Friday, October 29, 2004

OpenBSD 3.6 released

I've just received the announce email from Theo. It has been released slightly early, to try and spread out some of the load during the weekend. Take a look at what is new & improved in this release, as per the release announcement.


We are pleased to announce the official release of OpenBSD 3.6. This is our 16th release on CD-ROM (and 17th via FTP). We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install. As in our previous releases, 3.6 provides significant improvements, including new features, in nearly all areas of the system:

- New platform:

* OpenBSD/luna88k

Expanding the mvme88k porting effort by supporting Omron's
line of 88100-based workstations.

- SMP support on OpenBSD/i386 and OpenBSD/amd64 platforms.

- New functionality:

* A cleaned up DHCP server and client implementation, now featuring privilege separation and safe defaults.

* A new NTP daemon written from scratch, which ought to fit
the needs of most NTP users.

* pfctl(8) now provides a rules optimizer to help improve filtering speed.
* pf(4), now supports nested anchors.
* tcpdrop(8), a command to drop TCP connections.

* The NMBCLUSTERS option has been eliminated, replaced by a sysctl with higher default values on many platforms.

* Added support for cksum (three flavours), md4, sha256, sha384 & sha512 to the md5(1) command.

* Memory file systems created by the mount_mfs(8) command now can be populated immediately after creation.

* New hotplugd(8) daemon and hotplug(4) device that watch
for newly attached devices.

* isakmpd(8) now supports NAT-traversal and Dead Peer Detection

* strtonum(3), a simple, robust and therefore safe function to convert strings to numbers, has been added.

* On the OpenBSD/sparc platform, StackGhost buffer overflow exploit protection has been added.

* A generic IEEE 802.11 framework has been added.

- Improved hardware support, including:

* Sangoma T1 and E1 cards (san(4)).
* Jumbo frames now work reliably on em(4), sk(4), and ti(4) adapters.
* USB 2.0 (ehci(4)) controllers.

* AIC79xx-based Ultra320 SCSI adapters, such as the
Adaptec 29320 & 39320 (ahd(4)).

* The i386 and amd64 CD bootloader code no longer emulates a floppy which improves the chances of booting on newer machines.

* New re(4) driver for Realtek 8169/8169S/8110S PCI Ethernet adapters.
* New atw(4) driver for ADMtek ADM8211 802.11b wireless adapters.
* New axe(4) driver for ASIX Electronics AX88172 USB Ethernet adapters.
* New cdce(4) driver for Ethernet over USB bridges.
* New ichpcib(4) driver for Intel ICHx/ICHx-M LPC PCI-ISA bridges.

* New gscpcib(4) driver for National Semiconductor Geode
SC1100 PCI-ISA bridges.

* New iic(4) driver for Inter IC (I2C) master/slave buses.

* New lmtemp(4) driver for National Semiconductor
LM75/LM77 temperature sensors.

* New gscsio(4) driver for National Semiconductor Geode
SC1100 Super I/O chips.

* New gpio(4) driver and accompanying gpioctl(8) utility for
supporting General Purpose Input/Output.

*New mediabay(4) macppc driver for the ATA33 HD
controller over removable CD.

* hw.setperf sysctl hooks for PowerNow in AMD K6 and K7 processors.

- New functionality for bgpd(8), the Border Gateway Protocol Daemon:

* Kernel memory management improvements now allow the full global routing table to be kept in memory without customizing or tuning.

* Support for adding received prefixes to a pf(4) table.
* Support for IPsec, both manually keyed and using IKE.
* Support for setting BGP communities on incoming & outbound UPDATES.
* Support for NOPEER community (RFC3765).

* Partial support for RFC2858 Multiprotocol Capabilities,
currently only IPv4-unicast is announced.

* Support for Route Reflection (RFC2796).
* Support for dynamic network announcements.
* Support for Route Refresh Capability (RFC2918).

- Improved NFS performance and reliability.

- Shared libraries and gcc 3.3.2 on the OpenBSD/hppa port.

- Privilege separation or revocation for the following programs:

* afsd(8)
* mopd(8)
* pppoe(8)
* rbootd(8)
* dhcrelay(8), dhclient(8), and dhcpd(8)

- Over 2700 ports, 2500 pre-built packages.

- Many improvements for security and reliability (look for the red
print in the complete changelog).

- As usual, many improvements in manual pages and other documentation.

- OpenSSH 3.9:

* sshd(8) now re-executes itself on accepting a new connection. This security measure ensures that all execute-time randomizations are reapplied for each connection rather than once, for the master process' lifetime. This includes mmap and malloc mappings, shared library addressing, shared library mapping order, ProPolice and StackGhost cookies on architectures that support such things.

* Selected environment variables can now be passed between
the client and the server.

* Session multiplexing: a single ssh connection can now carry multiple login/command/file transfer sessions.

- This release of OpenBSD includes the following major components from outside suppliers:

* XFree86 4.4.0 unencumbered (+ patches, and i386 contains 3.3.6 servers
(+ patches) for chipsets not supported by 4.4).

* Gcc 2.95.3 (+ patches) and 3.3.2 (+ patches)
* Perl 5.8.5 (+ patches)
* Apache 1.3.29, mod_ssl 2.8.16, DSO support (+ patches)
* OpenSSL 0.9.7d (+ patches)
* Groff 1.15
* Sendmail 8.13.0, with libmilter
* Bind 9.2.3 (+ patches)
* Lynx 2.8.5rel.2 with HTTPS and IPv6 support (+ patches)
* Sudo 1.6.7p5
* Ncurses 5.2
* Latest KAME IPv6
* Heimdal 0.6rc1 (+ patches)
* Arla 0.35.7
* Binutils 2.14
* Gdb 6.1

If you'd like to see a list of what has changed between OpenBSD 3.5
and 3.6, look at

Even though the list is a summary of the most important changes
made to OpenBSD, it still is a very very long list.


As you can see, there is a list of new features and improvements as always as well as new releases of third party applications and of course all the new packages and ports available to download if you want them. There are quite a few things which have been added that I like & I'm sure there will be a lot of people that have been waiting for the SMP support. I'll be upgrading my OpenBSD systems shortly.

Don't forget to check the errata and security pages for updates since 3.6 went gold.

Post ID: 550, posted by jase at 11:22 PM
Permalink | TrackBack ID: 523, (0) | Category: BSD | Google Search
Post a comment

Thanks for signing in, . Now you can comment. (sign out)

(If you haven't left a comment here before, you may need to be approved before your comment will appear.)

Remember me?

Valve Media Ltd
Search Engine Compliance