On Sun, Oct 18, 2009 at 1:38 PM, Theo de Raadt <dera...@cvs.openbsd.org> wrote: > Many people have received their 4.6 CDs in the mail by now, and we > really don't want them to be without the full package repository. > Oct 18, 2009. > > We are pleased to announce the official release of OpenBSD 4.6. > This is our 26th release on CD-ROM (and 27th via FTP). We remain > proud of OpenBSD's record of more than ten years with only two remote > holes in the default install. > > As in our previous releases, 4.6 provides significant improvements, > including new features, in nearly all areas of the system: > > - New/extended platforms: > o mvme88k > o MVME141 and MVME165 boards are now supported. > o sgi > o SGI Octane, SGI Origin 200 and SGI Fuel systems are now supported. > o Several bugs in interrupt handling have been fixed, resulting > in significantly improved system response. > o sparc > o The bootblock load address has been moved so that larger kernels > can be loaded. > o sparc64 > o Acceleration support has been added for many of the PCI frame buffer > drivers, such as the Sun PGX, PGX64 and XVR-100, and Tech Source > Raptor GFX graphics cards. > > - Improved hardware support, including: > o Several new/improved drivers for sensors, including: > o The ips(4) driver now has sensor support, complementing the bio support. > o The acpithinkpad(4) driver now has temperature and fan sensor support. > o New endrun(4) driver for the EndRun Technologies timedelta sensor. > o The fins(4) driver now has support for F71806, F71862 and F71882 ICs. > o The acpitz(4) driver now shows correct decimals for temperature. > o Added radeonfb(4) to sparc64, an accelerated framebuffer for > Sun XVR-100 boards. > o Added support for RTL8103E and RTL8168DP devices in the re(4) driver. > o Added support for BCM5709/BCM5716 devices in the bnx(4) driver. > o Added support for ICH10 variants of em(4). > o Added support for VIA VX855 chipset in the viapm(4) and pciide(4) drivers. > o Added support for Intel SCH IDE to pciide(4). > o Added support for the Broadcom HT-1100 chipset in the piixpm(4) driver. > o Added support for 82574L based devices in the em(4) driver. > o Added support for VIA CX800 south bridge to the viapm(4) driver. > o A number of network drivers including bge(4), bnx(4), hme(4), iwn(4), > ix(4), msk(4), sis(4), sk(4), vr(4) and wpi(4) now make use of the > MCLGETI(9) allocator in order to reduce memory usage and increase > performance when under load or attack. > o Added support in em(4) for the newer 82575 chips. > o zyd(4) now supports devices with Airoha AL2230S radios. > o zyd(4) now works on big-endian machines > o urtw(4) now supports RTL8187B based devices. > o New otus(4) driver for Atheros AR9001U USB 802.11a/b/g/Draft-N > wireless devices. > o New berkwdt(4) driver for Berkshire Products PCI watchdog timers. > o New udl(4) driver for USB video devices. > o Support for a variety of newer models in bge(4). > o Initial version of vsw(4), a driver for the virtual network switch > found on sun4v sparc64 systems. > o Implemented machfb(4), an accelerated driver for the sparc64 PGX/PGX64 > framebuffers. > o New vcc(4) and vcctty(4) drivers for the "Virtual Console Concentrator" > found on the control domain of sun4v systems. > o Implemented 64-bit FIFO modes for ciss(4) devices. > o Enabled hardware VLAN tagging and stripping on ix(4). > o Added basic support for Envy24HT chips to the envy(4) driver. > o Many improvements and updates to the isp(4) driver. > o Added support for 88E8057-based Yukon 2 Ultra 2-devices in msk(4). > o The ips(4) driver now works reliably. > o Added raptor(4), an accelerated framebuffer driver for the Tech Source > Raptor GFX cards on the sparc64 platform. > o Enabled schsio(4) on i386 and amd64 and added watchdog timer support. > o New acpivideo(4) driver for ACPI display switching and brightness control. > o Added support for the IBM ServeRAID-8k in the aac(4) driver. > o Added support for the BCM5825 and 5860/61/62 Broadcom CryptoNetX > IPSec/SSL Security processor in the ubsec(4) driver. > o Added support for AES-CBC with BCM5823-based ubsec(4) devices. > o Firmware for bnx(4) has been updated. > o Added support to fxp(4) for the 82552 MAC found on some ICH7 chipsets. > o Added support to umsm(4) for Truinstall enabled modems like the > Sierra 881U. > o Added support to pciide(4) for ICH10 SATA devices not operating in > AHCI mode. > o dc(4) now reads the MAC address from the eeprom rather than CIS. > o em(4) now correctly handles MAC addresses for dual-port 8257[56] cards. > o IPv6 receive TCP/UDP checksum offloading has been enabled for jme(4). > o IPv6 receive TCP/UDP checksum offloading has been enabled in bge(4) for > the 5755 and later chips. > o iwi(4) now associates with APs that refuse non-short slot-time capable > STAs. > o IP, TCP and UDP checksum offloading has been enabled in vr(4) for > VT6105M-based devices. > o VGA BIOS repost support has been added for amd64 and i386 platforms. > > - New tools: > o Added smtpd(8), a new privilege-separated SMTP daemon. > o Imported the tmux(1) terminal multiplexer, replacing window(1). > > - New functionality: > o httpd(8) can now serve files larger than 2GB in size. > o Mice with many buttons are now supported by wsmoused(8). > o New "nfsserver" and "nfsclient" views have been added to systat(1). > o Automatic partition allocation has been added to disklabel(8), with a > variety of smart heuristics. > o An undo command has been added to disklabel(8), which reverts the > label back to its previous state. > o When running in auto-mode, sysmerge(8) will now install binary files > from X sets automatically. > o sysmerge(8) now creates a report summary file in the work directory. > o httpd(8) now drops privileges to www/www rather than nobody/nogroup > if the User/Group entries are not present within the configuration file. > o ELF based platforms now generate ELF core dumps and gdb(1) is now able > to read ELF core dumps. > o Additional diff options have been added to opencvs(1). > o When sendbug(1) is run as root, the pcidump(8) and acpidump(8) output > is included. > o Support for audible ping(8) and ping6(8) has been added. > o ftpd(8) now logs both the remote IP and remote hostname when receiving > a new connection. > o relayd(8) now allows both UDP and TCP redirections. > o SSL sessions are now maintained by relayd(8) for each checked host, > resulting in subsequent checks being lighter and faster on the server. > o Added support to relayd(8) for client-side TCP connections from relays. > o Added support to relayd(8) for specifying a CA file to verify SSL server > certificates when connecting as a client from relays. > > - pf(4) improvements: > o Enabled pf(4) by default in the rc.conf(8). > o Removed pf(4) scrub rules, and only do one kind of packet reassembly. > Rulesets with scrub rules need to be modified because of this. > o Regular rules can now have per-rule scrub options. > o Added new "match" keyword which only applies rule options but does > not change the current pass/block state. > o Make all pf(4) operations transactional to improve atomicity of reloads. > o Stricter pf(4) checking for ICMP and ICMPv6 packets. > o Various improvements to pfsync(4) to lower sync traffic bandwidth and > optionally allow active-active firewall setups. > o Fix pf(4) scrub max-mss for IPv6 traffic. > > - softraid(4) improvements: > o Rebuild support has been added and RAID 1 volumes can now be rebuilt. > o Boot time assembly has been significantly improved, with volume and > chunk ordering now being respected. Duplicated chunks and version > mismatches are also handled gracefully. > o Volumes with missing members are now brought online. > > - OpenBGPD, OpenOSPFD and other routing daemon improvements: > o In bgpd(8), rework most of the RDE to allow multiple RIBs. > It is possible to filter per-RIB and attach neighbors to a specific RIB. > o Added an option to bgpd(8) to change the "connect-retry" timer. > o Allow bgpd.conf(5) and bgpctl(8) to contain 32-bit ASN numbers written in > ASPLAIN format. > o Fix bgpd(8) to correctly encode MP unreachable NLRI so IPv6 prefixes get > removed correctly. > o Changed the behaviour of "redistribute default" for ospfd(8) and ripd(8). > A default route has to be present in the FIB to be correctly advertised. > o Make ospfd(8) and ripd(8) track reject and blackhole routes and allow > them to be redistributed even if pointing to 127.0.0.1. > o Allow an alternate control socket to be specified for ospfd(8). > o ospfd(8) can now be bound to an alternate routing domain. > o Fix ospfd(8) route metric for "redistribute default". > o Initial version of ldpctl(8) and ldpd(8), a label distribution protocol > daemon for mpls. > o Make dvmrpd(8) RDE aware of multicast group members per interface. > o Added support for pruning in dvmrpd(8). > > - Generic Network-Stack improvements: > o Support for virtual routing and firewalling with the addition of routing > domains. > o Added support for ifconfig(8) to bind an interface to a routing domain. > o Added support to ping(8), traceroute(8), arp(8), nc(1) and telnet(1) to > specify which routing domain to use. > o Allow ifconfig(8) to turn off IPv6 completely for an interface and > make rtsold(8) turn on inet6 on the interface. > o Routes track the interface link state. > o route(8) flush accepts "-iface" or "-priority" to only flush routes > matching these conditions. > o Multiple dhclients can now coexist without causing mayhem. > o Make wireless interfaces have an interface priority of 4 by default. > Makes them less preferred then wired interfaces. > o Do not accept IPv4 ICMP redirects by default. > o Added the MAC address to the log entries in dhclient(8). > o Make systat(1) show interface description names in the interface view, > and add new NFS server and client views. > o Make tun(4) emulate link state depending on the open and close of the > device fd. > o Use pf state-table information to speed up decision on whether a packet > is to be delivered locally or forwarded. > o More routing socket checks added to make userland applications more > resilient to kernel changes. > > - Install/Upgrade process changes: > o The installer has almost been rewritten, primarily with a focus on > simplifying the installation process. > o Automatic disk layout can now be used during installation, allowing for > simple single-disk installs. > o VLAN support is now available in some installation media. > o A standard user account can now be created during the install process. > > - OpenSSH 5.3: > o Do not limit home directory paths to 256 characters. > o Several minor documentation and correctness fixes. > > - Over 5,800 ports, minor robustness improvements in package tools. > o Many pre-built packages for each architecture: > i386: 5606 sparc64: 5413 alpha: 5346 sh: 1261 > amd64: 5544 powerpc: 5427 sparc: 3711 mips64: 3443 > arm: 5291 hppa: 4790 vax: 1785 > > - As usual, steady improvements in manual pages and other documentation. > > - The system includes the following major components from outside > suppliers: > o Xenocara (based on X.Org 7.4 + patches, freetype 2.3.9, > fontconfig 2.6.0, Mesa 7.4.2, xterm 243 and more) > o Gcc 2.95.3 (+ patches) and 3.3.5 (+ patches) > o Perl 5.10.0 (+ patches) > o Our improved and secured version of Apache 1.3, with SSL/TLS > and DSO support > o OpenSSL 0.9.8k (+ patches) > o Groff 1.15 > o Sendmail 8.14.3, with libmilter > o Bind 9.4.2-P2 (+ patches) > o Lynx 2.8.6rel.5 with HTTPS and IPv6 support (+ patches) > o Sudo 1.7.2 > o Ncurses 5.2 > o Latest KAME IPv6 > o Heimdal 0.7.2 (+ patches) > o Arla 0.35.7 > o Binutils 2.15 (+ patches) > o Gdb 6.3 (+ patches) > > If you'd like to see a list of what has changed between OpenBSD 4.5 > and 4.6, look at > > http://www.OpenBSD.org/plus46.html > > Even though the list is a summary of the most important changes > made to OpenBSD, it still is a very very long list. > we provide patches for known security threats and other important > issues discovered after each CD release. As usual, between the > creation of the OpenBSD 4.6 FTP/CD-ROM binaries and the actual 4.6 > release date, our team found and fixed some new reliability problems > (note: most are minor and in subsystems that are not enabled by > default). Our continued research into security means we will find > new security problems -- and we always provide patches as soon as > possible. Therefore, we advise regular visits to > > http://www.OpenBSD.org/security.html > and > http://www.OpenBSD.org/errata.html > > Security patch announcements are sent to the security-annou...@openbsd.org > mailing list. For information on OpenBSD mailing lists, please see: > > http://www.OpenBSD.org/mail.html > OpenBSD 4.6 is also available on CD-ROM. The 3-CD set costs $50 CDN and > is available via mail order and from a number of contacts around the > world. The set includes a colourful booklet which carefully explains the > installation of OpenBSD. A new set of cute little stickers is also > included (sorry, but our FTP mirror sites do not support STP, the Sticker > Transfer Protocol). As an added bonus, the second CD contains an audio > track, a song entitled "Planet of the Users". MP3 and OGG versions of > the audio track can be found on the first CD. > > Lyrics (and an explanation) for the songs may be found at: > > http://www.OpenBSD.org/lyrics.html#46 > > Profits from CD sales are the primary income source for the OpenBSD > project -- in essence selling these CD-ROM units ensures that OpenBSD > will continue to make another release six months from now. > > The OpenBSD 4.6 CD-ROMs are bootable on the following four platforms: > > o i386 > o amd64 > o macppc > o sparc64 > > (Other platforms must boot from floppy, network, or other method). > > For more information on ordering CD-ROMs, see: > > http://www.OpenBSD.org/orders.html > > The above web page lists a number of places where OpenBSD CD-ROMs > can be purchased from. For our default mail order, go directly to: > > https://https.OpenBSD.org/cgi-bin/order > > All of our developers strongly urge you to buy a CD-ROM and support > our future efforts. Additionally, donations to the project are > highly appreciated, as described in more detail at: > > http://www.OpenBSD.org/goals.html#funding > For those unable to make their contributions as straightforward gifts, > the OpenBSD Foundation (http://www.openbsdfoundation.org) is a Canadian > not-for-profit corporation that can accept larger contributions and > issue receipts. In some situations, their receipt may qualify as a > business expense writeoff, so this is certainly a consideration for > some organizations or businesses. There may also be exposure benefits > since the Foundation may be interested in participating in press releases. > In turn, the Foundation then uses these contributions to assist OpenBSD's > infrastructure needs. Contact the foundation directors at > direct...@openbsdfoundation.org for more information. > The OpenBSD distribution companies also sell tshirts and polo shirts. > And our users like them too. We have a variety of shirts available, > with the new and old designs, from our web ordering system at, as > described above. > > The OpenBSD 4.6 t-shirts are available now. We also sell our older > shirts, as well as a selection of OpenSSH t-shirts. > If you choose not to buy an OpenBSD CD-ROM, OpenBSD can be easily > installed via FTP. Typically you need a single small piece of boot > media (e.g., a boot floppy) and then the rest of the files can be > installed from a number of locations, including directly off the > Internet. Follow this simple set of instructions to ensure that > you find all of the documentation you will need while performing > an install via FTP. With the CD-ROMs, the necessary documentation > is easier to find. > > 1) Read either of the following two files for a list of ftp > mirrors which provide OpenBSD, then choose one near you: > > http://www.OpenBSD.org/ftp.html > ftp://ftp.OpenBSD.org/pub/OpenBSD/4.6/ftplist > > As of Oct 1, 2009, the following ftp mirror sites have the 4.6 release: > > ftp://ftp.stacken.kth.se/pub/OpenBSD/4.6/ Sweden > ftp://ftp2.usa.openbsd.org/pub/OpenBSD/4.6/ NYC, USA > ftp://ftp3.usa.openbsd.org/pub/OpenBSD/4.6/ CO, USA > ftp://ftp5.usa.openbsd.org/pub/OpenBSD/4.6/ CA, USA > ftp://rt.fm/pub/OpenBSD/4.6/ IL, USA > > The release is also available at the master site: > > ftp://ftp.openbsd.org/pub/OpenBSD/4.6/ Alberta, Canada > > However it is strongly suggested you use a mirror. > > Other mirror sites may take a day or two to update. > > 2) Connect to that ftp mirror site and go into the directory > pub/OpenBSD/4.6/ which contains these files and directories. > This is a list of what you will see: > > ANNOUNCEMENT armish/ mvme68k/ sparc64/ > Changelogs/ ftplist mvme88k/ src.tar.gz > HARDWARE hp300/ packages/ sys.tar.gz > PACKAGES hppa/ ports.tar.gz tools/ > PORTS i386/ root.mail vax/ > README landisk/ sgi/ xenocara.tar.gz > alpha/ mac68k/ socppc/ zaurus/ > amd64/ macppc/ sparc/ > > It is quite likely that you will want at LEAST the following > files which apply to all the architectures OpenBSD supports. > > README - generic README > HARDWARE - list of hardware we support > PORTS - description of our "ports" tree > PACKAGES - description of pre-compiled packages > root.mail - a copy of root's mail at initial login. > (This is really worthwhile reading). > > 3) Read the README file. It is short, and a quick read will make > sure you understand what else you need to fetch. > > 4) Next, go into the directory that applies to your architecture, > for example, i386. This is a list of what you will see: > > INSTALL.i386 cd46.iso floppyB46.fs pxeboot* > INSTALL.linux cdboot* floppyC46.fs xbase46.tgz > MD5 cdbr* game46.tgz xetc46.tgz > base46.tgz cdemu46.iso index.txt xfont46.tgz > bsd* comp46.tgz install46.iso xserv46.tgz > bsd.mp* etc46.tgz man46.tgz xshare46.tgz > bsd.rd* floppy46.fs misc46.tgz > > If you are new to OpenBSD, fetch _at least_ the file INSTALL.i386 > and the appropriate floppy*.fs or install46.iso files. Consult the > INSTALL.i386 file if you don't know which of the floppy images > you need (or simply fetch all of them). > > If you use the install46.iso file (roughly 200MB in size), then you > do not need the various *.tgz files since they are contained on that > one-step ISO-format install CD. > > 5) If you are an expert, follow the instructions in the file called > README; otherwise, use the more complete instructions in the > file called INSTALL.i386. INSTALL.i386 may tell you that you > need to fetch other files. > > 6) Just in case, take a peek at: > > http://www.OpenBSD.org/errata.html > > This is the page where we talk about the mistakes we made while > creating the 4.6 release, or the significant bugs we fixed > post-release which we think our users should have fixes for. > Patches and workarounds are clearly described there. > > Note: If you end up needing to write a raw floppy using Windows, > you can use "fdimage.exe" located in the pub/OpenBSD/4.6/tools > directory to do so. > X.Org has been integrated more closely into the system. This release > contains X.Org 7.4. Most of our architectures ship with X.Org, including > amd64, sparc, sparc64 and macppc. During installation, you can install > X.Org quite easily. Be sure to try out xdm(1) and see how we have > customized it for OpenBSD. > The OpenBSD ports tree contains automated instructions for building > third party software. The software has been verified to build and > run on the various OpenBSD architectures. The 4.6 ports collection, > including many of the distribution files, is included on the 3-CD > set. Please see the PORTS file for more information. > > Note: some of the most popular ports, e.g., the Apache web server > and several X applications, come standard with OpenBSD. Also, many > popular ports have been pre-compiled for those who do not desire > to build their own binaries (see BINARY PACKAGES, below). > A large number of binary packages are provided. Please see the PACKAGES > file (ftp://ftp.OpenBSD.org/pub/OpenBSD/4.6/PACKAGES) for more details. > The CD-ROMs contain source code for all the subsystems explained > above, and the README (ftp://ftp.OpenBSD.org/pub/OpenBSD/4.6/README) > file explains how to deal with these source files. For those who > are doing an FTP install, the source code for all four subsystems > can be found in the pub/OpenBSD/4.6/ directory: > > xenocara.tar.gz ports.tar.gz src.tar.gz sys.tar.gz > OpenBSD 4.6 includes artwork and CD artistic layout by Ty Semaka, > who also arranged an audio track on the OpenBSD 4.6 CD set. Ports > tree and package building by Jasper Lievisse Adriaanse, Michael Erdely, > Simon Bertrang, Stuart Henderson, Antoine Jacoutot, Robert Nagy, > Nikolay Sturm, and Christian Weisgerber. System builds by Theo de Raadt, > Mark Kettenis, and Miod Vallat. X11 builds by Todd Fries and Miod Vallat. > ISO-9660 filesystem layout by Theo de Raadt. > > We would like to thank all of the people who sent in bug reports, bug > fixes, donation cheques, and hardware that we use. We would also like > to thank those who pre-ordered the 4.6 CD-ROM or bought our previous > CD-ROMs. Those who did not support us financially have still helped > us with our goal of improving the quality of the software. > > Our developers are: > > Alexander Bluhm, Alexander Hall, Alexander von Gernler, > Alexander Yurchenko, Alexandre Ratchov, Alexey Vatchenko, > Anders Magnusson, Andreas Gunnarsson, Anil Madhavapeddy, > Antoine Jacoutot, Ariane van der Steldt, Artur Grabowski, > Austin Hook, Benoit Lecocq, Bernd Ahlers, Bob Beck, Bret Lambert, > Can Erkin Acar, Chad Loder, Charles Longeau, Chris Cappuccio, > Chris Kuethe, Christian Weisgerber, Claudio Jeker, > Constantine A. Murenin, Dale Rahn, Damien Bergamini, Damien Miller, > Darren Tucker, David Gwynne, David Hill, David Krause, Eric Faurot, > Esben Norby, Federico G. Schwindt, Felix Kronlage, Gilles Chehade, > Giovanni Bechis, Gordon Willem Klok, Hans-Joerg Hoexer, > Henning Brauer, Ian Darwin, Igor Sobrado, Ingo Schwarze, > Jacek Masiulaniec, Jacob Meuser, Jakob Schlyter, Janne Johansson, > Jared Yanovich, Jason Dixon, Jason George, Jason McIntyre, > Jason Meltzer, Jasper Lievisse Adriaanse, Jim Razmus II, Joel Sing, > Joerg Goltermann, Johan Mson Lindman, Jolan Luff, Jonathan Gray, > Jordan Hargrave, Joris Vink, joshua stein, Kenneth R Westerback, > Kevin Lo, Kevin Steves, Kjell Wooding, Kurt Miller, Landry Breuil, > Laurent Fanis, Marc Espie, Marco Peereboom, Marco Pfatschbacher, > Marco S Hyman, Marcus Glocker, Mark Kettenis, Mark Uemura, > Markus Friedl, Martin Reindl, Martynas Venckus, > Mathieu Sauve-Frankel, Mats O Jansson, Matthias Kilian, > Matthieu Herrb, Michael Erdely, Michael Knudsen, Michele Marchetto, > Mike Larkin, Miod Vallat, Moritz Grimm, Moritz Jodeit, > Nicholas Marriott, Nick Holland, Nikolay Sturm, Okan Demirmen, > Oleg Safiullin, Otto Moerbeek, Owain Ainsworth, Paul de Weerd, > Paul Irofti, Peter Hessler, Peter Stromberg, Peter Valchev, > Philip Guenther, Pierre-Emmanuel Andre, Pierre-Yves Ritschard, > Rainer Giedat, Ray Lai, Reyk Floeter, Robert Nagy, Rui Reis, > Ryan Thomas McBride, Simon Bertrang, Stefan Kempf, Steven Mestdagh, > Stuart Henderson, Ted Unangst, Theo de Raadt, Thordur I. Bjornsson, > Tobias Stoeckmann, Tobias Weingartner, Todd C. Miller, Todd Fries, > Will Maier, William Yodlowsky, Xavier Santolaria, Yojiro Uo > >
\o/ As usual, thanks!
