OpenBSD Journal

OpenBSD Journal

New console font Spleen made default

Contributed by Paul 'WEiRD' de Weerd on from the bloody fonts dept.

Frederic Cambus (fcambus@) has just changed the default console font to Spleen, a font of his own creation:

CVSROOT:        /cvs
Module name:    src
Changes by:     fcambus@cvs.openbsd.org 2019/01/09 04:23:32

Modified files:
        sys/dev/rasops : rasops.c 
        sys/dev/wsfont : wsfont.c 

Log message:
Enable Spleen in wsfont and modify the font selection logic at runtime
in rasops(9) to allow selecting larger fonts when available.

Read more…

Ingo Schwarze -mandoc Better documentation – on the web and for LibreSSL video is now published

Contributed by Tom Smyth on from the buns-and-caffeine dept.

Tom Smyth has another article (and video) for us:

Ingo Schwarze (schwarze@) delivered a great talk on documentation in EuroBSDCon 2018. Ingo's slides have been on-line since September at OpenBSD events.html under the EuroBSD Con 2018. Anyone who follows the mailing lists would see Ingo's consistent attention to detail. In this talk Ingo interestingly points out that application of consistent attention to detail in documentation, also improves the quality of the software that is being documented. Ingo shows that if a program is difficult to document, then it is likely due to serious flaws in the program's design.

Read more…

OpenBSD 6.2 song: A 3 line diff

Contributed by rueda on from the a-work-of-art dept.

With the following commit, Theo de Raadt (deraadt@) released the song for OpenBSD 6.2!

CVSROOT:	/cvs
Module name:	www
Changes by:	deraadt@cvs.openbsd.org	2018/12/18 20:51:58

Modified files:
	.              : 62.html lyrics.html 
Added files:
	images         : 62_right.gif 

Log message:
Release the 6.2 song!  This comes 13 months late 'cause things came up.

That's a fine solstice present for puffy followers everywhere!

DNSSEC enabled in default unbound(8) configuration

Contributed by rueda on from the +dnssec dept.

With this commit, Florian Obser (florian@) enabled DNSSEC validation in the default unbound.conf(5) in -current:

CVSROOT:	/cvs
Module name:	src
Changes by:	florian@cvs.openbsd.org	2018/12/07 02:21:08

Modified files:
	etc            : unbound.conf 

Log message:
Enable DNSSEC validation.
Requested by & OK claudio
Input & OK sthen
OK job, solene
Various commenting that they run with validation since a long time
without issues.

There's also a related entry in the "Following -current and using snapshots" FAQ.

Update: The change has been reverted:

CVSROOT:	/cvs
Module name:	src
Changes by:	florian@cvs.openbsd.org	2018/12/11 12:16:36

Modified files:
	etc            : unbound.conf 

Log message:
the world is not ready for dnssec enabled by default

Donate!

Donate to OpenBSD

Features

We are constantly on the lookout for stories of how you put OpenBSD to work. Please submit any informative articles on how OpenBSD is helping your company.

OpenBSD Errata

OpenBSD 6.4

0102018-12-22 SECURITY The setsockopt(2) system call could overflow mbuf cluster kernel memory by 4 bytes.
0092018-12-20 RELIABILITY While recv(2) with the MSG_WAITALL flag was receiving control messages from a socket, the kernel could panic.
0082018-11-29 RELIABILITY Writing more than 4GB to a qcow2 volume corrupts the virtual disk.
0072018-11-29 RELIABILITY The mail.mda and mail.lmtp delivery agents were not reporting temporary failures correctly, causing smtpd to bounce messages in some cases where it should have retried them.
0062018-11-29 RELIABILITY UNIX domain sockets leak kernel memory with MSG_PEEK on SCM_RIGHTS, or can attempt excessive memory allocations leading to a crash.
0052018-11-29 SECURITY Various overflows exist in perl.

Unofficial RSS feed of OpenBSD errata

XML/RSS/RDF

Users wishing RSS/RDF summary files of OpenBSD Journal can retrieve: RSS feed

Options are available.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]