DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Installation and Upgrading

OpenBSD Installation and Upgrading Installing and upgrading OpenBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 19th May 2020
hitest's Avatar
hitest hitest is offline
Real Name: George Nielsen
VPN Cryptographer
 
Join Date: Sep 2008
Location: B.C., Canada
Posts: 377
Default Syspatch 1-3 Available for OpenBSD 6.7

Syspatch 1-3 Available for OpenBSD 6.7 (all architectures).

http://www.openbsd.org/errata67.html
__________________
hitest
Reply With Quote
  #2   (View Single Post)  
Old 26th May 2020
hitest's Avatar
hitest hitest is offline
Real Name: George Nielsen
VPN Cryptographer
 
Join Date: Sep 2008
Location: B.C., Canada
Posts: 377
Default

Syspatch 4-6 available for all architectures.
__________________
hitest
Reply With Quote
  #3   (View Single Post)  
Old 2nd June 2020
CiotBSD CiotBSD is offline
c107:b5d::
 
Join Date: Jun 2019
Location: Under /
Posts: 175
Default

Patch for perl on 6.6, 6.7!

Quote:
Several problems in Perl's regular expression compiler could lead to corruption of the intermediate language state of a compiled regular expression
No reboot; no daemon to restart!
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E
GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733
Reply With Quote
  #4   (View Single Post)  
Old 5th June 2020
CiotBSD CiotBSD is offline
c107:b5d::
 
Join Date: Jun 2019
Location: Under /
Posts: 175
Default

New patch for HID descriptors on 6.6, 6.7

Quote:
Malicious HID descriptors could be misparsed.
Reboot your machines
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E
GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733

Last edited by CiotBSD; 7th June 2020 at 09:25 PM.
Reply With Quote
  #5   (View Single Post)  
Old 5th June 2020
hitest's Avatar
hitest hitest is offline
Real Name: George Nielsen
VPN Cryptographer
 
Join Date: Sep 2008
Location: B.C., Canada
Posts: 377
Default

Quote:
Originally Posted by CiotBSD View Post
New patch for HID descriptors on 6.6, 6.7

Reboot your machines
Thanks. Done.
__________________
hitest
Reply With Quote
  #6   (View Single Post)  
Old 5th June 2020
ripe's Avatar
ripe ripe is offline
Package Pilot
 
Join Date: Feb 2013
Location: France
Posts: 180
Default

Quote:
Originally Posted by hitest View Post
Thanks. Done.
Same.
Reply With Quote
  #7   (View Single Post)  
Old 7th June 2020
CiotBSD CiotBSD is offline
c107:b5d::
 
Join Date: Jun 2019
Location: Under /
Posts: 175
Default

New patch for libc on 6.6, 6.7

Quote:
libc's resolver could get into a corrupted state.
No need to reboot machine; maybe restart some services
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E
GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733

Last edited by CiotBSD; 10th June 2020 at 01:27 AM.
Reply With Quote
  #8   (View Single Post)  
Old 10th June 2020
CiotBSD CiotBSD is offline
c107:b5d::
 
Join Date: Jun 2019
Location: Under /
Posts: 175
Default

New patch for libgcrypto, named x509, on 6.6, 6.7

Quote:
libcrypto may fail to build a valid certificate chain due to expired untrusted issuer certificates.
No need to reboot machine; nor restart services.
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E
GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733
Reply With Quote
  #9   (View Single Post)  
Old 9th July 2020
CiotBSD CiotBSD is offline
c107:b5d::
 
Join Date: Jun 2019
Location: Under /
Posts: 175
Default

New patch, named shmget, on 6.6, 6.7.

Quote:
shmget IPC_STAT leaked some kernel data
Need to reboot machine, because these affect the kernel.
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E
GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733
Reply With Quote
Old 10th July 2020
PapaParrot's Avatar
PapaParrot PapaParrot is offline
parrot
 
Join Date: Jul 2015
Location: Durango, Mx.
Posts: 472
Default

Thanks,both Hitest and CiotBSD I appreciate these, I don't go checking for sys patches every day, and before you started telling us, sometimes when I did check there were so many it took a while to do them, now it is just a 1 or 2 at max,.. thanks
__________________
My best friends are parrots
Reply With Quote
Old 10th July 2020
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 8,027
Default

You have two additional options that do not depend on Hitest or CiotBSD:
  1. Add
    Code:
    syspatch -c
    to /etc/daily.local, and be informed if there are new patches whenever daily(8) runs.
  2. Subscribe to the announce@ mailing list, and get informed of new patches when they are posted.
Reply With Quote
Old 11th July 2020
CiotBSD CiotBSD is offline
c107:b5d::
 
Join Date: Jun 2019
Location: Under /
Posts: 175
Default

I hope no problem to continue to post here when patch is announced?!

@jggimi: Y. I subscribed since few months.
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E
GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733
Reply With Quote
Old 11th July 2020
fvgit's Avatar
fvgit fvgit is offline
Spikes in tights
 
Join Date: May 2016
Location: perl -MMIME::Base64 -le 'print decode_base64("U2hlcndvb2QgRm9yZXN0")'
Posts: 314
Default

Quote:
Originally Posted by CiotBSD View Post
I hope no problem to continue to post here when patch is announced?!
I'm sure jggimi didn't mean it that way. He just pointed out two possibilites for automatic notifications which can be quite useful. We're talking about potentially security relevant information after all. The sooner you receive it, the better.
Reply With Quote
Old 11th July 2020
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 8,027
Default

Correct. I also wanted to be sure PapaParrot was aware that the Project makes this information available in multiple ways to the user community, and that users don't need to depend on third party forums like this one to discover it.
Reply With Quote
Old 12th July 2020
PapaParrot's Avatar
PapaParrot PapaParrot is offline
parrot
 
Join Date: Jul 2015
Location: Durango, Mx.
Posts: 472
Default

Thanks jggimi, yes I knew that, and a 3rd way, just type syspatch , if there are no new patches it just returns to the prompt, but I generally do not even think about checking, and when I see new posts here, it is a good reminder,..the same applies to the new releases, when they are ready...I am all ways surprised at how fast time goes by, Yes I could just check the OpenBsd.org website for announcements, or subscribe to the mail list, but since I check this forum daily for any new posts, on OpenBsd, it is the most convenient for me. A year or 2 could quickly , easily go by before it occurred to me to check for new releases, I do think about syspatch, more often though,...but before this thread started, it might be several weeks before I checked, ... as I all ready mentioned. To many "kids" I guess, grandchildren, and great grandchildren,... sorry, to drift off topic....my mind wanders a lot these days.
==== edited ==========
ahh, now that you mention it
Quote:
to /etc/daily.local, and be informed if there are new patches whenever daily(8) runs.
I need to check that as well, there probably are over 100 messages to read , or delete.---
not as bad as I thought,
Code:
-Mutt: /var/mail/papaparrot [Msgs:60 New:18 Old:35
all parrot.org daily output
__________________
My best friends are parrots

Last edited by PapaParrot; 12th July 2020 at 04:06 AM.
Reply With Quote
Old 12th July 2020
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 8,027
Default

By default, daily(8) runs at 01:30 local time.
Reply With Quote
Old 15th July 2020
CiotBSD CiotBSD is offline
c107:b5d::
 
Join Date: Jun 2019
Location: Under /
Posts: 175
Default

New patch for tty on 6.6, 6.7

Quote:
tty subsystem abuse can impact performance badly.
Need to reboot machine, because these affect the kernel.
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E
GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733
Reply With Quote
Old 16th July 2020
ripe's Avatar
ripe ripe is offline
Package Pilot
 
Join Date: Feb 2013
Location: France
Posts: 180
Default

Applied, thx!
Reply With Quote
Old 21st July 2020
CiotBSD CiotBSD is offline
c107:b5d::
 
Join Date: Jun 2019
Location: Under /
Posts: 175
Default

New patch for tty — again — on 6.6, 6.7

Quote:
Only pty devices need reprint delays.
Need to reboot machine, because these affect the kernel.
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E
GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733
Reply With Quote
Old 27th July 2020
CiotBSD CiotBSD is offline
c107:b5d::
 
Join Date: Jun 2019
Location: Under /
Posts: 175
Default

Two patches:

- for iked, on 6.6, 6.7:
Quote:
In iked, incorrect use of EVP_PKEY_cmp allows an authentication bypass
Restart the service.

- for rpki-client on 6.7:
Quote:
In rpki-client, incorrect use of EVP_PKEY_cmp allows an authentication bypass.
Restart the client.
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E
GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Syspatch 1-2 available for OpenBSD 6.6 hitest OpenBSD Installation and Upgrading 23 16th May 2020 12:58 PM
HexChat broke after syspatch Freyja OpenBSD Packages and Ports 4 25th April 2020 02:30 PM
syspatch cron job bsdsource OpenBSD General 4 29th June 2018 04:05 PM
syspatch on only two architectures? pawkolor OpenBSD General 9 22nd October 2017 05:39 PM
syspatch appears to get stuck Prevet OpenBSD Installation and Upgrading 1 9th October 2017 07:37 PM


All times are GMT. The time now is 12:31 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick