Howdy!
The recently published CVE-2026-45257 - also called "bumsrakete" - affects FreeBSD 15.0, 14.x and 13.x.
Are there any considerations to patch OPNSense?
Cheers
https://www.freebsd.org/security/advisories/FreeBSD-SA-26:26.ktls.asc
https://bumsrake.de/
26.1.10 is being released later this afternoon.
Cheers,
Franco
Quote from: franco on Today at 12:31:35 PM26.1.10 is being released later this afternoon.
Cheers,
Franco
Thank you Franco.
For those impatient and paranoid you can patch manually. Enable SSH on your OPNSense box, connect, and go to shell by pressing 8 and type this.
pkg install nano && nano /etc/sysctl.confAnd add this at the end of the file
kern.ipc.mb_use_ext_pgs=0Press Ctrl+X and chose Y to save your changes. And then uninstall nano if you wish.
pkg remove nanoYou can reboot to make this change take effect, or if you dont want to reboot, just type:
sysctl -w kern.ipc.mb_use_ext_pgs=0All done.
Dont forget to disable SSH if you dont need it.
Quote from: franco on Today at 12:31:35 PM26.1.10 is being released later this afternoon.
Cheers,
Franco
Thank you for the info :-)
You can just as well use the GUI to set this tunable, no need for SSH.
System: Settings: Tunables
Quote from: Monviech (Cedrik) on Today at 02:38:06 PMYou can just as well use the GUI to set this tunable, no need for SSH.
System: Settings: Tunables
I didnt know that. Thank you Cedrik.
Also you do not need to install nano to edit a file. Both vi and ee (the "easy editor") are available out of the box.
Quote from: Patrick M. Hausen on Today at 03:00:33 PMAlso you do not need to install nano to edit a file. Both vi and ee (the "easy editor") are available out of the box.
Whos going to explain to absolute beginners that quitting and saving your changes requires pressing Esc key and then : and typing wq. Im trying to make these instructions as simple as possible for everyone. But the easiest way is what Cedric recommended.
I also install nano, much better experience :) Editor wars 2.0
At my second job I had to set "vim" as an alias for "nano" in order to force myself to use vim. True story.
Cheers,
Franco
PS: 26.1.10 is live
Quote from: Nullman on Today at 03:06:47 PMWhos going to explain to absolute beginners that quitting and saving your changes requires pressing Esc key and then : and typing wq. Im trying to make these instructions as simple as possible for everyone. But the easiest way is what Cedric recommended.
As I was saying
ee is available as a reasonably easy alternative to vi. Introduced in August 1995, so available since FreeBSD 2.1 release.
Help I started ee and I cannot close it anymore, I want vim back.
Quote from: sopex on Today at 03:07:24 PMI also install nano, much better experience :) Editor wars 2.0
I am pretty sure I used this : https://docs.freebsd.org/en/books/handbook/basics/#editors
A long time ago in FreeBSD 4/5/6 to edit all files and it was super easy to use just like Patrick said :
Quote from: Patrick M. Hausen on Today at 03:00:33 PMAlso you do not need to install nano to edit a file.
Both vi and ee (the "easy editor") are available out of the box.
I think most of the time I just typed "edit file.conf" and that was it! :)