NetBSD 5.2 / 6.1 - Changelog

What's new in NetBSD 6.1:

May 19th, 2013

Security Advisory Fixes:

· NetBSD-SA2013-001, Kernel panic triggered from userland
· NetBSD-SA2013-002, kqueue related kernel panic triggered from userland
· NetBSD-SA2013-003, RNG Bug May Result in Weak Cryptographic Keys
· NetBSD-SA2013-004, Vulnerabilities in grep

Security Fixes:

· expat: Fix CVE-2012-1147, CVE-2012-1148 and CVE-2012-0876.
· BIND: Address CVE-2012-5688: Named could die on specific queries with dns64 enabled.
· Fixed a crash which could happen with sysctl security.curtain=1 set. (PR#47598)
· Address CVE-2012-5667: Multiple integer overflows in GNU grep.
· Several fixes to entropy handling in the kernel.
· Prevent ktrace from being able to crash the kernel.

General kernel:

· posix_spawn(): Fix processes with attributes.
· Resolve races between vget() and vrele() resulting in vget() returning dead vnodes.
· Prevent crash when unsupported fd's are used with kevent.
· Fix a bug where kmem_alloc() could be called from interrupt context.
· WAPBL: coalesce writes to the journal to speed up wapbl_flush() on raid5 by a factor of 3 to 4.

Networking:

· Fix "atomic fragments" for IPv6.
· ipf: Fix alignment issues in ipmon. (PR#47101)
· npf: handle delayed checksums in the network stack. (PR#47235)
· Fixed some locking issues in ipf(4)
· npf(3): Many fixes and updates. Config syntax has changed somewhat, please check your config files.
· Fixed sendto(2) issue with IPv6 UDP datagrams. (PR#47408)
· vioif(4): Fixed an issue which caused recent QEMU to crash.

File systems:

· smbfs: Make smbfs actually work on big-endian ports.
· smbfs: various fixes. (PR#25070)
· Allow mounting ext2fs and msdosfs in 32-bit compat mode.
· v7fs: fix off-by-one error.

Drivers:

· ciss(4): don't try to handle sensors if there aren't any.
· isp(4): Fix FC-AL devices on QLogic ISP2100. (PR#47302)
· mfi(4): Add support for LSI Thunderbolt (SAS2208) controllers.
· mfi(4): Add support for running the MegaCLI Linux binary to manage the controller.
· puc(4): Additional device support.
· bge(4): Add support for Apple's Thunderbolt to Gigabit Ethernet adapter. (PR#46961)
· mvgbe(4): fix a number of issues
· nfe(4): Avoid bounce buffering and improve performance.
· wm(4): Fix handling of 82578D and 82579V chips. Various other fixes.
· fss(4): Don't crash when running multiple dump -X. (PR#47514)
· fss(4): Fixed panic. (PR#47020)

Platforms:

alpha:
· Fixed longjmp/setjmp on alpha for statically linked programs such as those in /rescue.
amiga:
· New ed(4) device driver for Hydra and ASDG Zorro2 bus network cards.
arm:
· Fix gcc bugid 51408 for arm. (PR#46972)
· Fixed a bit check in the Kirkwood IRQ code.
· Fixed incorrect counts for 'vmstat -e' on Kirkwood.
· Make bigendian ARM get the MBR partition and offset correct. (PR#47081)
· Fixed bug where IRQ masks of GPIO were set incorrectly on Marvell SoCs.
· Fixed static linking on ARM platforms. (PR#47139)
· Properly block IRQs >= 32. (PR#45371)
· Greatly improved Raspberry Pi support - USB and onboard Ethernet now work.
· Enabled DCache Streaming Switch and Write Allocate for Sheeva CPUs.
· Added support for the watchdog timer in some Marvell SoCs.
· Fix for non-MBR disks on ARM. (PR#47463)
mips:
· MIPS ports have switched to gdb 7.3.1. GDB6 is removed.
vax:
· Reverted MAXPARTITION bump to 16, lowering it to 12 instead, to fix bootblocks and installboot for VAX 780 and other machines booting via VMB.EXE.
x68k:
· Update bootloader: cdboot, netboot support and bugfixes.
· Add floppy format support.
x86 (i386, amd64):
· Work around a possible gcc bug generating bad assembler code. (PR#45673)
· Disable C1E on AMD K8 CPUs, to prevent freeze during boot.
· Fix running BSDi and NetBSD

What's new in NetBSD 6.1 RC2:

March 19th, 2013

· Various terminfo fixes (PR#46793, PR#47090, PR#47490, PR#47532)
· Fixed a segfault in awk(1) (PR#47553)
· Moved boottime50 and its associated sysctl into the compat module. (PR#47579)
· Updated tzdata to 2013b, with the latest timezone info
· Fixed a crash when the security.curtain sysctl is enabled (PR#47598)
· Fixed some IPF locking issues
· Fix a crash on statically-linked programs for NetBSD/alpha

What's new in NetBSD 6.1 RC1:

February 23rd, 2013

· Bugfixes and feature improvements to NPF, the NetBSD Packet Filter
· Improvements to several ARM platforms, including Raspberry Pi which now has nearly-complete support.
· Support for dtrace on amd64
· MIPS ports switched to gdb 7.3.1, gdb6 removed
· Additional device support in key drivers including wm(4), uftdi(4), mfi(4), bge(4), aac(4), tlp(4) and others.
· Various port-specific improvements to the amiga, arm, sparc64 and x68k ports.

What's new in NetBSD 6.0.1:

December 27th, 2012

Security Fixes:

· expat: Fix CVE-2012-1147, CVE-2012-1148 and CVE-2012-0876.
· BIND: Address CVE-2012-5688: Named could die on specific queries with dns64 enabled.

General kernel:

· posix_spawn(): Fix processes with attributes.
· Resolve races between vget() and vrele() resulting in vget() returning dead vnodes.
· Prevent crash when unsupported fd's are used with kevent.

Networking:

· Fix "atomic fragments" for IPv6.
· ipf: Fix alignment issues in ipmon. (PR#47101)
· npf: handle delayed checksums in the network stack. (PR#47235)

File systems:

· smbfs: Make smbfs actually work on big-endian ports.

Drivers:

· ciss(4): don't try to handle sensors if there aren't any.

Platforms:

x86 (i386, amd64):
· Work around a possible gcc bug generating bad assembler code. (PR#45673)
· Disable C1E on AMD K8 CPUs, to prevent freeze during boot.
xen:
· Prevent a memory corruption issue that locks up a Xen DomU, and can potentially cause file system corruption. (PR#47056, PR#47057)
· Fix: Xen Dom0 NetBSD kernel could crash by adding duplicate xenwatches.

Userland fixes:

· Update to tzdata2012j.
· cdb: don't refuse to open databases without entries or keys.
· Address graphics corruption in recent Cairo, manifested most commonly by certain rendered text sections appearing as solid rectangular blocks of color.

What's new in NetBSD 5.2 RC1:

November 15th, 2012

· NetBSD 5.2 is intended for those who have an application using NetBSD 5.0.x or 5.1.x who don't want the churn of upgrading to NetBSD 6.0, but would like bug fixes and some stable new features. There have been a number of changes since 5.1. See src/doc/CHANGES-5.2 for the full list.

What's new in NetBSD 6.0:

October 18th, 2012

· SMP support for Xen domU kernels, initial suspend/resume support for Xen domU, PCI pass-through support for Xen3, and addition of the balloon driver.
· Major rework of MIPS port adding support for SMP and 64-bit (O32, N32, N64 ABIs are supported) processors, DSP v2 ASE extension, various NetLogic/RMI processor models, Loongson family processors, and new SoC boards.
· Improved SMP on PowerPC port and added support for Book E Freescale MPC85xx (e500 core) processors.
· ARM has gained support for Cortex-A8 processors, various new SoCs, and initial support for Raspberry Pi. Full support for Raspberry Pi and major ARM improvements to come in a future NetBSD release.
· time_t is now a 64-bit quantity on all NetBSD ports. This means that the NetBSD world no longer ends in 2037.

What's new in NetBSD 6.0 Beta 2:

May 28th, 2012

· Fixed PR/39444
· fixes to hdaudio
· fixes to LFS
· fixed detaching ehci(4)
· PR/41673
· PR/44097
· Added the ability to configure RAIDframe components on raw disks.
· Fixed iwi(4) firmware decoding on bigendian platforms.
· more variants supported by mfi(4)
· PR/46217
· Prevent sshd from consuming all available entropy.
· Update pcc to pcc-20120325.
· Power management for bthub(4).
· PR/45829
· PR/46232
· PR/46120
· PR/46284
· Work around some AMD processor errata
· Fixed x86k boot problem
· PR/45131
· PR/46286
· PR/46221
· PR/46282
· PR/46146
· Added mpii(4) driver for LSI Logic Fusion-MPT Message Passing Interface II SAS controllers.
· Many PUFFS fixes
· Several OpenSSL fixes
· PR/46325
· PR/46121
· PR/46391
· PR/41267
· PR/46360
· PR/46408
· PR/46419
· Added tgamma() and tgammaf() to libm
· Avoid a tools build error on Cygwin hosts
· many fixes for building with clang
· switched vax back to gcc 4.1
· Added new sysinst post-install config menu
· PR/46041
· PR/44092
· PR/46101
· PR/46457
· PR/43903

What's new in NetBSD 5.0.1:

August 3rd, 2009

Security Advisory Fixes:

· NetBSD-SA2009-004, NetBSD OpenPAM passwd(1) changing weakness.
· NetBSD-SA2009-005, Plaintext Recovery Attack Against SSH.
· NetBSD-SA2009-006, Buffer overflows in ntp.
· NetBSD-SA2009-007, Buffer overflows in hack(6).
· NetBSD-SA2009-008, OpenSSL ASN1 parsing denial of service and CMS signature verification weakness.
· NetBSD-SA2009-009, OpenSSL DTLS Memory Exhaustion and DSA signature verification vulnerabilities.
· NetBSD-SA2009-010, ISC dhclient subnet-mask flag stack overflow.
· NetBSD-SA2009-011, ISC DHCP server Denial of Service vulnerability.
· NetBSD-SA2009-012, SHA2 implementation potential buffer overflow.
· NetBSD-SA2009-013, BIND named dynamic update Denial of Service vulnerability.

· Note: Advisories prior to NetBSD-SA2009-004 do not affect NetBSD 5.0.
Kernel:

· Fix random "filesystem full" messages on large FFS file systems.
· Fix a regression in the 4.4BSD scheduler, improving interactive performance under load.
· Remove a race where physio_done() may use memory already freed. Fixes PR kern/39536.
· Fix a crash observed when trying to load a corrupted ELF kernel module.
· Fix PR kern/41566, where writes on the controlling tty were not being awoken from blocks.
· Various fixes for POSIX message queues.
· Fix a possible deadlock in the VFS subsystem.
· Fixes for POSIX advisory locks.
· A number of other stability fixes.

Networking:

· Follow exactly the recommendation of draft-ietf-tcpm-tcpsecure-11.txt: Don't check gainst the last ack received, but the expected sequence number. This makes RST handling independent of delayed ACK.
· Fix a panic when trying to disable IPFilter before enabling it. Fixes PR kern/41364.

Drivers:

· ehci(4): Add a workaround for ATI SB600 and SB700 revisions A12 and A13 to avoid a USB subsystem hang when the system has multiple USB devices connected to it or one device is re-connected often.
wm(4):
· On i82563, FreeBSD's em driver says that the ready bit in the MDIC register may be incorrectly set. Insert delay(200) like the em driver. Fixes PR kern/41014.
· Add workaround for 82543GC. We need to force speed and duplex on the MAC equal to what the PHY speed and duplex configuration is. Fixes PR kern/36430.
· Fix many problems and panic on TBI's cards (PR kern/32009).

Platform specific:

· x86 (amd64 and i386): Add a workaround for a bug with some Opteron revisions where locked operations sometimes do not serve as memory barriers, allowing memory references to bleed outside of critical sections.
· amd64: Handle protection faults properly, returning SIGSEGV instead of SIGBUS.
· hp300: Make install.md probe cd(4) devices properly.
· pmax: Make ksyms(4) actually work.
· sh3: Fix logic error in copyinstr() when deciding whether to return EFAULT or ENAMETOOLONG.
sparc64:
· Fix long double support in 32bit libc. Fixes PR port-sparc64/41406.
· When preparing the initial trap frame for a new forked lwp, explicitly clear condition code. Otherwise we might catch a signal before we ever return to userland. Fixes PR port-sparc64/41302.
· vax: binutils: Allocate relocation section using bfd_zalloc() to ensure no garbage relocations when not all the entries are used. Fixes PR port-vax/39182.

Userland:

· Update pkg_install to 20090724.
· pkg_install now depends on the pkgdb cache for automatic conflict detection. It is recommended to rebuild the cache with "pkg_admin rebuild". audit-packages.conf(5) has been superseded by pkg_install.conf(5). The default configuration is the same. Support for pkg_view(1) has been retired. The functionality of audit-packages(1) and download-vulnerability-list(1) has moved into pkg_admin(1). Wrapper scripts that handle the common use cases are provided.
· Update libfetch to 2.23.
· racoonctl(8): Adjust ADMINPORTDIR to match that of racoon (/var/run). Fixes PR bin/41376.
· schedctl(8): Skip LSIDL and LSZOMB threads when retrieving info.
· postinstall(8) now knows about /etc/dhcpcd.conf.

Miscellaneous:

· The X.Org s3 driver now works.
· Install the Xvidtune app-defaults file.
Fixes to Linux compat:
· In sendmsg(2), do copy the msghdr structure before trying to use it.
· In linux_sys_sched_getaffinity(), do not leak memory on error.
· Various METALOG fixes, including sorting entries. Addresses PR toolchain/24457 and PR bin/41155.

What's new in NetBSD 5.0:

April 30th, 2009

· NetBSD 5.0 features greatly improved performance and scalability on modern multiprocessor (SMP) and multi-core systems. Multi-threaded applications can now efficiently make use of more than one CPU or core, and system performance is much better under I/O and network load.

· In addition to scalability and performance improvements, a significant number of major features have been added. Some highlights are: a preview of metadata journaling for FFS file systems (known as WAPBL), the jemalloc memory allocator, X.Org instead of XFree86 on a number of ports, the Power Management Framework, ACPI suspend/resume support on many laptops, write support for UDF file systems, the Automated Testing Framework, the Runnable Userspace Meta Program framework, Xen 3.3 support for both i386 and amd64, POSIX message queues and asynchronous I/O, and many new hardware device drivers.

What's new in NetBSD 5.0 RC4:

April 17th, 2009

· Today, we have two things to be happy about. First, the fourth release candidate of NetBSD 5.0 is available for download. Second, this announcement, like RC3's, coincides with an important birthday: that of Billy West. Below are some highlighted changes since RC3: added the RLIMIT_AS resource, which limits the total address space available to processes; improved NFS server stability; FFS improvements; a fix for a pf(4) DoS; re(4) now works with the RealTek 8111C, which is found on many current motherboards with Intel chipsets.

What's new in NetBSD 5.0 RC3:

March 22nd, 2009

· considerable improvements to WAPBL;
· further X.Org refinements, including switching sgimips to X.Org;
· scheduler activations support is now disabled by default in sysctl.conf;
· ddb.onpanic is now set to 1 in the kernel by default, but 0 in sysctl.conf - this avoids trying to dump if a crash occurs during the install phase;
· puffs is now enabled by default on amd64, i386, macppc, and sparc64; SSP kernels should work again;
· a handful of assorted stability improvements.

What's new in NetBSD 5.0 RC2:

February 11th, 2009

· Since RC1, 103 tickets were pulled up. Interested readers can find the details of these tickets in src/doc/CHANGES-5.0. RC2 represents a great deal of progress over RC1, but with that amount of change, increased time for testing is required. To put it bluntly, there will definitely be a third release candidate. We are aware of a number of release-blocking issues, but it is important that we get a jump on testing the many changes made since RC1.

What's new in NetBSD 4.0.1:

October 15th, 2008

· The NetBSD Project is pleased to announce that update 4.0.1 of the NetBSD operating system is now available. NetBSD 4.0.1 is the first security/critical update of the NetBSD 4.0 release branch. This represents a selected subset of fixes deemed critical in nature for stability or security reasons, no new features have been added. NetBSD 4.0.1 runs on 54 different system architectures featuring 17 machine architectures across 17 distinct CPU families, and is being ported to more. The NetBSD 4.0.1 release contains complete binary releases for 51 different machine types.