Theo de Raadt (deraadt@) updated the versionofOpenBSD-current to "7.7-current".Those running the latest-and-greatest[via a sufficiently new snapshot or built from source]no longer need to use"-D snap" withpkg_add(1)(andpkg_info(1)).
If you have ever been irked by having to enter a sequence of sysctl(8) commands to achieve things like enabling forwarding for IPv4 and IPv6 both, help is at hand.In a recent commit, Klemens Nanni (kn@) added functionality to have the classic command read multiple settings from a file:
We (undeadly.org editors) had not noticed ourselves, but Will Backman wrote in about the news that some OpenBSD code -- openrsync -- had been made available to a wider audience, courtesy of Apple:
TheOpenBSD7.7 release cycle is entering its final phases...With the followingcommit,Theo de Raadt (deraadt@) moved -current to version 7.7(dropping the "-beta"):
Hitherto,fw_update(8)has gathered system information largely from/var/run/dmesg.boot(on the host on which it is invoked).Andrew Hewus Fresh (afresh1@) hascommitted a changewhich allowsspecifyinganarbitrary dmesg file.The commit message explains the rationale:
The OpenBGPD project (essentially a subproject of the OpenBSD project), have released their latest work in the OpenBGPD 8.8 release.The release announcement reads,
As announced by Job Snijders on the FediVerse rpki-client 9.4 has been released.The complete release notes from https://cdn.openbsd.org/pub/OpenBSD/rpki-client/rpki-client-9.4.txt are below:Read more...
There has long been some concern in the networking communities, particularly the routing security part, about the use of very long lived Trust Anchor (TA) certificates in routing infrastructure. Today Job Snijders (job@) commited code torpki-client(8)to implement a gradual phase in of a stricter policy on TA certificates lifetimes.The commit message reads,
Soon, unwind will have support wildcard in blacklist.Here, a change that makes any domain in the blacklist that starts with '.', which is not a legal name due to an empty label, is treated as any subdomain on that zone.This means that .example.com blocks all requests to any subdomain of example.com, but allows example.com.Changes: https://marc.info/?l=openbsd-cvs&m=173244784522937&w=2
The LibreSSL project, a closely associated subproject of the OpenBSD project, has announced the availability of their new stable release, LibreSSL 4.0.0, which comes with a number of improvements and a sprinkling of fixes. The release announcement reads,
The work of improving ssh security by segregating functionality into separate binaries contiues, this time by introducing sshd-auth as a separate binary.The commit message summarizes why this makes sense,
Omar Polo (op@) hasannouncedthe release of version 7.6.0p0 ofOpenSMTPD.The changes (including the table protocol change on which wereported earlier)are:
Omar Polo (op@) hasannouncedthe release of version 7.6.0p0 ofOpenSMTPD.The changes (including the table protocol change on which wereported earlier)are:
The OpenBSD project hasannouncedOpenBSD 7.6,its 57 release.The new release contains a number of significant improvements, including but not limited to:
Theo de Raadt (deraadt@) updatedtheversion ofOpenBSD-current to "7.6-current".Those running the latest-and-greatest[via a sufficiently new snapshot or built from source]no longer need to use"-D snap" withpkg_add(1)(andpkg_info(1)).
Our favorite operating system is now changing the default shell (ksh) to enforce not allowing invalid NUL characters in input that will be parsed as parts of the script.The commit message reads,
EuroBSDCon 2024[in Dublin, Ireland] has now ended,and slides for many of the OpenBSD developer presentationsare now available in theusual place.Video of the individual presentations can be expected somewhat later.In the meantime, OpenBSD-related presentations [including those fromnon-developers] can be found in therecordingsof the "Foyer B" streams.In addition, there was a full day PF tutorial with some updates to the publicly available slides.
Sebastian Benoit (benno@)announcedthe release ofversion 9.3ofrpki-client, the essential component for routing security.See the fullannouncement for further details.Key excerpts from the release announcement:Read more...
Sebastian Benoit (benno@)announcedthe release ofversion 9.2ofrpki-client, the essential component for routing security.See the fullannouncement for further details.Here are some key excerpts from the release announcement:
OpenBSD -current has moved to 7.6-beta in preparation for the next release with this commit.The release is traditionally about November 1st, but we shall see what happens this year. Snapshots are already beginning to show up on the mirrors.