The OpenSMTPD project has released its first post-OpenBSD 7.5 version, OpenSMTPD 7.5.0p0, with a number of notable improvements.

The announcement reads,

Subject:    OpenSMTPD 7.5.0p0 Released
From:       Omar Polo <op () openbsd ! org>
Date:       2024-04-10 8:38:12

OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range of use-cases.

It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD, Linux and OSX.

The archives are now available from the main site at www.OpenSMTPD.org

It's been 20 years since the first undeadly.org post appeared.

At that point in our history, we had been enjoying frequent updates to the OpenBSD Journal at the deadly.org site for more than four years, and most of us thought it was an April's Fool prank when the the editors announced that they were ceasing publication, effective immediately on April 1st, 2004.

Fortunately, Daniel Hartmeier quickly realized the announcement was not a joke, and went to work on a functionally equivalent CGI binary written in C and negotiated to take over the archive of existing articles. The rescued (resurrected?) site went live at undeadly.org on April 9th, 2004.

At the time, the eagerly anticipated upcoming release was OpenBSD 3.5 (which we covered on April 30th of that year). As the release song strongly hints, the introduction of the CARP redundancy protocol was a major item in that release. The release also introduced the OpenBSD/amd64 platform, and included a number of improvements in hardware support and security, with privilege separation introduced in several daemons and important utilities. All the details can be had at the OpenBSD 3.5 release page.

It's been 20 years, what have we got to show for it?

We hope you have been enjoying the site's updates, and we hope that undeadly.org has been a positive factor in promoting all things OpenBSD. The site and its editors have every intention of going on running the site.

If you want to help out, please submit items about OpenBSD that you find noteworthy.

We value your submissions even more than your comments.

All the best from the undeadly.org editors.

Every six months, spring and fall, a new OpenBSD release emerges on the web and familiar download mirrors.

The OpenBSD project has released OpenBSD 7.5, the project's 56^th release, with numerous improvements and support for 14 hardware platforms.

Notable enhancements and new features include

• clang(1)/llvm updated to version 16 [see earlier report]
• malloc(3) leak detection now supports backtraces [see earlier report]
• syscall(2) has been removed [see earlier report]
• TSO for em(4) [see earlier report]
• KMS for Apple silicon machines
• pinsyscalls(2) and related work [see earlier report]
• Soft updates (softdep) support removed [see earlier report]
• New wi-fi driver qwx(4) [see earlier report]
• New code for SIGILL faults to help identify misbranches [see earlier report]
• New wi-fi driver mwx(4) [see earlier report]
• IPv6 support in ppp(4) [see earlier report]
• Improved auto-index in httpd(8) [see commit]
• Updated versions of LibreSSL (version 3.9.0). OpenSSH (version 9.7), OpenSMTPD (version 7.5), rpki-client and more

All this along with added support for various new hardware, numerous performance improvements and of course security enhancements.

See the OpenBSD 7.5 release page for a more detailed list, or the daily changelog for even more day to day detail.

As usual, the Installation Guide details how to get the system up and running with a fresh install, while those who already run earlier releases should follow the Upgrade Guide, in most cases using sysupgrade(8) to upgrade their systems.

In addition to the base system, the new release comes with a number of prebuilt packages. The number of binary packages available for the more popular architectures are:

amd64: 12309
aarch64: 12145
i386: 10830
sparc64: 9432

Thanks to the developers for all the great work!

And to all OpenBSD users: Happy hacking!

In a not-quite-unexpected announcement, the LibreSSL development team released the new versions. The announcement reads,

Subject:    LibreSSL 3.8.4 and 3.9.1 released
From:       Brent Cook <busterb () gmail ! com>
Date:       2024-03-28 4:47:28

We have released LibreSSL 3.8.4 and 3.9.1 which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon. LibreSSL 3.9.1 is
the first stable release for the 3.9.x branch, and will also be
available with OpenBSD 7.5.

OpenSSH 9.7/9.7p1 has been released.

The complete release notes may be found here: https://www.openssh.com/releasenotes.html#9.7p1

Version 0.97 of Game of Trees has been released (and the port updated).

* got 0.97; 2024-03-11
  see git repository history for per-change authorship information
- improve error messages shown upon execv failure 
- fix 'gotadmin pack' crash upon Ctrl-C due to invalid imsg_free()
- significantly speed up deltification of large files
- improve error handling in got_privsep_recv_imsg()

Just in time for the release of OpenBSD 7.5!

The LibreSSL project has announced the release of version 3.8.3, and (development) version 3.9.0 of the software.

The announcement for version 3.8.3 reads:

WWe have released LibreSSL 3.8.3, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon. This is the
second stable release for the 3.8.x branch.

It includes the following changes from LibreSSL 3.8.2

  * Portable changes
	  - Removed assert pop-ups with Windows debug builds.
	  - Fixed crashes and hangs in Windows ARM64 builds.
	  - Improved control-flow enforcement (CET) support.

The LibreSSL project continues improvement of the codebase to reflect modern,
safe programming practices. We welcome feedback and improvements from the
broader community. Thanks to all of the contributors who helped make this
release possible.

The OpenBSD Border Gateway Protocol (BGP) routing daemon OpenBGPD has a new version out, version 8.4.

The release announcement reads,

Subject:    OpenBGPD 8.4 released
From:       Claudio Jeker <claudio () openbsd ! org>
Date:       2024-03-07 13:12:51

We have released OpenBGPD 8.4, which will be arriving in the
OpenBGPD directory of your local OpenBSD mirror soon.

In what can only be called a great stride forward in routing security, Sebastian Benoit (benno@) announced the availability of rpki-client version 9.0.

The announcement reads,

Subject:    rpki-client 9.0 released
From:       Sebastian Benoit <benno () openbsd ! org>
Date:       2024-03-03 17:24:06

rpki-client 9.0 has just been released and will be available in the
rpki-client directory of any OpenBSD mirror soon. It is recommended
that all users update to this version for improved reliability.

rpki-client is a FREE, easy-to-use implementation of the Resource
Public Key Infrastructure (RPKI) for Relying Parties (RP) to
facilitate validation of BGP announcements. The program queries the
global RPKI repository system and validates untrusted network inputs.
The program outputs validated ROA payloads, BGPsec Router keys, and
ASPA payloads in configuration formats suitable for OpenBGPD and BIRD,
and supports emitting CSV and JSON for consumption by other routing
stacks.