OpenBSD
7.4
29 Mar 21:58
The OpenBSD project produces a free, multi-platform 4.4BSD-derived UNIX-like operating system. Emphasizing portability, standardization, coherency, correctness, proactive security and integrated cryptography. It comes with almost 9000 software package in its ports, including a custom X11 environment (Xenocara), desktop environments, web and multimedia applications, compilers and programming languages. It also harbours the OpenBSD-maintained software projects OpenSSH, LibreSSL, OpenIKED, OpenBGPD
major feature: Fixed ssh-keygen(1) find-principals on allowed_signers files with blank lines. Disabled LRO in ix(4) on sparc64 by default for stability for the 7.5 release. Enabled dwxe(4) on riscv64. Added Allwinner D1 ethernet controller clocks and reset support to sxiccmu(4). Added SPI clocks for other 64-bit Rockchip SoCs in rkclock(4). Added backup of disklabel for softraid(4) chunks to security(8). Converted 't_lock', 'r_keypair_lock' and 'c_lock' rwlock(9)s to corresponding mutex(9)es. Switched to using whois.internic.net for whois(1) -i. Added validation for IPv4 packet options in divert(4). Fixed detection of qcpas0 driver on x13s when booted in ACPI mode. Separated ssh(1) parsing of string array options from applying them to the active configuration. Fixed some cases where the config parser improperly rejected valid configuration. Started flushing the D-cache before disabling the cache on armv7 in efiboot. Added a workaround for an 88100 errata where FPU imprevise exceptions could be raised in error. Fixed awacs(4) audio on some iMac G3 models. Bumped smtpd(8) version to 7.5.0. Added support for attaching rkpmic(4) to an SPI bus. Added support for the RK806 PMIC which can attach to both I2C and SPI. Added rkspi(4), a driver for the SPI controller found on various Rockchip SoCs. Added clocks for the RK3588 SPI controller to rkclock(4). Made iked(8) trigger retransmission only for fragment 1/x to prevent each received fragment triggering retransmission of the full fragment queue. Bumped OpenIKED to 7.4. Bumped libressl to 3.9.0. Removed GOST and STREEBOG support from libressl. Added mktemp(1) suffix support for compatibility with the GNU version. It is now possible to use templates where the Xs are not at the end. Added mkdtemps(3), identical to mkdtemp(3) except that it permits a suffix to exist in the template. Allowed fdisk(8) to add GPT partitions of protected types, making it possible to provision virtual machine images that need a "BIOS Boot" partition.
