OpenBSD Journal

Fresh from the newly completed a2k17 hackathon comes this report from Bob Beck:

Martin Pieuchot has written another article chronicling the modernization of the network stack. Martin writes,

Avoid possible side-channel leak of ECDSA private keys when signing.A source code patch exists which remedies this problem:for 6.0.for 5.9This is related to CVE-2016-7056 "ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL)"Additional details can be read here: http://seclists.org/oss-sec/2017/q1/52Thanks to M:Tier https://stable.mtier.org for raising awareness on this patch.

OpenBSD as WiFi access points look set to be making a comeback in the near future. With this diff https://marc.info/?l=openbsd-tech&m=148396652007923&w=2, Stefan Sperling added 802.11n hostap mode, with full support initially for the Atheros chips supported by the athn(4) driver.

Michael W Lucas is offering the chance to get your name in his forthcoming book on relayd and httpd:

Ted Unangst (tedu@) continues his flak series with part 5.

Undeadly editor Peter Hansteen (pitrh) recently spoke to the Bergen (BSD and) Linux User Group (BLUG) on the subject "OpenBSD and you", and has shared the slides from the talk.These make a great resource for preaching to the as-yet-unconverted.

A new version of OpenSSH has been announced. Continue reading for the changelog of OpenSSH 7.4 below: Read more...

Ingo Schwarze (schwarze@) writes in:

Ted Unangst (tedu@) has written a flak entry entitled "openbsd changes of note".It gives an overview (with relevant links) of recent significant changes in -current.Update: there is now a second part.Update: there is now a third part.

Kristaps Dzonsons, of mandoc and acme-client (and more) fame, has written a detailed article entitled "why pledge(2) …or, how I learned to love web application sandboxing".The tl;dr section starts:

Today's big news comes from the OpenBSD Foundation, via director Ken Westerback. The official word from the foundation is:

The first report out of the just completed l2k16 (LibreSSL focused) hackathon comes from Ingo Schwarze, who writes:

The next b2k16 hackathon report comes from Daniel Jakots, who writes:

New contributor doctrit writes,An interesting news article title caught my attention and I was pleasantly surprised to find OpenBSD having a prominent place within the article's content. 8^)

The first report from the b2k16 hackathon comes from Antoine Jacoutot, who writes:

Your next b2k16 report comes form Jeremy Evans, who writes:

Our next b2k16 report comes from Landry Breuil, who writes:

Five OpenBSD 6.0 CD-ROM copies were signed by 40 developers during theg2k16 Hackathon in Cambridge, UK. These copies are being auctioned sequentially on ebay.CD set #1 (Sep 29th + 5 days) sold for $4200CD set #2 (Oct 4th + 3 days) sold for $3000CD set #3 (Oct 8th + 3 days) sold for $817CD set #4 (Oct 11th + 3 days) sold for $635CD set #5 (Oct 14th + 3 days) sold for $1024All proceeds will be donated to the OpenBSD Foundationto support and further the development of free software based on the OpenBSD operating system.Read more...

With a small commit, OpenBSD now has a hypervisor and virtualization in-tree. This has been a lot of hard work by Mike Larkin, Reyk Flöter, and many others.VMM requires certain hardware features (Intel Nehalem or later, and virtualization enabled in the BIOS) in order to provide VM services, and currently only supports OpenBSD guests.

Alexander Bluhm (bluhm@) contributed our next report (which even includes a picture):

The g2k16 hackathon must have been a really great one, because here is yet another report, this time from Patrick Wildt, who writes:

The g2k16 hackathon reports keep coming, and we love it! In this fresh report, Martin Pieuchot writes,

Ted Unangst (tedu@) has written an item regarding doas:

Matthieu Herrb supplied our next g2k16 report:

Vincent Gross supplied the next hackathon report:

Here's yet another g2k16 hackathon report, this one from Antoine Jacoutot, who writes:

Next up in the series of g2k16 hackathon reports is this one from Florian Obser, who writes:

Next up with a g2k16 Hackathon report is Jasper Lievisse Adriaanse:

DragonFly BSD has joined HardenedBSD and TrueOS (formerly PC-BSD) in adopting LibreSSL in the base system:

Next up in our series of g2k16 hackathon reports is Christian Weisgerber, who writes:

Our next g2k16 report comes from Brent Cook (bcook@), who writes:

Next in our series of g2k16 hackathon reports is Ted Unangst, who writes:

The next g2k16 developer report comes from Giovanni Bechis, who writes:

The next developers' hackathon report is from Marc Espie, who writes:

Next up in the g2k16 hackathon reports series is Adam Wolk. Adam writes:

Next up in our series of g2k16 hackathon reports is this one from Martin Natano:

Next in the g2k16 series is the Otto Moerbeek's report. Otto writes,

The first developer report from the just concluded g2k16 hackathon comes from Mike Larkin, who writes:

LLVM Core and Clang (C/C++/Objective-C compiler) of the LLVM Project have been imported into -current.Pascal Stumpf (pascal@) committed the addition:

Support for the zaurus platform has been removed from -current.Philip Guenther (guenther@) committed the change:

September 1st, 2016: The OpenBSD team announces the availability of 6.0!

Kristaps Dzonsons' Let's Encrypt client, letskencrypt, has been imported into OpenBSD-current as acme-client.letskencrypt, which has previously been available as a port, is a privilege-separated Let's Encrypt (ACME protocol) client written in C.Read more...

EuroBSDcon 2016(see earlier article) is on from 22 to 25 September 2016, in Belgrade, Serbia.Early registrationends 2016-08-24 23:59 CEST, so get in now for discounted prices on great (Open)BSD talks and tutorials!

Joel Sing (jsing@) has added server-side Server Name Indication (SNI) support to libtls and, based on that, to httpd.Read more...

As a result of apparent lack of maintenance, Theo de Raadt has disabled tmpfs.

Our next report comes from Philip Guenther, who writes,

Our next report comes from Ken Westerback (krw@), who writes,

The EuroBSDCon 2016 talks and schedule have been released, and oh are we in for a treat!All three major BSD's have a "how we made the network go fast" talk, nearly every single timeslot has a networking related talk, and most of the non-networking talks look fantastic as well.The OpenBSD related talks are:

Pre-orders for the 6.0 CD sets have just been activated.In addition, one of the six release songs has been released early.