DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 22nd June 2017
LeFrettchen's Avatar
LeFrettchen LeFrettchen is offline
Marveled user
 
Join Date: Aug 2012
Location: Bronvaux, France
Posts: 254
Default Stack Clash

Quote:
The Stack Clash is a vulnerability in the memory management of several operating systems. It affects Linux, OpenBSD, NetBSD, FreeBSD and Solaris, on i386 and amd64. It can be exploited by attackers to corrupt memory and execute arbitrary code.
Source : https://blog.qualys.com/securitylabs...he-stack-clash
__________________
The secret of wisdom is not wisdom itself, it's the road that leads us there.
Reply With Quote
  #2   (View Single Post)  
Old 23rd June 2017
GarryR's Avatar
GarryR GarryR is offline
Real Name: Garry Ricketson
Package Pilot
 
Join Date: Jul 2015
Location: Durango, Mx.
Posts: 190
Default

Thanks,
I see they show this :
OpenBSD
https://ftp.openbsd.org/pub/OpenBSD/...subr.patch.sig

But what I wonder is what need to be done to install it ?
And has any body installed it ?
__________________
My best friends are parrots
Reply With Quote
  #3   (View Single Post)  
Old 23rd June 2017
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 5,940
Default

See the syspatch(8) man page.

Edited to add, yes, I have this patch on 5 systems, in 2 architectures.
Reply With Quote
  #4   (View Single Post)  
Old 24th June 2017
GarryR's Avatar
GarryR GarryR is offline
Real Name: Garry Ricketson
Package Pilot
 
Join Date: Jul 2015
Location: Durango, Mx.
Posts: 190
Default

Ok, thanks,..
Reply With Quote
  #5   (View Single Post)  
Old 24th June 2017
cynwulf's Avatar
cynwulf cynwulf is offline
Package Pilot
 
Join Date: Mar 2014
Posts: 213
Default

It's best to keep an eye on the errata page from time to time...

https://www.openbsd.org/errata61.html

So if you haven't applied those patches, or if you're not running OpenBSD -stable, then it's probably time.
Reply With Quote
  #6   (View Single Post)  
Old 24th June 2017
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 5,940
Default

One can also subscribe to the announce@ mailing list, where ... these are announced.
Reply With Quote
  #7   (View Single Post)  
Old 25th June 2017
GarryR's Avatar
GarryR GarryR is offline
Real Name: Garry Ricketson
Package Pilot
 
Join Date: Jul 2015
Location: Durango, Mx.
Posts: 190
Default

The manual seems clear enough on this , how ever I am wondering
if this is correct for my "installurl" file:
Code:
https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/
When I do this, it comes up blank,..
Code:
# syspatch -c
#
also with the -l option.
When I run 'syspatch' it pauses a little while, then
the prompt, no errors, but no success message either ,..
Code:
# syspatch
#
Is that to be expected ?
Thanks
Reply With Quote
  #8   (View Single Post)  
Old 25th June 2017
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 5,940
Default

I will guess that your installation or upgrade was entirely from local media, and that as a result you do not have an installurl(5) file.

See the FILES section and the SEE ALSO section of the syspatch(8) man page.
Reply With Quote
  #9   (View Single Post)  
Old 26th June 2017
GarryR's Avatar
GarryR GarryR is offline
Real Name: Garry Ricketson
Package Pilot
 
Join Date: Jul 2015
Location: Durango, Mx.
Posts: 190
Default

Actually I do have the 'installurl', I use it to install packages,
I see what I was missing now,
Quote:
The /etc/installurl file contains a single line specifying an OpenBSD
mirror server URL, such as
Duh, I had added the other url, thinking I needed to do that, so I had 2 lines,..
I removed it ,(the extra line) and just kept the same url I use for packages, and it is installing patches now,
thanks,..

Last edited by GarryR; 26th June 2017 at 03:00 AM.
Reply With Quote
Old 26th June 2017
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 5,940
Default

Glad you were able to resolve it.
Reply With Quote
Old 29th June 2017
IdOp's Avatar
IdOp IdOp is offline
Too dumb for a smartphone
 
Join Date: May 2008
Location: twisting on the daemon's fork(2)
Posts: 759
Default

New 4.4.74 kernel packages for Slackware 14.2 and -current have fixes related to the Stack Clash problem.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security vulnerability in TCP stack implementation betweendayandnight OpenBSD Security 1 12th August 2016 11:05 AM
correct ulimit stack value DaBSD NetBSD General 9 28th January 2014 03:54 AM
How to configure OpenBSD (5.1) to make use of Comcast's native dual stack IPv6 SlyM OpenBSD General 7 11th March 2013 10:27 PM
Stack Protector (PaX) for FreeBSD bryn1u FreeBSD Security 1 14th January 2013 06:56 PM
ITU bellheads and IETF netheads clash over transport networks J65nko News 0 4th March 2011 12:06 AM


All times are GMT. The time now is 03:53 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick