700 lines
37 KiB
XML
700 lines
37 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
|
|
|
|
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="fr">
|
|
<title type="text">OpenBSD Pour Tous 🐡</title>
|
|
<subtitle type="html">OBSD4a : Site de la communauté française autour d'OpenBSD.</subtitle>
|
|
<updated>2021-01-24T13:30:11+01:00</updated>
|
|
<id>https://openbsd.fr.eu.org/</id>
|
|
<link rel="alternate" type="text/html" href="https://openbsd.fr.eu.org/" />
|
|
<link rel="self" type="application/atom+xml" href="https://openbsd.fr.eu.org/atom.xml" />
|
|
<author>
|
|
<name>OBSD4a</name>
|
|
<uri>https://openbsd.fr.eu.org/</uri>
|
|
|
|
<email>puffy@openbsd.fr.eu.org</email>
|
|
</author>
|
|
<rights>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights>
|
|
<generator uri="https://gohugo.io/" version="0.80.0">Hugo</generator>
|
|
<entry>
|
|
<title type="text">Syspatch : carp (2021/01/13)</title>
|
|
<link rel="alternate" type="text/html" href="https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/" />
|
|
<id>https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/</id>
|
|
<updated>2021-01-13T20:06:30+01:00</updated>
|
|
<published>2021-01-13T20:02:39+01:00</published>
|
|
<author>
|
|
<name>OBSD4a</name>
|
|
<uri>https://openbsd.fr.eu.org/</uri>
|
|
<email>puffy@openbsd.fr.eu.org</email>
|
|
</author>
|
|
<rights>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights><summary type="html">Correctif OpenBSD: carp, bpf</summary>
|
|
|
|
<content type="html"><h2 id="correctif-de-fiabilité-carp">Correctif de fiabilité carp</h2>
|
|
<p><strong>L&rsquo;utilisation de bpf(4) sur une interface CARP pourrait entraîner une
|
|
utilisation après une erreur</strong>.</p>
|
|
<p>Il est nécessaire de <strong>redémarrer la machine</strong> car ce correctif affecte
|
|
le noyau.</p>
|
|
<p>Pour toutes les architectures supportées :</p>
|
|
<ul>
|
|
<li>amd64, arm64, i386 par <code>syspatch</code></li>
|
|
<li>armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par <a href="https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/#recompilation">recompilation</a></li>
|
|
</ul>
|
|
<hr>
|
|
<h2 id="syspatch">Syspatch</h2>
|
|
<p>Cette étape ne concerne que les architectures amd64, arm64, i386 !</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># syspatch</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Ensuite <a href="https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/#restart">redémarrez</a> la machine !</p>
|
|
<h2 id="recompilation">Recompilation</h2>
|
|
<p>Pour toute autre architecture prise en charge par le projet OpenBSD, voici
|
|
les étapes de recompilation nécessaires :</p>
|
|
<p>⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :</p>
|
|
<ul>
|
|
<li>Pour 6.8 :</li>
|
|
</ul>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/012_carp.patch.sig</span>
|
|
<span class="c1"># signify -Vep /etc/signify/openbsd-68-base.pub -x 012_carp.patch.sig \</span>
|
|
-m - <span class="p">|</span> <span class="o">(</span><span class="nb">cd</span> /usr/src <span class="o">&amp;&amp;</span> patch -p0<span class="o">)</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>⇒ La phase de recompilation :</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span><span class="lnt">4
|
|
</span><span class="lnt">5
|
|
</span><span class="lnt">6
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># KK=`sysctl -n kern.osversion | cut -d# -f1`</span>
|
|
<span class="c1"># cd /usr/src/sys/arch/`machine`/compile/$KK</span>
|
|
<span class="c1"># make obj</span>
|
|
<span class="c1"># make config</span>
|
|
<span class="c1"># make</span>
|
|
<span class="c1"># make install</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Pour finir, <a href="https://openbsd.fr.eu.org/posts/2021/01/13/syspatch-carp-bpf/#restart">redémarrez</a> la machine !</p>
|
|
<h2 id="restart">Restart</h2>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># reboot</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><hr>
|
|
<p>Plus d&rsquo;informations sur les pages d&rsquo;Errata <a href="https://openbsd.org/errata68">6.8</a> et <a href="https://openbsd.org/errata67">6.7</a>… <br>
|
|
<em>et leurs versions FR respectives : <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68">6.8 FR</a> et <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67">6.7 FR</a>.</em></p>
|
|
<hr>
|
|
</content>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/categories/syspatch/" term="Syspatch" label="Syspatch" />
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/syspatch/" term="Syspatch" label="Syspatch" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/carp/" term="carp" label="carp" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/bpf/" term="bpf" label="bpf" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/6.8/" term="6.8" label="6.8" />
|
|
|
|
|
|
|
|
|
|
|
|
</entry>
|
|
|
|
<entry>
|
|
<title type="text">Syspatch : NDP - IPv6 (2021/01/11)</title>
|
|
<link rel="alternate" type="text/html" href="https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/" />
|
|
<id>https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/</id>
|
|
<updated>2021-01-14T15:31:34+01:00</updated>
|
|
<published>2021-01-11T15:05:12+01:00</published>
|
|
<author>
|
|
<name>OBSD4a</name>
|
|
<uri>https://openbsd.fr.eu.org/</uri>
|
|
<email>puffy@openbsd.fr.eu.org</email>
|
|
</author>
|
|
<rights>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights><summary type="html">Correctif OpenBSD: NDP</summary>
|
|
|
|
<content type="html"><h2 id="correctif-de-fiabilité--nd6">Correctif de fiabilité nd6</h2>
|
|
<p><strong>Quand une entrée NDP est invalide sur la couche de niveau 2, celle-ci
|
|
n&rsquo;est pas invalidée.</strong></p>
|
|
<p>Il est nécessaire de <strong>redémarrer la machine</strong> car ce correctif affecte
|
|
le noyau.</p>
|
|
<p>Pour toutes les architectures supportées :</p>
|
|
<ul>
|
|
<li>amd64, arm64, i386 par <code>syspatch</code></li>
|
|
<li>armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par <a href="https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/#recompilation">recompilation</a></li>
|
|
</ul>
|
|
<hr>
|
|
<h2 id="syspatch">Syspatch</h2>
|
|
<p>Cette étape ne concerne que les architectures amd64, arm64, i386 !</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># syspatch</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Ensuite <a href="https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/#restart">redémarrez</a> la machine !</p>
|
|
<h2 id="recompilation">Recompilation</h2>
|
|
<p>Pour toute autre architecture prise en charge par le projet OpenBSD, voici
|
|
les étapes de recompilation nécessaires :</p>
|
|
<p>⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :</p>
|
|
<ul>
|
|
<li>Pour 6.8 :</li>
|
|
</ul>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/011_nd6.patch.sig</span>
|
|
<span class="c1"># signify -Vep /etc/signify/openbsd-68-base.pub -x 011_nd6.patch.sig \</span>
|
|
-m - <span class="p">|</span> <span class="o">(</span><span class="nb">cd</span> /usr/src <span class="o">&amp;&amp;</span> patch -p0<span class="o">)</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><ul>
|
|
<li>Pour 6.7 :</li>
|
|
</ul>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># https://ftp.openbsd.org/pub/OpenBSD/patches/6.7/common/034_nd6.patch.sig</span>
|
|
<span class="c1"># signify -Vep /etc/signify/openbsd-67-base.pub -x 034_nd6.patch.sig \</span>
|
|
-m - <span class="p">|</span> <span class="o">(</span><span class="nb">cd</span> /usr/src <span class="o">&amp;&amp;</span> patch -p0<span class="o">)</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>⇒ La phase de recompilation :</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span><span class="lnt">4
|
|
</span><span class="lnt">5
|
|
</span><span class="lnt">6
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># KK=`sysctl -n kern.osversion | cut -d# -f1`</span>
|
|
<span class="c1"># cd /usr/src/sys/arch/`machine`/compile/$KK</span>
|
|
<span class="c1"># make obj</span>
|
|
<span class="c1"># make config</span>
|
|
<span class="c1"># make</span>
|
|
<span class="c1"># make install</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Pour finir, <a href="https://openbsd.fr.eu.org/posts/2021/01/11/syspatch-nd6/#restart">redémarrez</a> la machine !</p>
|
|
<h2 id="restart">Restart</h2>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># reboot</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><hr>
|
|
<p>Plus d&rsquo;informations sur les pages d&rsquo;Errata <a href="https://openbsd.org/errata68">6.8</a> et <a href="https://openbsd.org/errata67">6.7</a>… <br>
|
|
<em>et leurs versions FR respectives : <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68">6.8 FR</a> et <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67">6.7 FR</a>.</em></p>
|
|
<hr>
|
|
</content>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/categories/syspatch/" term="Syspatch" label="Syspatch" />
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/syspatch/" term="Syspatch" label="Syspatch" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/ndp/" term="NDP" label="NDP" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/ipv6/" term="IPv6" label="IPv6" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/6.7/" term="6.7" label="6.7" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/6.8/" term="6.8" label="6.8" />
|
|
|
|
|
|
|
|
|
|
|
|
</entry>
|
|
|
|
<entry>
|
|
<title type="text">Syspatch : smptd (2020/12/23)</title>
|
|
<link rel="alternate" type="text/html" href="https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd/" />
|
|
<id>https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd/</id>
|
|
<updated>2021-01-04T15:39:26+01:00</updated>
|
|
<published>2020-12-24T15:05:12+01:00</published>
|
|
<author>
|
|
<name>OBSD4a</name>
|
|
<uri>https://openbsd.fr.eu.org/</uri>
|
|
<email>puffy@openbsd.fr.eu.org</email>
|
|
</author>
|
|
<rights>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights><summary type="html">Correctif OpenBSD: smtpd</summary>
|
|
|
|
<content type="html"><h2 id="correctif-de-fiabilité-smtpd">Correctif de fiabilité smtpd</h2>
|
|
<p><strong>La machine à états de filtrage de smtpd peut libérer prématurément des
|
|
ressources conduisant à un plantage</strong>.</p>
|
|
<p>Il est nécessaire de <strong>redémarrer le service</strong> après l&rsquo;application du correctif !</p>
|
|
<p>Pour toutes les architectures supportées :</p>
|
|
<ul>
|
|
<li>amd64, arm64, i386 par <code>syspatch</code></li>
|
|
<li>armv7, hppa, landisk, loongson, luna88k, macppc, sparc64 par <a href="https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd/#recompilation">recompilation</a></li>
|
|
</ul>
|
|
<hr>
|
|
<h2 id="syspatch">Syspatch</h2>
|
|
<p>Cette étape ne concerne que les architectures amd64, arm64, i386 !</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># syspatch</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Ensuite <a href="https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd/#restart">redémarrez</a> le service !</p>
|
|
<h2 id="recompilation">Recompilation</h2>
|
|
<p>Pour toute autre architecture prise en charge par le projet OpenBSD, voici
|
|
les étapes de recompilation nécessaires :</p>
|
|
<p>⇒ Après avoir téléchargé le correctif, vérifiez-le, et appliquez-le :</p>
|
|
<ul>
|
|
<li>Pour 6.8 :</li>
|
|
</ul>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># wget https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/010_smtpd.patch.sig</span>
|
|
<span class="c1"># signify -Vep /etc/signify/openbsd-68-base.pub -x 010_smtpd.patch.sig \</span>
|
|
-m - <span class="p">|</span> <span class="o">(</span><span class="nb">cd</span> /usr/src <span class="o">&amp;&amp;</span> patch -p0<span class="o">)</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><ul>
|
|
<li>Pour 6.7 :</li>
|
|
</ul>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># https://ftp.openbsd.org/pub/OpenBSD/patches/6.7/common/033_smtpd.patch.sig</span>
|
|
<span class="c1"># signify -Vep /etc/signify/openbsd-67-base.pub -x 033_smtpd.patch.sig \</span>
|
|
-m - <span class="p">|</span> <span class="o">(</span><span class="nb">cd</span> /usr/src <span class="o">&amp;&amp;</span> patch -p0<span class="o">)</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>⇒ La phase de recompilation :</p>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span><span class="lnt">2
|
|
</span><span class="lnt">3
|
|
</span><span class="lnt">4
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># cd /usr/src/usr.sbin/smtpd</span>
|
|
<span class="c1"># make obj</span>
|
|
<span class="c1"># make</span>
|
|
<span class="c1"># make install</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><p>Pour finir, <a href="https://openbsd.fr.eu.org/posts/2020/12/24/syspatch-smptd/#restart">redémarrez</a> le service !</p>
|
|
<h2 id="restart">Restart</h2>
|
|
<div class="highlight"><div class="chroma">
|
|
<table class="lntable"><tr><td class="lntd">
|
|
<pre class="chroma"><code><span class="lnt">1
|
|
</span></code></pre></td>
|
|
<td class="lntd">
|
|
<pre class="chroma"><code class="language-ksh" data-lang="ksh"><span class="c1"># rcctl restart smtpd</span>
|
|
</code></pre></td></tr></table>
|
|
</div>
|
|
</div><hr>
|
|
<p>Plus d&rsquo;informations sur les pages d&rsquo;Errata <a href="https://openbsd.org/errata68">6.8</a> et <a href="https://openbsd.org/errata67">6.7</a>… <br>
|
|
<em>et leurs versions FR respectives : <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68">6.8 FR</a> et <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67">6.7 FR</a>.</em></p>
|
|
<hr>
|
|
</content>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/categories/syspatch/" term="Syspatch" label="Syspatch" />
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/syspatch/" term="Syspatch" label="Syspatch" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/smtpd/" term="smtpd" label="smtpd" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/6.7/" term="6.7" label="6.7" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/6.8/" term="6.8" label="6.8" />
|
|
|
|
|
|
|
|
|
|
|
|
</entry>
|
|
|
|
<entry>
|
|
<title type="text">LibreSSL : 3.3.1, 3.2.3, 3.1.5</title>
|
|
<link rel="alternate" type="text/html" href="https://openbsd.fr.eu.org/posts/2020/12/09/libressl-3.3.1-3.2.3-3.1.5/" />
|
|
<id>https://openbsd.fr.eu.org/posts/2020/12/09/libressl-3.3.1-3.2.3-3.1.5/</id>
|
|
<updated>2020-12-09T13:39:48+01:00</updated>
|
|
<published>2020-12-09T13:23:17+01:00</published>
|
|
<author>
|
|
<name>OBSD4a</name>
|
|
<uri>https://openbsd.fr.eu.org/</uri>
|
|
<email>puffy@openbsd.fr.eu.org</email>
|
|
</author>
|
|
<rights>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights><summary type="html">Sortie de trois versions de LibreSSL: 3.3.1, 3.2.3, 3.1.5 (20201209)</summary>
|
|
|
|
<content type="html"><h2 id="description">Description</h2>
|
|
<p>Suite au <a href="https://openbsd.fr.eu.org/posts/syspatch-asn1-exit-20201208/#correctif-de-s%C3%A9curit%C3%A9-asn1">correctif de sécurité à-propos d&rsquo;asn.1</a>, l&rsquo;équipe OpenBSD
|
|
délivre trois nouvelles versions de LibreSSL.</p>
|
|
<p>Retrouvez les notes respectives de ces trois versions :</p>
|
|
<ul>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.3.1-relnotes.txt">3.3.1</a></li>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.3-relnotes.txt">3.2.3</a></li>
|
|
<li><a href="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.1.5-relnotes.txt">3.1.5</a></li>
|
|
</ul>
|
|
<hr>
|
|
</content>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/categories/libressl/" term="LibreSSL" label="LibreSSL" />
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/libressl/" term="LibreSSL" label="LibreSSL" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/3.3/" term="3.3" label="3.3" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/3.2/" term="3.2" label="3.2" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/3.1/" term="3.1" label="3.1" />
|
|
|
|
|
|
|
|
|
|
|
|
</entry>
|
|
|
|
<entry>
|
|
<title type="text">OpenNTPD 6.8p1</title>
|
|
<link rel="alternate" type="text/html" href="https://openbsd.fr.eu.org/posts/2020/12/09/openntpd-6.8p1/" />
|
|
<id>https://openbsd.fr.eu.org/posts/2020/12/09/openntpd-6.8p1/</id>
|
|
<updated>2020-12-09T13:39:22+01:00</updated>
|
|
<published>2020-12-09T13:13:58+01:00</published>
|
|
<author>
|
|
<name>OBSD4a</name>
|
|
<uri>https://openbsd.fr.eu.org/</uri>
|
|
<email>puffy@openbsd.fr.eu.org</email>
|
|
</author>
|
|
<rights>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights><summary type="html">Sortie d'OpenNTPD 6.8p1 (20201209)</summary>
|
|
|
|
<content type="html"><h2 id="description">Description</h2>
|
|
<p>L&rsquo;équipe OpenBSD sort une nouvelle version d&rsquo;OpenNTDP, la <strong>6.8p1</strong>.</p>
|
|
<p><em>cela fait quelques années qu&rsquo;il n&rsquo;y avait pas eu de sortie majeure, depuis la 6.2p3</em></p>
|
|
<h2 id="changelog">Changelog</h2>
|
|
<ul>
|
|
<li>
|
|
<p>The ntpd daemon now gets and sets the clock in a secure way when booting
|
|
even when a battery-backed clock is absent.</p>
|
|
</li>
|
|
<li>
|
|
<p>Improvements in DNS resolving and constraints checking, especially during
|
|
startup. Unreliable NTP peers are removed from the pool and DNS resolving
|
|
is repeated to add replacements.</p>
|
|
</li>
|
|
<li>
|
|
<p>Improved reliability and security of TLS constraint checking.</p>
|
|
</li>
|
|
<li>
|
|
<p>Improved logging of failure cases.</p>
|
|
</li>
|
|
<li>
|
|
<p>Prevent the case of multiple ntpds running at once by checking presence
|
|
of the local control socket.</p>
|
|
</li>
|
|
<li>
|
|
<p>TLS certificates are now searched in TLS_CA_CERT_FILE.</p>
|
|
</li>
|
|
<li>
|
|
<p>The default ntpd.conf configuration file now uses 9.9.9.9 and
|
|
2620:fe::fe, in addition to google.com, when performing time constraint
|
|
validation.</p>
|
|
</li>
|
|
<li>
|
|
<p>Improved handling unsynched mode when there is no replies from an NTP
|
|
server, such as when there are network connectivity issues.</p>
|
|
</li>
|
|
<li>
|
|
<p>To build OpenNTPD with time constraint support, libtls from LibreSSL
|
|
3.2.2 or later is recommended.</p>
|
|
</li>
|
|
</ul>
|
|
<hr>
|
|
</content>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/categories/openntpd/" term="OpenNTPD" label="OpenNTPD" />
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/openntpd/" term="OpenNTPD" label="OpenNTPD" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/6.8/" term="6.8" label="6.8" />
|
|
|
|
|
|
|
|
|
|
|
|
</entry>
|
|
|
|
<entry>
|
|
<title type="text">Syspatch : asn.1, exit (2020/12/08)</title>
|
|
<link rel="alternate" type="text/html" href="https://openbsd.fr.eu.org/posts/2020/12/09/syspatch-asn1-exit/" />
|
|
<id>https://openbsd.fr.eu.org/posts/2020/12/09/syspatch-asn1-exit/</id>
|
|
<updated>2020-12-24T15:26:33+01:00</updated>
|
|
<published>2020-12-09T12:51:50+01:00</published>
|
|
<author>
|
|
<name>OBSD4a</name>
|
|
<uri>https://openbsd.fr.eu.org/</uri>
|
|
<email>puffy@openbsd.fr.eu.org</email>
|
|
</author>
|
|
<rights>[CC 0](https://creativecommons.org/publicdomain/zero/1.0/deed.fr)</rights><summary type="html">Correctif OpenBSD: asn.1 & exit</summary>
|
|
|
|
<content type="html"><h2 id="correctif-de-sécurité-asn1">Correctif de Sécurité asn.1</h2>
|
|
<p>Concernant LibreSSL, <strong>une notation ASN.1 mal formée dans une liste de
|
|
révocation de certificat ou une réponse de timestamp peut amener vers un
|
|
pointeur de déréférencement NULL</strong></p>
|
|
<ul>
|
|
<li>le correctif affecte le noyau OpenBSD 6.7 et 6.8 et nécessite le redémarrage
|
|
de la machine</li>
|
|
</ul>
|
|
<h2 id="correctif-de-fiabilité-exit">Correctif de fiabilité exit</h2>
|
|
<p><strong>Lors d&rsquo;un processus de sortie, dans des programmes multithread un faux
|
|
code de sortie peut être reporté</strong>.</p>
|
|
<hr>
|
|
<p>Plus d&rsquo;informations sur les pages d&rsquo;Errata <a href="https://openbsd.org/errata68">6.8</a> et <a href="https://openbsd.org/errata67">6.7</a>… <br>
|
|
<em>et leurs versions FR respectives : <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata68">6.8 FR</a> et <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/errata67">6.7 FR</a>.</em></p>
|
|
<hr>
|
|
</content>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/categories/syspatch/" term="Syspatch" label="Syspatch" />
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/syspatch/" term="Syspatch" label="Syspatch" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/asn.1/" term="asn.1" label="asn.1" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/exit/" term="exit" label="exit" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/6.7/" term="6.7" label="6.7" />
|
|
|
|
|
|
|
|
|
|
|
|
<category scheme="https://openbsd.fr.eu.org/tags/6.8/" term="6.8" label="6.8" />
|
|
|
|
|
|
|
|
|
|
|
|
</entry>
|
|
|
|
</feed>
|