=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/59.html,v retrieving revision 1.66 retrieving revision 1.67 diff -c -r1.66 -r1.67 *** www/59.html 2016/03/09 10:01:23 1.66 --- www/59.html 2016/03/09 16:57:19 1.67 *************** *** 15,21 ****

! Dr Wxorx

OpenBSD 5.9

To be released May 1, 2016
--- 15,21 ----

! Dr W^X

OpenBSD 5.9

To be released May 1, 2016
*************** *** 51,65 **** are not included on the CDROM because of lack of space.

-

!

!

What's New

!

This is a partial list of new features and systems included in OpenBSD 5.9. For a comprehensive list, see the changelog leading to 5.9. -

*************** *** 242,249 ****

  • 802.11n mode is used by default if supported by the OpenBSD wireless driver and the access point. Operation in 802.11a, 802.11b, and 802.11g modes can be forced with ! the new ifconfig(8) ! mode subcommand.

    --- 228,235 ----

  • 802.11n mode is used by default if supported by the OpenBSD wireless driver and the access point. Operation in 802.11a, 802.11b, and 802.11g modes can be forced with ! the new ifconfig(8) ! mode subcommand.

    *************** *** 275,281 ****

  • When initializing a GPT the required EFI System partition is automatically created.
  • When installing to a GPT disk ! installboot(8) now formats the EFI System partition, creates the appropriate directory structure and copies the required UEFI boot files into place.
  • ... --- 261,267 ----
  • When initializing a GPT the required EFI System partition is automatically created.
  • When installing to a GPT disk ! installboot(8) now formats the EFI System partition, creates the appropriate directory structure and copies the required UEFI boot files into place.
  • ... *************** *** 328,334 ****
  • Support for looking up hosts via YP has been removed from libc. The 'yp' lookup method in ! resolv.conf is no longer available.
  • Support for the HOSTALIASES environment variable has been removed from libc. --- 314,320 ----
  • Support for looking up hosts via YP has been removed from libc. The 'yp' lookup method in ! resolv.conf is no longer available.
  • Support for the HOSTALIASES environment variable has been removed from libc. *************** *** 378,384 **** The associated fields in the disklabel were also removed. These functions are now all performed by ! installboot(8).
  • PowerPC converted to secure-PLT ABI variant.
  • Perform lazy binding updates in ld.so(1) --- 364,370 ---- The associated fields in the disklabel were also removed. These functions are now all performed by ! installboot(8).
  • PowerPC converted to secure-PLT ABI variant.
  • Perform lazy binding updates in ld.so(1) *************** *** 396,404 **** system call to tighten pledge(2) restrictions and improve pthread_kill(3) and pthread_cancel(3) compliance.
  • Added ! getpwnam_shadow(3) and ! getpwuid_shadow(3) to permit tighter pledge(2) restrictions.
  • Added support to ktrace(1) --- 382,390 ---- system call to tighten pledge(2) restrictions and improve pthread_kill(3) and pthread_cancel(3) compliance.
  • Added ! getpwnam_shadow(3) and ! getpwuid_shadow(3) to permit tighter pledge(2) restrictions.
  • Added support to ktrace(1) *************** *** 693,700 ****
  • Removed support for DTLS_BAD_VER. Pre-DTLSv1 implementations are no longer supported.
  • The engine command and parameters are removed from ! ! openssl(1). Previous releases removed dynamic and built-in engine support already.
  • SHA-0 is removed, which was withdrawn shortly after publication twenty years ago. --- 679,686 ----
  • Removed support for DTLS_BAD_VER. Pre-DTLSv1 implementations are no longer supported.
  • The engine command and parameters are removed from ! ! openssl(1). Previous releases removed dynamic and built-in engine support already.
  • SHA-0 is removed, which was withdrawn shortly after publication twenty years ago. *************** *** 702,722 **** cert.pem file.
  • Fixed a leak in ! SSL_new(3) in the error path.
  • Fixed a memory leak and out-of-bounds access in ! OBJ_obj2txt(3).
  • Fixed an up-to 7 byte overflow in RC4 when len is not a multiple of sizeof(RC4_CHUNK).
  • Added ! EVP_aead_chacha20_poly1305_ietf(3) which matches the AEAD construction introduced in RFC 7539, which is different than that already used in TLS with ! EVP_aead_chacha20_poly1305(3).
  • More man pages converted from pod to mdoc(7) format. --- 688,708 ---- cert.pem file.
  • Fixed a leak in ! SSL_new(3) in the error path.
  • Fixed a memory leak and out-of-bounds access in ! OBJ_obj2txt(3).
  • Fixed an up-to 7 byte overflow in RC4 when len is not a multiple of sizeof(RC4_CHUNK).
  • Added ! EVP_aead_chacha20_poly1305_ietf(3) which matches the AEAD construction introduced in RFC 7539, which is different than that already used in TLS with ! EVP_aead_chacha20_poly1305(3).
  • More man pages converted from pod to mdoc(7) format. *************** *** 753,773 **** --- 739,758 ---- *************** *** 793,813 ****
  • Added ability to check certificate validity times with libtls, ! tls_peer_cert_notbefore(3) and ! tls_peer_cert_notafter(3).
  • Changed ! tls_connect_servername(3) to use the first address that resolves with ! getaddrinfo(3).
  • Remove broken conditional EVP_CHECK_DES_KEY code (non-functional since initial commit in 2004).
  • Reject too small bits value in ! BN_generate_prime_ex(3), so that it does not risk becoming negative in probable_prime_dh_safe().
  • Changed format of LIBRESSL_VERSION_NUMBER to match that of --- 778,798 ----
  • Added ability to check certificate validity times with libtls, ! tls_peer_cert_notbefore(3) and ! tls_peer_cert_notafter(3).
  • Changed ! tls_connect_servername(3) to use the first address that resolves with ! taddrinfo(3).
  • Remove broken conditional EVP_CHECK_DES_KEY code (non-functional since initial commit in 2004).
  • Reject too small bits value in ! te_prime_ex(3), so that it does not risk becoming negative in probable_prime_dh_safe().
  • Changed format of LIBRESSL_VERSION_NUMBER to match that of *************** *** 909,919 **** -
    !

    !

    How to install

    !

    Following this are the instructions which you would have on a piece of paper if you had purchased a CDROM set instead of doing an alternate form of install. The instructions for doing an HTTP (or other style --- 894,903 ----

    ! !

    How to install

    ! Following this are the instructions which you would have on a piece of paper if you had purchased a CDROM set instead of doing an alternate form of install. The instructions for doing an HTTP (or other style *************** *** 923,931 ****

    Please refer to the following files on the three CDROMs or mirror site for extensive details on how to install OpenBSD 5.9 on your machine: !

    OpenBSD/amd64:

    + -
    !

    How to upgrade

    If you already have an OpenBSD 5.8 system, and do not want to reinstall, upgrade instructions and advice can be found in the Upgrade Guide. -
    !

    !

    Notes about the source code

    !

    src.tar.gz contains a source archive starting at /usr/src. This file contains everything you need except for the kernel sources, which are in a separate archive. To extract: ! 

      # mkdir -p /usr/src
  # cd /usr/src
  # tar xvfz /tmp/src.tar.gz
    !

    sys.tar.gz contains a source archive starting at /usr/src/sys. This file contains all the kernel sources you need to rebuild kernels. To extract: ! 

      # mkdir -p /usr/src/sys
  # cd /usr/src
  # tar xvfz /tmp/sys.tar.gz
    !

    Both of these trees are a regular CVS checkout. Using these trees it is possible to get a head-start on using the anoncvs servers as described here. --- 1135,1173 ---- for a few important details.

    !

    How to upgrade

    If you already have an OpenBSD 5.8 system, and do not want to reinstall, upgrade instructions and advice can be found in the Upgrade Guide. +

    ! !

    Notes about the source code

    ! src.tar.gz contains a source archive starting at /usr/src. This file contains everything you need except for the kernel sources, which are in a separate archive. To extract: ! 
      # mkdir -p /usr/src
  # cd /usr/src
  # tar xvfz /tmp/src.tar.gz
    ! sys.tar.gz contains a source archive starting at /usr/src/sys. This file contains all the kernel sources you need to rebuild kernels. To extract: ! 
      # mkdir -p /usr/src/sys
  # cd /usr/src
  # tar xvfz /tmp/sys.tar.gz
    ! Both of these trees are a regular CVS checkout. Using these trees it is possible to get a head-start on using the anoncvs servers as described here. *************** *** 1189,1206 **** a fresh checkout of the full OpenBSD source tree.

    -

    !

    !

    Ports Tree

    !

    A ports tree archive is also provided. To extract: ! 

      # cd /usr
  # tar xvfz /tmp/ports.tar.gz
    !

    Go read the ports page if you know nothing about ports at this point. This text is not a manual of how to use ports. --- 1176,1192 ---- a fresh checkout of the full OpenBSD source tree.

    ! !

    Ports Tree

    ! A ports tree archive is also provided. To extract: ! 
      # cd /usr
  # tar xvfz /tmp/ports.tar.gz
    ! Go read the ports page if you know nothing about ports at this point. This text is not a manual of how to use ports. *************** *** 1216,1227 **** So, in order to keep up to date with the -stable branch, you must make the ports/ tree available on a read-write medium and update the tree with a command like: ! 

      # cd /usr/ports
  # cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_9
    !

    [Of course, you must replace the server name here with a nearby anoncvs server.]

    --- 1202,1213 ---- So, in order to keep up to date with the -stable branch, you must make the ports/ tree available on a read-write medium and update the tree with a command like: ! 

      # cd /usr/ports
  # cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_9
    ! [Of course, you must replace the server name here with a nearby anoncvs server.]