From owner-freebsd-security@FreeBSD.ORG Wed Jun 2 10:46:53 2010 Return-Path: Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 83BF91065670 for ; Wed, 2 Jun 2010 10:46:53 +0000 (UTC) (envelope-from robert@fledge.watson.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id 3546A8FC0A for ; Wed, 2 Jun 2010 10:46:53 +0000 (UTC) Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by cyrus.watson.org (Postfix) with ESMTPS id C361B46B03 for ; Wed, 2 Jun 2010 06:46:52 -0400 (EDT) X-Return-Path: X-Received: from cyrus.watson.org ([unix socket]) by cyrus.watson.org (Cyrus v2.3.13) with LMTPA; Wed, 02 Jun 2010 06:42:54 -0400 X-Sieve: CMU Sieve 2.3 X-Received: from mx2.freebsd.org (mx2.freebsd.org [69.147.83.53]) by cyrus.watson.org (Postfix) with ESMTP id 5469546B6C for ; Wed, 2 Jun 2010 06:42:54 -0400 (EDT) X-Received: from hub.freebsd.org (hub.freebsd.org [IPv6:2001:4f8:fff6::36]) by mx2.freebsd.org (Postfix) with ESMTP id 3131614F648; Wed, 2 Jun 2010 10:42:53 +0000 (UTC) X-Received: from hub.freebsd.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 0B8C11065670; Wed, 2 Jun 2010 10:42:53 +0000 (UTC) (envelope-from owner-trustedbsd-discuss@FreeBSD.org) X-Delivered-To: trustedbsd-discuss@freebsd.org X-Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AAD61106566C for ; Wed, 2 Jun 2010 10:42:17 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) X-Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id 85E9A8FC12 for ; Wed, 2 Jun 2010 10:42:17 +0000 (UTC) X-Received: from [192.168.2.105] (host86-162-158-86.range86-162.btcentralplus.com [86.162.158.86]) by cyrus.watson.org (Postfix) with ESMTPSA id 94C6F46B03 for ; Wed, 2 Jun 2010 06:42:16 -0400 (EDT) From: "Robert N. M. Watson" Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Date: Wed, 2 Jun 2010 11:42:14 +0100 References: To: trustedbsd-discuss@trustedbsd.org Message-Id: <7A4D4A3C-0276-4A5C-8FCE-12CECAB847BA@FreeBSD.org> Mime-Version: 1.0 (Apple Message framework v1078) X-Mailer: Apple Mail (2.1078) X-BeenThere: trustedbsd-discuss@FreeBSD.org X-Mailman-Version: 2.1.5 Precedence: list Sender: owner-trustedbsd-discuss@FreeBSD.org Errors-To: owner-trustedbsd-discuss@FreeBSD.org ReSent-Date: Wed, 2 Jun 2010 11:46:46 +0100 (BST) ReSent-From: robert ReSent-To: freebsd-security@FreeBSD.org ReSent-Subject: Fwd: [capsicum] Capsicum USENIX Security 2010 paper now online ReSent-Message-ID: ReSent-User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) Cc: Subject: Fwd: [capsicum] Capsicum USENIX Security 2010 paper now online X-BeenThere: freebsd-security@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2010 10:46:53 -0000 Dear all: This paper might be of interested to TrustedBSD-centric folk; it's on = some new work we've been doing relating to capability-oriented security = design in FreeBSD. There's a mailing list for Capsicum hosted at the = University of Cambridge, which can be found via the Capsicum web site: http://www.cl.cam.ac.uk/research/security/capsicum/ Once we've done more iteration, improvement, review, etc, the goal is to = merge the supporting kernel features into FreeBSD 9-CURRENT. Thanks, Robert Watson University of Cambridge Computer Laboratory Begin forwarded message: > From: "Robert N. M. Watson" > Date: 2 June 2010 11:25:53 GMT+01:00 > To: cl-capsicum-discuss@lists.cam.ac.uk > Subject: [capsicum] Capsicum USENIX Security 2010 paper now online >=20 > The final version of the USENIX Security 2010 paper on Capsicum is now = up on our web site: >=20 > http://www.cl.cam.ac.uk/research/security/capsicum/documentation.html >=20 > We plan to release an extended technical report version of the paper = that includes more detail on a number of design choices, additional = reference material, etc. With any luck that will be available by the end = of July. >=20 > We greatly appreciate all the comments and suggestions we've had from = the budding Capsicum user community and capability research communities, = as well as from Steve Bellovin, who shepherded the paper. Likewise, we = express appreciation to our research sponsors, and especially to Google = for their support and contributions throughout the project. >=20 > The next publication target is a short paper on file system = containment that Jon and I will be giving at the Analysis of Security = APIs workshop in a month, which looks at file system concurrency issues = in sandbox design. Following that, the hope is to do a longer design = patterns paper on application structure and decomposition, but not much = done on that yet. >=20 > Robert Watson > University of Cambridge > Computer Laboratory _______________________________________________ trustedbsd-discuss@FreeBSD.org mailing list http://lists.freebsd.org/mailman/listinfo/trustedbsd-discuss To unsubscribe, send any mail to "trustedbsd-discuss-unsubscribe@FreeBSD.org" From owner-freebsd-security@FreeBSD.ORG Sat Jun 5 15:05:42 2010 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx2.freebsd.org (mx2.freebsd.org [IPv6:2001:4f8:fff6::35]) by hub.freebsd.org (Postfix) with ESMTP id 1324F106564A for ; Sat, 5 Jun 2010 15:05:42 +0000 (UTC) (envelope-from cperciva@freebsd.org) Received: from xps.daemonology.net (unknown [IPv6:2001:4f8:fff6::28]) by mx2.freebsd.org (Postfix) with SMTP id 59B6514FCE4 for ; Sat, 5 Jun 2010 15:05:41 +0000 (UTC) Received: (qmail 12266 invoked from network); 5 Jun 2010 15:05:40 -0000 Received: from unknown (HELO xps.daemonology.net) (127.0.0.1) by localhost with SMTP; 5 Jun 2010 15:05:40 -0000 Message-ID: <4C0A67C4.6000701@freebsd.org> Date: Sat, 05 Jun 2010 08:05:40 -0700 From: FreeBSD Security Officer Organization: FreeBSD Project User-Agent: Thunderbird 2.0.0.24 (X11/20100329) MIME-Version: 1.0 To: freebsd security , FreeBSD Stable X-Enigmail-Version: 0.96.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Subject: HEADS UP: FreeBSD 7.2 EoL coming soon X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: security-officer@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jun 2010 15:05:42 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, On June 30th, FreeBSD 7.2 will reach its End of Life and will no longer be supported by the FreeBSD Security Team. Users of this release are strongly encouraged to upgrade to FreeBSD 7.3 before that date; FreeBSD 7.3 will be supported until the end of March 2012. Please note that since FreeBSD 7.1 has been designated for 'Extended' support, it will continue to be supported until the end of January 2011, i.e., FreeBSD 7.1 will be supported longer than FreeBSD 7.2. The End of Life date for FreeBSD 7.2 was originally announced as May 31, but was delayed by one month in accordance with Security Team policy in order to allow a 3 month window between the release of FreeBSD 7.3 and the End of Life of FreeBSD 7.2 to allow time for systems to be upgraded. The freebsd-update(8) utility can be used to upgrade i386 and amd64 systems from 7.2-RELEASE (or 7.2-RELEASE-pX for some X) to 7.3-RELEASE using binary updates (i.e., without compiling from source) as described in the 7.3-RELEASE announcement; given an adequate internet connection, this process usually takes 15 minutes or less. The current supported branches and expected EoL dates are: +---------------------------------------------------------------------+ | Branch | Release | Type | Release date | Estimated EoL | |-----------+------------+--------+-----------------+-----------------| |RELENG_6 |n/a |n/a |n/a |November 30, 2010| |---------------------------------------------------------------------| |RELENG_6_4 |6.4-RELEASE |Extended|November 18, 2008|November 30, 2010| |---------------------------------------------------------------------| |RELENG_7 |n/a |n/a |n/a |last release + 2y| |-----------+------------+--------+-----------------+-----------------| |RELENG_7_1 |7.1-RELEASE |Extended|January 4, 2009 |January 31, 2011 | |-----------+------------+--------+-----------------+-----------------| |RELENG_7_2 |7.2-RELEASE |Normal |May 4, 2009 |June 30, 2010 | |-----------+------------+--------+-----------------+-----------------| |RELENG_7_3 |7.3-RELEASE |Extended|March 23, 2010 |March 31, 2012 | |-----------+------------+--------+-----------------+-----------------| |RELENG_8 |n/a |n/a |n/a |last release + 2y| |-----------+------------+--------+-----------------+-----------------| |RELENG_8_0 |8.0-RELEASE |Normal |November 25, 2009|November 30, 2010| |-----------+------------+--------+-----------------+-----------------| |RELENG_8_1 |8.1-RELEASE |Extended|not yet |release + 2 years| +---------------------------------------------------------------------+ - -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (FreeBSD) iEYEARECAAYFAkwKZ8QACgkQFdaIBMps37LL9wCfRspIGXYatsdPDbBR8OZEDocs BagAnAmTXen6TQ+2ER3oF6702stmxVIJ =ydCN -----END PGP SIGNATURE-----