Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Software-update: OpenBSD 6.2

OpenBSD logo (75 pix)Enkele dagen geleden is de halfjaarlijkse release van OpenBSD uitgekomen. Op deze pagina is een uitgebreide lijst van ftp- en http-downloadlocaties te vinden. OpenBSD stamt af van de originele Berkeley Software Distribution en heeft als kenmerk dat de ontwikkelaars alleen opensourcesoftware willen gebruiken. Verder staat het besturingssysteem bekend om zijn uitstekende documentatie en veiligheid. Uitgebreide releasenotes kunnen op deze pagina worden gevonden. De 'beknopte' lijst met vernieuwingen ziet er als volgt uit:

What's New

This is a partial list of new features and systems included in OpenBSD 6.2. For a comprehensive list, see the changelog leading to 6.2.

Improved hardware support, including:
  • arm: New rkgrf(4) driver for the Rockchip RK3399/RK3288 register file.
  • arm: New rkclock(4) driver for Rockchip RK3399/RK3288 clocks.
  • arm: New rkpinctrl(4) driver for controlling Rockchip RK3399/RK3288 pins.
  • arm: New rkgpio(4) driver for GPIO on Rockchip SoCs.
  • arm: New rktemp(4) driver for Rockchip RK3399 temperature sensors.
  • arm: New rkiic(4) driver for Rockchip RK3399 I2C controllers.
  • arm: New rkpmic(4) driver for the RK808 Power Management IC.
  • arm: New dwmmc(4) driver for Synopsis DesignWare SD/MMC controllers.
  • arm: New dwdog(4) driver for the Synopsys DesignWare watchdog timer.
  • arm: New dwxe(4) driver for the Synopsys DesignWare Ethernet controller.
  • arm: New sxitwi(4) driver for the two-wire bus on Allwinner SoCs.
  • arm: New axppmic(4) driver for the AXP209 I2C PMIC.
  • arm: New bcmaux(4) driver for clocks and interrupts on the auxilliary UART on BCM2835 devices.
  • arm: New mvmpic(4) driver for an interrupt controller on Marvell ARMADA 38x.
  • arm: New mvpxa(4) driver for the SD Host Controller on Marvell ARMADA 38x.
  • arm: New mvpinctrl(4) driver to configure pins on Marvell ARMADA 38x.
  • arm: New mvneta(4) driver the Ethernet controller on Marvell ARMADA 38x.
  • arm: New amdisplay(4) & nxphdmi(4) drivers for the Texas Instruments AM335x LCD controller.
  • octeon: New octcib(4) driver for the interrupt bus widget on CN70xx/CN71xx.
  • octeon: New octcit(4) driver for the central interrupt unit version 3 on CN72xx/CN73xx/CN77xx/CN78xx.
  • octeon: New octsctl(4) driver for the OCTEON SATA controller bridge.
  • octeon: New octxctl(4) driver for the OCTEON USB3 controller bridge.
  • octeon: Rhino Labs Inc. SDNA Shasta, and Ubiquiti Networks EdgeRouter 4 and 6 are now supported.
  • New hvs(4) driver for Hyper-V storage.
  • New pcxrtc(4) driver for the NXP PCF8563 Real Time Clock.
  • New urng(4) driver for USB random number generator devices.
  • Intel 8265 and 3168 support was added to the iwm(4) driver.
  • RTL8192CE support was added to the rtwn(4) driver.
  • RT5360 support was added to the ral(4) driver.
  • RTS525A support was added to the rtsx(4) driver.
  • The acpibat(4) driver now supports _BIX entries from ACPI 4.0.
  • ACPI hibernate support was added to the nvme(4) driver.
  • Substantially improved ACPI hibernate performance in the ahci(4) driver.
  • The inteldrm(4) driver was updated to code based on Linux 4.4.70 - it now supports Skylake, Kaby Lake, and Cherryview devices and has better support for Broadwell and Valleyview devices.
  • The puc(4) driver now supports ASIX AX99100 devices.
  • Xen platform support and the xbf(4) driver in particular have been substantially improved.
  • The nvme(4) driver now reports correct last sector address to SCSI, allowing a valid GPT to be created.
  • Repair ioapic(4) misconfigurations.
vmm(4)/ vmd(8) improvements:
  • vmctl(8) supports paused VM migration and memory snapshotting using send and receive commands.
  • VPID/ASID reuse/rollover in vmm(4).
  • SGABIOS imported as an option ROM payload in SeaBIOS (for VGA to serial console redirection).
  • vmd(8) resets the guest VM RTC (real time clock) on host resume from suspend/hibernate (OpenBSD guests only).
  • Allow guest VMs access to AVX/AVX2 host CPU features.
  • Support for AMD SVM/RVI hosts.
  • Allow larger guest VM memory sizes (up to MAXDSIZ sized guests - e.g. 32GB on amd64 hosts).
  • Better handling of guest VM MONITOR/MWAIT and HLT instructions.
  • Various device emulation improvements in vmd(8).
  • Increase the virtio(4) queue size provided by vmd(8) from 64 to 128 entries, to increase performance.
  • Many fixes to vmctl(8) and vmd(8) error handling.
IEEE 802.11 wireless stack improvements:
  • MiRA 802.11n TX rate scaling now supports devices with unequal numbers of Tx and Rx streams. Fixes 11n mode for some athn(8) devices.
  • The iwn(8) and iwm(8) drivers will now start scanning for a new access point if they no longer receive beacons from the current AP.
  • Prefer the 5GHz band over the 2GHz band during access point selection.
  • Improved debug output in dmesg(8) when a wireless interface is put into debug mode with ifconfig(8).
Generic network stack improvements:
  • Incoming and forwarded IP packets are now processed without KERNEL_LOCK, resulting in better performances and reduced latency.
  • The kernel no longer handles IPv6 Stateless Address Autoconfiguration (RFC 4862), allowing cleanup and simplification of the IPv6 network stack.
  • The kernel sends IPv6 router solicitations for link local addresses with a link local source address.
  • FQ-CoDel algorithm has been implemented for use with pf(4) queueing.
  • Improved IPv6 checks for IPsec policies and made them consistent with IPv4.
  • Refactored local IP delivery to process IPsec packets in a flow and avoid enqueueing a second time.
  • pf(4) now inspects AH packets and matches on the inner protocol. This makes IPv4 authentication headers work like IPv6.
  • The length of extension header chains in pf(4) is limited. This prevents spending excessive CPU time on crafted packets.
  • Block IPv6 packets in pf(4) that have a hop-by-hop options header or a destination options header. Such packets can be passed by adding "allow-opts" to the rule. This makes IPv6 option handling consistent with IPv4.
  • If the IPv4 ID gets reused too fast, pf(4) fragment reassembly uses a smarter strategy to drop packets.
  • Enabled the use of per-CPU caches in the network packet allocators.
Installer improvements:
  • The installer now uses the Allotment Routing Table (ART).
  • A unique kernel is now created by the installer to boot from after install/upgrade.
  • On release installs of architectures supported by syspatch, "syspatch -c" is now added to rc.firsttime.
  • Backwards compatibility code to support the 'rtsol' keyword in hostname.if(5) has been removed.
  • The install.site and upgrade.site scripts are now executed at the end of the install/upgrade process.
  • More detailed information is shown to identify disks.
  • The IPv6 default router selection has been fixed.
  • On the amd64 platform, AES-NI is used if present.
Routing daemons and other userland network improvements:
  • A new daemon, slaacd(8) handles IPv6 Stateless Address Autoconfiguration (RFC 4862).
  • rtadvd(8) now supports "Reducing Energy Consumption of Router Advertisements" (RFC 7772).
  • rtadvd(8) has been fixed to quickly handle IPv6 prefix changes on the system.
  • ipsecctl(8) can now show SA bundles and the "bundle" keyword allows them to be explicitly created. This avoids confusion as they were previously used implicitly.
  • nc(1) now has a -W recvlimit option to terminate netcat after receiving the specified number of packets. This allows for a UDP request to be sent, a reply to be received and the result checked on the command line.
  • nc(1) now has a -Z option, allowing the peer certificate and chain to be saved to a file in PEM format.
  • A new -T tlscompat option was added to nc(1), which enables the use of all TLS protocols and libtls "compat" ciphers.
  • Various races have been fixed in relayd(8), expecially in HTTP chunked mode.
  • ndp(8) now shows the relevant NDP information when run in a non-default routing domain.
  • ifstated(8) now copes with interface departures/arrivals.
  • bgpd(8) can now be started multiple times in different routing domains, this provides virtual router functionality.
Security improvements:
  • A new function freezero(3) to easily clear and free memory holding sensitive data has been added.
  • Double free detection has been improved when the F malloc(3) option is used. The existing S option now includes F.
  • The TIOCSTI tty ioctl has been removed. The I/O-loops in the last two consumers csh(1) and mail(1) were rewritten to cope with the removal.
  • Trapsleds, a new mitigation that significantly reduces the amount of nops in the instruction stream, replacing them with trap instructions or jump-over-trap sequences, thereby requiring greater accuracy for targetting potential gadgets.
  • Kernel Address Randomized Link (KARL), a new "link-kit" allows the .o files of the kernel to be relinked in a random order, creating a unique kernel for each boot. /bsd is now non-readable to users, to try to keep the secret.
  • Like with libc previously, rc(8) re-links libcrypto on startup, placing the objects in a random order.
  • In addition to libcrypto, to deter code reuse exploits, rc(8) re-links ld.so on startup, placing the objects in a random order.
  • If process accounting is activated with accton(8), the daily mail shows pledge violations and program crashes. lastcomm(1) uses the flags P and T for such processes.
  • pflogd(8) uses the fork+exec model.
  • tcpdump(8) uses the fork+exec model.
  • ifstated(8) uses pledge(2).
  • snmpd(8) and snmpctl(8) now use pledge(2).
  • Tighter pledge for at(1).
  • Fixed and simplified pledge logic for nc(1).
  • More application of recallocarray(3) in userland, and tracked sizes to free(9) in the kernel.
  • Achieve higher levels of paranoia regarding structure packing, and clear many kernel objects before passing to userland.
  • Disable some optimizations in clang(1) due to incompatibility with security.
  • For instance, cope with clang(1)'s assumption that static or const objects placed in unknown sections (such as .openbsd.randomdata) are surely always 0, and therefore such memory accesses can be optimized away.
  • In kernel, randomly bias down the top-of-stack per kthread.
dhcpd(8)/ dhcrelay(8) improvements:
  • Add support for echo-client-id statement to dhcpd.conf(5).
  • Take greater care to process all data read, and only data read, from the bpf(4) socket.
  • Use /dev/bpf instead of /dev/bpf0.
  • Handle DHCPINFORM messages from clients behind a DHCP relay.
  • Fix handling of carp(4) interfaces in dhcrelay(8).
  • Don't stop dhcrelay(8) logging to stderr when it is started with the -d option.
dhclient(8) improvements:
  • Log messages reworked and clarified, in particular by prefixing the name of the relevant network interface.
  • Treat SSID as 0 to 32 bytes of binary data, not a string.
  • Use RTM_PROPOSAL to take control of an interface rather than flipping interface down and up in the hope that other dhclient(8) instances notice.
  • Reduce file operations needed by -L option by opening file at startup and using it throughout process lifetime.
  • Improve resolv.conf(5) handling by reducing writes and more reliably determining which interface has the current default route.
  • Take greater care to process all data read, and only data read, from the bpf(4) socket.
  • Improve the determination of the link state of an interface.
  • Decline inappropriate lease offers as soon as they are deemed inappropriate.
  • Drop support for the timestamp formats used in lease files created more than four years ago.
  • Accept an offer from the server that sent the first copy of the offer, not the server that sent the last copy.
  • Don't delete addresses and routes when exiting.
  • Ensure IPv6 packets are not read from sockets.
  • Don't silently ignore obsolete keywords in dhclient.conf(5).
  • Reduce memory footprint by shrinking oversized static buffers.
  • Eliminate repeated socket opens by opening the required sockets during startup.
  • Fix construction of unicast UDP packets, broken in 5.6.
  • Improve determination of when a renewed lease requires interface configuration changes.
  • Don't exit when addresses are manually added or deleted from an interface.
  • Don't support option 33, classfull IP addresses.
  • Fix configuration of default routes supplied by classless route options.
  • Consider dhclient.conf(5) contents when determining what MTU value to configure.
  • Consider dhclient.conf(5) contents when creating the content of resolv.conf(5).
  • Delete direct routes when routes are flushed.
  • Don't label routes with "DHCLIENT nnnn".
  • Don't delete addresses or routes that will be immediately added back.
  • Delete addresses and routes only when a renewal request is NAK'ed.
  • Don't wait forever for requested information on the default route.
  • Don't exit when an attempt to send a packet fails.
  • Don't log a packet send when the send fails.
  • Remove the -u option, broken since 2013 without complaints.
  • Use /dev/bpf instead of /dev/bpf0.
Assorted improvements:
  • The i386 and amd64 platforms have switched to using clang(1) as the base system compiler.
  • Improved UTF-8 line editing support for ksh(1) Emacs and Vi input mode.
  • The HISTFILE of ksh(1) now uses a plain text format. Support for the HISTCONTROL environment variable was added.
  • The performance of the memory deallocator used by ksh(1) has been fixed.
  • The emacs-usemeta ksh(1) flag is no longer needed and is now deprecated.
  • New futex(2) syscall.
  • New pthread mutex and condition variable implementations improving latency of threaded applications.
  • New POSIX xlocale implementation written from scratch, complete in the sense that all POSIX *locale(3) and *_l(3) functions are included, but in OpenBSD, we of course only really care about LC_CTYPE and we only support ASCII and UTF-8.
  • Automatic hibernation and suspend by apmd when battery is low.
  • New ctfdump(1) and ctfconv(1) tools to manipulate CTF (Compact C Type Format).
  • The error handling in syslogd(8) has been improved. Even if internal errors occur, the daemon tries to keep unaffected subsystems active. So as many messages as possible are logged. They can be filtered by severity and facility "syslog".
  • syslogd(8) can now suppress "last message repeated" which is useful for remote logging.
  • syslogd(8) can listen on multiple TLS sockets.
  • syslogd(8) closes the *.514 UDP sockets when they are not needed.
  • Truncate log messages at 8192 bytes everywhere.
  • newsyslog(8) now skips and logs invalid config lines.
  • Nested mount points are umounted in correct order.
  • Fix creation of softraid(4) CONCAT volumes.
  • Include softraid(4) volume and backing disk information in i/o error messages.
  • Make vioscsi(4) a normal scsi(4) device by eliminating its use of the obsolete XS_NO_CCB mechanism.
  • Remove last vestiges of now unused XS_NO_CCB mechanism.
  • Userspace can now get the address of the thread control block without a system call on OCTEON II and later.
  • FPU is enabled on OCTEON III.
  • GENERIC kernels now include a .SUNW_ctf section containing CTF data.
  • New ddb(4) kill command, send an uncatchable SIGABRT to a process.
  • New ddb(4) pprint command, using CTF information to "pretty print" global symbols.
  • New ddb(4) show struct command, using CTF information to display the content of in memory C structures.
  • x86: ddb(4) uses CTF data to display the correct number of function arguments in backtraces.
  • Power off all codecs in azalia(4) to avoid static noise in speakers and headphones on reboot.
  • Fix i386 boot regression seen on very old 486DX CPUs.
  • New witness(4) tool for debugging lock order issues in the kernel. The tool is not built in by default, and only amd64, hppa and i386 are supported.
  • Modernize some bizzare tty behaviours of getty(8).
  • Some subtle changes to pledge(2) to satisfy requirements observed in real life.
  • Prefer use of waitpid(2) rather than wait(3) where possible, to avoid problems with pre-existing children.
  • Rewrite swaths of machine-dependent system call stub code in ld.so(1) in a more portable fashion.
  • Per-CPU caches implemented in pools.
  • Mutex, condition-variable, thread-specific data, pthread_once(3), and pthread_exit(3) routines moved to libc from libpthread for ease of library use and compatibility with other OSes.
  • Added getptmfd(3), fdopenpty(3), and fdforkpty(3) to simplify privilege separation and use of pledge(2).
  • Improved computational complexity in various cases of strstr(3), qsort(3), and glob(3).
  • Added support for EV_RECEIPT and EV_DISPATCH to kqueue(2).
  • Added fktrace(2).
OpenSMTPD 6.0.0
  • Fix an off-by-one in the config parser that made 65535 an invalid port.
  • Fix a fd leak in the session congestion mechanism.
  • Fix a possible crash when relaying with smtps.
  • Remove support for the "listen secure" syntax (expicitely define two listeners for tls and smtps instead).
  • Remove experimental support for filters.
  • Assorted code and documentation cleanups and improvements.
OpenSSH 7.6
  • Security:
    • sftp-server(8): in read-only mode, sftp-server was incorrectly permitting creation of zero-length files.
  • New/changed features:
    • Add RemoteCommand option to specify a command in the ssh(1) config file instead of giving it on the client's command line. The feature allows to automate tasks using ssh config.
    • sshd(8): add ExposeAuthInfo option that enables writing details of the authentication methods used (including public keys where applicable) to a file that is exposed via a $SSH_USER_AUTH environment variable in the subsequent session.
    • ssh(1): add support for reverse dynamic forwarding. In this mode, ssh will act as a SOCKS4/5 proxy and forward connections to destinations requested by the remote SOCKS client. This mode is requested using extended syntax for the -R and RemoteForward options and, because it is implemented solely at the client, does not require the server be updated to be supported.
    • sshd(8): allow LogLevel directive in sshd_config Match blocks.
    • ssh-keygen(1): allow inclusion of arbitrary string or flag certificate extensions and critical options.
    • ssh-keygen(1): allow ssh-keygen to use a key held in ssh-agent as a CA when signing certificates.
    • ssh(1)/sshd(8): allow IPQoS=none in ssh/sshd to not set an explicit ToS/DSCP value and just use the operating system default.
    • ssh-add(1): added -q option to make ssh-add quiet on success.
    • ssh(1): expand the StrictHostKeyChecking option with two new settings. The first "accept-new" will automatically accept hitherto-unseen keys but will refuse connections for changed or invalid hostkeys. This is a safer subset of the current behaviour of StrictHostKeyChecking=no. The second setting "off", is a synonym for the current behaviour of StrictHostKeyChecking=no: accept new host keys, and continue connection for hosts with incorrect hostkeys. A future release will change the meaning of StrictHostKeyChecking=no to the behaviour of "accept-new".
    • ssh(1): add SyslogFacility option to ssh(1) matching the equivalent option in sshd(8).
  • The following significant bugs have been fixed in this release:
    • ssh(1): use HostKeyAlias if specified instead of hostname for matching host certificate principal names.
    • sftp(1): implement sorting for globbed ls.
    • ssh(1): add a user@host prefix to client's "Permission denied" messages, useful in particular when using "stacked" connections (e.g. ssh -J) where it's not clear which host is denying.
    • ssh(1): accept unknown EXT_INFO extension values that contain \0 characters. These are legal, but would previously cause fatal connection errors if received.
    • ssh(1)/sshd(8): repair compression statistics printed at connection exit.
    • sftp(1): print '?' instead of incorrect link count (that the protocol doesn't provide) for remote listings.
    • ssh(1): return failure rather than fatal() for more cases during session multiplexing negotiations. Causes the session to fall back to a non-mux connection if they occur.
    • ssh(1): mention that the server may send debug messages to explain public key authentication problems under some circumstances.
    • Translate OpenSSL error codes to better report incorrect passphrase errors when loading private keys.
    • sshd(8): adjust compatibility patterns for WinSCP to correctly identify versions that implement only the legacy DH group exchange scheme.
    • ssh(1): print the "Killed by signal 1" message only at LogLevel verbose so that it is not shown at the default level; prevents it from appearing during ssh -J and equivalent ProxyCommand configs.
    • ssh-keygen(1): when generating all hostkeys (ssh-keygen -A), clobber existing keys if they exist but are zero length. zero-length keys could previously be made if ssh-keygen failed or was interrupted part way through generating them.
    • ssh(1): fix pledge(2) violation in the escape sequence "~&" used to place the current session in the background.
    • ssh-keyscan(1): avoid double-close() on file descriptors.
    • sshd(8): avoid reliance on shared use of pointers shared between monitor and child sshd processes.
    • sshd_config(8): document available AuthenticationMethods.
    • ssh(1): avoid truncation in some login prompts.
    • ssh(1): make "--" before the hostname terminate argument processing after the hostname too.
    • ssh-keygen(1): switch from aes256-cbc to aes256-ctr for encrypting new-style private keys. Fixes problems related to private key handling for no-OpenSSL builds.
    • ssh(1): warn and do not attempt to use keys when the public and private halves do not match.
    • sftp(1): don't print verbose error message when ssh disconnects from under sftp.
    • sshd(8): fix keepalive scheduling problem: activity on a forwarded port from preventing the keepalive from being sent.
    • sshd(8): when started without root privileges, don't require the privilege separation user or path to exist. Makes running the regression tests easier without touching the filesystem.
    • Make integrity.sh regression tests more robust against timeouts.
    • ssh(1)/sshd(8): correctness fix for channels implementation: accept channel IDs greater than 0x7FFFFFFF.
LibreSSL 2.6.3
  • Added support for providing CRLs to libtls - once a CRL is provided via tls_config_set_crl_file(3) or tls_config_set_crl_mem(3), CRL checking is enabled and required for the full certificate chain.
  • Reworked TLS certificate name verification code to more strictly follow RFC 6125.
  • Cleaned up and simplified server key exchange EC point handling.
  • Removed inconsistent IPv6 handling from BIO_get_accept_socket(), simplified BIO_get_host_ip() and BIO_accept().
  • Added definitions for three OIDs used in EV certificates.
  • Relaxed SNI validation to allow non-RFC-compliant clients using literal IP addresses with SNI to connect to a libtls-based TLS server.
  • Added tls_peer_cert_chain_pem() to libtls, useful in private certificate validation callbacks such as those in relayd.
  • Converted explicit clear/free sequences to use freezero(3).
  • Fixed the openssl(1) ca command so that it generates certificates with RFC 5280-conformant time.
  • Added ASN1_TIME_set_tm(3) to set an ASN.1 time from a struct tm *.
  • Added SSL{,_CTX}_set_{min,max}_proto_version(3) functions.
  • Imported HKDF (HMAC Key Derivation Function) from BoringSSL.
  • Provided a tls_unload_file(3) function that frees the memory returned from a tls_load_file(3) call, ensuring that the contents become inaccessible.
  • Implemented reference counting for libtls tls_config, allowing tls_config_free(3) to be called as soon as it has been passed to the final tls_configure(3) call, simplifying lifetime tracking for the application.
  • Dropped cipher suites using DSS authentication.
  • Removed support for DSS/DSA from libssl.
  • Distinguish between self-issued certificates and self-signed certificates. The certificate verification code has special cases for self-signed certificates and without this change, self-issued certificates (which it seems are common place with openvpn/easyrsa) were also being included in this category.
  • Added a new TLS extension handling framework and converted all TLS extensions to use it.
  • Improved and added many new manpages. Updated SSL_{CTX_,}check_private_key(3) manpages with additional cautions regarding their use.
  • Cleaned up and simplified EC key/curve configuration handling.
  • Added tls_config_set_ecdhecurves(3) to libtls, which allows the names of the elliptical curves that may be used during client and server key exchange to be specified.
  • Converted more code paths to use CBB/CBS.
  • Removed NPN support - NPN was never standardised and the last draft expired in October 2012.
  • Removed SSL_OP_CRYPTOPRO_TLSEXT_BUG workaround for old/broken CryptoPro clients.
  • Removed support for the TLS padding extension, which was added as a workaround for an old bug in F5's TLS termination.
  • Added ability to clamp notafter values in certificates for systems with 32-bit time_t. This is necessary to conform to RFC 5280 4.1.2.5.
  • Removed the original (pre-IETF) chacha20-poly1305 cipher suites.
  • Reclassified ECDHE-RSA-DES-CBC3-SHA from HIGH to MEDIUM.
  • Provide a useful error with libtls if there are no OCSP URLs in a peer certificate.
  • Keep track of which keypair is in use by a TLS context, fixing a bug where a TLS server with SNI would only return the OCSP staple for the default keypair.
  • If tls_config_parse_protocols(3) is called with a NULL pointer it now returns the default protocols.
mandoc 1.14.3
  • Full mandoc.db(5) databases are now enabled by default, allowing semantic searching with apropos(1) without any local configuration changes.
  • Full integration of the former mdoclint(1) utility into mandoc(1) -Wall, new -Wstyle and -Wopenbsd message levels, and many new messages, for example about typos in .Sh lines, unknown .Xr targets, and links to self.
  • Additional steps unifying the mdoc(7), man(7), and roff(7) parsers: use one common data type and ohash_init(3) for all requests and macros and support creation of syntax tree nodes in the roff(7) parser, allowing support for many new low-level roff(7) features. Only about 25 ports still need USE_GROFF now.
  • Many improvements to tbl(7) parsing and formatting, including automatic line wrapping inside table columns.
  • Many improvements to eqn(7) parsing and formatting, including better font selection, recognition of well-known mathematical function names, and writing of and HTML tags.
  • Intelligible rendering of mathematical symbols in -Tascii output.
  • Several parsing and rendering improvements for the mdoc(7) .Lk macro.
  • Some CSS improvements in HTML output, in particular for the mdoc(7) .Bl macro.
Ports and packages:
  • A massive amount of clang-related fixes happened between 6.1 and 6.2.
As usual, steady improvements in manual pages and other documentation.

The system includes the following major components from outside suppliers:
  • Xenocara (based on X.Org 7.7 with xserver 1.18.4 + patches, freetype 2.8.0, fontconfig 2.12.4, Mesa 13.0.6, xterm 330, xkeyboard-config 2.20 and more)
  • LLVM/Clang 4.0.0 (+ patches)
  • GCC 4.2.1 (+ patches) and 3.3.6 (+ patches)
  • Perl 5.24.2 (+ patches)
  • NSD 4.1.17
  • Unbound 1.6.6
  • Ncurses 5.7
  • Binutils 2.17 (+ patches)
  • Gdb 6.3 (+ patches)
  • Awk Aug 10, 2011 version
  • Expat 2.2.4
Versienummer 6.2
Releasestatus Final
Besturingssystemen BSD
Website OpenBSD
Download https://www.openbsd.org/ftp.html
Licentietype Voorwaarden (GNU/BSD/etc.)

Door

Meukposter

0 Linkedin Google+

Submitter: Jayden

Bron: OpenBSD

Update-historie

Meer historie

Reacties


Er zijn nog geen reacties geplaatst

Op dit item kan niet meer gereageerd worden.


Apple iPhone X Google Pixel 2 XL LG W7 Samsung Galaxy S9 Google Pixel 2 Far Cry 5 Microsoft Xbox One X Apple iPhone 8

Tweakers vormt samen met Tweakers Elect, Hardware.Info, Autotrack, Nationale Vacaturebank en Intermediair de Persgroep Online Services B.V. © 1998 - 2018 Hosting door True

*