2020-12-10 14:23:05 +00:00
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns= "http://www.w3.org/2005/Atom" xml:lang= "fr" >
<title type= "text" > OpenBSD Pour Tous 🐡</title>
2021-01-24 19:53:47 +00:00
<subtitle type= "html" > OBSD4* : Site de la communauté francophone autour d' OpenBSD.</subtitle>
2021-03-15 17:19:32 +00:00
<updated > 2021-03-09T12:21:17+ 01:00</updated>
2020-12-10 14:23:05 +00:00
<id > https://openbsd.fr.eu.org/</id>
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/" />
<link rel= "self" type= "application/atom+xml" href= "https://openbsd.fr.eu.org/atom.xml" />
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights>
2021-01-11 17:33:10 +00:00
<generator uri= "https://gohugo.io/" version= "0.80.0" > Hugo</generator>
2021-03-15 17:19:32 +00:00
<entry >
<title type= "text" > Syspatch : npppd (2021/03/09)</title>
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/posts/2021/03/09/syspatch-npppd-6.7-6.8/" />
<id > https://openbsd.fr.eu.org/posts/2021/03/09/syspatch-npppd-6.7-6.8/</id>
<updated > 2021-03-09T12:19:45+ 01:00</updated>
<published > 2021-03-09T12:14:49+ 01:00</published>
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights> <summary type= "html" > Correctif OpenBSD: npppd</summary>
<content type= "html" > < h2 id=" correctif-de-sécurité-npppd" > Correctif de sécurité npppd< /h2>
< p> < strong> Le gestionnaire de protocole PPTP peut provoquer une sur-lecture du tas, ce qui peut entraîner un crash.< /strong> < /p>
< p> Il est nécessaire de < strong> redémarrer le service< /strong> après l& rsquo;application du correctif !< /p>
< p> Pour toutes les architectures supportées :< /p>
< ul>
< li> amd64, arm64, i386 par < code> syspatch< /code> < /li>
< li> armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par < a href=" https://openbsd.fr.eu.org/posts/2021/03/09/syspatch-npppd-6.7-6.8/#recompilation" > recompilation< /a> < /li>
< /ul>
< hr>
< h2 id=" syspatch" > Syspatch< /h2>
< p> Cette étape ne concerne que les architectures amd64, arm64, i386 !< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # syspatch< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> Ensuite < a href=" https://openbsd.fr.eu.org/posts/2021/03/09/syspatch-npppd-6.7-6.8/#restart" > redémarrez< /a> le service, < em> si utilisé< /em> !< /p>
< h2 id=" recompilation" > Recompilation< /h2>
< p> Pour toute autre architecture prise en charge par le projet OpenBSD, voici
les étapes de recompilation nécessaires :< /p>
< p> ⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :< /p>
< ul>
< li> Pour 6.8 :< /li>
< /ul>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/016_npppd.patch.sig< /span>
< span class=" c1" > # signify -Vep /etc/signify/openbsd-68-base.pub -x 016_npppd.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < ul>
< li> Pour 6.7 :< /li>
< /ul>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.7/common/037_npppd.patch.sig< /span>
< span class=" c1" > # signify -Vep /etc/signify/openbsd-67-base.pub -x 037_npppd.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> ⇒ La phase de recompilation :< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < span class=" lnt" > 4
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > $ < span class=" nb" > cd< /span> /usr/src/usr.sbin/npppd
< span class=" c1" > # make obj< /span>
< span class=" c1" > # make< /span>
< span class=" c1" > # make install< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> Ensuite < a href=" https://openbsd.fr.eu.org/posts/2021/03/09/syspatch-npppd-6.7-6.8/#restart" > redémarrez< /a> le service, < em> si utilisé< /em> !< /p>
< h2 id=" restart" > Restart< /h2>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # rcctl restart npppd< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < hr>
< p> Plus d& rsquo;informations sur les pages d& rsquo;Errata < a href=" https://openbsd.org/errata68.html" > 6.8< /a> et < a href=" https://openbsd.org/errata67.html" > 6.7< /a> … < br>
< em> et leurs versions FR respectives : < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68" > 6.8 FR< /a> et < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67" > 6.7 FR< /a> .< /em> < /p>
< hr>
</content>
<category scheme= "https://openbsd.fr.eu.org/categories/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/npppd/" term= "npppd" label= "npppd" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.7/" term= "6.7" label= "6.7" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.8/" term= "6.8" label= "6.8" />
</entry>
2021-03-09 11:13:33 +00:00
<entry >
<title type= "text" > Syspatch : ssh-agent (2021/03/03)</title>
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/posts/2021/03/03/syspatch-ssh-agent-6.7-6.8/" />
<id > https://openbsd.fr.eu.org/posts/2021/03/03/syspatch-ssh-agent-6.7-6.8/</id>
<updated > 2021-03-03T23:17:38+ 01:00</updated>
<published > 2021-03-03T23:12:34+ 01:00</published>
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights> <summary type= "html" > Correctif OpenBSD: SSH</summary>
<content type= "html" > < h2 id=" correctif-de-sécurité-ssh-agent" > Correctif de sécurité ssh-agent< /h2>
< p> < strong> Double libération (de mémoire) dans ssh-agent(1)< /strong> < /p>
< p> Pour toutes les architectures supportées :< /p>
< ul>
< li> amd64, arm64, i386 par < code> syspatch< /code> < /li>
< li> armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par < a href=" https://openbsd.fr.eu.org/posts/2021/03/03/syspatch-ssh-agent-6.7-6.8/#recompilation" > recompilation< /a> < /li>
< /ul>
< hr>
< h2 id=" syspatch" > Syspatch< /h2>
< p> Cette étape ne concerne que les architectures amd64, arm64, i386 !< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # syspatch< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> Ensuite redémarrez votre client ssh-agent !< /p>
< h2 id=" recompilation" > Recompilation< /h2>
< p> Pour toute autre architecture prise en charge par le projet OpenBSD, voici
les étapes de recompilation nécessaires :< /p>
< p> ⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :< /p>
< ul>
< li> Pour 6.8 :< /li>
< /ul>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/015_sshagent.patch.sig< /span>
< span class=" c1" > # signify -Vep /etc/signify/openbsd-68-base.pub -x 015_sshagent.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < ul>
< li> Pour 6.7 :< /li>
< /ul>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.7/common/036_sshagent.patch.sig< /span>
< span class=" c1" > # signify -Vep /etc/signify/openbsd-67-base.pub -x 036_sshagent.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> ⇒ La phase de recompilation :< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < span class=" lnt" > 4
< /span> < span class=" lnt" > 5
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > $ < span class=" nb" > cd< /span> /usr/src/usr.bin/ssh
< span class=" c1" > # make obj< /span>
< span class=" c1" > # make clean< /span>
< span class=" c1" > # make< /span>
< span class=" c1" > # make install< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> Ensuite redémarrez votre client ssh-agent !< /p>
< hr>
< p> Plus d& rsquo;informations sur les pages d& rsquo;Errata < a href=" https://openbsd.org/errata68" > 6.8< /a> et < a href=" https://openbsd.org/errata67" > 6.7< /a> … < br>
< em> et leurs versions FR respectives : < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68" > 6.8 FR< /a> et < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67" > 6.7 FR< /a> .< /em> < /p>
< hr>
</content>
<category scheme= "https://openbsd.fr.eu.org/categories/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/ssh/" term= "ssh" label= "ssh" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.7/" term= "6.7" label= "6.7" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.8/" term= "6.8" label= "6.8" />
</entry>
2021-03-03 22:20:58 +00:00
<entry >
<title type= "text" > Syspatch : pffrag (2021/02/24)</title>
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/posts/2021/02/24/syspatch-pffrag-6.7-6.8/" />
<id > https://openbsd.fr.eu.org/posts/2021/02/24/syspatch-pffrag-6.7-6.8/</id>
2021-03-15 17:19:32 +00:00
<updated > 2021-03-09T12:08:56+ 01:00</updated>
2021-03-03 22:20:58 +00:00
<published > 2021-02-24T18:52:52+ 01:00</published>
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights> <summary type= "html" > Correctif OpenBSD: PF</summary>
<content type= "html" > < h2 id=" correctif-de-sécurité-pffrag" > Correctif de sécurité pffrag< /h2>
< p> < strong> Une séquence de fragments IPv4 se chevauchant pourrait faire planter le
noyau en pf en raison d& rsquo;une assertion.< /strong> < /p>
< p> Il est nécessaire de redémarrer le noyau !< /p>
< p> Pour toutes les architectures supportées :< /p>
< ul>
< li> amd64, arm64, i386 par < code> syspatch< /code> < /li>
< li> armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par < a href=" https://openbsd.fr.eu.org/posts/2021/02/24/syspatch-pffrag-6.7-6.8/#recompilation" > recompilation< /a> < /li>
< /ul>
< hr>
< h2 id=" syspatch" > Syspatch< /h2>
< p> Cette étape ne concerne que les architectures amd64, arm64, i386 !< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # syspatch< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> Ensuite < a href=" https://openbsd.fr.eu.org/posts/2021/02/24/syspatch-pffrag-6.7-6.8/#restart" > redémarrez< /a> la machine !< /p>
< h2 id=" recompilation" > Recompilation< /h2>
< p> Pour toute autre architecture prise en charge par le projet OpenBSD, voici
les étapes de recompilation nécessaires :< /p>
< p> ⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :< /p>
< ul>
< li> Pour 6.8 :< /li>
< /ul>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/014_pffrag.patch.sig< /span>
< span class=" c1" > # signify -Vep /etc/signify/openbsd-68-base.pub -x 014_pffrag.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < ul>
< li> Pour 6.7 :< /li>
< /ul>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.7/common/035_pffrag.patch.sig< /span>
< span class=" c1" > # signify -Vep /etc/signify/openbsd-67-base.pub -x 035_pffrag.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> ⇒ La phase de recompilation :< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < span class=" lnt" > 4
< /span> < span class=" lnt" > 5
< /span> < span class=" lnt" > 6
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # KK=`sysctl -n kern.osversion | cut -d# -f1`< /span>
< span class=" c1" > # cd /usr/src/sys/arch/`machine`/compile/$KK< /span>
< span class=" c1" > # make obj< /span>
< span class=" c1" > # make config< /span>
< span class=" c1" > # make< /span>
< span class=" c1" > # make install< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> Pour finir, < a href=" https://openbsd.fr.eu.org/posts/2021/02/24/syspatch-pffrag-6.7-6.8/#restart" > redémarrez< /a> la machine !< /p>
< h2 id=" restart" > Restart< /h2>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # reboot< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < hr>
2021-03-15 17:19:32 +00:00
< p> Plus d& rsquo;informations sur les pages d& rsquo;Errata < a href=" https://openbsd.org/errata68.html" > 6.8< /a> et < a href=" https://openbsd.org/errata67.html" > 6.7< /a> … < br>
2021-03-03 22:20:58 +00:00
< em> et leurs versions FR respectives : < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68" > 6.8 FR< /a> et < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67" > 6.7 FR< /a> .< /em> < /p>
< hr>
</content>
<category scheme= "https://openbsd.fr.eu.org/categories/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/pf/" term= "PF" label= "PF" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.7/" term= "6.7" label= "6.7" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.8/" term= "6.8" label= "6.8" />
</entry>
2021-02-20 23:03:06 +00:00
<entry >
<title type= "text" > LibreSSL : 3.2.4</title>
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/posts/2021/02/13/libressl-3.2.4/" />
<id > https://openbsd.fr.eu.org/posts/2021/02/13/libressl-3.2.4/</id>
<updated > 2021-02-13T06:41:02+ 01:00</updated>
<published > 2021-02-13T06:32:39+ 01:00</published>
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights> <summary type= "html" > Sortie de LibreSSL: 3.2.4 (20210212)</summary>
<content type= "html" > < h2 id=" description" > Description< /h2>
< p> Suite au correctif < a href=" https://openbsd.fr.eu.org/posts/2021/02/03/syspatch-libressl-6.8/" > libressl< /a> , l& rsquo;équipe OpenBSD délivre une nouvelle version de LibreSSL.< /p>
< p> Elle inclut les correctifs des bogues et d& rsquo;interopérabilités suivants :< /p>
< pre> < code> * Switch back to certificate verification code from LibreSSL 3.1.x. The
new verifier is not bug compatible with the old verifier causing issues
with applications expecting behavior of the old verifier.
* Unbreak DTLS retransmissions for flights that include a CCS
* Only check BIO_should_read() on read and BIO_should_write() on write
* Implement autochain for the TLSv1.3 server
* Use the legacy verifier for autochain
* Implement exporter for TLSv1.3
* Free alert_data and phh_data in tls13_record_layer_free()
* Plug leak in x509_verify_chain_dup()
* Free the policy tree in x509_vfy_check_policy()
< /code> < /pre> < hr>
< p> Retrouvez la note de version :< /p>
< ul>
< li> < a href=" https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.4-relnotes.txt" > 3.2.4< /a> < /li>
< /ul>
< hr>
</content>
<category scheme= "https://openbsd.fr.eu.org/categories/libressl/" term= "LibreSSL" label= "LibreSSL" />
<category scheme= "https://openbsd.fr.eu.org/tags/libressl/" term= "LibreSSL" label= "LibreSSL" />
<category scheme= "https://openbsd.fr.eu.org/tags/3.2/" term= "3.2" label= "3.2" />
</entry>
2021-02-13 05:42:20 +00:00
<entry >
<title type= "text" > Syspatch : libressl (2021/02/02)</title>
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/posts/2021/02/03/syspatch-libressl-6.8/" />
<id > https://openbsd.fr.eu.org/posts/2021/02/03/syspatch-libressl-6.8/</id>
2021-03-15 17:19:32 +00:00
<updated > 2021-03-09T12:08:37+ 01:00</updated>
2021-02-13 05:42:20 +00:00
<published > 2021-02-03T07:14:19+ 01:00</published>
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights> <summary type= "html" > Correctif OpenBSD: libressl</summary>
<content type= "html" > < h2 id=" correctif-de-fiabilité-libressl" > Correctif de fiabilité libressl< /h2>
< p> < strong> De nombreux problèmes d& rsquo;interopérabilité et failles mémoire ont été découvertes dans les bibliothèques libcrypto et libssl.< /strong> < /p>
< p> Il peut-être nécessaire de redémarrer certains services, tels isakmpd, unwind.< /p>
< p> Pour toutes les architectures supportées :< /p>
< ul>
< li> amd64, arm64, i386 par < code> syspatch< /code> < /li>
< li> armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par < a href=" https://openbsd.fr.eu.org/posts/2021/02/03/syspatch-libressl-6.8/#recompilation" > recompilation< /a> < /li>
< /ul>
< hr>
< h2 id=" syspatch" > Syspatch< /h2>
< p> Cette étape ne concerne que les architectures amd64, arm64, i386 !< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # syspatch< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> Ensuite < a href=" https://openbsd.fr.eu.org/posts/2021/02/03/syspatch-libressl-6.8/#restart" > redémarrez< /a> les services utilisés, si c& rsquo;est le cas !< /p>
< h2 id=" recompilation" > Recompilation< /h2>
< p> Pour toute autre architecture prise en charge par le projet OpenBSD, voici
les étapes de recompilation nécessaires :< /p>
< p> ⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/013_libressl.patch.sig< /span>
< span class=" c1" > # signify -Vep /etc/signify/openbsd-68-base.pub -x 013_libressl.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> ⇒ La phase de recompilation :< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < span class=" lnt" > 4
< /span> < span class=" lnt" > 5
< /span> < span class=" lnt" > 6
< /span> < span class=" lnt" > 7
< /span> < span class=" lnt" > 8
< /span> < span class=" lnt" > 9
< /span> < span class=" lnt" > 10
< /span> < span class=" lnt" > 11
< /span> < span class=" lnt" > 12
< /span> < span class=" lnt" > 13
< /span> < span class=" lnt" > 14
< /span> < span class=" lnt" > 15
< /span> < span class=" lnt" > 16
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" nb" > cd< /span> /usr/src/lib/libcrypto
make obj
make
make install
< span class=" nb" > cd< /span> /usr/src/lib/libssl
make obj
make
make install
< span class=" nb" > cd< /span> /usr/src/sbin/isakmpd
make obj
make
make install
< span class=" nb" > cd< /span> /usr/src/sbin/unwind
make obj
make
make install
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> Pour finir, < a href=" https://openbsd.fr.eu.org/posts/2021/02/03/syspatch-libressl-6.8/#restart" > redémarrez< /a> les services, si utilisés.< /p>
< h2 id=" restart" > Restart< /h2>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # rcctl restart isakmpd unwind< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < hr>
2021-03-15 17:19:32 +00:00
< p> Plus d& rsquo;informations sur les pages d& rsquo;Errata < a href=" https://openbsd.org/errata68.html" > 6.8< /a> … < br>
2021-02-13 05:42:20 +00:00
< em> et leurs versions FR respectives : < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68" > 6.8 FR< /a> et < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67" > 6.7 FR< /a> .< /em> < /p>
< hr>
</content>
<category scheme= "https://openbsd.fr.eu.org/categories/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/libressl/" term= "LibreSSL" label= "LibreSSL" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.8/" term= "6.8" label= "6.8" />
</entry>
2021-01-14 18:03:19 +00:00
<entry >
<title type= "text" > Syspatch : carp (2021/01/13)</title>
2021-01-24 12:34:04 +00:00
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/" />
<id > https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/</id>
2021-03-15 17:19:32 +00:00
<updated > 2021-03-09T12:08:25+ 01:00</updated>
2021-01-14 18:03:19 +00:00
<published > 2021-01-13T20:02:39+ 01:00</published>
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights> <summary type= "html" > Correctif OpenBSD: carp, bpf</summary>
<content type= "html" > < h2 id=" correctif-de-fiabilité-carp" > Correctif de fiabilité carp< /h2>
< p> < strong> L& rsquo;utilisation de bpf(4) sur une interface CARP pourrait entraîner une
utilisation après une erreur< /strong> .< /p>
< p> Il est nécessaire de < strong> redémarrer la machine< /strong> car ce correctif affecte
le noyau.< /p>
< p> Pour toutes les architectures supportées :< /p>
< ul>
< li> amd64, arm64, i386 par < code> syspatch< /code> < /li>
2021-01-24 12:34:04 +00:00
< li> armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par < a href=" https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/#recompilation" > recompilation< /a> < /li>
2021-01-14 18:03:19 +00:00
< /ul>
< hr>
< h2 id=" syspatch" > Syspatch< /h2>
< p> Cette étape ne concerne que les architectures amd64, arm64, i386 !< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # syspatch< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
2021-01-24 12:34:04 +00:00
< /div> < p> Ensuite < a href=" https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/#restart" > redémarrez< /a> la machine !< /p>
2021-01-14 18:03:19 +00:00
< h2 id=" recompilation" > Recompilation< /h2>
< p> Pour toute autre architecture prise en charge par le projet OpenBSD, voici
les étapes de recompilation nécessaires :< /p>
< p> ⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :< /p>
< ul>
< li> Pour 6.8 :< /li>
< /ul>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/012_carp.patch.sig< /span>
< span class=" c1" > # signify -Vep /etc/signify/openbsd-68-base.pub -x 012_carp.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> ⇒ La phase de recompilation :< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < span class=" lnt" > 4
< /span> < span class=" lnt" > 5
< /span> < span class=" lnt" > 6
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # KK=`sysctl -n kern.osversion | cut -d# -f1`< /span>
< span class=" c1" > # cd /usr/src/sys/arch/`machine`/compile/$KK< /span>
< span class=" c1" > # make obj< /span>
< span class=" c1" > # make config< /span>
< span class=" c1" > # make< /span>
< span class=" c1" > # make install< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
2021-01-24 12:34:04 +00:00
< /div> < p> Pour finir, < a href=" https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/#restart" > redémarrez< /a> la machine !< /p>
2021-01-14 18:03:19 +00:00
< h2 id=" restart" > Restart< /h2>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # reboot< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < hr>
2021-03-15 17:19:32 +00:00
< p> Plus d& rsquo;informations sur les pages d& rsquo;Errata < a href=" https://openbsd.org/errata68.html" > 6.8< /a> et < a href=" https://openbsd.org/errata67.html" > 6.7< /a> … < br>
2021-01-14 18:03:19 +00:00
< em> et leurs versions FR respectives : < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68" > 6.8 FR< /a> et < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67" > 6.7 FR< /a> .< /em> < /p>
< hr>
</content>
<category scheme= "https://openbsd.fr.eu.org/categories/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/carp/" term= "carp" label= "carp" />
<category scheme= "https://openbsd.fr.eu.org/tags/bpf/" term= "bpf" label= "bpf" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.8/" term= "6.8" label= "6.8" />
</entry>
2021-01-13 19:08:41 +00:00
<entry >
<title type= "text" > Syspatch : NDP - IPv6 (2021/01/11)</title>
2021-01-24 12:34:04 +00:00
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/" />
<id > https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/</id>
2021-03-15 17:19:32 +00:00
<updated > 2021-03-09T12:08:48+ 01:00</updated>
2021-01-14 18:03:19 +00:00
<published > 2021-01-11T15:05:12+ 01:00</published>
2021-01-13 19:08:41 +00:00
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights> <summary type= "html" > Correctif OpenBSD: NDP</summary>
<content type= "html" > < h2 id=" correctif-de-fiabilité--nd6" > Correctif de fiabilité nd6< /h2>
< p> < strong> Quand une entrée NDP est invalide sur la couche de niveau 2, celle-ci
n& rsquo;est pas invalidée.< /strong> < /p>
< p> Il est nécessaire de < strong> redémarrer la machine< /strong> car ce correctif affecte
le noyau.< /p>
< p> Pour toutes les architectures supportées :< /p>
< ul>
< li> amd64, arm64, i386 par < code> syspatch< /code> < /li>
2021-01-24 12:34:04 +00:00
< li> armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par < a href=" https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/#recompilation" > recompilation< /a> < /li>
2021-01-13 19:08:41 +00:00
< /ul>
< hr>
< h2 id=" syspatch" > Syspatch< /h2>
< p> Cette étape ne concerne que les architectures amd64, arm64, i386 !< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # syspatch< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
2021-01-24 12:34:04 +00:00
< /div> < p> Ensuite < a href=" https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/#restart" > redémarrez< /a> la machine !< /p>
2021-01-13 19:08:41 +00:00
< h2 id=" recompilation" > Recompilation< /h2>
< p> Pour toute autre architecture prise en charge par le projet OpenBSD, voici
les étapes de recompilation nécessaires :< /p>
< p> ⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :< /p>
< ul>
< li> Pour 6.8 :< /li>
< /ul>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/011_nd6.patch.sig< /span>
< span class=" c1" > # signify -Vep /etc/signify/openbsd-68-base.pub -x 011_nd6.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < ul>
< li> Pour 6.7 :< /li>
< /ul>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # https://ftp.openbsd.org/pub/OpenBSD/patches/6.7/common/034_nd6.patch.sig< /span>
< span class=" c1" > # signify -Vep /etc/signify/openbsd-67-base.pub -x 034_nd6.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> ⇒ La phase de recompilation :< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < span class=" lnt" > 4
< /span> < span class=" lnt" > 5
< /span> < span class=" lnt" > 6
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # KK=`sysctl -n kern.osversion | cut -d# -f1`< /span>
< span class=" c1" > # cd /usr/src/sys/arch/`machine`/compile/$KK< /span>
< span class=" c1" > # make obj< /span>
< span class=" c1" > # make config< /span>
< span class=" c1" > # make< /span>
< span class=" c1" > # make install< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
2021-01-24 12:34:04 +00:00
< /div> < p> Pour finir, < a href=" https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/#restart" > redémarrez< /a> la machine !< /p>
2021-01-13 19:08:41 +00:00
< h2 id=" restart" > Restart< /h2>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # reboot< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < hr>
2021-03-15 17:19:32 +00:00
< p> Plus d& rsquo;informations sur les pages d& rsquo;Errata < a href=" https://openbsd.org/errata68.html" > 6.8< /a> et < a href=" https://openbsd.org/errata67.html" > 6.7< /a> … < br>
2021-01-13 19:08:41 +00:00
< em> et leurs versions FR respectives : < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68" > 6.8 FR< /a> et < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67" > 6.7 FR< /a> .< /em> < /p>
< hr>
</content>
<category scheme= "https://openbsd.fr.eu.org/categories/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/ndp/" term= "NDP" label= "NDP" />
<category scheme= "https://openbsd.fr.eu.org/tags/ipv6/" term= "IPv6" label= "IPv6" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.7/" term= "6.7" label= "6.7" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.8/" term= "6.8" label= "6.8" />
</entry>
2020-12-24 15:00:48 +00:00
<entry >
<title type= "text" > Syspatch : smptd (2020/12/23)</title>
2021-03-15 17:19:32 +00:00
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd-6.7-6.8/" />
<id > https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd-6.7-6.8/</id>
<updated > 2021-03-09T12:09:06+ 01:00</updated>
2020-12-24 15:00:48 +00:00
<published > 2020-12-24T15:05:12+ 01:00</published>
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights> <summary type= "html" > Correctif OpenBSD: smtpd</summary>
<content type= "html" > < h2 id=" correctif-de-fiabilité-smtpd" > Correctif de fiabilité smtpd< /h2>
< p> < strong> La machine à états de filtrage de smtpd peut libérer prématurément des
ressources conduisant à un plantage< /strong> .< /p>
< p> Il est nécessaire de < strong> redémarrer le service< /strong> après l& rsquo;application du correctif !< /p>
< p> Pour toutes les architectures supportées :< /p>
< ul>
< li> amd64, arm64, i386 par < code> syspatch< /code> < /li>
2021-03-15 17:19:32 +00:00
< li> armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par < a href=" https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd-6.7-6.8/#recompilation" > recompilation< /a> < /li>
2020-12-24 15:00:48 +00:00
< /ul>
< hr>
2021-01-04 14:40:45 +00:00
< h2 id=" syspatch" > Syspatch< /h2>
< p> Cette étape ne concerne que les architectures amd64, arm64, i386 !< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # syspatch< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
2021-03-15 17:19:32 +00:00
< /div> < p> Ensuite < a href=" https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd-6.7-6.8/#restart" > redémarrez< /a> le service !< /p>
2021-01-04 14:40:45 +00:00
< h2 id=" recompilation" > Recompilation< /h2>
< p> Pour toute autre architecture prise en charge par le projet OpenBSD, voici
les étapes de recompilation nécessaires :< /p>
< p> ⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :< /p>
2021-01-08 15:01:10 +00:00
< ul>
< li> Pour 6.8 :< /li>
< /ul>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/010_smtpd.patch.sig< /span>
< span class=" c1" > # signify -Vep /etc/signify/openbsd-68-base.pub -x 010_smtpd.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < ul>
< li> Pour 6.7 :< /li>
< /ul>
2021-01-04 14:40:45 +00:00
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
2021-03-03 22:20:58 +00:00
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.7/common/033_smtpd.patch.sig< /span>
2021-01-04 14:40:45 +00:00
< span class=" c1" > # signify -Vep /etc/signify/openbsd-67-base.pub -x 033_smtpd.patch.sig \< /span>
-m - < span class=" p" > |< /span> < span class=" o" > (< /span> < span class=" nb" > cd< /span> /usr/src < span class=" o" > & amp;& amp;< /span> patch -p0< span class=" o" > )< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < p> ⇒ La phase de recompilation :< /p>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < span class=" lnt" > 2
< /span> < span class=" lnt" > 3
< /span> < span class=" lnt" > 4
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # cd /usr/src/usr.sbin/smtpd< /span>
< span class=" c1" > # make obj< /span>
< span class=" c1" > # make< /span>
< span class=" c1" > # make install< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
2021-03-15 17:19:32 +00:00
< /div> < p> Pour finir, < a href=" https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd-6.7-6.8/#restart" > redémarrez< /a> le service !< /p>
2021-01-04 14:40:45 +00:00
< h2 id=" restart" > Restart< /h2>
< div class=" highlight" > < div class=" chroma" >
< table class=" lntable" > < tr> < td class=" lntd" >
< pre class=" chroma" > < code> < span class=" lnt" > 1
< /span> < /code> < /pre> < /td>
< td class=" lntd" >
< pre class=" chroma" > < code class=" language-ksh" data-lang=" ksh" > < span class=" c1" > # rcctl restart smtpd< /span>
< /code> < /pre> < /td> < /tr> < /table>
< /div>
< /div> < hr>
2021-03-15 17:19:32 +00:00
< p> Plus d& rsquo;informations sur les pages d& rsquo;Errata < a href=" https://openbsd.org/errata68.html" > 6.8< /a> et < a href=" https://openbsd.org/errata67.html" > 6.7< /a> … < br>
2020-12-24 15:00:48 +00:00
< em> et leurs versions FR respectives : < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68" > 6.8 FR< /a> et < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67" > 6.7 FR< /a> .< /em> < /p>
< hr>
</content>
<category scheme= "https://openbsd.fr.eu.org/categories/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/smtpd/" term= "smtpd" label= "smtpd" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.7/" term= "6.7" label= "6.7" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.8/" term= "6.8" label= "6.8" />
</entry>
2020-12-10 14:23:05 +00:00
<entry >
<title type= "text" > LibreSSL : 3.3.1, 3.2.3, 3.1.5</title>
2021-01-24 12:34:04 +00:00
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/posts/2020/12/09/libressl-3.3.1-3.2.3-3.1.5/" />
<id > https://openbsd.fr.eu.org/posts/2020/12/09/libressl-3.3.1-3.2.3-3.1.5/</id>
2021-02-20 23:03:06 +00:00
<updated > 2021-02-13T06:25:22+ 01:00</updated>
2020-12-10 14:23:05 +00:00
<published > 2020-12-09T13:23:17+ 01:00</published>
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights> <summary type= "html" > Sortie de trois versions de LibreSSL: 3.3.1, 3.2.3, 3.1.5 (20201209)</summary>
<content type= "html" > < h2 id=" description" > Description< /h2>
2021-02-20 23:03:06 +00:00
< p> Suite au < a href=" https://openbsd.fr.eu.org/posts/2020/12/09/syspatch-asn1-exit/#correctif-de-s%C3%A9curit%C3%A9-asn1" > correctif de sécurité à-propos d& rsquo;asn.1< /a> , l& rsquo;équipe OpenBSD
2020-12-10 14:23:05 +00:00
délivre trois nouvelles versions de LibreSSL.< /p>
< p> Retrouvez les notes respectives de ces trois versions :< /p>
< ul>
< li> < a href=" https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.3.1-relnotes.txt" > 3.3.1< /a> < /li>
< li> < a href=" https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.3-relnotes.txt" > 3.2.3< /a> < /li>
< li> < a href=" https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.1.5-relnotes.txt" > 3.1.5< /a> < /li>
< /ul>
< hr>
</content>
<category scheme= "https://openbsd.fr.eu.org/categories/libressl/" term= "LibreSSL" label= "LibreSSL" />
<category scheme= "https://openbsd.fr.eu.org/tags/libressl/" term= "LibreSSL" label= "LibreSSL" />
<category scheme= "https://openbsd.fr.eu.org/tags/3.3/" term= "3.3" label= "3.3" />
<category scheme= "https://openbsd.fr.eu.org/tags/3.2/" term= "3.2" label= "3.2" />
<category scheme= "https://openbsd.fr.eu.org/tags/3.1/" term= "3.1" label= "3.1" />
</entry>
<entry >
<title type= "text" > OpenNTPD 6.8p1</title>
2021-01-24 12:34:04 +00:00
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/posts/2020/12/09/openntpd-6.8p1/" />
<id > https://openbsd.fr.eu.org/posts/2020/12/09/openntpd-6.8p1/</id>
2020-12-10 14:23:05 +00:00
<updated > 2020-12-09T13:39:22+ 01:00</updated>
<published > 2020-12-09T13:13:58+ 01:00</published>
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights> <summary type= "html" > Sortie d' OpenNTPD 6.8p1 (20201209)</summary>
<content type= "html" > < h2 id=" description" > Description< /h2>
< p> L& rsquo;équipe OpenBSD sort une nouvelle version d& rsquo;OpenNTDP, la < strong> 6.8p1< /strong> .< /p>
< p> < em> cela fait quelques années qu& rsquo;il n& rsquo;y avait pas eu de sortie majeure, depuis la 6.2p3< /em> < /p>
< h2 id=" changelog" > Changelog< /h2>
< ul>
< li>
< p> The ntpd daemon now gets and sets the clock in a secure way when booting
even when a battery-backed clock is absent.< /p>
< /li>
< li>
< p> Improvements in DNS resolving and constraints checking, especially during
startup. Unreliable NTP peers are removed from the pool and DNS resolving
is repeated to add replacements.< /p>
< /li>
< li>
< p> Improved reliability and security of TLS constraint checking.< /p>
< /li>
< li>
< p> Improved logging of failure cases.< /p>
< /li>
< li>
< p> Prevent the case of multiple ntpds running at once by checking presence
of the local control socket.< /p>
< /li>
< li>
< p> TLS certificates are now searched in TLS_CA_CERT_FILE.< /p>
< /li>
< li>
< p> The default ntpd.conf configuration file now uses 9.9.9.9 and
2620:fe::fe, in addition to google.com, when performing time constraint
validation.< /p>
< /li>
< li>
< p> Improved handling unsynched mode when there is no replies from an NTP
server, such as when there are network connectivity issues.< /p>
< /li>
< li>
< p> To build OpenNTPD with time constraint support, libtls from LibreSSL
3.2.2 or later is recommended.< /p>
< /li>
< /ul>
< hr>
</content>
<category scheme= "https://openbsd.fr.eu.org/categories/openntpd/" term= "OpenNTPD" label= "OpenNTPD" />
<category scheme= "https://openbsd.fr.eu.org/tags/openntpd/" term= "OpenNTPD" label= "OpenNTPD" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.8/" term= "6.8" label= "6.8" />
</entry>
<entry >
2020-12-24 15:00:48 +00:00
<title type= "text" > Syspatch : asn.1, exit (2020/12/08)</title>
2021-01-24 12:34:04 +00:00
<link rel= "alternate" type= "text/html" href= "https://openbsd.fr.eu.org/posts/2020/12/09/syspatch-asn1-exit/" />
<id > https://openbsd.fr.eu.org/posts/2020/12/09/syspatch-asn1-exit/</id>
2021-03-15 17:19:32 +00:00
<updated > 2021-03-09T12:08:16+ 01:00</updated>
2020-12-10 14:23:05 +00:00
<published > 2020-12-09T12:51:50+ 01:00</published>
<author >
<name > OBSD4a</name>
<uri > https://openbsd.fr.eu.org/</uri>
<email > puffy@openbsd.fr.eu.org</email>
</author>
<rights > [CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights> <summary type= "html" > Correctif OpenBSD: asn.1 & exit</summary>
<content type= "html" > < h2 id=" correctif-de-sécurité-asn1" > Correctif de Sécurité asn.1< /h2>
2020-12-24 15:00:48 +00:00
< p> Concernant LibreSSL, < strong> une notation ASN.1 mal formée dans une liste de
2020-12-10 14:23:05 +00:00
révocation de certificat ou une réponse de timestamp peut amener vers un
2020-12-24 15:00:48 +00:00
pointeur de déréférencement NULL< /strong> < /p>
2020-12-10 14:23:05 +00:00
< ul>
< li> le correctif affecte le noyau OpenBSD 6.7 et 6.8 et nécessite le redémarrage
de la machine< /li>
< /ul>
< h2 id=" correctif-de-fiabilité-exit" > Correctif de fiabilité exit< /h2>
2020-12-24 15:00:48 +00:00
< p> < strong> Lors d& rsquo;un processus de sortie, dans des programmes multithread un faux
code de sortie peut être reporté< /strong> .< /p>
2020-12-10 14:23:05 +00:00
< hr>
2021-03-15 17:19:32 +00:00
< p> Plus d& rsquo;informations sur les pages d& rsquo;Errata < a href=" https://openbsd.org/errata68.html" > 6.8< /a> et < a href=" https://openbsd.org/errata67.html" > 6.7< /a> … < br>
2020-12-10 14:23:05 +00:00
< em> et leurs versions FR respectives : < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68" > 6.8 FR< /a> et < a href=" https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67" > 6.7 FR< /a> .< /em> < /p>
< hr>
</content>
<category scheme= "https://openbsd.fr.eu.org/categories/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/syspatch/" term= "Syspatch" label= "Syspatch" />
<category scheme= "https://openbsd.fr.eu.org/tags/asn.1/" term= "asn.1" label= "asn.1" />
<category scheme= "https://openbsd.fr.eu.org/tags/exit/" term= "exit" label= "exit" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.7/" term= "6.7" label= "6.7" />
<category scheme= "https://openbsd.fr.eu.org/tags/6.8/" term= "6.8" label= "6.8" />
</entry>
</feed>