Recently I had the privilege of publishing an eight part series of articles summarizing the recent Network Hackathon in Ito, Japan (n2k8) written by Mark Uemura (mtu@) with pictures from Tomoyuki Sakurai (sakurai@):

I was honored that Mark chose to send the articles to me to publish. It was truly a pleasure to work with Mark and share these summaries with the OpenBSD Journal audience.

Announcing YAIFO 4.3!

For the yaifo release accompanying OpenBSD 4.3, I decided to match OpenBSD’s version number. From this point forward, only one version of yaifo will be active. I will not backport updates for older versions of OpenBSD… who is “upgrading” to older versions anyway? So the current OpenBSD release and some recent version of -current will be supported.

You can download Yaifo 4.3 from SourceForge.

I’ve updated my binpatch page to include binpatches for OpenBSD 4.3 (i386 and amd64 only, right now).

I will continue for a while to create binpatches for both 4.2 and 4.3 until it becomes too much work.
At some point soon, I’ll start supporting sparc64 4.3 binpatches.

The OpenBSD team released an OpenBSD 4.2 Errata entry for OpenSSH: 011_openssh2.

It is a SECURITY fix. The description is:

Avoid possible hijacking of X11-forwarded connections with sshd(8) by refusing to listen on a port unless all address families bind successfully.

I’ve made binpatches for i386, amd64 and sparc64.

The OpenBSD team released Errata entries 009_ppp and 010_openssh for OpenBSD 4.2.

Both are SECURITY fixes.

For 009_ppp, the description is:

Buffer overflow in ppp command prompt parsing.

For 010_openssh, the description is:

sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) ForceCommand directive was in effect, allowing users with write access to this file to execute arbitrary commands. This behaviour was documented, but was an unsafe default and an extra hassle for administrators.

I’ve made binpatches for i386, amd64 and sparc64.