Hírolvasó

A long discussion on tech@ (initiated by a suggestion/patch from Jesper Wallin) has culminated in Damien Miller (djm@) committing changes which increase security by taking advantage of the use of unveil(2) elsewhere in the OpenBSD ecosystem:

CVSROOT: /cvs Module name: src Changes by: djm@cvs.openbsd.org 2025/05/04 20:48:07 Modified files: usr.bin/ssh/sshd-session: Makefile usr.bin/ssh/sshd-auth: Makefile usr.bin/ssh/ssh-agent: Makefile usr.bin/ssh : ssh-agent.c ssh-agent.1 session.c pathnames.h misc.h misc.c hostfile.c Log message: Move agent listener sockets from /tmp to under ~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8). This ensures processes (such as Firefox) that have restricted filesystem access that includes /tmp (via unveil(3)) do not have the ability to use keys in an agent.

Read more…

Klemens Nanni (kn@) has committed the his proposed change [See previous article] such that the OpenBSD installer now prefers disks over 1GB when prompting for the root disk. The commit message explains the change:

CVSROOT: /cvs Module name: src Changes by: kn@cvs.openbsd.org 2025/05/04 06:32:41 Modified files: distrib/miniroot: install.sub Log message: Prefer disks bigger than 1G as default root disk on install -current picks the alphanumerically first disk as default, which isn't the beset choice if install media, softraid(4) key disks or small external media attaches before the disk one intends to use.

Read more…

The disclosure of the Spectre class of hardware vulnerabilities created a lot of pain for kernel developers (and many others). That pain was especially acutely felt in the BPF community. While an attacker might have to painfully search the kernel code base for exploitable code, an attacker using BPF can simply write and load their own speculation gadgets, which is a much more efficient way of operating. The BPF community reacted by, among other things, disallowing the loading of programs that may include speculation gadgets. Luis Gerhorst would like to change that situation with this patch series that takes a more direct approach to the problem.

Vöröslencse dahl trey 2025. 05. 05., h – 16:59

Csökkentett mód ON trey 2025. 05. 05., h – 15:44

The 6.12.27 and 6.1.137 stable kernels have been released to fix build problems in their predecessors. Only those who are having build troubles with 6.12.26 or 6.1.136 need to upgrade.

Security updates have been issued by Debian (ansible, containerd, and vips), Fedora (chromium, java-17-openjdk, nodejs-bash-language-server, nodejs-pnpm, ntpd-rs, redis, rust-hickory-proto, thunderbird, and valkey), Mageia (apache-mod_auth_openidc, fcgi, graphicsmagick, kernel-linus, pam, poppler, and tomcat), Red Hat (firefox, libsoup, nodejs:20, redis:6, rsync, webkit2gtk3, xmlrpc-c, and yelp), and SUSE (audiofile, ffmpeg, firefox, libsoup-2_4-1, libsoup-3_0-0, libva, libxml2, and thunderbird).

Természetesen szülői felügyelettel.

Változik a jutalékrendszer az Epic Games Store-ban.

Trump ha kell, újabb haladékot ad a TikToknak, mivel a platform a "szíve csücske".

Mit néztem most - The Search for Instagram’s Worst Con Artist trey 2025. 05. 05., h – 12:57

Minden út a Teamshez vezet.

A cég negyedéves eredményei nem túl fényesek, de a cupertinói cégnek már van egy nagy ötlete.

Az újabb amerikai exportkorlátozásokra válaszul újabb, Kínának szánt chipek érkezhetnek.

Linus has released 6.15-rc5 for testing. "So it all feels like things are just continuing to go well this release. Let's hope I didn't jinx it by saying so."

"Füstmérgezésben halt meg egy nő Újbudán, töltés közben gyulladt ki az elektromos autó a mélygarázsban" trey 2025. 05. 04., v – 13:43

Békesi: Magyar Péter támogatók, ébredjetek fel, amíg nem késő! trey 2025. 05. 04., v – 10:42

"Ezek most a legmegbízhatóbb használt autók a piacon ..." trey 2025. 05. 04., v – 09:59

Mit néztem most - Az eternauta trey 2025. 05. 04., v – 09:48

Két hete még röhögve mondtam, hogy "majd meglátjátok, néger pápa lesz!" ... trey 2025. 05. 03., szo – 09:02