Feed openbsd-journal OpenBSD Journal

Favorite IconOpenBSD Journal

Link http://undeadly.org/
Feed http://undeadly.org/cgi?action=rss
Updated 2025-04-03 22:31
Game of Trees 0.91 released
Version 0.91of Game of Treeshas been released (and the portupdated):
OpenSSH 9.3p2 released
As announced by Damien Miller: "We've just made an OpenSSH release to fix a remotely exploitable RCE vulnerability in ssh-agent's PKCS#11 support (CVE-2023-38408). Details at https://openssh.com/releasenotes.html#9.3p2Thanks to the Qualys Security Advisory Team for finding and reporting this bug."This appears to impact every version of OpenSSH's ssh-agent from 5.5 onwards.
Mandatory enforcement of indirect branch targets
Theo de Raadt (deraadt@)has updatedinnovations.htmlto include an item regarding the work which has been doneto enforce indirect branch target restriction(on theamd64[Intel]andarm64platforms).Thecommit messageprovides some detail:
OpenBGPD 8.1 released
Version 8.1 of OpenBGPD, the OpenBSD Border Gateway Protocol (BGP) routing daemon, has just been released.The announcement reads,
pkg_*: the road forward
An anonymous submitter reminded us that Marc Espie (espie@) posted a summary of the state of OpenBSD packages in a message to the tech mailing list with the subject pkg_*: the road forward.Marc writes,
Wayland on OpenBSD
Matthieu Herrb (matthieu@) has written some noteson his work at the (recently-concluded)g2k23 hackathonin Tallinn, Estonia.His article,Wayland on OpenBSD,starts:
Major pfsync(4) Rewrite Has Been Committed
The majorpfsync(4)rewrite on which werecently reportedhas beencommittedto -current by David Gwynne (dlg@).As it says in the commit message
Soft updates (softdep) disabled for future VFS work
A low key leak from the ongoing g2k23 hackathon comes the news thatsoft updates(akasoftdep) will, for now, be a no-opon OpenBSD-current.The commit message by Bob Beck (beck@) reads,
[CFT] sec(4) for Route Based IPSec VPNs
A new tool for creating flexible, route based site to site virtual private networks (site-to-site VPNs) is entering its call for testing phase on OpenBSD-current.In a message to the tech@ mailing list on July 4th, 2023, David Gwynne (dlg@) presented a diff that adds a new virtual network interface dubbed sec(4). The message reads,
Game of Trees 0.90 released
Version 0.90ofGame of Treeshas been released (and the portupdated):Read more...
[CFT] Major pfsync(4) Rewrite on the Horizon
A major rewrite of pfsync(4), the state table synchronization tool for redundant pf(4) setups is in the works.In a recent message to tech@, David Gwynne (dlg@) describes the multi-year process behind the diff contained in the message,
shutdown/reboot now require membership of group _shutdown
Theo de Raadt (deraadt@)committedchanges which result intheshutdown(8)andreboot(8)commands(in -current)requiring membership of the the (new) group"_shutdown".The commit message explains the rationale:Read more...
OpenSMTPD 7.3.0p0 released
TheOpenBSD projecthas releasedversion 7.3.0p0of OpenSMTPD, the project'sSMTPserver.Theannouncementreads in part:
Game of Trees 0.89 released
Version 0.89ofGame of Treeshas been released (and the portupdated):
New versions of LibreSSL released
TheLibreSSL projecthas announced the release of versions3.6.3 and3.7.3,and (development) version3.8.0of the software.Theannouncementfor versions 3.6.3 and 3.7.3 reads:
cron(8) now supports random ranges with steps
Thanks to the followingcommitby Todd Miller (millert@),cron(8)now supports random values in a rangewith a step value(i.e."<lo>~<hi>/<step>"incrontab(5) entries):
cron(8) now supports random ranges with steps
Thanks to the followingcommitby Todd Miller (millert@),cron(8)now supports random values in a rangewith a step value(i.e."<lo>~<hi>/<step>"incrontab(5) entries):
OpenBGPD 8.0 released
The OpenBSD project has released a new version ofOpenBGPD,the OpenBSD Border Gateway Protocol (BGP) routing daemon,version 8.0.Theannouncementreads,
OpenBGPD 8.0 released
The OpenBSD project has released a new version ofOpenBGPD,the OpenBSD Border Gateway Protocol (BGP) routing daemon,version 8.0.Theannouncementreads,
rpki-client 8.4 released
Version 8.4ofrpki-clienthas beenreleased, with a number of improvements and new features:
rpki-client 8.4 released
Version 8.4ofrpki-clienthas beenreleased, with a number of improvements and new features:
Game of Trees 0.88 released!
Version 0.88ofGame of Treeshas been released (and the portupdated):
Game of Trees 0.88 released!
Version 0.88ofGame of Treeshas been released (and the portupdated):
VM owners can now override the boot kernel
Dave Voutila (dv@)has addedanother feature to virtualisation on OpenBSD.Thanks to the followingcommit,it is now possible for the owners of virtual machinesto override the boot kernel:Read more...
VM owners can now override the boot kernel
Dave Voutila (dv@)has addedanother feature to virtualisation on OpenBSD.Thanks to the followingcommit,it is now possible for the owners of virtual machinesto override the boot kernel:Read more…
vmd(8) moves to a multi-process model
Dave Voutila (dv@)committeda change which brings a multi-process model tovmd(8),enhancing both security and performance:
vmd(8) moves to a multi-process model
Dave Voutila (dv@)committeda change which brings a multi-process model tovmd(8),enhancing both security and performance:
viogpu(4), a VirtIO GPU driver, added to -current
Joshua Stein (jcs@) hascommittedviogpu(4),which provides support for thevirtio(4)GPUinterface(provided byQEMU and other virtual machines)to create a wscons(4)console.
Game of Trees 0.87 released
Version 0.87ofGame of Treeshas been released (and the portupdated):
malloc leak detection available in -current
OpenBSD -current just grew a new tool for developers working on OpenBSD to detect unsafe behaviors in their code. OpenBSD lets you more easily track memory allocations and whether allocations are properly freed after use.In a message to tech@, Otto Moerbeek (otto@) announced the new functionality:
OpenBSD 7.3 released
Calgary and elsewhere, 2023-04-10:The OpenBSD project today announced the release and general availability of its latest stable version, OpenBSD 7.3.Eagerly anticipated by users, engineers, enthusiasts and industry pundits all over the world, this release contains a number of improvements over earlier versions, including but not limited to
LibreSSL 3.7.2 Released
The LibreSSL project has announced a new stable release, LibreSSL 3.7.2. The announcement reads,
Theo de Raadt at CanSecWest: Synthetic Memory Protections
We recentlyreportedthat Theo de Raadt (deraadt@)was scheduled to present atCanSecWest.That's now happened, andslidesof Theo's presentation,Synthetic Memory Protections,can be found in theusual place.Video isavailableon the bird site.
OpenBGPD 7.9 released
Version 7.9 ofOpenBGPDhas beenreleased:
(Even more) Aggressive randomisation of stack location
In a late-stage addition prior to the release ofOpenBSD 7.3,Mark Kettenis (kettenis@) hascommitted[more] aggressive randomisation of the stack locationfor all 64-bit architectures except alpha:Read more…
rpki-client 8.3 released
One small but significant step for routing security on the Internet happened Sunday 19th of March 2023 with the release of version 8.3 of rpki-client.The announcement reads,
-current has moved to 7.3, ports commits restricted pending release
With the followingcommit,Theo de Raadt (deraadt@) moved -current to version 7.3:
OpenBGPD 7.8 released
OpenBGPD 7.8 has been released and the announcement may be read here.
LibreSSL 3.7.1 Released
With a message to openbsd-announce and other lists, Brent Cook (bcook@) announced the release of LibreSSL 3.7.1, with numerous improvements.It is worth noting that this is the final version to be released before the upcoming OpenBSD 7.3 release.The announcement reads,
OpenSSH 9.3/9.3p1 released
On 2023-03-15,the release ofversion 9.3ofOpenSSHwasannounced:Read more…
Theo de Raadt to be presenting at CanSecWest.
Dragos Ruiu recently announced that Theo de Raadt will be presenting at this year's CanSecWest, March 22-24 2023 in Vancouver, BC. Read more…
Game of Trees 0.86 released
Version 0.86ofGame of Treeshas been released (and the portupdated):Read more…
Bug fixing in wscons
Crystal Kolipe has written up more of her work on the console.This time, it regards bugs in the handling ofUTF-8:ExoticSilicon.com - fixing cringeworthy bugs in the OpenBSD console code.As Crystal pointed out in her email to Undeadly,Miod Vallat (miod@) hascommittedfixes.
Converting incoming emails on the fly with OpenSMTPD filters
Wladimir Palanthas written anarticleon use ofOpenSMTPDfilters, andprovided codeunder an MIT license for those who may wish to utilizethe techniques described therein.
Game of Trees 0.85 released
Version 0.85ofGame of Treeshas been released (and the portupdated):Read more…
Initial support for guided disk encryption in the installer
The OpenBSD installer now has basic support for configuring disk encryption during the regular installation process. Previously, disk encryption needed to be set up manually by dropping to the shellfrom the installer.Initial support, likely to be expanded upon, wascommittedby Klemens Nanni (kn@) onMarch 7, 2023.The commit reads,
Dynamic host configuration, please
Another piece from Florian Obser (florian@) just came out, titledDynamic host configuration, please.In the article, Florian details the steps to modern OpenBSDdynamic host configuration, including interface configuration, name resolution, routing and more.We also get an explanation of the various userland programs (most of them portable, some OpenBSD-specific) that make a modern OpenBSD laptop shine.You can read the full piece here, Dynamic host configuration, please.
OpenBSD -current is now 7.3-beta
It's that time of the year again. With this commit,Theo de Raadt (deraadt@) changed the version string for the development branch of OpenBSD to 7.3-beta.The commit reads,
OpenBSD in Canada
We all know the OpenBSD is lead from Canada, but what is the status in that country by and large? Bringing up the subject, Katie McMillan wrote in, saying
Game of Trees 0.84 released
Version 0.84ofGame of Treeshas been released (and the portupdated).Read more…
12345678910...