NetBSD is a free, secure, and highly portable Unix-like Open Source operating system available for many platforms, from 64-bit Opteron machines and desktop systems to handheld and embedded devices.
Its clean design and advanced features make it excellent in both production and research environments, and it is user-supported with complete source. Many applications are easily available through The NetBSD Packages Collection.
Product's homepage
Here are some key features of "NetBSD":
· Clean design
· Wide platform support
· BSD License
· Full source availability
· Security
· Mature and stable
· Hype free
· Packet filtering and Network Address Translation (NAT)
· IPv6
· Network File System (NFS)
· Comprehensive and robust networking
· Wireless networking
· Hardware and software RAID
· High performance PCI IDE
· SCSIPI subsystem - combined SCSI and ATAPI
· 64-bit filesystems
· Large IDE disks
· Soft Updates on FFS for high performance and reliability
· Many filesystem types
· DVD ROM and RAM
· The package system (applications)
· Machine independent driver framework
· Machine independent audio framework
· Kernel debugging
· OS emulation
· USB (Universal serial bus)
· Other device support
· The UVM virtual memory system
· Cardbus
· wscons machine independent console
· 64-bit clean
· Non-executable stack and heap
What's New in This Release: [ read full changelog ]
Security Advisory Fixes:
· NetBSD-SA2009-004, NetBSD OpenPAM passwd(1) changing weakness.
· NetBSD-SA2009-005, Plaintext Recovery Attack Against SSH.
· NetBSD-SA2009-006, Buffer overflows in ntp.
· NetBSD-SA2009-007, Buffer overflows in hack(6).
· NetBSD-SA2009-008, OpenSSL ASN1 parsing denial of service and CMS signature verification weakness.
· NetBSD-SA2009-009, OpenSSL DTLS Memory Exhaustion and DSA signature verification vulnerabilities.
· NetBSD-SA2009-010, ISC dhclient subnet-mask flag stack overflow.
· NetBSD-SA2009-011, ISC DHCP server Denial of Service vulnerability.
· NetBSD-SA2009-012, SHA2 implementation potential buffer overflow.
· NetBSD-SA2009-013, BIND named dynamic update Denial of Service vulnerability.
· Note: Advisories prior to NetBSD-SA2009-004 do not affect NetBSD 5.0.
Kernel:
· Fix random "filesystem full" messages on large FFS file systems.
· Fix a regression in the 4.4BSD scheduler, improving interactive performance under load.
· Remove a race where physio_done() may use memory already freed. Fixes PR kern/39536.
· Fix a crash observed when trying to load a corrupted ELF kernel module.
· Fix PR kern/41566, where writes on the controlling tty were not being awoken from blocks.
· Various fixes for POSIX message queues.
· Fix a possible deadlock in the VFS subsystem.
· Fixes for POSIX advisory locks.
· A number of other stability fixes.
Networking:
· Follow exactly the recommendation of draft-ietf-tcpm-tcpsecure-11.txt: Don't check gainst the last ack received, but the expected sequence number. This makes RST handling independent of delayed ACK.
· Fix a panic when trying to disable IPFilter before enabling it. Fixes PR kern/41364.
Drivers:
· ehci(4): Add a workaround for ATI SB600 and SB700 revisions A12 and A13 to avoid a USB subsystem hang when the system has multiple USB devices connected to it or one device is re-connected often.
wm(4):
· On i82563, FreeBSD's em driver says that the ready bit in the MDIC register may be incorrectly set. Insert delay(200) like the em driver. Fixes PR kern/41014.
· Add workaround for 82543GC. We need to force speed and duplex on the MAC equal to what the PHY speed and duplex configuration is. Fixes PR kern/36430.
· Fix many problems and panic on TBI's cards (PR kern/32009).
Platform specific:
· x86 (amd64 and i386): Add a workaround for a bug with some Opteron revisions where locked operations sometimes do not serve as memory barriers, allowing memory references to bleed outside of critical sections.
· amd64: Handle protection faults properly, returning SIGSEGV instead of SIGBUS.
· hp300: Make install.md probe cd(4) devices properly.
· pmax: Make ksyms(4) actually work.
· sh3: Fix logic error in copyinstr() when deciding whether to return EFAULT or ENAMETOOLONG.
sparc64:
· Fix long double support in 32bit libc. Fixes PR port-sparc64/41406.
· When preparing the initial trap frame for a new forked lwp, explicitly clear condition code. Otherwise we might catch a signal before we ever return to userland. Fixes PR port-sparc64/41302.
· vax: binutils: Allocate relocation section using bfd_zalloc() to ensure no garbage relocations when not all the entries are used. Fixes PR port-vax/39182.
Userland:
· Update pkg_install to 20090724.
· pkg_install now depends on the pkgdb cache for automatic conflict detection. It is recommended to rebuild the cache with "pkg_admin rebuild". audit-packages.conf(5) has been superseded by pkg_install.conf(5). The default configuration is the same. Support for pkg_view(1) has been retired. The functionality of audit-packages(1) and download-vulnerability-list(1) has moved into pkg_admin(1). Wrapper scripts that handle the common use cases are provided.
· Update libfetch to 2.23.
· racoonctl(8): Adjust ADMINPORTDIR to match that of racoon (/var/run). Fixes PR bin/41376.
· schedctl(8): Skip LSIDL and LSZOMB threads when retrieving info.
· postinstall(8) now knows about /etc/dhcpcd.conf.
Miscellaneous:
· The X.Org s3 driver now works.
· Install the Xvidtune app-defaults file.
Fixes to Linux compat:
· In sendmsg(2), do copy the msghdr structure before trying to use it.
· In linux_sys_sched_getaffinity(), do not leak memory on error.
· Various METALOG fixes, including sorting entries. Addresses PR toolchain/24457 and PR bin/41155.
Find us on Google+
