This month was focused on ${LIFE} for me. One of our two dogs, Darth Vader, had a planned surgery that ended up being more intensive than originally anticipated. Just today (03 Sep 2024), he got a good bill of health from the veterinarian. He still can't use our doggy door to the backyard, but is a healthy good boy otherwise. :-) We launched our first Signal group for the HardenedBSD community. FreeBSD implemented a mechnism to prohibit local connections to wildcard addresses (like 0.0.0.0 or ::0). With commit 8624aac8cefa38382a1ae3f40b604581bc4cf69f, we now enable the prohibition by default. Commit d2d91bf7ba3eaf7bda029f3004553c6b45b90fe4 causes certain syscalls to have in-kernel dynamic data structures zeroed by default. FreeBSD recently made changes to the in-kernel heap implementation (see malloc(9)). Those changes are incompatible with our hardening.kmalloc_zero feature. I have not had ample time to address this incompatibility, but hope to soon. As such, users who run 15-CURRENT and have set hardening.kmalloc_zero=1 should temporarily disable the feature prior to upgrading to the 01 Sep 2024 build. In ports: net-p2p/heartwood and related ports have been updated to 1.0.0-rc16. A fix for _FORTIFY_SOURCE support has been pulled in for devel/libudev-devd. 0x1eef updated hardenedbsd/sourcezap to v1.0.0. 0x1eef updated hardenedbsd/portzap to v1.0.0. A new (currently untested) build of hbsdfw has been published and can be found here. As usual, your upgrade steps are: Backup your config Reinstall using the new image Restore your config Default username: root Default password: hbsdfw $ sha256 hbsdfw_installer_vga_14.1-20240831-231050.iso.xz SHA256 (hbsdfw_installer_vga_14.1-20240831-231050.iso.xz) = 124a1be571bc0b316fd9a070be8ed4c6950c7a40531240e6ade15e7c21598483 $ wc -c hbsdfw_installer_vga_14.1-20240831-231050.iso.xz 1564133444 hbsdfw_installer_vga_14.1-20240831-231050.iso.xz To conclude this status report, I would like to thank the community for the continued support of HardenedBSD. All contributions, no matter the form in which they take, are immensely appreciated. Patches, advocacy, funding, or otherwise--it's all important and helpful.\...