Vyšlo OpenBSD 4.6

Verze pro tiskPDF verze

Vyšla nová verze jednoho z nejbezpečnějších operačních systémů a to OpenBSD.
Novinky a odkazy naleznete v článku.

AsiaBSDCon 2009:The OpenBSD Release Process: A Success Story

YouTube video: http://www.youtube.com/watch?v=i7pkyDUX5uM

Highlights of OpenBSD 4.6 are listed below.

# New/extended platforms:

    * mvme68k
          o Added support for the MVME141 and MVME165 boards.
    * sparc
          o The bootblock load address was moved so that larger kernels can be loaded.
    * sparc64
          o Added acceleration support for many of the PCI frame buffer drivers, such as Sun PGX, PGX64 and XVR-100, and Tech Source Raptor GFX graphics cards.
    * sgi
          o Added support for the SGI Octane, SGI Origin 200 and SGI Fuel families of systems.
          o Several bugs in interrupt handling have been fixed, resulting in much snappier system response.

# Improved hardware support, including:

    * Several new/improved drivers for sensors, including:
          o The ips(4) driver now has sensor support, complementing the bio support.
          o The acpithinkpad(4) driver now has temperature and fan sensor support.
          o New endrun(4) driver for the EndRun Technologies timedelta sensor.
          o The fins(4) driver now has support for F71806, F71862 and F71882.
          o The acpitz(4) driver now shows correct decimals for temperature.
    * Added radeonfb(4) to sparc64, an accelerated framebuffer for Sun XVR-100 boards.
    * Added support in re(4) for RTL8103E and RTL8168DP devices.
    * Added support for BCM5709/BCM5716 devices in the bnx(4) driver.
    * Added support for ICH10 variants of em(4).
    * Added support for VIA VX855 chipset in the viapm(4) and pciide(4) drivers.
    * Added support for Intel SCH IDE to pciide(4).
    * Added support for the Broadcom HT-1100 chipset in the piixpm(4) driver.
    * Added support for 82574L based devices in the em(4) driver.
    * A number of network drivers including ix(4), sis(4), msk(4), bnx(4), and vr(4) now use MCLGETI(9) to reduce memory usage and increase performance under load and attack.
    * Added support for VIA CX800 south bridge to the viapm(4) driver.
    * Added support in em(4) for the newer 82575 (and maybe 82576) chips.
    * zyd(4) now supports devices with Airoha AL2230S radios.
    * zyd(4) now works on big-endian machines
    * urtw(4) now supports RTL8187B based devices.
    * New otus(4) driver for Atheros AR9001U USB 802.11a/b/g/Draft-N wireless devices.
    * New berkwdt(4) driver for Berkshire Products PCI watchdog timers.
    * New udl(4) driver for USB video devices.
    * Support for a variety of newer models in bge(4).
    * Initial version of vsw(4), a driver for the virtual network switch on sun4v sparc64s.
    * Implemented machfb(4), an accelerated driver for the sparc64 PGX/PGX64 framebuffers.
    * Added a vcc(4) and vcctty(4) driver for the "Virtual Console Concentrator" found on the control domain of sun4v systems.
    * Implemented 64-bit FIFO modes for ciss(4) devices.
    * Enable hardware VLAN tagging/stripping on ix(4).
    * Added basic support for Envy24HT chips in the envy(4) driver.
    * Many improvements and updates to the isp(4) driver.
    * Added support for 88E8057-based Yukon 2 Ultra 2-devices in msk(4).
    * The ips(4) driver now works reliably.
    * Added raptor(4), an accelerated framebuffer driver for the Tech Source Raptor GFX cards on the sparc64 platform.
    * Enabled schsio(4) on i386 and amd64 and added watchdog timer support.
    * New acpivideo(4) driver for ACPI display switching and brightness control.

# New tools:

    * Added smtpd(8), a new privilege-separated SMTP daemon.
    * Imported the tmux(1) terminal multiplexer, replacing window(1).

# pf(4) improvements:

    * Enabled pf(4) by default in the rc.conf(8).
    * Removed pf(4) scrub rules, and only do one kind of packet reassembly. Rulesets with scrub rules need to be modified because of this.
    * Regular rules can now have per-rule scrub options.
    * Added new "match" keyword which only applies rule options but does not change the current pass/block state.
    * Make all pf(4) operations transactional to improve atomicity of reloads.
    * Stricter pf(4) checking for ICMP and ICMPv6 packets.
    * Various improvements to pfsync(4) to lower sync traffic bandwidth and optionally allow active-active firewall setups.
    * Fix pf(4) scrub max-mss for IPv6 traffic.

# OpenBGPD, OpenOSPFD and other routing daemon improvements:

    * In bgpd(8), rework most of the RDE to allow multiple RIBs. It is possible to filter per-RIB and attach neighbors to a specific RIB.
    * Added an option to bgpd(8) to change the "connect-retry" timer.
    * Allow bgpd.conf(5) and bgpctl(8) to contain 32-bit ASN numbers written in ASPLAIN format.
    * Fix bgpd(8) to correctly encode MP unreachable NLRI so IPv6 prefixes get removed correctly.
    * Changed the behaviour of "redistribute default" for ospfd(8) and ripd(8). A default route has to be present in the FIB to be correctly advertised.
    * Make ospfd(8) and ripd(8) track reject and blackhole routes and allow them to be redistributed even if pointing to
    * Allow to specify an alternate control socket for ospfd(8).
    * ospfd(8) can now be bound into an alternate routing domain.
    * Fix ospfd(8) route metric for "redistribute default".
    * Initial version of ldpctl(8) and ldpd(8), a label distribution protocol daemon for mpls.
    * Make dvmrp(8) RDE aware of multicast group members per interface.
    * Support for pruning in dvmrp(8).

# Generic Network-Stack improvements:

    * Support for virtual routing and firewalling with the addition of routing domains.
    * Add code in ifconfig(8) to bind an interface to a routing domain.
    * Add support to ping(8), traceroute(8), arp(8), nc(1) and telnet(1) to specify which routing domain to use.
    * Allow ifconfig(8) to turn off IPv6 completely for an interface and make rtsold(8) turn on inet6 on the interface.
    * Routes track the interface link state.
    * route(8) flush accepts "-iface" or "-priority" to only flush routes matching these conditions.
    * Multiple dhclients can now coexist without causing mayhem.
    * Make wireless interfaces have an interface priority of 4 by default. Makes them less preferred then wired interfaces.
    * Do not accept IPv4 ICMP redirects by default.
    * Added the MAC address to the log entries in dhclient(8).
    * Make systat(1) show interface description names in the interface view, and add new NFS server and client views.
    * Make tun(4) emulate link state depending on the open and close of the device fd.
    * Use pf state-table information to speed up decision on whether a packet is to be delivered locally or forwarded.
    * More routing socket checks added to make userland applications more resilient to kernel changes.

# Install/Upgrade process changes:

    * New disklabel(8) automatic partition allocator with a variety of smart heuristics.
    * The installer has been nearly rewritten mostly with a focus on simplifying installation.

# OpenSSH 5.3:

    * Do not limit home directory paths to 256 characters. (bz #1615)
    * Several minor documentation and correctness fixes.

# Over 5,800 ports, minor robustness improvements in package tools.
# Many pre-built packages for each architecture:

    * i386: 5606
    * sparc64: 5413
    * alpha: 5346


    * sh: 1261
    * amd64: 5544
    * powerpc: 5427


    * sparc: 3711
    * arm: 5291
    * hppa: 4790


    * vax: 1785
    * mips64: 3443

Some highlights:

    * Gnome 2.24.3.
    * KDE 3.5.10.
    * Xfce 4.6.1.
    * MySQL 5.0.83.
    * PostgreSQL 8.3.7.
    * Postfix 2.6.2.
    * OpenLDAP 2.3.43.
    * Mozilla Firefox 3.0.11 and 3.5.
    * Mozilla Thunderbird
    * OpenOffice.org 3.1.0.
    * Emacs 21.4 and 22.3
    * Vim 7.2.190.
    * PHP 5.2.10.
    * Python 2.4.6, 2.5.4 and 2.6.2.
    * Ruby

# As usual, steady improvements in manual pages and other documentation.

# The system includes the following major components from outside suppliers:

    * Xenocara (based on X.Org 7.4 + patches, freetype 2.3.9, fontconfig 2.6.0, Mesa 7.4.2, xterm 243 and more)
    * Gcc 2.95.3 (+ patches) and 3.3.5 (+ patches)
    * Perl 5.10.0 (+ patches)
    * Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support
    * OpenSSL 0.9.8k (+ patches)
    * Groff 1.15
    * Sendmail 8.14.3, with libmilter
    * Bind 9.4.2-P2 (+ patches)
    * Lynx 2.8.6rel.5 with HTTPS and IPv6 support (+ patches)
    * Sudo 1.7.2
    * Ncurses 5.2
    * Latest KAME IPv6
    * Heimdal 0.7.2 (+ patches)
    * Arla 0.35.7
    * Binutils 2.15 (+ patches)
    * Gdb 6.3 (+ patches)

Web projektu: http://openbsd.org/

Volby prohlížení komentářů

Vyberte si, jak chcete zobrazovat komentáře a klikněte na „Uložit změny“.
Obrázek uživatele Merlyn

Asi nejvic sem zaznamenal

Asi nejvic sem zaznamenal zmenu instalatoru, ktera je jednoznacne k lepsimu (jednodussi a prehlednejsi), a podporu tlacitek (lenovo thinkpad sl400) na regulaci podsviceni. A jinak jako vzdycky spousta vylepseni pri zachovani bezpecnosti a jednoduchosti :-)