BSDCan is pleased to announce the first Canadian BSD conference. It

will be held May 13-16, 2004 in Ottawa, Canada.
BSDCan would like to invite everyone interested in BSD to submit

papers. For details, please see http://www.bsdcan.org/papers.php. 
We plan to keep costs to a minimum. As such, the conference will be

held at University of Ottawa and accommodation is available within

the University residences. Hotels are also within close walking

distance of the conference venue. 
The conference venue is within walking distance of the Byward Market,

a great section of town for bars and pubs. This will be a popular

meeting area for the BOFs. 
Attendees should find Ottawa cheaper than most other conference

venues with many things to do and see away from the conference.

--

Dan Langille : http://www.langille.org/

OpenSSH 3.8 has just been released. It will be available from the

mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0

implementation and includes sftp client and server support.
We would like to thank the OpenSSH community for their continued

support to the project, especially those who contributed source and

bought T-shirts or posters.
We have a new design of T-shirt available, more info on

        http://www.openbsd.org/tshirts.html#18
For international orders use http://https.openbsd.org/cgi-bin/order

and for European orders, use http://https.openbsd.org/cgi-bin/order.eu
Changes since OpenSSH 3.7.1:

============================ 
* sshd(8) now supports forced changes of expired passwords via

  /usr/bin/passwd or keyboard-interactive authentication.
  Note for AIX: sshd will now deny password access to accounts with

  passwords expired longer than their maxexpired attribute.  For

  details, see the AIX section in README.platform.
* ssh(1) now uses untrusted cookies for X11-Forwarding.

  Some X11 applications might need full access to the X11 server,

  see ForwardX11Trusted in ssh(1) and xauth(1) for more information.
* ssh(1) now supports sending application layer

  keep-alive messages to the server.  See ServerAliveInterval

  in ssh(1) for more information.
* Improved sftp(1) batch file support.
* New KerberosGetAFSToken option for sshd(8).
* Updated /etc/moduli file and improved performance for

  protocol version 2.
* Support for host keys in DNS (draft-ietf-secsh-dns-xx.txt).

  Please see README.dns in the source distribution for details.
* Fix a number of memory leaks.
* The experimental "gssapi" support has been replaced with

  the "gssapi-with-mic" to fix possible MITM attacks.

  The two versions are not compatible.
Checksums:

==========
- MD5 (openssh-3.8.tgz) = 7d5590a333d8f8aa1fa6f19e24938700

- MD5 (openssh-3.8p1.tar.gz) = 7861a4c0841ab69a6eec5c747daff6fb
Reportin...
[ message continues ]

Dear Colleagues:
  I would like to invite all those who have not registered for

  the USENIX AsiaBSDCon (March 13-14) to do so at our website:

  http://www.asiabsdcon.org

  It contains the conference schedule and updated information as we go

  along with activities.
  The conference hotel is very inexpensive at NTD$800 for single rooms

  and NTD$1200 for double rooms, with free built-in wireless networking.

  (1 USD ~= 35 NTD)
=================

      Tutorials:

      Greg Lehey: BSD Kernel Debugging

      	Ex-core team member for FreeBSD. FreeBSD, NetBSD committer
      OpenFoundry Tutorial
      Lawrence Hughes: OpenBSD - Install/Networking/Web/SMTP/Security

        Co-Founder Infoweapons.com
=================

      Speeches:

      Sam Leffler: "Cryptographic Device Support for FreeBSD"

                   "Next Generation Wireless Support for the Open Source

		    Community" (2 speeches)

	Ex-Berkeley CSRG member who helped to develop the original BSD

      M. Warner Losh: "State of the Art Precision Time-Keeping Embedded Systems"

        FreeBSD Core Team Member, Timing.com Senior Engineer

      Kenjiro Cho: "Fitting Theory into Reality in the ALTQ Case"

        Sony CS Labs. Japan

      Junichiro "itojun" Hagino: "Implementing IPV6: Expereiences at the KAME Project"

        ex-NetBSD core team member, IIJ Labs.

      Robert Watson: "Advances in Secure OS Practices (TrustedBSD)

        FreeBSD Core Team member, NAI Labs Inc.

      Lawrence Hughes: "The Design and Implementation of Secure Internet Appliances"

        Co-Founder Infoweapons.com

      Jeffrey Hsu: "Concepts, Theory, and Implementation of DragonflyBSD"

++++++++++++++++++

      We have invited several distinguished members of the BSD community

      to the USENIX AsiaBSDCon.  The conference has no admission nor

      registration fees.  It is located at the Academia Sinica

      Activity Center, Taipei, Taiwan, taking place from March 14 to 15.

      Parking is free with advanced regi...
[ message continues ]

------------------------------------------------------------------------

- OpenBSD 3.5 RELEASED -------------------------------------------------
May 1, 2004.
We are pleased to announce the official release of OpenBSD 3.5.

This is our 15th release on CD-ROM (and 16th via FTP).  We remain

proud of OpenBSD's record of eight years with only a single remote

hole in the default install.  As in our previous releases, 3.5

provides significant improvements, including new features, in nearly

all areas of the system:
- Ever-improving security            (http://www.OpenBSD.org/security.html)
  o New ptm device (see pty(4)) that allows non-privileged processes to

    allocate a properly-permissioned pty.  As a result any process can

    now open a pty easily, meaning xterm(1) and xconsole(1) are no longer

    setuid root. (In 3.4 they were setuid root, but privilege revoking).
  o malloc(3) chunk randomization and guard pages. This helps to detect

    out-of-bounds reads and writes.
  o Privilege separation added to allow complex operations to occur in an

    untrusted, unprivileged process, resulting in much greater security

    for the following processes:

    - isakmpd(8)

    - named(8) (Previously privilege revoking, but this had a small breakage).

    - pflogd(8)

    - tcpdump(8)
  o Many improvements and bug fixes in the ProPolice stack protector.

    Several other code generation bugs for RISC architectures were also

    found and fixed.
- Improved hardware support             (http://www.OpenBSD.org/plat.html)
  o New hardware platforms:

    - OpenBSD/amd64

      Supporting the AMD64 architecture natively, with full 64-bit support,

      8 extra registers in the architecture to significantly increase

      performance, and a memory management Non-Executable bit that permits

      full W^X support.

    - OpenBSD/cats

      Our first entry in the ARM-cpu landscape. We intend to use this as a

      development platform for something else we plan for the future...

...
[ message continues ]

Hello,
The registration for the anual Swiss Unix Conference has been

opened. The online registration form can be found at:
       https://www.suug.ch/sucon/04/register.html
If you register before August 9 you can benefit from early bird

registration discounts and save 40% on all fees and additionaly

get the chance to win O'Reilly books.
    SUCON'04 - 2nd Swiss Unix Conference

    September 2-4, 2004

    Technopark, Zurich

    http://www.sucon.ch/
Some BSD highlits:
   Poul-Henning Kamp

      Old mistakes repeated (but you do get the source code now):

         UNIX is the best operating system ever designed so

         everybody is running UNIX on their computer, right ?

         This presentation takes a partisan looks a why UNIX

         never became a big success in the eighties, failed to

         win the market in the nineties, and still struggles in

         the market in the new millenium. Poul-Henning will take

         a critical look at the mistakes of the past and the

         mistakes of the present and try to make it really clear

         what needs to happen for UNIX to become a real success.
   Hubert Feyrer

      NetBSD Status Report Fall 2004

         As a follower of the Berkeley 4.4BSD Unix operating

         system, NetBSD is the oldest Open Source operating

         system project under development today. With it's focus

         on portability to a wide range of hardware, NetBSD is

         equally good for running on desktop PCs, various server

         hardware as well as a wide range of contemporaty

         handheld and embedded devices. A lot has happened since

         the project started, and with finally reaching the

         NetBSD 2.0 release after more than 10 years, this talk

         will give an overview of the past events from both

         technical and project administrative point of view,

         introduce where the NetBSD project stands today and what

         some of the plans for the future are.
   Henning Brauer

  ...
[ message continues ]

The Book of PF by Peter N.M. Hansteen.
Book blurb: The Book of PF is a practical, how-to guide to building the

network you need with the powerful BSD Packet Filter, PF. From simple

NAT to load balancing, queues, and more, there's something for every BSD

admin.
http://www.nostarch.com/pf.htm
This book has now been printed and is in transit or already arrived at

your favorite computer book store.
We would also like to announce it's availablity on the OpenBSD website,

where part of the proceeds goes to help support the project:
http://www.openbsd.org/orders.html

The OpenSSH project turns five years old

----------------------------------------
Five years ago, in late September 1999, the OpenSSH project was started.

It began with an audit, cleanup and update of the last free version

of Tatu Ylonen's legacy ssh-1.2.12 code. The project quickly gathered

pace, attracting a portability effort and, in early 2000, an independent

implementation of version 2 of the SSH protocol. Since then, OpenSSH

has led in the implementation of proactive security techniques such as

privilege separation & auto-reexecution.
The free software community were rapid adopters of OpenSSH, with most

free operating systems shipping OpenSSH within its first year of

existence. Over the last five years OpenSSH has become the most widely

used SSH protocol implementation (by a large margin) and has been

included in products from major vendors including IBM, Apple, HP, Sun,

Cisco and NetScreen. Today, OpenSSH runs on everything from mobile

phones to Cray supercomputers.
In providing a free, popular and easy to use secure login and command

execution protocol OpenSSH has been instrumental in speeding the

deprecation of insecure protocols like telnet and rlogin.
The OpenSSH team would like to thank all those who have supported the

project over the last five years, including individuals and vendors who

have donated funds or hardware. An extra special thanks to those who

have reported bugs or sent patches to the project.
OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,

Kevin Steves, Damien Miller, Ben Lindstrom, Darren Tucker and Tim Rice.
http://www.openssh.com/

Stephanie for OpenBSD 3.6 is released

-------------------------------------
Introduction

------------

Stephanie is an OpenBSD hardening package. It's compiled of kernel and

userland patches that when used add several security features. In this

version included are:
  - Vexec: Verify file integrity before executing/opening it.

  - TPE: Prevent untrusted users executing files in untrusted locations.

  - Privacy: Privacy extensions, in-kernel and userland.
What's new?

-----------

  - Vexec: Mostly rewritten. Now uses hash tables to store data,

    introducing O(1) performance in best case and O(n) where 'n' is

    number of inodes that produce same hash on a given device in worst

    case.
    Noting the recent collision discovery in SHA-0, it's worth

    mentioning that Vexec offers 6 hash types (MD5, SHA1, SHA256,

    SHA384, SHA512, and RMD160 - all hash types supported by the OpenBSD

    3.6 kernel) and it's design allows easy extensions for adding new

    hash types, if required. (read NEW_HASH)
  - Privacy: More privacy features. Namely, there are hooks in netstat,

    w, who, last, and finger. The output is filtered according to the

    features status.
  - The trustcheck(2) syscall has been removed; now interaction with

    Stephanie's settings - including trust status of current process -

    is done solely using sysctl.
License

-------

Stephanie for OpenBSD 3.6 is mostly a rewrite. BSD-licensed code from

NetBSD and Brett Lymn is no longer in use, so Stephanie moves to an

ISC-style license, available in

http://ethernet.org/~brian/Stephanie/doc/LICENSE
Download

--------

Stephanie for OpenBSD 3.6 can be downloaded from its official homepage

at http://ethernet.org/~brian/Stephanie/
Support

-------

Please mail me with any questions, comments, bugs, and feedback in

general. Remember - DO NOT MAIL OPENBSD MAILING LISTS WITH QUESTIONS

ABOUT STEPHANIE! unless you really want to. Anyway, CC me if you do.
Make sure you've read stephanie(7) after in...
[ message continues ]

NYCBUG monthly meeting

Wednesday, March 2nd Manhattan NY, USA
6 pm, Soho Apple Store at 103 Prince Street [1]
Michael "Mickey" Shalayeff will talk about the hppa port of OpenBSD

which he maintains. He maintains many of the applications which run on

this peculiar platform and will provide some insight to the inquisitive

as to what this combo can do.
Mickey has contributed heavily to the CARP project which has become

such a success. It is hard to find some code which Michael has not at

least influenced in OpenBSD. He seems to be dextrous on any hardware

platform and is equally well versed in PCI as he is SCSI. Mickey is

readily available on the message lists and is always happy to help

impart some of his vast networking knowledge to beggars and sysadmins

with a smile (;
You can read more about OpenBSD on PA-RISC at

http://openbsd.org/hppa.html   
[1] (SOHO is yuppie-land, not hippie-land as some of you may have been led

to believe)
*       *       *       *       *
NYC*BUG tshirts will also be in.  We will be selling them for $15.

Each has the NYC*BUG logo on the left front breast, and a customized

dmesg trailing down the back of the shirt.  Anyone who donates $50 or

more to the OpenBSD Hackathon Fundraiser will receive a tshirt for

free.
These tshirts are hot.  And supporting the OpenBSD Hackathon

Fundraiser, which is responsible for so many innovations in *BSD Land

and beyond, is hotter.
*       *       *       *       *

------------------------------------------------------------------------

- OpenBSD 3.7 RELEASED -------------------------------------------------
May 19, 2005.
We are pleased to announce the official release of OpenBSD 3.7.

This is our 17th release on CD-ROM (and 18th via FTP).  We remain

proud of OpenBSD's record of eight years with only a single remote

hole in the default install.  As in our previous releases, 3.7

provides significant improvements, including new features, in nearly

all areas of the system:
- New platforms:

  o OpenBSD/zaurus

    Expanding the arm porting effort by supporting the

    Sharp Zaurus SL-C3000, bringing a secure ssh-capable machine

    to your pocket.

  o OpenBSD/sgi

    Starting out support with the SGI O2 machines.
- Support for a number of much faster 64-bit machines (in 32-bit

  mode) in the OpenBSD/hppa port.
- Many enhancements in the OpenBSD/mac68k port:

  o Switch to a bsd.rd-based install.

  o Improved interrupt system.

  o Create partitions with pdisk(8).

  o Add mc(4) support and enhance zsc(4) support.
- New tools:

  o ospfd(8), implementing the OSPFv2 routing protocol.

  o getcap(1), providing easy access to the capability database.
- New functionality:

  o Repaired mirroring mode in ccd(4).

  o Privilege separation for ftpd(8)

  o Bash-style prompt expansion and POSIX hex and octal constants

    in ksh(1).

  o Improved TCP send performance.

  o Reentrant getproto*_r(3) and getserv*_r(3) functions.

  o In-kernel pppoe(4) support.

  o pim(4) (Protocol Independent Multicast) support added.
- Improved hardware support, including:

  o New ath(4) driver for Atheros IEEE 802.11a/b/g wireless

    network adapters.

  o New iwi(4) driver for Intel PRO/Wireless 2200BG/2225BG/2915ABG

    IEEE 802.11a/b/g wireless network adapters.

  o New ipw(4) driver for Intel PRO/Wireless 2100 IEEE 802.11b

    wireless network adapters.

  o New atu(4) driver for Amtel AT76C50x USB IEEE 802.11b

    wireless network adapters.

  o New ra...
[ message continues ]

EuroBSDcon 2008: Family Meeting
    The European BSD Conference, October 18-19th 2008, Strasbourg, France
FreeBSD, NetBSD, OpenBSD, MacOS X, DragonFlyBSD, PC-BSD, DesktopBSD: Are you

doing interesting things with one of these BSD based operating system?
Anything hot you are working on?  Come to Strasbourg and talk about it!
EuroBSDCon is a conference for users and developers on BSD based systems.  We

are looking for papers about all aspects of BSD based operating systems

especially if you can tell our audience something new about:
    * Products embedding BSD systems

    * Desktop computing with BSD systems

    * BSD based products, how, why, what

    * How you are reworking ports pkgsrc

    * What are the BSD developers working on now

    * Virtualizing BSD based systems

    * Installing BSD system on your coffee machine

    * File systems, networking, security, and general kernel hacking

    * Tools for monitoring, measuring, debugging, and optimizing BSD systems

    * The science and art of open source programming
Extended abstract (two A4 pages) in English, with an outline of your proposed

talk, a few keywords and a bit about yourself should be sent to us by email at

pc@eurobsdcon.org before June 1st 2008.
If you are interested in presenting a tutorial, please let us know.
Practical Information
Speakers attend the conference for free and we will reimburse speakers travel

and lodging if nobody else will pay for it.  We will aim to finalize the

program and notify the selected speakers by July 1st 2008.  All speakers will

be expected to produce a final paper and electronic files for the conference

web site by September 15th, 2008.
We will not waste money and trees on printed proceedings but will distribute

the conference material electronically and expect to receive your final slides

no later than 4 weeks before the conference.  Please let us know if you want

to include other materials (articles, HOWTO etc).  All papers should be

considered 'open s...
[ message continues ]

OpenNTPD 3.7 has just been released. It will be available from the

mirrors listed at http://www.openntpd.org/ shortly.

This is our third formal release.
OpenNTPD is a FREE, easy to use implementation of the Network Time Protocol.

It provides the ability to sync the local clock to remote NTP servers

and can act as NTP server itself, redistributing the local clock.
OpenNTPD is developed as part of the OpenBSD project, which sells

CDs, T-Shirts, and Posters.

Sales of these items help to fund development.
For international orders use http://https.openbsd.org/cgi-bin/order

and for European orders, use http://https.openbsd.org/cgi-bin/order.eu
Checksums:

==========
MD5 (openntpd-3.7.tgz) = a936e5aaeee65b54c43e6ddf6dfb1f44

MD5 (openntpd-3.7p1.tar.gz) = 10ed8eefd760e5819efcf3277b118f47
Reporting Bugs:

===============
- please read http://www.openbsd.org/report.html
OpenNTPD is brought to you by Henning Brauer, Darren Tucker and Theo de Raadt.

The OpenBSD .PT user group will be holding their fifth meeting open to

all enthusiasts, newcomers and others. Pedro Martelletto, brazilian

developer will give a talk about OpenBSD and joining us earlier before

we leave to What The Hack, in the Netherlands.

Past meetings haven't produced the amount of relevant work to the

project as we would like but hey... we will eventually get there, some

day. Besides that, we always have a lot of fun, technical discussions,

good bandwidth, sell some CD's and stuff, etc. There will also be a

special workshop on deploying honeypots by the Honeynet-PT team.
This will be a two day event at the Laboratory for Advanced Computation

of the University of Coimbra. Days 23th and 24th, July 2005. Free

Entrance. Bring your computer and stuff. Cya there!
http://www.openbsd-pt.org/eventos/coimbra05/
http://www.honeynet-pt.org
-- nuno

OpenSSH 4.2 has just been released. It will be available from the

mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0

implementation and includes sftp client and server support.
We would like to thank the OpenSSH community for their continued

support of the project, especially those who contributed source,

reported bugs, tested snapshots and purchased T-shirts or posters.
T-shirt, poster and CD sales directly support the project. Pictures

and more information can be found at:

        http://www.openbsd.org/tshirts.html and

	http://www.openbsd.org/orders.html
For international orders use http://https.openbsd.org/cgi-bin/order

and for European orders, use http://https.openbsd.org/cgi-bin/order.eu
Changes since OpenSSH 4.1:

============================ 
  - SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused

    GatewayPorts to be incorrectly activated for dynamic ("-D") port

    forwardings when no listen address was explicitly specified.
  - SECURITY: sshd in OpenSSH versions prior to 4.2 allow GSSAPI

    credentials to be delegated to users who log in with methods

    other than GSSAPI authentication (e.g. public key) when the

    client requests it. This behaviour has been changed in OpenSSH

    4.2 to only delegate credentials to users who authenticate

    using the GSSAPI method. This eliminates the risk of credentials

    being inadvertently exposed to an untrusted user/host (though

    users should not activate GSSAPIDelegateCredentials to begin

    with when the remote user or host is untrusted)
  - Added a new compression method that delays the start of zlib

    compression until the user has been authenticated successfully.

    The new method ("Compression delayed") is on by default in the

    server. This eliminates the risk of any zlib vulnerability

    leading to a compromise of the server from unauthenticated users.
    NB. Older OpenSSH (<3.5) versions have a bug that...
[ message continues ]

Go and get it!  (Please remember to check the primary mirrors

please -- thanks)
------------------------------------------------------------------------

- OpenBSD 3.8 RELEASED -------------------------------------------------
Nov 1, 2005.
We are pleased to announce the official release of OpenBSD 3.8.

This is our 18th release on CD-ROM (and 19th via FTP).  We remain

proud of OpenBSD's record of eight years with only a single remote

hole in the default install.  As in our previous releases, 3.8

provides significant improvements, including new features, in nearly

all areas of the system:
- Improved hardware support, including:

  o New aps driver for the built-in accelerometer found in some IBM ThinkPad laptops.

  o New art driver for Accom Networks Artery T1 and E1 cards.

  o New auixp driver for the ATI IXP series integrated AC'97 audio controller.

  o Basic RAID management using bioctl(8) in the ami(4) MegaRAID driver.

  o New ciss driver for Compaq Smart ARRAY 5 and 6 RAID controllers.

  o New epic driver for SMC 83C170 ethernet adapters.

  o New ichwdt driver for Intel 6300ESB ICH watchdog timer.

  o New pcn driver for the AMD Am79c97x (PCnet) ethernet adapters.

  o New safte driver for SCSI Accessed Fault-Tolerant Enclosures, and a rewritten

    ses driver for SCSI Enclosure Services, both allowing monitoring through

    sysctl and sensorsd.

  o New ueagle driver for Analog Devices Eagle ADSL modems.

  o New uipaq driver for iPAQ USB serial.

  o New viasio driver for VIA VT1211 LPC Super I/O hardware sensors.

  o New zaudio driver for the built-in Zaurus audio CODEC.

  o Improved com driver for serial port PCMCIA cards, such as cellular modems

    on Zaurus.

  o Improved support for many umass devices.

  o Updated driver from X.Org for the Intel i810 family graphics chipset,

    including support for the external VGA output on laptops. 
- New tools:

  o bioctl(8), a RAID management interface.

  o ipsecctl(8), a simple IPsec management tool.

  o stat(1), displaying f...
[ message continues ]

Hello folks,
I'm writing to remind you that the deadline for the Call For Papers

is one week away.  Please get your submissions in before that date.

You don't want to miss out presenting at the biggest BSD event of the

year.
BSDCan 2006 will be held May 12-13, 2005, in Ottawa at University of

Ottawa.  We are now requesting proposals for papers.
The papers should be written with a very strong technical content

bias. Papers and proposals of a business development or marketing

nature are not appropriate for this venue.
The schedule is:
19 Dec 2005	Proposal acceptance begins

19 Jan 2006	Proposal acceptance ends

19 Feb 2006	Confirmation of accepted proposals

19 Mar 2006	Abstracts due

19 Apr 2006	Formatted final papers must arrive no later than this date
Please submit all proposals to papers@bsdcan.org
NOTE: This is the schedule for formal papers. We are also accepting

submissions for for talks and presentations. If you have a proposal,

please contact us on papers@bsdcan.org.

--

Dan Langille : http://www.langille.org/

BSDCan - The Technical BSD Conference - http://www.bsdcan.org/

Hi folks,
A reminder that BSDCan 2006 is just two weeks away.  Our schedule has

been announced <http://www.bsdcan.org/2006/schedule.php> and we're

putting the finishing touches on the social calendar.  We have a

great line up of talks and bofs ready for you.  Be sure to get in on

the biggest BSD event of the year!
As is tradition, you can pick up your registration pack at the Royal

Oak pub.  Stay for a pint or two and have dinner with us.
If you have any questions, please ask.
--

Dan Langille : Software Developer looking for work

my resume: http://www.freebsddiary.org/dan_langille.php

Hello all,
We are happy to announce the 2nd AsiaBSDCon will be held on

March 8-11, 2007, in the University of Tokyo, Japan.  The AsiaBSDCon 2007

Call for Papers is available at http://asiabsdcon.org/, and more

detailed information about this conference will also be available

there soon.
Important dates are:
18 Aug 2006  Extended abstracts for papers and presentations acceptance begins

 1 Nov 2006  Extended abstracts for papers and presentations acceptance ends

 1 Dec 2006  Authors and presenters notified by the program committee

31 Jan 2007  Final papers and presentations due
Please contact secretary@asiabsdcon.org if you have any questions.

We look forward to receiving your submissions!
--

Hiroki Sato

OpenSSH 4.4 has just been released. It will be available from the

mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0

implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their

continued support of the project, especially those who contributed

code or patches, reported bugs, tested snapshots and purchased

T-shirts or posters.
T-shirt, poster and CD sales directly support the project. Pictures

and more information can be found at:

        http://www.openbsd.org/tshirts.html and

	http://www.openbsd.org/orders.html
For international orders use http://https.openbsd.org/cgi-bin/order

and for European orders, use http://https.openbsd.org/cgi-bin/order.eu
Changes since OpenSSH 4.3:

============================
Security bugs resolved in this release:
 * Fix a pre-authentication denial of service found by Tavis Ormandy,

   that would cause sshd(8) to spin until the login grace time

   expired.
 * Fix an unsafe signal hander reported by Mark Dowd. The signal

   handler was vulnerable to a race condition that could be exploited

   to perform a pre-authentication denial of service. On portable

   OpenSSH, this vulnerability could theoretically lead to

   pre-authentication remote code execution if GSSAPI authentication

   is enabled, but the likelihood of successful exploitation appears

   remote.
 * On portable OpenSSH, fix a GSSAPI authentication abort that could

   be used to determine the validity of usernames on some platforms.
This release includes the following new functionality and fixes:
 * Implemented conditional configuration in sshd_config(5) using the

   "Match" directive. This allows some configuration options to be

   selectively overridden if specific criteria (based on user, group,

   hostname and/or address) are met. So far a useful subset of post-

   authentication options are supported and more are expected to be

   add...
[ message continues ]

BSDCan 2007 will be will be held on 18-19 May 2007 at University of

Ottawa.  Tutorials will be held on 16-17 May 2007.
This is one week later than previously announced.
http://lists.bsdcan.org/pipermail/bsdcan-announce/2006-October/000021.html
--

Dan Langille : Software Developer looking for work

my resume: http://www.freebsddiary.org/dan_langille.php

OpenSSH 4.6 has just been released. It will be available from the

mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0

implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their

continued support of the project, especially those who contributed

code or patches, reported bugs, tested snapshots and purchased

T-shirts or posters.
T-shirt, poster and CD sales directly support the project. Pictures

and more information can be found at:

        http://www.openbsd.org/tshirts.html and

	http://www.openbsd.org/orders.html
For international orders use http://https.openbsd.org/cgi-bin/order

and for European orders, use http://https.openbsd.org/cgi-bin/order.eu
Changes since OpenSSH 4.5:

============================
 * sshd now allows the enabling and disabling of authentication

   methods on a per user, group, host and network basis via the

   Match directive in sshd_config.
 * The following bugs have been fixed in this release:
   - Clear SIGALRM when restarting due to SIGHUP. Prevents stray

     signal from taking down sshd if a connection was pending at

     the time SIGHUP was received

   - sftp returned a zero exit status when upload failed due to write

     errors (bugzilla #1252)

   - fixed an inconsistent check for a terminal when displaying scp

     progress meter (bugzilla #1265)

   - Parsing of time values in Match blocks was incorrectly applied

     to the global configuration (bugzilla #1275)

   - Allow multiple forwarding options to work when specified in a

     PermitOpen directive (bugzilla #1267)

   - Interoperate with ssh.com versions that do not support binding

     remote port forwarding sessions to a hostname (bugzilla #1019)
 * Portable OpenSSH bugs fixed:
   - "hang on exit" when background processes are running at the time

     of exit on a ttyful/login session (bugzilla #52)

   - Fix typos in the ssh-rand-helper(8) ...
[ message continues ]

Gui quy ban doc!

The Transport Journal Online la kenh thong tin chuyen nganh Giao thong van tai Viet Nam. The Transport Journal Online gioi thieu toan canh ve cac linh vuc Giao thong van tai: hang hai, hang khong, duong sat, duong bo, duong thuy, dong tau, du an & quan ly du an va dang kiem... cua Nganh Giao thong van tai Viet Nam va quoc te.

The Transport Journal Online lien tuc cap nhat nhung tin tuc va hoat dong tren cac linh vuc Giao thong van tai - Dong thoi cung cap cho cac doanh nghiep nhung dich vu: quang ba thuong hieu, giao dich truc tuyen, nghien cuu thi truong...

Ban co the truy cap tai dia chi http://www.transportjournal.com.vn

Muon xem day du thong tin ban can dang ky de nhan duoc Ten truy cap va Mat khau. Dang ky tai day

Ban bien tap
THE TRANSPORT JOURNAL ONLINE

Tel         : +84. 8. 8239645

Fax        : +84. 8. 6126265

E-mail    : info@transportjournal.com.vn

Website : http://www.transportjournal.com.vn

------------------------------------------------------------------------

- OpenBSD 4.1 RELEASED -------------------------------------------------
May 1, 2007.
We are pleased to announce the official release of OpenBSD 4.1.

This is our 21st release on CD-ROM (and 22nd via FTP).  We remain

proud of OpenBSD's record of ten years with only two remote

holes in the default install.  As in our previous releases, 4.1

provides significant improvements, including new features, in nearly

all areas of the system:
- New/extended platforms:

    o OpenBSD/landisk.

      Various SH4-based appliances, made by IO-Data and resold by

      Plextor.

    o OpenBSD/sparc64.

      UltraSPARC III based machines are supported even better, and

      now run at full speed!
- Improved hardware support, including:

    o New USB client controller support:

          o Support for the USB client functionality in the pxaudc(4)

            driver on the Zaurus.

          o New usbf(4) midlayer for USB Client controllers.

          o New cdcef(4) driver for providing a CDCE function on USB

            client controllers.

    o New cas(4) driver for Sun Cassini 10/100/Gigabit Ethernet devices.

    o New uow(4) driver for Maxim/Dallas DS2490 USB 1-Wire devices.

    o New owsbm(4) driver for 1-Wire smart battery monitor devices.

    o New zyd(4) driver for ZyDAS ZD1211/ZD1211B USB IEEE 802.11b/g

      wireless network devices.

    o New moscom(4) driver for MosChip Semiconductor MCS7703 based USB

      serial adapters.

    o New glxsb(4) driver for hardware random numbers and AES

      acceleration on the AMD Geode LX processor.

    o New vic(4) driver for VMware VMXnet Virtual Interface Controllers.

    o New malo(4) driver for Marvell Libertas IEEE 802.11b/g wireless

      network devices.

    o New pwdog(4) driver for Quancom PWDOG1 watchdog timer devices.

    o New uberry(4) driver for Research In Motion Blackberry devices.

    o New mbg(4) driver for Meinberg Funkuhren radio clocks.

    o New mesh(4) ...
[ message continues ]

The registration to EuroBSDcon2007 is open now:
               http://2007.eurobsdcon.org/shop.html
            300DKK early bird discount until July 1st.
The conference price is 1800 DKK (EUR 240) a bit higher than we

wanted, but we have managed to secure very cheap lodging, Youth

Hostel style, at only 165 DKK, (EUR 22) per night.
Check out the talks and tutorials on our web-page:
                    http://2007.eurobsdcon.org
See you in Wonderful Copenhagen, september 14-15 2007!
(And don't miss the trip to LEGOLand!)
		  =============================

                  EuroBSDcon2007 Poster Session

		  =============================
EuroBSDcon2007 will not have a "Work In Progress" session, it will have

poster session instead, possibly two, if we get many poster presenters.
The way it works is simple: During the lunch break the poster presenter

gets a place to stand with his poster, and people wander around looking

for stuff that interests them and the poster presenter makes his pitch

to who ever stops by.
Rules of the game:

------------------
Topics:

    Any moderately BSD related topic is fair game.
You must be this tall:
    Proposals will be accepted or rejected solely on the graphical

    quality of the poster.
    A number of slots will be reserved for students.
Registration:
    To get a slot, send email to <posters@eurobsdcon.dk> with:
	Your name & email address
	Topic of poster (1 paragraph)
	URL to pdf or photo of your poster

	    Do not attach the pdf or photo to the email, just

	    include a URL to it!
    It's OK to update your poster after I have seen it.
Deadline:
    Right before I run out of slots.
Do I get free transportation, entrance to the conference etc ?
    Sorry, we can't afford that (unless a sponsor volunteers)
Web-site:
    If you want your poster on the web-site with the other conference

    material, make sure to send us the final PDF version.
Poster size:
...
[ message continues ]

The OpenBSD Foundation is pleased to announce today it has completed

its organization as a Canadian federal non-profit corporation and is

ready for public interaction.
The OpenBSD Foundation has been formed for the purpose of supporting

the OpenBSD project, and related projects such as OpenSSH, OpenBGPD,

OpenNTPD, and OpenCVS.
In particular it will act as a single point of contact for persons and

organizations requiring a legal entity to deal with when they wish to

support OpenBSD in any way.
The OpenBSD Foundation will initially concentrate on facilitating

larger donations of equipment, funds, documentation and

resources. Small scale donations should continue to be submitted

through the existing mechanisms.
The OpenBSD Foundation corporate charter, bylaws, and goals can be found at

http://www.openbsdfoundation.org. The foundation directors may be contacted

via email at directors@openbsdfoundation.org.

DO NOT MISS THE EUROPEAN BSD EVENT OF THE YEAR

    ==============================================
                   EuroBSDCon 2007
             September 14th - 15th 2007

           -------------------------------
The sixth EuroBSDCon - the annual European BSD conference for users

and developers begins Friday September 14th.  It's being held at

Symbion Science Park in Copenhagen, Denmark.  Come, meet and talk to

BSD people from all over the world.
Program

-------
20+ interesting speakers in a program which includes:
Kirk McKusick: Kirk is the epitome of BSD - an all-time Berkley guy

will talk about the history of the UFS file system.
Sam Leffler: Sam is another of the original BSD people.  For a while

he has been working a lot with wireless networks and and his name can

be found in a lot of the open source wireless code.  At the conference

he will be talking about long distance wireless.
Marc Balmer: Marc became an active OpenBSD developer in 2004 and has

since be responsible for several prominent OpenBSD projects.  At the

conference he will talk about Support for Radio Clocks in OpenNTPD.
Steven Murdoch: Steven is working on computer security research at

Cambridge University and he will be talking about hidden channels

between computers which even the best firewall cannot close.
John Hartmann: Very few if any UNIX people have heard about John

Hartmann, despite the fact that he completed the work Dennis and Ken

started with pipes.  John will talk about "CMS pipes" a minor and

cheap entry in the IBM product catalogue which is a radical

generalization of the UNIX pipe concept.
Read more about the speakers and the program on:
       http://2007.eurobsdcon.org/talks.html
More information about the tutorials can be found at:
       http://2007.eurobsdcon.org/tutorials.html
Prices

------
The conference costs 1800 DKK for 2 days.
It is also possible to register for a social event which will take

place on Friday night or register for the tutor...
[ message continues ]

------------------------------------------------------------------------

- OpenBSD 4.4 RELEASED -------------------------------------------------
Nov 1, 2008.
We are pleased to announce the official release of OpenBSD 4.4.

This is our 24th release on CD-ROM (and 25th via FTP).  We remain

proud of OpenBSD's record of more than ten years with only two remote

holes in the default install.
As in our previous releases, 4.4 provides significant improvements,

including new features, in nearly all areas of the system:
- New/extended platforms:

    o OpenBSD/sparc64.

      Fujitsu's SPARC64-V, SPARC64-VI and SPARC64-VII processors are supported

      now, which means that many of the PRIMEPOWER machines and the SPARC

      Enterprise M4000/M5000/M8000/M9000 work now.

      Sun's UltraSPARC VI processors are supported now.  Many of Sun's

      mid-range and high-end servers with these processors or UltraSPARC III

      and UltraSPARC III+ processors work now.

      Sun's UltraSPARC T1 and UltraSPARC T2 processors are supported now,

      which means the sun4v architecture is now supported and machines like

      the SPARC Enterprise T1000 and SPARC Enterprise T5220 work now.

    o OpenBSD/socppc.

      For machines based on the Freescale MPC8349E

      System-on-Chip (SoC) platform that use Das U-Boot as a boot loader.

    o OpenBSD/landisk: added shared libraries support. 
- Improved hardware support, including:

    o Several new/improved drivers for sensors: fins(4), andl(4), it(4),

      kate(4), sdtemp(4), lmtemp(4), adt(4), km(4).

    o Support for Intel G33 and G35 chipsets in agp(4).

    o New lii(4) driver for Attansic L2 10/100 Ethernet devices.

    o Preliminary support for UVC USB webcams: uvideo(4) and video(4).

    o WPA/WPA2-PSK support for several models of wireless cards.

    o Openchrome(4) and geode(4) video card drivers for X.Org.

    o New vmt(4) driver, implements VMware Tools.

    o New auglx(4) driver for AMD Geode LX CS5536 integrated AC'97 audio.

   ...
[ message continues ]

OpenSSH 5.2 has just been released. It will be available from the

mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0

implementation and includes sftp client and server support.
We have also recently completed another Internet SSH usage scan, the

results of which may be found at http://www.openssh.com/usage.html
Once again, we would like to thank the OpenSSH community for their

continued support of the project, especially those who contributed

code or patches, reported bugs, tested snapshots or donated to the

project. More information on donations may be found at:

http://www.openssh.com/donations.html
The focus of this release has been on bugfixes as the previous

openssh-5.1 release introduced many new features and made some

invasive changes.
Changes since OpenSSH 5.1

=========================
Security:
 * This release changes the default cipher order to prefer the AES CTR

   modes and the revised "arcfour256" mode to CBC mode ciphers that are

   susceptible to CPNI-957037 "Plaintext Recovery Attack Against SSH".
 * This release also adds countermeasures to mitigate CPNI-957037-style

   attacks against the SSH protocol's use of CBC-mode ciphers. Upon

   detection of an invalid packet length or Message Authentication

   Code, ssh/sshd will continue reading up to the maximum supported

   packet length rather than immediately terminating the connection.

   This eliminates most of the known differences in behaviour that

   leaked information about the plaintext of injected data which formed

   the basis of this attack. We believe that these attacks are rendered

   infeasible by these changes.
New features:
 * Added a -y option to ssh(1) to force logging to syslog rather than

   stderr, which is useful when running daemonised (ssh -f)
 * The sshd_config(5) ForceCommand directive now accepts commandline

   arguments for the internal-sftp server.
 * The ssh(1) ~C escape commandline now support runti...
[ message continues ]

The latest sparc64 snapshot going out to the mirrors now contains new

support for running X on sparc64 consoles.  Some stuff doesn't quite

work yet, but that's the nature of a huge brand new feature...
What works:

	Framebuffers:

		pci: vga (ATI) framebuffers (must be prom console)

		sbus: cgsix, cgthree

	Keyboards:

		usb: sun type 6

		sbus: sun type 3/4/5/6 on zs

		pci: sun type 3/4/5/6 on com

	Mice:

		usb: any usb mouse will do

		sbus: sun on zs

		pci: sun on com
What doesn't work:

	- accelerated X servers

	- xdm (coredumps) [xinit or startx can be used to start the server]

	- ico (hangs X server)

	- probably more stuff like this...
I'm interested in having folks help find and fix problems in X, which is

why the snapshot is going out now... So, if you've been wanting X on

your OpenBSD/sparc64 machine, grab the snapshot and start sending

patches...
--Jason L. Wright

This is the 2nd revision of the Advisory.
Buffer overflow in OpenSSH's sshd if AFS has been configured on the

system or if KerberosTgtPassing or AFSTokenPassing has been enabled

in the sshd_config file.  Ticket and token passing is not enabled

by default.
1. Systems affected:
        All Versions of OpenSSH with AFS/Kerberos token passing

        compiled in and enabled (either in the system or in

        sshd_config) contain a buffer overflow.
        Token passing is disabled by default and only available in

        protocol version 1.
2. Impact:
        Remote users can get privileged access for OpenSSH < 2.9.9
        Local users can get privileged access for OpenSSH < 3.2.1
        No privileged access is possible for OpenSSH with

	UsePrivilegeSeparation enabled.
3. Solution:
	Apply the matching patch:
	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-3.1-adv.token.patch

	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.1p1-adv.tok...

	ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/024_sshafs.patch

	ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/019_sshafs.patch

	ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/001_sshafs.patch
4. Credits:
	Marcell Fodor <m.fodor@mail.datanet.hu>
EOF

O'Reilly is looking for proposals for "lightning talks" -- 5

minute presentations to be given at the O'Reilly Open Source

Convention. There's no separate BSD track at the convention

this year, so this is a good way to bring in BSD material.

Interested? Visit the link below.

------------------------------------------------------------------------

- OpenBSD 4.5 RELEASED -------------------------------------------------
May 1, 2009.
We are pleased to announce the official release of OpenBSD 4.5.

This is our 25th release on CD-ROM (and 26th via FTP).  We remain

proud of OpenBSD's record of more than ten years with only two remote

holes in the default install.
As in our previous releases, 4.5 provides significant improvements,

including new features, in nearly all areas of the system:
- New/extended platforms:

    o Initial ports to the xscale based gumstix platform and the ARM

      based OpenMoko

    o OpenBSD/sparc64

      o New vdsk(4) and vnet(4) drivers provide support for virtual

        I/O between logical domains on Sun's CoolThreads servers,

        including UltraSPARC T2+ machines.

      o Workstations and laptops with UltraSPARC IIe CPUs can now scale

        down the CPU frequency to save power. 
- Improved hardware support, including:

    o Several new/improved drivers for sensors, including:

      o The cac(4)  driver now has bio and sensor support.

      o The mpi(4) driver now has bio and sensor support.

      o New gpiodcf(4) driver for DCF77/HBG timedelta sensors

        through GPIO pins.

      o New schsio(4) driver for SMSC SCH311x LPC Super I/O devices.

      o The it(4) driver now supports IT8720F chips.

      o The it(4) driver now supports FAN4 and FAN5 sensors for

        IT8716F/IT8718F/IT8720F/IT8726F chips.

      o The owtemp(4) driver now supports Maxim/Dallas DS18B20 and

        DS1822 temperature sensors.

      o The km(4) driver now supports AMD Family 11h

        processors (Turion X2 Ultra et al).

      o The lm(4) driver now supports W83627DHG attachment on the ICC bus.

      o The lmenv(4) driver now has better support for the fan sensors

        on lm81, adm9240 and ds1780 chips.

      o The sdtemp(4) driver now supports ST STTS424 chips.

    o The em(4) driver now supports ICH9 IGP M and IGP M AMT c...
[ message continues ]

The BSDCon 2003 Program Committee invites you to contribute original

and innovative papers on topics related to BSD-derived systems and

the Open Source world. Topics of interest include but are not limited

to:
        * Embedded BSD application development and deployment

        * Real world experiences using BSD systems

        * Using BSD in a mixed OS environment

        * Comparison with non-BSD operating systems; technical,

          practical, licensing (GPL vs. BSD)

        * Tracking open source development on non-BSD systems

        * BSD on the desktop

        * I/O subsystem and device driver development

        * SMP and kernel threads

        * Kernel enhancements

        * Internet and networking services

        * Security

        * Performance analysis and tuning

        * System administration

        * Future of BSD
For more information about the BSDCon 2003 Call for Papers, visit:

http://www.usenix.org/events/bsdcon03/cfp/
Submissions in the form of extended abstracts are due by April 1, 2003.

Be sure to review the extended abstract expectations before submitting.

Selection will be based on the quality of the written submission and

whether the work is of interest to the community. For detailed author

guidelines, including sample extended abstracts and final papers

visit:
http://www.usenix.org/events/bsdcon03/cfp/guidelines.html
We look forward to receiving your submissions!
Sincerely,
Gregory Neil Shapiro

BSDCon 2003 Program Chair

The BSDCon 2003 Program Committee invites you to contribute original

and innovative papers on topics related to BSD-derived systems and the

Open Source world. Topics of interest include but are not limited to:
     * Embedded BSD application development and deployment

     * Real world experiences using BSD systems

     * Using BSD in a mixed OS environment

     * Comparison with non-BSD operating systems; technical,

       practical, licensing (GPL vs. BSD)

     * Tracking open source development on non-BSD systems

     * BSD on the desktop

     * I/O subsystem and device driver development

     * SMP and kernel threads

     * Kernel enhancements

     * Internet and networking services

     * Security

     * Performance analysis and tuning

     * System administration

     * Future of BSD
For more information about the BSDCon 2003 Call for Papers, visit:

http://www.usenix.org/events/bsdcon03/cfp/
Submissions in the form of extended abstracts are due by April 1,

2003. Be sure to review the extended abstract expectations before

submitting. Selection will be based on the quality of the written

submission and whether the work is of interest to the community. For

detailed author guidelines, including sample extended abstracts and

final papers visit:
http://www.usenix.org/events/bsdcon03/cfp/guidelines.html
We look forward to receiving your submissions!
Sincerely,
Gregory Neil Shapiro

BSDCon 2003 Program Chair
=====================================================================

To send mail to Greg Shapiro, please use bsdconchair@usenix.org

=====================================================================

OpenSSH 5.1 has just been released. It will be available from the

mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0

implementation and includes sftp client and server support.
We have also recently completed another Internet SSH usage scan, the

results of which may be found at http://www.openssh.com/usage.html
Once again, we would like to thank the OpenSSH community for their

continued support of the project, especially those who contributed

code or patches, reported bugs, tested snapshots or donated to the

project. More information on donations may be found at:

http://www.openssh.com/donations.html
Changes since OpenSSH 5.0

=========================
Security:
 * sshd(8): Avoid X11 man-in-the-middle attack on HP/UX (and possibly

   other platforms) when X11UseLocalhost=no
   When attempting to bind(2) to a port that has previously been bound

   with SO_REUSEADDR set, most operating systems check that either the

   effective user-id matches the previous bind (common on BSD-derived

   systems) or that the bind addresses do not overlap (Linux and

   Solaris).
   Some operating systems, such as HP/UX, do not perform these checks

   and are vulnerable to an X11 man-in-the-middle attack when the

   sshd_config(5) option X11UseLocalhost has been set to "no" - an

   attacker may establish a more-specific bind, which will be used in

   preference to sshd's wildcard listener.
   Modern BSD operating systems, Linux, OS X and Solaris implement the

   above checks and are not vulnerable to this attack, nor are systems

   where the X11UseLocalhost has been left at the default value of

   "yes".
   Portable OpenSSH 5.1 avoids this problem for all operating systems

   by not setting SO_REUSEADDR when X11UseLocalhost is set to no.
   This vulnerability was reported by sway2004009 AT hotmail.com.
New features:
 * Introduce experimental SSH Fingerprint ASCII Visualisation to ssh(1)

   and ssh-keygen(1). Vi...
[ message continues ]

Puget Sound Technology is teaching fundamentals of BSD system

administration, Sept. 16 - 19, in the Seattle, Washington, USA

area.  The class will focus on generic BSD Unix skills while

mainly being taught using OpenBSD.
The four-day, hands-on training will include:
 - operating system installation

 - starting and stopping system services

 - file system hierarchy

 - user and group management

 - basics of networking

 - installing third-party software

 - system logging

 - customizing the kernel

 - intro to Postfix and SMTP

 - setting up BIND for DNS services

 - Apache web server basics

 - and various other skills
To enroll in this class or for further details, please see:
 http://www.pugetsoundtechnology.com/training/bsd-admin/
(Discount available for early payment.)
   Jeremy C. Reed

   http://bsd.reedmedia.net/

USENIX BSDCon '03, September 8-13, 2003, San Mateo, CA

Register before August 18th and save $150
Once again BSDCon showcases the BSD community's long history of

innovative research, open exchange of ideas, and collaborative work.

Don't miss it!
WHAT:   BSDCon '03

WHEN:   September 8-13, 2003

WHERE:  San Mateo, CA, San Mateo Marriott

WHO:    Developers, SysAdmins, Researchers using any BSD Operating

        System

WHY:    To learn, to share, to create the future of BSD development

HOW:    http://www.usenix.org/events/bsdcon03/
Two days of TUTORIALS including: Kirk McKusick will lead an

"Intensive Code Walkthrough" of the new BSD 5.x release, Greg Lehey

will be debugging kernel problems on live systems, Mike

DeGraw-Bertsch will teach advanced BSD system and network security,

and Poul-Henning Kamp will familiarize you with FreeBSD's new GEOM

disk I/O subsystem.
Two and a half days of PAPERS and INVITED TALKS including:
ULE: A Modern Scheduler for FreeBSD

-Jeff Roberson, The FreeBSD Project
An Automated Binary Security Update System for FreeBSD

-Colin Percival, Computing Lab, Oxford
Cryptographic Device Support for FreeBSD

-Samuel J. Leffler, Errno Consulting
Enhancements to the Fast Filesystem to Support Multi-Terabyte

Storage Systems

-Marshall Kirk McKusick, Author and Consultant
Running BSD Kernels as User Processes by Partial Emulation and

Rewriting of Machine Instructions

-Hideki Eiraku and Yasushi Shinjo, University of Tsukuba
Social and Technical Implications of Nonproprietary Software

-Peter G. Neumann, Principal Scientist, Computer Science Laboratory,

SRI International
Post-Digital Possibilities

-Michael Hawley, Massachusetts Institute of Technology
BIRDS-OF-A-FEATHER SESSION and WORK-IN-PROGRESS REPORTS give you a

preview of next year's news, or present fledgling work of your own

and get feedback from the audience.
For more information and to register for USENIX BSDCon '03 visit:
http://www.usenix.org/bsdcon03/

We just couldn't wait another 2 days, so now you can enjoy OpenBSD 3.4 a

little early and protect yourself from ghosts and goblins.
------------------------------------------------------------------------

- OpenBSD 3.4 RELEASED -------------------------------------------------
Nov 1, 2003.
We are pleased to announce the official release of OpenBSD 3.4.

This is our 14th release on CD-ROM (and 15th via FTP).  We remain

proud of OpenBSD's record of seven years with only a single remote

hole in the default install.  As in our previous releases, 3.4

provides significant improvements, including new features, in nearly

all areas of the system:
- Ever-improving security            (http://www.OpenBSD.org/security.html)
  o W^X (pronounced: "W xor X") improvements, especially on the i386

    architecture.  Native i386 binaries have their executable segments

    rearranged to support isolating code from data, and the cpu CS limit

    is used to impose a best effort limit on code execution. 
  o ld.so on ELF platforms now loads libraries in a randomized order.

    Furthermore, on the i386 architecture, libraries and executable code

    are mapped at random addresses.  Together with W^X and ProPolice, these

    changes increase the difficulty of successfully exploiting an

    application error.
  o A static bounds checker has been added to the system compiler, designed

    to detect improper use of string and buffer manipulation functions.

    Through use of this checker, hundreds of bugs of in the source and

    ports trees were found and fixed.
  o Privilege separation has been implemented for the syslog daemon, making

    it much more robust against future errors. The child which listens to

    network traffic now runs as a normal user and chroots itself, while

    the parent process tracks the state of the child and performs privileged

    operations on its behalf.
  o Thousands of occurrences of unsafe library calls such as strcpy(),

    strcat() and sprintf() have been ...
[ message continues ]

http://consumergiftgroup.co.uk/x/NTM5MTc3NA==|MjI1Mzk5MQ==|YW5ub3VuY2VAb3BlbmJzZC5vcmc=|MTI4MDI0Mw==|NDA5|MzU4NzQ=|NTI5ODY=|MjYxNDY=||MA==|MA==|||NDUyNzY0Nw==|NDczMDQ=|MQ==|MA==|MA==|Ug==.html