OpenBSD Journal

OpenBSD Journal

clang(1)/llvm updated to version 16

Contributed by rueda on from the clang goes the compiler dept.

In a long series of commits, Robert Nagy (robert@) updated clang(1)/llvm in -current to version 16:

CVSROOT:	/cvs
Module name:	src
Changes by:	robert@cvs.openbsd.org	2023/11/11 11:01:31

Log message:
    import of llvm from LLVM 16.0.6
    
    Status:
    
    Vendor Tag:	LLVM
    Release Tags:	LLVM_16_0_6
    
    U src/gnu/llvm/llvm/.clang-format
    U src/gnu/llvm/llvm/.clang-tidy
    U src/gnu/llvm/llvm/.gitattributes
[…]
    U src/gnu/llvm/llvm/utils/vscode/llvm/syntaxes/ll.tmLanguage.yaml
    U src/gnu/llvm/llvm/utils/yaml-bench/CMakeLists.txt
    U src/gnu/llvm/llvm/utils/yaml-bench/YAMLBench.cpp
    
    67 conflicts created by this import.
    Use the following command to help the merge:
    
    cvs checkout -jLLVM:yesterday -jLLVM src/gnu/llvm/llvm

Naturally, this has involved supporting work elsewhere in base, and in ports.

LibreSSL 3.8.2 Released

Contributed by grey on from the for users who weren't already on 7.4 dept.

A new stable release of LibreSSL is out, and should be arriving on a mirror near you shortly.

Brent Cook (bcook@)'s announcement reads:

We have released LibreSSL 3.8.2, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon. This is the
first stable release for the 3.8.x branch, also available with OpenBSD 7.4

Read more…

Disruptive amd64 snapshot coming

Contributed by rueda on from the firing-the-disruptors dept.

Theo de Raadt (deraadt@) posted to tech@ a message entitled disruptive amd64 snapshot coming. It reads:

There is a pretty disruptive amd64 snapshot coming, so anyone who is
using snapshots for critical stuff should take a pause.  (This warning
about a development step is unusual, I won't make it common practice).

Of course, on non-critical amd64 systems running snapshots, this is a good opportunity to test (and report any problems).

OpenSMTPD 7.4.0p0 Released

Contributed by Peter N. M. Hansteen on from the RECPT to me dept.

Hot on the heels of the release of OpenBSD 7.4, Omar Polo (op@) has announced the release of OpenSMTPD 7.4.0p0. The announcement reads,

Subject:    OpenSMTPD 7.4.0p0 Released
From:       Omar Polo <op () openbsd ! org>
Date:       2023-10-25 7:33:43


OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range of use-cases.

It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD, Linux and OSX.

The archives are now available from the main site at www.OpenSMTPD.org

Read more…

OpenBSD's built-in memory leak detection

Contributed by rueda on from the staying-afloat dept.

As announced on the misc@ mailing list, Otto Moerbeek (otto@), the author of OpenBSD's malloc(3) implementation [a.k.a. "otto malloc"], has written a tutorial on the new malloc(3) leak detection available in OpenBSD 7.4

Read it at: OpenBSD's built-in memory leak detection

Since the publication of that write-up, Otto has committed further enhancements:

CVSROOT:	/cvs
Module name:	src
Changes by:	otto@cvs.openbsd.org	2023/10/22 06:19:26

Modified files:
	lib/libc/stdlib: malloc.3 malloc.c 

Log message:
When option D is active, store callers for all chunks; this avoids
the 0x0 call sites for leak reports. Also display more info on
detected write of free chunks: print the info about where the chunk
was allocated, and for the preceding chunk as well.
ok asou@

OpenBSD 7.4 Released

Contributed by Peter N. M. Hansteen on from the keep puffing it up dept.

The OpenBSD project has announced the release of OpenBSD 7.4, the 55th release of the OpenBSD operating system.

The new release contains a number of innovations and improvements across a number of areas, including

as well as the general churn of optimizations and fixes across the system.

Package counts (packages prebuilt for this release) for the more popular architectures are
i386: 10603,
amd64: 11845,
aarch64: 11508,
sparc64: 8469,
with more to follow as bulk builds complete.

As always, the release is available for download from mirror sites all over the world; be sure to pick one that is near you, network-wise! Those upgrading from the 7.3 release (or earlier) should consult the Upgrade Guide.

Thanks again to the developers for the dedicated effort that went into producing this new release!

Donate!

Donate to OpenBSD

Features

We are constantly on the lookout for stories of how you put OpenBSD to work. Please submit any informative articles on how OpenBSD is helping your company.

Earlier Articles

OpenBSD Errata

OpenBSD 7.4

0072023-11-29 SECURITY A crafted regular expression when compiled by perl can cause a one-byte attacker controlled buffer overflow in a heap allocated buffer. CVE-2023-47038
0062023-11-21 RELIABILITY httpd(8): Avoid a NULL dereference when handling a malformed fastcgi request.
0052023-11-21 RELIABILITY Overlong sequences of UTF-8 combining characters could crash tmux(1).
0042023-11-21 RELIABILITY Simple passwords which were 8 characters long caused ospfd(8) to send out packets with invalid checksum.
0032023-11-21 RELIABILITY patch(1) with explicit patchfile did not work in 7.4 due to overeager unveil(2) restrictions.
0022023-10-25 SECURITY A network buffer that had to be split at certain length could crash the kernel.

Unofficial RSS feed of OpenBSD errata

OpenBSD 7.3

0212023-11-29 SECURITY A crafted regular expression when compiled by perl can cause a one-byte attacker controlled buffer overflow in a heap allocated buffer. CVE-2023-47038
0202023-11-21 RELIABILITY httpd(8): Avoid a NULL dereference when handling a malformed fastcgi request.
0192023-10-25 SECURITY A network buffer that had to be split at certain length could crash the kernel.
0182023-10-25 SECURITY Fix several input validation errors in the X server. CVE-2023-5367 CVE-2023-5380 CVE-2023-5574
0172023-10-03 SECURITY Fix several input validation errors in libX11 and libXpm. CVE-2023-43785 CVE-2023-43786 CVE-2023-43787 CVE-2023-43788 CVE-2023-43789
0162023-09-21 SECURITY npppd(8) could crash by a l2tp message which has an AVP with wrong length.

Unofficial RSS feed of OpenBSD errata

XML/RSS/RDF

Users wishing RSS/RDF summary files of OpenBSD Journal can retrieve: RSS feed

Options are available.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]