OpenBSD Journal

OpenBSD Journal

OpenBSD Community reaches Iridium in 2018!

Contributed by Paul 'WEiRD' de Weerd on from the is it osmium next? dept.

Right on the heels of the previous announcement, Kenneth R. Westerback (krw@) of the OpenBSD Foundation writes to inform us:

The OpenBSD Foundation is happy to announce that individual contributions from the OpenBSD commnunity have again exceeded $100,000, making the community the 2nd Iridium level donor for 2018!

These smaller regular contributions are the backbone of longer term spending planning. The Foundation would like to thank all the individuals who made and continue to make regular monthly contributions.

We'd like to thank Ken for sharing this piece of good news, and join him in thanking the larger community for their donations. If you haven't already (or want to add a donation), you can visit the donations page of the Foundation to make a contribution too.

Blog post by jcs@ on reverse engineering audio drivers

Contributed by Paul 'WEiRD' de Weerd on from the reversed-audio dept.

On his blog, joshua stein (jcs@) has a description of the hoops he jumped through to get stereo sound out of his Huawei Matebook X under OpenBSD (something that only worked under Windows with special drivers).

His approach involves logging all PCI device accesses by running Windows in QEMU under Linux with VFIO, parsing that, and making the OpenBSD azalia(4) driver do the same.

Thanks to joshua for the interesting write-up!

Microsoft goes Gold for 2018!

Contributed by Nayden Markatchev on from the Microsoft goes for the Gold! dept.

Kenneth R. Westerback (krw@) writes to inform us:

Microsoft goes Gold for 2018!

The OpenBSD Foundation is happy to announce that Microsoft has increased its support level from Silver to Gold for 2018.

This is the fourth consecutive year that Microsoft has made a contribution to the OpenBSD Foundation and we are grateful for their continuing support.

Thank you, Ken for sharing the good news about the OpenBSD Foundation with the community.

OpenSMTPD released and upcoming filters preview

Contributed by rueda on from the EXPN dept.

Gilles Chehade (gilles@) has written an article on recent progress in OpenSMTPD. It begins:

TL;DR:
Filters have been a (the most ?) long awaited feature in OpenSMTPD.
I finally committed most of the filters code to OpenBSD.
There is still a bit of work required but the trickiest parts are done.
This article describes how filters are implemented and what to expect.

Introducing the OpenBSD Virtualization FAQ

Contributed by Peter N. M. Hansteen on from the vmm! vmm! dept.

Returning readers are likely aware that OpenBSD in its OpenBSD/amd64 and OpenBSD/i386 varieties comes with virtualization built in, brought to you by the vmm(4) subsystem.

Now getting started with OpenBSD virtualization has become even easier: The OpenBSD FAQ has a new Virtualization section, written mainly by Solene Rapenne (solene@) and added to the site in this commit, that offers an introduction to the concepts as well as instructions on how to get started with vmm(4).

That's right: go read the thing, and play with vmm! Thanks, Solene!

OpenBSD 6.4 Released

Contributed by rueda on from the When-I'm-6.4 dept.

The release of OpenBSD 6.4 has been announced:

We are pleased to announce the official release of OpenBSD 6.4.
This is our 45th release.  We remain proud of OpenBSD's record of more
than twenty years with only two remote holes in the default install.
[…]

Rather than reproducing the full list of new features here, we refer readers to the official OpenBSD 6.4 page.

Selected highlights include:

  • Support has been added for qcow2 images and external snapshots in vmm(4)/vmd(8).
  • "join" has been added for Wi-Fi networks.
  • Security enhancements include unveil(2), MAP_STACK, and RETGUARD. Meltdown/Spectre mitigations have been extended further, and SMT is disabled by default.
  • rad(8) has replaced rtadvd(8).
  • bgpd(8) has undergone numerous improvements, including the addition of support for BGP Origin Validation (RFC 6811).
  • smtpd.conf(5) uses a new, more flexible grammar.
  • For the first time, there are more than 10,000 (binary) packages (for amd64 and i386).

Those upgrading from version 6.3 should read the upgrade guide.

Readers are encouraged to show their appreciation in the conventional manner.

Donate!

Donate to OpenBSD

Features

We are constantly on the lookout for stories of how you put OpenBSD to work. Please submit any informative articles on how OpenBSD is helping your company.

OpenBSD Errata

OpenBSD 6.4

0042018-11-17 RELIABILITY A recent change to POSIX file locks could cause incorrect results during lock acquisition.
0032018-11-17 SECURITY The portsmash vulnerability allows exfiltration of elliptic curve keys.
0022018-11-02 RELIABILITY The syspatch utility incorrectly handles symbolic links.
0012018-10-25 SECURITY The Xorg X server incorrectly validates certain options, allowing arbitrary files to be overwritten. As an immediate (temporary) workaround, the Xorg binary can be disabled by running: chmod u-s /usr/X11R6/bin/Xorg

Unofficial RSS feed of OpenBSD errata

XML/RSS/RDF

Users wishing RSS/RDF summary files of OpenBSD Journal can retrieve: RSS feed

Options are available.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]