The t2k17 hackathon reports keep trickling in. Here's the one from Ian Sutton, who writes:
The Toronto hackathon was a complete success and went off without a hitch! I did
not get as much done as I had hoped, but definitely made up for it in other
ways. It was my first hackathon and I was pretty nervous, but that subsided
quickly and in the end turned out to be one of the best weeks I've ever had.
from the KARL kranks kernel kode krunch dept.
It almost went unnoticed due to the 6.2-beta announcement, but Antoine Jacoutot (ajacoutot@) just commited a very useful update to syspatch. In this commit, the groundwork is done for having syspatch update only the kernel object files that have changed. Due to KARL, the scheme to relink the kernel for each reboot, it makes sense to save space and bandwidth that way.
You all know what this means: get to testing! Find whatever hardware you have and install the latest snapshots, stress the upgrade procedure, play your favorite games, build your own code - whatever you use OpenBSD for, try it in the new snaps and report any problems you find. Your testing efforts will help make sure 6.2 is another great release!
from the guard my RET, you dept.
In a message to the tech mailling list, Theo de Raadt(deraadt@) offered a preview of the next big thing in exploit mitigation, dubbed RETGUARD:
This year I went to BSDCAN in Ottawa. I spent much of it in the
'hallway track', and had an extended conversation with various people
regarding our existing security mitigations and hopes for new ones in
the future. I spoke a lot with Todd Mortimer(mortimer@). Apparently I told him
that I felt return-address protection was impossible, so a few weeks
later he sent a clang diff to address that issue...
from the I-like-your-old-stuff-better-than-your-new-stuff dept.
As there have been no reports of functional bugs since the last beta, and the primary goal of the work was achieved long ago, the (main) Undeadly server is to be upgraded.
The upgrade, which is expected to involve downtime of no more than one hour, is scheduled for next .
Changes since the last public beta include:
A sprinkling of responsive web design has been added (thanks to a kind contribution).
Comments no longer have subjects and the comment header display is more compact.
In comment submission, the automatic quoting of parent comment has been removed.
Anonymous article submission and commenting has been enabled, provisionally.
Those interested in seeing this feature maintained are encouraged to:
Refrain from abusing it.
(Log in and) Use the "Report to Editors" command on inappropriate comments.
(For old, spam-ridden articles, there's no need to report more than one comment.
As old articles will be closed for comments following the upgrade, the Editors intend to delete old comment spam, eventually checking all articles.)
Bikeshedding the appearance will continue on the beta site.
Update: The upgrade has been completed.
Please report problems here or by emailing the editors.
The second report from the just completed t2k17 hackathon
comes from Ted Unangst (tedu@), who writes:
I did a bit of this and that, but the project that probably has the most
interesting explanation has to do with pseudo terminals. This has a bit of
history behind it that goes back to the early days of unix.
The official statement from the foundation, via director Ken Westerback reads,
The OpenBSD Foundation is excited to announce that it has received the
first 2017 Iridium level donation. For the second consecutive year,
Smartisan (http://www.smartisan.com) has has made a donation of over
CDN$100,000 to support OpenBSD and related projects.
We thank Smartisan for its very generous support! This donation
will no doubt fund many exciting projects in the next few years.
We at Undeadly are very happy to hear this news.
If you're interested in contributing to the Foundation yourself, the 2017 fundraising campaign page is a good place to start.
from the cache the pledges dept.
The first report from the just completed t2k17 hackathon comes from Bob Beck, who writes:
Unusually I had basically nothing to do with organizing this year, I
let krw@ do all the dirty work, which was good since life has been a
bit crazy over the last couple months with things keeping me from
2017-08-03SECURITYAn out of bounds read could occur during processing of EAPOL frames in the wireless stack. Information from kernel memory could be leaked to root in userland via an ieee80211(9) ioctl.