[Fwd: OpenBSD 4.5 released, May 1, 2009]

Janne Johansson jj at it.su.se
Thu Apr 30 22:26:09 CEST 2009

Theo de Raadt wrote:
> ------------------------------------------------------------------------
> May 1, 2009.
> We are pleased to announce the official release of OpenBSD 4.5.
> This is our 25th release on CD-ROM (and 26th via FTP).  We remain
> proud of OpenBSD's record of more than ten years with only two remote
> holes in the default install.
> As in our previous releases, 4.5 provides significant improvements,
> including new features, in nearly all areas of the system:
> - New/extended platforms:
>     o Initial ports to the xscale based gumstix platform and the ARM
>       based OpenMoko
>     o OpenBSD/sparc64
>       o New vdsk(4) and vnet(4) drivers provide support for virtual
>         I/O between logical domains on Sun's CoolThreads servers,
>         including UltraSPARC T2+ machines.
>       o Workstations and laptops with UltraSPARC IIe CPUs can now scale
>         down the CPU frequency to save power. 
> - Improved hardware support, including:
>     o Several new/improved drivers for sensors, including:
>       o The cac(4)  driver now has bio and sensor support.
>       o The mpi(4) driver now has bio and sensor support.
>       o New gpiodcf(4) driver for DCF77/HBG timedelta sensors
>         through GPIO pins.
>       o New schsio(4) driver for SMSC SCH311x LPC Super I/O devices.
>       o The it(4) driver now supports IT8720F chips.
>       o The it(4) driver now supports FAN4 and FAN5 sensors for
>         IT8716F/IT8718F/IT8720F/IT8726F chips.
>       o The owtemp(4) driver now supports Maxim/Dallas DS18B20 and
>         DS1822 temperature sensors.
>       o The km(4) driver now supports AMD Family 11h
>         processors (Turion X2 Ultra et al).
>       o The lm(4) driver now supports W83627DHG attachment on the ICC bus.
>       o The lmenv(4) driver now has better support for the fan sensors
>         on lm81, adm9240 and ds1780 chips.
>       o The sdtemp(4) driver now supports ST STTS424 chips. 
>     o The em(4) driver now supports ICH9 IGP M and IGP M AMT chips.
>     o The sdmmc(4) driver now supports SDHC cards.
>     o The msk(4) driver now supports Yukon-2 FE+ (88E8040, 88E8042) based
>       devices.
>     o The iwn(4) driver now supports Intel WiFi Link 5100/5300 devices.
>     o The wpi(4) and iwn(4) drivers now support hardware CCMP cryptography.
>     o The ath(4) driver now has WPA-PSK support.
>     o age(4), a driver for Attansic L1 gigabit Ethernet devices was added.
>     o ale(4), a driver for Atheros AR81xx (aka Attansic L1E) Ethernet
>       devices was added.
>     o mos(4), a driver for Moschip MCS7730/7830 10/100 USB Ethernet
>       devices was added.
>     o jme(4), a driver for JMicron JMC250/JMC260 10/100 and Gigabit
>       Ethernet devices was added.
>     o run(4), a driver for Ralink USB IEEE 802.11a/b/g/Draft-N devices
>       was added.
>     o auacer(4), a driver for Acer Labs M5455 audio devices was added.
>     o ifb(4), a driver for Sun Expert3D, Expert3D-Lite, XVR-500, XVR-600
>       and XVR-1200 framebuffers (accelerated).
>     o wildcatfb(4), an X driver for Sun Expert3D, Expert3D-Lite, XVR-500,
>       XVR-600 and XVR-1200 framebuffers (unaccelerated).
>     o sunffb(4), an accelerated X driver for Sun Creator, Creator 3D and
>       Elite 3D framebuffers.
>     o vdsk(4), a driver for virtual disks of sun4v logical domains.
>     o vnet(4), a driver for virtual network adapters of sun4v logical domains.
>     o vrng(4), a driver for the random number generator on Sun
>       UltraSPARC T2/T2+ CPUs.
>     o The vcons(4) driver is now interrupt driven.
>     o ips(4), a driver for IBM SATA/SCSI ServeRAID controllers was added.
>     o udfu(4), a driver for device firmware upgrade (DFU) was added.
>     o Many improvements were made to the acpi(4) subsystem.
>     o The umsm(4) driver supports several new EVDO/UMTS devices.
>     o The mfi(4) driver now supports the next generation of
>       MegaRAID SAS controllers.
>     o New vsbic(4) driver for the MVME327A SCSI and floppy controller
>       on mvme88k machines.
>     o The re(4) driver, now supports 8168D/8111D-based devices.
>     o The ehci(4) driver now supports isochronous transfers.
>     o S/PDIF output support has been added to the ac97(4), auich(4),
>       auvia(4) and azalia(4) drivers.
>     o azalia(4) mixer has been clarified and simplified, support for 20-bit
>       and 24-bit encodings has been added. 
>     o The gbe(4) frame buffer driver now supports acceleration.
> - New tools:
>     o ypldap(8), an YP server using LDAP as a backend.
>     o xcompmgr(1) was added to xenocara. 
> - New functionality:
>     o The libc resolver(3) may now be forced to perform lookups by TCP
>       only using a new resolv.conf(5) option. The nameserver declaration
>       in resolv.conf(5) has also been extended to allow specification
>       of non-default nameserver ports.
>     o apropos(1) has two new options (-S and -s) to allow searching by
>       machine architecture and manual section.
>     o aucat(1) now has audio server capability. Audio devices can be
>       shared between multiple applications. Applications can run natively
>       on fixed sample rate devices or on devices with unusual encodings.
>       Multi-channel audio devices can be split into smaller independent
>       subdevices.
>     o aucat(1) now has a deviceless mode, in which it can be used as a
>       general purpose audio file format conversion utility (to mix,
>       demultiplex, resample or reencode files).
>     o ifconfig(8) can now list channels supported by an IEEE 802.11 device.
>     o New views were added to systat(8): malloc, bucket and pool. Improvements
>       were made to existing views.
>     o vnconfig(8) can now create devices with arbitrary geometry with the
>       new -t option.
>     o FFS filesystems are now supported on most devices, e.g. CD's, that have
>       sector sizes other than 512 bytes.
>     o Disklabels are now correctly placed and found on most devices,
>       e.g. CD's, that have sector sizes other than 512 bytes. 
> - Assorted improvements and code cleanup:
>     o malloc(3) has gained new attack mitigation measures; critical
>       bookkeeping structures are protected at runtime using mprotect(2)
>       and allocated at random addresses where possible.
>     o A new version of the gdtoa code has been integrated, bringing
>       better C99 support to printf(3) and friends.
>     o Vastly improved C99 support in libm, including complex math support.
> - Install/Upgrade process changes:
>     o crunchgen(1) and crunchide(1) have been merged into crunchgen(8),
>       which is now built and installed by default.
>     o mksuncd(1) now lives in base and is installed by default.
>     o CD-ROM installs are now supported on SGI.
>     o Accept initial root passwords containing backslash characters. 
>     o Install now allows multiple interfaces to be configured with dhcp(8).
>     o Upgrades now use the minimal protocols(5) and services(5) files
>       provided on the install media.
>     o The install media no longer contain a disktab(5) file.
>     o Serial console speed is correctly determined on macppc. 
> - OpenSSH 5.2:
>     o New features:
>       o Added an option to ssh(1) to force logging to syslog rather
>         than stderr.
>       o The sshd_config(5) ForceCommand directive now accepts commandline
>         arguments for the internal-sftp server.
>       o The ssh(1) ~C escape commandline now support runtime creation of
>         dynamic port forwards.
>       o Support the SOCKS4A protocol in ssh(1) dynamic forwards.
>       o Support remote port forwarding with a listen port of '0'.
>       o sshd(8) now supports setting PermitEmptyPasswords and
>         AllowAgentForwarding in Match blocks. 
>     o The following significant bugs have been fixed in this release:
>       o Repair a ssh(1) crash introduced in openssh-5.1 when the
>         client is sent a zero-length banner.
>       o The eow at openssh.com and no-more-sessions at openssh.com protocol
>         extensions are now only sent to peers that identify
>         themselves as OpenSSH.
>       o Avoid printing "Non-public channel" warnings in sshd(8), since ssh(1)
>         has sent incorrect channel numbers since ~2004; make ssh(1) send the
>         correct channel number for SSH2_MSG_CHANNEL_SUCCESS and
>       o Avoid double-free in ssh(1) ~C escape -L handler.
>       o Correct fail-on-error behaviour in sftp(1) batchmode for remote
>         stat operations.
>       o Avoid hang in ssh(1) when attempting to connect to a server that
>         has MaxSessions set to zero. 
> - Over 5,500 ports, minor robustness improvements in package tools.
>     o Many pre-built packages for each architecture:
>       i386:   5379    sparc64:  5174    alpha: 5132    sh:     1543
>       amd64:  5312    powerpc:  5162    sparc: 2651    mips64: 3278
>       arm:    4120    hppa:     4689    vax:   1718
>     o Highlights include:
>       o Gnome 2.24.3.
>       o GNUstep 1.18.0.
>       o KDE 3.5.10.
>       o Mozilla Firefox 3.0.6.
>       o Mozilla Thunderbird
>       o MySQL 5.0.77.
>       o OpenOffice.org 2.4.2 and 3.0.1.
>       o PostgreSQL 8.3.6.
>       o Xfce 4.4.3.
>       o OpenArena 0.8.1 (only for amd64, i386 and macppc) 
> - As usual, steady improvements in manual pages and other documentation.
> - The system includes the following major components from outside
>   suppliers:
>       o Xenocara (based on X.Org 7.4 + patches, freetype 2.3.7,
>         fontconfig 2.4.2, Mesa 7.2, xterm 239 and more)
>       o Gcc 2.95.3 (+ patches) and 3.3.5 (+ patches)
>       o Perl 5.10.0 (+ patches)
>       o Our improved and secured version of Apache 1.3, with SSL/TLS
>         and DSO support
>       o OpenSSL 0.9.8j (+ patches)
>       o Groff 1.15
>       o Sendmail 8.14.3, with libmilter
>       o Bind 9.4.2-P2 (+ patches)
>       o Lynx 2.8.5rel.4 with HTTPS and IPv6 support (+ patches)
>       o Sudo 1.7
>       o Ncurses 5.2
>       o Latest KAME IPv6
>       o Heimdal 0.7.2 (+ patches)
>       o Arla 0.35.7
>       o Binutils 2.15 (+ patches)
>       o Gdb 6.3 (+ patches) 
> If you'd like to see a list of what has changed between OpenBSD 4.4
> and 4.5, look at
>         http://www.OpenBSD.org/plus45.html
> Even though the list is a summary of the most important changes
> made to OpenBSD, it still is a very very long list.
> We provide patches for known security threats and other important
> issues discovered after each CD release.  As usual, between the
> creation of the OpenBSD 4.5 FTP/CD-ROM binaries and the actual 4.5
> release date, our team found and fixed some new reliability problems
> (note: most are minor and in subsystems that are not enabled by
> default).  Our continued research into security means we will find
> new security problems -- and we always provide patches as soon as
> possible.  Therefore, we advise regular visits to
>         http://www.OpenBSD.org/security.html
> and
> 	http://www.OpenBSD.org/errata.html
> Security patch announcements are sent to the security-announce at OpenBSD.org
> mailing list.  For information on OpenBSD mailing lists, please see:
> 	http://www.OpenBSD.org/mail.html
> OpenBSD 4.5 is also available on CD-ROM.  The 3-CD set costs $50 CDN and
> is available via mail order and from a number of contacts around the
> world.  The set includes a colourful booklet which carefully explains the
> installation of OpenBSD.  A new set of cute little stickers is also
> included (sorry, but our FTP mirror sites do not support STP, the Sticker
> Transfer Protocol).  As an added bonus, the second CD contains an audio
> track, a song entitled "Games".  MP3 and OGG versions of the audio track
> can be found on the first CD.
> Lyrics (and an explanation) for the songs may be found at:
>     http://www.OpenBSD.org/lyrics.html#45
> Profits from CD sales are the primary income source for the OpenBSD
> project -- in essence selling these CD-ROM units ensures that OpenBSD
> will continue to make another release six months from now.
> The OpenBSD 4.5 CD-ROMs are bootable on the following four platforms:
>   o i386
>   o amd64
>   o macppc
>   o sparc64
> (Other platforms must boot from floppy, network, or other method).
> For more information on ordering CD-ROMs, see:
>         http://www.OpenBSD.org/orders.html
> The above web page lists a number of places where OpenBSD CD-ROMs
> can be purchased from.  For our default mail order, go directly to:
>         https://https.OpenBSD.org/cgi-bin/order
> All of our developers strongly urge you to buy a CD-ROM and support
> our future efforts.  Additionally, donations to the project are
> highly appreciated, as described in more detail at:
>         http://www.OpenBSD.org/goals.html#funding
> For those unable to make their contributions as straightforward gifts,
> the OpenBSD Foundation (http://www.openbsdfoundation.org) is a Canadian
> not-for-profit corporation that can accept larger contributions and
> issue receipts.  In some situations, their receipt may qualify as a
> business expense writeoff, so this is certainly a consideration for
> some organizations or businesses.  There may also be exposure benefits
> since the Foundation may be interested in participating in press releases.
> In turn, the Foundation then uses these contributions to assist OpenBSD's
> infrastructure needs.  Contact the foundation directors at
> directors at openbsdfoundation.org for more information.
> The OpenBSD distribution companies also sell tshirts and polo shirts.
> And our users like them too.  We have a variety of shirts available,
> with the new and old designs, from our web ordering system at, as
> described above.
> The OpenBSD 4.5 t-shirts are available now.  We also sell our older
> shirts, as well as a selection of OpenSSH t-shirts.
> If you choose not to buy an OpenBSD CD-ROM, OpenBSD can be easily
> installed via FTP.  Typically you need a single small piece of boot
> media (e.g., a boot floppy) and then the rest of the files can be
> installed from a number of locations, including directly off the
> Internet.  Follow this simple set of instructions to ensure that
> you find all of the documentation you will need while performing
> an install via FTP.  With the CD-ROMs, the necessary documentation
> is easier to find.
> 1) Read either of the following two files for a list of ftp
>    mirrors which provide OpenBSD, then choose one near you:
>         http://www.OpenBSD.org/ftp.html
>         ftp://ftp.OpenBSD.org/pub/OpenBSD/4.5/ftplist
>    As of May 1, 2009, the following ftp mirror sites have the 4.5 release:
> 	ftp://ftp.stacken.kth.se/pub/OpenBSD/4.5/	Sweden
> 	ftp://ftp2.usa.openbsd.org/pub/OpenBSD/4.5/	NYC, USA
> 	ftp://ftp3.usa.openbsd.org/pub/OpenBSD/4.5/	CO, USA
> 	ftp://ftp5.usa.openbsd.org/pub/OpenBSD/4.5/	CA, USA
> 	ftp://rt.fm/pub/OpenBSD/4.5/			IL, USA
> 	The release is also available at the master site:
> 	ftp://ftp.openbsd.org/pub/OpenBSD/4.5/	Alberta, Canada
> 	However it is strongly suggested you use a mirror. 
>    Other mirror sites may take a day or two to update.
> 2) Connect to that ftp mirror site and go into the directory
>    pub/OpenBSD/4.5/ which contains these files and directories.
>    This is a list of what you will see:
>         ANNOUNCEMENT   amd64/         macppc/        sys.tar.gz
>         Changelogs/    armish/        mvme68k/       tools/
>         HARDWARE       ftplist        packages/      vax/
>         PACKAGES       hp300/         ports.tar.gz   xenocara.tar.gz
>         PORTS          hppa/          root.mail      zaurus/
>         README         i386/          sparc/
>         SIZES          landisk/       sparc64/
>         alpha/         mac68k/        src.tar.gz
>    It is quite likely that you will want at LEAST the following
>    files which apply to all the architectures OpenBSD supports.
>         README          - generic README
>         HARDWARE        - list of hardware we support
>         PORTS           - description of our "ports" tree
>         PACKAGES        - description of pre-compiled packages
>         root.mail       - a copy of root's mail at initial login.
> 			  (This is really worthwhile reading).
> 3) Read the README file.  It is short, and a quick read will make
>    sure you understand what else you need to fetch.
> 4) Next, go into the directory that applies to your architecture,
>    for example, i386.  This is a list of what you will see:
> 	INSTALL.i386    cd45.iso        floppyB45.fs    pxeboot*
> 	INSTALL.linux   cdboot*         floppyC45.fs    xbase45.tgz
> 	MD5             cdbr*           game45.tgz      xetc45.tgz
> 	base45.tgz      cdemu45.iso     index.txt       xfont45.tgz
> 	bsd*            comp45.tgz      install45.iso   xserv45.tgz
> 	bsd.mp*         etc45.tgz       man45.tgz       xshare45.tgz
> 	bsd.rd*         floppy45.fs     misc45.tgz
>    If you are new to OpenBSD, fetch _at least_ the file INSTALL.i386
>    and the appropriate floppy*.fs or install45.iso files.  Consult the
>    INSTALL.i386 file if you don't know which of the floppy images
>    you need (or simply fetch all of them).
>    If you use the install45.iso file (roughly 200MB in size), then you
>    do not need the various *.tgz files since they are contained on that
>    one-step ISO-format install CD.
> 5) If you are an expert, follow the instructions in the file called
>    README; otherwise, use the more complete instructions in the
>    file called INSTALL.i386.  INSTALL.i386 may tell you that you
>    need to fetch other files.
> 6) Just in case, take a peek at:
>         http://www.OpenBSD.org/errata.html
>    This is the page where we talk about the mistakes we made while
>    creating the 4.5 release, or the significant bugs we fixed
>    post-release which we think our users should have fixes for.
>    Patches and workarounds are clearly described there.
> Note: If you end up needing to write a raw floppy using Windows,
>       you can use "fdimage.exe" located in the pub/OpenBSD/4.5/tools
>       directory to do so.
> X.Org has been integrated more closely into the system.  This release
> contains X.Org 7.4.  Most of our architectures ship with X.Org, including
> amd64, sparc, sparc64 and macppc.  During installation, you can install
> X.Org quite easily.  Be sure to try out xdm(1) and see how we have
> customized it for OpenBSD.
> The OpenBSD ports tree contains automated instructions for building
> third party software.  The software has been verified to build and
> run on the various OpenBSD architectures.  The 4.5 ports collection,
> including many of the distribution files, is included on the 3-CD
> set.  Please see the PORTS file for more information.
> Note: some of the most popular ports, e.g., the Apache web server
> and several X applications, come standard with OpenBSD.  Also, many
> popular ports have been pre-compiled for those who do not desire
> to build their own binaries (see BINARY PACKAGES, below).
> A large number of binary packages are provided.  Please see the PACKAGES
> file (ftp://ftp.OpenBSD.org/pub/OpenBSD/4.5/PACKAGES) for more details.
> The CD-ROMs contain source code for all the subsystems explained
> above, and the README (ftp://ftp.OpenBSD.org/pub/OpenBSD/4.5/README)
> file explains how to deal with these source files.  For those who
> are doing an FTP install, the source code for all four subsystems
> can be found in the pub/OpenBSD/4.5/ directory:
>         xenocara.tar.gz     ports.tar.gz   src.tar.gz     sys.tar.gz
> OpenBSD 4.5 includes artwork and CD artistic layout by Ty Semaka,
> who also arranged an audio track on the OpenBSD 4.5 CD set.  Ports
> tree and package building by Jasper Lievisse Adriaanse, Michael Erdely,
> Simon Bertrang, Stuart Henderson, Antoine Jacoutot, Robert Nagy,
> Nikolay Sturm, and Christian Weisgerber.  System builds by Theo de Raadt,
> Mark Kettenis, and Miod Vallat.  X11 builds by Todd Fries and Miod Vallat.
> ISO-9660 filesystem layout by Theo de Raadt.
> We would like to thank all of the people who sent in bug reports, bug
> fixes, donation cheques, and hardware that we use.  We would also like
> to thank those who pre-ordered the 4.5 CD-ROM or bought our previous
> CD-ROMs.  Those who did not support us financially have still helped
> us with our goal of improving the quality of the software.
> Our developers are:
>     Alexander Bluhm, Alexander Schrijver, Alexander Yurchenko,
>     Alexander von Gernler, Alexandre Ratchov, Alexey Vatchenko,
>     Anders Magnusson, Andreas Gunnarsson, Anil Madhavapeddy,
>     Antoine Jacoutot, Ariane van der Steldt, Artur Grabowski,
>     Austin Hook, Bernd Ahlers, Bob Beck, Bret Lambert, Can Erkin Acar,
>     Chad Loder, Charles Longeau, Chris Kuethe, Christian Weisgerber,
>     Claudio Jeker, Constantine A. Murenin, Dale Rahn, Damien Bergamini,
>     Damien Miller, Darren Tucker, David Gwynne, David Hill,
>     David Krause, Eric Faurot, Esben Norby, Federico G. Schwindt,
>     Felix Kronlage, Gilles Chehade, Giovanni Bechis, Gordon Willem Klok,
>     Hans-Joerg Hoexer, Henning Brauer, Ian Darwin, Igor Sobrado,
>     Jacek Masiulaniec, Jacob Meuser, Jakob Schlyter, Janne Johansson,
>     Jared Yanovich, Jason Dixon, Jason George, Jason McIntyre,
>     Jasper Lievisse Adriaanse, Joel Sing, Joerg Goltermann, Jolan Luff,
>     Jonathan Gray, Jordan Hargrave, Joris Vink, Joshua Stein,
>     Kenneth R Westerback, Kevin Lo, Kevin Steves, Kjell Wooding,
>     Kurt Miller, Landry Breuil, Laurent Fanis, Marc Balmer, Marc Espie,
>     Marco Peereboom, Marco Pfatschbacher, Marco S Hyman, Marcus Glocker,
>     Mark Kettenis, Mark Uemura, Markus Friedl, Martin Reindl,
>     Martynas Venckus, Mathieu Sauve-Frankel, Mats O Jansson,
>     Matthias Kilian, Matthieu Herrb, Michael Erdely, Michael Knudsen,
>     Michele Marchetto, Mike Belopuhov, Mike Larkin, Miod Vallat,
>     Moritz Jodeit, Nick Holland, Nikolay Sturm, Okan Demirmen,
>     Oleg Safiullin, Otto Moerbeek, Owain Ainsworth, Paul Irofti,
>     Paul de Weerd, Pedro Martelletto, Peter Hessler, Peter Stromberg,
>     Peter Valchev, Philip Guenther, Pierre-Emmanuel Andre,
>     Pierre-Yves Ritschard, Rainer Giedat, Ray Lai, Reyk Floeter,
>     Robert Nagy, Rui Reis, Ryan Thomas McBride, Simon Bertrang,
>     Stefan Kempf, Stefan Sperling, Steven Mestdagh, Stuart Henderson,
>     Ted Unangst, Theo de Raadt, Thordur I. Bjornsson, Tobias Stoeckmann,
>     Tobias Weingartner, Todd C. Miller, Todd Fries, Will Maier,
>     Xavier Santolaria, Yojiro Uo

More information about the BUS mailing list