> Honestly, as one of the devs involved with this security fix, I can tell
> you that I don't know. It is a use-after-free in some situations.
> Is it reachable from remote? I don't know.
> Is it reachable from local? Maybe.
> Is the use-after-free exploitable? Damn hard to tell, it is for sure
To close this thread, I found this:
https://twitter.com/m00nbsd/status/1321524807473782784
> Am 30.10.2020 um 11:15 schrieb js-openbsd-m...@webkeks.org:
>
>> Am 30.10.2020 um 01:28 schrieb Theo de Raadt :
>>
>> js-openbsd-m...@webkeks.org wrote:
>>
>>> I just saw
>>>
> Am 30.10.2020 um 01:28 schrieb Theo de Raadt :
>
> js-openbsd-m...@webkeks.org wrote:
>
>> I just saw
>> https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/002_icmp6.patch.sig,
>> however, it's unclear from the description and the context around the
>> patch if this is a read after free or
Hi!
I just saw
https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/002_icmp6.patch.sig,
however, it's unclear from the description and the context around the patch if
this is a read after free or write after free (or both).
In the case of a write after free, would this change "Only two
I have next options in tmux.conf:
bind '"' split-window -c "#{pane_current_path}"
bind % split-window -h -c "#{pane_current_path}"
bind c new-window -c "#{pane_current_path}"
But it doesn't work anymore. And I can't find working options in Google. I tried
all suggestions from stackexchange and
Here is screenshot: https://screenshots.firefox.com/LyKbRyGMRT3sDHbu/null
I had this problem in the past, but can't remeber what font should I install?
Thanks!
Hi!
Wondering if anyone has experience with hosted CI services that
support OpenBSD targets for building + tests. I haven't been
successful finding any.
Looking to add native OpenBSD support to a project's CI, hoping
to draw on the community's experience.
Would also prefer to run a
I mostly follow -stable, and have scripts/tools that enable me to (re)build
stable from source with minimal human intervention.
To further automate this process, it would be helpful to have the current
release number and (at least) the most current patch number.
Obviously this information is
> On Dec 5, 2015, at 11:51 AM, trondd wrote:
>
> On Sat, December 5, 2015 2:20 pm, openbsd-m...@clark-communications.com
> wrote:
>> I mostly follow -stable, and have scripts/tools that enable me to
>> (re)build
>> stable from source with minimal human intervention.
>>
>>
So a few releases ago, I found that if I had OpenVPN running on an
OpenBSD box as a hub, and I did a large transfer from one client to
another, the OpenBSD box would occasionally kernel panic - something
about mbufs, I can pull the kernel stack traces up if desired. The
hosting company said they
Hey there,
I have been asked to help a friend whose system is used as a VPN hub.
It used to be an older OpenBSD, possibly 4.5 or 4.6, and he got many
kernel panics around some buffer routines (possibly mbuf) that led to
disk corruption.
It's now OpenBSD 4.8 amd64, and if the system has transit
On Fri, Jan 28, 2011 at 03:52:53PM -0800, Travis H. wrote:
So I'm curious if there's something in OpenBSD that's similar to the
mount -o bind /dir1 /dir2 to make dir1 appear where dir2 is.
For those who asked, one sample use is for something like this:
Starting with the 2.4-series Linux
Hey all,
I ran host www.google.com on a new OpenBSD 4.8 install and got this:
13:50:28.132052 127.0.0.1.41209 127.0.0.1.48830: udp 31
13:50:28.132081 127.0.0.1 127.0.0.1: icmp: 127.0.0.1 udp port 48830
unreachable
13:50:29.133552 ::1.38033 ::1.48830: udp 31
13:50:29.133577 ::1 ::1: icmp6:
http://www.subspacefield.org/~travis/OpenBSD/
Need to be updated - last update was for 4.1
--
A Weapon of Mass Construction
My emails do not have attachments; it's a digital signature that your mail
program doesn't understand. | http://www.subspacefield.org/~travis/
If you are a spammer, please
Fact of the matter is that I have
become convinced that those that know how to actually TROUBLESHOOT
problems are in the very small minority in this industry.
I think this is really the crux of the matter, I find the ability
to troubleshoot multi-vendor complexity is getting to be a rare
I was given a AVM FRITZ!WLAN USB Stick N and I found some references to it in
a man page for otus driver (rel 1.3 and 1.4).
However searching the man pages
via openbsd.org I can't find any mention of a released otus driver at
least in 4.5 (as
per my official CD).
Also I noticed this line in
wrote:
try -current.
On 2009-05-13, openbsd misc open...@6wells.com wrote:
I was given a AVM FRITZ!WLAN USB Stick N and I found some references to it
in
a man page for otus driver (rel 1.3 and 1.4).
However searching the man pages
via openbsd.org I can't find any mention of a released otus
On Wed, May 6, 2009 at 3:42 PM, Diana Eichert deich...@wrench.com wrote:
On Wed, 6 May 2009, J.C. Roberts wrote:
I need to collect raw throughput statistics without increasing latency
or reducing bandwidth on 10GbE fiber links, so most of the typical
methods are out of the question (i.e. like
You can either read the code or listen to somebody who has. I don't
know you either, but I know Henning and I know the bridge code, and
the short version is he's right.
Has anyone noticed
That if you substitute BIble for code , in the section quoted above-
its like listening to someone who
On Thu, Apr 2, 2009 at 11:48 PM, Theo de Raadt dera...@cvs.openbsd.org wrote:
I see OpenBSDEurope appear to advertise the CDs for about 30 euro a
pop: http://www.openbsdeurope.com/45.htm
Other sellers offer the CDs for the usual 50 euro.
Does the lower price @ openbsdeurope mean they have
Damn, this is degenerating into mud slinging bollocks, what with
full value, owed for CD Sales , transfers of undisclosed amounts -
some clear facts would be nice, this sounds like waffle.
1. There appear to be no contracts, so Theo and Wim or the bodies
they represent or act for, have no
-Urspr|ngliche Nachricht-
Von: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org]
Im Auftrag von Mike Erdely
Gesendet: Freitag, 27. Mdrz 2009 20:25
An: misc(at)openbsd.org
Cc: misc@openbsd.org
Betreff: Re: Multiple obsd installations on one harddrive
On Fri, Mar 27, 2009 at
-Urspr|ngliche Nachricht-
Von: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org]
Im Auftrag von Ingo Schwarze
Gesendet: Freitag, 27. Mdrz 2009 03:12
An: Volpers, Hagen
Cc: misc@openbsd.org
Betreff: Re: Multiple obsd installations on one harddrive
Volpers, Hagen wrote on Fri,
Henning Brauer(lists-open...@bsws.de)@2009.01.06 14:42:09 +0100:
I am not aware of any. Lack of options doesn't make openldap better.
There is an option for people who have very basic LDAP needs - tinyldap
from fefe.de. It's high quality but lacks many features at the time.
On Thu, 2008-10-30 at 10:45:20 -0400, Douglas A. Tutty proclaimed...
Yes.
Then keep it off a computer. Otherwise look for solutions that have already
been presented...because they work.
- Eric
Hi,
I'm running two obsd 4.4-current boxes as firewall / vpn-endpoints
hot-standby (no balancing). I configured carp like this:
Master:
carp3: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:00:5e:00:01:01
carp: MASTER carpdev vlan32 vhid 1 advbase 1 advskew 9
Hi,
interessting point. How about dumping it to a file or something so you are
able to check what was loaded last time (e.g. a file with 400 under
/var/whatever)?
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Im Auftrag von Stuart
: Paul de Weerd [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 25. Juli 2008 22:37
An: openbsd misc
Cc: misc@openbsd.org
Betreff: Re: pfctl
On Fri, Jul 25, 2008 at 10:16:21PM +0200, openbsd misc wrote:
| Hi,
|
| interessting point. How about dumping it to a file or
something so you are
| able
this discussion :)
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: Paul de Weerd [mailto:[EMAIL PROTECTED]
Gesendet: Samstag, 26. Juli 2008 00:00
An: openbsd misc
Cc: misc@openbsd.org
Betreff: Re: pfctl
On Fri, Jul 25, 2008 at 11:38:40PM +0200, openbsd misc wrote:
| Hehe, I
Hi,
you didn't define a protocoll. Change your configuration to
ProxyPass / http://127.0.0.1:3000
ProxyPassReverse / http://127.0.0.1:3000
You should also set
NoCache *
(for more information on favicon: http://en.wikipedia.org/wiki/Favicon - some
browser request the icon even if it's not
http://cr.yp.to/djbdns/run-cache.html
http://www.ro.kde.org/djbdns/mywork/jumbo/index.html
I never understood the mix of authoritive server and resolver ... Use dnscache
as resolver and you you're (AFAIK) save.
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED]
Hello,
I hope I can avoid try'n error this way ;-) I have two firewall systems
with carp enabled (running obsd 4.3). These gateways have two internet
connections (dsl 6000 and symmetric 4000 provided by a router with an
/29 transport net).
The symmetric line should be used for vpn and vor mail
Henderson
Gesendet: Donnerstag, 26. Juni 2008 01:47
An: misc@openbsd.org
Betreff: Re: carp / routing question (multiple lines)
On 2008-06-25, openbsd misc [EMAIL PROTECTED] wrote:
I hope I can avoid try'n error this way ;-) I have two
firewall systems
with carp enabled (running obsd 4.3
Hello,
sorry, version 4.1 and 4.2. Thanks for your reply, I'll check that.
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Im Auftrag von Pierre Riteau
Gesendet: Samstag, 14. Juni 2008 00:28
An: misc(at)openbsd.org
Cc:
http://www.openbsd.org/plus.html
Enter wpa-psk(8), a tool to generate WPA-PSK keys from the ssid and
passphrase.
http://www.openbsd.org/cgi-bin/man.cgi?query=wpa-pskapropos=0sektion=0manp
ath=OpenBSD+Currentarch=i386format=html
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von:
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Im Auftrag von Markus Bergkvist
Gesendet: Sonntag, 27. April 2008 23:45
An: OpenBSD Misc
Betreff: Redirect traffic based on sub-domain?
Hi,
Is it possible to have PF redirecting traffic based on
sub
Hello,
I use flashdist:
http://www.nmedia.net/flashdist/
It's easy to use and easy to customize.
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Im Auftrag von Martin Marcher
Gesendet: Sonntag, 23. Mdrz 2008 15:18
An:
Hello,
I there a way to support as non-developer ... Unfortunally I'm not a developer
so I can't help code, but if I can do something else let me know.
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Im Auftrag von Damien Bergamini
Hello,
perhaps this helps:
man scp:
-l limit
Limits the used bandwidth, specified in Kbit/s.
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Im Auftrag von Marc Rene Arns
Gesendet: Montag, 10. Mdrz 2008 19:30
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Im Auftrag von George Paschos
Gesendet: Donnerstag, 6. Mdrz 2008 11:47
An: misc@openbsd.org
Betreff: Regarding MTU values on 802.1q trunked physical
interfaces (and more)
Hello all,
I am a bit confused
-Urspr|ngliche Nachricht-
Von: David Higgs [mailto:[EMAIL PROTECTED]
Gesendet: Sonntag, 17. Februar 2008 16:54
An: openbsd misc
Cc: OpenBSD-Misc
Betreff: Re: What is our ultimate goal??
On Feb 17, 2008 7:36 AM, openbsd misc
[EMAIL PROTECTED] wrote:
-Urspr|ngliche Nachricht
On Fri, 2008-01-11 at 16:05:49 +0100, jere proclaimed...
I suddenly got this error (while surfing the web in default Gnome
session) on OpenBSD 4.2 release (patched up to patch_004, including it).
Is it a disk error or something else ? Please help.
This is just a soft disk error; you may
-Urspr|ngliche Nachricht-
Von: Stuart Henderson [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 20. Juli 2007 01:22
An: openbsd misc
Betreff: Re: hardware problem?! strangely ssh error
On 2007/07/20 00:02, Stuart Henderson wrote:
If there might be crypto hardware onboard, try sysctl
On Thu, 19 Jul 2007, openbsd misc wrote:
misc(at)openbsd.org wrote:
Hello,
I have a system with openbsd 4.1 installed. Everything works fine
(lynx
/ ping / ...) but I'm not able to connect to another system via
ssh.
I'm
not able to connect to the system, too.
The error I got
informations do I need to provide?
(dmesg is hard, I have to write it up, but if that helps, let me know and I'll
do it).
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: Maxim Belooussov [mailto:[EMAIL PROTECTED]
Gesendet: Donnerstag, 19. Juli 2007 21:38
An: openbsd misc
Betreff: Re
:[EMAIL PROTECTED] Im Auftrag von
openbsd misc
Gesendet: Donnerstag, 19. Juli 2007 22:19
An: misc@openbsd.org
Cc: Maxim Belooussov
Betreff: Re: hardware problem?! strangely ssh error
Hello,
putting that one back to list, it's not silly ;-)
I tried ssh [EMAIL PROTECTED] - same result.
So the nic
openbsd misc wrote:
Hello again,
I tested the gentoo live cd. I was able to ssh to another machine, so
I was
able to get a complete (linux) dmesg output. Hope that helps:
[...]
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED
misc(at)openbsd.org wrote:
Hello,
I have a system with openbsd 4.1 installed. Everything works fine
(lynx
/ ping / ...) but I'm not able to connect to another system via ssh.
I'm
not able to connect to the system, too.
The error I got:
2: Bad packet length integer
I googled a bit, but I
On 2007/06/22 12:15, Heinrich Rebehn wrote:
Stuart Henderson wrote:
On 2007/06/22 09:59, Heinrich Rebehn wrote:
i am trying to get my new WRAP board to boot via pxe. pxeboot loads
fine
but seems to stall at the point where memory should be probed.
enable the serial console in
Hello,
your boot.conf should look like this:
set tty com0
stty com0 38400
set timeout 5
Last time I booted wrap via pxe was 3.9, but this should work.
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von
mgb
Gesendet:
Hello,
have a look at www.visionsystems.de
I bought some systems there and everything is working fine. It's a german
company, but I don't think that this is a problem, only shipping might be
expensive.
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED]
Hello,
Boudewijn Ector wrote:
Boudewijn Ector wrote:
The ; at the end here means that the WRAP BIOS said it could not
do
LBA reads, so biosboot fell back to CHS reads.
No O/S
And since you installed on a different machine, the geometry was
almost certainly different, so the operating
Hello,
I'm not a guru, but I'm working with openbsd and wrap systems for one
year ... ;-)
The ; at the end here means that the WRAP BIOS said it could not do
LBA reads, so biosboot fell back to CHS reads.
No O/S
And since you installed on a different machine, the geometry was
almost
Hello,
everything is commented because these are the default settings. If you want to
change a setting you'll have to uncomment and change it.
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von
Jerome Santos
Gesendet:
Hi all,
I wasn't able to figure out if it is possible to run openbsd
as xen guest system. Does anyone know?
Regards
Hagen Volpers
On Fri, Sep 08, 2006 at 05:00:16AM +1000, John Tate wrote:
I am constantly disappointed with the lack of freedom out-of-the-box
wireless routers provide. I am interested in a solution on OpenBSD,
because
I haven't used any Soekris device yet but you may be interested in
this:
Hello!
Hello,
I have just enabled and tested some stuff with the 3.9-apache server.
The
predefined It Worked!-page works as expected. I have added one more
directory by adding
Directory /var/www/htdocs/my_test
Options MultiViews
AllowOverride None
Order allow,deny
Allow
it from the internal (192.168.1.*) network the returned address is
my
hostname (which can not be looked up in any DNS).
Set ServerName to the IP address, or fix your DNS.
Depends on his setup and what he wants to do. I think he wants to use
different names to access the same page
Hiho,
i have a small problem with a ssh authentification, hope i
misunderstood
it, but.
i try to copy a file with scp from server to another and scp doesn't
ask
me for a password. problem, i don't setup any key on this box ...
here the details:
soekris4801:touche$ ls ~/.ssh
Hello,
I'm looking for a volume manager comparable to LVM. Is there
a well-tended solution for openbsd? I want to be able to
create / resize partitions at runtime, raid functionality
is not needed.
Regards
Hagen Volpers
On 8/19/06, openbsd misc [EMAIL PROTECTED] wrote:
On 8/19/06, openbsd misc [EMAIL PROTECTED] wrote:
Hello,
nobody has an answer for that? :/ Or was my explanation not
english
enough? =) Please let me know if something is ambiguous.
Regards
Hagen Volpers
Hi
On 8/20/06, openbsd misc [EMAIL PROTECTED] wrote:
On 8/19/06, openbsd misc [EMAIL PROTECTED] wrote:
On 8/19/06, openbsd misc [EMAIL PROTECTED] wrote:
Hello,
nobody has an answer for that? :/ Or was my explanation not
english
enough? =) Please let me know if something
Hello,
nobody has an answer for that? :/ Or was my explanation not english enough? =)
Please let me know if something is ambiguous.
Regards
Hagen Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von openbsd misc
Gesendet: Donnerstag, 10
On 8/19/06, openbsd misc [EMAIL PROTECTED] wrote:
Hello,
nobody has an answer for that? :/ Or was my explanation not english
enough? =) Please let me know if something is ambiguous.
Regards
Hagen Volpers
Hi,
Hello,
I do not know about pf, but maybe I can help anyway. Did you
Hello,
I have a problem I have no explanation for. Here's the situation: I have
a Windows XP client pinging (ping -t) an internet host (nat through my
obsd testsystem). That's my pf.conf:
# cat /etc/pf.conf
ext_if=pppoe0
int_if=sis1
set block-policy return
set skip on lo
scrub in
nat on $ext_if
Hello,
I'm looking for a smtp proxy. The idea is, that the proxy checks the
smtp session (if everything is valid and forward the information to an
exchange-server). The forwards should happen step-by-step (the smtp
proxy should be able to drop to be able to deny the recipient). The mail
itself
openbsd misc schrieb:
Hello,
I'm looking for a smtp proxy. The idea is, that the proxy checks the
smtp session (if everything is valid and forward the information to
an
exchange-server). The forwards should happen step-by-step (the smtp
proxy should be able to drop to be able to deny
Hi,
use a standard smtp daemon (sendmail, postfix or whatever) and put
the
spooling directory in a ramdisk :-)
Don't bother with the ramdisk. disk is cheap and fast compared
to smtp.
OpenBSD spamd in front of a cluster of sendmail/postfix running
boxes which have the
Hello,
Hi,
I would like to know that is the smallest box ( in terms of size )
that can be used to Install OpenBSD and used as a firewall. It should
have a hard disk also, and atleast 2 NIC Interfaces.
The smallest box I know is a WRAP system (www.pcengines.ch). It's
15x15cm,
up to 3 nics,
Hello,
No it's reverse. I want all incoming requests from the Internet to a
certain virtual host (in this case webmail.sendmail.tv) to be
redirected
to an internal host running the webmail app server (on 10.10.33.3 port
81). For some reason, the proxy in OpenBSD's httpd doesn't take the
Hello,
while mucking around with reverse DNS for a /29 public netblock i use,
i noticed
that my ISP, SBC, had only aliased 6 of the 8 IPs in the /29 block for
use with
rDNS. after seeing this, i did a bit of homework and found graham
toal's
explanation of the missing IPs (
openbsd misc wrote:
Did you try it with a dns name? I'm using /var/www/etc/hosts (httpd
is
chrooted per default) for that.
Bingo!
;-)
# mkdir /var/www/etc/
# cp /etc/hosts /var/www/etc/hosts
# chown -R www:www /var/www/etc/hosts
Your chown is not a good idea. Should be:
chown
:
http://www.visionsystems.de/ (Embedded Systems)
It's a german company but I think they ship to other countries, too.
Regard
Hagen Volpers
The wrap does not support HDD's, CF only. You'll be better off with a
soekris:
http://www.soekris.com/
Cheers z0mbix
On 08/08/06, openbsd misc
Thanks for that tip. I wrote a bootsector to my cf card and booted. But it
looks like biosboot isn't able to use lba (; instead of .), even if I change
wrap bios setting to lba. I wasn't able to figure out why. At the moment I'm
playing around with grub and lilo to find out if these have the
Hello Jeff,
Misc,
first of all: my name is Hagen... :-) I have one account for every
mailing list and I cannot change display name
(exchange disadvantage)... ;-)
Please make sure to update the firmware on your wrap, as you hadn't
mentioned it. pcengines.ch walks through this. It is quite
I understand this is a problem of target systems translating C/H/S
values differently. There is no problem in dynamicly using OpenBSD's
idea of C/H/S values at build time. However, OpenBSD on two different
machines can provide completely different C/H/S values on the exact
same card. Correct
I got it working now. Looks like the wrap system simulates some kind
of C/H/S in lba mode. OpenBSD is still telling me that I'm in C/H/S
mode:
Using drive 0, partition 3;
Loading;.
But more important is that:
01F0 Master 848A SAMSUNG CF/ATA
Phys C/H/S 1010/16/63 Log C/H/S 505/32/63
The log
PROTECTED]
Gesendet: Do 03.08.2006 14:41
An: openbsd misc
Cc: misc@openbsd.org
Betreff: Re: WPA support / creating a cf image
On Wed, 2006-08-02 at 23:23 +0200, openbsd misc wrote:
My question is, if there is a way to create such an image. For
me it looks like an openbsd specific problem
Sorry, wrong recipient. ;-) see below...
Von: openbsd misc
Gesendet: Do 03.08.2006 16:15
An: Shane J Pearson
Betreff: AW: WPA support / creating a cf image
Hello,
my problem is, that I need the vpn at bootime. I cannot build a vpn from
client to server, only
Volpers
-Urspr|ngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von openbsd misc
Gesendet: Donnerstag, 3. August 2006 16:13
An: [EMAIL PROTECTED]
Cc: misc@openbsd.org
Betreff: Re: WPA support / creating a cf image
Hello,
that's exacly what I'm doing
My plan is to build a default flashdist. Afterwards I want to build
tgz to install additional files. But that all doesn't make sense as
long as you aren't able to create a simple image that can be written
to every CF card running on every system (as long as the kernel
supports the hardware).
I
81 matches
Mail list logo