** Results of NetBSD's 2007 Fundraising Campaign
NetBSD is an open source operating system project that depends on

funding for its operation. A generous donation by Google has enabled

us to fund development in the area of symmetric multiprocessing (SMP),

and a fundraising drive was started to extend this activity. The goal

of $50,000US of the 2007 fundraising campaign was met thanks to a lot of

support from companies, users, and our community as a whole.
NetBSD is an open source project project run by volunteers, and

offers an operating system that scales well from embedded devices

via commodity PCs and appliances to modern server hardware. In order

to maintain project infrastructure and complete high profile tasks,

NetBSD has always depended on contributions from its corporate and

individual benefactors.
NetBSD had support for SMP since the NetBSD 2.0 release in 2004.

Currently, this support is changed to use fine grained kernel

locking. This will allow better overall CPU time utilization in

multiprocessor / multicore machines, which are becoming increasingly

popular. The work was made possible by a generous donation from

Google. Leslie Hawthorn, Program Manager Open Source from Google,

Inc. says:
  ``NetBSD is one of the earliest open source projects around, and

    working with NetBSD during several iterations of our Google Summer of

    Code program has been a great pleasure.''
Chris DiBona, Manager of the Open Source Programs office also from

Google, Inc. adds:
  ``At Google, we use a fair amount of open source and we look for

    opportunities to help important projects like NetBSD whenever we

    can, so when we had the chance to fund this development work, we

    jumped at the chance to do so. It is our hope that our example

    will encourage other companies to further their support of Open

    Source projects like NetBSD.''
After initial funding of the SMP project has been arranged, NetBSD

decided to raise funds to extend the ongoing projects, and fund

ad...
[ message continues ]

Hello,
On behalf of the NetBSD Release Engineering Team, it is my pleasure to

announce that the first release candidate for NetBSD 4.0 has been released.
Binaries and ISO's are available from:
ftp://ftp.netbsd.org/pub/NetBSD-daily/netbsd-4-0-RC1/200709011431Z/
Please view the following link for a complete list of changes/features:
ftp://ftp.netbsd.org/pub/NetBSD-daily/netbsd-4-0-RC1/200709011431Z/i386/...
If you want to build NetBSD 4.0_RC1 from source, cvs up your source

tree to "netbsd-4-0-RC1", or just along the "netbsd-4" branch.

Alternatively, you can download the source sets from the URL above,

under the source/ directory.
We expect to release a second release candidate in about two weeks.

Please help us test these release candidates as much as possible,

to make sure NetBSD 4.0 will be a solid release.
Thanks,
--

Liam J. Foy

liamjfoy@netbsd.org

http://bsdportal.org <- BSD News

Dear all,
The NetBSD rack at ISC is getting a new switch Jan 14 04:00 UTC to

about Jan 14 05:00 UTC; availability of services will be utter

coincidence during that time. The new switch will be capable of gigabit

ethernet on all ports, not just the uplink.
best regards,

	spz

--

spz@serpens.de (S.P.Zeidler)

[For a full list of chnages, please refer to the mail on the

current-users mailing list - agc]
Changes to the NetBSD Packages Collection in April 2003

=======================================================
By my calculations, at the end of April 2003, there were 3708 packages

in the NetBSD Packages Collection, up from 3637 the previous month, a

rise of 71.
Notable additions include:  balsa, beaver, blitz++, bogofilter,

chktex, coreutils, criticalmass, dbh, dfdisk, dinotrace-mode, erlang,

file, gaim-gtk1, gltron, gnet1, gnome, gnome-icon-theme, gnome-media,

gnome1-panel, gnome1-session, gnome2-applets, gnome2-games,

gnome2-utils, gst-plugins, gstreamer, gxine, ickle, iplog,

ircservices, libao-arts, libao-esound, liblive, licq-core,

licq-gui-console, licq-gui-qt, lua4, moz-bin-flash, moz-bin-plugger,

moz-mplayer, mozilla-bin, mtl, multitail, nautilus, netbsd-www,

nettest, ogmtools, openquicktime, opera, p5-Net-Server, pan-gnome,

PanoTools, perlsh, phoenix-bin, phoenix-bin-acroread,

phoenix-bin-flash, phoenix-bin-java, phoenix-bin-nightly,

phoenix-bin-realplayer, qadsl, realplayer-codecs, ruby-rexml,

silc-client-icb, smpeg-xmms, spamass-milter, startup-notification,

suse_freetype2, suse_libtiff, swfdec, tcpflow, ted-nl, vera-ttf,

whisker, wol, xine-lib, xine-ui, xlreader, xmms-osd, xosd, xvidcore,

and yasm.
Notable updates include:  abiword-personal, algae, amavis-perl,

ap-ssl, ap2-subversion, apache, apsfilter, arphic-ttf, arts,

baekmuk-ttf, balsa, bidwatcher, bins, bmake, buildtool, canuum,

cfengine2, cfengine2-doc, cgoban-java, coconut, coreutils, cpuflags,

createbuildlink, cross-i386-netbsdpe, curl, cvsync, cyberbase-ttf,

cyberbit-ttf, dbz-ttf, dialog, dnetc, dnstop, e2fsprogs, eb, eblook,

eclipse, eel2, eggdrop, elinks, emacs, emacs-nox11, etcupdate, euler,

evolution, exctags, fftw, flim, freetype2, frozen-bubble, g2, gaim,

galeon, geoslab703-ttf, gettext, ggv, ggv2, gimp-print, glade, glade2,

gnet, gnome-core, gnome-mime-data, gnome-session, gnome-utils,

gnome-vfs, gno...
[ message continues ]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1
For the fifth year in a row, the NetBSD Project has been selected as a

mentoring organization in Google's Summer of Code[1].  As in previous

years, this provides a great opportunity for students to get paid to

hack on NetBSD, learn about contributing to a major open source project

and to become part of an exciting community.
Students interested in applying should now start to outline their

project proposals and initiate contact with possible mentors and the

community at large.  A list of project suggestions is available at

http://www.NetBSD.org/contrib/soc-projects.html, though students may

also wish to review our general projects page[2].
Our NetBSD Project Application/Proposal HowTo[3] should be a good

resource to help students develop their best proposal and the answers to

those questions will help us to rank all applications.
[1] http://code.google.com/soc/

[2] http://www.NetBSD.org/contrib/projects.html

[3] http://www.NetBSD.org/contrib/soc-application.html
-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.9 (NetBSD)
iD8DBQFJxaGlfFtkr68iakwRAuSqAKCWu/qfV2mlXKUvYrrsxKBiLQologCfdamd

HIXmkXL17Gjkkir0X5PfVCo=

=qKvN

-----END PGP SIGNATURE-----

Hi all,
ftp.NetBSD.org is having trouble with its hardware RAID.

We are aware that it's not available and are working on it.

In the meantime, please refer to mirrors where available.
regards,

	spz

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1
NetBSD logo design competition
The NetBSD Project is an international collaborative effort of a

large group of diverse people to produce a freely available, and

redistributable UNIX-like operating system.
NetBSD is a trademark of the NetBSD Foundation, Inc., which is a

non-profit corporation which whose primary goal is to promote

the development of the NetBSD operating system and related software.
The NetBSD Foundation is retiring the existing NetBSD daemon identity

and is adopting a new logo.  To that end we are launching an

international competition for the creation of a new logo.
We extend an invitation to all interested parties to submit design(s)

for consideration.  This is an open competition, to be judged by

the Board of Directors of the NetBSD Foundation and selected other

people.
There is a cash prize of $ 100.00 (one hundred US dollars) for the

winning entry.  The successful logo will also have wide exposure,

featuring in all NetBSD material including, but not limited to;

the NetBSD.org web site, software media, apparel, and business

systems.
The competition will close on February 29, 2004.

The rules of the competition, submission information and the

design brief are included in this document.
Please forward all designs and contact details via email to:

	<communication-exec@NetBSD.org>
We look forward with interest to receiving all proposals.
Thanks and kind regards,

Luke Mewburn <lukem@NetBSD.org>, on behalf of

The Board of Directors of The NetBSD Foundation <board@NetBSD.org>.

http://www.NetBSD.org/
_____________________
Design Brief
NetBSD's current image can be viewed here:

	http://www.NetBSD.org/

	http://www.NetBSD.org/images/NetBSD.jpg
The following problems have been identified with the current identity:

    *	Too complicated.

    *	Hard to reproduce.

    *	Has negative cultural, and religious ramifications.
Some suggested themes for the new identity include:

  ...
[ message continues ]

The NetBSD Foundation has selected an official logo for identifying

NetBSD. Over 400 logos were submitted by 238 artists for a NetBSD

logo contest. The winning logo was submitted by Grant Bissett, a

new media designer from Perth, Western Australia.
Members of the NetBSD Foundation voted for the new logo from a

short-list of six submitted designs selected by the logo committee.

Characteristics important for the new logo were simplicity, appealing

form and color choice, and identification with the project.
This is the second major milestone this year for creating a new,

recognizable, and differentiated NetBSD identity after registering

the NetBSD trademark in April 2004, said Scott Reynolds, a former

director of the Foundation.
The new logo, which features a flag, is used on the NetBSD.org

website and will be used for software media, apparel, advertisements,

promotional materials, and the NetBSD Foundation literature.
NetBSD is a free, secure, and highly portable Unix-like open source

operating system available for many hardware platforms, from 64-bit

Opteron machines and desktop systems to handheld and embedded

devices. Its clean design and advanced features make NetBSD excellent

in both production and research environments, and it is user-supported

with complete source. Many applications are easily available through

the NetBSD Packages Collection. More information about NetBSD is

available via http://www.NetBSD.org/.
    Jeremy C. Reed

                        ``Of course it runs NetBSD.''

                            http://www.NetBSD.org/

[For the full monthly mail, please refer to the tech-pkg mailing list

- agc]
Summary of Changes to the Packages Collection in November 2004

==============================================================
By my calculations, at the end of November 2004, there were 5190

packages in the NetBSD Packages Collection, up from 5083 the previous

month, a rise of 107.
November was a full month, with a lot of pkgsrc developers very busy

importing and updating packages.  Some of this concentration may have

been due to the impending freeze on new functionality in pkgsrc, which

will start on December 6th and last for a maximum of 14 days.  At the

end the old pkgsrc-2004Q3 branch will be deprecated, and the new

pkgsrc-2004Q4 branch will be cut.
Notable additions include:  aliados, bacula, bmon,

browser-bookmarks-menu, celestia-gtk, cinepaint, clearsilver-base,

csound4, dasm, fontforge, gentle, gimp-warp-sharp, gld, gpsim,

gpsim-oscilloscope, gpsim-ptyusart, gqmpeg-devel, gtl0, ipsec-tools,

jpegpixi, kapooka, leafpad, libextractor, libvisual, libvisual-bmp,

libvisual-gforce, libvisual-nebulus, libvisual-plugins,

libvisual-xmms, malint, mantis, mftrace, mkcmd,

mplayer-plugin-firefox, mplayer-plugin-firefox-gtk2,

mplayer-plugin-mozilla, mplayer-plugin-mozilla-gtk2, numlockx,

open2300, open2300-mysql, openvpn-current, p5-Apache-AuthCookie,

p5-Apache-Session-Wrapper, p5-Cache-Simple-TimedExpiry, p5-Chart,

p5-Chart-ThreeD, p5-chkjis, p5-Class-DBI, p5-Class-Inner,

p5-Class-WhiteHole, p5-Crypt-RandPasswd, p5-DBIx-ContextualFetch,

p5-Digest-SHA, p5-File-Type, p5-Ima-DBI, p5-IO-LockedFile,

p5-Lingua-EN-Inflect, p5-Log-LogLite,

p5-MasonX-Request-WithApacheSession, p5-Math-FFT, p5-Module-CoreList,

p5-Module-ScanDeps, p5-Module-Signature, p5-Net-XWhois, p5-PAR-Dist,

p5-PatchReader, p5-PerlIO-eol, p5-SNMP-MIB-Compiler,

p5-Text-Tabs+Wrap, p5-Unicode-Map8, p5-UNIVERSAL-moniker, p5-Want,

p5-XML-Encoding, p5-XML-Filter-BufferText, p5-XML-Filter-DetectWS,

p5-XML-Filter-Reindent, p5-XML-Filter-SAXT, p5-XML-U...
[ message continues ]

The NetBSD Project is pleased to announce that update 2.0.2 of the NetBSD

operating system is now available.
About NetBSD 2.0.2

------------------
NetBSD 2.0.2 is the second security/critical update of the NetBSD 2.0 release

branch. This represents a selected subset of fixes deemed critical in nature

for stability or security reasons. 
This is also the first binary security/critical update since NetBSD

2.0.  NetBSD 2.0.1 was tagged within the CVS repository, and is

available from there as a source update, but its full binary release

was preempted by patches incorporated into 2.0.2 and build hardware

issues.
All fixes in security/critical updates (ie, NetBSD 2.0.1, 2.0.2, etc)

are cumulative, so the latest update contains all such fixes since the

corresponding minor release.  These fixes will also appear in future

minor releases (ie, NetBSD 2.1, 2.2, etc), together with other

less-critical fixes and feature enhancements.
Complete source and binaries for NetBSD 2.0.2 are available for download at

many sites around the world. A list of download sites providing FTP, AnonCVS,

SUP, and other services is provided at the end of this announcement; the

latest list of available download sites may also be found at:
http://www.NetBSD.org/mirrors/
We encourage users who wish to install via a CD-ROM ISO image to

download via BitTorrent by using the torrent files supplied in the ISO image

area. BitTorrent has recently been added to the list of distribution

mechanisms and its use is strongly encouraged to help keep bandwidth available.
About NetBSD

------------
The NetBSD operating system is a full-featured, open source, UNIX-like

operating system descended from the Berkeley Networking Release 2 (Net/2),

4.4BSD-Lite, and 4.4BSD-Lite2. NetBSD runs on 54 different system

architectures featuring 17 machine architectures across 17 distinct CPU

families, and is being ported to more. The NetBSD 2.0.2 release contains

complete binary releases for 48 different machin...
[ message continues ]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1
Hi,
Just to let everyone know there have been some further updates to BIND

in the NetBSD CVS trees in order to address performance issues with the

initial fixes to address CVE-2008-1447.  All the updates have been

documented in NetBSD Security Advisory 2008-009 which is available at:
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.tx...
On behalf of security-officer@NetBSD.org,
adrian.
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAki7EXIACgkQLc2rR0mnFJ+fuwCg+4E5igu7txRdVNLYPWH+3+Q1

CfoAoLUOIfPmKVJBV/hFX+vRm/OPBK4t

=4hRD

-----END PGP SIGNATURE-----

I have made a nice contribution from BSD-Systems.co.uk. Hope this helps!

Could you also keep us up-to-date with the fund-raising efforts as they continue?
Thanks,

--

		- Liam J. Foy

		liamfoy@sepulcrum.org

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1
NetBSD Quarterly Status Report
NetBSD is an actively developed operating system. With fifty four

different system architectures in total and binary support of over 48

architectures in our last official release (NetBSD 2.0.2), our widely

portable Packages Collection "pkgsrc" and large userbase there is a lot

going on within the project. In order to allow our users to follow the

most important changes over the last few months, we provide a brief

summary in these official status reports on a regular basis. These

status reports are suitable for reproduction and publication in part or

in whole as long as the source is clearly indicated.
- -Jan Schaumann <jschauma@NetBSD.org>
April - June 2005:
Administrative:

	- NetBSD 3.0 branched [20050316]

	- NetBSD 2.0.2 released [20050414]

	- Daily snapshots restarted [20050502]

	- New Developers [20050701]
Miscellaneous:

	- NetBSD CVS Digest [20050405]

	- NetBSD in Google's Summer of Code [20050601]

	- NetBSD calls for donations [20050614]
pkgsrc:

	- pkgsrcCon '05 a success [20050508]

	- Sun Hardware Donation for pkgsrc work [20050509]

	- Changes to the Packages Collection in March [20050509]

	- New tools framework [20050513]

	- Cross-building pkgsrc [20050607]

	- New pkgsrc-2005Q2 branch [20050622]

	- Binary packages for 2005Q2 [20050701]
Ports:

	- evbarm: Support for Arcom Viper board committed [20050606]

	- hp700: boot-from-disk / installation tools [20050518]

	- sparc64: X support complete [20050606]
Security:

	- ipf 4.1.8 imported [20050404]

	- ipsec-tools included with NetBSD [20050404]
Technical:

	- Verified Exec update [20050420]

	- PAM Documentation [20050421]

	- Live disk backup [20050428]

	- ath/net80211 imported [20050609]

	- Magic Symlinks [20050625]
Administrative:

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
NetBSD 3.0 branched [20050316]

- ------------------------------
The NetBSD Release Engineering team has created the netbsd-3 br...
[ message continues ]

Hello,
on behalf of NetBSD's release engineering team I would like to provide

you with an update on our current estimated timelines for the NetBSD 3.0

release. The release had to be postponed because of necessary security

fixes and the following problem reports which are potential showstoppers:
- port-macppc/30410: GENERIC kernel crashes with MCHK trap on some G4 systems

- port-sparc/30629: userland crashes under sparc
The revised release schedule looks like this:
12 of November 2005:

- Release of NetBSD 3.0 Release Candidate 1
19 of November 2005:

- Release of NetBSD 3.0 Release Candidate 2 or NetBSD 3.0
26 of November 2005:

- Release of NetBSD 3.0 Release Candidate 3 or NetBSD 3.0
Please note that these dates are estimates and subject to change

slightly as the actual release occurs.
	Kind regards

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1
		 NetBSD Security Advisory 2009-009

		 =================================
Topic:		OpenSSL DTLS Memory Exhaustion and DSA signature

		verification vulnerabilities
Version:	NetBSD-current:		affected prior to 2009-07-04

		NetBSD 5.0:		affected

		NetBSD 4.0.*:		affected

		NetBSD 4.0:		affected

		pkgsrc:			openssl package prior to 0.9.8j
Severity:	Denial of Service, DSA signature spoofing
Fixed:		NetBSD-current:		July 4, 2009

		NetBSD-5-0 branch:	July 4, 2009 (NetBSD 5.0.1 will include the fix)

		NetBSD-5 branch:	July 4, 2009 (NetBSD 5.1 will include the fix)

		NetBSD-4-0 branch:	July 4, 2009 (NetBSD 4.0.2 will include the fix)

		NetBSD-4 branch:	July 4, 2009 (NetBSD 4.1 will include the fix)

		pkgsrc 2009Q1:		openssl-0.9.8j corrects this issue
Please note that NetBSD releases prior to 4.0 are no longer supported.

It is recommended that all users upgrade to a supported release.
Abstract

========
Two range check errors in the DTLS code allow a remote attacker

to exhaust memory by executing too many out of sequence handshakes

or by sending DTLS packets with a future epoch.
A mistake in handling return codes allows a remote attacker to spoof

DSA signatures on data or certificates.
These vulnerabilities have been assigned CVE-2009-1377, CVE-2009-1378,

CVE-2009-1379, CVE-2009-1386 and CVE-2009-1387.
Technical Details

=================
The OpenSSL library does not limit the number of buffered DTLS records

tagged with a future epoch. If a large amount of such packages is

received, the DTLS records will occupy large amounts of memory, causing

exhaustion. Also, no limit is imposed on the number of out-of-sequence

handshake messages received, which can also be used to exhaust all

available memory.
A different error is caused by the functions validating DSA and ECDSA

keys. These functions do not handle the return code of

EVP_VerifyFinal() properly, causing some types of signature verification

errors to be ignored...
[ message continues ]

cvsweb.netbsd.org is down on this weekend.
	start time:	Feb 18 (Sat), 15:00 GMT

	end time:	Feb 19 (Sun), 20:00 GMT
This is because of a power cut for a regular inspection.

Please use one of the following mirrors instead:
	cvsweb.de.netbsd.org

	cvsweb2.jp.netbsd.org

	cvsweb.no.netbsd.org
Sorry for the inconvenience.

--

soda

Return-Path: <owner-netbsd-announce@netbsd.org>

X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on andgasm.beer.org

X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham

	version=3.1.0

X-Spam-Level:

X-Original-To: netbsd-announce@NetBSD.org

Received: from stindustries.net (abe.stindustries.net [216.32.89.252])

	by mail.netbsd.org (Postfix) with ESMTP id 66FAB63B260

	for <netbsd-announce@NetBSD.org>; Thu, 30 Mar 2006 01:28:54 +0000 (UTC)

Received: from homer.stindustries.net (localhost [127.0.0.1])

	by stindustries.net (8.13.5/8.13.5) with ESMTP id k2U1SrlM006681

	for <netbsd-announce@NetBSD.org>; Thu, 30 Mar 2006 02:28:53 +0100 (BST)

Received: (from adrianp@localhost)

	by homer.stindustries.net (8.13.5/8.13.5/Submit) id k2U1Srfn016254

	for netbsd-announce@NetBSD.org; Thu, 30 Mar 2006 02:28:53 +0100 (BST)

Date: Thu, 30 Mar 2006 02:28:53 +0100

From: NetBSD Security-Officer <security-officer@NetBSD.org>

To: netbsd-announce@NetBSD.org

Subject: NetBSD Security Advisory 2006-003: Multiple denial of services issues with racoon

Message-ID: <20060330012853.GA18638@homer.stindustries.net>

Reply-To: NetBSD Security Officer <security-officer@NetBSD.org>

Mime-Version: 1.0

Content-Type: text/plain; charset=us-ascii

Content-Disposition: inline

User-Agent: Mutt/1.4.2.1i

Organisation: The NetBSD Foundation, Inc.
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1
		 NetBSD Security Advisory 2006-003

		 =================================
Topic:		Multiple denial of services issues with racoon
Version:	NetBSD-current:	source prior to November 21, 2005

		NetBSD 3.0:	not affected

		NetBSD 2.1:	affected

		NetBSD 2.0.*:	affected

		NetBSD 2.0:	affected

		NetBSD 1.6.*:	affected

		NetBSD 1.6:	affected

		pkgsrc:		ipsec-tools packages prior to 0.6.3
Severity:	Denial of service, in some cases anonymously
Fixed:		NetBSD-current:		November 21, 2005

		NetBSD-2-1 branch: 	January 19, 2006

						(2.1.1 will include the fix)

		NetBSD-...
[ message continues ]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1
		 NetBSD Security Advisory 2006-009

		 =================================
Topic:		False detection of Intel hardware RNG
Version:	NetBSD-current:	source prior to February 19, 2006

		NetBSD 3.0:	affected

		NetBSD 2.1:	affected

		NetBSD 2.0.*:	affected

		NetBSD 2.0:	affected

		NetBSD 1.6.*:	affected

		NetBSD 1.6:	affected
Severity:	A constant stream is feed into the entropy pool
Fixed:		NetBSD-current:		February 19, 2006

		NetBSD-3-0 branch:	February 26, 2006

						(3.0.1 will include the fix)

		NetBSD-3   branch:	February 26, 2006

		NetBSD-2-1 branch:	February 26, 2006

						(2.1.1 will include the fix)

		NetBSD-2-0 branch:	February 26, 2006

						(2.0.4 will include the fix)

		NetBSD-2   branch:	February 26, 2006

		NetBSD-1-6 branch:	February 26, 2006
Abstract

========
The driver for Intel's random number generator may incorrectly detect the

presence of the device on some hardware.  This can lead to the driver

feeding a constant stream into the entropy pool.
Technical Details

=================
When Intel introduced the i8xx motherboard chipsets for x86 CPUs they also

released the 82802 chip called the "firmware hub". One of the features

provided by this chip is a hardware random number generator.
The NetBSD kernel provides a driver which uses this hardware random number

generator to collect entropy for the kernel random number generator, rnd(4).

This kernel random number generator is, among other things, used to provide

random input to applications which need to create cryptographic keys, e.g.

the SSH daemon or GnuPG.
However, some later Intel chipsets incorrectly report the presence of the

hardware RNG device, and the NetBSD driver unfortunately incorrectly

detected the chip in systems which didn't really have one. When this

happened a constant stream of bytes with the value 255 was fed into the

kernel random number generator.
Users relying on a falsely-attached 82802 chip as the sole randomness sou...
[ message continues ]

NetBSD/mac68k has now switched to using ELF for its default

object file format.
An ELF snapshot is available in:
ftp://ftp.netbsd.org/pub/NetBSD/arch/mac68k/binary/
Upgrade instructions to ELF are also available:
ftp://ftp.netbsd.org/pub/NetBSD/arch/mac68k/elf-upgrade/README.ELF-UPGRADE
Please read above the document in detail, and if you find any problems,

please report them using send-pr(1).
Enjoy,
Takeshi Shibagaki

ie9t-sbgk@asahi-net.or.jp

-----BEGIN PGP SIGNED MESSAGE-----
		 NetBSD Security Advisory 2002-005

		 =================================
Topic:		OpenSSH protocol version 2 challenge-response authentication

		vulnerability
Version:	NetBSD-current:	prior to May 14, 2002

		NetBSD-1.6_BETAx: affected

		NetBSD-1.5.2:	affected

		NetBSD-1.5.1:	affected

		NetBSD-1.5:	affected

		NetBSD-1.4.*:	not affected (does not ship with OpenSSH)

		pkgsrc:		packages prior to openssh-3.3.0.1
Severity:	high, remote root compromise
Workaround:	NetBSD-current:		May 14, 2002

		NetBSD-1.6 branch:	partial by default (priv sep)

		NetBSD-1.5 branch:	instructions below, OpenSSH 3 and later

		pkgsrc:			June 25, 2002 (with openssh-3.3.0.1)
Fixed:		NetBSD-current:		June 26, 2002 (OpenSSH 3.4)

		NetBSD-1.6 branch:	June 26, 2002 (OpenSSH 3.4)

		NetBSD-1.5 branch:	June 26, 2002 (patch on advisory)

		pkgsrc:			June 26, 2002 (with openssh-3.4.0.1)
		Version string "NetBSD_Secure_Shell-20020626" will identify

		that the fix is in place.
Abstract

========
OpenSSH has a vulnerability in protocol version 2 challenge-response

authentication.  OpenSSH 3.4 must be installed to completely overcome the

problem.
Technical Details

=================
Vulnerability itself:

http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20584

http://openssh.org/txt/iss.adv

http://openssh.org/txt/preauth.adv
CERT CA-2002-18

http://www.cert.org/advisories/CA-2002-18.html

http://www.kb.cert.org/vuls/id/369347
Solutions and Workarounds

=========================
Some workarounds are available, which may somewhat mitigate the risk:
 - Turn off challenge-response authentication by having the following

   in sshd_config:

	ChallengeResponseAuthentication no
   On some systems, the following option is also required together

   with the above. It is not relevant for NetBSD.

	PAMAuthenticationViaKbdInt no
   Note that turning these features off will disable SSH logins via

   S/Key (OTP) authentication.  Compiling Ope...
[ message continues ]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1
		 NetBSD Security Advisory 2006-015

		 =================================
Topic:		FPU Information leak on i386/amd64/Xen platforms with AMD CPUs
Version:	NetBSD-current:	source prior to April 19, 2006

		NetBSD 3.0:	affected

		NetBSD 2.1:     affected

		NetBSD 2.0.*:   affected

		NetBSD 2.0:     affected
Severity:	Information leakage between local processes
Fixed:		NetBSD-current:		April 19, 2006

		NetBSD-3-0 branch:	May 12, 2006

						(3.0.1 will include the fix)

		NetBSD-3   branch:	May 12, 2006

		NetBSD-2-1 branch:      May 12, 2006

						(2.1.1 will include the fix)

		NetBSD-2-0 branch:      May 12, 2006

						(2.0.4 will include the fix)

		NetBSD-2 branch:        May 12, 2006
Abstract

========
Due to the documented behavior of AMD processors when running amd64, i386

and Xen NetBSD kernels, processors using floating point operations can leak

information.  This may allow a local attacker to gain sensitive privileged

information.
This vulnerability has been assigned CVE reference CVE-2006-1056.
Technical Details

=================
The FXRSTOR/FXSAVE instructions on AMD processors do not restore/save the

x87 pointer registers (FOP, FIP and FDP) unless the exception summary (ES)

bit is set to 1.  This potentially allows one process to discover the

stream of floating point instructions in other local processes using FPU

exceptions.
Solutions and Workarounds

=========================
There are no known workarounds for this issue but it only applies to i386,

amd64 and Xen NetBSD kernels when using certain AMD processors.
AMD processors known to be impacted by this issue are 7th generation (e.g.

AMD Athlon, AMD Duron, AMD Athlon MP, AMD Athlon XP, and AMD Sempron) and

8th generation (e.g. AMD Athlon64, AMD Athlon64 FX, AMD Opteron, AMD Turion,

and AMD Sempron).
For all NetBSD versions, you need to obtain fixed kernel sources,

rebuild and install the new kernel, and reboot the system.
The fixed ...
[ message continues ]

Hi,=20
the NetBSD Release Engineering team is  planning to roll out the NetBSD 3.1

release in a few weeks.   Prior to the final release, we are planning a few

release candidates  for the community  to test.  Bugs that  are found  (and

fixed) in release candidates  will not be present in the final 3.1 release,

so your partiticipation in testing and reporting bugs  is much appreciated.=

 =20
We're  planning to  release a first release candidate  (NetBSD 3.1_RC1)  on

August 21, followed by a second release candidate (3.1_RC2) on September 4.

If no significant  problems arise,  we plan to release  NetBSD 3.1 final on

September 18, otherwise another release candidate will follow, delaying the

release another two weeks. =20
The branch leading to  the 3.1 release candidates  and the final release is

"netbsd-3",  so if you'd like to test snapshots on this branch, you can use

"cvs -q up -dP -r netbsd-3"  to update your source tree  along this branch.

Alternatively,  you can download binary snapshots  from our FTP repository:

ftp://ftp.netbsd.org/pub/NetBSD-daily/netbsd-3/
Thanks a lot for your participation in making NetBSD 3.1 a good release! =

=20
	The NetBSD Release Engineering team

* Inviting students to NetBSD and Google's Summer of Code
Google is doing another round of their Summer of Code project, where the idea

is to attract students to write code for Open Source projects during the

summer, instead of having them flip burgers. For the fourth time, the NetBSD

project has been selected as mentoring organization in the Summer of Code

project!
Prospective students that are interested in pursuing projects for NetBSD

are welcome to start thinking about what projects they'd like to do, and

discuss things on our public mailing lists. We have lists of suggest GSoC

projects and (harder!) general projects which can serve as inspiration:
 	http://www.netbsd.org/contrib/soc-projects.html

 	http://www.netbsd.org/contrib/projects.html
Also, please see our NetBSD Project Application/Proposal HowTo for information

that we'd like to see answered in the eventual project proposals sent to

Google:
 	http://www.netbsd.org/contrib/soc-application.html
This information helps us to rank the project proposals we'll get, and to put

your project on the best spot! If you have any questions, please contact

NetBSD's team of Summer of Code administrators at

communication-exec@NetBSD.org.
  - Hubert Feyrer

    The NetBSD Project

Summary of Changes to the NetBSD Packages Collection in November 2002

=====================================================================
[For a full listing of changes, please refer to the mail in the

current-users archive - agc]
By my calculations, at the end of November 2002, there were 3327

packages in the NetBSD Packages Collection, up from 3269 the previous

month, a rise of 58.
Notable additions to the packages collection include:  9e, aap, aegis,

ami, bib2xml, bsetroot, btparse, bug-buddy, emacs-dict-client, eog,

gal2, gbib, gcalctool, gconf-editor, gedit, ggv, gnome-panel,

gnome2-libole2, gtoolkit, gtoolkit-examples, gturing, hackbot, hnb,

i2cb, i2cbd, ispell-russian, lgeneral, lgeneral-data, libcomprex,

libgtop2, lmclock, makeself, mozilla-linux, mudsh, netbsd32_compat16,

openbox, pdksh, pkgdepgraph, py-kqueue, rmail-mime, splint, sysbuild,

tdb, vcdimager-devel, whiteBOX, wonka, xpdf-hebrew,

zope25-AbracadabraObject, zope25-Calendar, zope25-CMFPlone,

zope25-colorz, zope25-FileSystemSite, zope25-MetaPublisher,

zope25-Photo, zope25-PropertyFolder, zope25-PropertyObject,

zope25-ZMySQLDA, zope25-ZWeather
Notable updates include:  aalib-x11, adzap, anjuta, ap-gzip, ap-ssl,

apache, apache6, arla, arts, audacity, autoconf, automake, bidwatcher,

bind4, bins, bmf, bonobo-activation, bozohttpd, cdrdao,

cdrecord-devel, check, cpuflags, createbuildlink, cups, curl,

cyrus-sasl, dctc, dc_gui, ddskk, dict-client, dict-server, dinotrace,

doxygen, evolution, fileutils, findutils, freetds, frotz, fvwm2,

galeon, gap, gauche, gcc-ssp, gcdmaster, gdcd, gerbv, gftp,

gimp-print, glchess, glib2, gmake, gmplayer, gnet, gnome-vfs2,

gnumeric, gnupg, gnuplot, gnustep-back, gnustep-gui, gpgme, grepmail,

gtexinfo, gtk-gnutella, gtk2, guspatches, gv, hdf5, imap-uw, ipa,

jikes, joos, kakasi, kdbg, kde, kdeaddons, kdeadmin, kdeartwork,

kdebase, kdeedu, kdegames, kdegraphics, kdelibdocs, kdelibs,

kdemultimedia, kdenetwork, kdepim, kdesdk, kdetoys, kdeutils,

kdevelop, kdevelop-base, ketm, kile, ko...
[ message continues ]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1
NetBSD "Quarterly" Status Report
NetBSD is an actively developed operating system. With 54 different syste=

m

architectures in total and binary support of 53 architectures in our last

official release (NetBSD 3.1), our widely portable Packages Collection

"pkgsrc" and large userbase there is a lot going on within the project. I=

n

order to allow our users to follow the most important changes over the

last few months, we provide a brief summary in these official status

reports, released with irregular regularity.  These reports are suitable

for reproduction and publication in part or in whole as long as the sourc=

e

is clearly indicated.
This status report summarizes the changes within NetBSD from January 2007

until June 2007.
- -Jan Schaumann <jschauma@NetBSD.org>
January 2007 - June 2007:
Administrative:

	- New build cluster hosted at WWU [20070302]

	- New Developers [20070501]
Miscellaneous:

	- Docathon [20070406]

	- mklivecd update [20070411]=20

	- linux plugins in native browser [20070406]

	- Google Summer of Code

	- NetBSD on the road
pkgsrc:

	- pkgsrc-2007Q1 has been branched [20070419]

	- pkgsrcCon 2007 [20070427]
Ports:

	- evbmips: Netgear WGT624 v3 netbooting support added [20070320]

	- i386: Microsoft Xbox support added [20070107]

	- powerpc: OEA PowerPC cleanup [20070502]

	- macppc: AOAKeylargo and AOAK2 audio support added
Security:

	- Security advisories
Technical:

	- uGuru hardware system monitor support added [20070121]

	- Daylight Saving Time Changes come and go [20070227]

	- IPv6 Fast Forward integrated [20070307]

	- aiboost(4) added [20070320]

	- Direct Rendering Manager imported into -current [20070401]

	- yamt-idlelwp branch merged [20070517]

	- wide-curses support added [20070529]

	- On Demand Clock Modulation added

	- Branch updates
Administrative:

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
New build cluster hosted at WWU [20070302]

- ------------------------...
[ message continues ]

Dear all,
just in case somebody has actual IPv6 addresses in use somewhere

instead of DNS names:
The IPv6 prefix for the NetBSD servers at ISC renumbers from

2001:4f8:4:7::/64 to 2001:4f8:3:7::/64.
best regards,

	spz

--

spz@serpens.de (S.P.Zeidler)

* NetBSD hires Andrew Doran for full-time SMP development
The NetBSD Foundation announces that it has hired Andrew Doran to work

full-time on improving symmetrical multi-processing (SMP) in NetBSD. This

work is made possible through a generous donation by Force10 Networks and

internal funding by The NetBSD Foundation.
Andrew Doran is an independent, Dublin based Unix systems consultant with

special interest in building scalable systems. He has been a NetBSD

developer since 1999 and is currently working on the transition from a

big-lock SMP implementation to a fine-grained model, which allows multiple

CPUs to execute code in kernel context simultaneously. Hiring Andrew

full-time will boost work in this area, with the final result of a SMP

implementation that is ready for tomorrow's multi-core-CPUs.
Force10 Networks is a pioneer in building and securing reliable networks.

The Force10 TeraScale E-Series family of switch/routers and the recently

introduced C300 resilient switch rely on the NetBSD-based FTOS to deliver

the reliability, network control and scalability required to build

application ready networks.
The funding will be for two months initially, and The NetBSD Foundation

would like to extend this period. As a non-profit organization with no

fixed financial backing, this is not possible without donations from

individuals and companies. To realize our plans, $10k would be needed

short term, with a goal of raising $15k or more eventually.
If you would like to donate to the ongoing effort of keeping NetBSD the

most portable Open Source operating system, please consider supporting us!

Donations via Paypal can be sent to <paypal@NetBSD.org>, or visit our

donations page at <http://www.NetBSD.org/donations/> for more details.

Donations are tax deductible in the United States.
More information about the NetBSD operating system is available at

<http://www.NetBSD.org>, information about The NetBSD Foundation is at

<http://www.Net...
[ message continues ]

Dear all,
ftp is back up, many thanks to everybody who helped in fixing its RAID

trouble.
Special thanks go to ISC who loaned us space on a fast local NFS server,

which made the outage a much shorter experience.
FTP is now running:

NetBSD babylon5.netbsd.org 4.99.67 NetBSD 4.99.67 (NBFTP.PF)

which is a kernel with WAPBL (and we use WAPBL on a few filesystems that

will profit from it).
Expect this to be a bumpier ride than it was the months with 4.0; if it

doesn't crash we'll be rebooting for a new kernel about weekly anyway.

In exchange, we will be getting a better 5.0. :)
best regards,

	spz
PS: For the curious: a disk failed, and the RAID rebuild failed

in a quite unfortunate manner, probably due to the replacement disk

being a few blocks smaller than the other disks plus somewhat buggy old

firmware on the controller, and a software tool that didn't expect the

buggyness. / got shredded - we have backups, no data loss - and we had

to move everything off for the RAID to be remade, and on again.

Hi,
on behalf of the NetBSD Release Engineering Team, it is my pleasure to

announce that the second release candidate for NetBSD 3.1 has been

released.  Binaries and ISO's are available from:
ftp://ftp.netbsd.org/pub/NetBSD-daily/netbsd-3-1-RC2/200609031430Z/
If you want to build NetBSD 3.1_RC2 from source, cvs up your source

tree to the "netbsd-3-1-RC2" tag, or just along the "netbsd-3" branch.

Alternatively, you can download the source sets from the URL above,

under the source/ directory.
Improvements over the first release candidate include:

+ fixed the build of NetBSD-vax

+ fixed a buffer overflow in PPPoE/ISDN PPP (SA2006-019)

+ closed a socket leach in accept(2)

+ removed references to sushi(8) from the afterboot(8) manpage

+ fixed an integer overflow in FreeType

+ disabled threading in named(8) to avoid a crash on sparc and sparc64

+ fixed a potential DoS vulnerability in sendmail(8)

+ fixed some special case expansions in sh(1)

+ fixed the output of the "show mount" command in ddb(4)
An overview of major changes since the NetBSD 3.0 release can be found

in the INSTALL.* documents in each architecture's download directory.

A detailed list of all changes can be found in the CHANGES-3.1 file.
Due to some remaining issues, we will need to release a third release

candidate prior to the final 3.1 release.  NetBSD 3.1_RC3 is expected

to be released in two weeks, on September 18, hopefully to be followed

by the NetBSD 3.1 release again two weeks later, on Octobter 2.
Thanks for your patience and your help for making NetBSD 3.1 a strong

release!
	Geert

Hi,
on behalf of the NetBSD Release Engineering Team, it is my pleasure to

announce that the first release candidate for NetBSD 3.1 has been released.

Binaries and ISO's are available from:
ftp://ftp.netbsd.org/pub/NetBSD-daily/netbsd-3-1-RC1/200608202102Z/
NetBSD 3.1 is a feature update for NetBSD 3.0, and features domU support

for Xen3, massive LFS stability improvements, and lots of other, smaller

improvements, additions, and bug fixes.
If you want to build NetBSD 3.1_RC1 from source, cvs up your source

tree to "netbsd-3-1-RC1", or just along the "netbsd-3" branch.

Alternatively, you can download the source sets from the URL above,

under the source/ directory.
NetBSD 3.1_RC2 is expected to be released in two weeks, and will have

fixed the build for NetBSD-vax.
	Geert