OpenBSD Journal

After recent discussions of revisiting W^X support in Mozilla Firefox, David Coppa (dcoppa@) has flipped the switch to enable it for OpenBSD users running -current.Read more...

October 18th, 2015: The OpenBSD team marks the 20th anniversary of the project today with the general availability of OpenBSD 5.8.

On this week'sepisodeofBSDNow,the hosts interview OpenBSD's Brandon Mercer (bmercer@) about how and why he became an OpenBSD developer, the unfortunate state of IT in the health care industry and how OpenBSD has a part to play in fixing that, and his insights into how OpenBSD's 1-year support cycle can help you to 'clean out your fridge' for better overall tech results.As always, they have a roundup of the week's odds and ends in the world of BSD.[Video|HD Video|MP3 Audio|OGG Audio|Torrent]

The first CD set arrived report to appear on misc@ was the one from M Wheeler, located somewhere in the UK, who wrote:

As noted in a previous story, the new pledge(2) privilege restriction syscall (formerly known as tame(2)) has been inserted into large swathes of the base system. Theo de Raadt (deraadt@) asked tech readers to look closely for any failures:

As mentioned in a previous article, the OpenSMTPD code has seen its first independent audit, which lead to a series of errata and commits. Now main OpenSMTPD developer Gilles Chehade (gilles@) posted a summary of the audit and recent events to the misc@opensmptd.org mailing list, with discussion of the bugs found and some forward-looking statements:

The tame(2) privilege restriction syscall has now been renamed to pledge(2) by Theo de Raadt in this commit:

This year's EuroBSDCon in Stockholm, Sweden was a quite successful conference with approximately 250 attendees and a fairly strong showing of OpenBSD developers presenting:

OpenSMTPD has bumped its version number a couple times in the last few days, and there's been some confusion about the included security fixes. This post will bring you up to speed on what's affected and what's not.Read more...

After recently publishing theslidesfrom his talk on the subject,Theo de Raadt (deraadt@) has justmailedthe masses, letting us know where we are withtame(2):

Our next l2k15 hackathon report comes from Bob Beck (beck@):

David Gwynne (dlg@) writes in with our next report from the l2k15 hackathon, detailing all the networking dragons he and the crew faced.Read more...

The next trip report comes from hackathon invitee Bernard Spil, who's been upstreaming LibreSSL-related ports fixes and integrating it into other projects.Read more...

The OpenBSD 5.8 pre-orders are about to ship. The OpenBSD Store twitter account tweeted with a picture of soon-to-be-shipped CD sets on Saturday, September 26th:

Mark Kettenis (kettenis@) has just committed a large update to the drm(4) graphics code, syncing with upstream Linux 3.14.52 and introducing Broadwell GPU support.Read more...

The LibreSSL project has started a new development release branch, LibreSSL 2.3.0. The announcement posted by Brent Cook (bcook@) says,

Fresh from the l2k15 hackathon, here comes Philip Guenther's (guenther@) report:

With the l2k15 hackathon having just wrapped up, Ken Westerback (krw@) writes in to tell us how it went.Read more...

Amongst the flurry of commits from the l2k15 hackathon, Ken Westerback (krw@) has been hacking away on GPT support, and it's now enabled in the GENERIC kernel.Read more...

As the j2k15 hackathon comes to a close, OpenBSD gets its very own native EFI bootloader.On Twitter, Yojiro UO (yuo@-san) posted a list of systems tested and working with the new bootloader.

The third of the expected four OpenBSD 5.8 release songs, A Year in the Life, has been released.The song is available in mp3 and ogg formats, with lyrics mainly about the LibreSSL story (remember this?), but as the song notes point out,

Earlier today, Mike Larkin (mlarkin@) publisheda teaser for something he's been working on for a while. Then a little later in the day, an announcement appeared on tech@:

This weekon BSDNow,the hosts have an interview with Damien Miller (djm@) of OpenSSH fame. He talks about the recent scrubbing of the default crypto options in OpenSSH, the reasons behind the move to ChaCha20 and the problems with CBC-mode ciphers, the issue of obsolete OpenSSH releases in the wild, code refactoring for the purpose of automated testing, and a list of ideas for future improvements.Additionally, they have the usual roundup of the week's happenings in all things BSD.[Video|HD Video|MP3 Audio|OGG Audio|Torrent]

Theo de Raadt (deraadt@) has justreleaseda call for testing of an initial conversions of programs in OpenBSD baseto use thetame(2)API:

Earlier today, Doug Hogan (doug@) committed the first parts of the removal of SSLv3 support from LibreSSL:

As mentioned back in January, Mike Larkin (mlarkin@) has been working on improving W^X protections in the OpenBSD kernel. The bulk of the work was focused on the amd64 architecture, but he recently committed similar support for the i386 architecture as well.Read more...

The second of an anticipated four songs for the OpenBSD 5.8 release has ben published, this one written and performed by Alexandre Ratchov (ratchov@). In the announcement he says:

Two important events of the OpenBSD 5.8 release cycle happened today:

For your reading pleasure, here is the c2k15 report from Bob Beck (beck@):

The OpenBSD Foundation's 2015 fundraising campaign is picking up steam. The Foundation's directors wrote in to announce yet another Silver-class donor:

Our next c2k15 report comes from Renato Westphal (renato@), who writes,

Our next c2k15 report comes from Philip Guenther (guenther@), who writes,

Alexander Bluhm (bluhm@) wrote in with this report from the recently completed c2k15 hackathon:

Our next c2k15 report comes from Florian Obser (florian@).

We have a platinum donor. The OpenBSD Foundation has announced the name of the first platinum donor:

Next up in the c2k15 reports series is Paul Irofti (pirofti@), who writes:

Our next c2k15 report comes from Andrew Fresh (afresh1@). Andrew writes,

One of our new developers, Alexandr Nedvedicky (sashan@), writes in to tell us about his trip to the lovely locale of Calgary for c2k15.

The next c2k15 hackathon report comes from Jonathan Gray (jsg@), who got a lot done this time:

For our next c2k15 installment, we welcome new developer Rafael Zalamena (rzalamena@), who just submitted his first-ever hackathon report:

Our series of c2k15 hackathon reports continues with this entry from Jeremy Evans (jeremy@):

Our next c2k15 report comes from Martin Pieuchot (mpi@), who appears to have had a quite productive hackathon:

This just in - a fresh hackathon report, this time from Jasper Lievisse Adriaanse (jasper@). Jasper writes,

Next up in our series of c2k15 hackathon reports is from Antoine Jacoutot (ajacoutot@), who writes:

Stefan Sperling (stsp@) may not have landed just yet, but he did file this report from the newly concluded hackathon:

Kenneth Westerback (krw@) just came back from c2k15 and filed his report:

One of our favorite developers Ingo Schwarze (schwarze@) writes in about a new feature that he just added to mandoc(1).

Theo de Raadt (deraadt@) has pulled back the curtainon his entry into the process sandboxing contest:

The long international nightmareis over, now that Ted Unangst (tedu@) hasimporteddoas(1):