Game of Trees 0.94 released
Contributed by rueda on from the again-and-again-and dept.
Version 0.94 of Game of Trees has been released (and the port updated):
* got 0.94; 2023-11-29 see git repository history for per-change authorship information
OpenBSD Journal
Contributed by rueda on from the again-and-again-and dept.
Version 0.94 of Game of Trees has been released (and the port updated):
* got 0.94; 2023-11-29 see git repository history for per-change authorship information
Contributed by rueda on from the Ike, IPSec my keys dept.
Tobias Heider (tobhe@
) has
announced
the release of
version 7.3
of
OpenIKED:
We have released OpenIKED 7.3, which will be arriving in the OpenIKED directory of your local OpenBSD mirror soon.
Contributed by rueda on from the we actually deliver dept.
clang(1)
/llvm
updated to version 16Contributed by rueda on from the clang goes the compiler dept.
In a long series of
commits,
Robert Nagy (robert@
)
updated
clang(1)
/llvm
in -current to version 16:
CVSROOT: /cvs Module name: src Changes by: robert@cvs.openbsd.org 2023/11/11 11:01:31 Log message: import of llvm from LLVM 16.0.6 Status: Vendor Tag: LLVM Release Tags: LLVM_16_0_6 U src/gnu/llvm/llvm/.clang-format U src/gnu/llvm/llvm/.clang-tidy U src/gnu/llvm/llvm/.gitattributes […] U src/gnu/llvm/llvm/utils/vscode/llvm/syntaxes/ll.tmLanguage.yaml U src/gnu/llvm/llvm/utils/yaml-bench/CMakeLists.txt U src/gnu/llvm/llvm/utils/yaml-bench/YAMLBench.cpp 67 conflicts created by this import. Use the following command to help the merge: cvs checkout -jLLVM:yesterday -jLLVM src/gnu/llvm/llvm
Naturally, this has involved supporting work elsewhere in base, and in ports.
Contributed by grey on from the for users who weren't already on 7.4 dept.
Brent Cook (bcook@
)'s
announcement reads:
We have released LibreSSL 3.8.2, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. This is the first stable release for the 3.8.x branch, also available with OpenBSD 7.4
Contributed by rueda on from the firing-the-disruptors dept.
Theo de Raadt (deraadt@
)
posted to
tech@
a message entitled
disruptive amd64 snapshot coming.
It reads:
There is a pretty disruptive amd64 snapshot coming, so anyone who is using snapshots for critical stuff should take a pause. (This warning about a development step is unusual, I won't make it common practice).
Of course, on non-critical amd64 systems running snapshots, this is a good opportunity to test (and report any problems).
Contributed by Peter N. M. Hansteen on from the RECPT to me dept.
op@
) has announced the release of OpenSMTPD 7.4.0p0. The announcement reads,
Subject: OpenSMTPD 7.4.0p0 Released From: Omar Polo <op () openbsd ! org> Date: 2023-10-25 7:33:43 OpenSMTPD is a FREE implementation of the SMTP protocol with some common extensions. It allows ordinary machines to exchange e-mails with systems speaking the SMTP protocol. It implements a fairly large part of RFC5321 and can already cover a large range of use-cases. It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD, Linux and OSX. The archives are now available from the main site at www.OpenSMTPD.org
Contributed by rueda on from the staying-afloat dept.
As
announced
on the
misc@
mailing list,
Otto Moerbeek (otto@
),
the author of OpenBSD's
malloc(3)
implementation
[a.k.a. "otto malloc"],
has written a
tutorial on the new
malloc(3) leak detection available in OpenBSD 7.4
Read it at: OpenBSD's built-in memory leak detection
Since the publication of that write-up, Otto has committed further enhancements:
CVSROOT: /cvs Module name: src Changes by: otto@cvs.openbsd.org 2023/10/22 06:19:26 Modified files: lib/libc/stdlib: malloc.3 malloc.c Log message: When option D is active, store callers for all chunks; this avoids the 0x0 call sites for leak reports. Also display more info on detected write of free chunks: print the info about where the chunk was allocated, and for the preceding chunk as well. ok asou@
Contributed by Peter N. M. Hansteen on from the keep puffing it up dept.
The new release contains a number of innovations and improvements across a number of areas, including
viogpu(4)
, a VirtIO GPU driver [See earlier report].vmd(8)
has moved to a multi-process model for virtio(4)
block and network devices [See earlier report].malloc(3)
now has built-in leak detection [See earlier report].
Chunk sizes are now fine-grained, and all chunks in the delayed free list are checked for write-after-free.libssl
.
Ed25519 certificates are now supported in
openssl(1)
ca
and
req
.ssh-kengen(1)
generates Ed25519 keys by default.
Keystroke timing obfuscation has been added to ssh(1)
[See earlier report].
The fingerprint of a newly generated host key is printed on first boot [See commit].cron(8)
now supports random ranges with steps [See earlier report].shutdown(8)
/reboot(8)
now require membership of group _shutdown
[See earlier report].sec(4)
for Route Based IPSec VPNs [See earlier reports].pfsync(4)
[See earlier report].ifconfig(8)
has a new wgdescr[iption]
option which allows labelling peers.as well as the general churn of optimizations and fixes across the system.
Package counts (packages prebuilt for this release) for the more popular
architectures are
i386: 10603,
amd64: 11845,
aarch64: 11508,
sparc64: 8469,
with more to follow as bulk builds complete.
As always, the release is available for download from mirror sites all over the world; be sure to pick one that is near you, network-wise! Those upgrading from the 7.3 release (or earlier) should consult the Upgrade Guide.
Thanks again to the developers for the dedicated effort that went into producing this new release!
Donate to OpenBSD
We are constantly on the lookout for stories of how you put OpenBSD to work. Please submit any informative articles on how OpenBSD is helping your company.
OpenBSD 7.4
007 | 2023-11-29 SECURITY A crafted regular expression when compiled by perl can cause a one-byte attacker controlled buffer overflow in a heap allocated buffer. CVE-2023-47038 |
006 | 2023-11-21 RELIABILITY httpd(8): Avoid a NULL dereference when handling a malformed fastcgi request. |
005 | 2023-11-21 RELIABILITY Overlong sequences of UTF-8 combining characters could crash tmux(1). |
004 | 2023-11-21 RELIABILITY Simple passwords which were 8 characters long caused ospfd(8) to send out packets with invalid checksum. |
003 | 2023-11-21 RELIABILITY patch(1) with explicit patchfile did not work in 7.4 due to overeager unveil(2) restrictions. |
002 | 2023-10-25 SECURITY A network buffer that had to be split at certain length could crash the kernel. |
OpenBSD 7.3
021 | 2023-11-29 SECURITY A crafted regular expression when compiled by perl can cause a one-byte attacker controlled buffer overflow in a heap allocated buffer. CVE-2023-47038 |
020 | 2023-11-21 RELIABILITY httpd(8): Avoid a NULL dereference when handling a malformed fastcgi request. |
019 | 2023-10-25 SECURITY A network buffer that had to be split at certain length could crash the kernel. |
018 | 2023-10-25 SECURITY Fix several input validation errors in the X server. CVE-2023-5367 CVE-2023-5380 CVE-2023-5574 |
017 | 2023-10-03 SECURITY Fix several input validation errors in libX11 and libXpm. CVE-2023-43785 CVE-2023-43786 CVE-2023-43787 CVE-2023-43788 CVE-2023-43789 |
016 | 2023-09-21 SECURITY npppd(8) could crash by a l2tp message which has an AVP with wrong length. |
Users wishing RSS/RDF summary files of OpenBSD Journal
can retrieve:
Options are available.
Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]