OpenBSD 7.4 is released.

YesItsMe · 11-06-2023, 11:35 AM

Thank you. I had to fix that once, but I can’t remember how, so it’s good to have a reference here.

hitest · 11-08-2023, 10:05 AM

Quote:

Originally Posted by YesItsMe

Thank you. I had to fix that once, but I can’t remember how, so it’s good to have a reference here.

You're welcome.

YesItsMe · 11-20-2023, 03:29 PM

Syspatch 003 (all architectures):
patch(1) with explicit patchfile did not work in 7.4 due to overeager unveil(2) restrictions.

Syspatch 004 (all architectures):
Simple passwords which were 8 characters long caused ospfd(8) to send out packets with invalid checksum.

Syspatch 005 (all architectures):
Overlong sequences of UTF-8 combining characters could crash tmux(1).

Syspatch 006 (all architectures):
httpd(8): Avoid a NULL dereference when handling a malformed fastcgi request.

YesItsMe · 11-28-2023, 01:42 PM

Syspatch 007 (all architectures):
A crafted regular expression when compiled by perl can cause a one-byte attacker controlled buffer overflow in a heap allocated buffer. CVE-2023-47038

YesItsMe · 11-30-2023, 06:53 AM

There is a new Bluetooth attack:
https://www.bleepingcomputer.com/new...h-connections/

OpenBSD, not supporting Bluetooth, remains unaffected.

YesItsMe · 12-10-2023, 09:24 AM

Syspatch 008 (amd64):
vmm(4) restored stale GDTR & TR values on vm exit which could lead to memory corruption or kernel deadlocks.

Syspatch 009 (all architectures):
A race condition between pf(4)'s processing of packets and expiration of packet states may cause a kernel panic.

hitest · 12-10-2023, 10:36 AM

Quote:

Originally Posted by YesItsMe

Syspatch 008 (amd64):
vmm(4) restored stale GDTR & TR values on vm exit which could lead to memory corruption or kernel deadlocks.

Syspatch 009 (all architectures):
A race condition between pf(4)'s processing of packets and expiration of packet states may cause a kernel panic.

Thanks! Updated.

YesItsMe · 12-10-2023, 05:34 PM

Glad it's still useful for someone.

YesItsMe · 12-15-2023, 07:09 AM

Syspatch 010 (all architectures):
Fix out of bounds memory accesses in XRandR and XKB X server extensions. CVE-2023-6377 CVE-2023-6478

YesItsMe · 12-19-2023, 03:13 PM

Syspatch 011 (all architectures):
An SSH protocol weakness (the Terrapin Attack) exists that allows an on-path adversary to disable keystroke timing obfuscation.

hitest · 12-21-2023, 06:21 PM

Quote:

Originally Posted by YesItsMe

Syspatch 011 (all architectures):
An SSH protocol weakness (the Terrapin Attack) exists that allows an on-path adversary to disable keystroke timing obfuscation.

Updated.

////// · 12-24-2023, 10:47 AM

my new 7.4 installation.
https://i.imgur.com/ob9OimR.png

work in progress.

YesItsMe · 12-25-2023, 04:44 AM

Looks pretty standard yet.

hitest · 12-25-2023, 09:51 AM

Quote:

Originally Posted by //////

my new 7.4 installation.
https://i.imgur.com/ob9OimR.png

work in progress.

Awesome!
I use the following command to change my computer name:

Code:

#echo "bsd.darkstar.home" > /etc/myname

If you want to personalize your PC name.

hitest · 12-25-2023, 10:44 AM

Your new computer name will show up on next boot-up.

Code:

bsd$ uname -a
OpenBSD bsd.darkstar.home 7.4 GENERIC.MP#2 amd64