OpenBSD Journal
Home : : Add Story : : Archives : : About : : Create Account : : Login :
BSDNow Episode 068: Just the Essentials
Contributed by tbert on Fri Dec 19 14:24:02 2014 (GMT)
from the double-mwlucas dept.

It's Michael W. Lucas week at Undeadly, as this week's episode of BSDNow features a lengthy interview with the man.

Additionally, they have more conference videos, a comparison of FreeBSD and OpenBSD security features, the OpenSMTPD folks (hi gilles@!) write about the work they've been doing, a review of httpd(8), and all the week's odds and ends in the world of BSD.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

[topicbsdnow]
[ 1 comment 21:13 ago ] (flat) (expanded)

Michael W. Lucas' Sudo Talk Online
Contributed by tbert on Thu Dec 18 19:09:52 2014 (GMT)
from the make-me-a-sandwich dept.

Michael W. Lucas, author of Absolute OpenBSD, SSH Mastery, and Sudo Mastery (among others!) has given a talk, titled "Sudo: You're Doing it Wrong", now online:

It runs just over an hour, so make sure you bring a snack!

[topicsysadmin]
[ 0 comments ] (flat) (expanded)

Dec 10th Errata
Contributed by pitrh on Thu Dec 11 19:45:05 2014 (GMT)
from the get your fix of fixed fix-fixes dept.

Ted Unangst (tedu@) has announced the availability of patches for three separate issues.

The first errata addresses the recent DNS server issue

Three new errata to announce.

Malicious DNS servers could cause a denial of service with an endless series of delegations. This affects named (BIND) and unbound. There is a patch for unbound in 5.6. (unbound wasn't built in 5.5.) We don't have patches for BIND at this time.

Missing memory barriers (and other bugs) made virtio devices unreliable. Patches available for 5.5 and 5.6.

Lots and lots of security bugs in the X server have finally been fixed. http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ Patches are available for 5.5 and 5.6.

For 5.6: http://www.openbsd.org/errata56.html
http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/012_unbound.patch.sig
http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/013_virtio.patch.sig
http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/014_xserver.patch.sig

For 5.5: http://www.openbsd.org/errata55.html
http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/018_virtio.patch.sig
http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/019_xserver.patch.sig

[topicsecurity]
[ 1 comment 8d3:04 ago ] (flat) (expanded)

Libressl 2.1.2 released.
Contributed by tbert on Tue Dec 9 08:48:51 2014 (GMT)
from the securing-the-gost-of-camelia dept.

Brent Cook writes to tech@openbsd.org:

We have released LibreSSL 2.1.2, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon.

Read more...
[topiccrypto]
[ 7 comments 10d13:45 ago ] (flat) (expanded)

memcpy vs memmove
Contributed by jj on Fri Dec 5 09:00:38 2014 (GMT)
from the memwrite-me-an-article dept.

Ted Unangst (tedu@) took the time to write up a short history of the trials and tribulations that have accompanied the recent attention being paid to the memcpy(3) and memmove(3) routines:

memcpy vs memmove

A few notes about memcpy vs memmove and some related items as well.

memcpy

The C standard specifies two functions for copying memory regions, memcpy and memmove. The important difference is that it is undefined behavior to call memcpy with overlapping regions. One must use memmove for that. As the names imply, memcpy copies data from one region to another, while memmove moves data within a region. (Itís also perfectly acceptable to memmove between different regions.)

This subtle but important distinction allows memcpy to be optimized more aggressively. In the case of memmove between overlapping regions, care must be taken not to destroy the contents of the source before they are done copying. This is easiest to see with a naive implementation of a copy loop.

Read the whole thing; it's an exciting journey into the world of bug-hunting!

[topicblog]
[ 0 comments ] (flat) (expanded)

BSDNow Episode 066: Conference Connoisseur
Contributed by tbert on Fri Dec 5 10:21:34 2014 (GMT)
from the con-air dept.

On this week's episode, It's nothing but BSDCons, with MeetBSD presentation videos, the upcoming ruBSD(Russian) and other BSDCons that are (or may be) upcoming in 2015, in addition to an interview with Paul Schenkeveld about running a BSDCon, and the usual roundup of the week's BSD-related news and rumors.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

[topicbsdnow]
[ 0 comments ] (flat) (expanded)

Two New Kernel Errata
Contributed by jj on Fri Dec 5 08:59:16 2014 (GMT)
from the p-p-p-patch-my-kernel-over-ethernet dept.

In an email to tech@, Ted Unangst (tedu@) lets us know about two new kernel bugs for which patches exist:

Patches are now available for 5.5 and 5.6 which fix two kernel errata.

5.5 errata 16 and 5.6 errata 10: Several bugs were fixed that allowed a crash from remote when an active pipex session exists.

5.5 errata 17 and 5.6 errata 11: An incorrect memcpy call would result in corrupted MAC addresses when using PPPOE.

Users who don't use don't use PPPOE or PIPEX are not affected, but can still apply the patches.

Links:

http://www.openbsd.org/errata55.html http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/016_pipex.patch.sig http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/017_pppoe.patch.sig

and

http://www.openbsd.org/errata56.html http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/010_pipex.patch.sig http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/011_pppoe.patch.sig

[topicsecurity]
[ 2 comments 11d6:24 ago ] (flat) (expanded)

BSDCan 2015 Call for Papers
Contributed by tbert on Thu Dec 4 07:47:59 2014 (GMT)
from the mountie-up-and-ride dept.

BSDCan has announced their call for papers:

BSDCan is an enormously successful grass-roots style conference. It brings together a great mix of *BSD developers and users for a nice blend of both developer-centric and user-centric presentations, food, and activities.

Please follow the instructions for submitting a proposal to BSDCan 2015.

BSDCan 2015 will be held 12-13 June 2015 (Fri/Sat), in Ottawa. We are now requesting proposals for talks. We do not require academic or formal papers. If you wish to submit a formal paper, you are welcome to, but it is not required.

The talks should be written with a very strong technical content bias. Proposals of a business development or marketing nature are not appropriate for this venue.

If you have anything you think is worthwhile to share, write it up and send it in!

[topicconf]
[ 0 comments ] (flat) (expanded)

Call for Testing: openssl(1)
Contributed by tbert on Wed Dec 3 16:04:01 2014 (GMT)
from the are-you-being-served dept.

Theo de Raadt has just committed a conversion of the openssl(1) client and server implementations from select(2) to poll(2):

CVSROOT:	/cvs
Module name:	src
Changes by:	deraadt@cvs.openbsd.org	2014/12/02 12:44:49

Modified files:
	usr.bin/openssl: s_client.c s_server.c 

Log message:
convert select() to poll().  This is one of the most complicated
conversions in the tree, because the original code is very rotten and
fragile.  Please test and report any failures.
Assistance from millert, bcook, and jsing.

Users of this functionality are encouraged to put these changes through the wringer to shake out any bugs that may have been introduced or uncovered.

[topiccrypto]
[ 0 comments ] (flat) (expanded)

Support OpenBSD!

Donate to OpenBSD

Buy OpenBSD products

Features

We are constantly on the lookout for stories of how you put OpenBSD to work. Please submit any informative articles on how OpenBSD is helping your company.

Older Stuff
Monday, December 01
08:22 LibreSSL Windows Port Status Update (2)
Friday, November 21
11:38 BSDNow Episode 064: Rump Kernels Revisited (1)
Thursday, November 20
09:53 Call for Testing: 64-bit PCI Bridge Support (1)
Tuesday, November 18
16:54 Perl Updated to 5.20.1 (5)
Friday, November 14
08:43 BSDNow Episode 063: A Man's man(1) (0)
Monday, November 10
16:03 USB 3.0 Enabled in -current (4)
Friday, November 07
14:50 Improving bcd(6) (19)
Saturday, November 01
18:11 OpenBSD 5.6 Released (2)
16:33 libressl Renamed to libtls (4)

Older Stuff...
Yesterday's Edition...

OpenBSD Errata
[xml]

OpenBSD Resources

XML/RSS/RDF
Users wishing RSS/RDF summary files of OpenBSD Journal, can retrieve: [xml]


[ Home | Add Story | Archives | Polls | About ]

Copyright © 2004-2009 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. Some icons from slashdot.org used with permission from Kathleen. This journal runs as CGI with thttpd (plus patches) on OpenBSD, the source code is BSD licensed. Search engine is ht://Dig. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]