OpenBSD Journal

OpenBSD 4.5 released

Contributed by johan on from the there's-still-freedom-of-the-press dept.

The OpenBSD team is pleased to announce the release of OpenBSD 4.5. See the announcement for more information.

Place an order worldwide or order it from the shop closest to you, or if you only download from FTP then make a donation. If you do FTP your release, be sure to use a local mirror and not the main ftp server:

o ftp.eu.openbsd.org  Europe (Sweden)
o anga.funkfeuer.at  Austria       o openbsd...uni-erlangen.de  Germany
o obsd.cec.mtu.edu  MI, USA       o ftp3.usa.openbsd.org  CO, USA
o ftp5.usa.openbsd.org  CA, USA       o rt.fm  IL, USA

Highlights of OpenBSD 4.5 are listed below.

  • New/extended platforms:
    • Initial ports to the xscale based gumstix platform and the ARM based OpenMoko
    • OpenBSD/sparc64
      • New vdsk(4) and vnet(4) drivers provide support for virtual I/O between logical domains on Sun's CoolThreads servers, including UltraSPARC T2+ machines.
      • Workstations and laptops with UltraSPARC IIe CPUs can now scale down the CPU frequency to save power.

  • Improved hardware support, including:
    • Several new/improved drivers for sensors, including:
      • The cac(4) driver now has bio and sensor support.
      • The mpi(4) driver now has bio and sensor support.
      • New gpiodcf(4) driver for DCF77/HBG timedelta sensors through GPIO pins.
      • New schsio(4) driver for SMSC SCH311x LPC Super I/O devices.
      • The it(4) driver now supports IT8720F chips.
      • The it(4) driver now supports FAN4 and FAN5 sensors for IT8716F/IT8718F/IT8720F/IT8726F chips.
      • The owtemp(4) driver now supports Maxim/Dallas DS18B20 and DS1822 temperature sensors.
      • The km(4) driver now supports AMD Family 11h processors (Turion X2 Ultra et al).
      • The lm(4) driver now supports W83627DHG attachment on the I²C bus.
      • The lmenv(4) driver now has better support for the fan sensors on lm81, adm9240 and ds1780 chips.
      • The sdtemp(4) driver now supports ST STTS424 chips.
    • The em(4) driver now supports ICH9 IGP M and IGP M AMT chips, and link status detection has improved.
    • The sdmmc(4) driver now supports SDHC cards.
    • The msk(4) driver now supports Yukon-2 FE+ (88E8040, 88E8042) based devices.
    • The iwn(4) driver now supports Intel WiFi Link 5100/5300 devices.
    • The wpi(4) and iwn(4) drivers now support hardware CCMP cryptography.
    • The ath(4) driver now has WPA-PSK support.
    • age(4), a driver for Attansic L1 gigabit Ethernet devices was added.
    • ale(4), a driver for Atheros AR81xx (aka Attansic L1E) Ethernet devices was added.
    • mos(4), a driver for Moschip MCS7730/7830 10/100 USB Ethernet devices was added.
    • jme(4), a driver for JMicron JMC250/JMC260 10/100 and Gigabit Ethernet devices was added.
    • run(4), a driver for Ralink USB IEEE 802.11a/b/g/Draft-N devices was added.
    • auacer(4), a driver for Acer Labs M5455 audio devices was added.
    • ifb(4), a driver for Sun Expert3D, Expert3D-Lite, XVR-500, XVR-600 and XVR-1200 framebuffers (accelerated).
    • wildcatfb(4), an X driver for Sun Expert3D, Expert3D-Lite, XVR-500, XVR-600 and XVR-1200 framebuffers (unaccelerated).
    • sunffb(4), an accelerated X driver for Sun Creator, Creator 3D and Elite 3D framebuffers.
    • vdsk(4), a driver for virtual disks of sun4v logical domains.
    • vnet(4), a driver for virtual network adapters of sun4v logical domains.
    • vrng(4), a driver for the random number generator on Sun UltraSPARC T2/T2+ CPUs.
    • The vcons(4) driver is now interrupt driven.
    • ips(4), a driver for IBM SATA/SCSI ServeRAID controllers was added.
    • udfu(4), a driver for device firmware upgrade (DFU) was added.
    • Many improvements were made to the acpi(4) subsystem.
    • The umsm(4) driver supports several new EVDO/UMTS devices.
    • The mfi(4) driver now supports the next generation of MegaRAID SAS controllers.
    • New vsbic(4) driver for the MVME327A SCSI and floppy controller on mvme68k and mvme88k machines.
    • The re(4) driver now supports 8168D/8111D-based devices, and multicast reception on 8110SB/SC-based devices.
    • The ehci(4) driver now supports isochronous transfers.
    • S/PDIF output support has been added to the ac97(4), auich(4), auvia(4) and azalia(4) drivers.
    • azalia(4) mixer has been clarified and simplified, support for 20-bit and 24-bit encodings has been added.
    • The gbe(4) frame buffer driver now supports acceleration.

  • New tools:

  • New functionality:
    • The libc resolver(3) may now be forced to perform lookups by TCP only using a new resolv.conf(5) option. The nameserver declaration in resolv.conf(5) has also been extended to allow specification of non-default nameserver ports.
    • apropos(1) has two new options (-S and -s) to allow searching by machine architecture and manual section.
    • aucat(1) now has audio server capability. Audio devices can be shared between multiple applications. Applications can run natively on fixed sample rate devices or on devices with unusual encodings. Multi-channel audio devices can be split into smaller independent subdevices.
    • aucat(1) now has a deviceless mode, in which it can be used as a general purpose audio file format conversion utility (to mix, demultiplex, resample or reencode files).
    • ifconfig(8) can now list channels supported by an IEEE 802.11 device.
    • New views were added to systat(8): malloc, bucket and pool. Improvements were made to existing views.
    • vnconfig(8) can now create devices with arbitrary geometry with the new -t option.
    • FFS filesystems are now supported on most devices, e.g. CD's, that have sector sizes other than 512 bytes.
    • Disklabels are now correctly placed and found on most devices, e.g. CD's, that have sector sizes other than 512 bytes.

  • Assorted improvements and code cleanup:
    • malloc(3) has gained new attack mitigation measures; critical bookkeeping structures are protected at runtime using mprotect(2) and allocated at random addresses where possible.
    • A new version of the gdtoa code has been integrated, bringing better C99 support to printf(3) and friends.
    • Vastly improved C99 support in libm, including complex math support.
    • The sppp(4) layer and thus kernel pppoe(4) now support usernames and passwords of up to 255 characters.
    • Recognize and spoof disklabel entries for more FAT and FAT32 variants.
    • Automatically recognize tapes with 64K records.
    • Improve option handling in dhcpd(8).
    • When booting from a cd the root file system is now assumed to be on the cd, rather than always asking for the location.
    • Disklabels constructed from native disklabels are now subject to the same consistancy checks as all other disklabels.
    • No longer display geometry information for sd(4) disk drives, since it was mostly fictitious these days.
    • Fix handling of tftp ERROR frames so OpenBSD pxeboot can be loaded from picky tftp servers.
    • Many scsi(4) drivers now retry operations that can't be immediately started rather than giving up.
    • MBR and DPME disklabels are no longer written out with invalid checksum information in some circumstances.

  • Install/Upgrade process changes:
    • crunchgen(1) and crunchide(1) have been merged into crunchgen(8), which is now built and installed by default.
    • mksuncd(1) now lives in base and is installed by default.
    • CD-ROM installs are now supported on SGI.
    • Accept initial root passwords containing backslash characters.
    • Install now allows multiple interfaces to be configured with dhcp(8).
    • Upgrades now use the minimal protocols(5) and services(5) files provided on the install media.
    • The install media no longer contain a disktab(5) file.
    • Serial console speed is correctly determined on macppc.

  • OpenSSH 5.2:
    • New features:
      • Added an option to ssh(1) to force logging to syslog rather than stderr.
      • The sshd_config(5) ForceCommand directive now accepts commandline arguments for the internal-sftp server.
      • The ssh(1) ~C escape commandline now support runtime creation of dynamic port forwards.
      • Support the SOCKS4A protocol in ssh(1) dynamic forwards.
      • Support remote port forwarding with a listen port of '0'.
      • sshd(8) now supports setting PermitEmptyPasswords and AllowAgentForwarding in Match blocks.
    • The following significant bugs have been fixed in this release:
      • Repair a ssh(1) crash introduced in openssh-5.1 when the client is sent a zero-length banner.
      • The eow@openssh.com and no-more-sessions@openssh.com protocol extensions are now only sent to peers that identify themselves as OpenSSH.
      • Avoid printing "Non-public channel" warnings in sshd(8), since ssh(1) has sent incorrect channel numbers since ~2004; make ssh(1) send the correct channel number for SSH2_MSG_CHANNEL_SUCCESS and SSH2_MSG_CHANNEL_FAILURE.
      • Avoid double-free in ssh(1) ~C escape -L handler.
      • Correct fail-on-error behaviour in sftp(1) batchmode for remote stat operations.
      • Avoid hang in ssh(1) when attempting to connect to a server that has MaxSessions set to zero.

  • Over 5500 ports, minor robustness improvements in package tools.
  • Many pre-built packages for each architecture:
    • i386: 5379
    • sparc64: 5174
    • alpha: 5132
    • sh: 1543
    • amd64: 5312
    • powerpc: 5162
    • sparc: 2651
    • arm: 4120
    • hppa: 4689
    • vax: 1718
    • mips64: 3278
    Some highlights:
    • Gnome 2.24.3.
    • GNUstep 1.18.0.
    • KDE 3.5.10.
    • Mozilla Firefox 3.0.6.
    • Mozilla Thunderbird 2.0.0.19.
    • MySQL 5.0.77.
    • OpenOffice.org 2.4.2 and 3.0.1.
    • PostgreSQL 8.3.6.
    • Xfce 4.4.3.
    • OpenArena 0.8.1 (only for amd64, i386 and macppc)

  • As usual, steady improvements in manual pages and other documentation.

  • The system includes the following major components from outside suppliers:
    • Xenocara (based on X.Org 7.4 + patches, freetype 2.3.7, fontconfig 2.4.2, Mesa 7.2, xterm 239 and more)
    • Gcc 2.95.3 (+ patches) and 3.3.5 (+ patches)
    • Perl 5.10.0 (+ patches)
    • Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support
    • OpenSSL 0.9.8j (+ patches)
    • Groff 1.15
    • Sendmail 8.14.3, with libmilter
    • Bind 9.4.2-P2 (+ patches)
    • Lynx 2.8.5rel.4 with HTTPS and IPv6 support (+ patches)
    • Sudo 1.7
    • Ncurses 5.2
    • Latest KAME IPv6
    • Heimdal 0.7.2 (+ patches)
    • Arla 0.35.7
    • Binutils 2.15 (+ patches)
    • Gdb 6.3 (+ patches)

If you'd like to see a list of what has changed between OpenBSD 4.4 and 4.5, look at plus45.html.

Thank you to all of the developers who make OpenBSD possible. Please be sure to make a donation to continue to make OpenBSD releases possible.

(Comments are closed)


Comments
  1. By Anonymous Coward (93.138.111.72) on

    Great work! Greetings from Croatia (Europe)!

  2. By Luis Coronado (190.10.76.226) lcoronado@ticoit.com on http://www.ticoit.com

    Awesome, great job! Cant wait to upgrade my servers to 4.5.

    -luis

    Comments
    1. By Anonymous Coward (85.19.213.88) on

      > Awesome, great job! Cant wait to upgrade my servers to 4.5.

      Already there ;-) Now I'm just waiting for my CD-set to add
      to the collection.

  3. By Anonymous Coward (78.34.189.177) on

    Wowwaweewa! I can only say - high five! ;)

    Bought the shirt and a CD set - and will do it again!

  4. By Anonymous Coward (169.244.70.146) on

    I can't wait to pick my CD set at BSDCan.

  5. By bgpepi (bgpepi) bgpepi@gmail.com on

    Great work! Greetings from Bulgaria (Sofia)!

  6. By Barry (63.237.125.100) on

    xcompmgr!?! Holy Cow! Eye candy for OpenBSD?

    Comments
    1. By Jordi Beltran Creix (jbcreix) on

      > xcompmgr!?! Holy Cow! Eye candy for OpenBSD?

      It makes dwm look so good!:.

      Congratulations OpenBSD! I have been enjoying the CD set and especially the stickers.

      The OS I enjoy every day.

    2. By David Chisnall (82.7.192.45) on

      > xcompmgr!?! Holy Cow! Eye candy for OpenBSD?

      Having a compositing manager is not just about eye candy. If you are using remote X11 then running xcompmgr usually makes things faster at the cost of some RAM. It caches the contents of all of the visible windows (that are direct children of the root window) and doesn't need to send EXPOSE events when you drag windows or wait for draw messages from the client before it can show the contents of the exposed window. Even with twm, remote X11 is more responsive with xcompmgr, as long as you have enough RAM on the X server.

      Comments
      1. By Anonymous Coward (71.130.195.37) on

        > > xcompmgr!?! Holy Cow! Eye candy for OpenBSD?
        <snip>
        > It caches the contents of all of the visible windows (that are direct children of the root window) and doesn't need to send EXPOSE events when you drag windows or wait for draw messages from the client before it can show the contents of the exposed window.

        Huh, I learn something new everyday. Thanks. Are there any other benefits from running xcompmgr?

  7. By George Koehler (kernigh) xkernigh@netscape.net on http://kernigh.pbwiki.com/OpenBSD

    > aucat(1) now has audio server capability. Audio devices can be shared
    > between multiple applications. Applications can run natively on fixed
    > sample rate devices or on devices with unusual encodings. Multi-channel
    > audio devices can be split into smaller independent subdevices.

    This is my favorite new feature. The best part might be that the aucat(1) manual page explains how to start or stop the audio server.

    > OpenArena 0.8.1 (only for amd64, i386 and macppc)

    OpenArena is probably more fun with amd64 or i386 than with macppc. Some macppc machines have radeon(4) cards, but OpenBSD/macppc does not have drm(4), so I would not expect the OpenGL client to run at reasonable speed. (I have not tried OpenArena with any machine.) Perhaps someone wants to use OpenBSD/macppc as an OpenArena server.

    Comments
    1. By Owain G. Ainsworth (oga) on

      > > OpenArena 0.8.1 (only for amd64, i386 and macppc)
      >
      > OpenArena is probably more fun with amd64 or i386 than with macppc. Some >macppc machines have radeon(4) cards, but OpenBSD/macppc does not have >drm(4),

      It will. Eventually. Trust me on this.

      Comments
      1. By Anonymous Coward (85.166.53.80) on

        > > > OpenArena 0.8.1 (only for amd64, i386 and macppc)
        > >
        > > OpenArena is probably more fun with amd64 or i386 than with macppc. Some >macppc machines have radeon(4) cards, but OpenBSD/macppc does not have >drm(4),
        >
        > It will. Eventually. Trust me on this.
        >

        Trust no man whose national symbol is the onion. Trust me on this ;)

  8. By Anonymous Coward (91.153.114.18) on

    When is the commentary going to come to the lyrics page?

  9. By Dean (75.166.191.49) on

    I received my order a while back and just read about the "glow-in-the-dark artwork..." but I'm not seeing anything glowing. Do I need to find a blacklight or what?

    I'm impressed with this release!

  10. By Anonymous Coward (81.165.178.114) on

    http://users.telenet.be/assarix/pub/wallpaper/45.png

  11. By Gregory Edigarov (194.6.232.83) on

    All great, but what happened to X? I see a serious performance degradation with my home amd64 system. it tooks a very long time for the X server to start, and firefox seems to be starting forever.
    I will follow up in misc@ on this issue with more accurate data.

    Comments
    1. By Noryungi (noryungi) on

      > All great, but what happened to X? I see a serious performance degradation with my home amd64 system. it tooks a very long time for the X server to start, and firefox seems to be starting forever.
      > I will follow up in misc@ on this issue with more accurate data.

      Actually, after the upgrade to 4.5, my X11 fails with the following message:

      (EE) module ABI major version (2) doesn't match the server's version (4)

      Has anybody seen this before?

      The only thing I have found so far is a post on a FreeBSD mailing list, saying the drivers should be recompiled, which does not seem very promising...

      This is the first time an upgrade of OpenBSD has failed, and failing on X11 is quite surprising...

      Comments
      1. By Owain G. Ainsworth (oga) oga@openbsd.org on

        > > All great, but what happened to X? I see a serious performance degradation with my home amd64 system. it tooks a very long time for the X server to start, and firefox seems to be starting forever.
        > > I will follow up in misc@ on this issue with more accurate data.
        >
        > Actually, after the upgrade to 4.5, my X11 fails with the following message:
        >
        > (EE) module ABI major version (2) doesn't match the server's version (4)
        >
        > Has anybody seen this before?
        >
        > The only thing I have found so far is a post on a FreeBSD mailing list, saying the drivers should be recompiled, which does not seem very promising...
        >
        > This is the first time an upgrade of OpenBSD has failed, and failing on X11 is quite surprising...

        Remove the old X libraries before putting the new ones in. The xserver major bump is the cause of this, as well as some extensions being deprecated and removed.

        Comments
        1. By Anonymous Coward (2a01:348:108:155:216:41ff:fe53:6a45) on

          > > This is the first time an upgrade of OpenBSD has failed, and failing on X11 is quite surprising...
          >
          > Remove the old X libraries before putting the new ones in. The xserver major bump is the cause of this, as well as some extensions being deprecated and removed.

          If you missed this in the upgrade guide you likely missed other parts too, and should probably re-read it before you have problems with Perl ports.

  12. By Joshua Bromfield (203.222.133.162) on

    This is the first set of cds I have purchased & wont be the last. Thanks for a great release :)

    JB.

  13. By Brian (216.110.21.250) on

    The firefox version bundled with 4.5 (3.0.6) has security holes in it. Updated packages don't exist on the ftp mirrors, nor in CVS under the OPENBSD_4_5 tag.

    Will this package likely be updated for 4.5? Is there an alternate "supported" method of updating it?

    Thanks

    Comments
    1. By Anonymous Coward (72.65.239.254) on

      > The firefox version bundled with 4.5 (3.0.6) has security holes in it.

      Firefox is a very buggy piece of software. Mozilla released Firefox 3.0.6 only 3 months ago, and since then four new versions of Firefox have been released: 3.0.7, 3.0.8, 3.0.9, and 3.0.10. The OpenBSD developers cannot be expected to waste their time recompiling Firefox several times a month, just because Mozilla couldn't get it right the first time.

      Install Firefox at your own risk. Use the Lynx browser, which is included in the OpenBSD default install, if you're really concerned with security.

    2. By Anonymous Coward (80.176.71.13) on

      > The firefox version bundled with 4.5 (3.0.6) has security holes in it.

      So does 3.0.10, they just haven't been found and/or publically announced yet.

      Comments
      1. By Brian (216.110.21.203) on

        > > The firefox version bundled with 4.5 (3.0.6) has security holes in it.
        >
        > So does 3.0.10, they just haven't been found and/or publically announced yet.

        Theres a good chance it has publicly known holes in it too. :)

        It sucks that were dependent on bleeding edge, Frankensteined software like Firefox.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]