Hacker News new | ask | show | jobs
by LeonM 2339 days ago
Wow, Openwall has been really at it when it comes to OpenBSD related vulns.

First with the user authentication vulns [0], now this.

For those running OpenBSD boxes: the patch is available through syspatch, but you may need to change /etc/updateurl to an official OpenBSD CDN, since the patch is still fresh and not yet distributed to all mirrors.

[0] https://www.openbsd.org/errata65.html
2 comments
brynet 2339 days ago
The oss-security@ mailing list is hosted by openwall. This advisory was posted by Qualys Security.
link
LeonM 2339 days ago
Darn, you are right! I need sleep... But first let me patch my boxes.
link
aaron_m04 2339 days ago
Thanks for the tip about needing the official CDN!

It's /etc/installurl not /etc/updateurl.

link