Introduced a release of the free cross-platform UNIX-like operating system OpenBSD 7.0 . It is noted that these are 51 issues of the project, which will turn 26 on October 18. The OpenBSD project was founded by Theo de Raadt in 1995 after a conflict with the NetBSD developers, as a result of which Theo was denied access to the NetBSD CVS repository. After that, Theo de Raadt and a group of like-minded people created a new open operating system based on the NetBSD source tree, the main development goals of which were portability ( 13 hardware platforms are supported ), standardization, correct operation, proactive security and integrated cryptographic tools. Full install ISO size base system OpenBSD 7.0 is 554 MB.
In addition to the operating system itself, the OpenBSD project is known for its components, which have become widespread in other systems and have established themselves as one of the most secure and high-quality solutions. Among them: libressl ( a fork of the OpenSSL), the OpenSSH , a packet filter PF , routing daemons OpenBGPD and OpenOSPFD , the NTP-server OpenNTPD , mail server OpenSMTPD , text terminal multiplexer (analogue of the GNU screen) tmux , daemon identd to the implementation of the protocol IDENT, BSDL-alternative GNU groff package – mandoc, protocol for organizing fault-tolerant systems CARP (Common Address Redundancy Protocol), lightweight http-server , OpenRSYNC file synchronization utility .
Lutris 0.5.9 Released for Easier Access to Linux Games
Major improvements :
- Added port for 64-bit systems based on RISC-V architecture. Currently supported work on HiFive Unmatched boards and partially on PolarFire SoC Icicle Kit.
- The port for ARM64 platforms has improved, but is still incomplete, support for Apple devices with the M1 processor. As it stands, it supports installing OpenBSD on a GPT disk, and there are drivers for USB 3, NVME, GPIO, and SPMI. In addition to M1, the ARM64 port also expands support for Raspberry Pi 3 Model B + and Rockchip RK3399 SoC-based boards.
- For the AMD64 architecture, the GCC compiler is disabled by default (only Clang is left). GCC was previously disabled for armv7 and i386 architectures.
- Discontinued support for the SGI platform.
- For amd64, arm64, i386, sparc64 and powerpc64 platforms, kernel build is enabled by default with support for the dt dynamic tracing system . Added the kprobes provider to collect information about events at the kernel level.
- In btrace supports operators “<” and “>” in the filters and for the withdrawal of the time spent in user space in the analysis of kernel stack.
- Added a configuration file /etc/bsd.re-config that can be used to configure the kernel at boot time and enable / disable certain devices.
- Provides detection of TPM 2.0 devices and correct execution of commands to enter sleep mode (resolves wake-up issue for ThinkPad X1 Carbon Gen 9 and ThinkPad X1 Nano notebooks).
- The kqueue implementation has been moved to use mutexes.
- The ability to adjust the buffer size for PF_UNIX sockets via sysctl has been implemented. The default buffer size is increased to 8 KB.
- Improved support for multiprocessor systems (SMP). The pmap_extract () call has been upgraded to mp-safe on hppa and amd64 systems. The code for counting references to anonymous objects, part of the exception handler and the lseek, connect and setrtable functions were derived from the general kernel lock. Implemented separate for each CPU core message buffers for crashes (panic).
- The drm (Direct Rendering Manager) framework implementation is synchronized with the Linux 5.10.65 kernel. The inteldrm driver has improved support for Intel chips based on the Tiger Lake microarchitecture. The amdgpu driver supports the Navi 12, Navi 21 “Sienna Cichlid”, Arcturus and Cezanne “Green Sardine” Ryzen 5000 APUs.
- Added support for new hardware, including Aquantia AQC111U / AQC112U USB Ethernet, Aquantia 1 / 2.5 / 5 / 10Gb / s PCIe Ethernet, Cadence GEM, Broadcom BCM5725, RTL8168FP / RTL8111FP / RTL8117 Improved support for Intel platforms based on Tiger Lake microarchitecture. Added ucc driver for keyboards with USB HID Consumer Control interface, which use buttons to invoke applications, control audio playback, and change volume.
- Improvements have been made to the VMM hypervisor. Added 512 VCPU limit per virtual machine. Fixed issues with VCPU blocking. The backend for managing vmd virtual machines now has support for protecting against guest systems with malicious virtio drivers.
- The timeout utility has been ported from NetBSD to limit the execution time of commands.
- The “include” and “exclude” options are implemented in the openrsync file sync utility.
- The ps utility provides information about companion groups.
- Added “dired-jump” command to text editor mg .
- The fdisk and newfs utilities have improved support for 4K sector disks. Fdisk reworked MBR / GPT initialization code and added recognition of “BIOS Boot”, “APFS”, “APFS ISC”, “APFS Recovry” (sic), “HiFive FSBL” and “HiFive BBL” GPT partitions. Added “-A” option to initialize GPT without removing boot partitions.
- To speed up its work, the traceroute utility implements asynchronous processing of test packets and DNS queries.
- There are three password attempts provided in the doas utility.
- Xterm provides file system isolation with the unveil () system call. Ftpd processes are protected by calling pledge.
- The output to the log of information about the incorrect use of the formatting parameter “% n” in the printf function has been implemented.
- The IPsec implementation in iked adds support for client-side DNS configuration.
- SNMPv1 and SNMPv2c are disabled by default in snmpd in favor of SNMPv3.
- The dhcpleased and resolvd processes are enabled by default, providing the ability to configure IPv4 addresses via DHCP. The dhclient utility is left on the system as an option. Added “nameserver” command to route utility to pass DNS server information to resolvd.
- LibreSSL adds support for the OpenSSL 1.1.1 TLSv3 API and activates a new X.509 validator that supports correct cross-signed certificate validation.
- OpenSMTPD adds support for the “cafile = (path)”, “nosni”, “noverify” and “servername = (name)” TLS options. Smtp allows you to select options for ciphers and TLS protocols.
- Updated package OpenSSH. A detailed overview of the improvements can be found here: OpenSSH 8.7 , OpenSSH 8.8 . Disabled support for rsa-sha digital signatures.
- The number of ports for AMD64 architecture was 11325, for aarch64 – 11034, for i386 – 10248. Among the versions of applications in ports: FFmpeg 4.4 GCC 8.4.0 and 11.2.0 GNOME 40.4 Go 1.17 JDK 8u302, 11.0.12 and 16.0.2 KDE Applications 21.08.1 KDE Frameworks 5.85.0 LLVM / Clang 11.1.0 LibreOffice 220.127.116.11 Lua 5.1.5, 5.2.4 and 5.3.6 MariaDB 10.6.4 Node.js 12.22.6 PHP 7.3.30, 7.4.23 and 8.0.10 Postfix 3.5.12 PostgreSQL 13.4 Python 2.7.18, 3.8.12 and 3.9.7 Qt 5.15.2 and 6.0.4 Ruby 2.6.8, 2.7.4 and 3.0.2 Rust 1.55.0 SQLite 3.35.5 Xfce 4.16
- Updated 3rd party components included with OpenBSD 7.0:
- Xenocara graphics stack based on X.Org 7.7 with xserver 1.20.13 + patches, freetype 2.10.4, fontconfig 2.12.4, Mesa 21.1.8, xterm 367, xkeyboard-config 2.20, fonttosfnt 1.2.2.
- LLVM / Clang 11.1.0 (+ patches)
- GCC 4.2.1 (+ patches) and 3.3.6 (+ patches)
- Perl 5.32.1 (+ patches)
- NSD 4.3.7
- Unbound 1.13.3
- Ncurses 5.7
- Binutils 2.17 (+ patches)
- Gdb 6.3 (+ patch)
- Awk 12/18/2020
- Expat 2.4.1