FreeBSD Security Advisory FreeBSD-SA-21:10.jail_mount

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 = FreeBSD-SA-21:10.jail_mount Security Advisory The FreeBSD Project Topic:

FreeBSD Security Advisory FreeBSD-SA-21:08.vm

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 = FreeBSD-SA-21:08.vm Security Advisory The FreeBSD Project Topic:

FreeBSD Security Advisory FreeBSD-SA-21:09.accept_filter

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 = FreeBSD-SA-21:09.accept_filter Security Advisory The FreeBSD Project Topic:

Re: Security leak: Public disclosure of user data without their consent by installing software via pkg

On Apr 6, 2021, at 7:42 AM, Shawn Webb wrote: > > On Tue, Apr 06, 2021 at 04:39:40PM +0200, Miroslav Lachman wrote: >> On 06/04/2021 16:27, Shawn Webb wrote: >> >>> 1. BSDStats isn't run/maintained by the FreeBSD project. File the >>>report with the BSDStats project, not FreeBSD. >>> 2. You

Re: Security leak: Public disclosure of user data without their consent by installing software via pkg

On Tue, Apr 06, 2021 at 04:39:40PM +0200, Miroslav Lachman wrote: > On 06/04/2021 16:27, Shawn Webb wrote: > > > 1. BSDStats isn't run/maintained by the FreeBSD project. File the > > report with the BSDStats project, not FreeBSD. > > 2. You install a package that is made to submit statistical

Re: Security leak: Public disclosure of user data without their consent by installing software via pkg

On 06/04/2021 16:27, Shawn Webb wrote: 1. BSDStats isn't run/maintained by the FreeBSD project. File the report with the BSDStats project, not FreeBSD. 2. You install a package that is made to submit statistical data. 3. You're upset that it submits statistical data? The problem here is th

Re: Security leak: Public disclosure of user data without their consent by installing software via pkg

On Tue, Apr 06, 2021 at 03:11:31AM +0200, Stefan Blachmann wrote: > Hello, > > I had a very distressing experience today. > I installed a package to view its scripts (and *not* to run them!). > > I was shocked when pkg told me that my system configuration, including > which packages and their ver

Security leak: Public disclosure of user data without their consent by installing software via pkg

Hello, I had a very distressing experience today. I installed a package to view its scripts (and *not* to run them!). I was shocked when pkg told me that my system configuration, including which packages and their versions are installed on my system, has been sent to an external entity, without a

AMD: Predictive Store Forwarding PSF

Shouldn't this get a kernel option, sysctl, test app...? https://www.amd.com/system/files/documents/security-analysis-predictive-store-forwarding.pdf AMD advised customers last week to disable a new performance feature if they plan to use CPUs for sensitive operations, as this feature is vulnerab