OpenBSD Journal

OpenBSD Journal

KDE Plasma 6.4 has landed in OpenBSD

Contributed by Peter N. M. Hansteen on from the konsidered plasmatik dept.

Yes, you read that right: KDE 6.4.0 Plasma is now in OpenBSD packages.

This was made possible by the efforts of Rafael Sadowski (rsadowski@) with the help of several others. The news was announced 2025-07-04 via a fediverse post and of course the commit message itself, where the description reads

Log message:
Update Plasma 6.4

The most parts are straightforward as usual but in 6.4 the KDE
Kwin team split kwin into kwin-x11 and kwin (wayland). This seems
to be the sign that X11 is no longer of interest and we are
focussing on Wayland.

Read more…

Blink and you'll miss it! 4096 colours and flashing text on the console!

Contributed by Peter N. M. Hansteen on from the 4k colors and blink! dept.

News from the Exotic Silicon front: Crystal Kolipe posted an update to misc@, saying

List:       openbsd-misc
Subject:    Console 4096 colours and blink attribute
From:       Crystal Kolipe <kolipe.c () exoticsilicon ! com>
Date:       2025-07-04 13:58:41

Tired of having just 256 colours on your console instead of 4096?

Do you miss the blink attribute from the old VGA text mode days?

Want to learn how cool stuff like this is implemented?

Look no further:

https://research.exoticsilicon.com/articles/console_4096

Clicking that link will bring you a colorful article with all implementation details and links to the code for you to try out yourself.

Happy blink and 4k colors console day to all who celebrate!

Game of Trees Hub now taking signups for repository hosting

Contributed by Peter N. M. Hansteen on from the we've GoT this dept.

In a fediverse post on 2025-07-04, the Game of Trees Hub announced that they will be taking signups for repository hosting:

We have started our first round of sign-up for #Git repository hosting.

Our first server for Git hosting is expected to be installed next week. Additional servers will be added as needed based on demand.

See https://gothub.org for an introduction to our project.

See https://gothub.org/features.html to get an idea about which features are already working and what is planned for the future.

See https://gothub.org/tiers.html for the initial service tier configurations and prices.

See https://gothub.org/signup.html for details about the sign-up process.

Do you have code that could need to be hosted, and/or money to send their way? Click the links!

Game of Trees 0.115 released

Contributed by rueda on from the again-and-again-and dept.

Version 0.115 of Game of Trees has been released (and the port updated):

  • make errors reported by gotsys-apply-conf actually visible
  • stop trying to start gotd from gotsys-apply-conf if gotd is not running
  • fix infinite loop in got_pack_repaint_parent_commits() and got-read-pack
  • fix creation of gotd.conf deny rules in gotsys-write-conf
  • add support for global repository access rules to gotsysd.conf
  • fix segfault due to double-free in got-read-gotconfig

Game of Trees 0.114 released

Contributed by rueda on from the again-and-again-and dept dept.

Version 0.114 of Game of Trees has been released (and the port updated):

  • preserve author timestamps when rebasing commits
  • stop running ssh with -q by default; -q hides host key fingerprint errors
  • fix gotsys-read-conf crash when ssh key comments are missing in gotsys.conf
  • relax repository path permission checks in gotsys-repo-create
  • add gotsys apply -w option which waits until sysconf has been run
  • fix gotsysd getting stuck due to missing final messages from libexec helpers
  • plug a file descriptor leak in the gotsysd libexec process

Call for testing: bge/bnx/iavf/igc/ix/ixl/ngbe/pcn: ifq_restart() fix

Contributed by Peter N. M. Hansteen on from the if ifq_restart, duh dept.

In a fediverse post, Stefan Sperling (stsp@) asks for testing of a potential fix for a problem affecting a number of network interface drivers (namely bge, bnx, iavf, igc, ix, ixl, ngbe and pcn), pointing to a message on tech@ with the subject bge/bnx/iavf/igc/ix/ixl/ngbe/pcn: ifq_restart() fix that reads

List:       openbsd-tech
Subject:    bge/bnx/iavf/igc/ix/ixl/ngbe/pcn: ifq_restart() fix
From:       Stefan Sperling <stsp () stsp ! name>
Date:       2025-06-20 10:12:14

A bug has been fixed by yasuaok@ in vmx(4) where the driver was
calling ifq_restart() without actually having made any space on
a full Tx ring. Calling ifq_restart() in this case can lead to
a condition where the interface gets stuck in OACTIVE until the
interface is reset with ifconfig.

Read more…

j2k25 hackathon report from kn@: installer, low battery, and more

Contributed by rueda on from the want TLS with that ramen? dept.

Fresh from the recently concluded j2k25 hackathon comes this report from Klemens Nanni (kn@), who writes:

New country, lots of ramen, friends and new folks - heck, yes!

Having missed the last four (our five?, hard to tell…) hackathons, j2k25 aligned just right to finish our holidays with beautiful sights and culinary delights between streaks of hacking, leaving all else aside for a solid week - it was refreshing retreat and sparked plans to make another, even longer trip through Japan!

This time, I brought a few unfished and/or unanswered diffs, but also specifically wanted to look into unfamiliar code, now that folks were around to ask for advice and discuss with.


First, the installer and rc(8) were due for cleanup: common code for randomness seed files used by bootloaders and rc seemed unnecessarily different, so I synced their logic, style and comments wrt. subtle, yet important details around the sticky(8) bit:

Read more…

dhcpd(8): use UDP sockets instead of BPF

Contributed by Peter N. M. Hansteen on from the modernizing BPFoonery dept.

In some cases, the current dhcpd(8) is not quite as reliable as one would want in providing the requested data to the actual requestor. After some rounds of discussion and experimentation, David Gwynne (dlg@) is circulating a diff on tech@ that switches the daemon to use UDP sockets instead of bpf.

The motivation is summarized as,

tl;dr this replaces bpf with udp sockets in dhcpd, mostly to make it
better at replying with the ip that requests were sent to.

and the full message, with the subject dhcpd(8): use UDP sockets instead of BPF reads,

List:       openbsd-tech
Subject:    dhcpd(8): use UDP sockets instead of BPF
From:       David Gwynne <david () gwynne ! id ! au>
Date:       2025-06-13 3:29:20

tl;dr this replaces bpf with udp sockets in dhcpd, mostly to make it
better at replying with the ip that requests were sent to.

ive been hacking on this because of a problem at work, which i want to
solve by setting up a bunch of "anycast" dhcp servers. ie, i want to
have multiple dhcpd on separate servers with the same IP assigned
as an alias on all of them.

Read more…

clang(1)/llvm/lld(1) updated to version 19

Contributed by rueda on from the lifting-and-shifting dept.

In a long series of commits, Robert Nagy (robert@) updated clang(1)/llvm/lld(1) in -current to version 19.1.7 (from version 16.0.6):

CVSROOT:	/cvs
Module name:	src
Changes by:	robert@cvs.openbsd.org	2025/06/11 06:54:56

Log message:
    import of llvm from LLVM 19.1.7
    
    Status:
    
    Vendor Tag:	LLVM
    Release Tags:	LLVM_19_1_7
    
    U src/gnu/llvm/llvm/.clang-format
[…]

Those building from source should follow the instructions in Following -current and using snapshots before making the leap.

Donate!

Donate to OpenBSD

Features

We are constantly on the lookout for stories of how you put OpenBSD to work. Please submit any informative articles on how OpenBSD is helping your company.

OpenBSD Errata

OpenBSD 7.7

0082025-07-01 RELIABILITY TIOCUCNTL ioctl(2) could crash the kernel if called with a non-file argument.
0072025-07-01 SECURITY Previous fix for X11 server was incomplete. CVE-2025-49176
0062025-06-17 SECURITY Multiple X11 server issues. CVE-2025-49175 CVE-2025-49176 CVE-2025-49177 CVE-2025-49178 CVE-2025-49179 CVE-2025-49180
0052025-06-17 RELIABILITY In acme-client(1), handle as yet unobserved "processing" state when fetching an issued certificate by retrying instead of giving up.
0042025-06-17 RELIABILITY When using syncookies in pf(4), new TCP connections could run into timeout due to integer underflow.
0032025-05-10 RELIABILITY Replace incorrect zoneinfo files created by broken zic(8).

Unofficial RSS feed of OpenBSD errata

OpenBSD 7.6

0212025-07-01 RELIABILITY TIOCUCNTL ioctl(2) could crash the kernel if called with a non-file argument.
0202025-07-01 SECURITY Previous fix for X11 server was incomplete. CVE-2025-49176
0192025-06-17 SECURITY Multiple X11 server issues. CVE-2025-49175 CVE-2025-49176 CVE-2025-49177 CVE-2025-49178 CVE-2025-49179 CVE-2025-49180
0182025-06-17 RELIABILITY In acme-client(1), handle as yet unobserved "processing" state when fetching an issued certificate by retrying instead of giving up.
0172025-06-17 RELIABILITY When using syncookies in pf(4), new TCP connections could run into timeout due to integer underflow.
0162025-05-05 SECURITY Kernel of NFS server could crash if nfsd(8) is enabled and an evil NFS request is sent to it.

Unofficial RSS feed of OpenBSD errata

XML/RSS/RDF

Users wishing RSS/RDF summary files of OpenBSD Journal can retrieve: RSS feed

Options are available.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]