 |
New Ports of the Week #34 (August 24)
|
Contributed by jason on Wed Aug 27 19:27:37 2008 (GMT)
from the hit-snooze-one-too-many-times dept.
There are 19 new ports for the week of August 18 to August 24:
Some ports had updates that users should be aware of. Two ports were removed.
Read more...
|
![[topicports]](images/topicports.gif)
|
[ 5 comments 8:09 ago ] (flat) (expanded)
|
|
[c2k8]: Hackathon Summary Part 9
|
Contributed by mtu on Wed Aug 27 11:43:25 2008 (GMT)
from the olympic-mania-is-over-now-back-to-c2k8 dept.
|
c2k8 General Hackathon (Part 9) - June 7-15, 2008, Edmonton, Alberta, Canada
Thanks to Henning Brauer (henning@) and others, we have reliable and a good enough for jazz means of keeping time in OpenBSD. When you are querying 8 public stratum 2 servers from a random pool from pool.ntp.org, you might have one lie to you but not all eight. It is another example of OpenBSD's systems approach to doing things. Eliminate any single point of failure whenever possible. Yet, there are two individuals who took time keeping to the next level of go anywhere and get time and position.
|
|
Read on to learn more about OpenBSD's approach to time and position:
Read more...
|
![[topicconf]](images/topicconf.jpg)
|
[ 1 comment 12:50 ago ] (flat) (expanded)
|
|
A First Ever Look Inside The Defcon Network Operations Center
|
Contributed by sean on Thu Aug 21 17:26:34 2008 (GMT)
from the securing-hostile-networks-for-fun-and-profit dept.
Daniel Melameth writes in with:
Surprised I didn’t see this here already, but I thought readers might be interested in knowing OpenBSD and pf were part of the foundation for the network at DEFCON. While this in and of itself is not surprising, of interest though is the use of a quad-core Xeon to power the OpenBSD box—as those of us who religiously read henning@’s misc@ posts know pf is actually being somewhat hindered by the beastly SMP CPU…
The write-up by Dave Bullock is at Threat Level blog @ Wired.
Cheers.
DEFCON has been using OpenBSD for a long time.
|
![[topicopenbsd]](images/topicopenbsd.gif)
|
[ 25 comments 1d12:10 ago ] (flat) (expanded)
|
|
Call for testers - important disklabel(8) diff
|
Contributed by johan on Mon Aug 11 17:44:50 2008 (GMT)
from the monkey-see-monkey-do dept.
Reyk Floeter (reyk@) wrote a mail to the tech mailing list about an important disklabel(8) diff that needs widespread testing.
Please read on for Reyks mail...
Read more...
|
|
[ 10 comments 12d20:43 ago ] (flat) (expanded)
|
|
Developer blog - reyk@: more about EeePC
|
Contributed by johan on Sat Aug 9 00:11:04 2008 (GMT)
from the donations-really-do-help dept.
In a recent story we highlighted that Reyk Floeter (reyk@) had asked
for an Asus EeePC in order to improve support for newer ath(4) chips.
Reyk since received two EeePC donations and has been hard at work improving ath(4). While doing so he encountered some issues with these computers, here is his follow up story...
When I fixed support for a number of newer ath(4) variants, I asked
for an EeePC donation to work on the currently unsupported wireless chipset
that is integrated in most of these mini-laptops. Just about one week
later I got two
donations
- an EeePC 701 and an EeePC 900. And I had more donation offers from
other users, I really appreciate your support!
It will need some time to fix the wireless support, but it also helps
to work on various other issues that we see on these machines:
interrupt routing (with help from kettenis@), camera support (with
help from mglocker@), ACPI (with help from marco@) and I also want to
improve the lii(4) driver (to be fair, lii was written by
the author without documentation since it is a chipset that is now
owned by Atheros).
Please read on for the rest of the story...
Read more...
|
![[topicblog]](images/topicblog.gif)
|
[ 32 comments 2d19:49 ago ] (flat) (expanded)
|
|
Developer Blog - jdixon@: Chrooting Perl CGI Apps with mod_perl
|
Contributed by jason on Tue Aug 5 19:42:50 2008 (GMT)
from the swarm-of-unreadable-code-has-been-unleashed dept.
A recent thread on the misc@ mailing list reminded me of the obstacles faced when installing Perl CGI applications in the default OpenBSD httpd(8) chroot. Here is a brief guide at how I approached the problem by using mod_perl to import the necessary modules at execution.
Read more...
|
|
[ 9 comments 16d14:02 ago ] (flat) (expanded)
|
|
New Ports of the Week #31 (August 4)
|
Contributed by jason on Mon Aug 4 23:17:04 2008 (GMT)
from the maaking-mysql-less-sucky dept.
Due to the ports tree freeze, there is only 1 new port for the week of July 28 to August 4:
Some ports had
updates
that users should be aware of.
Read more...
|
|
[ 10 comments 20d6:38 ago ] (flat) (expanded)
|
|
[c2k8]: Hackathon Summary Part 8
|
Contributed by mtu on Mon Aug 4 09:57:39 2008 (GMT)
from the no-IETF-dependencies-here dept.
|
c2k8 General Hackathon (Part 8) - June 7-15, 2008, Edmonton, Alberta, Canada
I often find it ironic and a little sad that one of the most important security applications on the Internet is so poorly funded. For anyone that manages machines remotely and is concerned about security, it is perhaps the most important application to rely on for security and stability. I'm sure you know which application I am referring to, but do you know that it is the de facto world standard in its class on the Internet?
|
|
Read on to find out why and more:
Read more...
|
|
[ 22 comments 10d3:25 ago ] (flat) (expanded)
|
|
Heads up! ath(4) diff needs testing
|
Contributed by johan on Wed Jul 30 08:27:35 2008 (GMT)
from the documentation dept.
Reyk Floeter (reyk@) wrote to tech@ about a diff to the ath(4) driver that he urgently needs tested.
It is important that Reyk gets feedback about this diff as soon as possible, so please test this patch if you have one of the following chips AR5414, AR5424, AR2414 or the AR2524 and want support for these in OpenBSD 4.4.
Update (Wed Jul 30 2008, 09:40:00 CEST):
Reyk posted an update on the status of these changes saying the second rev of this diff was committed however it still needs testing on older ath(4) infrastructure to make sure it doesn't break current functionality.
Additionally Reyk committed to want.html asking for an Asus EeePC so that he can fix the onboard ath(4) on that line of sub notebooks. If you can help donate funds for that or perhaps donate the entire notebook, please contact Reyk.
Please read on for Reyk's notes:
Read more...
|
![[topicaskobsdj]](images/topicaskobsdj.jpg)
|
[ 21 comments 24d20:28 ago ] (flat) (expanded)
|
|
|
|
|
|
|
|
Features
|
|
We are constantly on the lookout for stories of how you put OpenBSD to work.
Please submit any informative articles on how OpenBSD is helping your company.
|
|
|
OpenBSD Errata
|
| 2008-07-29 | 005 RELIABILITY Some kinds of IPv6 usage would leak kernel memory (in particular, this path was exercised by the named(8) patch for port randomization). Since INET6 is enabled by default, this condition affects all systems.
|
| 2008-07-23 | 004 SECURITY 2nd revision, July 23, 2008
A vulnerability has been found with BIND. An attacker could use this vulnerability to poison the cache of a recursive resolving name server. CVE-2008-1447.
|
| 2008-07-15 | 003 SECURITY Multiple vulnerabilities have been discovered in X.Org.
RENDER Extension heap buffer overflow, RENDER Extension crash, RENDER Extension memory corruption, MIT-SHM arbitrary memory read, RECORD and Security extensions memory corruption. CVE-2008-2360, CVE-2008-2361, CVE-2008-2362, CVE-2008-1379, CVE-2008-1377.
|
| 2008-04-03 | 002 SECURITY possible hijacking of X11-forwarded connections with sshd(8) by refusing to listen on a port unless all address families bind successfully.
A source code patch exists which remedies this problem.
|
![[xml]](images/xml.gif)
|
|
|
|
XML/RSS/RDF
|
|
Users wishing RSS/RDF summary files of OpenBSD Journal,
can retrieve:
|
|
|
|
|
