Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FreeBSD Project Discloses Security Breach

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 5 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Roots0
      last edited by

      New from Slashdot about a security breach at FreeBSD.
      http://it.slashdot.org/story/12/11/17/143219/freebsd-project-discloses-security-breach-via-stolen-ssh-key?utm_source=feedburnerGoogle+UK&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29&utm_content=Google+UK

      More information here http://www.freebsd.org/news/2012-compromise.html

      Does this affect pfsense, is there any action users need to take?

      Mobile Computer & Network Support Stockport, UK
      www.timotten.co.uk

      1 Reply Last reply Reply Quote 0
      • B
        babtras
        last edited by

        From FreeBSD:

        If you are running a system that has had no third-party packages installed or updated on it between the 19th September and 11th November 2012, you have no reason to worry.

        The Source, Ports and Documentation Subversion repositories have been audited, and we are confident that no changes have been made to them. Any users relying on them for updates have no reason to worry.

        I'm only guessing, but I believe this means that the current stable release, 2.0.1, is safe.

        http://www.freebsd.org/news/2012-compromise.html

        1 Reply Last reply Reply Quote 0
        • chpalmerC
          chpalmer
          last edited by

          A package set for the upcoming FreeBSD 9.1-RELEASE had been uploaded to the FTP distribution sites in preparation for 9.1-RELEASE. We are unable to verify the integrity of this package set, and therefore it has been removed and will be rebuilt. Please note that as these packages were for a future release, the standard "pkg_add -r" tools to install packages could not have downloaded these packages unless they were requested explicitly.

          We can confirm that the freebsd-update binary upgrade mechanism is unaffected, as it uses an entirely separate infrastructure. We have also verified that the most recently-available portsnap snapshot matches the ports Subversion repository, and so can be fully trusted. Please note that as a precaution, newer portsnap snapshots are currently not being generated.

          Looks like pfSense is safe. We will be watching for an update from the crew here however…

          Triggering snowflakes one by one..
          Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

          1 Reply Last reply Reply Quote 0
          • M
            mr_bobo
            last edited by

            I can't speak for pfSense Admin but I seriously doubt it effects pfSense users.

            Both my computers are FreeBSD 9.0-RELEASE-p3 boxes and it didn't effect me in any way. I use portsnap to install programs and freebsd-update to update them and neither of those were impacted by the breach. I wouldn't think my pfSense box would have been effected either.

            1 Reply Last reply Reply Quote 0
            • C
              cmb
              last edited by

              Doesn't have any effect on anything we do or any of our users.

              1 Reply Last reply Reply Quote 0
              • R
                Roots0
                last edited by

                @cmb:

                Doesn't have any effect on anything we do or any of our users.

                Thanks just wanted to make sure.

                Mobile Computer & Network Support Stockport, UK
                www.timotten.co.uk

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.