Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenBSD 3.4 Released

Posted by timothy on from the new-poster-too dept.

tedu writes "We just couldn't wait another 2 days, so now you can enjoy OpenBSD 3.4 a little early and protect yourself from ghosts and goblins. More details at the OpenBSD website and official announcement. Remember to please use a mirror."

19 of 275 comments (clear)

  1. What he/she really meant is... by Anonymous Coward · · Score: 5, Informative


    "Remember to please use a mirror."

    1. Re:What he/she really meant is... by roka · · Score: 3, Informative

      or build them yourself

    2. Re:What he/she really meant is... by IM6100 · · Score: 1, Informative

      There are easy ways of 'signing' the ISO and keeping the 'signature', i.e. an MD5 sum, on a secured website and/or just widely distributing it.

      OpenBSD is selling a product, it's that simple, and it's acceptable for them to do so. However, the way that they do so detracts and even diminishes the security a little (widely distributing a way to 'validate' a downloaded version would enhance security)

      --
      A Good Intro to NetBS
  2. OpenBSD song by Malcolm+Scott · · Score: 5, Informative

    And make sure you listen to the release song too. It's great :-)

  3. Re:Thoughts on security by OttoM · · Score: 4, Informative

    The kernel has its own set of library functions, aptly named "the kernel library". This kernel library included strcpy() and strcat(), but not aymore.

  4. Unfortunately by Ryvar · · Score: 5, Informative

    Unlike 3.3, which made it months before a single security-related patch was issued, 3.4 LAUNCHES with 3 such patches.

    That said, it's such a huge release in terms of changes made (x86 Write or eXecute memory pages, for one) that it's more than worth the upgrade.

    As with most such fundamental updates to OBSD, though, I expect this release to be significantly patchier than the last couple.

    --Ryv

    1. Re:Unfortunately by braddeicide · · Score: 2, Informative

      Its been released with patches cause its already a month old before its released onto ftp

  5. Re:Thoughts on security by donhav · · Score: 2, Informative

    A openBSD release contains far, far more than just the kernel its all the userland as well. IE: things like grep and diff and csh. There are hundreds of these programs. The OpenBSd team puts a lot of effort into making the whole release secure not just the kernel.

  6. Re:Why the delay? by Krunch · · Score: 2, Informative

    I think people who order the CD get it before it is availiable from FTP. The FTP release was set for November 1 but it was changed to October 30. http://deadly.org/article.php3?sid=20031030183459& mode=flat

    --
    No GNU has been Hurd during the making of this comment.
  7. Re:How RedHat's Linux Can Defeat Micr$oft's Windoz by Anonymous Coward · · Score: 1, Informative

    You're wrong. TCP/IP was developed by Berkely and later included in AT&T Unix. Microsoft's TCP/IP is derived from the Berkely (BSD) version.

  8. Re:Thoughts on security by dmiller · · Score: 4, Informative

    Note thst strcpy() and friends _can_ be used safely, and the usage of the ones in the tree before the removal had been audited at least once. For example, the following construct is safe (assuming you check the malloc return):

    len = strlen(foo) + 1;
    bar = malloc(len);
    strcpy(bar, foo);

    But is was easier to just banish them from the tree entirely, so that it is easier to grep for potentially unsafe ones when new code is imported.

  9. Re:Thoughts on security by hey · · Score: 2, Informative

    I can't think of any way to use gets() safely.

    s = malloc(INFINITY);
    gets(s);

  10. Re:From the changelog by Anonymous Coward · · Score: 1, Informative

    You don't understand the *bsd license.

    It is 100% incompatible with the GPL.

    Code can not be released under both.

    It doesn't matter how good or bad the Torald's code is. That has nothing to do with it.

    Shortcut description: bsd code is truly free as in free-for-any-use-just-put-our-notice-on-it but gpl code is only free as in free-but-only-if-you-give-us-any-changes-and-any-o ther-code-that-interacts-too-closely-with-ours.

  11. WRONG by Anonymous Coward · · Score: 2, Informative

    You can relicense the code. Look at the numerous projects out there that are avaliable under multiple licenses.

    1. Re:WRONG by Anonymous Coward · · Score: 1, Informative

      The point is, if you were nice enough, you might be able to convince Linus to re-relase a sliver of his code (in this case the math emulation code in question) under the BSD license.

  12. Re:Via C3 support by Homology · · Score: 5, Informative

    1.6 Gbit/sec of AES-128? Damn, I gotta get me one of these!

    This is before optimization is done, and according to Theo, this is what they are doing right now. The chip is capable of 12.5 Gbit.

  13. Re:OpenBSD performance facts by Caligari · · Score: 4, Informative
    Instead of judging the entire OpenBSD community by a couple of random emails on misc@ (which is the mailing list specifically for stupid questions and answers), why don't you report what the tech@ people were saying?

    If you did, you would how the ACTUAL OpenBSD developers responded to fefe's benchmarks.

    For example, here is what Ted Unangst (a very major committer to OpenBSD) replied to requests for help improving performance:

    "apply the patch below to your mmap benchmark. a real application is unlikely to use pread and mmap. openbsd uses a separate cache for read and mmap calls. while it seems you are attempting to time only a page fault with cached data, that is not happening on openbsd.

    the results for all other OS should remain the same, but OpenBSD improves dramatically. the adjusted benchmark is a much closer match to application behavior in reality."
    Which was followed by above-mentioned patch.

    I don't think it's fair for you to judge an entire operating system community based on the contents of a few selected emails. By doing so, you are being just as biased as you say the others are.

    --
    The moving cursor writes, and having written, blinks on.
  14. Re:A message from Theo by mirabilos · · Score: 4, Informative

    The two bugs you mention, weren't actually bugs
    in OpenBSD.

    * one was a bug in PAM and most GNU vendors
    * one is a bug, but can't be exploited due to
    W^X, propolice, NXSTACK, NXHEAP and friends.

    Heck, I've tried the gobbles exploit again
    against OpenBSD-2.9-OpenSSH where it worked
    back then. It failed to run due to these four.

    --
    My Karma isn't excellent, damn it! (And /. still does not get UTF-8 right in 2012. Wow.)
  15. Re:Why the delay? by puff+the+barbarian · · Score: 1, Informative
    and stickers!

    Sadly, my OBSD3.4 CD set included no stickers. Did anyone else get deprived of their stickers?