Annotation of www/72.html, Revision 1.15
1.1 deraadt 1: <!doctype html>
2: <html lang=en id=release>
3: <head>
4: <meta charset=utf-8>
5:
6: <title>OpenBSD 7.2</title>
7: <meta name="description" content="OpenBSD 7.2">
8: <meta name="viewport" content="width=device-width, initial-scale=1">
9: <link rel="stylesheet" type="text/css" href="openbsd.css">
10: <link rel="canonical" href="https://www.openbsd.org/72.html">
11: </head><body>
12: <h2 id=OpenBSD>
13: <a href="index.html">
14: <i>Open</i><b>BSD</b></a>
15: 7.2
16: </h2>
17:
18: <table>
19: <tr>
20: <td>
21: <a href="images/XXX.png">
22: <img width="227" height="303" src="images/XXX-s.gif" alt="XXX"></a>
23: <td>
24: Released Oct 20, 2022. (53rd OpenBSD release)<br>
25: Copyright 1997-2022, Theo de Raadt.<br>
26: <br>
27: Artwork by Luc Houweling.
28: <br>
29: <ul>
30: <li>See the information on <a href="ftp.html">the FTP page</a> for
31: a list of mirror machines.
32: <li>Go to the <code class=reldir>pub/OpenBSD/7.2/</code> directory on
33: one of the mirror sites.
34: <li>Have a look at <a href="errata72.html">the 7.2 errata page</a> for a list
35: of bugs and workarounds.
36: <li>See a <a href="plus72.html">detailed log of changes</a> between the
37: 7.1 and 7.2 releases.
38: <p>
39: <li><a href="https://man.openbsd.org/signify.1">signify(1)</a>
40: pubkeys for this release:<p>
41:
42: <table class=signify>
43: <tr><td>
44: openbsd-72-base.pub:
45: <td>
46: <a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/openbsd-72-base.pub">
47: RWQTKNnK3CZZ8Lid7/kWPO1WxjEsTeuxiXbJSSg6RDir9OJmV+t7GrOo
48: <tr><td>
49: openbsd-72-fw.pub:
50: <td>
51: RWRvwsB/ZxwZxiQBgNVhuCnEacKE1MhrcDX25jFccqaj0pxsY9oIPJq4
52: <tr><td>
53: openbsd-72-pkg.pub:
54: <td>
55: RWSyNc+EwQQo5bZ5XtDpnk0FUl8NrIl+Ocq4FV/5VTvP9rOgHzKEnBx0
56: <tr><td>
57: openbsd-72-syspatch.pub:
58: <td>
59: RWQuBB7PRAc2Zy+C7VAynLuan8WDVtQ9R4xLpl8yjf1zxfqEBRRJ+66w
60: </table>
61: </ul>
62: <p>
63: All applicable copyrights and credits are in the src.tar.gz,
64: sys.tar.gz, xenocara.tar.gz, ports.tar.gz files, or in the
65: files fetched via <code>ports.tar.gz</code>.
66: </table>
67:
68: <hr>
69:
70: <section id=new>
71: <h3>What's New</h3>
72: <p>
73: This is a partial list of new features and systems included in OpenBSD 7.2.
74: For a comprehensive list, see the <a href="plus72.html">changelog</a> leading
75: to 7.2.
76:
77: <ul>
78:
79: <li>New/extended platforms:
80: <ul>
1.4 jsg 81: <li>Added support for Ampere Altra
82: <li>Added support for Apple M2
83: <li>Added support for Qualcomm Snapdragon 8cx Gen 3 (SC8280XP)
1.1 deraadt 84: <li>...
85: </ul>
86:
87: <li>Various kernel improvements:
88: <ul>
1.12 benno 89: <li>Allowed bsd.rd and bsd/bsd.mp to boot on Oracle Cloud amd64 instances.
90: <li>Added support for switching from glass console to serial console
91: on arm64 systems that default to glass console.
1.9 bluhm 92: <li>pf(4) automatically allows IGMP and ICMP6 MLD packets with
93: router alert option.
94: Special allow-opts rules are no longer needed for multicast
95: discovery.
96: <li>Implement "show all routes" to print routing tables in ddb(4).
97: <li>Count dropped network packets due to low memory in netstat(1).
1.12 benno 98: <li>Simplified machine command handling in <a
99: href="https://man.openbsd.org/ddb.4">ddb(4)</a>.
100: <li>Changed to a simpler formula to calculate a default kern.maxthread
101: value: 2*NPROCESS.
102: <li>Enabled <a href="https://man.openbsd.org/kstat.4">kstat(4)</a>, a
103: device that exports kernel statistics that can be read by <a
104: href="https://man.openbsd.org/kstat.4">kstat(4)</a>.
1.13 benno 105: <li>Added cpu frequency sensors for each core on CPUs that have MPERF/APERF support.
1.14 benno 106: <li>Merged the UVM swap-backed and object-backed inactive page lists.
107: <li>Fixed <a href="https://man.openbsd.org/rwlock.9">rwlock(9)</a>
108: implementation to be fair to writers. Previously, readers could grab
109: the lock even if writers were waiting first.
110: <li>Made the CPU frequency scaling duration relative to the load
111: when in automatic mode on battery.
112: <li>Fixed luna88k MULTIPROCESSOR kernels booting with CPU modules
113: installed in arbitrary slots.
1.1 deraadt 114: </ul>
115:
116: <li>SMP Improvements
117: <ul>
1.9 bluhm 118: <li>Make route timer MP safe and use pool rttmr.
119: <li>Use kernel lock to protect parts of ARP, ND6 and PPPoE that
120: are not MP safe.
121: Lookup of existing ARP entry is MP safe and can run in parallel.
122: <li>Start up to 4 softnet tasks to run IP input and forwarding
123: in parallel on multiple cores.
124: <li>Run IPv4 packet reassembly in parallel.
125: <li>Run IPv6 hop-by-hop options processing in parallel.
126: <li>Add a mutex to rate limiting functions to make them MP safe.
127: <li>Introduce mutex and reference counter for internet protocol
128: control block.
129: <li>Protect UDP, raw IP, and divert packet input routines
130: with a per socket mutex.
131: <li>Protect recv(2) system call for UDP and raw IP packets with
132: a per socket mutex and shared netlock.
133: Allows to receive packets while forwarding in parallel.
134: <li>Protect multicast deliver loop for UDP and raw IP sockets with rwlock.
1.13 benno 135: <li>Only grab netlock in IGMP and MLD timer when necessary.
1.9 bluhm 136: <li>TCP slow timer runs without netlock.
137: <li>Rework rwlock so that a writer will get the lock eventually.
138: Readers cannot share the lock forever.
139: This prevents starvation of the writer.
140: <li>Run interface media ioctl with shared netlock so packets
141: can be processed while running ifconfig(8).
142: <li>btrace(8) can be used to debug reference counting.
143: <li>Use MP safe refcount for interface addresses.
1.1 deraadt 144: <li>...
145: </ul>
146:
1.13 benno 147: <li>Direct Rendering Manager and graphics drivers
1.1 deraadt 148: <ul>
1.5 jsg 149: <li>Updated <a href="https://man.openbsd.org/drm.4">drm(4)</a>
150: to Linux 5.15.69
151: <li><a href="https://man.openbsd.org/inteldrm.4">inteldrm(4)</a>:
152: support for Alder Lake, Raptor Lake
1.13 benno 153: <li>Reimplemented the page allocation code using <a
154: href="https://man.openbsd.org/bus_dma.9">bus_dma(9)</a> APIs to make
155: sure DMA addresses are translated properly on architectures with an
156: IOMMU. This fixed <a
157: href="https://man.openbsd.org/amdgpu.4">amdgpu(4)</a> and <a
158: href="https://man.openbsd.org/radeondrm.4">radeondrm(4)</a> on
159: powerpc, sparc64, and arm64 machines.
1.1 deraadt 160: </ul>
161:
162: <li>VMM/VMD improvements
163: <ul>
1.11 benno 164: <li>Improved error handling and logging in <a
165: href="https://man.openbsd.org/vmd.8">vmd(8)</a>
166: <li>Unify all internal structures and interfaces between <a
167: href="https://man.openbsd.org/vmd.8">vmd(8)</a>, <a
168: href="https://man.openbsd.org/vmctl.8">vmctl(8)</a> and <a
169: href="https://man.openbsd.org/vmm.4">vmm(4)</a> to use bytes for
1.13 benno 170: memory and disk sizes.
1.11 benno 171: <li>fix rebooting a received vm in <a
172: href="https://man.openbsd.org/vmd.8">vmd(8)</a>.
173: <li>Have <a href="https://man.openbsd.org/vmd.8">vmd(8)</a> provide
174: a copy of bios at 4g boundary, SeaBIOS and newer Linux kernels expect
175: it there.
176: <li>In <a href="https://man.openbsd.org/vmd.8">vmd(8)</a>, fix off by
177: one in vm memory range check.
178: <li>In <a href="https://man.openbsd.org/vmd.8">vmd(8)</a>, add
179: support for mmio assist. In <a
180: href="https://man.openbsd.org/vmm.4">vmm(4)</a>, send all port io
181: emulation to userland.
182: <li>Have <a href="https://man.openbsd.org/vmd.8">vmd(8)</a> compute
183: i8254 read-back command latch from singular timestamp.
184: <li>Improve the command line parsing in <a
185: href="https://man.openbsd.org/vmctl.8">vmctl(8)</a>.
186: <li>Let <a href="https://man.openbsd.org/vmm.4">vmm(4)</a> allow
187: reading MSR_TSC on Intel hosts.
188: <li>In <a href="https://man.openbsd.org/vmm.4">vmm(4)</a>, reference
189: count vm's and vcpu's.
190: <li>In <a href="https://man.openbsd.org/vmm.4">vmm(4)</a>, zero
191: virtual addresses of vcpu state pages after freeing.
192: <li>Fix `vmctl send` on Intel hosts by load the vmcs before reading
193: vcpu registers in <a href="https://man.openbsd.org/vmm.4">vmm(4)</a>.
194: <li>Fix `vmctl receive` on Intel hosts by adding an additional fault
195: type in <a href="https://man.openbsd.org/vmm.4">vmm(4)</a>.
196: <li>Add additional <a href="https://man.openbsd.org/dt.4">dt(4)</a>
197: tracepoints in various <a
198: href="https://man.openbsd.org/vmm.4">vmm(4)</a> codepaths.
1.1 deraadt 199: </ul>
200:
201: <li>Various new userland features:
202: <ul>
1.12 benno 203: <li>Added <a href="https://man.openbsd.org/kstat.1">kstat(1)</a>, a
204: utility to display kernel statistics collected by <a
205: href="https://man.openbsd.org/kstat.4">kstat(4)</a>.
1.14 benno 206: <li>Replaced <a href="https://man.openbsd.org/rc.d.8">rc.d(8)</a>
207: $rcexec variable with an rc_exec function. <em>This will require a
208: mechanical change from <code>${rcexec}</code> to <code>rc_exec</code>
209: in rc.d scripts.</em> Kept compatibility to give people a chance to
210: fix their custom scripts.
1.1 deraadt 211: </ul>
212:
213: <li>Various bugfixes and tweaks in userland:
214: <ul>
1.12 benno 215: <li>Changed <a href="https://man.openbsd.org/compress">compress(1)</a>
216: to print a more accurate message when -v is used with -k.
217: <li>Fixed <a href="https://man.openbsd.org/openrsync">openrsync(1)</a>
218: on sparc64 by eliminating a redundant second conversion of the int
219: value from little to host endian.
220: <li>Made use of the fact that repositories are unique objects in <a
221: href="https://man.openbsd.org/pkg_add">pkg_add(1)</a> and annotated
222: the quirks repository as cached, allowing for a large speed increase.
1.14 benno 223: <li>Enabled <a href="https://man.openbsd.org/pkg_add.1">pkg_add(1)</a> caching by default.
1.12 benno 224: <li>Fixed <a href="https://man.openbsd.org/kbd.8">kbd(8)</a> so it
225: doesn't fail silently when executed by a regular user.
1.13 benno 226: <li>Prevented a crash in <a
227: href="https://man.openbsd.org/vi">vi(1)</a> when cursor key support is disabled.
228: <li>Updated <a href="https://man.openbsd.org/vi">vi(1)</a> to apply
229: expandtab to the output of a ! command.
230: <li>Added missing uuid_dec_le() to init_fp() so <a
231: href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> -A works on
232: big-endian architectures.
1.14 benno 233: <li>Aligned <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a>
234: logic with that used in the kernel to allow the protective EFI GPT
235: partition to be in MBR partitions 0-3, not just 0.
236: <li>Prevented use of "-u" when <a
237: href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> is operating on
238: GPT formatted disks.
239: <li>Stopped telling <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> that macppc HAS_MBR.
240:
241:
242: <li>In the <i>sndio</i> library, added the function <a
243: href="https://man.openbsd.org/sio_flush.3">sio_flush(3)</a> to stop
244: playback immediately. Altered <a
245: href="https://man.openbsd.org/sndiod.8">sndiod(8)</a> to wait until
246: the buffer is drained before closing the device.
247: <li>Installed useful <a
248: href="https://man.openbsd.org/btrace.8">btrace(8)</a> scripts in
249: /usr/share/btrace.
250: <li>Made <a href="https://man.openbsd.org/xterm.1">xterm(1)</a> use a
251: much safer FD-passing idiom for updating <a
252: href="https://man.openbsd.org/utmp.5">utmp(5)</a>.
253: <li>Made <a href="https://man.openbsd.org/mg.1">mg(1)</a>
254: automatically delete trailing whitespace on RET in c-mode and
255: auto-indent-mode.
256:
1.1 deraadt 257: </ul>
258:
259: <li>Improved hardware support and driver bugfixes, including:
260: <ul>
1.7 jsg 261: <li>New <a href="https://man.openbsd.org/arm64/aplaudio.4">aplaudio(4)</a>
262: driver for Apple audio subsystem.
263: <li>New <a href="https://man.openbsd.org/arm64/aplmca.4">aplmca(4)</a>
264: driver for Apple MCA controller.
265: <li>New <a href="https://man.openbsd.org/arm64/aplsart.4">aplsart(4)</a>
266: driver for Apple SART address filter.
267: <li>New alpdc, apldchidev, apldckbd, apldcms, and aplrtk drivers for
268: keyboard and trackpad on Apple M2 laptops.
269: <li>New <a href="https://man.openbsd.org/arm64/qcgpio.4">qcgpio(4)</a>
270: driver for Qualcomm Snapdragon GPIO controller.
271: <li>New <a href="https://man.openbsd.org/arm64/qciic.4">qciic(4)</a>
272: driver for Qualcomm Snapdragon GENI I2C controller.
273: <li>New <a href="https://man.openbsd.org/riscv64/sfgpio.4">sfgpio(4)</a>
274: driver for SiFive GPIO controller.
275: <li>New <a href="https://man.openbsd.org/riscv64/stfclock.4">stfclock(4)</a>
276: driver for StarFive JH7100 clock controller.
277: <li>New <a href="https://man.openbsd.org/riscv64/stfpinctrl.4">stfpinctrl(4)</a>
278: driver for StarFive JH7100 pin configuration.
279: <li>New stftemp
280: driver for StarFive JH7100 temperature sensor.
281: <li>New <a href="https://man.openbsd.org/sxirintc.4">sxirintc(4)</a>
282: driver for Allwinner wakeup interrupt controller.
283: <li>New gpiorestart
284: driver for system reset via GPIO pin.
1.12 benno 285: <li>Added support for more power sensors to <a
286: href="https://man.openbsd.org/ipmi.4">ipmi(4)</a>.
1.14 benno 287: <li>Added support for the <a
288: href="https://man.openbsd.org/ehci.4">ehci(4)</a> controller on
289: marvell 3720 boards.
1.12 benno 290:
1.1 deraadt 291: </ul>
292:
293: <li>New or improved network hardware support:
294: <ul>
1.6 mbuhl 295: <li>Enabled checksum offloads in <a href="https://man.openbsd.org/igc.4"
296: >igc(4)</a>.
1.13 benno 297: <li>Extended <a href="https://man.openbsd.org/ksmn.4">ksmn(4)</a> to show CCD temperatures if available.
1.1 deraadt 298: </ul>
299:
300: <li>Added or improved wireless network drivers:
301: <ul>
1.12 benno 302: <li>Made device matching in <a href="https://man.openbsd.org/iwx.4">iwx(4)</a> more similar to linux iwlwifi.
1.14 benno 303: <li>Added support for AX210/AX211 devices to <a href="https://man.openbsd.org/iwx.4">iwx(4)</a>.
304: <li>Fixed <a href="https://man.openbsd.org/iwx.4">iwx(4)</a> setting
305: of HT/VHT bits in rate flags of the Tx command that could cause a
306: firmware panic.
1.13 benno 307: <li>Repaired <a href="https://man.openbsd.org/rge.4">rge(4)</a> hardware vlan tagging.
308: <li>Updated various wireless drivers to use <a href="https://man.openbsd.org/memset.3">memset(3)</a> to initialize ieee80211_rxinfo struct properly.
309: <li>Increased rx buffer size on <a href="https://man.openbsd.org/uaq.4">uaq(4)</a> to 62kB.
310:
1.1 deraadt 311: </ul>
312:
313: <li>IEEE 802.11 wireless stack improvements and bugfixes:
314: <ul>
315: <li>...
316: </ul>
317:
318: <li>Installer and upgrade improvements:
319: <ul>
1.14 benno 320: <li>Fixed the watchdog in the installer so that the watchdog is reset
321: after each download and each set installation.
1.1 deraadt 322: </ul>
323:
324: <li>Security improvements:
325: <ul>
326: <li>...
327: </ul>
328:
1.12 benno 329: <li>Changes in the network stack:
330: <ul>
1.13 benno 331: <li>Relaxed address availability check for <a
332: href="https://man.openbsd.org/multicast.4">multicast(4)</a> binds so
333: processes listening for the same multicast address do not need to be
334: the same UID.
335: <li>Introduced dedicated link entries for snapshots to <a
336: href="https://man.openbsd.org/pfsync.4">pfsync(4)</a>.
1.14 benno 337: <li>Changed <a href="https://man.openbsd.org/pf.4">pf(4)</a> handling
338: of IGMP and ICMP6 MLD packets to allow multicast control packets to
339: work by default.
340: <li>Made <a href="https://man.openbsd.org/pf.4">pf(4)</a> more paranoid about IGMP/MKP messages.
341: <li>Allow forwarding to and from IPs in the 240/4 range.
342: <li>Corrected the virtual ethernet bridge <a
343: href="https://man.openbsd.org/veb.4">veb(4)</a> to avoid calling
344: if_enqueue from an smr critical section.
345: <li>Fixed a kernel panic in <a
346: href="https://man.openbsd.org/pf.4">pf(4)</a> if IP options with an
347: ICMP payload were truncated. Such packets will now be dropped instead.
1.12 benno 348: </ul>
349:
1.1 deraadt 350: <li>Routing daemons and other userland network improvements:
351: <ul>
1.11 benno 352: <li>IPsec support was improved:
353: <ul>
354: </ul>
355: <li>In <a href="https://man.openbsd.org/bgpd.conf.5">bgpd(8)</a>,
356: <ul>
357: <li>Implement max-communities filter to limit the number of allowed
358: communities, ext-communities and large-communities.
359: <li>Fix insertion of additional non-transitive extended communities when
360: sending out prefixes.
361: <li>Relax IP address limitation by allowing prefixes in 240/4.
362: <li>Implement RFC 9234 - Route Leak Prevention and Detection Using Roles
363: in UPDATE and OPEN Messages.
364: <li>Full support for RFC 7911 - Advertisement of Multiple Paths in BGP.
365: <li>Improve FIB code, handle IPv6 scoped addresses properly.
366: <li>Add <a href="https://man.openbsd.org/bgplgd.8">bgplgd(8)</a>,
367: a fastcgi server providing a REST API of bgpctl.
368: <li>Bugfix: bgpd(8) could fail to invalidate nexthops and incorrectly
369: leave them in the FIB or Adj-RIB-Out.
370: <li>Speedup <a href="https://man.openbsd.org/bgpctl.8">bgpctl</a>
371: <code>show rib 10/8 or-longer</code> and <code>show rib 10/8
372: or-shorter</code>
373: <li>Switch various static hash tables to RB trees improving
374: performance on large systems
375: <li>Export per neighbor pending update and withdraw statistics
376: <li>Fix race between a neighbor session reset and its update message
377: backlog
378: <li>Improve handling of nexthop reachability state changes
379: </ul>
380: <li><a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a> saw some changes:
381: <ul>
1.12 benno 382: <li>Allowed more than one CRL URI in certificates.
1.11 benno 383: <li>Do not apply timezone offsets when converting X509 times. X509
384: times are in UTC and comparing them to times in different timezones
385: would cause validity problems.
386: <li>Add support for an operator-configurable skiplist facility.
387: Operators can specify a list of FQDNs which should not be contacted
388: when synchronizing the local cache to the network.
389: <li>Emit a warning when a RRDP session serial number decreases.
390: <li>DER decoding functions were refactored to leverage ASN.1 templates.
391: <li>Add support to validate & inspect .sig files containing RPKI Signed
392: Checklists in filemode (-f). (draft-ietf-sidrops-rpki-rsc-08)
393: <li>Print various statistics after the completion of the main process.
394: <li>Add support to decode & print TAL (RFC 8630) details in filemode (-f).
395: <li>Emit objects in Concatenated JSON format when filemode (-f) and the JSON
396: output flag (-j) are combined.
1.13 benno 397: <li>Add support for validating Autonomous System Provider Authorization
1.11 benno 398: (ASPA) objects conforming to draft-ietf-sidrops-aspa-profile-10.
399: Validated ASPA payloads are visible in JSON and filemode (-f) output.
400: <li>Set rsync connection I/O idle timeout to 15 seconds.
1.13 benno 401: <li>Unify the maximum idle I/O and connect timeouts for rsync & HTTPS.
1.11 benno 402: <li>Rpki-client now performs stricter EE certificate validation:
403: <ul>
404: <li>Disallow AS Resources extensions in ROA EE certificates.
405: <li>Disallow Subject Information Access (SIA) extensions in RPKI
406: Signed Checklist (RSC) EE certs.
407: <li>Check the resources in ROAs and RSCs against EE certs.
408: </ul>
409: <li>Improve readability and add various information being printed in
410: verbose mode.
411: <li>Extend filemode (-f) output and print X.509 certificates in PEM
412: format when increased verbosity (-vv) is specified.
413: <li>Shorten the RRDP I/O idle timeout.
414: <li>Introduce a deadline timer that aborts all repository synchronization
415: after seven eights of timeout (-s). With this rpki-client has improved
1.13 benno 416: chances to complete and produce an output even when a CA is excessively
1.11 benno 417: slow.
418: <li>Abort a currently running RRDP request process when the per-repository
419: timeout is reached.
420: <li>Permit multiple AccessDescription entries in SIA X.509 extensions. While
421: fetching from secondary locations is not yet supported, rpki-client will
1.13 benno 422: not treat occurrence as a fatal error.
1.11 benno 423: <li>Resolve a potential for a race condition in non-atomic RRDP deltas.
424: <li>Fix some memory leaks.
425: <li>Improve compliance with the HTTP protocol specification.
426: </ul>
427:
1.14 benno 428: <li>In <a href="https://man.openbsd.org/ospfd.8">ospfd(8)</a>,
1.11 benno 429: relax the limitations on what is an acceptable unicast IP. There are no
430: more experiments in IPv4 and so there is less reason for network
431: daemons to deny formerly experimental IP space. Multicast IPs
1.13 benno 432: (224/4) and loopback (127/8) are still disallowed.
1.14 benno 433: <li>Added check to <a
434: href="https://man.openbsd.org/acme-client.1">acme-client(1)</a> to
435: ensure the challenge token is turned into a filename that is base64url
436: encoded.
437: <li>Added RFC 9234 "BGP Role" support to <a
438: href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a>
1.11 benno 439:
1.1 deraadt 440: </ul>
441:
442: <li><a href="https://man.openbsd.org/tmux">tmux(1)</a> improvements and bug fixes:
443: <ul>
444: <li>...
445: </ul>
446:
1.2 jsg 447: <li>LibreSSL version 3.6.0
1.1 deraadt 448: <ul>
449: <li>New Features
450: <ul>
451: <li>...
452: </ul>
453:
454: <li>Portable Improvements
455: <ul>
456: <li>...
457: </ul>
458:
459: <li>Compatibility Changes
460: <ul>
461: <li>...
462: </ul>
463:
464: <li>Bug fixes
465: <ul>
466: <li>...
467: </ul>
468:
469: <li>Internal Improvements
470: <ul>
471: <li>...
472: </ul>
473:
474: <li>Documentation improvements
475: <ul>
476: <li>...
477: </ul>
478: </ul>
479:
1.2 jsg 480: <li>OpenSSH 9.1
1.1 deraadt 481: <ul>
482: <li>...
483: </ul>
484:
485: <li>mandoc 1.14.6 plus several bugfixes, including:
486: <ul>
1.12 benno 487: <li>Fixed calculation of the width of spanned columns in <a
488: href="https://man.openbsd.org/mandoc">mandoc(1)</a>.
1.14 benno 489: <li>Made <a href="https://man.openbsd.org/mandoc.1">mandoc(1)</a>'s
490: roff_expand() parse left-to-right rather than right-to-left.
491:
1.1 deraadt 492: </ul>
493:
494: <li>Ports and packages:
495: <p>Many pre-built packages for each architecture:
496: <!-- number of FTP packages minus SHA256, SHA256.sig, index.txt -->
497: <ul style="column-count: 3">
498: <li>aarch64: XXXX
499: <li>amd64: XXXX
500: <li>arm: XXXX
501: <li>i386: XXXX
502: <li>mips64: XXXX
503: <li>powerpc: XXXX
504: <li>powerpc64: XXXX
505: <li>riscv64: XXXX
506: <li>sparc64: XXXX
507: </ul>
508:
509: <p>Some highlights:
510: <ul style="column-count: 3">
1.3 sthen 511: <li>Asterisk 16.28.0, 18.14.0 and 19.6.0
1.1 deraadt 512: <li>Audacity 2.4.2
1.3 sthen 513: <li>CMake 3.24.2
514: <li>Chromium 105.0.5195.125
515: <li>Emacs 28.2
516: <li>FFmpeg 4.4.2
1.1 deraadt 517: <li>GCC 8.4.0 and 11.2.0
1.3 sthen 518: <li>GHC 9.2.4
519: <li>GNOME 42.4
520: <li>Go 1.19.1
521: <li>JDK 8u342, 11.0.16 and 17.0.4
522: <li>KDE Applications 22.08.1
523: <li>KDE Frameworks 5.98.0
524: <li>Krita 5.1.1
1.1 deraadt 525: <li>LLVM/Clang 13.0.0
1.3 sthen 526: <li>LibreOffice 7.4.1.2
1.1 deraadt 527: <li>Lua 5.1.5, 5.2.4 and 5.3.6
1.3 sthen 528: <li>MariaDB 10.9.3
529: <li>Mono 6.12.0.182
530: <li>Mozilla Firefox 105.0.1 and ESR 102.3.0
531: <li>Mozilla Thunderbird 102.3.0
532: <li>Mutt 2.2.7 and NeoMutt 20220429
533: <li>Node.js 16.17.1
1.1 deraadt 534: <li>OCaml 4.12.1
1.3 sthen 535: <li>OpenLDAP 2.6.3
536: <li>PHP 7.4.30, 8.0.23 and 8.1.10
537: <li>Postfix 3.7.2
538: <li>PostgreSQL 14.5
539: <li>Python 2.7.18, 3.9.14 and 3.10.7
540: <li>Qt 5.15.6 and 6.3.1
541: <li>R 4.2.1
542: <li>Ruby 2.7.6, 3.0.4 and 3.1.2
543: <li>Rust 1.63.0
544: <li>SQLite 3.39.3
545: <li>Shotcut 22.06.23
546: <li>Sudo 1.9.11.2
547: <li>Suricata 6.0.6
548: <li>Tcl/Tk 8.5.19 and 8.6.12
1.1 deraadt 549: <li>TeX Live 2021
1.3 sthen 550: <li>Vim 9.0.0192 and Neovim 0.7.2
1.1 deraadt 551: <li>Xfce 4.16
552: </ul>
553: <p>
554:
555: <li>As usual, steady improvements in manual pages and other documentation.
556:
557: <li>The system includes the following major components from outside suppliers:
558: <ul>
1.2 jsg 559: <li>Xenocara (based on X.Org 7.7 with xserver 21.1.4 + patches,
1.15 ! jsg 560: freetype 2.12.1, fontconfig 2.13.94, Mesa 22.1.7, xterm 372,
1.1 deraadt 561: xkeyboard-config 2.20, fonttosfnt 1.2.2 and more)
562: <li>LLVM/Clang 13.0.0 (+ patches)
563: <li>GCC 4.2.1 (+ patches) and 3.3.6 (+ patches)
564: <li>Perl 5.32.1 (+ patches)
1.2 jsg 565: <li>NSD 4.6.0
566: <li>Unbound 1.16.3
1.1 deraadt 567: <li>Ncurses 5.7
568: <li>Binutils 2.17 (+ patches)
569: <li>Gdb 6.3 (+ patches)
1.2 jsg 570: <li>Awk September 12, 2022
571: <li>Expat 2.4.9
1.1 deraadt 572: </ul>
573:
574: </ul>
575: </section>
576:
577: <hr>
578:
579: <section id=install>
580: <h3>How to install</h3>
581: <p>
582: Please refer to the following files on the mirror site for
583: extensive details on how to install OpenBSD 7.2 on your machine:
584:
585: <ul>
586: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/alpha/INSTALL.alpha">
587: .../OpenBSD/7.2/alpha/INSTALL.alpha</a>
588: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/amd64/INSTALL.amd64">
589: .../OpenBSD/7.2/amd64/INSTALL.amd64</a>
590: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/arm64/INSTALL.arm64">
591: .../OpenBSD/7.2/arm64/INSTALL.arm64</a>
592: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/armv7/INSTALL.armv7">
593: .../OpenBSD/7.2/armv7/INSTALL.armv7</a>
594: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/hppa/INSTALL.hppa">
595: .../OpenBSD/7.2/hppa/INSTALL.hppa</a>
596: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/i386/INSTALL.i386">
597: .../OpenBSD/7.2/i386/INSTALL.i386</a>
598: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/landisk/INSTALL.landisk">
599: .../OpenBSD/7.2/landisk/INSTALL.landisk</a>
1.8 jsg 600: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/loongson/INSTALL.loongson">
601: .../OpenBSD/7.2/loongson/INSTALL.loongson</a>
1.1 deraadt 602: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/luna88k/INSTALL.luna88k">
603: .../OpenBSD/7.2/luna88k/INSTALL.luna88k</a>
604: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/macppc/INSTALL.macppc">
605: .../OpenBSD/7.2/macppc/INSTALL.macppc</a>
606: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/octeon/INSTALL.octeon">
607: .../OpenBSD/7.2/octeon/INSTALL.octeon</a>
608: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/powerpc64/INSTALL.powerpc64">
609: .../OpenBSD/7.2/powerpc64/INSTALL.powerpc64</a>
610: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/riscv64/INSTALL.riscv64">
611: .../OpenBSD/7.2/riscv64/INSTALL.riscv64</a>
612: <li><a href="https://ftp.openbsd.org/pub/OpenBSD/7.2/sparc64/INSTALL.sparc64">
613: .../OpenBSD/7.2/sparc64/INSTALL.sparc64</a>
614: </ul>
615: </section>
616:
617: <hr>
618:
619: <section id=quickinstall>
620: <p>
621: Quick installer information for people familiar with OpenBSD, and the use of
622: the "<a href="https://man.openbsd.org/disklabel.8">disklabel</a> -E" command.
623: If you are at all confused when installing OpenBSD, read the relevant
624: INSTALL.* file as listed above!
625:
626: <h3>OpenBSD/alpha:</h3>
627:
628: <p>
629: If your machine can boot from CD, you can write <i>install72.iso</i> or
630: <i>cd72.iso</i> to a CD and boot from it.
631: Refer to INSTALL.alpha for more details.
632:
633: <h3>OpenBSD/amd64:</h3>
634:
635: <p>
636: If your machine can boot from CD, you can write <i>install72.iso</i> or
637: <i>cd72.iso</i> to a CD and boot from it.
638: You may need to adjust your BIOS options first.
639:
640: <p>
641: If your machine can boot from USB, you can write <i>install72.img</i> or
642: <i>miniroot72.img</i> to a USB stick and boot from it.
643:
644: <p>
645: If you can't boot from a CD, floppy disk, or USB,
646: you can install across the network using PXE as described in the included
647: INSTALL.amd64 document.
648:
649: <p>
650: If you are planning to dual boot OpenBSD with another OS, you will need to
651: read INSTALL.amd64.
652:
653: <h3>OpenBSD/arm64:</h3>
654:
655: <p>
656: Write <i>install72.img</i> or <i>miniroot72.img</i> to a disk and boot from it
657: after connecting to the serial console. Refer to INSTALL.arm64 for more
658: details.
659:
660: <h3>OpenBSD/armv7:</h3>
661:
662: <p>
663: Write a system specific miniroot to an SD card and boot from it after connecting
664: to the serial console. Refer to INSTALL.armv7 for more details.
665:
666: <h3>OpenBSD/hppa:</h3>
667:
668: <p>
669: Boot over the network by following the instructions in INSTALL.hppa or the
670: <a href="hppa.html#install">hppa platform page</a>.
671:
672: <h3>OpenBSD/i386:</h3>
673:
674: <p>
675: If your machine can boot from CD, you can write <i>install72.iso</i> or
676: <i>cd72.iso</i> to a CD and boot from it.
677: You may need to adjust your BIOS options first.
678:
679: <p>
680: If your machine can boot from USB, you can write <i>install72.img</i> or
681: <i>miniroot72.img</i> to a USB stick and boot from it.
682:
683: <p>
684: If you can't boot from a CD, floppy disk, or USB,
685: you can install across the network using PXE as described in
686: the included INSTALL.i386 document.
687:
688: <p>
689: If you are planning on dual booting OpenBSD with another OS, you will need to
690: read INSTALL.i386.
691:
692: <h3>OpenBSD/landisk:</h3>
693:
694: <p>
695: Write <i>miniroot72.img</i> to the start of the CF
696: or disk, and boot normally.
1.8 jsg 697:
698: <h3>OpenBSD/loongson:</h3>
699:
700: <p>
701: Write <i>miniroot72.img</i> to a USB stick and boot bsd.rd from it
702: or boot bsd.rd via tftp.
703: Refer to the instructions in INSTALL.loongson for more details.
1.1 deraadt 704:
705: <h3>OpenBSD/luna88k:</h3>
706:
707: <p>
708: Copy 'boot' and 'bsd.rd' to a Mach or UniOS partition, and boot the bootloader
709: from the PROM, and then bsd.rd from the bootloader.
710: Refer to the instructions in INSTALL.luna88k for more details.
711:
712: <h3>OpenBSD/macppc:</h3>
713:
714: <p>
715: Burn the image from a mirror site to a CDROM, and power on your machine
716: while holding down the <i>C</i> key until the display turns on and
717: shows <i>OpenBSD/macppc boot</i>.
718:
719: <p>
720: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
721: /7.2/macppc/bsd.rd</i>
722:
723: <h3>OpenBSD/octeon:</h3>
724:
725: <p>
726: After connecting a serial port, boot bsd.rd over the network via DHCP/tftp.
727: Refer to the instructions in INSTALL.octeon for more details.
728:
729: <h3>OpenBSD/powerpc64:</h3>
730:
731: <p>
732: To install, write <i>install72.img</i> or <i>miniroot72.img</i> to a
733: USB stick, plug it into the machine and choose the <i>OpenBSD
734: install</i> menu item in Petitboot.
735: Refer to the instructions in INSTALL.powerpc64 for more details.
736:
737: <h3>OpenBSD/riscv64:</h3>
738:
739: <p>
740: To install, write <i>install72.img</i> or <i>miniroot72.img</i> to a
741: USB stick, and boot with that drive plugged in.
742: Make sure you also have the microSD card plugged in that shipped with the
743: HiFive Unmatched board.
744: Refer to the instructions in INSTALL.riscv64 for more details.
745:
746: <h3>OpenBSD/sparc64:</h3>
747:
748: <p>
749: Burn the image from a mirror site to a CDROM, boot from it, and type
750: <i>boot cdrom</i>.
751:
752: <p>
753: If this doesn't work, or if you don't have a CDROM drive, you can write
754: <i>floppy72.img</i> or <i>floppyB72.img</i>
755: (depending on your machine) to a floppy and boot it with <i>boot
756: floppy</i>. Refer to INSTALL.sparc64 for details.
757:
758: <p>
759: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
760: will most likely fail.
761:
762: <p>
763: You can also write <i>miniroot72.img</i> to the swap partition on
764: the disk and boot with <i>boot disk:b</i>.
765:
766: <p>
767: If nothing works, you can boot over the network as described in INSTALL.sparc64.
768: </section>
769:
770: <hr>
771:
772: <section id=upgrade>
773: <h3>How to upgrade</h3>
774: <p>
1.10 benno 775: If you already have an OpenBSD 7.1 system, and do not want to reinstall,
1.1 deraadt 776: upgrade instructions and advice can be found in the
777: <a href="faq/upgrade72.html">Upgrade Guide</a>.
778: </section>
779:
780: <hr>
781:
782: <section id=sourcecode>
783: <h3>Notes about the source code</h3>
784: <p>
785: <code>src.tar.gz</code> contains a source archive starting at <code>/usr/src</code>.
786: This file contains everything you need except for the kernel sources,
787: which are in a separate archive.
788: To extract:
789: <blockquote><pre>
790: # <kbd>mkdir -p /usr/src</kbd>
791: # <kbd>cd /usr/src</kbd>
792: # <kbd>tar xvfz /tmp/src.tar.gz</kbd>
793: </pre></blockquote>
794: <p>
795: <code>sys.tar.gz</code> contains a source archive starting at <code>/usr/src/sys</code>.
796: This file contains all the kernel sources you need to rebuild kernels.
797: To extract:
798: <blockquote><pre>
799: # <kbd>mkdir -p /usr/src/sys</kbd>
800: # <kbd>cd /usr/src</kbd>
801: # <kbd>tar xvfz /tmp/sys.tar.gz</kbd>
802: </pre></blockquote>
803: <p>
804: Both of these trees are a regular CVS checkout. Using these trees it
805: is possible to get a head-start on using the anoncvs servers as
806: described <a href="anoncvs.html">here</a>.
807: Using these files
808: results in a much faster initial CVS update than you could expect from
809: a fresh checkout of the full OpenBSD source tree.
810: </section>
811:
812: <hr>
813:
814: <section id=ports>
815: <h3>Ports Tree</h3>
816: <p>
817: A ports tree archive is also provided. To extract:
818: <blockquote><pre>
819: # <kbd>cd /usr</kbd>
820: # <kbd>tar xvfz /tmp/ports.tar.gz</kbd>
821: </pre></blockquote>
822: <p>
823: Go read the <a href="faq/ports/index.html">ports</a> page
824: if you know nothing about ports
825: at this point. This text is not a manual of how to use ports.
826: Rather, it is a set of notes meant to kickstart the user on the
827: OpenBSD ports system.
828: <p>
829: The <i>ports/</i> directory represents a CVS checkout of our ports.
830: As with our complete source tree, our ports tree is available via
831: <a href="anoncvs.html">AnonCVS</a>.
832: So, in order to keep up to date with the -stable branch, you must make
833: the <i>ports/</i> tree available on a read-write medium and update the tree
834: with a command like:
835: <blockquote><pre>
836: # <kbd>cd /usr/ports</kbd>
837: # <kbd>cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_7_2</kbd>
838: </pre></blockquote>
839: <p>
840: [Of course, you must replace the server name here with a nearby anoncvs
841: server.]
842: <p>
843: Note that most ports are available as packages on our mirrors. Updated
844: ports for the 7.2 release will be made available if problems arise.
845: <p>
846: If you're interested in seeing a port added, would like to help out, or just
847: would like to know more, the mailing list
848: <a href="mail.html">ports@openbsd.org</a> is a good place to know.
849: </section>
850: </body>
851: </html>