Flavors: OpenBSD | FreeBSD | NetBSD | Darwin | Dragonfly BSD | OS X | PC-BSD | MidnightBSD | MirBSD | DesktopBSD | GhostBSD | All
Home | Login | Forgot Pass | Register


OpenBSD Team Cleaning Up OpenSSL
Topix.net - 2014-04-15 19:43:20
First time accepted submitter Iarwain Ben-adar writes "The OpenBSD has started a cleanup of their in-tree OpenSSL library....
Comments (0) | Direct Link to Article

OpenBSD Team Cleaning Up OpenSSL
Slashdot - 2014-04-15 17:20:00
First time accepted submitter Iarwain Ben-adar (2393286) writes "The OpenBSD has started a cleanup of their in-tree OpenSSL library. Improvements include removing "exploit mitigation countermeasures", fixing bugs, removal of questionable entropy additions, and many more. If you support the effort of these guys who are responsible for the venerable OpenSSH library, consider a donation to the OpenBSD Foundation. Maybe someday we'll see a 'portable' version of this new OpenSSL fork. Or not." Read more of this story at Slashdot....
Comments (0) | Direct Link to Article

OpenBSD has started a massive strip-down and cleanup of OpenSSL
Undeadly.org - 2014-04-15 10:29:08
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } The denizens of lobste.rs (and no doubt you, eagle-eyed reader!) have made note of the ongoing rototilling of the OpenSSL code in OpenBSD, and Joshua Stein (jcs@) has chimed in with a quick breakdown of the action thus far: Changes so far to OpenSSL 1.0.1g since the 11th include: Splitting up libcrypto and libssl build directories Fixing a use-after-free bug Removal of ancient MacOS, Netware, OS/2, VMS and Windows build junk Removal of “bugs” directory, benchmarks, INSTALL files, and shared library goo for lame platforms Removal of most (all?) backend engines, some of which didn’t even have appropriate licensing Ripping out some windows-specific cruft Removal of various wrappers for things like sockets, snprintf, opendir, etc. to actually expose real return values ...
Comments (0) | Direct Link to Article

In Other BSDs for 2014/04/12
DragonFlyBSD Digest - 2014-04-12 14:11:09
Some out-of-the-ordinary things this week. BSDTV, a new YouTube channel.  It has several videos from the recent NYCBSDCon. pfSense 2.1.1 is out.  No, wait, it’s 2.1.2! Installing packages from a custom FreeBSD repository.  Applies to DragonFly, too. DiscoverBSD’s news summary for 2014/04/07. A partially tongue-in-cheek suggestion for an OpenOpenSSL. FreeBSDNews.net is now owned by? maintained […]...
Comments (0) | Direct Link to Article

BSDNow 032: PXE Dust
DragonFlyBSD Digest - 2014-04-11 20:26:39
I should have seen that pun coming a long time ago.  BSDNow 032 is up with an interview of Dru Lavigne and the usual assortment of other recent BSD items....
Comments (0) | Direct Link to Article

OpenBSD Foundation Funding Goals Reached
Undeadly.org - 2014-04-10 20:38:08
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Bob Beck (beck@) writes in to tell us that the OpenBSD Foundation 2014 fundrasing campaign has reached its goals: The OpenBSD Foundation is happy to report that the $150,000 goal of the 2014 fundraising campaign has been reached. We wish to thank our contributors large and small. We will continue our fundraising efforts both in the current year and next year. Read more... ...
Comments (0) | Direct Link to Article

HTTPS, OpenSSL, and dragonflybsd.org
DragonFlyBSD Digest - 2014-04-09 21:58:15
All the dragonflybsd.org sites (www, bugs, gitweb, lists, leaf) should be available via https now, thanks to a wildcard certificate from InterNetX.  Also, all the machines have an up-to-date version (1.0.1g) of OpenSSL installed to prevent the Heartbleed issue....
Comments (0) | Direct Link to Article

heartbleed vs malloc.conf
Undeadly.org - 2014-04-09 16:00:59
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Ted Unangst (tedu@) has posted an article about how OpenSSL has managed to sidestep OpenBSD's malloc.conf(3) protections: About two years ago, OpenSSL introduced a new feature that you’ve never used or even heard about until yesterday, after somebody discovered a bug that could be used to read process memory. As they say, read the whole thing. ...
Comments (0) | Direct Link to Article

Bugtraq: FreeBSD Security Advisory FreeBSD-SA-14:06.openssl [REVISED]
Topix.net - 2014-04-09 13:07:03
Hash: SHA512 ======================================================================== ===== FreeBSD-SA-14:06.openssl Security Advisory The FreeBSD Project Topic: OpenSSL multiple vulnerabilities Category: contrib Module: openssl Announced: 2014-04-08 Affects: All supported versions of FreeBSD....
Comments (0) | Direct Link to Article

Heartbleed and BSD
DragonFlyBSD Digest - 2014-04-09 02:49:51
If you didn’t know what the Heartbleed bug is, here’s your explanation, plus details.  (via).  You should probably update your systems....
Comments (0) | Direct Link to Article

Patches for OpenSSL bounds checking bug
Undeadly.org - 2014-04-08 07:56:09
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Patches for the so called heartbleed OpenSSL bug have been released by the OpenBSD project for OpenBSD 5.3-stable, OpenBSD 5.4-stable and OpenBSD 5.5 In the short statement contained in the commit message, Theo de Raadt (deraadt@) noted that OpenSSH is unaffected. Read more... ...
Comments (0) | Direct Link to Article

bwn(4) added
DragonFlyBSD Digest - 2014-04-08 01:14:02
You know what always makes me happy?  When someone shows up out of the blue and says “Here; I did this cause I needed it; everyone can share.”  The latest example of that is Imre Vadasz porting bwn(4), for the Broadcom BCM43xx wireless chipset over from FreeBSD to DragonFly....
Comments (0) | Direct Link to Article

Next

Feeds from:
ArchBSD
BSDnow
BSDTalk
DiscoverBSD
DragonFlyBSD Digest
Freebsd.org-errata
Freebsd.orgNews
GhostBSD
Jeremy C Reed
OSNews
Slashdot
Topix.net
Undeadly.org
This site generally feeds most news about *BSD it can find. If you have any questions, remarks, proposals, please let us know at bsdeater(at)riboe.se.



© www.bsdeater.org 2014