Feed openbsd-journal OpenBSD Journal

OpenBSD Journal

Link http://undeadly.org/
Feed http://undeadly.org/cgi?action=rss
Updated 2020-01-26 06:21
u2k20 Hackathon Report: Tracey Emery on GotWeb
Fresh in from u2k20 is this report from Tracey Emery, who visited the hackathon in Uckermark, Germany after getting invited by Stefan Sperling (stsp@):
u2k20 Hackathon Report: Alexandr Nedvedicky on PF anchors work
The first report from the just concluded u2k20 hackathon comes from Alexandr Nedvedicky (sashan@), who writes:
Firefox pkg for 6.6-stable will not receive latest updates. [Updated]
An update has now been committed to the -stable branch for the latest firefox version, and the package is available for updating!
Theo De Raadt Interview between Ottawa 2019 Hackathon and BSDCAN 2019
Tom Smyth writes in about an interview he did with Theo de Raadt in between g2k19, the general hackathon in Ottawa, and BSDCAN 2019:
e2k19 Hackathon Report: Stefan Sperling on GoT and wireless
Next up from the snowy Elk Lakes area with his Hackathon Report is Stefan Sperling (stsp@):
Meet Radiant Award Recipient Claudio Jeker
TheInternet Security Research Groupand partnershave announcedthat Claudio Jeker (claudio@) is the thirdRadiant Awardrecipient.From theannouncement:
attention please: host's IP stack behavior got changed slightly
Alexandr Nedvedicky (sashan@)wrote to tech@regarding a recent significantchange:
e2k19 Hackathon Report: At e2k19 nobody can hear you scream (Claudio Jeker)
Fresh from the just concluded e2k19 hackathon, Claudio Jeker (claudio@) writes in:
syscall call-from verification
Theo de Raadt (deraadt@) hascommittedcode for a new exploit-prevention mechanism:
unwind(8) gains "Happy Eyeballs"-like flexibility
Florian Obser (florian@) hascommittedcode to giveunwind(8)a flexible approach to resolving strategies:
p2k19 Hackathon Report: Stefan Sperling on iwm(4) wifi progress, more
Next up in our hackathon series from p2k19 is one from Stefan Sperling (stsp@),who writes:
krw@ adventures at p2k19
Next up in the series of p2k19 reports is Ken Westerback (krw@), who writes:
p2k19 Hackathon Report: Jeremy Evans on PostgreSQL and Ruby
Our next p2k19 report comes from Jeremy Evans (jeremy@):
p2k19 Hackathon Report: Landry Breuil on unveil(2)-ing Mozilla, sqlite3 testing
Fresh from the just concluded p2k19 hackathon comes this report from Landry breuil (landry@), who writes:
Martin Pieuchot: The Unknown Plan
Fresh from Bucharest is this story from Martin Pieuchot (mpi@) with his experience from p2k19:
OpenSSH U2F/FIDO support in base
Damien Miller (djm@)posted to tech@:
p2k19 Hackathon Report: Good vibes from Bucharest by Marc Espie (espie@)
The first p2k19 hackathon report comes from Marc Espie (espie@), who writes:
HEADS UP: ntpd changing
Theo de Raadt (deraadt@)postedto tech@:
DNSSEC enabled in default unbound(8) configuration
DNSSEC validation has been enabled in the defaultunbound.conf(5)in -current.The relevant commits werefromJob Snijders (job@)
U2F support in OpenSSH HEAD
In amessageto the openssh-unix-dev mailing list,Damien Miller (djm@) wrote:
EuroBSDCon 2019 videos available
The EuroBSDCon channel at YouTube now has the EuroBSDCon 2019 videos online. One excellent way to start is with Patricia Aas' excellent keynote Embedded Ethics and just go on, but you could also go directly to the OpenBSD related talks:
New openbsdstore available with 6.6 T-shirts
A new OpenBSD store has been started, for those looking for OpenBSD swag now that the project no longer produces CDs. If you like the artwork that comes with the releases, this is a great way to support it. Quoting the about page:
OpenBSD 6.6 Released
In amessageto relevant mailing lists,Theo de Raadt (deraadt@) announced that theOpenBSD project's 47 release,OpenBSD 6.6,is now available frommirror sitesworldwide.Rather than reproducing here the full list of new features,we refer readers to the officialOpenBSD 6.6 page,and the detailedchangelog.Notable changes include but are not limited to:
OpenBSD crossed 400,000 commits
Theo de Raadt (deraadt@)posted to tech@:
sysupgrade(8) Added to OpenBSD 6.5
In a move bound to be greeted with great enthusiasm, the newly-releasedPatch 012for OpenBSD 6.5 addssysupgrade(8)to the system.Readers are encouraged to show their appreciation bydonating!
OpenBSD moving towards 6.6
Theo de Raadt (deraadt@)has changednewvers.shto6.6:
Support for the sgi platform discontinued
Support forthe sgi hardware platformhas been discontinued:
OpenBSD at EuroBSDcon 2019
EuroBSDcon 2019has concluded, and materials for the OpenBSD-related talks can be found inthe usual place.At the time of writing, official video recordings are not yet available,but the organisers assure us that they will be as soon as the editing is done.
The return of startx(1) for non-root users [with some caveats]
Mark Kettenis (kettenis@) has recentlycommittedchangeswhich restore a certain amount ofstartx(1)/xinit(1)functionality for non-root users.The commit messages explain the situation:Read more…
Setting up a mail server with OpenSMTPD, Dovecot and Rspamd
On hisblog,Gilles Chehade (gilles@) has writtena very detailed article on running anOpenSMTPD mail server.The article begins:
DoH disabled by default in Firefox
On Monday, Otto (otto@) committed a small but significant change to the Firefox port.
Package updates for -stable available for arm64 (too)
The arm64 architecture hasjoinedamd64 and i386in having -stable package updatesavailable.
Package updates for -stable branch now available for amd64, i386 soon
In a very welcome development, Solene Rapenne (solene@) announced that binary package updates for the most popular platforms will be available for the latest OpenBSD release.The announcement reads:
6.6-beta has been tagged
Theo de Raadt (deraadt@)has justtagged6.6-beta:
Game of Trees
Stefan Sperling (stsp@) is developing a version control system,"Game of Trees".From <https://gameoftrees.org/>:
snmp(1) added to -current
Martijn van Duren (martijn@) hascommitteda newSimple Network Management Protocol(SNMP) client,snmp(1):
tpmr(4) driver added to -current
David Gwynne (dlg@) has committed to -current another new network driver -an 802.1Q Two-Port MAC Relay driver,tpmr(4).Themain commit messageexplains the raison d'être:
Touchpad, Interrupted
On hisblog,Joshua Stein (jcs@) has written an[another!]excellent article on an involved investigation into a complex issue:the non-arrival of interrupts for certain touchpad devices.
OpenBGPD 6.5p1 released.
Claudio Jeker (claudio@) hasannouncedthe release of a new version ofOpenBGPD:
OpenBSD::Unveil(3p) added to -current
Andrew Fresh (afresh1@)hascommittedOpenBSD::Unveil(3p),a Perl interface tounveil(2):
aggr(4) driver added to -current
David Gwynne (dlg@) hascommitted to -currenta dedicatedLink Aggregation (EEE 802.1AX)driver,aggr(4).Themain commit messageexplains the raison d'être:
OpenBSD Community goes Platinum for 2019!
Ken Westerback wrote in with some good news:
doas environmental security
Ted Unangst (tedu@)postedto the tech@mailing list regardingrecent changes to environment handling indoas(in -current):
SSH gets protection against side channel attacks
Damien Miller (djm@) has just committed a new feature for SSH that should help protect against all the various memory side channel attacks that have surfaced recently.
ntpd auto time setting
Otto Moerbeek (otto@) has writtenan updateon his recent ntpd(8) work to the tech@ mailinglist:
rpki-client(8) imported into the tree
Job Snijders (job@) hasimportedKristaps Dzonsons'rpki-client(discussed previously)into the tree:
BSDCan 2019 videos available
Videos of presentations atBSDCan 2019are now (becoming) available from theYouTube channel.Links to the videos can now also be found in the usual place.
g2k19 Hackathon Report: Stefan Sperling on Access Points and Ghosts
Our next hackathon report comes from Stefan Sperling (stsp@):
acme-client(1) moves to Let's Encrypt v02 API
Florian Obser (florian@) hascommittedthe changes required to moveacme-client(1)in -current to theRFC 8555protocol used by theLet's Encrypt v02 API:
Recent Security Innovations
IntroductionThere have been some recent securityinnovationspreviously unreported here: