File: [local] / www / 55.html (download) (as text)
Revision 1.13, Sun Mar 16 17:52:38 2014 UTC (10 years, 2 months ago) by tedu
Branch: MAIN
Changes since 1.12: +1 -1 lines
no popa3d
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>OpenBSD 5.5 Release</title>
<meta name="resource-type" content="document">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="OpenBSD 5.5">
<meta name="keywords" content="openbsd,main">
<meta name="distribution" content="global">
<meta name="copyright" content="This document copyright 2013 by OpenBSD.">
</head>
<body bgcolor="#ffffff" text="#000000" link="#24248E">
<a href="index.html">
<img alt="[OpenBSD]" height="30" width="141" hspace="24" src="images/smalltitle.gif" border="0"></a>
<hr>
<p>
<a href="images/Puffia.jpg">
<img align="left" width="227" height="343" hspace="24" vspace="30"
src="images/McFish.jpg" alt="OpenBSD 5.5 logo"></a>
<h2><font color="#0000e0">The OpenBSD 5.5 Release:</font></h2>
<p>
Released May 1, 2014<br>
Copyright 1997-2014, Theo de Raadt.<br>
<font color="#e00000">ISBN 978-0-9881561-3-5</font>
<br>
<a href="lyrics.html#55">5.5 Song: "Wrap in Time"</a>
<p>
<a href="#new">What's New</a><br>
<a href="#install">How to install</a><br>
<a href="#upgrade">How to upgrade</a><br>
<a href="#ports">How to use the ports tree</a><br>
<a href="orders.html">Ordering a CD set</a><br>
<p>
<h3><font color="#0000e0">To get the files for this release:</font></h3>
<p>
<ul>
<li>Order a CDROM from our <a href="orders.html">ordering system</a>.
<li>See the information on <a href="ftp.html">The FTP page</a> for
a list of mirror machines.
<li>Go to the <font color="#e00000">pub/OpenBSD/5.5/</font> directory on
one of the mirror sites.
<li>Briefly read the rest of this document.
<li>Have a look at <a href="errata55.html">The 5.5 Errata page</a> for a list
of bugs and workarounds.
<li>See a <a href="plus55.html">detailed log of changes</a> between the
5.4 and 5.5 releases.
</ul>
<br clear=all>
<strong>Note:</strong> All applicable copyrights and credits can be found
in the applicable file sources found in the files src.tar.gz, sys.tar.gz,
xenocara.tar.gz, or in the files fetched via ports.tar.gz. The distribution
files used to build packages from the ports.tar.gz file are not included on
the CDROM because of lack of space.
<p>
<a name="new"></a>
<hr>
<p>
<h3><font color="#0000e0">What's New</font></h3>
<p>
This is a partial list of new features and systems included in OpenBSD 5.5.
For a comprehensive list, see the <a href="plus55.html">changelog</a> leading
to 5.5.
<p>
<ul>
<li>Releases and packages are now cryptographicly signed with the
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=signify&sektion=1">signify(1)</a> utility.
<ul>
<li>The installer will verify all sets before installing.
<li>Users should still verify the installer by hand.
</ul>
<p>
<li>New/extended platforms:
<ul>
<li>...
</ul>
<p>
<li>Improved hardware support, including:
<ul>
<li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vmx&sektion=4">vmx(4)</a>
driver for VMware VMXNET3 Virtual Interface Controller devices.
<li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vmwpvs&sektion=4">vmwpvs(4)</a>
driver for VMware Paravirtual SCSI.
<li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vioscsi&sektion=4">vioscsi(4)</a>
driver for VirtIO SCSI adapters.
<li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=viornd&sektion=4">viornd(4)</a>
driver for VirtIO random number devices.
<li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ubcmtp&sektion=4">ubcmtp(4)</a>
driver for Broadcom multi-touch trackpads.
<li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ugold&sektion=4">ugold(4)</a>
driver for TEMPer gold HID thermometers.
<li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ugl&sektion=4">ugl(4)</a>
driver for Genesys Logic based USB host-to-host adapters.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=radeondrm&sektion=4">radeondrm(4)</a>
has been overhauled, including:
<ul>
<li>New port of the Radeon code in Linux 3.8.13.19.
<li>Support for Kernel Mode Setting (KMS) including support for
additional output types such as DisplayPort.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wsdisplay&sektion=4">wsdisplay(4)</a>
now attaches to
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=radeondrm&sektion=4">radeondrm(4)</a>
and provides a framebuffer console.
</ul>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=inteldrm&sektion=4">inteldrm(4)</a>
has been updated to Linux 3.8.13.19 noteably bringing Haswell stability fixes.
<li>Support for Intel 8 Series Ethernet with i217/i218 PHYs, and
i210/i211/i354 has been added to
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=em&sektion=4">em(4)</a>.
<li>Support for Intel Centrino Wireless-N 2200, 2230 and 105/135 has been added to
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=iwn&sektion=4">iwn(4)</a>.
</ul>
<p>
<li>Generic network stack improvements:
<ul>
<li>...
</ul>
<p>
<li>Routing daemons and other userland network improvements:
<ul>
<li>The popa3d POP3 server has been removed.
</ul>
<p>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd&sektion=8">dhcpd(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhclient&sektion=8">dhclient(8)</a> improvements:
<ul>
<li>...
</ul>
<p>
<li>OpenSMTPD 5.3.3:
<ul>
<li>...
</ul>
<p>
<li>Performance improvements:
<ul>
<li>Relations between the buffer cache and swap daemon have been improved.
</ul>
<p>
<li>Threading improvements:
<ul>
<li>Interprocess semaphores via <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sem_open&sektion=3">sem_open(3)</a>.
</ul>
<p>
<li>Assorted improvements:
<ul>
<li>New in-memory file system, tmpfs
<li>POSIX required <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nl&sektion=1">nl(1)</a> utility.
</ul>
<p>
<li>OpenSSH 6.6 (including changes to 6.5, a feature-focused release):
<ul>
<li>Security:
<ul>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
when using environment passing with a
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5">sshd_config(5)</a>
<tt>AcceptEnv</tt> pattern with a wildcard. OpenSSH prior to 6.6 could
be tricked into accepting any enviornment variable that contains the
characters before the wildcard character.
</ul>
<li>New/changed features:
<ul>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
Add support for key exchange using <i>elliptic-curve Diffie Hellman</i>
in Daniel Bernstein's <i>Curve25519</i>. This key exchange method is
the default when both the client and server support it.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
Add support for <i>ED25519</i> as a public key type. ED25519 is
a elliptic curve signature scheme that offers better security than
<i>ECDSA</i> and <i>DSA</i> and good performance. It may be used for
both <i>user</i> and <i>host</i> keys.
<li>Add a new private key format that uses a <i>bcrypt KDF</i> to better
protect keys at rest. This format is used unconditionally for
ED25519 keys, but may be requested when generating or saving
existing keys of other types via the <tt>-o</tt>
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>
option. We intend to make the new format the default in the near
future. Details of the new format are in the <tt>PROTOCOL.key</tt>
file.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
Add a new transport cipher "chacha20-poly1305@openssh.com" that
combines Daniel Bernstein's <i>ChaCha20</i> stream cipher and
<i>Poly1305 MAC</i> to build an authenticated encryption mode. Details
are in the <tt>PROTOCOL.chacha20poly1305</tt> file.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
Refuse <i>RSA</i> keys from old proprietary clients and servers that
use the obsolete <i>RSA+MD5</i> signature scheme. It will still be
possible to connect with these clients/servers but <b>only DSA keys
will be accepted, and OpenSSH will refuse connection entirely in a
future release</b>.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
Refuse old proprietary clients and servers that use a weaker key
exchange hash calculation.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
Increase the size of the <i>Diffie-Hellman groups</i> requested for
each symmetric key size. New values from <i>NIST Special Publication
800-57</i> with the upper limit specified by <i>RFC 4419</i>.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&sektion=1">ssh-agent(1)</a>:
Support <i>PKCS#11</i> tokens that only provide <i>X.509</i> certs
instead of raw public keys. (requested as bz#1908)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
Add a
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>
<tt>Match</tt> keyword that allows conditional configuration to be
applied by matching on <i>hostname</i>, <i>user</i> and <i>result of
arbitrary commands</i>.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
Add support for <i>client-side hostname canonicalisation</i> using a
set of <i>DNS suffixes</i> and rules in
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>.
This allows unqualified names to be canonicalised to fully-qualified
domain names to eliminate ambiguity when looking up keys in
<tt>known_hosts</tt> or checking host certificate names.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp-server&sektion=8">sftp-server(8)</a>:
Add the ability to whitelist and/or blacklist sftp protocol requests by
name.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp-server&sektion=8">sftp-server(8)</a>:
Add a sftp "fsync@openssh.com" to support calling
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fsync&sektion=2">fsync(2)</a>
on an open file handle.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
Add a
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>
<tt>PermitTTY</tt> to disallow <i>TTY</i> allocation, mirroring the
longstanding <tt>no-pty</tt> <tt>authorized_keys</tt> option.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
Add a
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>
<tt>ProxyUseFDPass</tt> option that supports the use of
<tt>ProxyCommands</tt> that establish a connection and then pass a
connected file descriptor back to
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>.
This allows the <tt>ProxyCommand</tt> to exit rather than staying
around to transfer data.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
this release removes the <i>J-PAKE</i> authentication code. This code
was experimental, never enabled and had been unmaintained for some
time.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
when processing <tt>Match</tt> blocks, skip '<tt>exec</tt>' clauses
other clauses predicates failed to match.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
if hostname canonicalisation is enabled and results in the destination
hostname being changed, then re-parse
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>
files using the new destination hostname. This gives '<tt>Host</tt>'
and '<tt>Match</tt>' directives that use the expanded hostname a chance
to be applied.
</ul>
<li>The following significant bugs have been fixed in this release:
<ul>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
Fix potential stack exhaustion caused by nested certificates.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
make <tt>BindAddress</tt> work with <tt>UsePrivilegedPort</tt>.
(bz#1211)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
fix the progress meter for resumed transfer. (bz#2137)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-add&sektion=1">ssh-add(1)</a>:
do not request smartcard PIN when removing keys from
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&sektion=1">ssh-agent(1)</a>.
(bz#2187)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
fix re-exec fallback when original
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>
binary cannot be executed. (bz#2139)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
Make relative-specified certificate expiry times relative to current
time and not the validity start time.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
fix <tt>AuthorizedKeysCommand</tt> inside a <tt>Match</tt> block.
(bz#2161)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
symlinking a file would incorrectly canonicalise the target path.
(bz#2129)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&sektion=1">ssh-agent(1)</a>:
fix a use-after-free in the PKCS#11 agent helper executable.
(bz#2175)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
Improve logging of sessions to include the <i>user name</i>, <i>remote
host</i> and <i>port</i>, the <i>session type</i> (shell, command,
etc.) and <i>allocated TTY</i> (if any).
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
tell the client (via a debug message) when their preferred listen
address has been overridden by the server's <tt>GatewayPorts</tt>
setting. (bz#1297)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
include report port in bad protocol banner message. (bz#2162)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
fix memory leak in error path in <i>do_readdir()</i>. (bz#2163)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
don't leak file descriptor on error. (bz#2171)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
include the <i>local address</i> and <i>port</i> in "<tt>Connection
from ...</tt>" message. (only shown at <i>loglevel>=verbose</i>)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
avoid spurious "<tt>getsockname failed: Bad file descriptor</tt>" in
<tt>ssh -W</tt>. (bz#2200, debian#738692)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
allow the
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=shutdown&sektion=2">shutdown(2)</a>
syscall in seccomp-bpf and systrace sandbox modes, as it is reachable
if the connection is terminated during the pre-auth phase.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
fix unsigned overflow that in <i>SSH protocol 1 bignum parsing</i>.
Minimum key length checks render this bug unexploitable to compromise
SSH 1 sessions.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5">sshd_config(5)</a>
clarify behaviour of a keyword that appears in multiple matching
<tt>Match</tt> blocks. (bz#2184)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
avoid unnecessary hostname lookups when canonicalisation is disabled.
(bz#2205)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
avoid sandbox violation crashes in GSSAPI code by caching the supported
list of GSSAPI mechanism OIDs before entering the sandbox. (bz#2107)
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
fix possible crashes in SOCKS4 parsing caused by assumption that the
SOCKS username is nul-terminated.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
fix regression for <tt>UsePrivilegedPort=yes</tt> when
<tt>BindAddress</tt> is not specified.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
fix memory leak in ECDSA signature verification.
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
fix matching of '<tt>Host</tt>' directives in
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>
files to be case-insensitive again. (regression in 6.5)
</ul>
</ul>
<p>
<li>Major overhaul of the package tools:
<ul>
<li>Much better memory usage
<li>pkg_add now trusts signed packages only by default
</ul>
<li>Over 8,700 ports
<p>
<li>The build process now allows some limited capability for
building conflicting packages, yielding kde4 packages as a result,
along with kde3.
<li>Many pre-built packages for each architecture:
<table border=0 cellspacing=0 cellpadding=2 width="95%">
<tr>
<td valign="top" width="25%">
<ul>
<li>i386: 8468
<li>sparc64: 7969
<li>alpha: XXXX
<li>m68k: XXXX
</ul></td><td valign=top width="25%"><ul>
<li>sh: XXXX
<li>amd64: 8534
<li>powerpc: 8057
<li>m88k: XXXX
</ul></td><td valign=top width="25%"><ul>
<li>sparc: XXXX
<li>arm: XXXX
<li>hppa: 6549
</ul></td><td valign=top width="25%"><ul>
<li>vax: XXXX
<li>mips64: XXXX
<li>mips64el: XXXX
</ul></td></tr></table>
<p>
<li>Some highlights:
<ul>
<li>GNOME 3.10.2 <li>KDE 3.5.10
<li>KDE 4.11.5
<li>Xfce 4.10 <li>MySQL 5.1.73
<li>PostgreSQL 9.3.2 <li>Postfix 2.11.0
<li>OpenLDAP 2.3.43 and 2.4.38 <li>Mozilla Firefox 24.3 and 26.0
<li>Mozilla Thunderbird 24.3.0 <li>GHC 7.6.3
<li>LibreOffice 4.1.4.2 <li>Emacs 21.4 and 24.3
<li>Vim 7.4.135 <li>PHP 5.3.28 and 5.4.24
<li>Python 2.7.6 and 3.3.2 <li>Ruby 1.8.7.374, 1.9.3.484, 2.0.0.353 and 2.1.0
<li>Tcl/Tk 8.5.15 and 8.6.1 <li>JDK 1.6.0.32 and 1.7.0.21
<li>Mono 2.10.9 <li>Chromium 32.0.1700.102
<li>Groff 1.22.2 <li>Go 1.2
<li>GCC 4.6.4 and 4.8.2 <li>LLVM/Clang 3.3
<li>Node.js 0.10.24
</ul>
<p>
<li>As usual, steady improvements in manual pages and other documentation.
<p>
<li>The system includes the following major components from outside suppliers:
<ul>
<li>Xenocara (based on X.Org 7.7 with xserver 1.14.5 + patches,
freetype 2.5.2, fontconfig 2.10.91, Mesa 9.2.5, xterm 301,
xkeyboard-config 2.10.1 and more)
<li>Gcc 4.2.1 (+patches), 3.3.6 (+ patches) and 2.95.3 (+ patches)
<li>Perl 5.16.3 (+ patches)
<li>Our improved and secured version of Apache 1.3, with
SSL/TLS and DSO support
<li>Nginx 1.4.4 (+ patches)
<li>OpenSSL 1.0.1c (+ patches)
<li>SQLite 3.8.0.2 (+ patches)
<li>Sendmail 8.14.8, with libmilter
<li>Bind 9.4.2-P2 (+ patches)
<li>NSD 4.0.1
<li>Lynx 2.8.7rel.2 with HTTPS and IPv6 support (+ patches)
<li>Sudo 1.7.2p8
<li>Ncurses 5.7
<li>Heimdal 1.5.2 (+ patches)
<li>Binutils 2.15 (+ patches)
<li>Gdb 6.3 (+ patches)
<li>Less 444 (+ patches)
<li>Awk Aug 10, 2011 version
</ul>
</ul>
<a name="install"></a>
<hr>
<p>
<h3><font color="#0000e0">How to install</font></h3>
<p>
Following this are the instructions which you would have on a piece of
paper if you had purchased a CDROM set instead of doing an alternate
form of install. The instructions for doing an FTP (or other style
of) install are very similar; the CDROM instructions are left intact
so that you can see how much easier it would have been if you had
purchased a CDROM instead.
<p>
<hr>
Please refer to the following files on the three CDROMs or FTP mirror for
extensive details on how to install OpenBSD 5.5 on your machine:
<p>
<ul>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/i386/INSTALL.i386">
.../OpenBSD/5.5/i386/INSTALL.i386 (on CD1)</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/vax/INSTALL.vax">
.../OpenBSD/vax/INSTALL.vax (on CD1)</a>
<p>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/amd64/INSTALL.amd64">
.../OpenBSD/amd64/INSTALL.amd64 (on CD2)</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/hppa/INSTALL.hppa">
.../OpenBSD/hppa/INSTALL.hppa (on CD2)</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/macppc/INSTALL.macppc">
.../OpenBSD/macppc/INSTALL.macppc (on CD2)</a>
<p>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/sparc64/INSTALL.sparc64">
.../OpenBSD/sparc64/INSTALL.sparc64 (on CD3)</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/sparc/INSTALL.sparc">
.../OpenBSD/sparc/INSTALL.sparc (on CD3)</a>
<p>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/alpha/INSTALL.alpha">
.../OpenBSD/5.5/alpha/INSTALL.alpha</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/armish/INSTALL.armish">
.../OpenBSD/5.5/armish/INSTALL.armish</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/armv7/INSTALL.armv7">
.../OpenBSD/5.5/armv7/INSTALL.armv7</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/beagle/INSTALL.beagle">
.../OpenBSD/5.5/beagle/INSTALL.beagle</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/hp300/INSTALL.hp300">
.../OpenBSD/5.5/hp300/INSTALL.hp300</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/hppa/INSTALL.hppa">
.../OpenBSD/5.5/hppa/INSTALL.hppa</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/landisk/INSTALL.landisk">
.../OpenBSD/5.5/landisk/INSTALL.landisk</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/loongson/INSTALL.loongson">
.../OpenBSD/5.5/loongson/INSTALL.loongson</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/luna88k/INSTALL.luna88k">
.../OpenBSD/5.5/luna88k/INSTALL.luna88k</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/macppc/INSTALL.macppc">
.../OpenBSD/5.5/macppc/INSTALL.macppc</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/mvme68k/INSTALL.mvme68k">
.../OpenBSD/5.5/mvme68k/INSTALL.mvme68k</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/mvme88k/INSTALL.mvme88k">
.../OpenBSD/5.5/mvme88k/INSTALL.mvme88k</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/octeon/INSTALL.octeon">
.../OpenBSD/5.5/octeon/INSTALL.octeon</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/sgi/INSTALL.sgi">
.../OpenBSD/5.5/sgi/INSTALL.sgi</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/socppc/INSTALL.socppc">
.../OpenBSD/5.5/socppc/INSTALL.socppc</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/sparc/INSTALL.sparc">
.../OpenBSD/5.5/sparc/INSTALL.sparc</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/vax/INSTALL.vax">
.../OpenBSD/5.5/vax/INSTALL.vax</a>
<li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.5/zaurus/INSTALL.zaurus">
.../OpenBSD/5.5/zaurus/INSTALL.zaurus</a>
</ul>
<hr>
<p>
Quick installer information for people familiar with OpenBSD, and the
use of the "disklabel -E" command. If you are at all confused when
installing OpenBSD, read the relevant INSTALL.* file as listed above!
<p>
<h3><font color="#e00000">OpenBSD/i386:</font></h3>
<ul>
Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
release is on CD1. If your BIOS does not support booting from CD, you will need
to create a boot floppy to install from. To create a boot floppy write
<i>CD1:5.5/i386/floppy55.fs</i> to a floppy and boot via the floppy drive.
<p>
Use <i>CD1:5.5/i386/floppyB55.fs</i> instead for greater SCSI controller
support, or <i>CD1:5.5/i386/floppyC55.fs</i> for better laptop support.
<p>
If you can't boot from a CD or a floppy disk,
you can install across the network using PXE as described in
the included INSTALL.i386 document.
<p>
If you are planning on dual booting OpenBSD with another OS, you will need to
read INSTALL.i386.
<p>
To make a boot floppy under MS-DOS, use the "rawrite" utility located
at <i>CD1:5.5/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
use the
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>
utility. The following is an example usage of
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>,
where the device could be "floppy", "rfd0c", or
"rfd0a".
<ul><pre>
# <strong>dd if=<file> of=/dev/<device> bs=32k</strong>
</pre></ul>
<p>
Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
your install will most likely fail. For more information on creating a boot
floppy and installing OpenBSD/i386 please refer to
<a href="faq/faq4.html#MkFlop">FAQ 4.3.2</a>.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/amd64:</font></h3>
<ul>
The 5.5 release of OpenBSD/amd64 is located on CD2.
Boot from the CD to begin the install - you may need to adjust
your BIOS options first.
If you can't boot from the CD, you can create a boot floppy to install from.
To do this, write <i>CD2:5.5/amd64/floppy55.fs</i> to a floppy, then
boot from the floppy drive.
<p>
If you can't boot from a CD or a floppy disk,
you can install across the network using PXE as described in the included
INSTALL.amd64 document.
<p>
If you are planning to dual boot OpenBSD with another OS, you will need to
read INSTALL.amd64.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/macppc:</font></h3>
<ul>
Burn the image from the FTP site to a CDROM, and power on your machine
while holding down the <i>C</i> key until the display turns on and
shows <i>OpenBSD/macppc boot</i>.
<p>
Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
/5.5/macppc/bsd.rd</i>
</ul>
<p>
<h3><font color="#e00000">OpenBSD/sparc64:</font></h3>
<ul>
Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
<p>
If this doesn't work, or if you don't have a CDROM drive, you can write
<i>CD3:5.5/sparc64/floppy55.fs</i> or <i>CD3:5.5/sparc64/floppyB55.fs</i>
(depending on your machine) to a floppy and boot it with <i>boot
floppy</i>. Refer to INSTALL.sparc64 for details.
<p>
Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
will most likely fail.
<p>
You can also write <i>CD3:5.5/sparc64/miniroot55.fs</i> to the swap partition on
the disk and boot with <i>boot disk:b</i>.
<p>
If nothing works, you can boot over the network as described in INSTALL.sparc64.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/alpha:</font></h3>
<ul>
<p>Write <i>FTP:5.5/alpha/floppy55.fs</i> or
<i>FTP:5.5/alpha/floppyB55.fs</i> (depending on your machine) to a diskette and
enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
<p>
Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
will most likely fail.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/armish:</font></h3>
<ul>
<p>
After connecting a serial port, Thecus can boot directly from the network
either tftp or http. Configure the network using fconfig, reset,
then load bsd.rd, see INSTALL.armish for specific details.
IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
More details are available in INSTALL.armish.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/hp300:</font></h3>
<ul>
<p>
Boot over the network by following the instructions in INSTALL.hp300.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/hppa:</font></h3>
<ul>
<p>
Boot over the network by following the instructions in INSTALL.hppa or the
<a href="hppa.html#install">hppa platform page</a>.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/landisk:</font></h3>
<ul>
<p>
Write <i>miniroot55.fs</i> to the start of the CF
or disk, and boot normally.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/loongson:</font></h3>
<ul>
<p>
Write <i>miniroot55.fs</i> to a USB stick and boot bsd.rd from it
or boot bsd.rd via tftp.
Refer to the instructions in INSTALL.loongson for more details.
</ul>
<p>
<p>
<h3><font color="#e00000">OpenBSD/luna88k:</font></h3>
<ul>
<p>
Copy bsd.rd to a Mach or UniOS partition, and boot it from the PROM.
Alternatively, you can create a bootable tape and boot from it. Refer to
the instructions in INSTALL.luna88k for more details.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/mvme68k:</font></h3>
<ul>
<p>
You can create a bootable installation tape or boot over the network.<br>
The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
for more details.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/mvme88k:</font></h3>
<ul>
<p>
You can create a bootable installation tape or boot over the network.<br>
The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
for more details.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/octeon:</font></h3>
<ul>
<p>
After connecting a serial port, boot bsd.rd over the network via DHCP/tftp.
Refer to the instructions in INSTALL.octeon for more details.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/sgi:</font></h3>
<ul>
<p>
To install on an O2, burn cd55.iso on a CD-R, put it in the CD drive of your
machine and select <i>Install System Software</i> from the System Maintenance
menu.
<p>
On other systems, or if your machine doesn't have a CD drive, you can
setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" using
the kernel matching your system type.
Refer to the instructions in INSTALL.sgi for more details.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/socppc:</font></h3>
<ul>
<p>
After connecting a serial port, boot over the network via DHCP/tftp.
Refer to the instructions in INSTALL.socppc for more details.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/sparc:</font></h3>
<ul>
Boot from one of the provided install ISO images, using one of the two
commands listed below, depending on the version of your ROM.
<ul><pre>
ok <strong>boot cdrom 5.5/sparc/bsd.rd</strong>
or
> <strong>b sd(0,6,0)5.5/sparc/bsd.rd</strong>
</pre></ul>
<p>
If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
To do so you need to write <i>floppy55.fs</i> to a floppy.
For more information see <a href="faq/faq4.html#MkFlop">FAQ 4.3.2</a>.
To boot from the floppy use one of the two commands listed below,
depending on the version of your ROM.
<ul><pre>
ok <strong>boot floppy</strong>
or
> <strong>b fd()</strong>
</pre></ul>
<p>
Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
will most likely fail.
<p>
If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
setup a bootable tape, or install via network, as told in the
INSTALL.sparc file.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/vax:</font></h3>
<ul>
Boot over the network via mopbooting as described in INSTALL.vax.
</ul>
<p>
<h3><font color="#e00000">OpenBSD/zaurus:</font></h3>
<ul>
<p>
Using the Linux built-in graphical ipkg installer, install the
openbsd55_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
for a few important details.
</ul>
<p>
<h3><font color="#e00000">Notes about the source code:</font></h3>
<ul>
src.tar.gz contains a source archive starting at /usr/src. This file
contains everything you need except for the kernel sources, which are
in a separate archive. To extract:
<p>
<ul><pre>
# <strong>mkdir -p /usr/src</strong>
# <strong>cd /usr/src</strong>
# <strong>tar xvfz /tmp/src.tar.gz</strong>
</pre></ul>
<p>
sys.tar.gz contains a source archive starting at /usr/src/sys.
This file contains all the kernel sources you need to rebuild kernels.
To extract:
<p>
<ul><pre>
# <strong>mkdir -p /usr/src/sys</strong>
# <strong>cd /usr/src</strong>
# <strong>tar xvfz /tmp/sys.tar.gz</strong>
</pre></ul>
<p>
Both of these trees are a regular CVS checkout. Using these trees it
is possible to get a head-start on using the anoncvs servers as
described <a href="anoncvs.html">here</a>.
Using these files
results in a much faster initial CVS update than you could expect from
a fresh checkout of the full OpenBSD source tree.
<p>
</ul>
<a name="upgrade"></a>
<hr>
<p>
<h3><font color="#0000e0">How to upgrade</font></h3>
<p>
If you already have an OpenBSD 5.4 system, and do not want to reinstall,
upgrade instructions and advice can be found in the
<a href="faq/upgrade55.html">Upgrade Guide</a>.
<a name="ports"></a>
<hr>
<p>
<h3><font color="#0000e0">Ports Tree</font></h3>
<p>
A ports tree archive is also provided. To extract:
<p>
<ul><pre>
# <strong>cd /usr</strong>
# <strong>tar xvfz /tmp/ports.tar.gz</strong>
</pre></ul>
<p>
The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
read the <a href="faq/ports/index.html">ports</a> page
if you know nothing about ports
at this point. This text is not a manual of how to use ports.
Rather, it is a set of notes meant to kickstart the user on the
OpenBSD ports system.
<p>
The <i>ports/</i> directory represents a CVS (see the manpage for
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&arch=i386">
cvs(1)</a> if
you aren't familiar with CVS) checkout of our ports. As with our complete
source tree, our ports tree is available via
<a href="anoncvs.html">AnonCVS</a>.
So, in order to keep current with it, you must make the <i>ports/</i> tree
available on a read-write medium and update the tree with a command
like:
<p>
<ul><pre>
# <strong>cd /usr/ports</strong>
# <strong>cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_5</strong>
</pre></ul>
<p>
[Of course, you must replace the server name here with a nearby anoncvs
server.]
<p>
Note that most ports are available as packages through FTP. Updated
packages for the 5.5 release will be made available if problems arise.
<p>
If you're interested in seeing a port added, would like to help out, or just
would like to know more, the mailing list
<a href="mail.html">ports@openbsd.org</a> is a good place to know.
<p>
</body>
</html>
![[BACK]](/icons/back.gif){kind=icon}
Return to 55.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www