headers
NetBSD Security Officer | 8 Mar 2011 13:18
Picon

NetBSD Security Advisory 2011-002: OpenSSL TLS extension parsing race condition


		 NetBSD Security Advisory 2011-002
		 =================================

Topic:		OpenSSL TLS extension parsing race condition.

Version:	NetBSD-current:		source prior to February 11, 2011
		NetBSD 5.0.*:		affected
		NetBSD 5.0:		affected
		NetBSD 5.1:		affected
		NetBSD 4.0.*:		not affected
		NetBSD 4.0:		not affected
		pkgsrc:			openssl package prior to 0.9.8qnb1

Severity:	Denial of Service and potential Information Disclosure

Fixed:		NetBSD-current:		February 11, 2011
		NetBSD-5-0 branch:	February 17, 2011
		NetBSD-5-1 branch:	February 17, 2011
		NetBSD-5 branch:	February 17, 2011
		pkgsrc 2010Q4:		openssl-0.9.8qnb1 corrects this issue

Please note that NetBSD releases prior to 4.0 are no longer supported.
It is recommended that all users upgrade to a supported release.

Abstract
========

Incorrectly formatted ClientHello handshake messages could cause OpenSSL
to parse past the end of the message.
(Continue reading)

Permalink | Reply | 2 comments |
headers
NetBSD Security Officer | 8 Mar 2011 13:19
Picon

NetBSD Security Advisory 2011-003: Exhausting kernel memory from user controlled value


		 NetBSD Security Advisory 2011-003
		 =================================

Topic:		Exhausting kernel memory from user controlled value

Version:	NetBSD-current:		source prior to March 4th, 2011
		NetBSD 5.0.*:		affected
		NetBSD 5.0:		affected
		NetBSD 5.1:		affected
		NetBSD 4.0.*:		affected
		NetBSD 4.0:		affected

Severity:	local DOS

Fixed:		NetBSD-current:		March 4th, 2011
		NetBSD-5-0 branch:	March 7th, 2011
		NetBSD-5-1 branch:	March 7th, 2011
		NetBSD-5 branch:	March 7th, 2011
		NetBSD-4-0 branch:	March 7th, 2011
		NetBSD-4 branch:	March 7th, 2011

Please note that NetBSD releases prior to 4.0 are no longer supported.
It is recommended that all users upgrade to a supported release.

Abstract
========

Kernel memory can be exhausted by a specially crafted program.
This may cause a panic.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jean-Yves Migeon | 13 Mar 2011 12:00
Picon

NetBSD now runs under Amazon EC2

It is with great pleasure that we officially announce the release
of the first NetBSD Amazon Images for the Amazon Elastic Compute
Cloud (better known as Amazon EC2) for all currently available
regions: US East (Northern Virginia), US West (Northern California),
EU (Ireland), Asia Pacific (Singapore), and Asia Pacific (Tokyo).

For those not familiar with the cloud world, Amazon EC2 is an
infrastructure provider. It allows you to rent virtual machines
for your own use utilizing the Amazon Web Services.

Lately, Amazon has opened up its architecture to permit running
third party operating systems within the Amazon cloud. Given that
Amazon uses Xen as the virtualization technology of the cloud,
and that NetBSD has had strong Xen support since the early days,
it was a natural step to make NetBSD run under EC2.

For more information please see the NetBSD EC2 wiki page:

    http://wiki.netbsd.org/amazon_ec2/

For running NetBSD AMIs, all you need is an AWS account, a browser and
an ssh client.

To create and manipulate your own AMIs, or to manipulate storage, the
following packages are available in pkgsrc (http://www.pkgsrc.org):

    - EC2 AMI tools (misc/ec2-ami-tools)
    - EC2 API tools (misc/ec2-api-tools)

I would like to thank:
(Continue reading)

Permalink | Reply | 0 comments |
headers
Antti Kantee | 30 Mar 2011 21:34
Picon

Announcing the NetBSD Port Tier System


	Dear Users of NetBSD,

When the NetBSD project was conceived almost two decades ago, the
hardware scene was different than today.  There was a multitude of
hardware available for running Unix-like operating systems, and as
a key point all hardware had roughly equal capabilities.  The only
sensible choice at that time was to embrace portability.  NetBSD
got portability correct from the start, and other projects followed
in NetBSD's footsteps only years later.

Fast-forwarding to the present day, portability is still of paramount
importance to an operating system.  However, the thing that has
changed is that hardware no longer has roughly equal capabilities:
new hardware with new capabilities and requirements is constantly
being developed, while old hardware remains the same.

Historically, in NetBSD it has been seen that it is the responsibility
of a developer implementing new features to make sure all ports
are up-to-date and working after the change.  This responsibility
constitutes a sizable effort in cases like rearchitecting the kernel
to support modern locking and multiprocessor features, or during
a new toolchain import.

Effective immediately, the project is instating a three-level port
tier system which separates industrially relevant high-activity
ports for modern hardware from the rest.  Focus ports receive
official development priority while the maintenance of other
platforms is made the responsibility of the people using them.
This will allow NetBSD to more efficiently stay on the cutting edge
(Continue reading)

Permalink | Reply | 0 comments |

Gmane