Re: Troubleshooting JDK Segmentation Faults

d- 2.4.23.tgz > warning: libtls.so.15.0: minor version >= 2 expected, using it anyway > > Since the timestamp on the latest set of amd64 packages pre-dates the > snapshot build timestamp by several hours, may I assume this is just a sync > issue that will be sorted out after the next bulk package build? > > Thanks again. > > - Scott > -- Pablo Méndez Hernández

Re: ASLR bypass on OpenBSD

; Subject: ASLR bypass on OpenBSD >> >> Hello, >> >> older story: >> >> https://marc.info/?t=14212471776=1=1 >> >> what happened since than? >> >> Was the randomization increased? >> >> Thank you OpenBSD! > -- Pablo Méndez Hernández

Re: Creating a blog using OpenBSD: technology choices and security considerations

t;> footer. >> >> > The less the better, so edit where you like, copy to web server, done. >> >> Depends! It may be OK if you're exactly one person with exactly one >> website, but this won't scale well, esp. when there's any sort of build >> process involved. Storing artifacts in VC sucks horribly, even for a >> small thing. Build servers are overkill for a blog. >> >> K. > -- Pablo Méndez Hernández

HSTS configuration in httpd.conf

Hi misc@, I'm trying to configure HSTS for my personal domain to no avail. According to my understanding of httpd.conf, you'd only need to include the 'hsts' keyword in the tls part of the configuration with no need to redirect to https in the http case, but my configuration doesn't seem to

Re: HSTS configuration in httpd.conf

Hi Carlin, On Thu, Oct 1, 2015 at 4:53 PM, Carlin Bingham wrote: > On Fri, 2 Oct 2015, at 03:37 AM, Pablo Méndez Hernández wrote: > > Hi misc@, > > > > I'm trying to configure HSTS for my personal domain to no avail. > > > > According to my understanding of httpd.conf, you'd

Re: Logjam Attack: is OpenIKED and OpenSMTPD vulnerable?

Thanks for the update Mike, greatly appreciated. On Wed, May 27, 2015 at 9:02 PM, Mike Belopuhov m...@belopuhov.com wrote: On 25 May 2015 at 14:33, Pablo Méndez Hernández pabl...@gmail.com wrote: Hi, Any statement for iked? iked implements IKEv2 which doesn't use SSL/TLS. So this

Re: Logjam Attack: is OpenIKED and OpenSMTPD vulnerable?

Hi, Any statement for iked? On Thu, May 21, 2015 at 12:51 AM, Gilles Chehade gil...@poolp.org wrote: On Wed, May 20, 2015 at 11:55:42PM +0200, L.R. D.S. wrote: Anyone write today on @misc and @tech about this, so I'll ask just to make sure: is OpenIKED and/or OpenSMTPD vulnerable to this

Re: HTTPD - HTTP-HTTPS redirection?

Hi all, On Fri, Feb 6, 2015 at 12:08 PM, Erling Westenvik erling.westen...@gmail.com wrote: On Thu, Feb 05, 2015 at 05:25:27PM -0600, Theodore Wynnychenko wrote: Hello Recently, there was a thread entitled Best way forward w.r.t. apache/nginx/httpd? My needs for an http server are

Re: New x86, 4,5W Hardware Fit-PC Fillet

Hi Jan, Thanks for the heads-up! One of those fitlet-X ( http://www.fit-pc.com/web/products/fitlet/fitlet-x/) seems like an almost perfect firewall/VPN SoHo solution :) Kind regards. On Thu, Jan 15, 2015 at 8:12 AM, Jan Lambertz jd.arb...@googlemail.com wrote: Hi, as i am always searching

Re: Nginx security patch build fail

On Thu, Apr 24, 2014 at 6:32 PM, Blaise Hizded bla...@ovh.fr wrote: On 04/24/14 17:38, Pablo Méndez Hernández wrote: Hi Blaise, On Thu, Apr 24, 2014 at 4:03 PM, Blaise Hizded bla...@ovh.fr wrote: Hello, I just installed a fresh OpenBSD 5.4 release and I want to apply all the errata security

Re: Nginx security patch build fail

/usr/src/usr.sbin/nginx checking for OS + OpenBSD 5.4 i386 checking for C compiler ... found but is not working configure: error: C compiler cc is not found Which packages did you choose at install time? Regards. -- Pablo Méndez Hernández

Re: ipsec.vpn

Hi misc@: I'm replying because I'm having the same problem. My test environment is as follows: [greenbow vpn client - 192.168.200.74] --- [ 192.168.200.3 (hme0) - OpenBSD sparc64 -current - (rl0) 172.16.1.1 ] In the server side: # cat /etc/ipsec.conf ike passive from any to any \ main

NX support in VIA C7 ?

Hi misc@: From what I read in the specs of the new VIA C7 Esther core (http://www.via.com.tw/en/products/processors/c7/), it seems it supports NX bit protection, but it seems NX hardware protection is only supported with PAE enabled. Searching a bit in the archives, I've found a patch from tedu@