Folks,
FYI. This is might affect OpenBSD users employing e.g. OpenVPN:
http://tools.ietf.org/html/draft-gont-opsec-vpn-leakages.
For a project such as OpenVPN, a (portable) fix might be non-trivial.
However, I guess OpenBSD might hook some PF rules when establishing the
VPN tunnel, such that
On Fri, Nov 23, 2012 at 5:11 AM, Marc Espie es...@nerim.net wrote:
On Thu, Nov 22, 2012 at 01:27:46PM -0430, Andres Perera wrote:
why would the runtime be attractive for rop? what configuration vm
needs syscalls that would be attractive to an attacker that can change
the address of a jump?
Guys are not probably reading you enough. See
http://lists.gnu.org/archive/html/gnu-system-discuss/2012-11/msg0.html
and https://news.ycombinator.com/item?id=4821488 :-)
Can you please take this to another mailing list or off-list?
Developer's Lists
These lists are for technical
On Fri, Nov 23, 2012 at 12:44:32PM +0100, Henning Brauer wrote:
* Fernando Gont ferna...@gont.com.ar [2012-11-23 12:09]:
FYI. This is might affect OpenBSD users employing e.g. OpenVPN:
http://tools.ietf.org/html/draft-gont-opsec-vpn-leakages.
we're way less affected than other OSes, since
On 11/23/2012 08:44 AM, Henning Brauer wrote:
* Fernando Gont ferna...@gont.com.ar [2012-11-23 12:09]:
FYI. This is might affect OpenBSD users employing e.g. OpenVPN:
http://tools.ietf.org/html/draft-gont-opsec-vpn-leakages.
we're way less affected than other OSes, since we prefer inet over
set ifp-if_baudrate with IF_Gbps() / IF_Mbps().
OK ?
Index: if_ste.c
===
RCS file: /cvs/src/sys/dev/pci/if_ste.c,v
retrieving revision 1.48
diff -u -p -r1.48 if_ste.c
--- if_ste.c18 Oct 2012 21:44:21 - 1.48
+++ if_ste.c
On 11/23/2012 11:12 AM, Reyk Floeter wrote:
In the section Mitigations to VPN traffic-leakage vulnerabilities of
Fernando's paper it is suggested that a VPN client disables IPv6
globally if it is not going to send all IPv6 traffic over the tunnel
as well.
The problem is that even if you
On Fri, Nov 23, 2012 at 11:57:50AM -0200, Gleydson Soares wrote:
set ifp-if_baudrate with IF_Gbps() / IF_Mbps().
OK ?
Index: if_ste.c
===
RCS file: /cvs/src/sys/dev/pci/if_ste.c,v
retrieving revision 1.48
diff -u -p -r1.48
On 11/23/12 02:17, Philip Guenther wrote:
On Thu, Nov 22, 2012 at 5:28 PM, Alexander Hall alexan...@beard.se wrote:
The corresponding part in yubikey_hex_decode is for consistency and,
IMO, sanity, allowing mixed case hex strings, e.g. /var/db/yubikey/*.
Comments? OK? (Don't mess with the
On Fri, Nov 23, 2012 at 04:04:20PM +, Stuart Henderson wrote:
This adds an ioctl to retrieve if_hardmtu, and adds code to
display it via ifconfig hwfeatures.
$ ifconfig em0 hwfeatures
em0: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST mtu
1500
Stuart Henderson s...@spacehopper.org wrote:
This adds an ioctl to retrieve if_hardmtu, and adds code to
display it via ifconfig hwfeatures.
I'm worried that our drivers don't set this or that the value doesn't
accurately reflect the capabilities of chip/driver.
--
Christian naddy Weisgerber
On Fri, Nov 23, 2012 at 05:01:16PM +0100, Reyk Floeter wrote:
Actually, in the iked(8)/IPsec case we could even block all v6 traffic
without using PF by simply inserting a single deny flow.
For example:
# ping6 -w ff02::1%em0
# ipsecctl -vf /etc/ipsec-block.conf
flow esp out from ::/0 to
On Fri, Nov 23, 2012 at 05:46:27PM +, Christian Weisgerber wrote:
Stuart Henderson s...@spacehopper.org wrote:
This adds an ioctl to retrieve if_hardmtu, and adds code to
display it via ifconfig hwfeatures.
I'm worried that our drivers don't set this or that the value doesn't
On 2012/11/23 17:46, Christian Weisgerber wrote:
Stuart Henderson s...@spacehopper.org wrote:
This adds an ioctl to retrieve if_hardmtu, and adds code to
display it via ifconfig hwfeatures.
I'm worried that our drivers don't set this or that the value doesn't
accurately reflect the
On Fri, Nov 23, 2012 at 5:16 PM, Reyk Floeter r...@openbsd.org wrote:
On Fri, Nov 23, 2012 at 04:04:20PM +, Stuart Henderson wrote:
This adds an ioctl to retrieve if_hardmtu, and adds code to
display it via ifconfig hwfeatures.
$ ifconfig em0 hwfeatures
em0:
Date: Fri, 23 Nov 2012 12:23:19 +0100
From: Martin Pieuchot mpieuc...@nolizard.org
Ok, a bit of explanation first.
On macppc because the AGP chips do not translate pages, the kernel and
the applications have access to the AGP memory regions through standard
mappings. Because these
On Fri, 23 Nov 2012, Alexander Hall wrote:
On 11/23/12 02:17, Philip Guenther wrote:
...
The argument to tolower() must be a value in the range [EOF,
0..UCHAR_MAX]. When taking characters from a char * string, you need
to cast the value to (unsigned char), ala
tolower((unsigned
17 matches
Mail list logo