New stable version: HardenedBSD-stable 11-CURRENT v46.2

HardenedBSD-11-CURRENT-v46.2 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

UPDATE TO THIS RELEASE IS STRONGLY ADVISED!

This release fixes two locally exploitable security issue, namely the followings:
https://security.freebsd.org/advisories/FreeBSD-SA-16:19.sendmsg.asc
https://security.freebsd.org/advisories/FreeBSD-SA-16:18.atkbd.asc

New stable version: HardenedBSD-stable 10-STABLE v46

UPDATE TO THIS RELEASE IS STRONGLY ADVISED!

This release fixes two locally exploitable security issue, namely the followings:
https://security.freebsd.org/advisories/FreeBSD-SA-16:19.sendmsg.asc
https://security.freebsd.org/advisories/FreeBSD-SA-16:18.atkbd.asc

Other news in this release:

Backported a lot of smaller coverity issues from FreeBSD.
Introduced fully enabled PIE, RELRO and BIND_NOW in the base system.

If you encounter build failures due the PIEified base system, you could empty the /usr/obj directory
and retry the build. For more details please consult the ${SRCTOP}/UPDATING-HardenedBSD
file.

https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

New stable version: HardenedBSD-stable HardenedBSD-10-STABLE-v44.6

HardenedBSD-10-STABLE-v44.6 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

LibreSSL in HardenedBSD Base

A few months ago, we added Bernard Spil to the HardenedBSD team with a goal to bring in and maintain LibreSSL in base. Given the effort involved in maintaining such a complex piece of software, we at HardenedBSD have made the decision to keep it as a feature branch in the playground repo for now. Those who wish to check out Bernard's awesome, hard work can check out the repo here. We will soon start auto-syncing that feature branch on our normal six-hour cycle and we will produce periodic binary updates. As of today, the first binary update has been published. You can use this hbsd-update.conf file to tell hbsd-update to switch to the LibreSSL branch. If you wish to compile your own version of HardenedBSD with LibreSSL base, you will need to add WITH_LIBRESSL=yes to src.conf.

We would like to thank Bernard for volunteering. He has been a tremendous help. Here is a teaser screenshot.

New stable version: HardenedBSD-stable 11-CURRENT v46.1

HardenedBSD-11-CURRENT-v46.1 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

OpenSSL security update! For more info see https://www.openssl.org/news/secadv/20160503.txt.

New stable version: HardenedBSD-stable HardenedBSD-10-STABLE-v44.5

HardenedBSD-10-STABLE-v44.5 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

OpenSSL security update! For more info see https://www.openssl.org/news/secadv/20160503.txt.

New stable version: HardenedBSD-stable HardenedBSD-11-CURRENT v46

HardenedBSD-11-CURRENT-v46 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Highlights:
* full base PIE support by default
* full base RELRO + BIND_NOW support by default
* improved PPC64 support
* ntpd security update

New stable release: HardenedBSD-stable 10-STABLE v44.4

HardenedBSD-10-STABLE-v44.4 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Warning: this is a ntpd security update

More information will be in the FreeBSD's SA:
Security: CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550
Security: CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518
Security: CVE-2016-2519
Security: FreeBSD-SA-16:16.ntp

New stable release: HardenedBSD-stable 10-STABLE v44.3

HardenedBSD-10-STABLE-v44.3 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

New stable release: HardenedBSD-stable 10-STABLE v44.2

HardenedBSD-10-STABLE-v44.2 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

HardenedBSD