similar to: [PATCH] Fix configure warning on FreeBSD

On 9/21/2013 5:49 AM, Bryan Drewery wrote: > Ports now support enabling Stack Protector [1] support on FreeBSD 10 > i386 and amd64, and older releases on amd64 only currently. > > Support may be added for earlier i386 releases once all ports properly > respect LDFLAGS. > > To enable, just add WITH_SSP=yes to your make.conf and rebuild all ports. > > The default

On 9/21/2013 5:49 AM, Bryan Drewery wrote: > Ports now support enabling Stack Protector [1] support on FreeBSD 10 > i386 and amd64, and older releases on amd64 only currently. > > Support may be added for earlier i386 releases once all ports properly > respect LDFLAGS. > > To enable, just add WITH_SSP=yes to your make.conf and rebuild all ports. > > The default

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:08.linux Security Advisory The FreeBSD Project Topic: Linux compatibility layer input validation error Category: core Module: kernel

OpenSSH 7.0 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community

Ports and Package users, Ports now have SSP enabled by default. The package repository will now build SSP by default as well. SSP is "Stack Smashing Protection" and can be read about at https://en.wikipedia.org/wiki/Buffer_overflow_protection. This only applies to the head (/latest) packages, not the Quarterly branch packages. This applies to the ports checkout that portsnap uses.

Ports and Package users, Ports now have SSP enabled by default. The package repository will now build SSP by default as well. SSP is "Stack Smashing Protection" and can be read about at https://en.wikipedia.org/wiki/Buffer_overflow_protection. This only applies to the head (/latest) packages, not the Quarterly branch packages. This applies to the ports checkout that portsnap uses.

Ports and Package users, Ports now have SSP enabled by default. The package repository will now build SSP by default as well. SSP is "Stack Smashing Protection" and can be read about at https://en.wikipedia.org/wiki/Buffer_overflow_protection. This only applies to the head (/latest) packages, not the Quarterly branch packages. This applies to the ports checkout that portsnap uses.

Belgardt, Wolfgang wrote: >Hello all, > >can somebody say me if it is supported to locate the secrets.tbd on a NFS share, please? >I have smbd version 2.2.12 based HP CIFS Server A.01.11.04 in HP ServiceGuard Configuration. >If the secrets.tbd is on a local path samba smbd start and run fine, but when secrets.tbd file is locate in >a path which is a NFS share smbd hangs. >I

Hi, I dare to send you this very small patch that defines LOCKED_PASSWD_STRING for the FreeBSD operating system. The manpage had been unclear about this for a long time, up to 5.x days. Since 6.x, it has been made clearer, and thanks to Ceri Davies who highlighted this feature in OpenSSH, I made this patch. I hope this will reach OpenSSH source tree. This is not a big deal and I would add

Hi, I noticed that the glusterfs client tries to set ulimit -n to 1M. When I run booster with non-privileged user, the following line appears several times in the log file: [2009-09-14 09:15:22] W [client-protocol.c:6010:init] brick-0-0-0: WARNING: Failed to set 'ulimit -n 1M': Operation not permitted When I run it with root, there's no such complaint even though

Greetings, Are there any plans to import SCTP support to OpenSSH? There have been SCTP patches for OSX and FreeBSD, and those seem to work pretty decently. I guess there might quite a number of potential users for SCTP were it part of the common source tree. A second benefit of having SCTP support as a standard feature in OpenSSH for all platforms supporting SCTP would be kind of social pressure

Am I the only person to be seeing this log message from sshd: fatal: cipher_init: EVP_CipherInit: set key failed for aes128-cbc [preauth] ? (security/openssh-portable, with HPN patches and MIT Kerberos, although Kerberos is not actually configured on this server.) A work-around is to disable aes128-cbc in sshd_config, but it would be nice not to have my logs spammed with this. Currently

Hi all. I have an old windows VM with an oldish cygwin that I use for the regression tests. Investigating one of the test failures, I see that it's for UsePrivilegeSeparation=sandbox, and it seems to be because setrlimit(RLIMIT_FSIZE, ...) is not supported. IMO, this isn't a big loss, since the most useful thing in the rlimit "sandbox" is the descriptor limits. Can anyone see

Hi! I wrote a small patch to enable /etc/limits support in openssh. nice thing when you don't have PAM installed.. It is based on Ultor's openssh 1.x patch (http://marc.theaimsgroup.com/?l=secure-shell&m=96427677022741&w=2) Works fine on slackware7.1. define USE_ETC_LIMITS in config.h , and compile as usual. Sagi -------------- next part -------------- diff -N -u

Hi, Ever since 'without-password' became an option, I've thought it would make a better default (and I actually used to patch it that way when I was the Debian Maintainer. My successors think that it's more important to minimise the size of the patch, which is also a reasonable point). The thing that prompted me to finally mention this here, is this story:

Hi, with a low soft limit on file descriptors, dovecot 2.2.15 warns on startup: Warning: fd limit (ulimit -n) is lower than required under max. load (256 < 1000), because of default_client_limit It could try increasing the limit first, and only report the warning if that fails. I'm attaching a patch that does just this. Without the patch, the soft fd limit is kept at whatever it

Hi, So I screwed up when writing the support for the curve25519 KEX method that doesn't depend on OpenSSL's BIGNUM type - a bug in my code left leading zero bytes where they should have been skipped. The impact of this is that OpenSSH 6.5 and 6.6 will fail during key exchange with a peer that implements curve25519-sha256 at libssh.org properly about 0.2% of the time (one in every 512ish

Version 2.0.5a (same prob w/2.0.4b, though). smbsh segfaults after I enter my password. As root, it just seg faults. As my login user, it dumps core. Attached is a script of an strace of it. Running RH 6.0, kernel 2.2.10, AMD K6-2/350, 64M RAM. Configure options were: CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=%{pref} --libdir=/etc \ --with-lockdir=/var/lock/samba

I was able to build working openssh-3.7.1p1 on the Darwin-ppc-1.4 , 5.5, and 6.0 platform, by setting the following by hand in config.h. #define SETEUID_BREAKS_SETUID #define BROKEN_SETREUID #define HAVE_SETEUID 1 /* #undef HAVE_SETREUID 1 */ For Darwin-x86-6.6.1, it built with the following. #define SETEUID_BREAKS_SETUID /* #undef BROKEN_SETREUID */ #define HAVE_SETEUID 1 /* #undef

On Fri, Aug 21, 2020 at 09:06:59AM +0000, Eric Wong wrote: > Going back to the "prioritizing aggregated DBs" thread from > February 2020, I've got 390 Xapian shards for 130 public inboxes > I want to search against(*). There's more on the horizon (we're > expecting tens of thousands of public inboxes). Was that "(*)" meant to have a matching footnote?