Index: head/en_US.ISO8859-1/htdocs/news/status/report-2015-01-2015-03.xml =================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2015-01-2015-03.xml (revision 46518) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2015-01-2015-03.xml (revision 46519) @@ -1,153 +1,235 @@ January-March 2015
Introduction

This is a draft of the January–March 2015 status report. Please check back after it is finalized, and an announcement email is sent to the &os;-Announce mailing list.

This report covers &os;-related projects between January and March 2015. This is the first of four reports planned for 2015.

The first quarter of 2015... was a very busy and productive time.

Thanks to all the reporters for the excellent work!

The deadline for submissions covering the period from April to June 2015 is July 7th, 2015.

team &os; Team Reports proj Projects kern Kernel arch Architectures bin Userland Programs ports Ports doc Documentation misc Miscellaneous Address Space Layout Randomization (ASLR) Shawn Webb shawn.webb@hardenedbsd.org Oliver Pinter oliver.pinter@hardenedbsd.org HardenedBSD ASLR Call For Testing FreeBSD Code Review of ASLR

Address Space Layout Randomization (ASLR) is a computer security technique that aids in mitigating low-level vulnerabilities such as buffer overflows. ASLR randomizes the memory layout of running applications to prevent an attacker from knowing where a given exploitable vulnerability lies in memory.

We have been working hard the last few months to ensure the robustness of our ASLR implementation. We have written a helpful manpage. We have updated the patch on FreeBSD's code review system (Phabricator). Our ASLR implementation is in heavy use by the HardenedBSD team in production environments and is performing robustly.

The next task is to compile the base system applications as Position-Independent Executables (PIEs). In order for ASLR to be effective, applications must be compiled as PIEs. It is likely that this part will take a long time to accomplish, given the complexity surrounding building the libraries in the base system. Even if applications are not compiled as PIEs, having ASLR available still helps those applications (like HardenedBSD's secadm) which force compilation as PIE for themselves.

SoldierX

Test our patch against 11-CURRENT.

For &os; committers: work with us to get this merged into &os;.

 + + Xfce on &os; + + + + &os; Xfce Team + xfce@FreeBSD.org + + + + + + + + +

Xfce is a free software desktop environment for Unix and + Unix-like platforms, such as &os;. It aims to be fast and + lightweight, while still being visually appealing and easy to + use.

+ +

This quarter was an exciting time for the Xfce Team. We + imported the Xfce desktop environment 4.12 into the ports + tree, after more than two years of development.

+ +

Overall, we have updated the following ports:

+ + + +

At the same time we switched to the USES framework, and a new + plugin has been added, called + audio/xfce4-pulseaudio-plugin.

+ +

We also follow the unstable releases (available in our + experimental repository) of:

+ + + +

The following documentation patches are ready:

+ + + + + +

Work on support for Compact Disc Digital Audio (CD-DA) in + multimedia/xfce4-parole.

+ + + +

Add a new property (through xfconf-query) in order to + allow users to change the greyscale value of quicklaunch + icons in x11/xfce4-dashboard (this feature is only available + in the unstable release).

+ + + +