Annotation of www/62.html, Revision 1.49
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2: <html>
3: <head>
4: <title>OpenBSD 6.2</title>
5: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
6: <meta name="description" content="OpenBSD 6.2">
7: <meta name="copyright" content="This document copyright 2017 by OpenBSD.">
8: <meta name="viewport" content="width=device-width, initial-scale=1">
9: <link rel="stylesheet" type="text/css" href="openbsd.css">
10: <link rel="canonical" href="https://www.openbsd.org/62.html">
11: </head>
12:
13: <body bgcolor="#ffffff" text="#000000" link="#24248E">
14:
15: <h2>
16: <a href="index.html">
17: <i><font color="#0000ff">Open</font></i><font color="#000084">BSD</font></a>
18: <font color="#e00000">6.2</font>
19: </h2>
20:
21: <a href="images/XXX.gif">
22: <img align="left" width="227" height="343" hspace="24" src="images/XXX.gif"></a>
23: Released October 15, 2017<br>
24: Copyright 1997-2017, Theo de Raadt.<br>
25: <br>
26: <br>
27: 6.2 Song:
28: <a href="lyrics.html#62">XXX</a>.
29:
30: <br>
31: <ul>
32: <li>See the information on <a href="ftp.html">the FTP page</a> for
33: a list of mirror machines.
34: <li>Go to the <font color="#e00000">pub/OpenBSD/6.2/</font> directory on
35: one of the mirror sites.
36: <li>Have a look at <a href="errata62.html">the 6.2 errata page</a> for a list
37: of bugs and workarounds.
38: <li>See a <a href="plus62.html">detailed log of changes</a> between the
39: 6.1 and 6.2 releases.
40: <p>
41: <li><a href="https://man.openbsd.org/signify.1">signify(1)</a>
42: pubkeys for this release:<br>
43: <pre>
44: base: RWRVWzAMgtyg7g27STK1h1xA6RIwtjex6Vr5Y9q5SC5q5+b0GN4lLhfu
45: fw: RWSbA8C2TPUQLi48EqHtg7Rx7KGDt6E/2d8OeJinGZPbpoqGRxA0N2oW
46: pkg: RWRvEq+UPCq0VGI9ar7VMy+HYKDrOb4WS5JLhdUBiX3qvJgPQjyZSTxI
47: </pre>
48: <p>
49: All applicable copyrights and credits are in the src.tar.gz,
50: sys.tar.gz, xenocara.tar.gz, ports.tar.gz files, or in the
51: files fetched via ports.tar.gz.
52: </ul>
53: <br clear=all>
54:
55: <hr>
56:
57: <h3 id="new"><font color="#0000e0">What's New</font></h3>
58:
59: This is a partial list of new features and systems included in OpenBSD 6.2.
60: For a comprehensive list, see the <a href="plus62.html">changelog</a> leading
61: to 6.2.
62:
63: <ul>
64: <li>New/extended platforms:
65: <ul>
1.26 brynet 66: <li>The <a href="https://www.openbsd.org/i386.html">i386</a> and
67: <a href="https://www.openbsd.org/amd64.html">amd64</a>
68: platforms have switched to using
69: <a href="https://man.openbsd.org/clang-local.1">clang(1)</a>
70: as the base system compiler.
1.1 deraadt 71: <li>...
72: </ul>
73: <p>
74:
75: <li>Improved hardware support, including:
76: <ul>
1.12 stsp 77: <li>arm: New <a href="https://man.openbsd.org/rkgrf.4">rkgrf(4)</a> driver for the Rockchip RK3399/RK3288 register file.
78: <li>arm: New <a href="https://man.openbsd.org/rkclock.4">rkclock(4)</a> driver for Rockchip RK3399/RK3288 clocks.
79: <li>arm: New <a href="https://man.openbsd.org/rkpinctrl.4">rkpinctrl(4)</a> driver for controlling Rockchip RK3399/RK3288 pins.
80: <li>arm: New <a href="https://man.openbsd.org/rkpgpio.4">rkpgpio(4)</a> driver for Rockchip RK3399 GPIO.
81: <li>arm: New <a href="https://man.openbsd.org/rkgtemp.4">rkptemp(4)</a> driver for Rockchip RK3399 temperature sensors.
82: <li>arm: New <a href="https://man.openbsd.org/rkiic.4">rkiic(4)</a> driver for Rockchip RK3399 I2C controllers.
83: <li>arm: New <a href="https://man.openbsd.org/rkpmic.4">rkpmic(4)</a> driver for the RK808 Power Management IC.
84: <li>arm: New <a href="https://man.openbsd.org/dwmmc.4">dwmmc(4)</a> driver for Synopsis Designware SD/MMC controllers.
85: <li>arm: New <a href="https://man.openbsd.org/dwdog.4">dwdog(4)</a> driver for the Synopsys Designware watchdog timer.
86: <li>arm: New <a href="https://man.openbsd.org/dwxe.4">dwxe(4)</a> driver for the Synopsys Designware Ethernet controller.
1.38 jca 87: <li>arm: New <a href="https://man.openbsd.org/sxitwi.4">sxitwi(4)</a> driver for the two-wire bus on Allwinner SoCs.
1.12 stsp 88: <li>arm: New <a href="https://man.openbsd.org/axppmic.4">axppmic(4)</a> driver for the AXP209 I2C PMIC.
89: <li>arm: New <a href="https://man.openbsd.org/bcmaux.4">bcmaux(4)</a> driver for clocks and interrupts on the auxilliary UART on BCM2835 devices.
90: <li>arm: New <a href="https://man.openbsd.org/mvpinctrl.4">mvpinctrl(4)</a> driver to configure pins on Marvell SoCs (Armada 388).
91: <li>arm: New <a href="https://man.openbsd.org/mvneta.4">mvneta(4)</a> driver the Ethernet controller on the Armada 38x series.
1.17 ians 92: <li>arm: New <a href="https://man.openbsd.org/amdisplay.4">amdisplay(4) & nxphdmi(4)</a> drivers for the Texas Instruments AM335x LCD controller.
1.43 visa 93: <li>octeon: New <a href="https://man.openbsd.org/octeon/octcib.4">octcib(4)</a> driver for the interrupt bus widget on CN70xx/CN71xx.
94: <li>octeon: New <a href="https://man.openbsd.org/octeon/octcit.4">octcit(4)</a> driver for the central interrupt unit version 3 on CN72xx/CN73xx/CN77xx/CN78xx.
1.5 stsp 95: <li>octeon: New <a href="https://man.openbsd.org/octeon/octsctl.4">octsctl(4)</a> driver for the OCTEON SATA controller bridge.
96: <li>octeon: New <a href="https://man.openbsd.org/octeon/octxctl.4">octxctl(4)</a> driver for the OCTEON USB3 controller bridge.
1.48 visa 97: <li>octeon: Rhino Labs Inc. SDNA Shasta, and Ubiquiti Networks EdgeRouter 4 and 6 are now supported.
1.5 stsp 98: <li>New <a href="https://man.openbsd.org/hvs.4">hvs(4)</a> driver for Hyper-V storage.
99: <li>New <a href="https://man.openbsd.org/pcxrtc.4">pcxrtc(4)</a> driver for the NXP PCF8563 Real Time Clock.
100: <li>New <a href="https://man.openbsd.org/urng.4">urng(4)</a> driver for USB random number generator devices.
101: <li>Intel 8265 and 3168 support was added to the <a href="https://man.openbsd.org/iwm.4">iwm(4)</a> driver.
102: <li>RTL8192CE support was added to the <a href="https://man.openbsd.org/rtwn.4">rtwn(4)</a> driver.
103: <li>RT5360 support was added to the <a href="https://man.openbsd.org/ral.4">ral(4)</a> driver.
104: <li>RTS525A support was added to the <a href="https://man.openbsd.org/rtsx.4">rtsx(4)</a> driver.
105: <li>The <a href="https://man.openbsd.org/acpibat.4">acpibat(4)</a> driver now supports _BIX entries from ACPI 4.0.
106: <li>ACPI hibernate support was added to the <a href="https://man.openbsd.org/nvme.4">nvme(4)</a> driver.
107: <li>Substantially improved ACPI hibernate performance in the <a href="https://man.openbsd.org/ahci.4">ahci(4)</a> driver.
1.16 mikeb 108: <li>The <a href="https://man.openbsd.org/inteldrm.4">inteldrm(4)</a> driver was updated to code based on Linux 4.4.70. It now supports Skylake, Kaby Lake, and Cherryview devices and has better support for Broadwell and Valleyview devices.
1.28 sthen 109: <li>The <a href="https://man.openbsd.org/puc.4">puc(4)</a> driver now supports ASIX AX99100 devices.
1.16 mikeb 110: <li>Xen platform support and the <a href="https://man.openbsd.org/xbf.4">xbf(4)</a> driver in particular have been substantially improved.
1.42 krw 111: <li><a href="https://man.openbsd.org/nvme.4">nvme(4)</a> driver now reports correct last sector address to scsi, allowing valid GPT to be created.
1.1 deraadt 112: <li>...
113: </ul>
114:
115: <p>
1.36 pd 116: <li><a href="https://man.openbsd.org/amd64/vmm.4">vmm(4)</a>/
117: <a href="https://man.openbsd.org/amd64/vmd.8">vmd(8)</a> improvements:
1.1 deraadt 118: <ul>
1.46 mlarkin 119: <li><a href="https://man.openbsd.org/amd64/vmctl.8">vmctl(8)</a> supports paused VM migration and memory snapshotting using send and receive commands.
120: <li>VPID/ASID reuse/rollover in <a href="https://man.openbsd.org/amd64/vmm.4">vmm(4)</a>.
121: <li>SGABIOS imported as an option ROM payload in SeaBIOS (for VGA to serial console redirection.)
122: <li><a href="https://man.openbsd.org/amd64/vmd.8">vmd(8)</a> resets the guest VM RTC (real time clock) on host resume from suspend/hibernate (OpenBSD guests only.)
123: <li>Allow guest VMs access to AVX/AVX2 host CPU features
124: <li>Support for AMD SVM/RVI hosts
125: <li>Allow larger guest VM memory sizes (up to MAXDSIZ sized guests - eg, 32GB on amd64 hosts)
126: <li>Better handling of guest VM MONITOR/MWAIT and HLT instructions
127: <li>Various device emulation improvements in <a href="https://man.openbsd.org/amd64/vmd.8">vmd(8)</a>.
128: <li>Increase the <a href="https://man.openbsd.org/virtio.4">virtio(4)</a> queue size provided by <a href="https://man.openbsd.org/amd64/vmd.8">vmd(8)</a> from 64 to 128 entries, to increase performance.
129: <li>Many fixes to <a href="https://man.openbsd.org/amd64/vmctl.8">vmctl(8)</a> and <a href="https://man.openbsd.org/amd64/vmd.8">vmd(8)</a> error handling.
1.1 deraadt 130: </ul>
131: <p>
132:
133: <li>IEEE 802.11 wireless stack improvements:
134: <ul>
1.8 stsp 135: <li>MiRA 802.11n TX rate scaling now supports devices with unequal numbers of Tx and Rx streams. Fixes 11n mode for some <a href="https://man.openbsd.org/athn.8">athn(8)</a> devices.
136: <li>The <a href="https://man.openbsd.org/iwn.8">iwn(8)</a> and <a href="https://man.openbsd.org/iwm.8">iwm(8)</a> drivers will now start scanning for a new access point if they no longer receive beacons from their current AP.
137: <li>Prefer the 5GHz band over the 2GHz band during access point selection.
138: <li>Improved debug output in <a href="https://man.openbsd.org/dmesg.8">dmesg(8)</a> when a wireless interface is put into debug mode with <a href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a>.
1.1 deraadt 139: </ul>
140: <p>
141:
142: <li>Generic network stack improvements:
143: <ul>
1.20 mpi 144: <li> Incoming and forwarded IP packets are now processed without
145: KERNEL_LOCK, resulting in better performances and reduced latency
1.4 florian 146: <li> The kernel no longer handles IPv6 Stateless Address
147: Autoconfiguration (RFC 4862), allowing cleanup and simplification
148: of the IPv6 network stack.
149: <li> The kernel sends IPv6 router solicitations for link local addresses
150: with a link local source address.
1.16 mikeb 151: <li> FQ-CoDel algorithm has been implemented for use with <a
152: href="https://man.openbsd.org/pf.conf#QUEUEING">pf(4) queueing</a>.
1.31 bluhm 153: <li>Improve IPv6 checks for IPsec policies and make them consistent
154: with IPv4.
155: <li>Refactor local IP delivery to process IPsec packets in a flow.
156: Avoid that they are enqueued a second time.
157: <li><a href="https://man.openbsd.org/pf.4">pf(4)</a>
158: looks into AH packets and matches on the inner protocol.
159: This makes IPv4 authentication headers work like IPv6.
160: <li>The length of extension header chains in pf(4) is limited.
161: This prevents spending excessive cpu time on crafted packets.
162: <li>Block IPv6 packets in pf(4) that have hop-by-hop options
163: header or destination options header.
164: Such packets can be passed by adding "allow-opts" to the
165: rule.
166: So IPv6 options are handled like their counterpart in IPv4
167: now.
1.38 jca 168: <li>If the IPv4 ID gets reused too fast, pf(4) fragment reassembly
1.31 bluhm 169: uses a smarter strategy to drop packets.
1.1 deraadt 170: <li>...
171: </ul>
172: <p>
173:
174: <li>Installer improvements:
175: <ul>
1.4 florian 176: <li> The installer now uses the Allotment Routing Table (ART).
1.7 rpe 177: <li> A unique kernel is now created by the installer to boot from after install/upgrade.
178: <li> On release installs of architectures supported by syspatch "syspatch -c" is added to rc.firsttime.
179: <li> Backwards compatibility code to support the 'rtsol' keyword in hostname.if(5) has been removed.
180: <li> The install.site and upgrade.site scripts are now executed at the end of the install/upgrade process.
181: <li> More detailed information is shown to identify disks.
182: <li> The IPv6 default router selection has been fixed.
1.45 tb 183: <li> On the amd64 platform, the AES-NI is used if present.
1.1 deraadt 184: <li>...
185: </ul>
186: <p>
187:
188: <li>Routing daemons and other userland network improvements:
189: <ul>
1.4 florian 190: <li> A new daemon, <a
1.31 bluhm 191: href="https://man.openbsd.org/slaacd.8">slaacd(8)</a> handles IPv6
1.4 florian 192: Stateless Address Autoconfiguration (RFC 4862).
1.31 bluhm 193: <li> <a href="https://man.openbsd.org/rtadvd.8">rtadvd(8)</a> now supports
1.4 florian 194: "Reducing Energy Consumption of Router Advertisements" (RFC 7772).
1.37 jca 195: <li><a href="https://man.openbsd.org/rtadvd.8">rtadvd(8)</a> has
196: been fixed to quickly handle IPv6 prefixes changes on the system.
1.31 bluhm 197: <li><a href="https://man.openbsd.org/ipsecctl.8">ipsecctl(8)</a>
198: can show SA bundles now.
199: The keyword "bundle" allows to create them explicitly.
200: This avoids confusion as they were used implicitly before.
201: <li><a href="https://man.openbsd.org/nc.1">nc(1)</a>
202: has got the option -W "recvlimit" to terminate netcat after
203: receiving a number of packets.
204: This allows to send a UDP request, receive a reply and check
205: the result on the command line.
206: <li>Fix a bunch of races in
207: <a href="https://man.openbsd.org/relayd.8">relayd(8)</a>
208: expecially in HTTP chunked mode.
1.37 jca 209: <li><a href="https://man.openbsd.org/ndp.8">ndp(8)</a> shows the
210: relevant NDP information when run in a non-default routing
211: domain.
1.40 jca 212: <li><a href="https://man.openbsd.org/ifstated.8">ifstated(8)</a> now
213: copes with interface departures/arrivals.
1.1 deraadt 214: <li>...
215: </ul>
216: <p>
217:
218: <li>Security improvements:
219: <ul>
1.9 otto 220: <li>A new function
221: <a href="https://man.openbsd.org/freezero.3">freezero(3)</a>
222: to easily clear and free memory holding sensitive data has been added.
223: <li>Double free detection has been improved when the F
224: <a href="https://man.openbsd.org/malloc.3">malloc(3)</a> option is used.
225: The existing S option now includes F.
1.24 anton 226: <li>The <a href="https://man.openbsd.org/tty.4#TIOCSTI">TIOCSTI</a>
1.19 deraadt 227: tty ioctl has been removed. The I/O-loops in the last two consumers
1.24 anton 228: <a href="https://man.openbsd.org/csh.1">csh(1)</a> and
229: <a href="https://man.openbsd.org/mail.1">mail(1)</a>
1.19 deraadt 230: were rewritten to cope with the removal.
1.29 brynet 231: <li>Trapsleds, a new mitigation that significantly reduces the amount of
1.30 brynet 232: nops in the instruction stream, converting them to traps, making it
233: harder to target potential gadgets.
1.29 brynet 234: <li>Kernel Address Randomized Link (KARL), a new "link-kit" allows the .o
235: files of the kernel to be relinked in a random order, creating a unique
236: kernel for each boot.
237: <li>Like with libc previously,
238: <a href="https://man.openbsd.org/rc.8">rc(8)</a> re-links libcrypto on
239: startup, placing the objects in a random order.
240: <li>In addition to libcrypto, to deter code reuse exploits,
241: <a href="https://man.openbsd.org/rc.8">rc(8)</a> re-links
242: <a href="https://man.openbsd.org/ld.so.1">ld.so</a> on
243: startup, placing the objects in a random order.
1.31 bluhm 244: <li>If process accounting is activated with
245: <a href="https://man.openbsd.org/accton.8">accton(8)</a>,
246: the daily mail shows pledge violations and program crashes.
247: <a href="https://man.openbsd.org/lastcomm.8">lastcomm(8)</a>
248: uses the flags P and T for such processes.
1.34 brynet 249: <li><a href="https://man.openbsd.org/pflogd.8">pflogd(8)</a> uses the
250: fork+exec model.
251: <li><a href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a> uses the
252: fork+exec model.
1.39 jca 253: <li><a href="https://man.openbsd.org/ifstated.8">ifstated(8)</a>
254: uses <a href="https://man.openbsd.org/pledge.2">pledge(2)</a>.
255: <li><a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> and
256: <a href="https://man.openbsd.org/snmpd.8">snmpctl(8)</a> now use
257: <a href="https://man.openbsd.org/pledge.2">pledge(2)</a>.
1.45 tb 258: <li>Tighter pledge for <a href="https://man.openbsd.org/at.1">at(1)</a>.
259: <li>Fixed and simplified pledge logic for
260: <a href="https://man.openbsd.org/nc.1">nc(1)</a>.
1.1 deraadt 261: </ul>
262: <p>
263:
1.32 krw 264: <li><a href="https://man.openbsd.org/dhcpd.8">dhcpd(8)</a>/
1.1 deraadt 265: <a href="https://man.openbsd.org/dhcrelay.8">dhcrelay(8)</a> improvements:
266: <ul>
1.32 krw 267: <li>Add support for echo-client-id statement to
1.35 krw 268: <a href="https://man.openbsd.org/dhcpd.conf.5">dhclient.conf(5)</a>.
269: <li>Take greater care to process all data read, and only data read, from the
270: <a href="https://man.openbsd.org/bpf.4">bpf(4)</a>
271: socket.
272: <li>Use /dev/bpf instead of /dev/bpf0.
273: <li>Handle DHCPINFORM messages from clients behind a DHCP relay.
274: <li>Fix handling of
275: <a href="https://man.openbsd.org/carp.4">carp(4)</a>
276: interfaces in
277: <a href="https://man.openbsd.org/dhcrelay.8">dhcrelay(8)</a>.
278: <li>Don't stop
279: <a href="https://man.openbsd.org/dhcrelay.8">dhcrelay(8)</a>
280: logging to stderr when it is started with the -d option.
1.32 krw 281: </ul>
282: <p>
283:
284: <li><a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a> improvements:
285: <ul>
286: <li>Log messages reworked and clarified, in particular by prefixing
287: the name of the relevant network interface.
288: <li>Treat SSID as 0 to 32 bytes of binary data, not a string.
289: <li>Use RTM_PROPOSAL to take control of an interface rather than flipping
290: interface down and up in the hope that other
291: <a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a>
292: instances notice.
293: <li>Reduce file operations needed by -L option by opening file at
294: startup and using it throughout process lifetime.
295: <li>Improve <a href="https://man.openbsd.org/resolv.conf.5">resolv.conf(5)</a>
296: handling by reducing writes and more reliably determining which interface
297: has the current default route.
298: <li>Take greater care to process all data read, and only data read, from the
299: <a href="https://man.openbsd.org/bpf.4">bpf(4)</a>
300: socket.
301: <li>Improve the determination of the link state of an interface.
302: <li>Decline inappropriate lease offers as soon as they are deemed
303: inappropriate.
304: <li>Drop support for the timestamp formats used in lease files created
305: more than four years ago.
306: <li>Accept an offer from the server that sent the first copy of
307: the offer, not the server that sent the last copy.
308: <li>Don't delete addresses and routes when exiting.
309: <li>Ensure IPv6 packets are not read from sockets.
310: <li>Don't silently ignore obsolete keywords in
311: <a href="https://man.openbsd.org/dhclient.conf.5">dhclient.conf(5)</a>
312: <li>Reduce memory footprint by shrinking oversized static buffers.
313: <li>Eliminate repeated socket opens by opening the required sockets during
314: startup.
315: <li>Fix construction of unicast UDP packets, broken in 5.6.
316: <li>Improve determination of when a renewed lease requires interface
317: configuration changes.
318: <li>Don't exit when addresses are manually added or deleted from an
319: interface.
320: <li>Don't support option 33, classfull IP addresses.
321: <li>Fix configuration of default routes supplied by classless route options.
322: <li>Consider
323: <a href="https://man.openbsd.org/dhclient.conf.5">dhclient.conf(5)</a>
324: contents when determining what MTU value to configure.
325: <li>Consider
326: <a href="https://man.openbsd.org/dhclient.conf.5">dhclient.conf(5)</a>
327: contents when creating the content of
328: <a href="https://man.openbsd.org/resolv.conf.5">resolv.conf(5)</a>.
329: <li>Delete direct routes when routes are flushed.
330: <li>Don't label routes with "DHCLIENT nnnn".
331: <li>Don't delete addresses or routes that will be immediately added back.
332: <li>Delete addresses and routes only when a renewal request is NAK'ed.
333: <li>Don't wait forever for requested information on the default route.
334: <li>Don't exit when an attempt to send a packet fails.
335: <li>Don't log a packet send when the send fails.
336: <li>Remove the -u option, broken since 2013 without complaints.
1.35 krw 337: <li>Use /dev/bpf instead of /dev/bpf0.
1.1 deraadt 338: </ul>
339: <p>
340:
341: <li>Assorted improvements:
342: <ul>
1.14 anton 343: <li>Improved UTF-8 line editing support for
1.24 anton 344: <a href="https://man.openbsd.org/ksh.1">ksh(1)</a>
1.14 anton 345: Emacs and Vi input mode.
1.22 tb 346: <li>The HISTFILE of <a href="https://man.openbsd.org/ksh.1">ksh(1)</a> now uses
347: a plain text format. Support for the
348: <a href="https://man.openbsd.org/ksh#HISTCONTROL">HISTCONTROL</a>
349: environment variable was added.
1.37 jca 350: <li>The performance of the memory deallocator used by
351: <a href="https://man.openbsd.org/ksh.1">ksh(1)</a> has been fixed.
352: <li>The <tt>emacs-usemeta</tt> <a href="https://man.openbsd.org/ksh.1">ksh(1)</a>
353: flag is no longer needed and is now deprecated.
1.41 schwarze 354: <li>New <a href="https://man.openbsd.org/futex">futex(2)</a> syscall.
355: <li>New pthread
356: <a href="https://man.openbsd.org/pthread_mutex_init">mutex</a> and
357: <a href="https://man.openbsd.org/pthread_cond_init">condition
358: variable</a> implementations improving latency
359: of threaded applications.
360: <li>New POSIX <a href="https://man.openbsd.org/newlocale.3">xlocale</a>
361: implementation written from scratch, complete in the sense that
362: all POSIX *locale(3) and *_l(3) functions are included, but in
363: OpenBSD, we of course only really care about <code>LC_CTYPE</code>
364: and we only support ASCII and UTF-8.
1.44 mpi 365: <li>New <a href="https://man.openbsd.org/ctfdump">ctfdump(1)</a> and
366: <a href="https://man.openbsd.org/ctfconv">ctfconv(1)</a>
1.41 schwarze 367: tools to manipulate CTF (Compact C Type Format).
1.31 bluhm 368: <li>The error handling in
369: <a href="https://man.openbsd.org/syslogd.8">syslogd(8)</a>
370: has been improved.
1.38 jca 371: Even if internal errors occur, the daemon tries to keep
1.31 bluhm 372: unaffected subsystems active.
373: So as many messages as possible are logged.
374: They can be filtered by severity and facility "syslog".
375: <li>syslogd(8) can now suppress "last message repeated" which is
376: useful for remote logging.
377: <li>syslogd(8) can listen on multiple TLS sockets.
378: <li>syslogd(8) closes the *.514 UDP sockets when they are not
379: needed.
380: <li>Truncate log messates at 8192 bytes everywhere.
1.37 jca 381: <li><a href="https://man.openbsd.org/newsyslog.8">newsyslog(8)</a>
382: now skips and logs invalid config lines.
1.31 bluhm 383: <li>Nested mount points are umounted in correct order.
1.33 krw 384: <li>Fix creation of
385: <a href="https://man.openbsd.org/softraid.4">softraid(4)</a>
386: CONCAT volumes.
387: <li>Include
388: <a href="https://man.openbsd.org/softraid.4">softraid(4)</a>
389: volume and backing disk information in i/o error messages.
390: <li>Make
391: <a href="https://man.openbsd.org/vioscsi.4">vioscsi(4)</a>
392: a normal
393: <a href="https://man.openbsd.org/scsi.4">scsi(4)</a>
394: device by eliminating its use of the obsolete XS_NO_CCB mechanism.
1.38 jca 395: <li>Remove last vestiges of now unused XS_NO_CCB mechanism.
1.43 visa 396: <li>Userspace can now get the address of the thread control block
397: without a system call on OCTEON II and later.
398: <li>FPU is enabled on OCTEON III.
1.44 mpi 399: <li>GENERIC kernels now include a .SUNW_ctf section containing CTF data
400: <li>New <a href="https://man.openbsd.org/ddb.4">ddb(4)</a> <tt>kill</tt>
401: command, send an uncatchable SIGABRT to a process.
402: <li>New <a href="https://man.openbsd.org/ddb.4">ddb(4)</a> <tt>pprint</tt>
403: command, using CTF information to "pretty print" global symbols.
404: <li>New <a href="https://man.openbsd.org/ddb.4">ddb(4)</a>
405: <tt>show struct</tt> command, using CTF information to display the content
406: of in memory C structures.
407: <li>x86: <a href="https://man.openbsd.org/ddb.4">ddb(4)</a> uses CTF data
408: to display the correct number of function arguments in backtraces
1.45 tb 409: <li>Power off all codecs in
410: <a href="https://man.openbsd.org/azalia.4">azalia(4)</a> to avoid static
411: noise in speakers and headphones on reboot.
1.46 mlarkin 412: <li>Fix i386 boot regression seen on very old 486DX CPUs.
1.49 ! visa 413: <li>New <a href="https://man.openbsd.org/witness.4">witness(4)</a> tool
! 414: for debugging lock order issues in the kernel.
! 415: The tool is not built in by default, and only amd64, hppa and i386
! 416: are supported.
1.46 mlarkin 417: </ul>
1.1 deraadt 418: <p>
419:
420: <li>OpenSMTPD X.X.X
421: <ul>
422: <li>...
423: </ul>
424: <p>
425:
426: <li>OpenSSH 7.X
427: <ul>
428: <li>Security:
429: <ul>
430: <li>...
431: </ul>
432: <li>New/changed features:
433: <ul>
1.31 bluhm 434: <li>Add RemoteCommand option to specify a command in the
435: <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
436: config file instead of giving it on the client's command
437: line.
438: The feature allows to automate tasks using ssh config.
1.1 deraadt 439: <li>...
440: </ul>
441: <li>The following significant bugs have been fixed in this release:
442: <ul>
443: <li>...
444: </ul>
445: </ul>
446: <p>
447:
448: <li>LibreSSL X.X.X
449: <ul>
450: <li>...
451: </ul>
452: <p>
453:
1.41 schwarze 454: <li>mandoc 1.14.3
1.1 deraadt 455: <ul>
1.41 schwarze 456: <li>Full <a href="https://man.openbsd.org/mandocdb.5">mandoc.db(5)</a>
457: databases are now enabled by default, allowing semantic searching
458: with <a href="https://man.openbsd.org/apropos.1">apropos(1)</a>
459: without any local configuration changes.
460: <li>Full integration of the former
461: <a href="https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress/usr.bin/mdoclint/">mdoclint(1)</a>
462: utility into <a href="https://man.openbsd.org/mandoc.1">mandoc(1)</a>
463: <code>-Wall</code>, new <code>-Wstyle</code> and
464: <code>-Wopenbsd</code> message levels, and many new messages,
465: for example about typos in <code>.Sh</code> lines,
466: unknown <code>.Xr</code> targets, and links to self.
467: <li>Additional steps unifying the
468: <a href="https://man.openbsd.org/mdoc.7">mdoc(7)</a>,
469: <a href="https://man.openbsd.org/man.7">man(7)</a>, and
470: <a href="https://man.openbsd.org/roff.7">roff(7)</a> parsers:
471: use one common data type and
472: <a href="https://man.openbsd.org/ohash_init.3">ohash_init(3)</a>
473: for all requests and macros and support creation of syntax tree
474: nodes in the roff(7) parser, allowing support for many new
475: low-level roff(7) features.
476: Only about 25 ports still need <code>USE_GROFF</code> now.
477: <li>Many improvements to
478: <a href="https://man.openbsd.org/tbl.7">tbl(7)</a>
479: parsing and formatting,
480: including automatic line wrapping inside table columns.
481: <li>Many improvements to
482: <a href="https://man.openbsd.org/eqn.7">eqn(7)</a>
483: parsing and formatting, including better font selection,
484: recognition of well-known mathematical function names, and writing
485: of <code><mn></code> and <code><mo></code> HTML tags.
486: <li>Intelligible rendering of mathematical symbols in
487: <code>-Tascii</code> output.
488: <li>Several parsing and rendering improvements for the
489: <a href="https://man.openbsd.org/mdoc.7">mdoc(7)</a>
490: <code>.Lk</code> macro.
491: <li>Some CSS improvements in HTML output, in particular for the
492: <a href="https://man.openbsd.org/mdoc.7">mdoc(7)</a>
493: <code>.Bl</code> macro.
1.1 deraadt 494: </ul>
495: <p>
496:
497: <li>Ports and packages:
498: <dl>
1.10 espie 499: <dt>A massive amount of clang-related fixes happened between 6.1 and 6.2.
1.1 deraadt 500: <dt>Many pre-built packages for each architecture:
501: </dl>
502: <!-- number of FTP packages minus SHA256, SHA256.sig, index.txt -->
503: <table border=0 cellspacing=0 cellpadding=2 width="95%">
504: <tr>
505: <td valign="top" width="25%">
506: <ul>
507: <li>alpha: XXXX
508: <li>amd64: XXXX
509: <li>arm: XXXX
510: </ul></td><td valign=top width="25%"><ul>
511: <li>hppa: XXXX
512: <li>i386: XXXX
513: <li>mips64: XXXX
514: </ul></td><td valign=top width="25%"><ul>
515: <li>mips64el: XXXX
516: <li>powerpc: XXXX
517: <li>sparc64: XXXX
518: </ul></td></tr></table>
519: <p>
520:
521: <dl>
522: <dt>Some highlights:
523: </dl>
524: <table border=0 cellspacing=0 cellpadding=2 width="95%">
525: <tr>
526: <td valign="top" width="50%"><ul>
1.3 jasper 527: <li>AFL 2.51b
1.47 dcoppa 528: <li>CMake 3.9.3
1.3 jasper 529: <li>Chromium 61.0.3163.100
530: <li>Emacs 21.4 and 25.3
1.1 deraadt 531: <li>GCC 4.9.4
532: <li>GHC 7.10.3
1.3 jasper 533: <li>Gimp 2.8.22
534: <li>GNOME 3.24.2
535: <li>Go 1.9
1.1 deraadt 536: <li>Groff 1.22.3
1.3 jasper 537: <li>JDK 8u144
1.18 lteo 538: <li>KDE 3.5.10 and 4.14.3 (plus KDE4 core updates)
1.3 jasper 539: <li>LLVM/Clang 5.0.0
540: <li>LibreOffice 5.2.7.2
1.1 deraadt 541: <li>Lua 5.1.5, 5.2.4, and 5.3.4
1.3 jasper 542: <li>MariaDB 10.0.32
543: <li>Mozilla Firefox 52.4.0esr and 56.0.0
544: <li>Mozilla Thunderbird 52.2.1
1.1 deraadt 545: </ul></td><td valign=top width="50%"><ul>
1.3 jasper 546: <li>Mutt 1.9.1 and NeoMutt 20170912
547: <li>Node.js 6.11.2
1.1 deraadt 548: <li>Ocaml 4.03.0
1.3 jasper 549: <li>OpenLDAP 2.3.43 and 2.4.45
1.18 lteo 550: <li>PHP 5.6.31 and 7.0.23
1.3 jasper 551: <li>Postfix 3.2.2 and 3.3-20170910
552: <li>PostgreSQL 9.6.5
553: <li>Python 2.7.14 and 3.6.2
554: <li>R 3.4.1
555: <li>Ruby 1.8.7.374, 2.1.9, 2.2.8, 2.3.5 and 2.4.2
556: <li>Rust 1.20.0
557: <li>Sendmail 8.16.0.21
558: <li>SQLite3 3.20.1
559: <li>Sudo 1.8.21.2
560: <li>Tcl/Tk 8.5.19 and 8.6.6
561: <li>TeX Live 2016
562: <li>Vim 8.0.0987
1.1 deraadt 563: <li>Xfce 4.12
564: </ul></td></tr></table>
565: <p>
566:
567: <li>As usual, steady improvements in manual pages and other documentation.
568: <p>
569:
570: <li>The system includes the following major components from outside suppliers:
571: <ul>
1.13 matthieu 572: <li>Xenocara (based on X.Org 7.7 with xserver 1.18.4 + patches,
573: freetype 2.8.0, fontconfig 2.12.4, Mesa 13.0.6, xterm 330,
1.1 deraadt 574: xkeyboard-config 2.20 and more)
575: <li>LLVM/Clang 4.0.0 (+ patches)
576: <li>GCC 4.2.1 (+ patches) and 3.3.6 (+ patches)
1.18 lteo 577: <li>Perl 5.24.2 (+ patches)
1.2 florian 578: <li>NSD 4.1.17
579: <li>Unbound 1.6.6
1.1 deraadt 580: <li>Ncurses 5.7
581: <li>Binutils 2.17 (+ patches)
582: <li>Gdb 6.3 (+ patches)
583: <li>Awk Aug 10, 2011 version
1.31 bluhm 584: <li>Expat 2.2.4
1.1 deraadt 585: </ul>
586: </ul>
587:
588: <hr>
589:
590: <h3 id="install"><font color="#0000e0">How to install</font></h3>
591:
592: Please refer to the following files on the mirror site for
593: extensive details on how to install OpenBSD 6.2 on your machine:
594:
595: <ul>
596: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/alpha/INSTALL.alpha">
597: .../OpenBSD/6.2/alpha/INSTALL.alpha</a>
598: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/amd64/INSTALL.amd64">
599: .../OpenBSD/6.2/amd64/INSTALL.amd64</a>
600: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/arm64/INSTALL.arm64">
601: .../OpenBSD/6.2/arm64/INSTALL.arm64</a>
602: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/armv7/INSTALL.armv7">
603: .../OpenBSD/6.2/armv7/INSTALL.armv7</a>
604: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/hppa/INSTALL.hppa">
605: .../OpenBSD/6.2/hppa/INSTALL.hppa</a>
606: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/i386/INSTALL.i386">
607: .../OpenBSD/6.2/i386/INSTALL.i386</a>
608: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/landisk/INSTALL.landisk">
609: .../OpenBSD/6.2/landisk/INSTALL.landisk</a>
610: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/loongson/INSTALL.loongson">
611: .../OpenBSD/6.2/loongson/INSTALL.loongson</a>
612: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/luna88k/INSTALL.luna88k">
613: .../OpenBSD/6.2/luna88k/INSTALL.luna88k</a>
614: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/macppc/INSTALL.macppc">
615: .../OpenBSD/6.2/macppc/INSTALL.macppc</a>
616: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/octeon/INSTALL.octeon">
617: .../OpenBSD/6.2/octeon/INSTALL.octeon</a>
618: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/sgi/INSTALL.sgi">
619: .../OpenBSD/6.2/sgi/INSTALL.sgi</a>
620: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/6.2/sparc64/INSTALL.sparc64">
621: .../OpenBSD/6.2/sparc64/INSTALL.sparc64</a>
622: </ul>
623:
624: <hr>
625:
626: <p>
627: Quick installer information for people familiar with OpenBSD, and the use of
628: the "<a href="https://man.openbsd.org/disklabel.8">disklabel</a> -E" command.
629: If you are at all confused when installing OpenBSD, read the relevant
630: INSTALL.* file as listed above!
631:
632: <h3><font color="#e00000">OpenBSD/alpha:</font></h3>
633:
634: <ul style="list-style-type: none">
635: <li>
636: Write <i>floppy62.fs</i> or <i>floppyB62.fs</i> (depending on your machine)
637: to a diskette and enter <i>boot dva0</i>.
638: Refer to INSTALL.alpha for more details.
639: <p>
640: <li>
641: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
642: will most likely fail.
643: </ul>
644:
645: <h3><font color="#e00000">OpenBSD/amd64:</font></h3>
646:
647: <ul style="list-style-type: none">
648: <li>
649: If your machine can boot from CD, you can write <i>install62.iso</i> or
650: <i>cd62.iso</i> to a CD and boot from it.
651: You may need to adjust your BIOS options first.
652: <p>
653: <li>
654: If your machine can boot from USB, you can write <i>install62.fs</i> or
655: <i>miniroot62.fs</i> to a USB stick and boot from it.
656: <p>
657: <li>
658: If you can't boot from a CD, floppy disk, or USB,
659: you can install across the network using PXE as described in the included
660: INSTALL.amd64 document.
661: <p>
662: <li>
663: If you are planning to dual boot OpenBSD with another OS, you will need to
664: read INSTALL.amd64.
665: </ul>
666:
667: <h3><font color="#e00000">OpenBSD/arm64:</font></h3>
668:
669: <ul style="list-style-type: none">
670: <li>
671: Write <i>miniroot62.fs</i> to a disk and boot from it after connecting
672: to the serial console. Refer to INSTALL.arm64 for more details.
673: <p>
674: </ul>
675:
676: <h3><font color="#e00000">OpenBSD/armv7:</font></h3>
677:
678: <ul style="list-style-type: none">
679: <li>
680: Write a system specific miniroot to an SD card and boot from it after connecting
681: to the serial console. Refer to INSTALL.armv7 for more details.
682: <p>
683: </ul>
684:
685: <h3><font color="#e00000">OpenBSD/hppa:</font></h3>
686:
687: <ul style="list-style-type: none">
688: <li>
689: Boot over the network by following the instructions in INSTALL.hppa or the
690: <a href="hppa.html#install">hppa platform page</a>.
691: </ul>
692:
693: <h3><font color="#e00000">OpenBSD/i386:</font></h3>
694:
695: <ul style="list-style-type: none">
696: <li>
697: If your machine can boot from CD, you can write <i>install62.iso</i> or
698: <i>cd62.iso</i> to a CD and boot from it.
699: You may need to adjust your BIOS options first.
700: <p>
701: <li>
702: If your machine can boot from USB, you can write <i>install62.fs</i> or
703: <i>miniroot62.fs</i> to a USB stick and boot from it.
704: <p>
705: <li>
706: If you can't boot from a CD, floppy disk, or USB,
707: you can install across the network using PXE as described in
708: the included INSTALL.i386 document.
709: <p>
710: <li>
711: If you are planning on dual booting OpenBSD with another OS, you will need to
712: read INSTALL.i386.
713: </ul>
714:
715: <h3><font color="#e00000">OpenBSD/landisk:</font></h3>
716:
717: <ul style="list-style-type: none">
718: <li>
719: Write <i>miniroot62.fs</i> to the start of the CF
720: or disk, and boot normally.
721: </ul>
722:
723: <h3><font color="#e00000">OpenBSD/loongson:</font></h3>
724:
725: <ul style="list-style-type: none">
726: <li>
727: Write <i>miniroot62.fs</i> to a USB stick and boot bsd.rd from it
728: or boot bsd.rd via tftp.
729: Refer to the instructions in INSTALL.loongson for more details.
730: </ul>
731:
732: <h3><font color="#e00000">OpenBSD/luna88k:</font></h3>
733:
734: <ul style="list-style-type: none">
735: <li>
736: Copy `boot' and `bsd.rd' to a Mach or UniOS partition, and boot the bootloader
737: from the PROM, and then bsd.rd from the bootloader.
738: Refer to the instructions in INSTALL.luna88k for more details.
739: </ul>
740:
741: <h3><font color="#e00000">OpenBSD/macppc:</font></h3>
742:
743: <ul style="list-style-type: none">
744: <li>
745: Burn the image from a mirror site to a CDROM, and power on your machine
746: while holding down the <i>C</i> key until the display turns on and
747: shows <i>OpenBSD/macppc boot</i>.
748: <p>
749: <li>
750: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
751: /6.2/macppc/bsd.rd</i>
752: </ul>
753:
754: <h3><font color="#e00000">OpenBSD/octeon:</font></h3>
755:
756: <ul style="list-style-type: none">
757: <li>
758: After connecting a serial port, boot bsd.rd over the network via DHCP/tftp.
759: Refer to the instructions in INSTALL.octeon for more details.
760: </ul>
761:
762: <h3><font color="#e00000">OpenBSD/sgi:</font></h3>
763:
764: <ul style="list-style-type: none">
765: <li>
766: To install, burn cd62.iso on a CD-R, put it in the CD drive of your
767: machine and select <i>Install System Software</i> from the System Maintenance
768: menu. Indigo/Indy/Indigo2 (R4000) systems will not boot automatically from
769: CD-ROM, and need a proper invocation from the PROM prompt.
770: Refer to the instructions in INSTALL.sgi for more details.
771:
772: <p>
773: <li>
774: If your machine doesn't have a CD drive, you can setup a DHCP/tftp network
775: server, and boot using "bootp()/bsd.rd.IP##" using the kernel matching your
776: system type. Refer to the instructions in INSTALL.sgi for more details.
777: </ul>
778:
779: <h3><font color="#e00000">OpenBSD/sparc64:</font></h3>
780:
781: <ul style="list-style-type: none">
782: <li>
783: Burn the image from a mirror site to a CDROM, boot from it, and type
784: <i>boot cdrom</i>.
785: <p>
786: <li>
787: If this doesn't work, or if you don't have a CDROM drive, you can write
788: <i>floppy62.fs</i> or <i>floppyB62.fs</i>
789: (depending on your machine) to a floppy and boot it with <i>boot
790: floppy</i>. Refer to INSTALL.sparc64 for details.
791: <p>
792: <li>
793: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
794: will most likely fail.
795: <p>
796: <li>
797: You can also write <i>miniroot62.fs</i> to the swap partition on
798: the disk and boot with <i>boot disk:b</i>.
799: <p>
800: <li>
801: If nothing works, you can boot over the network as described in INSTALL.sparc64.
802: </ul>
803:
804: <hr>
805:
806: <h3 id="upgrade"><font color="#0000e0">How to upgrade</font></h3>
807:
808: If you already have an OpenBSD 6.1 system, and do not want to reinstall,
809: upgrade instructions and advice can be found in the
810: <a href="faq/upgrade62.html">Upgrade Guide</a>.
811: <p>
812:
813: <hr>
814:
815: <h3 id="sourcecode"><font color="#0000e0">Notes about the source code</font></h3>
816:
817: <tt>src.tar.gz</tt> contains a source archive starting at <tt>/usr/src</tt>.
818: This file contains everything you need except for the kernel sources,
819: which are in a separate archive.
820: To extract:
821:
822: <blockquote><pre>
823: # <b>mkdir -p /usr/src</b>
824: # <b>cd /usr/src</b>
825: # <b>tar xvfz /tmp/src.tar.gz</b>
826: </pre></blockquote>
827:
828: <tt>sys.tar.gz</tt> contains a source archive starting at <tt>/usr/src/sys</tt>.
829: This file contains all the kernel sources you need to rebuild kernels.
830: To extract:
831:
832: <blockquote><pre>
833: # <b>mkdir -p /usr/src/sys</b>
834: # <b>cd /usr/src</b>
835: # <b>tar xvfz /tmp/sys.tar.gz</b>
836: </pre></blockquote>
837:
838: Both of these trees are a regular CVS checkout. Using these trees it
839: is possible to get a head-start on using the anoncvs servers as
840: described <a href="anoncvs.html">here</a>.
841: Using these files
842: results in a much faster initial CVS update than you could expect from
843: a fresh checkout of the full OpenBSD source tree.
844: <p>
845:
846: <hr>
847:
848: <h3 id="ports"><font color="#0000e0">Ports Tree</font></h3>
849:
850: A ports tree archive is also provided. To extract:
851:
852: <blockquote><pre>
853: # <b>cd /usr</b>
854: # <b>tar xvfz /tmp/ports.tar.gz</b>
855: </pre></blockquote>
856:
857: Go read the <a href="faq/ports/index.html">ports</a> page
858: if you know nothing about ports
859: at this point. This text is not a manual of how to use ports.
860: Rather, it is a set of notes meant to kickstart the user on the
861: OpenBSD ports system.
862: <p>
863: The <i>ports/</i> directory represents a CVS checkout of our ports.
864: As with our complete source tree, our ports tree is available via
865: <a href="anoncvs.html">AnonCVS</a>.
866: So, in order to keep up to date with the <i>-stable</i> branch, you must make
867: the <i>ports/</i> tree available on a read-write medium and update the tree
868: with a command like:
869:
870: <blockquote><pre>
871: # <b>cd /usr/ports</b>
1.15 phessler 872: # <b>cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_6_2</b>
1.1 deraadt 873: </pre></blockquote>
874:
875: [Of course, you must replace the server name here with a nearby anoncvs
876: server.]
877: <p>
878: Note that most ports are available as packages on our mirrors. Updated
879: ports for the 6.2 release will be made available if problems arise.
880: <p>
881: If you're interested in seeing a port added, would like to help out, or just
882: would like to know more, the mailing list
883: <a href="mail.html">ports@openbsd.org</a> is a good place to know.
884: <p>
885: </body>
886: </html>