836 lines
44 KiB
XML
836 lines
44 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<rss xmlns:atom="http://www.w3.org/2005/Atom" version="2.0">
|
|
<channel>
|
|
<title>OpenBSD Pour Tous 🐡</title>
|
|
<link>https://openbsd.fr.eu.org/</link>
|
|
<description>OBSD4* : Site de la communauté francophone autour d'OpenBSD.</description>
|
|
<generator>Hugo 0.80.0 https://gohugo.io/</generator>
|
|
|
|
<language>fr</language>
|
|
|
|
|
|
<managingEditor>puffy@openbsd.fr.eu.org (OBSD4a)</managingEditor>
|
|
|
|
|
|
<webMaster>puffy@openbsd.fr.eu.org (OBSD4a)</webMaster>
|
|
|
|
|
|
<copyright>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</copyright>
|
|
|
|
<lastBuildDate>Thu, 04 Feb 2021 07:27:21 +0100</lastBuildDate>
|
|
|
|
<atom:link rel="self" type="application/rss+xml" href="https://openbsd.fr.eu.org/rss.xml" />
|
|
|
|
|
|
<item>
|
|
<title>Syspatch : libressl (2021/02/02)</title>
|
|
<link>https://openbsd.fr.eu.org/posts/2021/02/03/syspatch-libressl-6.8/</link>
|
|
<guid isPermaLink="true">https://openbsd.fr.eu.org/posts/2021/02/03/syspatch-libressl-6.8/</guid>
|
|
<pubDate>Wed, 03 Feb 2021 07:14:19 +0100</pubDate>
|
|
|
|
<author>puffy@openbsd.fr.eu.org (OBSD4a)</author>
|
|
|
|
<copyright>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</copyright>
|
|
|
|
<description><h2 id="correctif-de-fiabilité-libressl">Correctif de fiabilité libressl</h2>
|
|
<p><strong>De nombreux problèmes d&rsquo;interopérabilité et failles mémoire ont été découvertes dans les bibliothèques libcrypto et libssl.</strong></p>
|
|
<p>Il peut-être nécessaire de redémarrer certains services, tels isakmpd, unwind.</p>
|
|
<p>Pour toutes les architectures supportées :</p>
|
|
<ul>
|
|
<li>amd64, arm64, i386 par <code>syspatch</code></li>
|
|
<li>armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par <a href="https://openbsd.fr.eu.org/posts/2021/02/03/syspatch-libressl-6.8/#recompilation">recompilation</a></li>
|
|
</ul>
|
|
<hr>
|
|
<h2 id="syspatch">Syspatch</h2>
|
|
<p>Cette étape ne concerne que les architectures amd64, arm64, i386 !</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># syspatch</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Ensuite <a href="https://openbsd.fr.eu.org/posts/2021/02/03/syspatch-libressl-6.8/#restart">redémarrez</a> les services utilisés, si c&rsquo;est le cas !</p>
|
|
<h2 id="recompilation">Recompilation</h2>
|
|
<p>Pour toute autre architecture prise en charge par le projet OpenBSD, voici
|
|
les étapes de recompilation nécessaires :</p>
|
|
<p>⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/013_libressl.patch.sig</span>
|
|
<span class="c1"># signify -Vep /etc/signify/openbsd-68-base.pub -x 013_libressl.patch.sig \</span>
|
|
-m - <span class="p">|</span> <span class="o">(</span><span class="nb">cd</span> /usr/src <span class="o">&amp;&amp;</span> patch -p0<span class="o">)</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>⇒ La phase de recompilation :</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt"> 1
|
|
</span><span class="lnt"> 2
|
|
</span><span class="lnt"> 3
|
|
</span><span class="lnt"> 4
|
|
</span><span class="lnt"> 5
|
|
</span><span class="lnt"> 6
|
|
</span><span class="lnt"> 7
|
|
</span><span class="lnt"> 8
|
|
</span><span class="lnt"> 9
|
|
</span><span class="lnt">10
|
|
</span><span class="lnt">11
|
|
</span><span class="lnt">12
|
|
</span><span class="lnt">13
|
|
</span><span class="lnt">14
|
|
</span><span class="lnt">15
|
|
</span><span class="lnt">16
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="nb">cd</span> /usr/src/lib/libcrypto
|
|
make obj
|
|
make
|
|
make install
|
|
<span class="nb">cd</span> /usr/src/lib/libssl
|
|
make obj
|
|
make
|
|
make install
|
|
<span class="nb">cd</span> /usr/src/sbin/isakmpd
|
|
make obj
|
|
make
|
|
make install
|
|
<span class="nb">cd</span> /usr/src/sbin/unwind
|
|
make obj
|
|
make
|
|
make install
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Pour finir, <a href="https://openbsd.fr.eu.org/posts/2021/02/03/syspatch-libressl-6.8/#restart">redémarrez</a> les services, si utilisés.</p>
|
|
<h2 id="restart">Restart</h2>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># rcctl restart isakmpd unwind</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><hr>
|
|
<p>Plus d&rsquo;informations sur les pages d&rsquo;Errata <a href="https://openbsd.org/errata68">6.8</a>… <br>
|
|
<em>et leurs versions FR respectives : <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68">6.8 FR</a> et <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67">6.7 FR</a>.</em></p>
|
|
<hr>
|
|
</description>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/categories/syspatch/">Syspatch</category>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/syspatch/">Syspatch</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/libressl/">LibreSSL</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/6.8/">6.8</category>
|
|
|
|
|
|
|
|
|
|
|
|
</item>
|
|
|
|
<item>
|
|
<title>Syspatch : carp (2021/01/13)</title>
|
|
<link>https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/</link>
|
|
<guid isPermaLink="true">https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/</guid>
|
|
<pubDate>Wed, 13 Jan 2021 20:02:39 +0100</pubDate>
|
|
|
|
<author>puffy@openbsd.fr.eu.org (OBSD4a)</author>
|
|
|
|
<copyright>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</copyright>
|
|
|
|
<description><h2 id="correctif-de-fiabilité-carp">Correctif de fiabilité carp</h2>
|
|
<p><strong>L&rsquo;utilisation de bpf(4) sur une interface CARP pourrait entraîner une
|
|
utilisation après une erreur</strong>.</p>
|
|
<p>Il est nécessaire de <strong>redémarrer la machine</strong> car ce correctif affecte
|
|
le noyau.</p>
|
|
<p>Pour toutes les architectures supportées :</p>
|
|
<ul>
|
|
<li>amd64, arm64, i386 par <code>syspatch</code></li>
|
|
<li>armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par <a href="https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/#recompilation">recompilation</a></li>
|
|
</ul>
|
|
<hr>
|
|
<h2 id="syspatch">Syspatch</h2>
|
|
<p>Cette étape ne concerne que les architectures amd64, arm64, i386 !</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># syspatch</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Ensuite <a href="https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/#restart">redémarrez</a> la machine !</p>
|
|
<h2 id="recompilation">Recompilation</h2>
|
|
<p>Pour toute autre architecture prise en charge par le projet OpenBSD, voici
|
|
les étapes de recompilation nécessaires :</p>
|
|
<p>⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :</p>
|
|
<ul>
|
|
<li>Pour 6.8 :</li>
|
|
</ul>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/012_carp.patch.sig</span>
|
|
<span class="c1"># signify -Vep /etc/signify/openbsd-68-base.pub -x 012_carp.patch.sig \</span>
|
|
-m - <span class="p">|</span> <span class="o">(</span><span class="nb">cd</span> /usr/src <span class="o">&amp;&amp;</span> patch -p0<span class="o">)</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>⇒ La phase de recompilation :</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span><span class="lnt">4
|
|
</span><span class="lnt">5
|
|
</span><span class="lnt">6
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># KK=`sysctl -n kern.osversion | cut -d# -f1`</span>
|
|
<span class="c1"># cd /usr/src/sys/arch/`machine`/compile/$KK</span>
|
|
<span class="c1"># make obj</span>
|
|
<span class="c1"># make config</span>
|
|
<span class="c1"># make</span>
|
|
<span class="c1"># make install</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Pour finir, <a href="https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/#restart">redémarrez</a> la machine !</p>
|
|
<h2 id="restart">Restart</h2>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># reboot</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><hr>
|
|
<p>Plus d&rsquo;informations sur les pages d&rsquo;Errata <a href="https://openbsd.org/errata68">6.8</a> et <a href="https://openbsd.org/errata67">6.7</a>… <br>
|
|
<em>et leurs versions FR respectives : <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68">6.8 FR</a> et <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67">6.7 FR</a>.</em></p>
|
|
<hr>
|
|
</description>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/categories/syspatch/">Syspatch</category>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/syspatch/">Syspatch</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/carp/">carp</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/bpf/">bpf</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/6.8/">6.8</category>
|
|
|
|
|
|
|
|
|
|
|
|
</item>
|
|
|
|
<item>
|
|
<title>Syspatch : NDP - IPv6 (2021/01/11)</title>
|
|
<link>https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/</link>
|
|
<guid isPermaLink="true">https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/</guid>
|
|
<pubDate>Mon, 11 Jan 2021 15:05:12 +0100</pubDate>
|
|
|
|
<author>puffy@openbsd.fr.eu.org (OBSD4a)</author>
|
|
|
|
<copyright>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</copyright>
|
|
|
|
<description><h2 id="correctif-de-fiabilité--nd6">Correctif de fiabilité nd6</h2>
|
|
<p><strong>Quand une entrée NDP est invalide sur la couche de niveau 2, celle-ci
|
|
n&rsquo;est pas invalidée.</strong></p>
|
|
<p>Il est nécessaire de <strong>redémarrer la machine</strong> car ce correctif affecte
|
|
le noyau.</p>
|
|
<p>Pour toutes les architectures supportées :</p>
|
|
<ul>
|
|
<li>amd64, arm64, i386 par <code>syspatch</code></li>
|
|
<li>armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par <a href="https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/#recompilation">recompilation</a></li>
|
|
</ul>
|
|
<hr>
|
|
<h2 id="syspatch">Syspatch</h2>
|
|
<p>Cette étape ne concerne que les architectures amd64, arm64, i386 !</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># syspatch</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Ensuite <a href="https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/#restart">redémarrez</a> la machine !</p>
|
|
<h2 id="recompilation">Recompilation</h2>
|
|
<p>Pour toute autre architecture prise en charge par le projet OpenBSD, voici
|
|
les étapes de recompilation nécessaires :</p>
|
|
<p>⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :</p>
|
|
<ul>
|
|
<li>Pour 6.8 :</li>
|
|
</ul>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/011_nd6.patch.sig</span>
|
|
<span class="c1"># signify -Vep /etc/signify/openbsd-68-base.pub -x 011_nd6.patch.sig \</span>
|
|
-m - <span class="p">|</span> <span class="o">(</span><span class="nb">cd</span> /usr/src <span class="o">&amp;&amp;</span> patch -p0<span class="o">)</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><ul>
|
|
<li>Pour 6.7 :</li>
|
|
</ul>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># https://ftp.openbsd.org/pub/OpenBSD/patches/6.7/common/034_nd6.patch.sig</span>
|
|
<span class="c1"># signify -Vep /etc/signify/openbsd-67-base.pub -x 034_nd6.patch.sig \</span>
|
|
-m - <span class="p">|</span> <span class="o">(</span><span class="nb">cd</span> /usr/src <span class="o">&amp;&amp;</span> patch -p0<span class="o">)</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>⇒ La phase de recompilation :</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span><span class="lnt">4
|
|
</span><span class="lnt">5
|
|
</span><span class="lnt">6
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># KK=`sysctl -n kern.osversion | cut -d# -f1`</span>
|
|
<span class="c1"># cd /usr/src/sys/arch/`machine`/compile/$KK</span>
|
|
<span class="c1"># make obj</span>
|
|
<span class="c1"># make config</span>
|
|
<span class="c1"># make</span>
|
|
<span class="c1"># make install</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Pour finir, <a href="https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/#restart">redémarrez</a> la machine !</p>
|
|
<h2 id="restart">Restart</h2>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># reboot</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><hr>
|
|
<p>Plus d&rsquo;informations sur les pages d&rsquo;Errata <a href="https://openbsd.org/errata68">6.8</a> et <a href="https://openbsd.org/errata67">6.7</a>… <br>
|
|
<em>et leurs versions FR respectives : <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68">6.8 FR</a> et <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67">6.7 FR</a>.</em></p>
|
|
<hr>
|
|
</description>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/categories/syspatch/">Syspatch</category>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/syspatch/">Syspatch</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/ndp/">NDP</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/ipv6/">IPv6</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/6.7/">6.7</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/6.8/">6.8</category>
|
|
|
|
|
|
|
|
|
|
|
|
</item>
|
|
|
|
<item>
|
|
<title>Syspatch : smptd (2020/12/23)</title>
|
|
<link>https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd/</link>
|
|
<guid isPermaLink="true">https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd/</guid>
|
|
<pubDate>Thu, 24 Dec 2020 15:05:12 +0100</pubDate>
|
|
|
|
<author>puffy@openbsd.fr.eu.org (OBSD4a)</author>
|
|
|
|
<copyright>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</copyright>
|
|
|
|
<description><h2 id="correctif-de-fiabilité-smtpd">Correctif de fiabilité smtpd</h2>
|
|
<p><strong>La machine à états de filtrage de smtpd peut libérer prématurément des
|
|
ressources conduisant à un plantage</strong>.</p>
|
|
<p>Il est nécessaire de <strong>redémarrer le service</strong> après l&rsquo;application du correctif !</p>
|
|
<p>Pour toutes les architectures supportées :</p>
|
|
<ul>
|
|
<li>amd64, arm64, i386 par <code>syspatch</code></li>
|
|
<li>armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par <a href="https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd/#recompilation">recompilation</a></li>
|
|
</ul>
|
|
<hr>
|
|
<h2 id="syspatch">Syspatch</h2>
|
|
<p>Cette étape ne concerne que les architectures amd64, arm64, i386 !</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># syspatch</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Ensuite <a href="https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd/#restart">redémarrez</a> le service !</p>
|
|
<h2 id="recompilation">Recompilation</h2>
|
|
<p>Pour toute autre architecture prise en charge par le projet OpenBSD, voici
|
|
les étapes de recompilation nécessaires :</p>
|
|
<p>⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :</p>
|
|
<ul>
|
|
<li>Pour 6.8 :</li>
|
|
</ul>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/010_smtpd.patch.sig</span>
|
|
<span class="c1"># signify -Vep /etc/signify/openbsd-68-base.pub -x 010_smtpd.patch.sig \</span>
|
|
-m - <span class="p">|</span> <span class="o">(</span><span class="nb">cd</span> /usr/src <span class="o">&amp;&amp;</span> patch -p0<span class="o">)</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><ul>
|
|
<li>Pour 6.7 :</li>
|
|
</ul>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># https://ftp.openbsd.org/pub/OpenBSD/patches/6.7/common/033_smtpd.patch.sig</span>
|
|
<span class="c1"># signify -Vep /etc/signify/openbsd-67-base.pub -x 033_smtpd.patch.sig \</span>
|
|
-m - <span class="p">|</span> <span class="o">(</span><span class="nb">cd</span> /usr/src <span class="o">&amp;&amp;</span> patch -p0<span class="o">)</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>⇒ La phase de recompilation :</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span><span class="lnt">4
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># cd /usr/src/usr.sbin/smtpd</span>
|
|
<span class="c1"># make obj</span>
|
|
<span class="c1"># make</span>
|
|
<span class="c1"># make install</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Pour finir, <a href="https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd/#restart">redémarrez</a> le service !</p>
|
|
<h2 id="restart">Restart</h2>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># rcctl restart smtpd</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><hr>
|
|
<p>Plus d&rsquo;informations sur les pages d&rsquo;Errata <a href="https://openbsd.org/errata68">6.8</a> et <a href="https://openbsd.org/errata67">6.7</a>… <br>
|
|
<em>et leurs versions FR respectives : <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68">6.8 FR</a> et <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67">6.7 FR</a>.</em></p>
|
|
<hr>
|
|
</description>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/categories/syspatch/">Syspatch</category>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/syspatch/">Syspatch</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/smtpd/">smtpd</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/6.7/">6.7</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/6.8/">6.8</category>
|
|
|
|
|
|
|
|
|
|
|
|
</item>
|
|
|
|
<item>
|
|
<title>LibreSSL : 3.3.1, 3.2.3, 3.1.5</title>
|
|
<link>https://openbsd.fr.eu.org/posts/2020/12/09/libressl-3.3.1-3.2.3-3.1.5/</link>
|
|
<guid isPermaLink="true">https://openbsd.fr.eu.org/posts/2020/12/09/libressl-3.3.1-3.2.3-3.1.5/</guid>
|
|
<pubDate>Wed, 09 Dec 2020 13:23:17 +0100</pubDate>
|
|
|
|
<author>puffy@openbsd.fr.eu.org (OBSD4a)</author>
|
|
|
|
<copyright>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</copyright>
|
|
|
|
<description><h2 id="description">Description</h2>
|
|
<p>Suite au <a href="https://openbsd.fr.eu.org/posts/syspatch-asn1-exit-20201208/#correctif-de-s%C3%A9curit%C3%A9-asn1">correctif de sécurité à-propos d&rsquo;asn.1</a>, l&rsquo;équipe OpenBSD
|
|
délivre trois nouvelles versions de LibreSSL.</p>
|
|
<p>Retrouvez les notes respectives de ces trois versions :</p>
|
|
<ul>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.3.1-relnotes.txt">3.3.1</a></li>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.3-relnotes.txt">3.2.3</a></li>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.1.5-relnotes.txt">3.1.5</a></li>
|
|
</ul>
|
|
<hr>
|
|
</description>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/categories/libressl/">LibreSSL</category>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/libressl/">LibreSSL</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/3.3/">3.3</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/3.2/">3.2</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/3.1/">3.1</category>
|
|
|
|
|
|
|
|
|
|
|
|
</item>
|
|
|
|
<item>
|
|
<title>OpenNTPD 6.8p1</title>
|
|
<link>https://openbsd.fr.eu.org/posts/2020/12/09/openntpd-6.8p1/</link>
|
|
<guid isPermaLink="true">https://openbsd.fr.eu.org/posts/2020/12/09/openntpd-6.8p1/</guid>
|
|
<pubDate>Wed, 09 Dec 2020 13:13:58 +0100</pubDate>
|
|
|
|
<author>puffy@openbsd.fr.eu.org (OBSD4a)</author>
|
|
|
|
<copyright>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</copyright>
|
|
|
|
<description><h2 id="description">Description</h2>
|
|
<p>L&rsquo;équipe OpenBSD sort une nouvelle version d&rsquo;OpenNTDP, la <strong>6.8p1</strong>.</p>
|
|
<p><em>cela fait quelques années qu&rsquo;il n&rsquo;y avait pas eu de sortie majeure, depuis la 6.2p3</em></p>
|
|
<h2 id="changelog">Changelog</h2>
|
|
<ul>
|
|
<li>
|
|
<p>The ntpd daemon now gets and sets the clock in a secure way when booting
|
|
even when a battery-backed clock is absent.</p>
|
|
</li>
|
|
<li>
|
|
<p>Improvements in DNS resolving and constraints checking, especially during
|
|
startup. Unreliable NTP peers are removed from the pool and DNS resolving
|
|
is repeated to add replacements.</p>
|
|
</li>
|
|
<li>
|
|
<p>Improved reliability and security of TLS constraint checking.</p>
|
|
</li>
|
|
<li>
|
|
<p>Improved logging of failure cases.</p>
|
|
</li>
|
|
<li>
|
|
<p>Prevent the case of multiple ntpds running at once by checking presence
|
|
of the local control socket.</p>
|
|
</li>
|
|
<li>
|
|
<p>TLS certificates are now searched in TLS_CA_CERT_FILE.</p>
|
|
</li>
|
|
<li>
|
|
<p>The default ntpd.conf configuration file now uses 9.9.9.9 and
|
|
2620:fe::fe, in addition to google.com, when performing time constraint
|
|
validation.</p>
|
|
</li>
|
|
<li>
|
|
<p>Improved handling unsynched mode when there is no replies from an NTP
|
|
server, such as when there are network connectivity issues.</p>
|
|
</li>
|
|
<li>
|
|
<p>To build OpenNTPD with time constraint support, libtls from LibreSSL
|
|
3.2.2 or later is recommended.</p>
|
|
</li>
|
|
</ul>
|
|
<hr>
|
|
</description>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/categories/openntpd/">OpenNTPD</category>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/openntpd/">OpenNTPD</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/6.8/">6.8</category>
|
|
|
|
|
|
|
|
|
|
|
|
</item>
|
|
|
|
<item>
|
|
<title>Syspatch : asn.1, exit (2020/12/08)</title>
|
|
<link>https://openbsd.fr.eu.org/posts/2020/12/09/syspatch-asn1-exit/</link>
|
|
<guid isPermaLink="true">https://openbsd.fr.eu.org/posts/2020/12/09/syspatch-asn1-exit/</guid>
|
|
<pubDate>Wed, 09 Dec 2020 12:51:50 +0100</pubDate>
|
|
|
|
<author>puffy@openbsd.fr.eu.org (OBSD4a)</author>
|
|
|
|
<copyright>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</copyright>
|
|
|
|
<description><h2 id="correctif-de-sécurité-asn1">Correctif de Sécurité asn.1</h2>
|
|
<p>Concernant LibreSSL, <strong>une notation ASN.1 mal formée dans une liste de
|
|
révocation de certificat ou une réponse de timestamp peut amener vers un
|
|
pointeur de déréférencement NULL</strong></p>
|
|
<ul>
|
|
<li>le correctif affecte le noyau OpenBSD 6.7 et 6.8 et nécessite le redémarrage
|
|
de la machine</li>
|
|
</ul>
|
|
<h2 id="correctif-de-fiabilité-exit">Correctif de fiabilité exit</h2>
|
|
<p><strong>Lors d&rsquo;un processus de sortie, dans des programmes multithread un faux
|
|
code de sortie peut être reporté</strong>.</p>
|
|
<hr>
|
|
<p>Plus d&rsquo;informations sur les pages d&rsquo;Errata <a href="https://openbsd.org/errata68">6.8</a> et <a href="https://openbsd.org/errata67">6.7</a>… <br>
|
|
<em>et leurs versions FR respectives : <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68">6.8 FR</a> et <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67">6.7 FR</a>.</em></p>
|
|
<hr>
|
|
</description>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/categories/syspatch/">Syspatch</category>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/syspatch/">Syspatch</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/asn.1/">asn.1</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/exit/">exit</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/6.7/">6.7</category>
|
|
|
|
|
|
|
|
|
|
|
|
<category domain="https://openbsd.fr.eu.org/tags/6.8/">6.8</category>
|
|
|
|
|
|
|
|
|
|
|
|
</item>
|
|
|
|
</channel>
|
|
</rss>
|