw6v
2Jyl9GJLjuUwb6xNWP1jvMBHzqrUgYQSa0oeL4Kxw8RbGSZuD80=
=mECJ
-----END PGP SIGNATURE-----

Binary Updates for aarch64

Our tool for building binary updates for base, hbsd-update-build, has now been taught how to cross-build. As of today, those who are experimenting with aarch64 devices like the Raspberry Pi 3 (RPI3) and Pine64 will be able to receive binary updates from HardenedBSD.

Since hbsd-update stages the binary update in /tmp, which is rather limited in size on most aarch64 dev boards, users will need to tell hbsd-update to use a different temporary directory:

# mkdir /root/tmp
# env TMPDIR=/root/tmp hbsd-update

Please note that aarch64 support is still a major work-in-progress both on FreeBSD's and HardenedBSD's side. Shawn Webb is working with both Ed Schouten and Ed Maste to resolve a few issues with lld 3.9.1. Once those issues are resolved, using aarch64 will become much easier for the average person.

Though this work is primarily targeted for aarch64 cross-building, it can be used with other architectures, like arm and i386 (i386 would need a follow-up commit). HardenedBSD plans only to provide binary updates for amd64 and aarch64 at this time.

New stable release: HardenedBSD-stable 10-STABLE v46.21

HardenedBSD-10-STABLE-v46.21 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Warning: this is a security update!

Highlights:

  • HBSD: fix for FreeBSD-SA-16:37.libc (CVE-2016-6559) improper boundary checking - b66bee517d74e7395ba293bc2f41cc8273f0acdf 54ef6264f7f041d711a6f2a6afeedd2f3646bdd9

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:

SHA512 (HardenedBSD-10-STABLE-v46.21-amd64-bootonly.iso) = 75580ab43e32dd5fecf439d4880b5820d96eb96975c5977c0a9ea7cc6dcc39584b1489cb45747833db706ea806775342bcd99ad85359f666dd09323361a220ad
SHA512 (HardenedBSD-10-STABLE-v46.21-amd64-disc1.iso) = c656ac66693d68bfddd8909ea58dceff64f6b28607909615ce331359e70fcc4e3fe9427a27f410ff810d68849de907bb82d340afb5f784e43b7777b87fec036d
SHA512 (HardenedBSD-10-STABLE-v46.21-amd64-memstick.img) = fbb5f60f5a708cf8d44e3434eb4226329d7c6fbd49781755f8be355931323cf75c506a4ba8e3a82ec68643cc254b6cf434705a25b0ea52357f857c69b2ad87f8
SHA512 (HardenedBSD-10-STABLE-v46.21-amd64-mini-memstick.img) = 7b2cfe0075d1d58e21c64359b2d143389be8932c93c12242b17eb463bc0ebd9df0efd564402608ccccc9fc81912896dea859f978c88b998576954bd61604efb6
SHA512 (HardenedBSD-10-STABLE-v46.21-amd64-uefi-bootonly.iso) = dcfd6952056243a5989954bafad5396845520b011e6bd5da536b0ffbf3951c04caa5bc1bbee2e0b1cf8c4616819b859a0c51f2ae73a7538d06248b97d59511e7
SHA512 (HardenedBSD-10-STABLE-v46.21-amd64-uefi-disc1.iso) = 58a1ff92b43ed12933cbaf3436ec78cab6e1863f09eea9db15e16756975e31a1f9bccebd8d13a6af84d6931ec5f5ed9bf7c71b85c03d72a73ef7ab33dcd548ef
SHA512 (HardenedBSD-10-STABLE-v46.21-amd64-uefi-memstick.img) = 77224a1e23d460ec48e5df1c51c6876840817c79590818440e16a92eabb64119e87063763236a75f4a48781165af7e628ca403551fde03f070c16b674ce62db8
SHA512 (HardenedBSD-10-STABLE-v46.21-amd64-uefi-mini-memstick.img) = 52d2d2c46ab0797d87a3903deef608d5918a31ff2e1f9ff5c2e470cc9ea34c1388a3bcb942acb2a40b701789be511b38e6a709e187a1bb303a824c8c339b69bd

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlhIXH0ACgkQgZsRom/9
GI0ACg/+KhecsVMDb/vDD6ttn7NZJmQXia2nsoi0aw0FbqEeksK2cAlbKTr13yBU
OCyFg8zbDM/y1WEcS0Rs2StvqhRWoOU0G8L1H5sWFbQCxdYUZ1ndsbTZaaTSBlky
SQnzAdChWXVQsFXFAjEFA6i8xaHTvHIwxt0Fhw4oEO1FsaBDIY73Db8E3u4C9Cnz
tJuMyZKff6HffhHeBbzNT6eBM84J0r1yodIj7w1/Ep1PJLpEMNrn9IK55AIfxf+X
q7gSV8TKAMt3w0nnthJHN25vHQa7KcgbJYbiqoFVc54Hrm0sBZROwc17nx1+qClh
Qp+MbgK4flWMviL686OAnh7H5lwLLTX9tsMpqb4qC0C0YlvbxaNsenkv5z7cU2vi
E8vPLyiTs+k7Bes1jPpcZmVTE2v8Biu+H7HtPxWbY46GeqGZQ6VWjhIyDrbYCO3n
koDqlcfT7TDkIIqIAVJnidh9MXc5xZdFc9hZI0og507Wog0/ruCigHEjBNAmm6N9
wB04WjM1PrAh7JSGUXpmaDuUliu+m8MF4Jzk0cbk9N8gU4lqMgm3IOb6QR9oHi4i
CK098e1P6rHpdOG1wDsxy0YCDSbS7dOx26onE+2PXbaKx6t72M6sXr4ASZjQ+/e4
StlOllTbOP1KDtr8gZxctTXyjzPcMaEkHEeilzJrvysGAJ1o/H0=
=SVW7
-----END PGP SIGNATURE-----

New stable release: HardenedBSD-stable 11-STABLE v46.12

HardenedBSD-11-STABLE-v46.12 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Warning: this is a security update!

Highlights:

  • HBSD: fix for FreeBSD-SA-16:37.libc (CVE-2016-6559) improper boundary checking - b66bee517d74e7395ba293bc2f41cc8273f0acdf 54ef6264f7f041d711a6f2a6afeedd2f3646bdd9

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:

SHA512 (HardenedBSD-11-STABLE-v46.12-amd64-bootonly.iso) = d1e8f7ab85cb80f155ffedff3bbd57847064bed3f3b2ea2f3ead2abddac041e007ff3ba6670373c2288620c00ffb11c3416c973840e5ccb08e03ae42b6fe4266
SHA512 (HardenedBSD-11-STABLE-v46.12-amd64-disc1.iso) = ba868e62c3e907e6e7c8751bddabffc4cca70f4ad7d447e88f68c1dd7c6d7974f8144110ffbdcdca704d7ea4f1e1a2de72562166ee12daa8db1c0632b5befa61
SHA512 (HardenedBSD-11-STABLE-v46.12-amd64-memstick.img) = 0a9f13ef94820deeac880f29e136f2fe904f30990800caddbedff12265cb5faa23252daa1273214c08a79211066d444d585644bbf7027384be938068f9a59886
SHA512 (HardenedBSD-11-STABLE-v46.12-amd64-mini-memstick.img) = c8e636881c0f651cc44d95f97539a7e6b0ebbbea046b66aed63ae1284ae336746c61c7961c241febd386f4f48ec57b0dac3311a9093357f4c606210c9f2a0847

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlhIfBQACgkQgZsRom/9
GI1SihAA4IQh1ptiQ4e52xcv16qoyqK5aZ5XRMFNLyudd/gRuxf7VEtjn5iHTvSH
KEBjHd2lEid0ELiGxKp5OjTLoRNNI3qe0Bzga3fBAbqKkAu2pnI5gpjM3ELt3OLd
/Eojw77mVILWeGdF9ZpYWQIPK6uDUvX/h6IOSkD7Y11ZXts5fjJBGLAhIKg2h0lS
3vyK2dYzDlCWhC6hm2tfxWeB0HeLad/FodS6wijOnlBoaXxrY2k8erIkGJjikb9h
G51hrWOTCoWPxAZ5FQreumyFckNRj9znKvzPrAVC3wjzlqJRuUZCqW0u5EY7ydXG
V5BO91cqc1eJb7gDsGQtzXWxUh3t6Lba9aHNdDpppdW5Sjt0flGWyt0pUptzHpB7
20iojO9UTJ/ba0VoqjNTzmq/Xh51BmNzlh1fvE13hKZAwAq2H3XVYccb9CRcitk9
Jh3A0incGx/qwmr/BmakYiBpvD/2+l5lBepeI4OumINbg8yPLHydk1jZUju3O+y1
cEKD9OjfCZpYbYgeFgmSq+Pzc2QFAKC8RsiMu9+5hHke9UBo0uUxxxTH43/KMF/f
77TveeYhu6XSRQ1xyNZOUPiPZGfBWZ7I33drDRoBXoMLX8ACEteawQjX/mVJbSJB
IZv5V4X8ejusH3StDtPwb7YiFEl2cP+ODIQXsjxtqaM5SA/y9i8=
=jspS
-----END PGP SIGNATURE-----

New stable release: HardenedBSD-stable 10-STABLE v46.20

HardenedBSD-10-STABLE-v46.20 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

WARNING: this is a security update!

Highlights:

  • FreeBSD-SA-16:38.bhyve - integer overflow in bhyve - 02a6052b3f42f24b9015e26ef196c33cdaf56719
  • FreeBSD-SA-16:37.libc - buffer overflow in libc - 6eec5c0ac4990b2cf298afce48e0ea2529fa645c
  • FreeBSD-SA-16:36.telnetd - insufficient error checking in telnetd - d50c6c5b00e248bc0ebd39164e5b7d56af49d701
  • ACPICA update to fix issues with recent Skylake CPU based systems
  • SVN update to 1.9.5
  • bhyve: stability and performance improvement for dbgport

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:

SHA512 (HardenedBSD-10-STABLE-v46.20-amd64-bootonly.iso) = bc9012bd9af9b9a9e1458a5b73f509250a82b90fa0d54126b3ea13630b0f6dea8a42457c049d396b073c52a5199d477ffe892e64bf3fd129c310392cfd440197
SHA512 (HardenedBSD-10-STABLE-v46.20-amd64-disc1.iso) = bf585c79fd8cc0bf481e84a369eb76fb30b1bf1dd5c328d43b51e8b88f2033485b94b2be8025758774b95e5fbf67fe620a62ba62fec93d70ed156b41721fc99e
SHA512 (HardenedBSD-10-STABLE-v46.20-amd64-memstick.img) = 298f39484d6403403a9213c399d309706ad4c3eaa7181136180af019bea66ff2862d52d9e15c095de58207eccea1791a6fafe13e3e7e4677070fc0cb8c6399c8
SHA512 (HardenedBSD-10-STABLE-v46.20-amd64-mini-memstick.img) = 1725c96a19c9cdb9429c951d1b21eca5c1804a9c5d8cbbdd376eb783759b046f8105e2d94d5091b4d00725584d89dade2df2e6128803ee55b98e24af99f93a58
SHA512 (HardenedBSD-10-STABLE-v46.20-amd64-uefi-bootonly.iso) = 1a55a48c7ea229c7b994262619db606b40424682a480978d6a95cb1ef29bfef2c8589b89ff27af31a1d4f63a63c4cc96b63dd084b8dcb6fe61cb461677243aa5
SHA512 (HardenedBSD-10-STABLE-v46.20-amd64-uefi-disc1.iso) = 00ea40e7afe74072feeb9cddd990eb482aed3259e20a754c0f38ddb1e7d7c63da9886be4740662d48f69334fe0b4dc3fac5195a62f9ca4e4b08c3ee81f6df834
SHA512 (HardenedBSD-10-STABLE-v46.20-amd64-uefi-memstick.img) = 46ccc6a8e8684d34867c811efbc3f87c4225fdc5b789235952630052b100a508b2012a6c3b30b703952835bc772d9b99a2687283c9330a6cb8f543eba31ba59b
SHA512 (HardenedBSD-10-STABLE-v46.20-amd64-uefi-mini-memstick.img) = 00815ec0284ccdfc56a5c877555306b444af525a64b78af7a72e1c5efb2ace936345ccba787df4737628cd728aa449e4d0a802e9040811a82a576eed08d13de1

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlhHJzEACgkQgZsRom/9
GI1VbxAAveup7QZKBQSZn3fWgUcdW5C91iqD78UqdGuO07fh8GU7akbh69emf1h7
OLgXSgjxw2PGi2Lt+PxlhMgxTs9KHe20/dX14nOGQnJbRZphH2ZhsyIo1a2Ir94V
qx1d1ha1xSqYMm3xMaj27/Q6aks23lEF5DL+qwNJ6dnpgaU4/K297K+vt5ixtD6H
bxSy3kqSTg2MSx0EiITguoR0c40zocKiqs6QnqIPddgGo5nIeFgktviDH2StthjA
SkqqB7O/Hi8M1ePDOJlFWGuWjZXoc+s+6Y/JdV6FnJv905clrjiVG6wPoV7naPGJ
PVZBjjdjn9i/roF327C3kFagGc7tDLb18xHFJWr6jiOvg5vRNsAoepjwIPSRcUh9
iJPptUgcqBPrpvaBZyZaQsfh5sor7BCYmt7nfS3FU5aaGqTrKawtwqMeF3ID3Q5k
Q+aOxUz/cXQnLSURXG8RyrIfk0I1a4aQoE47lPnlWZ3HHBBYV7/h1sE8sTkuP6pO
OjpadzPF5M4+LMA5qzGKCC+Oo7sISJ55HQjdQa1x3WV1ok7Ph/BfMcj6/v08OTh+
Fauingu+ZoZbj/rQcPN6t/dS4n2JEeeD/KX2JWII4ogP2znIIrZmprOhrKAtG8OF
AHZxVq5/AjXgaBrLPBe5BhDEEA2jKn0e3ifLh+iI8Mfs+5uT8vY=
=7uYD
-----END PGP SIGNATURE-----

Pages

Subscribe to HardenedBSD RSS