Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - some-random-user

#1
26.1, 26,4 Series / Re: CVE-2026-45257
June 18, 2026, 09:52:07 AM
Quote from: franco on June 18, 2026, 09:46:28 AMWe may list CVEs for other vendors, but only if no better reference exists. The FreeBSD advisory is clearly better than the CVE information. It's not even public yet:

All I'm asking is for you to even just mention the CVE number in the release notes; it makes it much easier to verify with certainty that a specific issue is patched in a release. Like so:

Quotesrc: arbitrary file overwrite via the KTLS receive path (CVE-2026-45257, FreeBSD-SA-26:26.ktls)[8]
#2
26.1, 26,4 Series / Re: CVE-2026-45257
June 18, 2026, 09:41:49 AM
Quote from: franco on June 15, 2026, 12:31:35 PM26.1.10 is being released later this afternoon.

Hi Franco,

CVE-2026-45257 is not mentioned anywhere in the release notes for 26.1.10, nor in the numbered footnotes 1 through 24 inclusive.

Can you please confirm that the patch made it into 26.1.10? If so, why is it not mentioned?

Thanks in advance!

----

EDIT to add: It seems to be referred to using its FreeBSD advisory in footnote 8, but not the CVE. IMHO the CVE should ALWAYS be included in the patch notes in addition to vendor-specific references!
#3
Quote from: netnut on August 19, 2024, 10:32:40 PM

-----BEGIN PRIVATE KEY-----
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC4KZ76AUrcCCTl
[---8<---]
g5wIHmFhEye+z7hW2BRr/2pVe3Sy7g==
-----END PRIVATE KEY-----


Please don't do that. Someone will turn around and copy-paste it and use it. :(
#4
General Discussion / Re: RIPE Atlas
May 31, 2024, 05:37:41 PM
I second this -- including the software probe as a package in OPNsense would surely help the RIPE Atlas project greatly.

@franco If you were to reach out to RIPE (atlas at ripe net) they might be willing to sponsor the work required.

https://atlas.ripe.net/docs/howtos/software-probes.html
#5
Hello,

On OPNsense 22.7.7_1:

opnsense-code ports
cd /usr/ports/devel/pcsc-lite
make install


This works, and drops the expected file at /usr/local/etc/rc.d/pcscd.

However, despite the following:
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# pcscd_enable="YES"


Adding a tunable pcscd_enable with value YES is not starting the daemon at boot, even though it starts (and works) if I execute pcscd at the command line.

Any guidance would be most appreciated.

Thanks in advance!