a new release of the free OS OpenBSD 7.5 is presented

Not much time has passed since the previous OpenBSD release, and now a new one has been introduced. It is worth recalling that the operating system is known not only by itself, its developers have created many useful and popular components, including LibreSSL (a fork of OpenSSL), OpenSSH, PF packet filter, OpenBGPD and OpenOSPFD routing daemons, OpenNTPD NTP server, OpenSMTPD mail server and other. Below the cut are details about the new release.

What has improved?

  • Generally a lot of things. So, for example, in the installer encryption support now available root partition. Now, in automatic installation mode, you can enable the option of encrypting disks by specifying a password in clear text or by supplying the keys on a separate medium. At the same time, assemblies for the AMD64 architecture cdXX.iso and installXX.iso are adapted for loading in EFI mode.

  • The developers have removed support for accessing system calls using syscall. Thus, in combination with pinsyscalls, it is now possible to prohibit direct access to system calls without the use of libc bindings.

  • For systems with ARM64 architecture, the use of PAC pointer authentication mechanisms, as well as BTI branch identification, has been added. PAC, BIT Pointer Authentication and Branch Target Identification respectively.

  • There is a new system call, pinsyscalls, which makes it possible to allow system calls to be called only from certain places in the process address space. Accordingly, the kernel and ld.so can now register the exact entry location of each of the system calls that are used by the program and the libc.soo library, in order to subsequently block system calls from being sent from unregistered places.

  • The ppp network interface finally has IPv6 support.

  • A utility like netstat now allows you to display detailed statistics about the effectiveness of route caching.

  • Well, the pf packet filter takes into account changes in the network stack associated with parallelization of operations on multiprocessor systems. For example, when running the tcpdump utility with the pflog network interface, it shows packets that were dropped when the default rule with the block action was triggered.

  • Improved support for multiprocessor systems. In addition, a function has appeared for parallel execution of the bind and connect system calls, as well as operations with UDP tables for IPv4 and IPv6. Added support for simultaneous sending of UDP packets from different streams.

  • Optimized handling of cases such as swap partition overflow.

  • Systems with arm64 architecture now have the ability to cache the contents of pools of memory page tables and PTE descriptors, which significantly speeds up work on multi-core systems.

  • Another important improvement is the optimization of the VMM hypervisor. Thus, the implementation of the vionet device is now modified to take into account multithreading and information transfer between the host and guest system without intermediate buffering.

  • The implementation of the drm (Direct Rendering Manager) framework is synchronized with the Linux kernel 6.6.19 (6.1.55 in the previous release).

  • Of course, drivers for new equipment have been added, as well as existing ones have been optimized. In particular, there are now more drivers associated with the components of various SoCs, support for Ethernet controllers and the transfer of network operations to the side of network cards.

  • The uaudio audio subsystem allows the attachment of multiple drivers for audio devices.

  • A new driver has been added for Qualcomm IEEE 802.11ax wireless chips, which was obtained by porting the ath11k driver from the Linux kernel (included in the kernel starting from branch 5.6). It allows you to use wireless adapters in laptops of various models, including Lenovo ThinkPad X13s and DELL XPS 9500. The driver requires installation of firmware files for the driver to work.

  • The pax utility now has the ability to write to pax archives, and the tar utility can now work with pax archives larger than 8 GB.

  • The ability to install the KDE Plasma 5.27 user environment from the kde-plasma and kde-plasma-extra packages has been provided (after support for KDE4 was discontinued, support for using the KDE Plasma 5 desktop was still not functional in OpenBSD). The versions available for installation are KDE Plasma 5.27.10, KDE Applications 23.08.4 and KDE Frameworks 5.115.0.

  • In addition, the packages mentioned above have been updated, most notably LibreSSL and OpenSSH.

  • Ports for different architectures have been added: for the AMD64 architecture there are now 12,309 (from 11,845), for aarch64 – 12,145 (from 11,508), for i386 – 10,830 (from 10,603). Among the application versions in the ports it is worth noting:
    ○ Asterisk 16.30.1, 18.21.0, 20.6.0
    ○Audacity 3.4.2
    ○ CMake 3.28.3
    ○ Chromium 122.0.6261.111
    ○FFmpeg 4.4.4
    ○ Firefox 123.0.1, ESR 115.8.0
    ○ GCC 8.4.0, 11.2.0
    ○ GHC 9.6.4
    ○ GNOME 45
    ○ Go 1.22.1
    ○ JDK 8u402, 11.0.22, 17.0.10, 21.0.2
    ○ Krita 5.2.2
    ○ LLVM/Clang 13.0.0, 16.0.6, 17.0.6
    ○ LibreOffice 24.2.1.2
    ○ Lua 5.1.5, 5.2.4, 5.3.6, 5.4.6
    ○ MariaDB 10.9.8
    ○ Mono 6.12.0.199
    ○ Mutt 2.2.13 and NeoMutt 20240201
    ○ Node.js 18.19.1
    ○ OCaml 4.14.1
    ○ OpenLDAP 2.6.7
    ○ PHP 7.4.33, 8.0.30, 8.1.27, 8.2.16, 8.3.3
    ○ Postfix 3.8.6
    ○ PostgreSQL 16.2
    ○ Python 2.7.18, 3.9.18, 3.10.13, 3.11.8
    ○ Qt 5.15.12 (+ kde patches), 6.6.1
    ○ R 4.2.3
    ○ Ruby 3.1.4, 3.2.3, 3.3.0
    ○ Rust 1.76.0
    ○ SQLite 3.44.2
    ○ Shotcut 07/23/29
    ○ Sudo 1.9.15.5
    ○ Suricata 7.0.3
    ○ Tcl/Tk 8.5.19, 8.6.13
    ○ TeX Live 2023
    ○ Thunderbird 115.8.1
    ○ Vim 9.1.139, Neovim 0.9.5
    ○ Xfce 4.18.1

  • Additionally, third-party components have been updated, including the Xenocara graphics stack based on X.Org 7.7 with xserver 21.1.11 + patches, freetype 2.13.0, fontconfig 2.14.2, Mesa 23.1.9, xterm 378, xkeyboard-config 2.20, fonttosfnt 1.2.3, LLVM/Clang 16.0.6 (+ patches), GCC 4.2.1 (+ patches) and 3.3.6 (+ patches), Perl 5.36.3 (+ patches), NSD 4.8.0, Unbound 1.18, Ncurses 5.7, Binutils 2.17 (+ patches), Gdb 6.3 (+ patches), Awk 01/22/2024, Expat 2.6.0, zlib 1.3.1 (+ patches).

It is worth recalling that the main objectives of the OpenBSD 7.5 operating system were portability (supported by 13 hardware platforms), standardization, correct operation, proactive security and integrated cryptographic tools. The installation image of the system can be download from this linkits volume is 630 MB.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *