OpenBSD Journal

Tartalom átvétel OpenBSD Journal
The OpenBSD Community.
Frissült: 6 perc 15 másodperc

p2k16 Hackathon Report: landry@ on mozilla ports

k, 2016-05-03 20:49
The next report in our p2k16 series is from Landry Breuil, who writes:

For once we had a hackathon in France, so travel should be simple... turns out, at the last minute the past week i had engaged myself in a motorbike rally race, taking place in Corsica on the weekend right before the hackathon. Driving to south of france on Thursday, night boat to corsica, two days racing, then boat back to the mainland, then driving all night to come back to my place, change backpack, sleep 1h, and hop on the cheap bus from my place to Nantes. Arrived there at 21h, i was of course totally destroyed from the 30h trip and after meeting the others for a heavy meal, i crashed early to bed... Read more...

Kategóriák: *BSD

p2k16 Hackathon Report: naddy@ on graphics libs progress (yes, packages!)

k, 2016-05-03 18:07
Fresh from the p2k16 hackathon comes this report from Christian Weisgerber, who writes:

Coming to p2k16, I had only vague plans what to work on. The last few hackathons I had tackled some projects that didn't quite result into something committable, so this time I decided to keep it basic. The idea was to update some ports and maybe make a dent in the use of the obsolete libiconv and gettext modules. Read more...

Kategóriák: *BSD

OpenBSD Foundation Announces Gold Sponsor

k, 2016-05-03 17:35
OpenBSD Foundation director Ken Westerback (krw@) writes in with some great news:

The OpenBSD Foundation is happy to announce that DuckDuckGo has become the first Gold level contributor to the 2016 fundraising campaign.

This donation is part DuckDuckGo's annual initiative to help fund free and open source projects based on nominations from their community.

Not only is it great to hear that companies are giving back to the project, but also that OpenBSD was nominated by DDG users. A big thanks to them and their community!

Donations to the OpenBSD Foundation can be made on the donations page, and they can be contacted regarding corporate sponsorship at fundraising@openbsdfoundation.org.

Kategóriák: *BSD

libcrypto errata - May 2016

k, 2016-05-03 17:28
Ted Unangst just sent an announcement of LibreSSL patches

OpenSSL announced several issues today that also affect LibreSSL. - Memory corruption in the ASN.1 encoder (CVE-2016-2108) - Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) - EVP_EncodeUpdate overflow (CVE-2016-2105) - EVP_EncryptUpdate overflow (CVE-2016-2106) - ASN.1 BIO excessive memory allocation (CVE-2016-2109) Thanks to OpenSSL for providing information and patches. Refer to https://www.openssl.org/news/secadv/20160503.txt Patches for OpenBSD are available: http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/005_crypto.patch.sig http://ftp.openbsd.org/pub/OpenBSD/patches/5.8/common/013_crypto.patch.sig

Kategóriák: *BSD

p2k16 Hackathon Report: tb@ on documentation, ports, wireless

h, 2016-05-02 15:42
The second p2k16 report comes from first time hackathon attendee Theo Buehler, who writes:

Earlier this year gilles@ invited me to attend p2k16 in Nantes. This was going to be my first hackathon. Despite the fact that it is in the middle of the semester, I could arrange to take a week off and thus got the opportunity to finally meet a few members of the project. Read more...

Kategóriák: *BSD

p2k16 Hackathon Report: espie@ on proot

v, 2016-05-01 01:06
Our very first p2k16 hackathon report comes from none other than Marc Espie, who writes:

Lots of thanks to Gilles Chehade, Epitech Nantes, and Aymeric Fouchault for the organization. It was top-notch. The only complaint I might have is that the food was so good that I might have eaten too much. Read more...

Kategóriák: *BSD

proot: dpb meets chroot

szo, 2016-04-30 18:32
With the p2k16 hackathon just coming to a close, Marc Espie has revealed one of the new things he worked on.

I've been using dpb(1) chroot'd for a long time, using my own methods. This is a first try at making things "simple." Basically,

proot -B /build

should more or less do something sane, and then you can build ports in that chroot. Read more...

Kategóriák: *BSD

anti-ROP mechanism in libc

h, 2016-04-25 16:59
Theo (deraadt@) writes in to the tech@ mailing list, with a clever idea that we would like to try.

This change randomizes the order of symbols in libc.so at boot time.

This is done by saving all the independent .so sub-files into an ar archive, and then relinking them into a new libc.so in random order, at each boot. The cost is less than a second on the systems I am using.

For now, this is only done for libc, because it is generally the most gadget heavy library; spilled registers are more likely to point within the libc segment; and also the gadgets are close to system call stubs. As a result of the change, gadgets are no longer found at fixed offsets from spilled registers.

More details are available on tech@. Please check the thread for any replies or updates.

Kategóriák: *BSD

The p2k16 hackathon has begun

h, 2016-04-25 16:23
OpenBSD developers from around the world have just gathered in Nantes, France for the p2k16 hackathon. This event is technically a ports hackathon, but many non-porters have showed up too, which means you can expect a variety of different improvements.

As an early example, ajacoutot@ has just set sysmerge to run automatically during the upgrade process.

Head over to the hackathons page to see the artwork, and stay tuned to Undeadly for some post-hackathon reports.

Kategóriák: *BSD

Undeadly and HTTPS

h, 2016-04-11 22:11
We here at Undeadly are looking to move the site to HTTPS-only. It's been discussed for quite a while, but there's one roadblock that we're looking for some help to overcome. Read more...
Kategóriák: *BSD

CfP EuroBSDCon 2016

p, 2016-04-08 11:20
On behalf of the EuroBSDCon 2016 Program Committee, here is the Call for Papers for the EuroBSDCon 2016 conference which will take place in Belgrade, Serbia from 22nd through 25th of September 2016.

Closing date for the CfP is May, 8th.
Everyone is encouraged to submit your proposals! Even those that haven't presented before.
Kategóriák: *BSD

OpenBSD 5.9 released (early!)

k, 2016-03-29 18:29
The release of OpenBSD 5.9, previously scheduled for the usual May 1st, has just been officially announced!

We are pleased to announce the official release of OpenBSD 5.9. This is our 39th release on CD-ROM (and 40th via FTP/HTTP). We remain proud of OpenBSD's record of more than twenty years with only two remote holes in the default install.

The release page mentions most of the major improvements, and the detailed changelog has a much longer list. Here are some of the bigger things incorporated into 5.9 that we're excited about. Read more...

Kategóriák: *BSD

New routing table code (ART) enabled in -current

cs, 2016-03-24 11:36
With this commit, mpi@ enabled the new ART routing table implementation, which paves way for more MP network stack improvements down the line.

Read more...
Kategóriák: *BSD

IPv6 errata for 5.7/5.8, pledge errata for 5.9

sze, 2016-03-16 22:11
Errata patches were recently issued for an IPv6 bug that affects users of both OpenBSD 5.7 and 5.8, as well as a patch for pledge in the upcoming 5.9 release.

Quoting the patch:

Insufficient checks in IPv6 socket binding and UDP IPv6 option processing allow a local user to send UDP packets with a source (IPv6 address + port) already reserved by another user.

Users that don't use IPv6 are not affected by this issue. Users who are using IPv6 should apply the patch, rebuild their kernel and reboot.

Though not officially released, unrelated an errata patch was issued for 5.9 on the same day:

Incorrect path processing in pledge_namei() could result in unexpected program termination of pledged programs.

Just as a heads up, you'll want to apply this one after installing 5.9 when it hits. Seasoned users know it's always good to check the errata page after doing an install.

Head over to the 5.7 errata or 5.8 errata pages to make sure you're all up to date.

Kategóriák: *BSD

AsiaBSDCon OpenBSD papers

sze, 2016-03-16 17:31
This year's AsiaBSDCon has come to an end, with a number of OpenBSD-related talks being presented. Two developers were also invited to the smaller "bhyvecon" event to discuss vmm(4) and future plans.

  • Antoine Jacoutot (ajacoutot@) - OpenBSD rc.d(8) (slides | paper)
  • Henning Brauer (henning@) - Running an ISP on OpenBSD (slides)
  • Mike Belopuhov (mikeb@) - Implementation of Xen PVHVM drivers in OpenBSD (slides | paper)
  • Mike Belopuhov (mikeb@) - OpenBSD project status update (slides)
  • Mike Larkin (mlarkin@) - OpenBSD vmm Update (slides)
  • Reyk Floeter (reyk@) - OpenBSD vmd Update (slides)

    Videos will likely be uploaded later on. And finally, you can usually find most of the OpenBSD-related presentations at openbsd.org/papers. Future conferences can also be seen at openbsd.org/events.html.

  • Kategóriák: *BSD

    The VAX platform is no more

    sze, 2016-03-09 21:25
    After much internal discussion, OpenBSD has officially discontinued support for the VAX architecture. In a series of commits, Theo de Raadt puts the platform to rest. Read more...
    Kategóriák: *BSD

    xterm(1) now UTF-8 by default

    k, 2016-03-08 22:41
    For safety and usability, xterm(1) now uses UTF-8 mode by default.

    CVSROOT: /cvs Module name: xenocara Changes by: schwarze@cvs.openbsd.org 2016/03/08 10:26:30 Modified files: app/xterm : XTerm.ad Log message: Use UTF-8 mode by default because it is safer and more useful even for people always running with a C/POSIX locale(1). OK matthieu@ naddy@ martijn@

    Ingo Schwarze (schwarze@) writes in to explain this change and how it improves security. Read more...

    Kategóriák: *BSD

    5.9 songs released

    k, 2016-03-08 19:19
    The 5.9 festivities are starting earlier than usual this time around, with the songs being available before the OS! Accompanying the release media are the following tracks:

    "Doctor W^X" (mp3 | ogg)

    "Systemagic (Anniversary Edition)" (mp3 | ogg | lyrics)

    Seasoned OpenBSD users may notice that the second song is a reprisal of "Systemagic" from way back in the 3.1 release days.

    Enjoy the tunes! If you're an audio snob like a couple of us here at Undeadly, the uncompressed lossless versions can be found on the 5.9 CD set as always.

    Kategóriák: *BSD

    LibreSSL not affected by DROWN attack

    h, 2016-03-07 04:24
    As noted by Bernard Spil, the OpenSSL bugs disclosed on 2016-03-01 have very little impact on LibreSSL, especially on OpenBSD. However, we will briefly mention the two high-profile issues:

  • LibreSSL (on any platform) is not affected by DROWN. Support for SSLv2 was flensed out quite a while ago.
  • Cachebleed is local-only, and requires a lot effort to get. This is thought to be very difficult to exploit on OpenBSD due to many of the normal mitigations on an OpenBSD system. Other systems without such mitigations may not be so lucky.
  • Kategóriák: *BSD

    Pre-orders for 5.9 are up!

    p, 2016-03-04 18:12
    OpenBSD 5.9 is shaping up to be quite a big release, and pre-orders for the CD sets have just been activated. Read more...
    Kategóriák: *BSD