hubertf's NetBSD Blog
Send interesting links to hubert at feyrer dot de!
 
[20160521] Catching up: audio-mixing, arm, x86 and amd64 platform improvements and security
A few noteworthy things have happened in NetBSD land, and being lazy I will collect them in one blog posting. Here we go:
  • In-kernel audio mixing: So far, NetBSD's audio device can only be opened once. If more than one application wants to play sound, the first one wins. This is suboptimal if you want to (say) play some MP3s but also get some occasional noise from your webbrowser.

    Now, Nathanial Sloss has made a stab at this, providing several implementation choices. Challenges in the task are that sounds with different quality (sampling rate, mono/stereo etc.) need to be brought to one common quality before mixing and passing on to the actual audio hardware. Further fun is added by the delay this process adds. See the discussion on tech-kern for all the gory details!

  • Freescale i.MX7 support: Ryo Shimizu has committed support for the Freescale i.MX7 processor and the Atmark Techno Armadillo-IoT G3 board. according to his posting to port-arm (dmesg included), UART, Ethernet, USB, SDHC, RTC, GPIO, WDOG and MULTIPROCESSOR work. Interesting thing of the platform is that is has two Cortex-A7 cores and one Cortex-M4 core, the latter without MMU. Ideas on how to use the latter are welcome! :)

  • PIE binaries with PaX, ASLR+MPROTECT are now the default for i386. ASLR and MPROTECT can be turned off either globally or per-binary if any problems should arise. Be sure to document those exceptions in your risk management! :-)

    More information: PaX, PIE, ASLR, MPROTECT.

  • Platform improvements for i386 and amd64. For amd64, Maxime Villard writes:
     - I cleaned up the asm code and fixed several comments, which makes the
       boot process much easier to understand.
     - I fixed the alignment for the text segment, so that it can be covered by
       more large pages [1] - thereby reducing TLB contention.
     - I fixed a bug in the way the secondary CPUs are launched [2], which
       caused them to crash if they tried to access an X-less page.
     - I took rodata out of the text+rodata chunk, and put it in the data+bss+
       PRELOADED_MODULES+BOOTSTRAP_TABLES chunk [3]. rodata was no longer large
       page optimized, and had RWX permissions.
     - I retook rodata out of the rodata+data+bss+PRELOADED_MODULES+
       BOOTSTRAP_TABLES chunk, and made the kernel map it independently without
       the W permision [4].
     - I made the kernel map rodata without the X permission, by using the NOX
       bit on its pages [5] (now that the secondary CPUs could handle that
       properly).
     - I took the data+bss chunk out of the data+bss+PRELOADED_MODULES+
       BOOTSTRAP_TABLES chunk, and made the kernel map it independently without
       X permission [6].
     - I made the kernel remap rodata and data+bss with large pages and proper
       permissions [7] - which reduces once again TLB contention.
    
    See Maxime's posting to tech-kern for all the footnotes. Likewise, Maxime also tackled i386, and besides the changes from amd64, here is the list of changes from his email:
     - on non-PAE i386, NOX does not exist. Therefore the mappings all have an
       additional X permission. To benefit from X-less mappings, your CPU must
       support PAE, and your kernel must be GENERIC_PAE.
     - the segments are not large-page-aligned, which means that probably some
       parts of the segments are still mapped with normal pages. It is still more
       optimized than it used to be, but not as much as amd64 is.
    


[Tags: , , , , , , , , ]


[20160422] Two more NetBSD Security Advisories: compatibility layers, Bozohttpd
Two more security advisories have been released:

[Tags: , , ]


[20160416] NetBSD Security Advisories: ntp, libXfont, calendar
NetBSD has released a number of security advisories:
  • 2016-001: Multiple vulnerabilities in ntp daemon
  • 2016-002: BDF file parsing issues in libXfont
  • 2016-003: Privilege escalation in calendar(1)
See the advisories for more information on NetBSD releases that are and are not affected, the severity of the vulnerability as well as the date by which which NetBSD release branch was fixed.

The advisories also contain an abstract of the problem as well as in-depth technicals with solutions and workarounds. Go and have a look!

[Tags: , , ]



[20140801] BSDsec - Deadsimple BSD Security Advisories and Announcements
Found on DiscoverBSD, there is now a new website that aims at providing a central point of information for BSD related security information. It covers general and security related announcements from NetBSD, FreeBSD, and OpenBSD.

From DiscoverBSD: ``I take SA and A, and publish them on BSDSec.net website. Aim for website is to be very simple, intuitive and mobile-whatever frendly. Tags are available for better search (in case you want only FreeBSD). I also publish on Twitter. Discussion is available via Reddit.

All process is done by my application, so I do not need to do anything.

How it works?

App is open-source, built with Ruby on Rails. I will write details in my next post, as well with how-to on contributing and so. I have few ideas and anyone is welcome to join me and make this app better! ''

Check out BSDSec!

[Tags: ]



[20140108] Two new NetBSD security advisories: ntpd, libXfont
Two new NetBSD security advisories have been published:
  • NetBSD Security Advisory 2014-001: Stack buffer overflow in libXfont:

    ``A stack buffer overflow in parsing of BDF font files in libXfont was found that can easily be used to crash X programs using libXfont, and likely could be exploited to run code with the privileges of the X program (most nostably, the X server, commonly running as root).

    This vulnerability has been assigned CVE-2013-6462.''

  • NetBSD Security Advisory 2014-002: ntpd used as DDoS amplifier:

    ``An administrative query function is getting used by attackers to use ntp servers as traffic amplifiers. The new version no longer offers this query option.''

See the advisories for technical details, workarounds and proper solutions to fix the problems. All this is fixed in NetBSD-current, patches are available for the NetBSD 5 and 6 releases with their corresponding development branches.

[Tags: , , ]


[20121227] NetBSD 6.0.1 security/bugfix released
The NetBSD Project is pleased to announce NetBSD 6.0.1, the first security/bugfix update of the NetBSD 6.0 release branch. It represents a selected subset of fixes deemed important for security or stability reasons.

To save you from searching, here is the list of relevant changes from the release notes:

Security Fixes

  • expat: Fix CVE-2012-1147, CVE-2012-1148 and CVE-2012-0876.
  • BIND: Address CVE-2012-5688: Named could die on specific queries with dns64 enabled.

General kernel

  • posix_spawn(): Fix processes with attributes.
  • Resolve races between vget() and vrele() resulting in vget() returning dead vnodes.
  • Prevent crash when unsupported fd's are used with kevent.

Networking

  • Fix "atomic fragments" for IPv6.
  • ipf: Fix alignment issues in ipmon. (PR#47101)
  • npf: handle delayed checksums in the network stack. (PR#47235)

File systems

  • smbfs: Make smbfs actually work on big-endian ports.

Drivers

  • ciss(4): don't try to handle sensors if there aren't any.

Platforms

  • x86 (i386, amd64):
    • Work around a possible gcc bug generating bad assembler code. (PR#45673)
    • Disable C1E on AMD K8 CPUs, to prevent freeze during boot.
  • xen:
    • Prevent a memory corruption issue that locks up a Xen DomU, and can potentially cause file system corruption. (PR#47056, PR#47057)
    • Fix: Xen Dom0 NetBSD kernel could crash by adding duplicate xenwatches.

Userland fixes

  • Update to tzdata2012j.
  • cdb: don't refuse to open databases without entries or keys.
  • Address graphics corruption in recent Cairo, manifested most commonly by certain rendered text sections appearing as solid rectangular blocks of color.
The complete list of changes can be found in the CHANGES-6.0.1 file in the top level directory of the NetBSD 6.0.1 release tree.

Complete source and binaries for NetBSD 6.0.1 are available for download at many sites around the world. A list of download sites providing FTP, AnonCVS, SUP, and other services may be found at http://www.NetBSD.org/mirrors/.

P.S.: Don't miss out on the end of NetBSD 2012 fundraise!

[Tags: , ]



[20120130] Latest IPfilter merged into NetBSD-current
Darren Reed is the author if IPfilter and also a NetBSD developer. IPfilter is one of the packet filters available in NetBSD, and the latest version (5.1.1) was imported into NetBSD-current by darren. Citing from his mail to tech-net, there are a few interesting changes and new features:

``To start with, the man pages for ipf(5) and ipnat(5) have been rewritten from scratch to make them easier to understand and thus easier to use the various features in IPFilter. In addition there is now an ipmon(5) that supports delivery of log messages to different destinations - including generating SNMP traps messages.

There are a few new actions that can be used with ipnat.conf. The one that will be of most interest to people is "rewrite" which supports translation of both the source and destination address with a single rule. Use of an rdr/map combination is no longer required. There are also some others that are more experimental. One of those is a "divert" action that takes a packet and puts an IP + UDP header on the front, allowing "raw packets" to be delivered to any socket. Similarly, replies from that socket have the relevant header data removed.

There are a few extras for ipf.conf, most notably it now allows for defining limits on how many different hosts/networks can have a state entry in the state table for each rule. IPFilter 5.1.1 also supports specifying a filter rule group for the filtering of ICMP packets that match an entry in the state table. Additionally, there is a new rule - "decapsulate". This has been designed to allow filtering on "inner headers" of packets that have been encapsulated in clear text. It will, for example, allow filtering on IPv4 headers inside of IPv6 packets (or vice versa.)

It is no longer required to have a separate ipf6.conf file. Both IPv4 and IPv6 packets can be used in the same file. For those that have separate files today, they should not interfere with each other unless you have "block in all" for IPv4 and "pass in all" for IPv6 or similar. In that case, the "block in all" will affect IPv6 traffic. This is a reflection of the internal design where there is now only a single list of filter rules, not one for each protocol. Check the man page for ipf.conf for more details.''

[Tags: , ]



[20111224] The timing of security advisories
It's an old debate on when to release a security advisory: It should be released as early as possible to give people a chance to fix, but at the same time the fixing should be in a coordinated way. "Coordinated" means a fair chance for professional sysadmins to deploy a fix during working hours, and not in the middle of the night on a weekend. Or on the day before chistmas eve. But what if there's a pressing reason, maybe an exploit in the wild?

Apparently FreeBSD's telnetd currently has such a problem, and I think it's fair that Colin Percival as the FreeBSD Security Officer did release the advisory, even if it's in a sub-optimal timeframe.

For those NetBSD uses wondering if there's a similar problem in NetBSD's telnetd: Apparenly an unchecked argument can cause memory corruption by a memcpy length parameter overflow in sub-option processing (for terminal type, size etc.). This was fixed in NetBSD thanks to a hints from Colin. There's no NetBSD Security Advisory yet, but people still using telnetd in production networks may consider rebuilding libtelnet and telnetd.

So, to those of you who have moved to SSH: Happy Holidays!
To the rest: Happy Updating! :-)

[Tags: ]



[20111216] Two new NetBSD Security Advisories: OpenPAM and BIND resolver
The NetBSD Security Officers have released two new security advisories about problems found in 3rd party software that comes bundled with NetBSD's base system, OpenPAM and the BIND resolver.
  • NetBSD Security Advisory 2011-008: OpenPAM privilege escalation

    Affects pkgsrc, all release branches and -current before 2011-11-09, it's fixed in all branches (current, netbsd-4 and -5) after that date.

    Details from the advisory: ``The pam_start() function of OpenPAM doesn't check the "service" argument. With a relative path it can be tricked into reading a config file from an arbitrary location. NetBSD base utilities pass fixed constant strings. 3rd party programs which run with elevated privileges and allow user chosen strings open an attack vector.''

  • NetBSD Security Advisory 2011-009: BIND resolver DoS:

    Affects pkgsrc, all release branches and -current from before 2011-11-20, it's fixed in the CVS branches after 2011-11-20.

    Details from the advisory: ``Unpatched BIND 9 resolvers may cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. ISC provided a patch which makes named recover gracefully from the inconsistency, preventing the abnormal exit.

    The patch has two components. When a client query is handled, the code which processes the response to the client has to ask the cache for the records for the name that is being queried. The first component of the patch prevents the cache from returning the inconsistent data. The second component prevents named from crashing if it detects that it has been given an inconsistent answer of this nature.''

Happy updating!

[Tags: , , , ]


[20100605] Hiding other users' processes
Thus it was asked on #NetBSD:
<batence> I wanna set the top command work only for users process, not
                for all system
<batence> in freebsd command is sysctl security.bsd.see_other_uids=0/1
<batence> but I dunno for netbsd
<batence> eg I don't want users see other uids
<batence> only which they owned
Looking at the output of "sysctl -a" didn'r show anything obvious, but recalling the topic and with some digging, there actually is a sysctl switch for that in NetBSD: security.models.bsd44.curtain=1

Here's an example top(1) output with the default setting (0). My username is "feyrer", note that besides my processes, other users' processes are shown as well:

    load averages:  0.02,  0.01,  0.00;               up 11+15:08:30                           18:38:56
    24 processes: 23 sleeping, 1 on CPU
    CPU states:  0.0% user,  0.0% nice,  0.0% system,  0.0% interrupt,  100% idle
    Memory: 71M Act, 51M Inact, 552K Wired, 5560K Exec, 110M File, 27M Free
    Swap: 512M Total, 335M Used, 178M Free
    
      PID USERNAME PRI NICE   SIZE   RES STATE      TIME   WCPU    CPU COMMAND
        0 root     126    0     0K   16M pgdaemon   5:41  0.00%  0.00% [system]
      492 root      85    0  4792K  608K kqueue     0:06  0.00%  0.00% master
      113 root      85    0  2908K  860K select     0:05  0.00%  0.00% dhclient
      535 root      85    0  2900K  556K nanoslp    0:05  0.00%  0.00% cron
      155 root      85    0  2932K  548K kqueue     0:05  0.00%  0.00% syslogd
      496 postfix   85    0  4792K  888K kqueue     0:01  0.00%  0.00% qmgr
     4409 feyrer    43    0  2984K 1240K CPU        0:00  0.00%  0.00% top
     1197 root      85    0  8640K 3692K netio      0:00  0.00%  0.00% sshd
    24830 root      85    0  8640K 3692K netio      0:00  0.00%  0.00% sshd
     6949 feyrer    85    0  8640K 2828K select     0:00  0.00%  0.00% sshd
    28093 feyrer    85    0  8640K 2828K select     0:00  0.00%  0.00% sshd
    12391 feyrer    85    0  2132K 1876K pause      0:00  0.00%  0.00% tcsh
    25579 feyrer    85    0  2132K 1876K pause      0:00  0.00%  0.00% tcsh
     5773 postfix   85    0  4792K 1868K kqueue     0:00  0.00%  0.00% pickup
     1929 root      85    0  2128K 1828K ttyraw     0:00  0.00%  0.00% tcsh
    29212 root      85    0  2972K 1164K kqueue     0:00  0.00%  0.00% inetd
    25972 root      85    0  2824K 1076K pause      0:00  0.00%  0.00% ksh 
Likewise, I see a number of processes in ps(1):
% ps -aux | wc -l
      26
Now let's change the sysctl:
# sysctl -d security.models.bsd44.curtain
security.models.bsd44.curtain: Curtain information about objects to users not owning them.
# sysctl -w security.models.bsd44.curtain=1
security.models.bsd44.curtain: 0 -> 1
After this, the top(1) output looks like this:
    load averages:  0.02,  0.01,  0.00;               up 11+15:08:45                           18:39:11
    5 processes: 4 sleeping, 1 on CPU
    CPU states:  0.0% user,  0.0% nice,  0.2% system,  0.0% interrupt, 99.8% idle
    Memory: 71M Act, 51M Inact, 552K Wired, 5416K Exec, 110M File, 28M Free
    Swap: 512M Total, 335M Used, 178M Free
    
      PID USERNAME PRI NICE   SIZE   RES STATE      TIME   WCPU    CPU COMMAND
     4409 feyrer    43    0  2984K 1240K CPU        0:00  0.00%  0.00% top
    28093 feyrer    85    0  8640K 2828K select     0:00  0.00%  0.00% sshd
     6949 feyrer    85    0  8640K 2828K select     0:00  0.00%  0.00% sshd
    12391 feyrer    85    0  2132K 1876K pause      0:00  0.00%  0.00% tcsh
    25579 feyrer    85    0  2132K 1876K pause      0:00  0.00%  0.00% tcsh 
This reduced set of processes is also shown in ps(1):
% ps -aux | wc -l
       7
In other words, only my processes are displayed. (If you wonder about the difference between the 7 processes shown in top and the seven ps(1)-lines: the latter includes a heading).

Note that this "filtering" does not apply to the root user, i.e. he can still see all processes.

[Tags: , , , , ]



Previous 10 entries

Tags: , 2bsd, 3com, 501c3, 64bit, acl, acls, acm, acorn, acpi, acpitz, adobe, Advocacy, advocacy, advogato, aes, afs, aiglx, aio, airport, alereon, alex, alix, alpha, altq, am64t, amazon, amd64, anatomy, ansible, apache, apm, apple, arkeia, arla, arm, art, Article, Articles, ascii, asiabsdcon, aslr, asterisk, asus, atf, ath, atheros, atmel, audio, audiocodes, autoconf, avocent, avr32, aws, axigen, azure, backup, balloon, banners, basename, bash, bc, beaglebone, benchmark, bigip, bind, blackmouse, bldgblog, blog, blogs, blosxom, bluetooth, board, bonjour, books, boot, boot-z, bootprops, bozohttpd, bs2000, bsd, bsdca, bsdcan, bsdcertification, bsdcg, bsdforen, bsdfreak, bsdmac, bsdmagazine, bsdnexus, bsdnow, bsdstats, bsdtalk, bsdtracker, bug, build.sh, busybox, buttons, bzip, c-jump, c99, cafepress, calendar, callweaver, camera, can, candy, capabilities, card, carp, cars, cauldron, ccc, ccd, cd, cddl, cdrom, cdrtools, cebit, centrino, cephes, cert, certification, cfs, cgd, cgf, checkpointing, china, christos, cisco, cloud, clt, cobalt, coccinelle, codian, colossus, common-criteria, community, compat, compiz, compsci, concept04, config, console, contest, copyright, core, cortina, coverity, cpu, cradlepoint, cray, crosscompile, crunchgen, cryptography, csh, cu, cuneiform, curses, curtain, cuwin, cvs, cvs-digest, cvsup, cygwin, daemon, daemonforums, daimer, danger, darwin, data, date, dd, debian, debugging, dell, desktop, devd, devfs, devotionalia, df, dfd_keeper, dhcp, dhcpcd, dhcpd, dhs, diezeit, digest, digests, dilbert, dirhash, disklabel, distcc, dmesg, Docs, Documentation, donations, draco, dracopkg, dragonflybsd, dreamcast, dri, driver, drivers, drm, dsl, dst, dtrace, dvb, ec2, eclipse, eeepc, eeepca, ehci, ehsm, eifel, elf, em64t, Embedded, embedded, emips, emulate, encoding, envsys, eol, espresso, etcupdate, etherip, euca2ools, eucalyptus, eurobsdcon, eurosys, Events, exascale, ext3, f5, facebook, falken, fan, faq, fatbinary, features, fefe, ffs, filesystem, fileysstem, firefox, firewire, fireworks, flag, flash, flashsucks, flickr, flyer, fmslabs, force10, fortunes, fosdem, fpga, freebsd, freedarwin, freescale, freex, freshbsd, friendlyAam, friendlyarm, fritzbox, froscamp, fsck, fss, fstat, ftp, ftpd, fujitsu, fun, fundraising, funds, funny, fuse, fusion, g4u, g5, galaxy, games, gcc, gdb, gentoo, geode, getty, gimstix, git, gnome, google, google-soc, googlecomputeengine, gpio, gpl, gprs, gracetech, gre, groff, groupwise, growfs, grub, gumstix, guug, gzip, hackathon, hackbench, hal, hanoi, happabsd, hardware, Hardware, haze, hdaudio, heat, heimdal, hf6to4, hfblog, hfs, history, hosting, hotplug, hp, hp700, hpcarm, hpcsh, hpux, html, httpd, hubertf, hurd, i18n, i386, i386pkg, ia64, ian, ibm, ids, ieee, ifwatchd, igd, iij, image, images, imx233, imx7, information, init, initrd, install, intel, interix, internet2, interview, interviews, io, ioccc, iostat, ipbt, ipfilter, ipmi, ipplug, ipsec, ipv6, irbsd, irc, irix, iscsi, isdn, iso, isp, itojun, jail, jails, japanese, java, javascript, jetson, jibbed, jihbed, jobs, jokes, journaling, kame, kauth, kde, kerberos, kergis, kernel, keyboardcolemak, kirkwood, kitt, kmod, kolab, kvm, kylin, l10n, landisk, laptop, laptops, law, ld.so, ldap, lehmanns, lenovo, lfs, libc, license, licensing, linkedin, links, linksys, linux, linuxtag, live-cd, lkm, localtime, locate.updatedb, logfile, logging, logo, logos, lom, lte, lvm, m68k, macmini, macppc, macromedia, magicmouse, mahesha, mail, makefs, malo, mame, manpages, marvell, matlab, maus, max3232, mbr95, mbuf, mca, mdns, mediant, mediapack, meetbsd, mercedesbenz, mercurial, mesh, meshcube, mfs, mhonarc, microkernel, microsoft, midi, mini2440, miniroot, minix, mips, mirbsd, missile, mit, mixer, mobile-ip, modula3, modules, money, mouse, mp3, mpls, mprotect, mtftp, mult, multics, multilib, multimedia, music, mysql, named, nas, nasa, nat, ncode, ncq, ndis, nec, nemo, neo1973, netbook, netboot, netbsd, netbsd.se, nethack, nethence, netksb, netstat, netwalker, networking, neutrino, nforce, nfs, nis, npf, npwr, nroff, nslu2, nspluginwrapper, ntfs-3f, ntp, nullfs, numa, nvi, nvidia, nycbsdcon, office, ofppc, ohloh, olimex, olinuxino, olpc, onetbsd, openat, openbgpd, openblocks, openbsd, opencrypto, opendarwin, opengrok, openmoko, openoffice, openpam, openrisk, opensolaris, openssl, or1k, oracle, oreilly, oscon, osf1, osjb, paas, packages, pad, pae, pam, pan, panasonic, parallels, pascal, patch, patents, pax, paypal, pc532, pc98, pcc, pci, pdf, pegasos, penguin, performance, pexpect, pf, pfsync, pgx32, php, pie, pike, pinderkent, pkg_install, pkg_select, pkgin, pkglint, pkgmanager, pkgsrc, pkgsrc.se, pkgsrcCon, pkgsrccon, Platforms, plathome, pleiades, pocketsan, podcast, pofacs, politics, polls, polybsd, portability, posix, postinstall, power3, powernow, powerpc, powerpf, pppoe, precedence, preemption, prep, presentations, prezi, Products, products, proplib, protectdrive, proxy, ps, ps3, psp, psrset, pthread, ptp, ptyfs, Publications, puffs, puredarwin, pxe, qemu, qnx, qos, qt, quality-management, quine, quote, quotes, r-project, ra5370, radio, radiotap, raid, raidframe, rants, raptor, raq, raspberrypi, rc.d, readahead, realtime, record, refuse, reiserfs, Release, Releases, releases, releng, reports, resize, restore, ricoh, rijndael, rip, riscos, rng, roadmap, robopkg, robot, robots, roff, rootserver, rotfl, rox, rs323, rs6k, rss, ruby, rump, rzip, sa, safenet, san, sata, savin, sbsd, scampi, scheduler, scheduling, schmonz, sco, screen, script, sdf, sdtemp, secmodel, Security, security, sed, segvguard, seil, sendmail, serial, serveraptor, sfu, sge, sgi, sgimips, sh, sha2, shark, sharp, shisa, shutdown, sidekick, size, slackware, slashdot, slides, slit, smbus, smp, sockstat, soekris, softdep, softlayer, software, solaris, sony, sound, source, source-changes, spanish, sparc, sparc64, spider, spreadshirt, spz, squid, ssh, sshfs, ssp, statistics, stereostream, stickers, storage, stty, studybsd, subfile, sudbury, sudo, summit, sun, sun2, sun3, sunfire, sunpci, support, sus, suse, sushi, susv3, svn, swcrypto, symlinks, sysbench, sysctl, sysinst, sysjail, syslog, syspkg, systat, systrace, sysupdate, t-shirt, tabs, talks, tanenbaum, tape, tcp, tcp/ip, tcpdrop, tcpmux, tcsh, teamasa, tegra, teredo, termcap, terminfo, testdrive, testing, tetris, tex, TeXlive, thecus, theopengroup, thin-client, thinkgeek, thorpej, threads, time, time_t, timecounters, tip, tk1, tme, tmp, tmpfs, tnf, toaster, todo, toolchain, top, torvalds, toshiba, touchpanel, training, translation, tso, tty, ttyrec, tulip, tun, tuning, uboot, ucom, udf, ufs, ukfs, ums, unetbootin, unicos, unix, updating, upnp, uptime, usb, usenix, useradd, userconf, userfriendly, usermode, usl, utc, utf8, uucp, uvc, uvm, valgrind, vax, vcfe, vcr, veriexec, vesa, video, videos, virtex, virtualization, vm, vmware, vnd, vobb, voip, voltalinux, vpn, vpnc, vulab, w-zero3, wallpaper, wapbl, wargames, wasabi, webcam, webfwlog, wedges, wgt624v3, wiki, willcom, wimax, window, windows, winmodem, wireless, wizd, wlan, wordle, wpa, wscons, wstablet, X, x.org, x11, x2apic, xbox, xcast, xen, Xen, xfree, xfs, xgalaxy, xilinx, xkcd, xlockmore, xmms, xmp, xorg, xscale, youos, youtube, zaurus, zdump, zfs, zlib

'nuff. Grab the RSS-feed, index, or go back to my regular NetBSD page

Disclaimer: All opinion expressed here is purely my own. No responsibility is taken for anything.

Access count: 23849908
Copyright (c) Hubert Feyrer