OpenBSD 7.4,
the 55th release of the OpenBSD operating system.
The new release contains a number of innovations and improvements across a number of areas, including
- Mandatory enforcement of indirect branch targets [See earlier report].
viogpu(4)
, a VirtIO GPU driver [See earlier report].vmd(8)
has moved to a multi-process model forvirtio(4)
block and network devices [See earlier report].- Virtual machine owners can now override the boot kernel [See earlier report].
malloc(3)
now has built-in leak detection [See earlier report].
Chunk sizes are now fine-grained, and all chunks in the delayed free list are checked for write-after-free.- In LibreSSL 3.8.2, TLSv1.0 and TLSv 1.1 are disabled in
libssl
.
Ed25519 certificates are now supported in
openssl(1)
ca
and
req
. - In OpenSSH 9.5,
ssh-kengen(1)
generates Ed25519 keys by default.
Keystroke timing obfuscation has been added tossh(1)
[See earlier report].
The fingerprint of a newly generated host key is printed on first boot [See commit]. cron(8)
now supports random ranges with steps [See earlier report].shutdown(8)
/reboot(8)
now require membership of group_shutdown
[See earlier report].sec(4)
for Route Based IPSec VPNs [See earlier reports].- Soft updates (softdep) have been disabled for future VFS work [See earlier report].
- There has been a major rewrite of
pfsync(4)
[See earlier report]. - AMD processor microcode update is now supported [See earlier report].
ifconfig(8)
has a newwgdescr[iption]
option which allows labelling peers.
as well as the general churn of optimizations and fixes across the system.
Package counts (packages prebuilt for this release) for the more popular
architectures are
i386: 10603,
amd64: 11845,
aarch64: 11508,
sparc64: 8469,
<!–
powerpc64: NNNNN,
–>
with more to follow as bulk builds complete.
As always, the release is available for download from mirror sites all over the world;
be sure to pick one that is near you, network-wise!
Those upgrading from the 7.3 release (or earlier) should consult the
Upgrade Guide.
Thanks again to the developers for the dedicated effort that went into producing this new release!