Announcing NetBSD 5.1
The NetBSD Project is pleased to announce that version 5.1 of the NetBSD operating system is now available. NetBSD 5.1 is the first feature update of the NetBSD 5.0 release branch. It represents a selected subset of fixes deemed critical for security or stability reasons, as well as new features and enhancements.
Please note that all fixes in security/critical updates (i.e., NetBSD 5.0.1, 5.0.2, etc.) are cumulative, so the latest update contains all such fixes since the corresponding minor release. These fixes will also appear in future minor releases (i.e., NetBSD 5.1, 5.2, etc.), together with other less-critical fixes and feature enhancements.
Complete source and binaries for NetBSD 5.1 are available for download at many sites around the world. A list of download sites providing FTP, HTTP, AnonCVS, SUP, and other services may be found at http://www.NetBSD.org/mirrors/. We encourage users who wish to install via ISO images to download via BitTorrent by using the torrent files supplied in the ISO image area. A list of hashes for the NetBSD 5.1 distribution has been signed with the well-connected PGP key for the NetBSD Security Officer: http://ftp.NetBSD.org/pub/NetBSD/security/hashes/NetBSD-5.1_hashes.asc
NetBSD is free. All of the code is under non-restrictive licenses, and may be used without paying royalties to anyone. Free support services are available via our mailing lists and website. Commercial support is available from a variety of sources. More extensive information on NetBSD is available from our website:
NetBSD 5.1 is dedicated to the memory of Martti Kuparinen, who was the victim of a traffic accident in June 2010.
Martti's technical contributions are too many to list here in full. He created and maintained numerous packages in pkgsrc, updated two packet filter solutions distributed with NetBSD and improved several hardware drivers. Beyond that, he was always helpful and friendly. His example encouraged users to contribute to the project and share their work with the community. Some of these users later became NetBSD developers themselves thanks to Martti's efforts.
The complete list of changes can be found in the CHANGES-5.1 file in the top level directory of the NetBSD 5.1 release tree. An abbreviated list is as follows:
- NetBSD-SA2009-004, NetBSD OpenPAM passwd(1) changing weakness.
- NetBSD-SA2009-005, Plaintext Recovery Attack Against SSH.
- NetBSD-SA2009-006, Buffer overflows in ntp.
- NetBSD-SA2009-007, Buffer overflows in hack(6).
- NetBSD-SA2009-008, OpenSSL ASN1 parsing denial of service and CMS signature verification weakness.
- NetBSD-SA2009-009, OpenSSL DTLS Memory Exhaustion and DSA signature verification vulnerabilities.
- NetBSD-SA2009-010, ISC dhclient subnet-mask flag stack overflow.
- NetBSD-SA2009-011, ISC DHCP server Denial of Service vulnerability.
- NetBSD-SA2009-012, SHA2 implementation potential buffer overflow.
- NetBSD-SA2009-013, BIND named dynamic update Denial of Service vulnerability.
- NetBSD-SA2010-002, OpenSSL TLS renegotiation man in the middle vulnerability.
- NetBSD-SA2010-003, azalia(4)/hdaudio(4) negative mixer index panic.
- NetBSD-SA2010-004, amd64 per-page No-execute (NX) bit disabled.
- NetBSD-SA2010-005, NTP server Denial of Service vulnerability.
- NetBSD-SA2010-006, Buffer length checking errors in CODA.
- NetBSD-SA2010-007, Integer overflow in libbz2 decompression code.
- NetBSD-SA2010-008, sftp(1)/ftp(1)/glob(3) related resource exhaustion.
- NetBSD-SA2010-010, Buffer Length Handling Errors in netsmb.
- NetBSD-SA2010-011, OpenSSL Double Free Arbitrary Code Execution.
Note: Advisories prior to NetBSD-SA2009-004 do not affect NetBSD 5.0.
- openssl: Fix CVE-2009-4355 and CVE-2010-0740.
- Fix crash in openssl: handshake_dgst[] may be used without being allocated, causing NULL pointer dereference.
- Update BIND server and tools to 9.5.2-P2, fixing CVE-2009-0025, CVE-2009-4022, and CVE-2010-0097.
- ntpd(8): Fix CVE-2009-3563.
- expat: Fix SA36425 and CVE-2009-3560.
- fts(3): Avoid possible integer overflow on really deep dirs, and subsequent collateral damage. Received from OpenBSD via US-CERT as VU #590371.
-
Fix a couple issues with POSIX message queues:
- An invalid signal number passed to mq_notify() could crash the kernel on delivery -- add a boundary check.
- A user could set mq_maxmsg (the maximal number of messages in a queue) to a huge value on mq_open(O_CREAT) and later use up all kernel memory by mq_send() -- add a sysctl'able limit which defaults to 16*mq_def_maxmsg.
- arc4random(3): Keep arc4_i and arc4_j synchronised after a rekeying. This prevents accidentally ending up in a short ARC4 cycle.
- freetype: Fix CVE-2009-0946.
- ftpd(8): Fix a remote crash. PR 43023.
- openldap: Fix CVE-2009-3767.
- Fix an NX regression observed on amd64 kernels, where per-page execution right was disabled (therefore leading to the inability of the kernel to detect fraudulent use of memory mappings marked as not being executable).
- Fix random "filesystem full" messages on large FFS file systems.
- Fix a regression in the 4.4BSD scheduler, improving interactive performance under load.
- Remove a race where physio_done() may use memory already freed. PR 39536.
- Fix a crash observed when trying to load a corrupted ELF kernel module.
- Fix PR 41566, where writes on the controlling tty were not being awoken from blocks.
- Various fixes for POSIX message queues.
- Fix a couple deadlocks in the VFS subsystem. PR 41374.
- Fix an issue on some architectures where a softint could fire on the wrong CPU.
- Fixes for POSIX advisory locks.
- A number of other stability fixes.
- Fix a case where setpriority(2) returned EACCES instead of EPERM. PR 41489.
- lockf(3) passes its arguments through to fcntl(2) but is supposed to support -ve lengths (lock area before current offset). Nothing in libc or the kernel allowed for this, so some random part of the file would get locked. PR 41620.
- Fix ktrace of data from iovec based system calls. PR 41819.
- Fix stack size enforcement.
-
fsck_ext2fs(8): Ignore the "-P" option as intended, to make this work
with, e.g., "fsck_flags=-pP" in
/etc/rc.conf
. PR 41490. - UFS quotas: Add missing mutex_destroy() before pool_cache_put(). Prevents a "Mutex error: lockdebug_alloc: already initialized" panic.
- tunefs(8): Allow tunefs to clear any type of WAPBL log, not only in-filesystem ones.
- fsck_ffs(8): Do some basic checks of the WAPBL journal, and fail if the kernel would refuse to mount the filesystem read/write. Add code to clear the bogus journal when not run in preen (-p) mode.
- wapbl(4): If the WAPBL journal can't be read (ffs_wapbl_replay_start() fails), mount the filesystem anyway if MNT_FORCE is present. This allows to still boot single-user a system with a corrupted WAPBL on /, and so get a chance to run fsck to fix it.
-
smbfs:
- Fix some panics while trying to umount a smbfs share.
-
Fix detection of SMB capabilities according to the CIFS spec:
- SMB_CAP_LARGE_FILES advertises support for 64-bit file offsets.
- SMB_CAP_LARGE_READX and SMB_CAP_LARGE_WRITEX advertise support for large reads and writes (larger than 64KB). PR 42175.
- Add support for file sizes greater than 4GB.
- Prevent malicious local program from causing a kernel crash.
- A number of fixes for ext2fs. PR 28712.
- procfs: Fix memory leak. PR 42053.
- Fix cp(1) from NTFS. PR 38531.
-
cd9660: Change cd9660_mount, in MNT_UPDATE case, to check dev_t's for
equality instead of just vnode pointers. Fixes erroneous "Invalid
argument" errors from mount(8) with -u against cd9660 root in the
presence of mfs or tmpfs
/dev
prepared after initial mountroot. - A number of fixes to ffs snapshots.
- sysctlfs: Fix a crash while trying to read nodes on amd64. PR 41494.
- Various improvements to UDF.
- xattr: Fix system crash which could be triggered by a malicious command.
- coda: Fix incomplete ioctl parameter verification.
- ffs: Fix a race condition which could lead to data corruption.
- wapbl(4): Fix replay problems which could corrupt the fs. PR 43336.
- ath(4): Remove the binary HAL and update to the open source HAL.
- Add the age(4) driver for Attansic L1.
- Add the ale(4) driver for Atheros AR8121/AR8113/AR8114.
- brgphy(4): Add support for BCM5462, BCM54K2 and BCM5722.
- arp(4): Don't require the gateway address to have room for both an interface name and address. Fixes a regression in 'arp -s ...' on interfaces such as xennet0 with unusually long names. PR 41878.
- Make tcp msl (max segment life) tunable via sysctl net.inet.tcp.msl.
- Fixed a number of bge(4) bugs.
- ifpci(4): Fix endianness issues when accessing the B-channel fifos.
-
wm(4):
- Numerous fixes for various chips.
- Add SIOCSIFADDR support for setting the AF_LINK address, necessary for agr to be able to set the mac addresses of each port to the agr address (i.e., so it can receive all intended traffic at the hardware level).
- Enable hardware VLAN support.
-
re(4):
- Detect RTL8169CP, RTL8168D/8111D, and RTL8103E variants.
- Add hardware checksum support for newer 8168/8111/8102 chips.
- Fix RX hardware checksum for DESCV2 chips. PR 40605.
- le(4): Don't immediately switch UTP/AUI ports on lost carrier.
- agr(4): Add vlan support and hardware offload capabilities. Add support for disabling the LACP protocol by setting LINK1 on the agr interface.
-
bnx(4):
- Protect against spurious "bnx0: Double mbuf allocation failure!" panics.
- Add support for BCM5709 and BCM5716.
- Follow exactly the recommendation of draft-ietf-tcpm-tcpsecure-11.txt: Don't check against the last ack received, but the expected sequence number. This makes RST handling independent of delayed ACK.
- vr(4): Add suspend/resume support.
- carp(4): Improve logging. PR 38260.
- Give 100BASE-TX full duplex higher priority than 100BASE-T4.
- Fix wpa with ral(4).
- vlan(4): Inherit the parent's TCP segmentation offload capability.
-
dhcpcd:
- Update to 5.1.3.
- Add an rc.d script.
- Only start dhcpcd per interface if not running the full dhcpcd daemon. Only stop dhcpcd per interface if it's running for the interface. PR 40320.
- Fix a panic when trying to disable IPFilter before enabling it. PR 41364.
- ping(8): Deal with source route and record route specially giving a meaningful error message when remote side doesn't support record route. PR 41111.
- ifconfig(8): Don't require a "vlan" argument with "-vlanif". "ifconfig vlan0 -vlanif" now works as one would expect.
- tap(4): Fix a potential leak on device close.
- bpf(4): Prevent malicious bytecode from crashing the kernel with a divide-by-zero trap.
- UDPv6: Prevent local crash by malicious user program.
- ehci(4): Add a workaround for ATI SB600 and SB700 revisions A12 and A13 to avoid a USB subsystem hang when the system has multiple USB devices connected to it or one device is re-connected often.
- uftdi(4): Add support for multiple channel cards, specifically quad channel FT4232H.
- ums(4): Add quirks to make MS Wireless Laser Mouse 6000 work. PR 41737. Add support for USB HID devices that report absolute coordinates instead of relative movement data, e.g. touchpanels. Add support for the Microsoft Natural Ergonomic Desktop 7000 mouse.
- apm(4): Fix suspend/resume.
- Add hdaudio(4), a standards-compliant driver for Intel High Definition Audio. It will replace azalia(4) eventually.
- Add gcscaudio(4), an AMD Geode CS5536 audio driver.
- Add support for playback- or capture-only devices. PR 42050.
- pad(4): Catch up to audio(4) device_t/softc split to prevent pad from corrupting its child device's softc.
- audio(4): OSS audio allows mixer operations on the dsp device. NetBSD would previously return EINVAL in these circumstances. This can break audio in apps running under Linux emulation. Select whether to call mixer_ioctl() or audio_ioctl() based on whether the command smells like a mixer ioctl or not.
- pam(3): Restore the good old UNIX behavior of root password changing: only root may change the root password.
- racoon(8): Fix a bug where racoon used a wrong IPsec-SA handle that was for another peer if it received an ISAKMP message for IPsec-SA that has the same message-id as the message-id that was received before.
- ipsec(4): Add a missing splx() call. PR 41701.
-
opencrypto(9):
- Extend the API to allow the destination buffer size to be specified when it is not the same size as the input buffer.
- Add user-space access to compression features.
- Add software gzip support (CRYPTO_GZIP_COMP).
- Add the fast version of crc32 from zlib to libkern.
- Fix PRs 41069 and 41070.
- Add support for RAIDframe parity maps. Drastically reduces the amount of time spent checking parity after an unclean shutdown by keeping better track of which regions might have had outstanding writes. Enabled by default; can be disabled on a per-set basis, or tuned, with the new raidctl(8) commands.
- Add sdmmc framework.
- Add sdhc(4), a driver for SD controllers following the SD Host Controller Standard Simplified Specification.
- Add wb(4), a driver for Winbond W83L518D SD/MMC readers.
- siisata(4): Sync with HEAD, fixing a number of bugs. PR 41579.
- mfi(4): Fix command list corruption seen on heavy I/O load. Add support for MFI gen2 devices.
- twa(4): Disable completely bogus DIAGNOSTIC check.
- wdc(4): use 8bits access to legacy IDE registers through the SATA interface (except data registers). Stops errors such as the following when probing SATA drives through controllers that offer the legacy pciide interface: viaide1 channel 0: reset failed for drive 0
- piixide(4): Add Intel 3400 support.
-
x86 (amd64 and i386)
- Add a workaround for a bug with some Opteron revisions where locked operations sometimes do not serve as memory barriers, allowing memory references to bleed outside of critical sections.
-
ichlpcib(4): Fix watchdog code:
- The timer bound constants are in tick, so convert period to tick before checking it against the bounds.
- For ICH5 or older, fix code that would have always written a 0 period to the register.
- Add CPU topology detection support for AMD processors.
-
asus(4):
- Add experimental cpu fan/voltage switching support (sysctl hw.asus0.*).
- Add fan sensor.
- Add hw.wake.* sysctl subtree for toggling which devices are allowed to restore the system from sleep. By default, the following devices are enabled for wake: sleep/power buttons, lid switch, pc kbd controller.
- agp(4): Add support for Intel G35, G45, and Q45.
- Cut down on the number of lines used in acpi autoconf messages.
- Extend CPU probe of Intel processors to handle extended-models: new Intel 45nm processors, Core i7, Atom, and the 45nm Xeon MP. Properly decode several new Intel cache descriptors, as listed in the most recent (March 2009) edition of Intel's Application Note 485. PRs 41289 and 41290.
- cpuctl(8): Add newer VIA C7 core and VIA Nano. When printing an unknown VIA CPU, default to 'Unknown IDT/VIA' instead of 'C3'.
- Fix NetBSD under qemu with ACPI enabled. PR 38729.
- acpi(4): If the firmware describes duplicate keyboard controller nodes, don't panic when the driver fails to map registers. PR 39671.
- Fix a bug where mapping the very end of iomem accidentally returns an address in the ISA hole. Fixes ohci on VirtualPC 7 for Mac, which places OHCI at base address 0xfffff000 size 0x1000.
- int 15h/AH=86h (WAIT) doesn't work properly on all hardware and emulators, so for the countdown use the more coarsely grained sleep implementation based on int 1ah/AH=00h (GET SYSTEM TIME).
- Use the TSC and current multiplier to calculate bus clock on VIA C7 Esther.
- Add support for VIA C7 temperature sensors (options VIA_C7TEMP) and enable in i386 GENERIC kernel.
- Fix a regression in the boot loader where pressing a letter not bound to a menu item would select a numeric item.
- Enable cgd(4) support on all amd64 and i386 XEN kernels.
-
amd64
- Handle protection faults properly, returning SIGSEGV instead of SIGBUS.
- Ensure FP state is reset, if FP is used in a signal handler. PR 39299.
- Build kernel modules with -mno-red-zone like the kernel is built.
- On amd64, add a third free list distinct from the default free list, holding RAM between 16Mb and 4Gb. This helps preventing bus_dma(9) memory allocation failures for 32bit DMA on large-memory machines.
-
i386
- The FPU Tag word is a 16bit register, in FPU (387) mode it defines 2-bit tags for each FPU data register, in MMX mode it defines 1-bit tags for each data register. The single bit tags are stored in the lower 8 bits and thus in the first byte of the save frame.
- Fix a local user crash.
- ARM: Work-around a possible process exit corner case which can leave stale data in the cache after a context-switch. PR 41058.
-
sgimips
- haltwo(4): Set delta value for the mixer's master channel.
- Add a driver for the Indy's front panel buttons. Power button presses are reported to sysmon, volume control buttons are reported to PMF.
- Fixes for newport video.
-
alpha
- A number of multiprocessor fixes. PRs 41106 and 42174.
- Add support for booting off a couple of common RAID adapters found on several models of alpha systems: mlx [Mylex DAC060] and iop [I2O]. PR 25829.
- Change the kernel text to 0xfffffc0000430000 (which is where Tru64 has its kernel).
- The tsc(4) bus initialization was using a single statically allocated extent storage for each tsp(4), which caused a LOCKDEBUG kernel to fail because the extent storage contained a mutex which panics when the second mutex_init() is attempted. Put the extent storage into the tsp_config structure so each tsp(4) gets its own. PR 38358.
-
amiga
- Switch amiga to the common m68k pmap.
- Fix a problem with the timecounter running backwards everytime the hardware counter wraps and the clock-interrupt is not yet serviced by hardclock().
- Improve precision of small kernel delays.
- Fix keyboard handshaking problems on Amiga 1200.
-
atari
- Rewrite the binpatch(8) utility to add support for ELF binaries, old src/usr.sbin/mdsetimage sources which support misc executable formats without LGPL'ed libbfd.
- Add a workaround for annoying "WARNING: negative runtime; monotonic clock has gone backwards" message.
- fd(4): Correctly detect the default density.
- hp300: Make install.md probe cd(4) devices properly.
- hpcmips: Fix pcic kthread creation timing. PRs 41791 and 41164.
- m68k: Ensure functions like mmap(2), mremap(2), shmat(2) or sbrk(2) return -1 in case of an error. A side benefit of this is to fix a segfault caused by jemalloc when mmap(2) failed.
- macppc: pbms(4): Avoid an immediate crash during attach, and fix the aspect ratio of the trackpad on the geyser2 model.
- pmax: Make ksyms(4) actually work.
- sh3: Fix logic error in copyinstr() when deciding whether to return EFAULT or ENAMETOOLONG.
- sparc64:
- Fix long double support in 32bit libc. PR 41406.
- When preparing the initial trap frame for a new forked lwp, explicitly clear condition code. Otherwise we might catch a signal before we ever return to userland. PR 41302.
- Fix a disk I/O regression under heavy load.
- Build the sunleo X driver.
- Add lom(4), a driver for LOMlite lights out management hardware monitor and watchdog timer.
- sab(4): Allow the RSC to be the console on an E250, by checking for RSC-specific properties, and by not changing the port baud rate.
-
vax
- binutils: Allocate relocation section using bfd_zalloc() to ensure no garbage relocations when not all the entries are used. PR 39182.
- Keep track of the previous ICR value and hardclock_ticks to ensure the 32 bit counter doesn't go backwards. Also, the ICR runs from -10000 to -1, so adjust the value when reading it. Now mfpr works quite nicely on a 4000/90.
-
sparc
- Enable ddb(4) in GENERIC-like kernels.
- Fix a number of issues with floppies.
- Add apc(4), a driver for the Aurora Personality Chip (APC) found on SPARCstation-4/5, and emulated by qemu to idle the simulator when the CPU is idle. Only the CPU idle part implemented at this time.
-
xen
- Now a XEN3_DOM0 kernel properly updates the CMOS time.
- Implement DIOCGDISKINFO for xbd disk driver.
- xbdback: implement and publish "feature-flush-cache". xbd: if feature-flush-cache is present, use it for DIOCCACHESYNC. Should improve WAPBL reliability of Xen guests on a NetBSD dom0.
- xennet: Write a "feature-rx-notify" to the xenstore, which is used by recent linux dom0 kernels. This reduces packet loss when using a NetBSD domU on such linux dom0.
- xennetback: Announce feature-rx-copy and feature-rx-flip. Add support for request-rx-copy. PR 40650.
- Add i368PAE support to Xen3 dom0.
- Add Xen3 PCI pass-through support.
- Fix stalled xbdback detach that would stall the whole xenbus thread, preventing new domUs from being created.
- Make it possible to use netbsd-5 domUs running on a Xen2 hypervisor.
- sh(1): Make the cd builtin accept and ignore -P. PR 42557.
- fdisk(8): Fix issues with large disks.
- savecore(8): Instead of exiting with an obscure error message if -N /kernelname isn't specified, blithely assume the kernel will consume around 20 megs.
- newfs(8): Issue a better error message if attempting to create a file system on a block device. Inspired by PR 41127.
- newfs_msdos(8): Make fs size detection get proper size rather than disk size.
- termcap(3): Only add the ZZ capability for termcap entries that are larger than 1023 bytes.
- dkctl(8): List the partition types addwedge understands. PR 37252. Make dkctl conform to its man page and print the device name on addwedge when the addition was successful (as well as indicating success).
- If the current locale doesn't define the 'thousands' grouping info then use sane defaults (',' every 3 digits). PR 40714.
-
pthread(3):
- Make nanosleep cancelable again.
- Improve the algorithm used in pthread creation so that it does a better job of reusing dead threads.
- Make sure thread id is set correctly in case a threaded program forks from a thread other than the main thread. Fixes issues with, e.g., ruby.
- newsyslog(8): Reset ziptype on each line. Failure to do this caused any log file to be compressed if it was listed after a line using Z or J flag.
-
nvi(1):
- Fix a problem where the pattern /\$/ didn't match a dollar sign. PR 41781.
- Make :ESC, #+ and #- work again.
- Rename "expandtabs" to "expandtab" to match documentation.
- Implement the "et" abbreviation for expandtab.
- Fix regexp on LP64 systems. PR 41924.
- Fix format string bug: filenames may contain % characters.
- Fix ~ on big-endian architecturs.
- pstat(8): Distinguish between UFS1 and UFS2 inodes by reading the ufsmount structure, the previous heuristic of comparing the size fields of inode and dinode failed.
- btpin(1): Add a -P flag to attempt immediate pairing.
- ksh(1): Support 0xnn for hexadecimal constants, as well as 16#nn. PR 40512.
- Add support for fr_*.UTF-8 locale. Setting LANG to fr_*.UTF-8 won't get the message catalog right (they're encoded in iso-8859-1), but other locale functions should work properly.
- Add Solaris-like dlinfo() interface to the ELF dynamic linker. Implement RTLD_DI_LINKMAP which returns a pointer to the linkmap chain at the given object.
- kill(1): Make sure that numerical signals and pids are in range for their types. PR 42143.
- pcap(3): pcap_lookupnet(): reset ifr before SIOCGIFNETMASK. Without it we get back a bogus netmask. PR 41367.
- man(1): Accept a pathname to a man file, e.g., "man ./man.1"
- setlocale(3): Handle nonexistent locales properly. PR 42124.
- amldb(8): Check validity of parent to avoid a potential segfault.
- sort(1): Fix a ton of bugs including but not limited to PR 18614 PR 27257 PR 25551 PR 22182 PR 31095 PR 30504 PR 36816 PR 37860 PR 39308 PR 42094.
- user(8): Fix -p flag: rm_eo is the first character *after* the match, so no need for a +1. Blowfish hashes are only 53 chars long, not 54.
- Update libevent to 1.4.11-stable.
- hunt(6): Fix possible remote DoS of a running hunt game, and prevent a possible theoretical attack involving >= 1 billion ammo.
- systat(1): Fix problems with SIGWINCH. PR 42161.
-
gzip(1):
- Fix support for multi-section bzip2 files, as created by pbzip2.
- Add "pack" uncompression support.
- Avoid an overflow in suffix handling.
- audio{ctl,play,record}: Add extended WAVE header support, attempt to play a bunch more WAV files.
- Update Postfix to 2.6.5.
- df(1): Block numbers are measured in f_frsize units. Make -P option use this instead of f_bsize. Also account for reserved blocks like normal non-P output. PR 41541.
- Update libfetch to 2.30.
- window(1): Fix a SEGV with certain terminal types. PR 41581.
-
Update pkg_install to 20100204:
Note
pkg_install now depends on the pkgdb cache for automatic conflict detection. You should rebuild the cache with "pkg_admin rebuild". Note that this only applies to upgrades from 5.0; it is not necessary to do this if you are upgrading from 5.0.1 or 5.0.2.- audit-packages.conf(5) has been superseded by pkg_install.conf(5). The default configuration is the same.
- Support for pkg_view(1) has been retired.
- The functionality of audit-packages(1) and download-vulnerability-list(1) has moved into pkg_admin(1). Wrapper scripts that handle the common use cases are provided.
-
racoonctl(8): Adjust ADMINPORTDIR to match that of racoon
(
/var/run
). PR 41376. - schedctl(8): Skip LSIDL and LSZOMB threads when retrieving info.
-
postinstall(8) now knows about
/etc/dhcpcd.conf
. - drvctl(8): Allow querying for root devices in the tree by specifying an empty device name. Ensure that l_devname is NUL-terminated and fail otherwise. If drvctl -l is used without argument, print the root device nodes.
- paste(1): Null-terminate the delimiter list string after processing escapes (which can shorten it) because the code that issues delimiters depends on it being null-terminated. This caused e.g. paste -d '\0' a b to print a '0' at the beginning of each line. PR 41159.
-
Don't attempt to read or write ~/.lesshst if it's not a regular file
or a symlink to a regular file. Previously, symlinking to
/dev/null
would cause less to trash/dev/null
if run with sufficient privileges. PR 42237. - Make rtsold_flags default to -a. PR 39657.
- libevent: Add -fno-strict-aliasing to work around problems with GCC 4 and strict-aliasing.
- Renamed a number of internal getline() functions to get_line() so as to compile under -current.
- Install the Xvidtune app-defaults file. PR 41577.
-
Fixes to Linux compat:
- In sendmsg(2), copy the msghdr structure before trying to use it.
- In linux_sys_sched_getaffinity(), do not leak memory on error.
- Various METALOG fixes, including sorting entries. PRs 24457 and 41155.
- Update DRM code.
- cdce(4): Add support for the Openmoko Freerunner. PR 40049.
- pms(4): Add elantech multi-touch support.
- Big X.Org update.
- ugen(4): ugen_get_cdesc() can return NULL. When this happens, return EINVAL error instead of crashing.
- Fix a race between nfsd and local rm. PR 41147.
- puc(4): Add support for Oxford Semiconductor OXmPCI952 2 port UARTs. Add support for the IBM 481033H SCC.
- sysinst(8): Try ATA/SCSI identify commands and when successful, use the model information along with the disk size when creating the 'Available disks' menu. PR 41925.
- Fix PR kern/41659: add missing splx() in FAST_IPSEC code.
- Add hungarian keyboard layout.
- Add Swiss German keyboard layout.
- Introduce MKSUBPIXEL, which allows enabling subpixel rendering code in FreeType.
- Support drives over 1TB in size in sysinst. Error if drive is over 2TB in in size (and thus over the disklabel limit).
-
Update and add some TNF ssh keys to
/etc/ssh/ssh_known_hosts
. - Prevent makefs(8) from creating invalid ISO format on rockridge support which causes fatal errors in ARC BIOS firmware on MIPS Magnum R4000. PR 42410.
- sysinst(8): When creating /etc/fstab: for the first swap partition use type "sw,dp" instead of "sw", so dump device gets configured correctly if swap is not on the second partition. PR 42148.
- sys/atomic.h: Make atomics usable from C++.
- wc(1): Add support for "-L" option (longest line) as present in the GNU and FreeBSD versions of "wc".
- libm: Add f{min,max,dim}{,l,f}.
- jemalloc: Fix race condition on reallocation of huge category. PR 42876.
- sys/null.h: Enclose (void *)0 in an extra set of parenthese to make the result usable in arbitrary expressions. PR 41890.
- bozohttpd: Fix bug which allowed a client to see outside of a server's virtual root.
Using block device nodes directly for I/O may cause a kernel crash when the file system containing /dev is FFS and is mounted with -o log. Workaround: use raw disk devices, or remount the file system without -o log.
Occasionally, gdb may cause a process that is being debugged to hang when "single stepped". Workaround: kill and restart the affected process.
gdb cannot debug running threaded programs correctly. Workaround: generate a core file from the program using gcore(1) and pass the core to gdb, instead of debugging the running program.
Please use a mirror site close to you.
The NetBSD 5.1 release provides supported binary distributions for the following systems:
NetBSD/acorn26 | Acorn Archimedes, A-series and R-series systems |
NetBSD/acorn32 | Acorn RiscPC/A7000, VLSI RC7500 |
NetBSD/algor | Algorithmics, Ltd. MIPS evaluation boards |
NetBSD/alpha | Digital/Compaq Alpha (64-bit) |
NetBSD/amd64 | AMD family processors like Opteron, Athlon64, and Intel CPUs with EM64T extension |
NetBSD/amiga | Commodore Amiga and MacroSystem DraCo |
NetBSD/arc | MIPS-based machines following the Advanced RISC Computing spec |
NetBSD/atari | Atari TT030, Falcon, Hades |
NetBSD/bebox | Be Inc's BeBox |
NetBSD/cats | Chalice Technology's CATS and Intel's EBSA-285 evaluation boards |
NetBSD/cesfic | CES FIC8234 VME processor board |
NetBSD/cobalt | Cobalt Networks' MIPS-based Microservers |
NetBSD/dreamcast | Sega Dreamcast game console |
NetBSD/evbarm | Various ARM-based evaluation boards and appliances |
NetBSD/evbmips | Various MIPS-based evaluation boards and appliances |
NetBSD/evbppc | Various PowerPC-based evaluation boards and appliances |
NetBSD/evbsh3 | Various Hitachi Super-H SH3 and SH4-based evaluation boards and appliances |
NetBSD/ews4800mips | NEC's MIPS-based EWS4800 workstation |
NetBSD/hp300 | Hewlett-Packard 9000/300 and 400 series |
NetBSD/hppa | Hewlett-Packard 9000 Series 700 workstations |
NetBSD/hpcarm | StrongARM based Windows CE PDA machines |
NetBSD/hpcmips | MIPS-based Windows CE PDA machines |
NetBSD/hpcsh | Hitachi Super-H based Windows CE PDA machines |
NetBSD/i386 | IBM PCs and PC clones with i486-family processors and up |
NetBSD/ibmnws | IBM Network Station 1000 |
NetBSD/iyonix | Castle Technology's Iyonix ARM based PCs |
NetBSD/landisk | SH4 processor based NAS appliances |
NetBSD/luna68k | OMRON Tateisi Electric's LUNA series |
NetBSD/mac68k | Apple Macintosh with Motorola 68k CPU |
NetBSD/macppc | Apple PowerPC-based Macintosh and clones |
NetBSD/mipsco | MIPS Computer Systems Inc. family of workstations and servers |
NetBSD/mmeye | Brains mmEye multimedia server |
NetBSD/mvme68k | Motorola MVME 68k Single Board Computers |
NetBSD/mvmeppc | Motorola PowerPC VME Single Board Computers |
NetBSD/netwinder | StrongARM based NetWinder machines |
NetBSD/news68k | Sony's 68k-based “NET WORK STATION” series |
NetBSD/newsmips | Sony's MIPS-based “NET WORK STATION” series |
NetBSD/next68k | NeXT 68k “black” hardware |
NetBSD/ofppc | OpenFirmware PowerPC machines |
NetBSD/pmax | Digital MIPS-based DECstations and DECsystems |
NetBSD/prep | PReP (PowerPC Reference Platform) and CHRP machines |
NetBSD/sandpoint | Motorola Sandpoint reference platform |
NetBSD/sbmips | Broadcom SiByte evaluation boards |
NetBSD/sgimips | Silicon Graphics' MIPS-based workstations |
NetBSD/shark | Digital DNARD (“shark”) |
NetBSD/sparc | Sun SPARC (32-bit) and UltraSPARC (in 32-bit mode) |
NetBSD/sparc64 | Sun UltraSPARC (in native 64-bit mode) |
NetBSD/sun2 | Sun Microsystems Sun 2 machines with Motorola 68010 CPU |
NetBSD/sun3 | Motorola 68020 and 030 based Sun 3 and 3x machines |
NetBSD/vax | Digital VAX |
NetBSD/x68k | Sharp X680x0 series |
NetBSD/xen | The Xen virtual machine monitor |
NetBSD/zaurus | Sharp ARM PDAs |
Ports available in source form only for this release include the following:
NetBSD/amigappc | PowerPC-based Amiga boards |
NetBSD/ia64 | Itanium family of processors |
NetBSD/playstation2 | SONY PlayStation2 |
NetBSD/rs6000 | IBM RS/6000 MCA-based PowerPC machines. |
The NetBSD Foundation would like to thank all those who have contributed code, hardware, documentation, funds, colocation for our servers, web pages and other documentation, release engineering, and other resources over the years. More information on the people who make NetBSD happen is available at:
We would like to especially thank the University of California at Berkeley and the GNU Project for particularly large subsets of code that we use. We would also like to thank the Internet Systems Consortium Inc., the Network Security Lab at Columbia University's Computer Science Department, and Ludd (Luleå Academic Computer Society) computer society at Luleå University of Technology for current colocation services.
NetBSD is a free, fast, secure, and highly portable Unix-like Open Source operating system. It is available for a wide range of platforms, from large-scale servers and powerful desktop systems to handheld and embedded devices. Its clean design and advanced features make it excellent for use in both production and research environments, and the source code is freely available under a business-friendly license. NetBSD is developed and supported by a large and vivid international community. Many applications are readily available through pkgsrc, the NetBSD Packages Collection.
The NetBSD Foundation was chartered in 1995, with the task of overseeing core NetBSD project services, promoting the project within industry and the open source community, and holding intellectual property rights on much of the NetBSD code base. Day-to-day operations of the project are handled by volunteers.
As a non-profit organization with no commercial backing, The NetBSD Foundation depends on donations from its users, and we would like to ask you to consider making a donation to the NetBSD Foundation in support of continuing production of our fine operating system. Your generous donation would be particularly welcome assistance with ongoing upgrades and maintenance, as well as with operating expenses for The NetBSD Foundation.
Donations can be made via PayPal to <paypal@NetBSD.org>
and
are fully tax-deductible in the US. If you would prefer not to use PayPal,
or would like to make other arrangements, please contact
<finance-exec@NetBSD.org>
.
Back to NetBSD 5.x formal releases