Contributed by dhartmei on from the release-time dept.
We are pleased to announce the official release of OpenBSD 3.8. This is our 18th release on CD-ROM (and 19th via FTP). We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install. As in our previous releases, 3.8 provides significant improvements, including new features, in nearly all areas of the system:
As usual, see http://www.OpenBSD.org/ftp.html for the current list of primary ftp servers, which carry the tarballs as of now.
- Improved hardware support, including:
o New aps driver for the built-in accelerometer found in some IBM ThinkPad laptops.
o New art driver for Accom Networks Artery T1 and E1 cards.
o New auixp driver for the ATI IXP series integrated AC'97 audio controller.
o Basic RAID management using bioctl(8) in the ami(4) MegaRAID driver.
o New ciss driver for Compaq Smart ARRAY 5 and 6 RAID controllers.
o New epic driver for SMC 83C170 ethernet adapters.
o New ichwdt driver for Intel 6300ESB ICH watchdog timer.
o New pcn driver for the AMD Am79c97x (PCnet) ethernet adapters.
o New safte driver for SCSI Accessed Fault-Tolerant Enclosures, and a rewritten
ses driver for SCSI Enclosure Services, both allowing monitoring through
sysctl and sensorsd.
o New ueagle driver for Analog Devices Eagle ADSL modems.
o New uipaq driver for iPAQ USB serial.
o New viasio driver for VIA VT1211 LPC Super I/O hardware sensors.
o New zaudio driver for the built-in Zaurus audio CODEC.
o Improved com driver for serial port PCMCIA cards, such as cellular modems
on Zaurus.
o Improved support for many umass devices.
o Updated driver from X.Org for the Intel i810 family graphics chipset,
including support for the external VGA output on laptops.
- New tools:
o bioctl(8), a RAID management interface.
o ipsecctl(8), a simple IPsec management tool.
o stat(1), displaying file status obtained from stat(2) or lstat(2).
o hostapd(8), a wireless Host Access Point daemon.
o ifstated(8), a daemon monitoring ethernet interfaces status.
o watchdogd(8), companion to the hardware watchdog devices.
o ztsscale(8), a tool to calibrate the Zaurus touch screen.
o xidle(1), a tool to run a program on X inactivity.
o gzsig(1), create and verify cryptographic signatures built into gzip file headers.
o sasyncd(8), a daemon to synchronize IPSec SA's for failover gateways.
- New functionality:
o mount_udf(8), providing UDF (DVD) filesystem support.
o Network interface aggregation, using the virtual trunk(4) interface.
o Partial wide character and locale support in the C and C++ libraries.
o wd(4) disks have the security feature frozen before being attached
to prevent malicious users setting a password that would prevent the
contents of the drive from being accessed.
o On the OpenBSD/sparc64 platform, StackGhost buffer overflow exploit
protection has been added.
o zaudio(4) changes the mute values if the headphones are plugged in or out.
- New functionality for ospfd(8), the Open Shortest Path First Daemon:
o ospfd is now able to redistribute static, connected and default routes.
o ospfctl is now able to display all relevant information.
o Interoperability with cisco and Extreme has been improved.
o Support for parsing and displaying parsed configuration file, similar to bgpd.
o Support for cryptographic authentication has been added.
o Interface finite state machine has been reworked, primarily to improve
interoperability.
o The performance of the shortest path first calculation has been improved.
o Numerous bugs have been discovered and fixed during the last 6 months.
- New functionality for bgpd(8), the Border Gateway Protocol Daemon:
o bgpd is now able to redistribute static and connected routes dynamically.
o Full route label support; pf(4) can filter based on information bgpd
attaches to the routes.
o An additional per prefix weight has been added used to evaluate prefixes
with equal AS path length.
o New route decision tunable rde med compare always to force bgpd to compare
the MED independent of the peer AS.
o IPv6 support.
- Assorted improvements and code cleanup:
o malloc(3) has been rewritten to use the mmap(2) system call,
introducing unpredictable allocation addresses and guard pages, which
helps in detecting heap based buffer overflows and prevents various
types of attacks.
o libc(3) source code has been converted to ANSI C.
o realpath(3) is now thread safe.
o Several pathname races and potential buffer handling problems have been
fixed in pax(1).
o Problems with signal delivery on OpenBSD/sparc and OpenBSD/sparc64 have
been fixed.
o Reliability of signal handlers using floating point on
OpenBSD/i386 and OpenBSD/macppc has been improved.
o NFS write performance has been improved greatly.
o Countermeasures against various blind ICMP attacks have been implemented.
- Over 3200 ports, 3000 pre-built packages, improved package tools.
- As usual, many improvements in manual pages and other documentation.
- OpenSSH 4.2:
o Adds a new compression method that delays the start of zlib
compression until the user has been authenticated successfully. The
new method ("Compression delayed") is on by default in the server and
eliminates the risk of any zlib vulnerability leading to a compromise
of the server from unauthenticated users.
o Added support for the improved arcfour cipher modes from
draft-harris-ssh-arcfour-fixes-02. The improves the cipher's
resistance to a number of attacks by discarding early keystream
output.
o Many improvements to connection multiplexing, including a new
opportunistic multiplexing mode, automatic fallback to plain
connections when multiplexing fails and support for multiplexed X11
and agent forwarding.
o Many additional bug fixes and improvements, as described in the
release announcement.
- This release of OpenBSD includes the following major components from
outside suppliers:
o X.Org 6.8.2 (+ patches, and i386 contains XFree86 3.3.6 servers (+ patches)
for legacy chipsets not supported by X.Org)
o Gcc 2.95.3 (+ patches) and 3.3.5 (+ patches)
o Perl 5.8.6 (+ patches)
o Apache 1.3.29, mod_ssl 2.8.16, DSO support (+ patches)
o OpenSSL 0.9.7g (+ patches)
o Groff 1.15
o Sendmail 8.13.4, with libmilter
o Bind 9.3.1 (+ patches)
o Lynx 2.8.5rel.2 with HTTPS and IPv6 support (+ patches)
o Sudo 1.6.8p9
o Ncurses 5.2
o Latest KAME IPv6
o Heimdal 0.6.3 (+ patches)
o Arla 0.35.7
o Binutils 2.15 (+ patches)
o Gdb 6.3
If you'd like to see a list of what has changed between OpenBSD 3.7
and 3.8, look at
http://www.OpenBSD.org/plus38.html
Even though the list is a summary of the most important changes
made to OpenBSD, it still is a very very long list.
(Comments are closed)
By Matt (67.62.110.100) on http://www.atomsatellite.com/
Comments
By tamo (220.221.52.177) on http://tamo.tdiary.net/
Being a Japanese, I'm excited by locale support in particular,
and looking forward to seeing ncursesw and real wc/mb functions.
By ninjaz (66.158.156.155) on
Comments
By Anonymous Coward (61.88.57.1) on
Comments
By ninjaz (216.209.174.120) on
Once I had compiled and installed the kernel on the RAID-root, I mounted the boot device where the kernel resides (/dev/wd0a in this case), and copied /bsd there. After rebooting, I followed the standard 3.7 - 3.8 upgrade instructions on openbsd.org (i.e., extracting the new distribution tar files for the upgrade, etc.)
All this was done over an ssh login, as there is no serial console, and the server is over 2000 miles away.
It was the first time I tried it this way. Normally I make staging system on /dev/wd0a, and compile a new kernel there as a first step. I had seen the technique I used this time described on a mailing list, though, so I gave it a shot and had good luck. :-)
By Ann Onamiss (210.233.106.4) on
Comments
By almeida (192.160.62.60) on
Comments
By Anonymous Coward (216.220.58.219) on
By waldonova (206.221.246.130) on
Get order confirmation on 10 Oct.
See posting at undeadly that CDs are shipping on 20 Oct.
See iso torrent posted at comp.unix.bsd.openbsd.misc on 1 Nov.
See "421 There are too many connected users, please try later." at ftp site on 1 Nov.
Still don't have my CDs on 1 Nov.
So, I paid for the darn things and I'm the last kid on the block to have 3.8?
:(
Comments
By paddy (82.43.208.61) on
A list of mirrors is available here: http://www.openbsd.org/ftp.html
By Brian P. (69.164.211.75) on
Not to be a jerk but.........I have learned that if one wants them before the release date then you should order them on the same day that pre-orders are up or maybe a day or two later..............pre-orders were up on Sep 15
--Brian
Comments
By Peter van Oord van der Vlies (82.161.29.165) zork@cgg.nu on
By Dave Steinberg (66.192.34.8) dave@redterror.net on http://www.geekisp.com/
By OpenBSD CD Fairy (68.124.58.147) on
Which is commom.
By pdemb (217.98.20.195) pdemb@gazeta.pl on www.peter.dembinski.prv.pl
By Bayu Krisnawan (203.191.40.226) on http://orchid.versalite.com
By Anonymous Coward (66.207.218.19) on
Comments
By Brad Smith (204.101.180.70) brad at comstyle dot com on
Comments
By Anonymous Coward (72.136.154.14) on
Comments
By Anonymous Coward (72.136.154.14) on
By andrew (66.185.225.40) andrew@mad-techies.org on http://openbsd.somedomain.net
Comments
By Anonymous Coward (72.136.154.14) on
By andrew (66.185.225.40) andrew@mad-techies.org on http://openbsd.somedomain.net
Comments
By Gerardo Santana (201.137.137.87) gerardo.santana gmail on
By Anonymous Coward (128.151.92.148) on
Comments
By thomasw.xhrl (142.22.186.7) on
By Mike K. (165.228.132.11) on http://freeweb.ozi.nu/~torrent/
Comments
By Anonymous Coward (69.70.207.240) on
By Anonymous Coward (128.151.92.148) on
Comments
By Amir Mesry (208.34.41.180) starkiller@web-illusions.net on
Comments
By Anonymous Coward (69.70.207.240) on
By Anonymous Coward (80.108.115.184) on
While certainly we should support the continuing development of OpenBSD (for example by buying the official ISOs on CD) it is completely ok and legal to make and distribute unofficial ISOs.
By toxa (62.16.127.230) on
By Anonymous Coward (62.225.37.69) on
Use a local nfs mount as a workaround. Re: RIP stackable filesystems (mod 0/0)
by Anonymous Coward (IP 62.225.37.69) on Wed Nov 9 13:29:29 2005 (GMT)
from: http://marc.theaimsgroup.com/?l=openbsd-misc&m=112590380009385&w=2
List: openbsd-misc
Subject: Re: mount_null gone?
From: jimmy () inet-solutions ! be
Date: 2005-09-05 6:58:15
Message-ID: 1125903494.431bec8700248 () webmail ! boxke ! be
[Download message RAW]
Quoting Gijs Nijholt <gijs.nijholt@gmail.com>:
> What's particularly strange, it's that the command (/sbin/mount_null)
> exists, but on executing the following command:
> gijs@basecamp> sudo mount_null /extended/ /home/gijs/fileserver/
> ...I get the following error:
> mount_null: /home/gijs/fileserver/: Filesystem not supported by kernel
>
> Both filesystems are FFS, and it worked really well in 3.6.
> Can anyone tell me how to fix this problem?
>
> On 9/4/05, Gijs Nijholt <gijs.nijholt@gmail.com> wrote:
> > Hello,
> >
> > After some digging through mailinglist archives, it seems that
> > mount_null is no longer in the GENERIC since OpenBSD 3.7 (and
> > mount_union as well)
> > This is not mentioned in the release notes as far as I can verify.
> >
> > Why is it gone and what is the alternative?
> > (I need a way to mount my /extended partition into /home/users and
> > /var/www/users/user, which are both chrooted in respectively ftp and
> > apache)
> >
> > Or how can I get mount_null back without reinstalling the system?
> >
> > Thanks in advance.
> > Gijs Nijholt
>
>
This was planned imho, a few months after reporting this:
http://www.monkey.org/openbsd/archive/bugs/0404/msg00119.html
I got response from Otto that nullfs isn't supported anymore.
I think the code is to old and hasn't a maintainer to support
it any further (I could be wrong).
Take a look at mount_nullfs(8) from freebsd for example:
BUGS
THIS FILE SYSTEM TYPE IS NOT YET FULLY SUPPORTED (READ: IT DOESN'T WORK)
AND USING IT MAY, IN FACT, DESTROY DATA ON YOUR SYSTEM. USE AT YOUR OWN
RISK. BEWARE OF DOG. SLIPPERY WHEN WET.
This code also needs an owner in order to be less dangerous - serious
hackers can apply by sending mail to <hackers@FreeBSD.org> and announcing
their intent to take it over.
Kind Regards,
Jimmy Scott
----------------------------------------------------------------
This message has been sent through ihosting.be
To report spamming or other unaccepted behavior
by a iHosting customer, please send a message
to abuse@ihosting.be
----------------------------------------------------------------