Skip to content

Releases: HardenedBSD/hardenedBSD-stable

HardenedBSD-11-CURRENT-v14

23 Jan 18:27
Compare
Choose a tag to compare
  • ASLR bugfix
  • pax framework: eliminated race-conditions

HardenedBSD-11-CURRENT-v13

14 Jan 14:02
Compare
Choose a tag to compare
  • improved ASLR
  • fixed stack randomization
  • small internal changes

HardenedBSD-11-CURRENT-v11

09 Jan 01:20
Compare
Choose a tag to compare

changes since HardenedBSD-11-CURRENT-v10:

  • updated OpenSSL by FreeBSD
  • updated compiler-rt, which brings sanitizers by FreeBSD
  • fixed use after free in lf_advlockasync(...)@kern/kern_lockf.c
  • kbdmux default keymap support
  • fix FreeBSD jail DoS - pr/196474
  • added new devices to HARDENEDBSD kernel config
  • extend init hardening
  • initialize randompid with a random number in a range of [100,PID_MAX-100]
  • added recursive support to setfacl(1)

HardenedBSD-11-CURRENT-v10.2

08 Jan 02:52
Compare
Choose a tag to compare
  • fixed use after free in lf_advlockasync(...)@kern/kern_lockf.c

HardenedBSD-11-CURRENT-v10.1

04 Jan 15:29
Compare
Choose a tag to compare
  • kbdmux default keymap support
  • fix FreeBSD jail DoS - pr/196474
  • added new devices to HARDENEDBSD kernel config
  • extend init hardening
  • initialize randompid with a random number in a range of [100,PID_MAX-100]
  • added recursive support to setfacl(1)

HardenedBSD-11-CURRENT-v10

26 Dec 03:11
Compare
Choose a tag to compare
  • rework and extend init/boot hardening / hijacking
  • added credits file
  • initialize randompid with a random number in a range of [100,PID_MAX-100]
  • added information about HardenedBSD into loader.conf
  • prevent init hijacking if PAX_HARDENING enabled
  • remove more aout leftover
  • constify sv_pax_aslr_init

HardenedBSD-11-CURRENT-v9

17 Dec 23:46
Compare
Choose a tag to compare
  • added secfw hooks

HardenedBSD-11-CURRENT-v8.2

17 Dec 11:56
Compare
Choose a tag to compare

HardenedBSD-11-CURRENT-v8.1

16 Dec 19:30
Compare
Choose a tag to compare
- new version after kib's upstream fix:
  https://github.com/freebsd/freebsd/commit/42d5fa98d30175edd5c387fa437ec4d956cb2300
  related linux CVE:
    http://www.openwall.com/lists/oss-security/2014/12/15/6
    https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9090

HardenedBSD-11-CURRENT-v8

11 Dec 01:45
Compare
Choose a tag to compare
  • randomized shared object loading order
  • pulled in FreeBSD's SA fixes
  • fixed jail initialization bug in linuxulator and compat_freebsd32 case