Annotation of www/70.html, Revision 1.17
1.1 benno 1: <!doctype html>
2: <html lang=en id=release>
3: <meta charset=utf-8>
4:
5: <title>OpenBSD 7.0</title>
6: <meta name="description" content="OpenBSD 7.0">
7: <meta name="viewport" content="width=device-width, initial-scale=1">
8: <link rel="stylesheet" type="text/css" href="openbsd.css">
9: <link rel="canonical" href="https://www.openbsd.org/70.html">
10:
11: <h2 id=OpenBSD>
12: <a href="index.html">
13: <i>Open</i><b>BSD</b></a>
14: 7.0
15: </h2>
16:
17: <table>
18: <tr>
19: <td>
20: <a href="images/XXX.png">
21: <img width="227" height="303" src="images/XXX-s.gif" alt="XXX"></a>
22: <td>
1.6 deraadt 23: Released Nov 1, 2021. (51st OpenBSD release)<br>
1.1 benno 24: Copyright 1997-2021, Theo de Raadt.<br>
25: <br>
26: 7.0 Song:
27: <a href="lyrics.html#70">XXX</a>.
28: <br>
29: Artwork by XXX.
30: <br>
31: <ul>
32: <li>See the information on <a href="ftp.html">the FTP page</a> for
33: a list of mirror machines.
34: <li>Go to the <code class=reldir>pub/OpenBSD/7.0/</code> directory on
35: one of the mirror sites.
36: <li>Have a look at <a href="errata70.html">the 7.0 errata page</a> for a list
37: of bugs and workarounds.
38: <li>See a <a href="plus70.html">detailed log of changes</a> between the
1.4 jsg 39: 6.9 and 7.0 releases.
1.1 benno 40: <p>
41: <li><a href="https://man.openbsd.org/signify.1">signify(1)</a>
42: pubkeys for this release:<p>
43:
44: <table class=signify>
45: <tr><td>
46: openbsd-70-base.pub:
47: <td>
48: <a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/openbsd-70-base.pub">
49: RWR3KL+gSr4QZ5mOvKhcOOgGe61ogHp5PyBOj2RrmyCpqchk9A7NVPzh</a>
50: <tr><td>
51: openbsd-70-fw.pub:
1.11 deraadt 52: <td>
1.1 benno 53: RWS8nd7vy+I+fRHtnpxVBeX+P+9rBqJMPvSU6z8LYyAv5p73WcdFXs3B
54: <tr><td>
55: openbsd-70-pkg.pub:
1.11 deraadt 56: <td>
1.1 benno 57: RWR3iauEtA8/bLN/zfIQhOc5ramL/fARX72S6xw8BwAUebxik7KioCvL
58: <tr><td>
59: openbsd-70-syspatch.pub:
1.11 deraadt 60: <td>
1.1 benno 61: RWSD33kMDKsQH8j0Q8FzfYk+vsgTKiP8Q5DcrkQQtrZoWg48yxUQgLxU
62: </table>
63: </ul>
64: <p>
65: All applicable copyrights and credits are in the src.tar.gz,
66: sys.tar.gz, xenocara.tar.gz, ports.tar.gz files, or in the
67: files fetched via <code>ports.tar.gz</code>.
68: </table>
69:
70: <hr>
71:
72: <section id=new>
73: <h3>What's New</h3>
74: <p>
75: This is a partial list of new features and systems included in OpenBSD 7.0.
76: For a comprehensive list, see the <a href="plus70.html">changelog</a> leading
77: to 7.0.
78:
79: <ul>
80:
81: <li>New/extended platforms:
82: <ul>
1.3 jsg 83: <li>New <a href="riscv64.html">riscv64</a> platform for 64-bit RISC-V
84: systems.
1.1 benno 85: <li>Support for the <a href="powerpc64.html">powerpc64</a> platform was improved:
86: <ul>
87: <li>...
88: </ul>
89: <li>The arm64 platform support was improved with the following changes:
90: <ul>
91: <li>...
92: </ul>
93: </ul>
94:
95: <li>Various kernel improvements:
96: <ul>
97: <li>...
98: </ul>
99:
100: <li>SMP Improvements
101: <ul>
102: <li>...
103: </ul>
104:
105: <li>Direct Rendering Manager
106: <ul>
1.8 jsg 107: <li>Updated <a href="https://man.openbsd.org/drm.4">drm(4)</a>
108: to Linux 5.10.65
109: <li><a href="https://man.openbsd.org/inteldrm.4">inteldrm(4)</a>:
110: better support for Tiger Lake
111: <li><a href="https://man.openbsd.org/drm.4">amdgpu(4)</a>:
112: support for Navi 12, Navi 21 "Sienna Cichlid", Arcturus
113: <li><a href="https://man.openbsd.org/drm.4">amdgpu(4)</a>:
114: support for Cezanne "Green Sardine" Ryzen 5000 APU
1.1 benno 115: </ul>
116:
117: <li>VMM/VMD improvements
118: <ul>
119: <li>...
120: </ul>
121:
122: <li>Various new userland features:
123: <ul>
1.17 ! benno 124: <li>Fixed <a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a> generation on sparc64.
! 125: <li>Modified <a href="https://man.openbsd.org/doas">doas(1)</a> to retry up to 3 times on password authentication failure.
! 126: <li>Made all <a href="https://man.openbsd.org/vi.1">vi(1)</a> signal handler functions async-signal-safe.
! 127: <li>Changed <a href="https://man.openbsd.org/diff.1">diff(1)</a> to consider two files sharing the same inode identical.
! 128: <li>Imported <a href="https://man.openbsd.org/timeout.1">timeout(1)</a> utility from NetBSD. timeout(1) can be used to run commands with a time limit.
! 129: <li>Removed from0 support from <a href="https://man.openbsd.org/openrsync.1">openrsync(1)</a>.
! 130: <li>Added include and exclude options to <a href="https://man.openbsd.org/rsync.1">rsync(1)</a> usage message.
! 131: <li>Implemented reporting of supplemental groups in <a href="https://man.openbsd.org/ps.1">ps(1)</a>.
! 132: <li>Altered <a href="https://man.openbsd.org/passwd.1">passwd(1)</a> to use stderr for printer error and informational messages. This allows easier parsing of what passwd(1) is doing if spawned from a GUI.
! 133: <li>Fixed <a href="https://man.openbsd.org/iostat.8">iostat(8)</a> per-device values when <a href="https://man.openbsd.org/systat.1">systat(1)</a> is in boot time mode ('b'), not normalizing based on the sleep interval.
! 134: <li>Made <a href="https://man.openbsd.org/jot.1">jot(1)</a> -b, -c and -w mutually exclusive.
! 135: <li>Made <a href="https://man.openbsd.org/cdio.1">cdio(1)</a> discard the current input line when Ctrl-C is used during line editing and provide a fresh prompt rather than exiting the program.
! 136: <li>Cleaned up the <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> MBR/GPT initialization code, making -g independent of -i, leaving four mutually exclusive initialization options (-i, -b, -u and -A) with the last option specified executed (allowing the existing -i -g to work as intended).
! 137: <li>Corrected <a href="https://man.openbsd.org/awk.1">awk(1)</a> -F null string behavior to ensure -F '' behaves consistently with -v FS="".
! 138: <li>Avoided a potential buffer overflow in backslash escaping in <a href="https://man.openbsd.org/awk.1">awk(1)</a>.
! 139: <li>Disallowed the use of an empty list between "while" and "do" in <a href="https://man.openbsd.org/ksh.1">ksh(1)</a>.
! 140: <li>Ensured the values for <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> -b and -l are treated as 512-byte block counts.
! 141: <li>Added an <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> -A option to initialize a GPT without removing special boot partitions.
! 142: <li>Made <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> available to architectures other than amd64 and i386 and extended the syntax to allow specification of the boot partition type and offset.
! 143: <li>Adjusted density for partitions on a 4k disk in <a href="https://man.openbsd.org/newfs.8">newfs(8)</a> when fragsize and density are not passed on the command line to ensure sufficient inodes to hold a src tree on a 2G fs.
! 144: <li>Fixed overlap check in <a href="https://man.openbsd.org/disklabel.1">disklabel(1)</a> autoalloc code.
! 145: <li>Prevented base pkg tools from looking under /usr/local in general. <!-- ??? -->
! 146: <li>Changed <a href="https://man.openbsd.org/cwm.1">cwm(1)</a> maximization and full-screen mode toggling to keep the cursor within the window, preventing focus loss.
! 147: <li>Added indication of whether an <a href="https://man.openbsd.org/mg.1">mg(1)</a> function is unsuitable for a startup file.
! 148: <li>Added "dired-jump" command to <a href="https://man.openbsd.org/mg.1">mg(1)</a> to open a dired buffer containing the current buffer's directory location.
1.1 benno 149: </ul>
150:
1.17 ! benno 151: <li>OAVarious bugfixes and tweaks in userland:
1.1 benno 152: <ul>
1.17 ! benno 153: <li>Allowed <a href="https://man.openbsd.org/xenodm.1">xenodm(1)</a> login when ~./Xauthority does not exist.
! 154: <li>Disabled building all of the non-unicode fonts except for ISO8859-1.
1.1 benno 155: <li>...
156: </ul>
157:
158: <li>Improved hardware support and driver bugfixes, including:
159: <ul>
1.15 benno 160: <li>Added a workaround to <a href="https://man.openbsd.org/amdgpu.4">amdgpu(4)</a> for machines where the framebuffer size reported by the hardware is incorrect.
161: <li>Prevented <a href="https://man.openbsd.org/ucc.4">ucc(4)</a> keyboards from changing the <a href="https://man.openbsd.org/wsmux.4">wsmux(4)</a> keyboard layout.
162: <li>Silently ignored invalid requests to change the encoding of a <a href="https://man.openbsd.org/ucc.4">ucc(4)</a> keyboard.
163: <li>In <a href="https://man.openbsd.org/pchgpio.4">pchgpio(4)</a>, worked around a BIOS bug on Lenovo Thinkpads based on Intel's Tiger Lake platform to properly restore the GPIO pin used for the touchpad interrupt upon resume.
164: <li>Enabled <a href="https://man.openbsd.org/cy.4">cy(4)</a> on amd64.
165: <li>Stopped setting the highspeed bit on bcm2835-sdhci <a href="https://man.openbsd.org/sdhc.4">sdhc(4)</a> controllers, fixing <a href="https://man.openbsd.org/bwfm.4">bwfm(4)</a> wifi on the Raspberry Pi 3 Model B+.
166: <li>Added the <a href="https://man.openbsd.org/uaq.4">uaq(4)</a> driver for Aquantia AQC111U/AQC112U USB ethernet devices.
167: <li>Added the <a href="https://man.openbsd.org/aq.4">aq(4)</a> driver to support Aquantia 1/2.5/5/10Gb/s PCIe ethernet adapters.
168: <li>Added support for obtaining sense status and source slot of a media to <a href="https://man.openbsd.org/chio.1">chio(1)</a> and <a href="https://man.openbsd.org/ch.4">ch(4)</a>.
169: <li>Fixed a crash with i915 graphics by removing bogus Linux code that tried to deal with something that is impossible on OpenBSD.
170: <li>Fixed <a href="https://man.openbsd.org/dwiic.4">dwiic(4)</a> timeouts requesting data from at least one touchpad.
171: <li>Added <a href="https://man.openbsd.org/ucc.4">ucc(4)</a>, a driver for USB HID Consumer Control keyboards.
172: <li>Set the <a href="https://man.openbsd.org/uhidpp.4">uhidpp(4)</a> battery level sensor status to unknown while charging to handle devices reporting zero during charge, preventing certain <a href="https://man.openbsd.org/sensorsd.conf.5">sensorsd.conf(5)</a> actions from triggering inappropriately.
173: <li>Added Tiger Lake LP (INT34C5) support to <a href="https://man.openbsd.org/pchgpio.4">pchgpio(4)</a>.
174: <li>Fixed a panic at shutdown relating to <a href="https://man.openbsd.org/azalia.4">azalia(4)</a> on the X1 Extreme Gen 1.
175: <li>Fixed a panic reported in <a href="https://man.openbsd.org/upd.4">upd(4)</a>.
176: <li>Fixed display of incorrect patterns on LUNA's <a href="https://man.openbsd.org/wscons.4">wscons(4)</a> with 1bpp framebuffer when backspace is typed.
177: <li>Fixed an attachment problem for <a href="https://man.openbsd.org/dwctwo.4">dwctwo(4)</a> for certain devices issuing NAK interrupts during split transactions.
178: <li>Fixed <a href="https://man.openbsd.org/ix.4">ix(4)</a> with older amd64 and current riscv64 hardware if MSI is not enabled for the device.
179: <li>Synced <a href="https://man.openbsd.org/dwctwo.4">dwctwo(4)</a> with the NetBSD-current code base, enabling the USB on-board ethernet controller through <a href="https://man.openbsd.org/mue.4">mue(4)</a> and enabling the two USB uhub3 ports on the Raspberry Pi 3 Model B+.
180: <li>Added AMD 17h/6xh Root Complex to <a href="https://man.openbsd.org/ksmn.4">ksmn(4)</a>.
181: <li>Ensured the TX FIFO isn't overrun for longer transfers in <a href="https://man.openbsd.org/dwiic.4">dwiic(4)</a>.
182: <li>Implemented 64-bit DMA mode in <a href="https://man.openbsd.org/cad.4">cad(4)</a>.
183: <li>Added <a href="https://man.openbsd.org/titmp.4">titmp(4)</a>, a driver for the TI TMP451 temperature sensor.
184: <li>Added Broadcom BCM5725 to <a href="https://man.openbsd.org/brgphy.4">brgphy(4)</a>.
185: <li>Limited the workaround for AMD errata 400 ("APIC Timer Interrupt Does Not Occur in Processor C-States")to family 0fh and 10h.
186: <li>Ensured a USB mouse will attach if otherwise qualified even if the usage report does not include X and Y usages.
187: <li>Stopped fatal error in <a href="https://man.openbsd.org/amdgpu.4">amdgpu(4)</a> on failing to map visible VRAM.
188: <li>Disabled PPGTT on Intel machines with cherryview/braswell graphics to avoid memory corruption.
189: <li>Attached unsupported video devices to <a href="https://man.openbsd.org/uvideo.4">uvideo(4)</a> but not <a href="https://man.openbsd.org/video.1">video(1)</a>, rather than leaving it unmatched.
190: <li>Added a -R flag to <a href="https://man.openbsd.org/usbhidctl.1">usbhidctl(1)</a> to dump the raw report descriptor bytes.
191: <li>Added hid_get_report_desc_data() to <a href="https://man.openbsd.org/usbhid.3">usbhid(3)</a> to access raw report descriptor data.
192: <li>Fixed overflows when reading multiple bytes from AML over an i2c bus in <a href="https://man.openbsd.org/acpi.4">acpi(4)</a>.
193: <li>Fixed <a href="https://man.openbsd.org/uaudio.4">uaudio(4)</a> on certain machines such as the RPI4 by adding a pre-DMA-write barrier after data is stored to memory.
194: <li>Worked around x86 machines that advertise the "hardware reduced" ACPI feature, advertise S4 and S5 support, but fail to populate the SLEEP_CONTROL_REG and SLEEP_STATUS_REG descriptions in the FADT. This fixed the ASUS Zenbook 14.
195: <li>Added support for RTL8168FP/RTL8111FP/RTL8117 to <a href="https://man.openbsd.org/re.4">re(4)</a>.
196: <li>Enabled all Thinkpad X1 Extreme 1 speakers and atmos dolby in <a href="https://man.openbsd.org/azalia.4">azalia(4)</a>.
1.16 benno 197: <li>Fixed <a href="https://man.openbsd.org/pchgpio.4">pchgpio(4)</a> issues with dead touchpads after resume.
1.1 benno 198: </ul>
199:
200: <li>New or improved network hardware support:
201: <ul>
202: <li>...
203: </ul>
204:
205: <li>Added or improved wireless network drivers:
206: <ul>
207: <li>...
208: </ul>
209:
210: <li>IEEE 802.11 wireless stack improvements and bugfixes:
211: <ul>
212: <li>...
213: </ul>
214:
215: <li>Generic network stack improvements and bugfixes:
216: <ul>
217: <li>...
218: </ul>
219:
220: <li>Installer and upgrade improvements:
221: <ul>
222: <li>...
223: </ul>
224:
225: <li>Security improvements:
226: <ul>
1.16 benno 227: <li>Moved objcopy to base set to allow KARL to work on all installs.
228: <li>Added <a href="https://man.openbsd.org/unveil.2">unveil(2)</a> calls to xterm in the case where there are no exec-formatted or exec-selected resources set.
229: <li>Changed usage of %n from a syslog warning to syslog and abort for <a href="https://man.openbsd.org/printf.3">printf(3)</a> (and associated variants).
230: <li>Made kernel stop all threads when terminating via pledge_fail().
1.1 benno 231: </ul>
232:
233: <li>Routing daemons and other userland network improvements:
234: <ul>
235: <li>The <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> daemon saw the following changes:
236: <ul>
1.14 benno 237: <!-- check against and use openbgpd/rpki-client release notes instead? -->
238: <li>Fixed a memory leak in <a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a>.
239: <li>Adjusted <a href="https://man.openbsd.org/bgpctl.8">bgpctl(8)</a> RIB_GENERIC_ADDPATH MRT message handling to work with other MRT implementations.
240: <li>Set the <a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a> x509 validation depth limit to 12 or double the current depth.
241: <li>Limited <a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a> to 300 deltas to sync an RRDP repository rather than fetching a snapshot.
242: <li>Add add-path support in MRT dumps (RFC8050) to <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>.
243: <li>Added http_proxy support to <a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a> http handler.
244: <li>Implemented reception of multiple paths per BGP session in <a href="https://man.openbsd.org/bgpd.conf.5">bgpd.conf(5)</a> and made it possible to match on path-id in <a href="https://man.openbsd.org/bgpctl.8">bgpctl(8)</a> show rib outputs.
245: <li>Ensured MRT dumps containing add-path information will be dumped properly by <a href="https://man.openbsd.org/bgpctl.8">bgpctl(8)</a> (RFC 8050).
246: <li>Implemented Extended Optional Parameters Length for BGP OPEN Message (RFC 9072) in <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>, allowing sending of more than 255 bytes of optional parameters.
247: <li>Defaulted to attempting RRDP first in <a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a> -r.
248: <li>Implemented enhanced route refresh (RFC 7313) in <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>.
249: <li>Improved <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> graceful restart capability handling.
250: <li>Limited the number of concurrent RTR connects to 32 in <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>.
251: <li>Added an 'expires' column to CSV & JSON output of <a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a>.
252: <li>Added keep-alive support to the <a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a> HTTP module.
1.1 benno 253: </ul>
254:
1.14 benno 255: <li>OA...other routing daemons...
1.1 benno 256:
257: <li>The <a href="https://man.openbsd.org/pf.4">pf(4)</a> packet filter and its userland utility:
258: <ul>
259: <li>...
260: </ul>
261:
262: <li>IPSEC support in the kernel and the <a href="https://man.openbsd.org/iked.8">iked(8)</a> userland daemon:
263: <ul>
264: <li>...
265: </ul>
266:
267: <li>The <a href="https://man.openbsd.org/httpd.8">httpd(8)</a> webserver saw numerous improvements:
268: <ul>
269: <li>...
270: </ul>
271:
272: <li><a
273: href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a>
274: received the following new features and bugfixes:
275: <ul>
276: <li>...
277: </ul>
278:
279: <li>Changes to <a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a>:
280: <ul>
281: <li>...
282: </ul>
283:
284: <li>XXX Two new daemons, <a
285: href="https://man.openbsd.org/dhcpleased.8">dhcpleased(8)</a> and <a
286: href="https://man.openbsd.org/resolvd.8">resolvd(8)</a> were added.
287: These work alongside with <a
288: href="https://man.openbsd.org/slaacd.8">slaacd(8)</a> and <a
289: href="https://man.openbsd.org/unwind.8">unwind(8)</a> to provide a
290: coherent and simple automatic configuration of network interfaces and
291: DNS resolution.<br>
292: The two daemons are not enabled by default for now, but can be tested
293: by enabling them with <a href="https://man.openbsd.org/rcctl.8">rcctl(8)</a>.
294: <ul>
295: <li>...
296: </ul>
297:
298: <li>Changes to snmp related tools:
299: <ul>
300: <li>...
301: </ul>
302:
303: <li>Other userland network changes:
304: <ul>
305: <li>...
306: </ul>
307: </ul>
308:
309: <li><a href="https://man.openbsd.org/tmux">tmux(1)</a> improvements and bug fixes:
310: <ul>
311: <li>...
312: </ul>
313:
314: <li>OpenSMTPD 7.0.0
315: <ul>
316: <li>...
317: </ul>
318:
1.2 jsg 319: <li>LibreSSL 3.4.0 XXX
1.1 benno 320: <ul>
321: <li>New Features
322: <ul>
323: <li>...
324: </ul>
325:
326: <li>Portable Improvements
327: <ul>
328: <li>...
329: </ul>
330:
331: <li>API and Documentation Enhancements
332: <ul>
333: <li>...
334: </ul>
335:
336: <li>Compatibility Changes
337: <ul>
338: <li>...
339: </ul>
340:
341: <li>Testing and Proactive Security
342: <ul>
343: <li>...
344: </ul>
345:
346: <li>Internal Improvements
347: <ul>
348: <li>...
349: </ul>
350:
351: <li>Bug Fixes
352: <ul>
353: <li>...
354: </ul>
355: </ul>
356:
1.13 benno 357: <li>OpenSSH 8.8 XXX <span style="color:red;">replace with release notes</span>
358: <li>Corrected <a href="https://man.openbsd.org/sshd.8">sshd(8)</a> initialization of supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand helper program (not enabled by default) as a different user.
359: <li>Fixed the <a href="https://man.openbsd.org/ssh.1">ssh(1)</a> "Allocated port" debug message for unix sockets.
360: <li>Switched <a href="https://man.openbsd.org/scp.1">scp(1)</a> back to using the original scp/rcp protocol by default for release.
361: <li>Made <a href="https://man.openbsd.org/scp.1">scp(1)</a> SFTP mode (including error logging) more scp-like.
362: <li>Allowed CanonicalPermittedCNAMEs=none in <a href="https://man.openbsd.org/ssh_config.5">ssh_config(5)</a>.
363: <li>Put back the mux_ctx memleak fix for SSH_CHANNEL_MUX_CLIENT in <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>.
364: <li>Stopped ignoring SIGINT in <a href="https://man.openbsd.org/sftp.1">sftp(1)</a> while waiting for input if <a href="https://man.openbsd.org/editline.3">editline(3)</a> is not used.
365: <li>Altered <a href="https://man.openbsd.org/scp">scp(1)</a> to use the SFTP protocol by default. The original scp/rcp protocol remains available via the -O flag.
366: <li>Disabled the RSA/SHA-1 signature algorithm by default in <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>.
367: <li>Ensured some programs (including <a href="https://man.openbsd.org/sftp.1">sftp(1)</a>) do not ignore Ctrl-C when awaiting user input.
368: <li>Added <a href="https://man.openbsd.org/scp.1">scp(1)</a> -O and temporary -s (SFTP) flags to select the sftp protocol.
369: <li>Made <a href="https://man.openbsd.org/scp.1">scp(1)</a> -3 the default for remote-to-remote copies.
370: <li>Improved handling of ~ prefixed paths in <a href="https://man.openbsd.org/scp.1">scp(1)</a> in SFTP mode.
371: <li>Added experimental support for using the SFTP protocol for file transfers in <a href="https://man.openbsd.org/scp.1">scp(1)</a>.
372: <li>Added a ForkAfterAuthentication directive to <a href="https://man.openbsd.org/ssh_config.5">ssh_config(5)</a>, equivalent to <a href="https://man.openbsd.org/ssh.1">ssh(1)</a> -f.
373: <li>Added a StdinNull directive to <a href="https://man.openbsd.org/ssh_config.5">ssh_config(5)</a> to prevent reading from stdin, equivalent to <a href="https://man.openbsd.org/ssh.1">ssh(1)</a> -n.
374: <li>Let allowed signers files used by <a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a> signatures support key lifetimes and verification mode to specify a signature time at which to check.
375: <li>Added a SessionType directive to <a href="https://man.openbsd.org/ssh_config.5">ssh_config(5)</a>, equivalent to the -N (no session) and -s (subsystem) command line flags.
376: <li>Allowed spaces to appear in usernames for <a href="https://man.openbsd.org/scp.1">scp(1)</a> local to remote and scp -3 remote to remote copies.
377: <li>Prevented a hang in <a href="https://man.openbsd.org/sshd.8">sshd(8)</a> when interrupted.
378: <li>Matched host certificates against host public keys in <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>, allowing use of certificates with private keys held in an ssh-agent.
379: <li>Prevented a race condition which could result in <a href="https://man.openbsd.org/sshd.8">sshd(8)</a> not shutting down until the next time it receives a new connection.
380: <li>Allowed <a href="https://man.openbsd.org/ssh_config.5">ssh_config(5)</a> SetEnv to override $TERM.
381: <li>Fixed a segmentation violation in <a href="https://man.openbsd.org/ssh.1">ssh(1)</a> in an UpdateHostKezs debug() message when the update removed more host keys than remain present.
382: <li>Fixed <a href="https://man.openbsd.org/ssh.1">ssh(1)</a> to restore file descriptors to non-blocking mode on exit.
383: <li>Fixed <a href="https://man.openbsd.org/ssh.1">ssh(1)</a> started with ControlPersist incorrectly executing a shell when the -N option was specified.
384:
1.1 benno 385: <ul>
386: <li>Security fixes
387: <ul>
388: <li>...
389: </ul>
390: <li>Potentially incompatible changes
391: <ul>
392: <li>...
393: </ul>
394: <li>New Features
395: <ul>
396: <li>...
397: </ul>
398: <li>Bugfixes
399: <ul>
400: <li>...
401: </ul>
402: </ul>
403:
404: <li>Ports and packages:
405: <p>Many pre-built packages for each architecture:
406: <!-- number of FTP packages minus SHA256, SHA256.sig, index.txt -->
407: <ul style="column-count: 3">
1.10 naddy 408: <li>aarch64: 11034
1.9 naddy 409: <li>amd64: 11325
1.1 benno 410: <li>arm: ...
1.10 naddy 411: <li>i386: 10248
1.1 benno 412: <li>mips64: ...
413: <li>mips64el: ...
414: <li>powerpc: ...
1.10 naddy 415: <li>powerpc64: 9273
1.1 benno 416: <li>sparc64: ...
417: </ul>
418:
419: <p>Some highlights:
420: <ul style="column-count: 3">
1.2 jsg 421: <li>Asterisk 18.6.0
1.1 benno 422: <li>Audacity 2.4.2
1.2 jsg 423: <li>CMake 3.20.3
424: <li>Chromium 93.0.4577.82
1.1 benno 425: <li>Emacs 27.2
1.2 jsg 426: <li>FFmpeg 4.4
427: <li>GCC 8.4.0 and 11.2.0
428: <li>GHC 8.10.6
429: <li>GNOME 40.4
430: <li>Go 1.17
431: <li>JDK 8u302, 11.0.12 and 16.0.2
432: <li>KDE Applications 21.08.1
433: <li>KDE Frameworks 5.85.0
434: <li>Krita 4.4.8
435: <li>LLVM/Clang 11.1.0
1.7 jsg 436: <li>LibreOffice 7.2.1.2
1.1 benno 437: <li>Lua 5.1.5, 5.2.4 and 5.3.6
1.2 jsg 438: <li>MariaDB 10.6.4
1.1 benno 439: <li>Mono 6.12.0.122
1.2 jsg 440: <li>Mozilla Firefox 92.0 and ESR 91.1.0
1.7 jsg 441: <li>Mozilla Thunderbird 91.1.1
1.2 jsg 442: <li>Mutt 2.1.3 and NeoMutt 20210205
443: <li>Node.js 12.22.6
1.1 benno 444: <li>OCaml 4.10.0
1.2 jsg 445: <li>OpenLDAP 2.4.59
446: <li>PHP 7.3.30, 7.4.23 and 8.0.10
1.7 jsg 447: <li>Postfix 3.5.12
1.2 jsg 448: <li>PostgreSQL 13.4
449: <li>Python 2.7.18, 3.8.12 and 3.9.7
450: <li>Qt 5.15.2 and 6.0.4
451: <li>R 4.1.1
452: <li>Ruby 2.6.8, 2.7.4 and 3.0.2
453: <li>Rust 1.55.0
454: <li>SQLite 3.35.5
1.1 benno 455: <li>Shotcut 21.01.29
1.2 jsg 456: <li>Sudo 1.9.7p2
457: <li>Suricata 6.0.2
1.1 benno 458: <li>Tcl/Tk 8.5.19 and 8.6.8
459: <li>TeX Live 2020
1.2 jsg 460: <li>Vim 8.2.3394 and Neovim 0.5.0
1.1 benno 461: <li>Xfce 4.16
462: </ul>
463: <p>
464:
465: <li>As usual, steady improvements in manual pages and other documentation.
466:
467: <li>The system includes the following major components from outside suppliers:
468: <ul>
1.2 jsg 469: <li>Xenocara (based on X.Org 7.7 with xserver 1.20.13 + patches,
1.5 jsg 470: freetype 2.10.4, fontconfig 2.12.4, Mesa 21.1.8, xterm 367,
1.2 jsg 471: xkeyboard-config 2.20, fonttosfnt 1.2.2 and more)
472: <li>LLVM/Clang 11.1.0 (+ patches)
1.1 benno 473: <li>GCC 4.2.1 (+ patches) and 3.3.6 (+ patches)
474: <li>Perl 5.32.1 (+ patches)
1.2 jsg 475: <li>NSD 4.3.7
476: <li>Unbound 1.13.2
1.1 benno 477: <li>Ncurses 5.7
478: <li>Binutils 2.17 (+ patches)
479: <li>Gdb 6.3 (+ patches)
480: <li>Awk December 18, 2020 version
1.2 jsg 481: <li>Expat 2.4.1
1.12 benno 482: <li><a href="https://man.openbsd.org/drm.4">drm(4)</a> from Linux 5.10.47.
483: <li>libdrm 2.4.107
1.1 benno 484: </ul>
485:
486: </ul>
487: </section>
488:
489: <hr>
490:
491: <section id=install>
492: <h3>How to install</h3>
493: <p>
494: Please refer to the following files on the mirror site for
495: extensive details on how to install OpenBSD 7.0 on your machine:
496:
497: <ul>
498: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/alpha/INSTALL.alpha">
499: .../OpenBSD/7.0/alpha/INSTALL.alpha</a>
500: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/amd64/INSTALL.amd64">
501: .../OpenBSD/7.0/amd64/INSTALL.amd64</a>
502: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/arm64/INSTALL.arm64">
503: .../OpenBSD/7.0/arm64/INSTALL.arm64</a>
504: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/armv7/INSTALL.armv7">
505: .../OpenBSD/7.0/armv7/INSTALL.armv7</a>
506: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/hppa/INSTALL.hppa">
507: .../OpenBSD/7.0/hppa/INSTALL.hppa</a>
508: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/i386/INSTALL.i386">
509: .../OpenBSD/7.0/i386/INSTALL.i386</a>
510: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/landisk/INSTALL.landisk">
511: .../OpenBSD/7.0/landisk/INSTALL.landisk</a>
512: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/loongson/INSTALL.loongson">
513: .../OpenBSD/7.0/loongson/INSTALL.loongson</a>
514: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/luna88k/INSTALL.luna88k">
515: .../OpenBSD/7.0/luna88k/INSTALL.luna88k</a>
516: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/macppc/INSTALL.macppc">
517: .../OpenBSD/7.0/macppc/INSTALL.macppc</a>
518: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/octeon/INSTALL.octeon">
519: .../OpenBSD/7.0/octeon/INSTALL.octeon</a>
520: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/powerpc64/INSTALL.powerpc64">
521: .../OpenBSD/7.0/powerpc64/INSTALL.powerpc64</a>
1.3 jsg 522: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/riscv64/INSTALL.riscv64">
523: .../OpenBSD/7.0/riscv64/INSTALL.riscv64</a>
1.1 benno 524: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.0/sparc64/INSTALL.sparc64">
525: .../OpenBSD/7.0/sparc64/INSTALL.sparc64</a>
526: </ul>
527: </section>
528:
529: <hr>
530:
531: <section id=quickinstall>
532: <p>
533: Quick installer information for people familiar with OpenBSD, and the use of
534: the "<a href="https://man.openbsd.org/disklabel.8">disklabel</a> -E" command.
535: If you are at all confused when installing OpenBSD, read the relevant
536: INSTALL.* file as listed above!
537:
538: <h3>OpenBSD/alpha:</h3>
539:
540: <p>
541: If your machine can boot from CD, you can write <i>install70.iso</i> or
542: <i>cd70.iso</i> to a CD and boot from it.
543: Refer to INSTALL.alpha for more details.
544:
545: <h3>OpenBSD/amd64:</h3>
546:
547: <p>
548: If your machine can boot from CD, you can write <i>install70.iso</i> or
549: <i>cd70.iso</i> to a CD and boot from it.
550: You may need to adjust your BIOS options first.
551:
552: <p>
553: If your machine can boot from USB, you can write <i>install70.img</i> or
554: <i>miniroot70.img</i> to a USB stick and boot from it.
555:
556: <p>
557: If you can't boot from a CD, floppy disk, or USB,
558: you can install across the network using PXE as described in the included
559: INSTALL.amd64 document.
560:
561: <p>
562: If you are planning to dual boot OpenBSD with another OS, you will need to
563: read INSTALL.amd64.
564:
565: <h3>OpenBSD/arm64:</h3>
566:
567: <p>
568: Write <i>install70.img</i> or <i>miniroot70.img</i> to a disk and boot from it
569: after connecting to the serial console. Refer to INSTALL.arm64 for more
570: details.
571:
572: <h3>OpenBSD/armv7:</h3>
573:
574: <p>
575: Write a system specific miniroot to an SD card and boot from it after connecting
576: to the serial console. Refer to INSTALL.armv7 for more details.
577:
578: <h3>OpenBSD/hppa:</h3>
579:
580: <p>
581: Boot over the network by following the instructions in INSTALL.hppa or the
582: <a href="hppa.html#install">hppa platform page</a>.
583:
584: <h3>OpenBSD/i386:</h3>
585:
586: <p>
587: If your machine can boot from CD, you can write <i>install70.iso</i> or
588: <i>cd70.iso</i> to a CD and boot from it.
589: You may need to adjust your BIOS options first.
590:
591: <p>
592: If your machine can boot from USB, you can write <i>install70.img</i> or
593: <i>miniroot70.img</i> to a USB stick and boot from it.
594:
595: <p>
596: If you can't boot from a CD, floppy disk, or USB,
597: you can install across the network using PXE as described in
598: the included INSTALL.i386 document.
599:
600: <p>
601: If you are planning on dual booting OpenBSD with another OS, you will need to
602: read INSTALL.i386.
603:
604: <h3>OpenBSD/landisk:</h3>
605:
606: <p>
607: Write <i>miniroot70.img</i> to the start of the CF
608: or disk, and boot normally.
609:
610: <h3>OpenBSD/loongson:</h3>
611:
612: <p>
613: Write <i>miniroot70.img</i> to a USB stick and boot bsd.rd from it
614: or boot bsd.rd via tftp.
615: Refer to the instructions in INSTALL.loongson for more details.
616:
617: <h3>OpenBSD/luna88k:</h3>
618:
619: <p>
620: Copy 'boot' and 'bsd.rd' to a Mach or UniOS partition, and boot the bootloader
621: from the PROM, and then bsd.rd from the bootloader.
622: Refer to the instructions in INSTALL.luna88k for more details.
623:
624: <h3>OpenBSD/macppc:</h3>
625:
626: <p>
627: Burn the image from a mirror site to a CDROM, and power on your machine
628: while holding down the <i>C</i> key until the display turns on and
629: shows <i>OpenBSD/macppc boot</i>.
630:
631: <p>
632: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
633: /7.0/macppc/bsd.rd</i>
634:
635: <h3>OpenBSD/octeon:</h3>
636:
637: <p>
638: After connecting a serial port, boot bsd.rd over the network via DHCP/tftp.
639: Refer to the instructions in INSTALL.octeon for more details.
640:
641: <h3>OpenBSD/powerpc64:</h3>
642:
643: <p>
644: To install, write <i>install70.img</i> or <i>miniroot70.img</i> to a
645: USB stick, plug it into the machine and choose the <i>OpenBSD
646: install</i> menu item in Petitboot.
647: Refer to the instructions in INSTALL.powerpc64 for more details.
648:
1.3 jsg 649: <h3>OpenBSD/riscv64:</h3>
1.1 benno 650:
651: <p>
1.3 jsg 652: To install, write <i>install70.img</i> or <i>miniroot70.img</i> to a
653: USB stick, and boot with that drive plugged in.
654: Make sure you also have the microSD card plugged in that shipped with the
655: HiFive Unmatched board.
656: Refer to the instructions in INSTALL.riscv64 for more details.
1.1 benno 657:
658: <h3>OpenBSD/sparc64:</h3>
659:
660: <p>
661: Burn the image from a mirror site to a CDROM, boot from it, and type
662: <i>boot cdrom</i>.
663:
664: <p>
665: If this doesn't work, or if you don't have a CDROM drive, you can write
666: <i>floppy70.img</i> or <i>floppyB70.img</i>
667: (depending on your machine) to a floppy and boot it with <i>boot
668: floppy</i>. Refer to INSTALL.sparc64 for details.
669:
670: <p>
671: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
672: will most likely fail.
673:
674: <p>
675: You can also write <i>miniroot70.img</i> to the swap partition on
676: the disk and boot with <i>boot disk:b</i>.
677:
678: <p>
679: If nothing works, you can boot over the network as described in INSTALL.sparc64.
680: </section>
681:
682: <hr>
683:
684: <section id=upgrade>
685: <h3>How to upgrade</h3>
686: <p>
1.4 jsg 687: If you already have an OpenBSD 6.9 system, and do not want to reinstall,
1.1 benno 688: upgrade instructions and advice can be found in the
689: <a href="faq/upgrade70.html">Upgrade Guide</a>.
690: </section>
691:
692: <hr>
693:
694: <section id=sourcecode>
695: <h3>Notes about the source code</h3>
696: <p>
697: <code>src.tar.gz</code> contains a source archive starting at <code>/usr/src</code>.
698: This file contains everything you need except for the kernel sources,
699: which are in a separate archive.
700: To extract:
701: <blockquote><pre>
702: # <kbd>mkdir -p /usr/src</kbd>
703: # <kbd>cd /usr/src</kbd>
704: # <kbd>tar xvfz /tmp/src.tar.gz</kbd>
705: </pre></blockquote>
706: <p>
707: <code>sys.tar.gz</code> contains a source archive starting at <code>/usr/src/sys</code>.
708: This file contains all the kernel sources you need to rebuild kernels.
709: To extract:
710: <blockquote><pre>
711: # <kbd>mkdir -p /usr/src/sys</kbd>
712: # <kbd>cd /usr/src</kbd>
713: # <kbd>tar xvfz /tmp/sys.tar.gz</kbd>
714: </pre></blockquote>
715: <p>
716: Both of these trees are a regular CVS checkout. Using these trees it
717: is possible to get a head-start on using the anoncvs servers as
718: described <a href="anoncvs.html">here</a>.
719: Using these files
720: results in a much faster initial CVS update than you could expect from
721: a fresh checkout of the full OpenBSD source tree.
722: </section>
723:
724: <hr>
725:
726: <section id=ports>
727: <h3>Ports Tree</h3>
728: <p>
729: A ports tree archive is also provided. To extract:
730: <blockquote><pre>
731: # <kbd>cd /usr</kbd>
732: # <kbd>tar xvfz /tmp/ports.tar.gz</kbd>
733: </pre></blockquote>
734: <p>
735: Go read the <a href="faq/ports/index.html">ports</a> page
736: if you know nothing about ports
737: at this point. This text is not a manual of how to use ports.
738: Rather, it is a set of notes meant to kickstart the user on the
739: OpenBSD ports system.
740: <p>
741: The <i>ports/</i> directory represents a CVS checkout of our ports.
742: As with our complete source tree, our ports tree is available via
743: <a href="anoncvs.html">AnonCVS</a>.
744: So, in order to keep up to date with the -stable branch, you must make
745: the <i>ports/</i> tree available on a read-write medium and update the tree
746: with a command like:
747: <blockquote><pre>
748: # <kbd>cd /usr/ports</kbd>
749: # <kbd>cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_7_0</kbd>
750: </pre></blockquote>
751: <p>
752: [Of course, you must replace the server name here with a nearby anoncvs
753: server.]
754: <p>
755: Note that most ports are available as packages on our mirrors. Updated
756: ports for the 7.0 release will be made available if problems arise.
757: <p>
758: If you're interested in seeing a port added, would like to help out, or just
759: would like to know more, the mailing list
760: <a href="mail.html">ports@openbsd.org</a> is a good place to know.
761: </section>