=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/59.html,v retrieving revision 1.66 retrieving revision 1.67 diff -u -r1.66 -r1.67 --- www/59.html 2016/03/09 10:01:23 1.66 +++ www/59.html 2016/03/09 16:57:19 1.67 @@ -15,7 +15,7 @@

-Dr Wxorx +Dr W^X

OpenBSD 5.9

To be released May 1, 2016
@@ -51,15 +51,13 @@ are not included on the CDROM because of lack of space.

-

-

-

What's New

-

+ +

What's New

+ This is a partial list of new features and systems included in OpenBSD 5.9. For a comprehensive list, see the changelog leading to 5.9. -

@@ -242,8 +228,8 @@

  • 802.11n mode is used by default if supported by the OpenBSD wireless driver and the access point. Operation in 802.11a, 802.11b, and 802.11g modes can be forced with - the new ifconfig(8) - mode subcommand. + the new ifconfig(8) + mode subcommand.

    @@ -275,7 +261,7 @@

  • When initializing a GPT the required EFI System partition is automatically created.
  • When installing to a GPT disk - installboot(8) + installboot(8) now formats the EFI System partition, creates the appropriate directory structure and copies the required UEFI boot files into place.
  • ... @@ -328,7 +314,7 @@
  • Support for looking up hosts via YP has been removed from libc. The 'yp' lookup method in - resolv.conf + resolv.conf is no longer available.
  • Support for the HOSTALIASES environment variable has been removed from libc. @@ -378,7 +364,7 @@ The associated fields in the disklabel were also removed. These functions are now all performed by - installboot(8). + installboot(8).
  • PowerPC converted to secure-PLT ABI variant.
  • Perform lazy binding updates in ld.so(1) @@ -396,9 +382,9 @@ system call to tighten pledge(2) restrictions and improve pthread_kill(3) and pthread_cancel(3) compliance.
  • Added - getpwnam_shadow(3) + getpwnam_shadow(3) and - getpwuid_shadow(3) + getpwuid_shadow(3) to permit tighter pledge(2) restrictions.
  • Added support to ktrace(1) @@ -693,8 +679,8 @@
  • Removed support for DTLS_BAD_VER. Pre-DTLSv1 implementations are no longer supported.
  • The engine command and parameters are removed from - - openssl(1). + + openssl(1). Previous releases removed dynamic and built-in engine support already.
  • SHA-0 is removed, which was withdrawn shortly after publication twenty years ago. @@ -702,21 +688,21 @@ cert.pem file.
  • Fixed a leak in - SSL_new(3) + SSL_new(3) in the error path.
  • Fixed a memory leak and out-of-bounds access in - OBJ_obj2txt(3). + OBJ_obj2txt(3).
  • Fixed an up-to 7 byte overflow in RC4 when len is not a multiple of sizeof(RC4_CHUNK).
  • Added - EVP_aead_chacha20_poly1305_ietf(3) + EVP_aead_chacha20_poly1305_ietf(3) which matches the AEAD construction introduced in RFC 7539, which is different than that already used in TLS with - EVP_aead_chacha20_poly1305(3). + EVP_aead_chacha20_poly1305(3).
  • More man pages converted from pod to mdoc(7) format. @@ -753,21 +739,20 @@ @@ -793,21 +778,21 @@
  • Added ability to check certificate validity times with libtls, - tls_peer_cert_notbefore(3) + tls_peer_cert_notbefore(3) and - tls_peer_cert_notafter(3). + tls_peer_cert_notafter(3).
  • Changed - tls_connect_servername(3) + tls_connect_servername(3) to use the first address that resolves with - getaddrinfo(3). + taddrinfo(3).
  • Remove broken conditional EVP_CHECK_DES_KEY code (non-functional since initial commit in 2004).
  • Reject too small bits value in - BN_generate_prime_ex(3), + te_prime_ex(3), so that it does not risk becoming negative in probable_prime_dh_safe().
  • Changed format of LIBRESSL_VERSION_NUMBER to match that of @@ -909,11 +894,10 @@ -
    -

    -

    How to install

    -

    + +

    How to install

    + Following this are the instructions which you would have on a piece of paper if you had purchased a CDROM set instead of doing an alternate form of install. The instructions for doing an HTTP (or other style @@ -923,9 +907,10 @@

    +

    Please refer to the following files on the three CDROMs or mirror site for extensive details on how to install OpenBSD 5.9 on your machine: -

    +

    + +

    @@ -995,6 +982,7 @@

    OpenBSD/amd64:

    + -
    -

    How to upgrade

    +

    How to upgrade

    If you already have an OpenBSD 5.8 system, and do not want to reinstall, upgrade instructions and advice can be found in the Upgrade Guide. +

    -

    -

    -

    Notes about the source code

    -

    + +

    Notes about the source code

    + src.tar.gz contains a source archive starting at /usr/src. This file contains everything you need except for the kernel sources, which are in a separate archive. To extract: -

    + 

     # mkdir -p /usr/src
 # cd /usr/src
 # tar xvfz /tmp/src.tar.gz
    -

    + sys.tar.gz contains a source archive starting at /usr/src/sys. This file contains all the kernel sources you need to rebuild kernels. To extract: -

    + 

     # mkdir -p /usr/src/sys
 # cd /usr/src
 # tar xvfz /tmp/sys.tar.gz
    -

    + Both of these trees are a regular CVS checkout. Using these trees it is possible to get a head-start on using the anoncvs servers as described here. @@ -1189,18 +1176,17 @@ a fresh checkout of the full OpenBSD source tree.

    -

    -

    -

    Ports Tree

    -

    + +

    Ports Tree

    + A ports tree archive is also provided. To extract: -

    + 

     # cd /usr
 # tar xvfz /tmp/ports.tar.gz
    -

    + Go read the ports page if you know nothing about ports at this point. This text is not a manual of how to use ports. @@ -1216,12 +1202,12 @@ So, in order to keep up to date with the -stable branch, you must make the ports/ tree available on a read-write medium and update the tree with a command like: -

    + 

     # cd /usr/ports
 # cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_9
    -

    + [Of course, you must replace the server name here with a nearby anoncvs server.]