OpenVPN 2.3.17 on OpenBSD 6.0
On Jun 21, the OpenVPN team released an update for the 2.3.x and 2.4.x branches that resolved some newly discovered security vulnerabilities. The OpenVPN team recommends that users "upgrade to OpenVPN 2.4.3 or 2.3.17 as soon as possible". OpenBSD 6.0-which was released Sep 1 2016 and is still receiving security updates to the base system as per OpenBSD's policy-shipped with a package for OpenVPN 2.3.11. Below you will find a patch and instructions for using the ports system to upgrade to version 2.
RANCID and the Octothorpe
RANCID (Really Awesome New Cisco confIg Differ) is a tool for automating the collection of hardware and configuration data from network devices. I recently upgraded an installation from version 2.3.1 to 2.3.8. And naturally, because I didn't have a ton of time to devote to this, stuff broke. It stopped pulling data from some switches. Not all switches, mind, that would be too easy to troubleshoot. Only some.
Net-SNMP v5.7 Issues
The last time I upgraded Net-SNMP it wasn't reporting the hrSystemProcesses OID. I wrote about that here. This time around I've upgraded to v5.7 and discovered two issues so far.
Net-SNMP 5.6.1 Missing hrSystemProcesses OID
I just upgraded a couple of machines to OpenBSD 4.9 and noticed the hrSystemProcesses OID was not being returned by Net-SNMP 5.6.1 (from the 4.9 ports/packages collection) . joel@theta:~% snmpwalk -v2c -c public theta .220.127.116.11.18.104.22.168.6.0 SNMPv2-SMI::mib-22.214.171.124.0 = No Such Instance currently exists at this OID I know for sure this worked on OpenBSD 4.8/Net-SNMP 126.96.36.199. Turns out there is a bug in Net-SNMP 5.6.1 (bug 3166568) that's causing this. It's been fixed in their SVN tree.