*BSD

FreeBSD 11.3-RELEASE Available

FreeBSD Project News - 12 perc 42 másodperc
Kategóriák: *BSD

FreeBSD 11.3-RC3 Available

FreeBSD Project News - 12 perc 42 másodperc
Kategóriák: *BSD

New committer: Chuck Silvers (src)

FreeBSD Project News - 12 perc 42 másodperc
Kategóriák: *BSD

FreeBSD 11.3-RC2 Available

FreeBSD Project News - 12 perc 42 másodperc
Kategóriák: *BSD

FreeBSD 11.3-RC1 Available

FreeBSD Project News - 12 perc 42 másodperc
Kategóriák: *BSD

FreeBSD 11.3-BETA3 Available

FreeBSD Project News - 12 perc 42 másodperc
Kategóriák: *BSD

January-March 2019 Status Report

FreeBSD Project News - 12 perc 42 másodperc
Kategóriák: *BSD

New committer: Brandon Bergren (src)

FreeBSD Project News - 12 perc 42 másodperc
Kategóriák: *BSD

FreeBSD 11.3-BETA2 Available

FreeBSD Project News - 12 perc 42 másodperc
Kategóriák: *BSD

New committer: D Scott Phillips (src)

FreeBSD Project News - szo, 2019-07-13 20:20
Kategóriák: *BSD

OpenBSD::Unveil(3p) added to -current

OpenBSD Journal - p, 2019-07-12 12:13

Andrew Fresh (afresh1@) has committed OpenBSD::Unveil(3p), a Perl interface to unveil(2):

CVSROOT: /cvs Module name: src Changes by: afresh1@cvs.openbsd.org 2019/07/09 14:41:54 Added files: gnu/usr.bin/perl/cpan/OpenBSD-Unveil: Unveil.xs gnu/usr.bin/perl/cpan/OpenBSD-Unveil/lib/OpenBSD: Unveil.pm gnu/usr.bin/perl/cpan/OpenBSD-Unveil/t: OpenBSD-Unveil.t Log message: Add OpenBSD::Unveil, a perl interface to unveil(2) OK brynet@, bluhm@

This parallels OpenBSD::Pledge(3p) / pledge(2).

Kategóriák: *BSD

aggr(4) driver added to -current

OpenBSD Journal - sze, 2019-07-10 09:14

David Gwynne (dlg@) has committed to -current a dedicated Link Aggregation (EEE 802.1AX) driver, aggr(4). The main commit message explains the raison d'être:

CVSROOT: /cvs Module name: src Changes by: dlg@cvs.openbsd.org 2019/07/04 19:35:58 Added files: sys/net : if_aggr.c Log message: add aggr(4), a dedicated driver that implements 802.1AX link aggregation 802.1AX (formerly known as 802.3ad) describes the Link Aggregation Control Protocol (LACP) and how to use it in a bunch of different state machines to control when to bundle interfaces into an aggregation. technically the trunk(4) driver already implements support for 802.1AX, but it had a couple of problems i struggled to deal with as part of that driver. firstly, i couldnt easily make the output path in trunk mpsafe without getting bogged down, and the state machine handling had a few hard to diagnose edge cases that i couldnt figure out. the new driver has an mpsafe output path, and implements ifq bypass like vlan(4) does. this means output with aggr(4) is up to twice as fast as trunk(4). the implementation of the state machines as per the standard means the driver behaves more correctly in edge cases like when a physical link looks like it is up, but is logically unidirectional. the code has been good enough for me to use in production, but it does need more work. that can happen in tree now instead of carrying a large diff around. some testing by ccardenas@, hrvoje popovski, and jmatthew@ ok deraadt@ ccardenas@ jmatthew@
Kategóriák: *BSD

FreeBSD 11.3-BETA1 Available

FreeBSD Project News - k, 2019-07-09 19:00
Kategóriák: *BSD

OpenBSD Community goes Platinum for 2019!

OpenBSD Journal - v, 2019-07-07 08:52

Ken Westerback wrote in with some good news:

The OpenBSD Foundation is happy to announce that individual contributions from the OpenBSD community have again exceeded CDN$50,000, making the community the 1st Platinum level donor for 2019!

These smaller regular contributions are the backbone of longer term spending planning. The Foundation would like to thank all the individuals who made and continue to make regular monthly contributions.

Thanks Ken!

Kategóriák: *BSD

New committer: Doug Moore (src)

FreeBSD Project News - cs, 2019-06-27 22:00
Kategóriák: *BSD

CFT FreeBSD pkg base now available

FreeBSD Project News - p, 2019-06-21 22:00
Kategóriák: *BSD

doas environmental security

OpenBSD Journal - p, 2019-06-21 12:40

Ted Unangst (tedu@) posted to the tech@ mailing list regarding recent changes to environment handling in doas (in -current):

[...] After some reflection, I've been convinced that it's unlikely everybody reads the manuals, or that the manuals are even correct or complete. So the new doas behavior moving forward is to reset most everything to the target user's environment. Your action items, as we like to say in the biz, are: 1. Check existing configs for "restricted root" rules and verify that they are run with the correct environment. 2. When updating, check for rules that intentionally use inherited environment variables. They may need to be explicitly passing using setenv in doas.conf.

Readers are encouraged to read the entire message.

Kategóriák: *BSD

SSH gets protection against side channel attacks

OpenBSD Journal - p, 2019-06-21 10:14

Damien Miller (djm@) has just committed a new feature for SSH that should help protect against all the various memory side channel attacks that have surfaced recently.

Add protection for private keys at rest in RAM against speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and Rambleed. This change encrypts private keys when they are not in use with a symmetic key that is derived from a relatively large "prekey" consisting of random data (currently 16KB).

Read more…

Kategóriák: *BSD