MidnightBSD 4.0.2 security updates, FreeBSD 14.4-BETA2 release, and GhostBSD shifts to XLibre over Xorg concerns and more.
Releases
MidnightBSD 4.0.2 released: MidnightBSD 4.0.2 introduces several security updates, including expat 2.7.3, sqlite3 3.46.0, xz 5.8.2, and the timezone database tzdata2025c, alongside an updated mport package manager (version 2.7.5). The release also adjusts permissions for a devfs entry to ensure compatibility with GNOME System Monitor by default. Additionally, the boot loader now supports displaying an image during system startup.
FreeBSD 14.4-BETA2 Available: The second BETA build for the FreeBSD 14.4 release cycle is now available. ISO images for the amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv7, aarch64, and riscv64 architectures are FreeBSD mirror sites.
BSDSec
FreeBSD Security Advisory FreeBSD-SA-26:03.blocklistd: FreeBSD Security Advisory FreeBSD-SA-26:03.blocklistd details a socket descriptor leak in the blocklistd service, which tracks and blocks IP addresses after repeated adverse events. The flaw allows leaked sockets to accumulate, eventually preventing blocklistd from executing helper scripts to block or unblock IPs, and later stopping it from processing new events entirely. Attackers could exploit this by triggering numerous adverse events to disable blocklistd before launching further attacks, while normal system operations may also gradually exhaust file descriptors. The issue affects FreeBSD 15.0 and is corrected in updates dated February 10, 2026, with patches and workarounds available via package upgrades, binary updates, or source patches. The vulnerability is tracked as CVE-2026-2261.
FreeBSD Errata Notice FreeBSD-EN-26:04.arm64: FreeBSD Errata Notice FreeBSD-EN-26:04.arm64 addresses a kernel panic occurring on arm64 systems when dumping process core files with Scalable Vector Extension (SVE) enabled. The issue arises due to a redundant check for SVE support during coredump note generation, causing instability when the second verification fails. Systems without SVE or non-arm64 architectures remain unaffected, and no manual workarounds exist. The fix involves upgrading to patched versions (15.0-RELEASE-p3 or later) via package updates, binary distributions, or source patches, with corrections applied to stable/15 and releng/15.0 branches as of February 2026. Detailed steps for each update method and commit references are provided in the advisory.
As always, it’s worth following BSDSec. RSS feed available.
News
GhostBSD shifts to XLibre over Xorg and Wayland concerns: GhostBSD is transitioning from Xorg to XLibre due to stagnation in Xorg development and the project’s reluctance to adopt Wayland, which lacks compatibility with GhostBSD’s MATE desktop and other key components. The move follows concerns over Xorg’s reversal of security-related changes and the growing dependence of Linux desktop environments like MATE on systemd, which FreeBSD-based systems do not support. Additionally, the future of GhostBSD remains uncertain as the project evaluates replacing MATE with Gershwin, a GNUstep-based desktop environment, though challenges include limited developer resources and the objective of balancing technical feasibility with long-term sustainability. The shift also reflects broader concerns about GTK’s evolving support for X11, with GTK 5 dropping X11 compatibility entirely, further complicating GhostBSD’s desktop strategy.
Valuable News – 2026/02/16: The Valuable News series curates notable updates, articles, and tools primarily related to UNIX, BSD, and Linux ecosystems. This edition highlights FreeBSD developments, including Git weekly summaries, jail memory metrics, and AMD CPPC driver support for Zen 2+ CPUs, alongside projects like OpenClaw and NomadBSD. It also features OpenBSD Ansible automation, GhostBSD ISO updates, and ZFS experiments on RHEL.
BSD Now 650: AT&T’s $2000 shell, ZFS Scrubs and Data Integrity, FFS Backups, FreeBSD Home Nas, and more.
Tutorials
(Video) stress command on FreeBSD: The ‘stress’ command is a robust command-line tool available on FreeBSD-based operating systems. It’s designed to assess the performance and reliability of hardware and software by simulating a high-load environment.
Optimizing ZFS pool and VDEV topology for Proxmox workloads: ZFS pool and VDEV topology design directly impacts Proxmox performance, reliability, and operational efficiency by aligning storage architecture with virtual machine workloads. Mirror VDEVs are preferred for high-IOPS, latency-sensitive environments like databases or VMs, as they scale read/write operations across disks and simplify resilvering. RAID-Z configurations suit capacity-focused or sequential workloads, such as bulk storage or backups, offering better storage efficiency at the cost of lower random I/O performance. Specialized VDEVs, like SLOG for synchronous writes or L2ARC for caching, can further optimize performance but introduce additional failure risks if not properly managed. The choice between mirrors and RAID-Z, along with tuning parameters like recordsize, ARC/L2ARC, and SLOG integration, must align with workload profiles—mirrors for performance-critical VMs and RAID-Z for capacity-heavy tasks. Proxmox’s native ZFS integration enables seamless snapshot, clone, and replication management, making topology decisions foundational to achieving predictable behavior under load and failure conditions.
Did we miss anything?
This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.
Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).
Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.
Thanks for reading and see you next week! Stay safe!