Skip to content

3.1.0

Compare
Choose a tag to compare
@laffer1 laffer1 released this 27 Aug 17:49
· 106 commits to stable/3.1 since this release
e0a44d8

MidnightBSD 3.1
8/27/2023

I’m happy to announce the availability of MidnightBSD 3.1 for amd64 and i386.

This release included updates to third-party libraries, bug fixes from the 3.0 release, and a new third-party package option: Ravenports Universal Package System.
Upgrade Process

(You can also do this with svnlite using github)

Install git if you don’t have it already
mport install git

Fetch MidnightBSD from git via github.com/midnightbsd/src.git (assumes you don’t have /usr/src populated)

git clone https://github.com/MidnightBSD/src.git

Checkout the stable/3.1 branch
git checkout stable/3.1

cd /usr/src; make clean buildworld buildkernel;
mergemaster -p
make installkernel
reboot
(if it works OK, login and go to /usr/src)
make installworld
mergemaster -iU
mport index
Update installed mports/packages.
rm -rf /usr/lib/perl/5.36.0
cd /usr/src/; make check-old; then run make delete-old and finally make installworld

When you are done, verify that Perl is updated by running perl -v
You should have Perl 5.36.1.

Bug Fixes and new features

Ravenports

Ravenports is now available in MidnightBSD for the amd64 architecture. The initial installation process will prompt you to bootstrap Ravenports. This will initialize it in /raven/, and you will be able to install software packages using /raven/sbin/ravensw. By default, /raven/bin, /raven/sbin, and so on are not on the path. You can add them to the path to make running software in your shell easier. Please visit their website to learn more about Ravenports and find quickstart guides. http://www.ravenports.com/

You can choose either mports or Ravenports at installation time or use packages from both systems. Please note that mixing packages may have some complications, although they are installed in a completely different place from mports.

There are various benefits to Ravenports, but a few are more updated packages and quite a few unique packages that mports doesn’t provide currently. For example, Ravenports has an updated Firefox package available.

You will not see Ravenports presented as an option on an i386 install.

Mport package manager

There have been a number of improvements in the mport package manager for this release. In 2.4.3, we fixed the XXX rate issue reported. It now displays information about the download and a percentage of the file fetched so far. There is an output bug where it displays the percentage with an incorrect decimal place that will be fixed in a later release. This only impacts mport use in scripts or other non-interactive terminals.

mport clean now removes temporary files that might get left behind by other operations
mport clean now removes leftover /var/db/mport/infrastructure/* folders that might get left behind prior to a fix for mtree files last year. (mostly for older systems)
mport's internal rmtree functionality has been modified to use native C routines rather than executing rm -r as a system command. (Please report any issues with removing files in packages on delete with this.) This is slightly faster with very large packages. (0.03 seconds or so)
mport list updates will now give you better information about why a package is not found in the index. If the package is listed in the MOVED file in the mports repository, it will tell you if it's removed/expired or moved to another location.
Now that MOVED file contents are part of the index, we can start doing more intelligent updates in the future. The first package build to include this data is the latest amd64 3.1 build. It will be available for i386 on the next package build done on that platform.

Install Changes

Users are now prompted to try to install appropriate packages for their graphics cards. We don’t yet do autodetection, but it’s a step in the right direction for automating installs.

Miscellaneous Changes

tftpd: introduce new option -S

pf: handle multiple IPv6 fragment headers
pf: fix pf_nv##_array() size check

netstat -i: compute most field widths dynamically

frag6: Avoid a possible integer overflow in fragment handling

lib/libc/string/bcmp.c: fix integer overflow bug

logger(1): fix timestamps in case of long run

libalias: improve handling of invalid SCTP packets

wpa: Enable receiving priority tagged (VID 0) frames

bridge: Log MAC address port flapping

fusefs: update atime on reads when using cached attributes
Security Fixes
add fix for CVE-2022-25147 (apr-util)
workaround an integer overflow in apr_base64 functions.

Fix CVE-2020-10188 in telnetd

Fix for GELI silently omits the keyfile if read from stdin

Multiple security vulnerabilities have been discovered in the Heimdal implementation of the Kerberos 5 network authentication protocols and KDC.

CVE-2022-42898 PAC parse integer overflows
CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
CVE-2019-14870 Validate client attributes in protocol-transition
CVE-2019-14870 Apply forwardable policy in protocol-transition
CVE-2019-14870 Always lookup impersonate client in DB

3rd Party Software
Perl 5.36.1
openssl 1.1.1u
zlib 1.2.13 for kernel use
OpenSSH 9.1p1
libarchive 3.6.2
sendmail 8.17.1
libxo 1.0.4
doas 6.3p9
tzdata 2023c
xz 5.2.9
file 5.43
sqlite3 3.40.1
less 551
subversion 1.14.2
mDNSResponder-1096.40.7
Hardware
ena: Update driver version to v2.6.3

e1000: fix VLAN 0

Fix for Intel 82599 ixgbe device, which reported errors on the interface incorrectly.

jedec_dimm(4): Add manufacturing year and week.
e1000: Fix packet loss on 11th gen and later

ixl(4): Fix SR-IOV panics

ixl(4): Add support for I710 devices

ixl(4): Fix VLAN HW filtering

ice(4): Update to 1.34.2-k

ioat: Add Ice Lake ID.
Known Issues
Mport gives too much output when downloading packages non-interactively.

Mport package creation crashes on a few meta ports. We’re investigating this. GNUstep is one example. You can still install all the other GNUstep-related ports, just not the metaport.

Ravenports install is not in the path, but we also don’t tell you that during bootstrap.

The Perl version was updated, so having a mix of older packages with 3.1 packages may cause issues with Perl. Best to update all Perl libraries.

The Mono package is broken on 3.1 in mports. No ETA on this one.

On VirtualBox 7, Xorg needs over 1GB of RAM allocated to run without swapping or crashing. Occasional VM hangs have also been seen. It works fine on bare metal, bhyve, or VMware products.