*BSDThis forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
From the time syspatch(8) was initiated with release 6.1, I stopped building -stable systems for my i386/amd64 servers. I continue to track -stable, as I build -stable packages for them. And of course, I track -stable sources, just in case I need a -stable patch that isn't in errata. But my build servers run -release plus syspatch() patches.
I learn about new errata patches through announce@ and through the -c option of syspatch(), executed in each server's daily.local(5) file.
I stopped following -stable when the base compiler for amd64 switch to LLVM/clang, at that point compiling took too long for me on my outdated hardware. I now have slightly less outdated hardware, though outdated and low performing nonetheless.
I may just track -stable sources, use syspatch(8) and then build my own kernel + athn(4) patches.
Please note this extra step I highlighted from the published announcement:
Code:
Errata patches for the kernel have been released for OpenBSD 6.4 and 6.5.
Intel CPUs have a cross privilege side-channel attack. (MDS)
Binary updates for the amd64 platform are available via the syspatch utility.
Source code patches can be found on the respective errata page:
https://www.openbsd.org/errata64.html
https://www.openbsd.org/errata65.html
After patching, run fw_update to get the new CPU microcode, then reboot.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.