BSDSec

deadsimple BSD Security Advisories and Announcements

OpenBSD 7.5 released: Apr 5, 2024

------------------------------------------------------------------------
- OpenBSD 7.5 RELEASED -------------------------------------------------

April 5, 2024.

We are pleased to announce the official release of OpenBSD 7.5.
This is our 56th release.  We remain proud of OpenBSD's record of more
than twenty years with only two remote holes in the default install.

As in our previous releases, 7.5 provides significant improvements,
including new features, in nearly all areas of the system:

 - Various kernel improvements:
    o Added bt(5) and btrace(8) support for binary modulo operator
      ('%').
    o Added a TIMEOUT_MPSAFE flag to timeout(9).
    o Added IBM encoded version of the "Spleen 8x16" font, usable as
      console font.
    o Cleanup and machine-independent refactoring of three context
      switch paths outside of mi_switch(): when a process forks and the
      new proc needs to be scheduled by proc_trampoline, cpu_hatch: when
      booting APs, and sched_exit: when a proc exits.
    o Made vscsi(4) 'vscsi_filtops' mpsafe and extended the
      'sc_state_mtx' mutex(9) to protect 'sc_klist' knotes list.
    o Made out-of-swap checking more robust, preventing potential
      deadlocks.
    o Eliminated the ioctl whitelist that bio(4) will tunnel for other
      devices, allowing bio to be used with other (non-raid) related
      devices.
    o On msdos filesystems, ensure that a complete struct fsinfo is read
      even if the filesystem sectors are smaller.
    o Implemented per-CPU caching for the page table page (vp) pool and
      the PTE descriptor (pted) pool in the arm64 pmap implementation.
      This significantly reduces the side-effects of lock contention on
      the kernel map lock and leads to significant speedups on machines
      with many CPU cores.
    o Implemented acpi(4) RootPathString support in the LoadTable() AML
      function, fixing OpenBSD boot on an older version of Hyper-V.
    o Fixed Linux NFS clients freezing after five minutes of inactivity.
    o Fixed core file writing when a file map into memory has later been
      truncated to be smaller than the mapping.
    o Disallow madvise(2) and msync(2) memory/mapping destructive
      operations on immutable memory regions. Instead return EPERM.
    o Added new amd64-only sysctl machdep.retpoline which says whether
      the cpu requires the retpoline branch target injection mitigation.
    o Added new accounting flag ABTCFI to acct(5) to indicate SIGILL +
      code ILL_BTCFI has occurred in the process.

 - SMP Improvements
    o Some network timers run without kernel lock.
    o TCP syn cache timer runs with shared net lock.
    o bind(2) and connect(2) system calls can run in parallel.
    o Packet counter for lo(4) loopback interface are MP safe.
    o Split protocol control block table for UDP into IPv4 and IPv6
      tables to allow concurrent access.
    o UDP packets can be sent in parallel by multiple threads.

 - Direct Rendering Manager and graphics drivers
    o Updated drm(4) to Linux 6.6.19.
    o New apldcp(4) and apldrm(4) drivers for Apple display coprocessor.

 - VMM/VMD improvements
    o Fixed IRQ storm caused by edge-triggered devices such as the UART.
    o Fixed block size calculation for vioscsi devices.
    o Added io instruction length to vm exit information, allowing
      vmd(8) to perform validation in userspace.
    o Adopted new imsg_get_*(3) api.
    o Rewrote vionet devices to allow zero-copy data transfers between
      host and guest.
    o Improved error messages related to getgrnam(3) usage and out of
      tap(4) device conditions.
    o Fixed various things found by smatch static analyzer.
    o Fixed various file descriptor lifecycle issues and leaks across
      fork(2)/ execve(2) usage.
    o Added multi-threading support to vionet device emulation,
      improving latency.
    o Fixed vmm(4) instability on Intel VMX hosts by updating GDTR & TR
      if vcpu moves host cpus.
    o Added EPT flushing upon vmm(4) enabling VMX mode.
    o Added branch predictor flushing if IBPB is supported.
    o Corrected restoring GDTR and IDTR limits upon VMX guest exit.
    o Corrected handling of CPUID 0xd subleaves
    o Added additional use of VERW and register clobbering to mitigate
      RFDS vulnerabilities on Intel Atom cores.

 - Various new userland features:
    o Made malloc(3) save backtraces to show in leak dump with depth of
      backtrace set via malloc option D (aka 1), 2, 3 or 4.
    o Added support for cksum(1) -c checking base64 digests in reverse
      mode.
    o Added kdump(1) [-p program] to filter dumps by basename.
    o Made ps(1) accept numerical user IDs.
    o Built and provide the tzdata.zi and leap-seconds.list files from
      zoneinfo. Some third-party software now expects these files to be
      installed. Provide the zonenow.tab file, a table where each row
      stands for a timezone where civil timestamps are predicted to
      agree from now on.
    o Added basic write support for pax(1) format archives.
    o Added 'pax' format support for files over 8GB to tar(1).
    o Added 'pax' format support for mtime and atime to tar(1).
    o Extended imsg and the ibuf buffer manipulation API with useful
      getter methods. Unified file descriptor passing in all imsg using
      programs with the use of the imsg_get_fd() function.
    o Added mkdtemps(3), identical to mkdtemp(3) except that it permits
      a suffix to exist in the template.
    o Added mktemp(1) suffix support for compatibility with the GNU
      version. It is now possible to use templates where the Xs are not
      at the end.

 - Various bugfixes and tweaks in userland:
    o Silenced list of specific firmware not needing update in
      pkg_add(1).
    o Improved ls(1) horizontal alignment in long format.
    o Added bioctl(8) retry on empty passphrase.
    o Fixed unveil(2) in patch(1) with explicit patchfile.
    o Made gnu99 the default for gcc 3.3.6 and 4.2.1 rather than
      defaulting to gnu89.
    o Enhanced fdisk(8) 'flag' to accept hex values.
    o Prevented fdisk(8) 'flag' from altering other GPT partition
      attributes when flagging a partition as the only bootable
      partition.
    o Allow fdisk(8) to add GPT partitions of protected types, making it
      possible to provision virtual machine images that need a "BIOS
      Boot" partition.
    o Added group handling matching fbtab(5) to xenodm.
    o Made grep(1) -m behavior match GNU grep.
    o Tweaked the default memory limits in /etc/login.conf on several
      architectures to account for increased memory requirements, for
      example when compiling or linking under user pbuild.
    o Initialize all terminals with "tset -I", thereby avoiding extra
      newlines to be printed.
    o Added mkhybrid(8) '-e' (-eltorito-boot-efi) option for writing an
      EFI eltorito boot image, in addition to or instead of the x86 boot
      image, to the output file.
    o Added openrsync(1) --omit-dir-times (-O) to omit directories from
      --times, as well as --no-O and --no-omit-dir-times options for
      compatibility.
    o Implemented openrsync(1) --omit-link-times (-J) option to omit
      symlinks from --times.
    o Added accounting flag and lastcomm(1) report for syscall pinning
      violations.
    o Added ktrace(1) and kdump(1) support to observe pinsyscall(2)
      violations.
    o Changed ftp(1) to avoid use of the interactive shell if -o is
      given.
    o Moved non-daemon services to run in a different rc(8) process
      group to avoid SIGHUP at boot.
    o Changed ld.so(1) to only load the first libc version encountered
      requested and substituting it for all further loads, ensuring that
      the libc version requested by an executable itself is the one
      loaded.
    o Significantly (for small programs) reduce the size of statically
      linked binaries by splitting several libc internal functions into
      separate compilation and thus linkage units. Specifically
      getpwnam(3) does not need the full YP socket setup and does not
      use all possible dbopen(3) database backends.
    o Added vi(1) showfilename set option to display the file name in
      the lower left corner.
    o Added backup of disklabel for softraid(4) chunks to security(8).

 - Improved hardware support and driver bugfixes, including:
    o New ampchwm(4) driver for Ampere Altra power telemetry.
    o New rkspi(4) driver for Rockchip SPI controller.
    o Support for RK806 PMIC in rkpmic(4).
    o Support for Allwinner H616 in sxisyscon(4), sxiccmu(4), sxipio(4),
      sximmc(4) and ehci(4).
    o Support for Allwinner D1 in sxidog(4), sxiccmu(4), sxipio(4),
      sximmc(4) and ehci(4).
    o Support for Aero and Sea SAS HBAs in mpii(4).
    o Support for SAS3816 and SAS3916 in mfii(4).
    o In xbf(4), allowed Xen to use backing store devices with 4K-byte
      sectors.
    o Added fanpwr(4) support for the Rockchip RK8602 and RK8603 voltage
      regulators.
    o Support keyboard backlights on Apple Powerbooks.
    o Added operating performance point info about each arm64 cpu and
      expose the states of thermal zones as kstats(1).
    o Overhauled ugold(4) temperature sensor identification logic and
      added support for additional devices.
    o Made uthum(4) TEMPer{1,2} devices display negative degC.
    o Improve support for audio devices that via attach multiple
      uaudio(4) drivers.
    o In nvme(4) don't create sd(4) devices larger than the namespace.
    o Fix nvme(4) decoding of status fields.

 - New or improved network hardware support:
    o Utilize full checksum offload capabilities of vio(4) and vmx(4).
    o TCP Segmentation Offload (TSO) is also used in bnxt(4) and em(4).
    o Enabled TCP Segmentation Offload (TSO) in ixl(4).
    o The Synopsys Ethernet Quality-of-Service Controller (dwqe(4)) is
      enabled for amd64.
    o Added initial support for Elkhart Lake Ethernet to dwqe(4).
    o Support for AX88179A in axen(4).
    o Intel I225 and I226 Ethernet Controller igc(4) enabled for
      sparc64.
    o Allwinner EMAC Ethernet Controller dwxe(4) enabled for riscv64.
    o Corrected wrong register offset macros for dwqe(4) DMA burst
      length.
    o Fixed Tx watchdog trigger and freeze in dwqe(4).
    o Updated rge(4) microcode, initialization and reset behavior.
    o Prevented a potential bnxt(4) crash after failure to bring up a
      queue.

 - Added or improved wireless network drivers:
    o Introduce qwx(4), a port of the Linux ath11k driver for QCNFA765
      devices. Available on the amd64 and arm64 platforms.
    o Fix Tx rate selection for management frames in iwx(4).
    o Fix iwx(4) loading the wrong firmware image on some devices.
    o Make bwfm(4) work with MAC addresses set via ifconfig lladdr.
    o Ensure that iwm(4) uses the 80MHz primary channel index announced
      in beacons.
    o Avoid using MCS-9 in iwm(4) Tx rate selection if 40 MHz is
      disabled to prevent firmware errors.
    o Ensure that iwm(4) and iwx(4) devices announce VHT capabilities in
      probe requests.
    o Fix bug in iwm(4), iwx(4), and iwn(4) which could result in some
      channels missing from scan results.
    o Enable iwm(4) on the arm64 platform.

 - IEEE 802.11 wireless stack improvements and bugfixes:
    o Ignore 40/80 MHz wide channel configurations which do not appear
      in the 802.11ac spec. This prevents device firmware errors which
      occurred when an access point announced an invalid channel
      configuration.

 - Installer, upgrade and bootloader improvements:
    o Add support for disk encryption in unattended installations with
      autoinstall(8), both with a plaintext passphrase or a keydisk.
    o Removed default sets answer in autoinstall(8) response file such
      that it now populates only with non-defaults.
    o Made fw_update(8) verify but not overwrite SHA256.sig.
    o Improved fw_update(8) output on errors and improved ftp error
      handling.
    o Added support in the installer to encrypt the root disk with a key
      disk.
    o Prevent re-starting the automatic upgrade on octeon and powerpc64,
      as is already done on other platforms.
    o Added CD install images to arm64.
    o Make the amd64 cdXX.iso and installXX.iso CD images bootable in
      EFI mode (by creating an EFI system partition containing the EFI
      boot loaders to be installed as an El Torito boot image).

 - Security improvements:
    o Introduce pinsyscalls(2): The kernel and ld.so(1) register the
      precise entry location of every system call used by a program, as
      described in the new ELF section .openbsd.syscalls inside ld.so
      and libc.so. ld.so uses the new syscall pinsyscalls(2) to tell the
      kernel the precise entry location of system calls in libc.so.
      Attempting to use a different system call entry instruction to
      perform a non-corresponding system call operation will fail and
      the process will be terminated with signal SIGABRT.
    o Removed support for syscall(2), the "indirection system call," a
      dangerous alternative entry point for all system calls.
      Together with pinsyscalls(2) this change makes it impossible to
      perform system call through any other way than the libc system
      call wrapper functions.
      Users of syscall(2), such as Perl and the Go programming language
      were converted to use the libc functions.
    o Added pledge(2) stdio before parsing pfkey messages to ipsecctl(8)
      -m and -s.
    o Tightened the pledge(2) in pax(1) in List and Append modes.
    o Created __OpenBSD versions of llvm cxa guard implementation using
      futex(2) with the correct number of arguments and without using
      syscall(2).
    o Improvements in Pointer Authentication (PAC) and Branch Target
      Identification (BTI) on arm64.

 - Changes in the network stack:
    o Enable IPv6 support in ppp(4)
    o Socket with sequenced packet type and control messages handle end
      of record correctly.
    o The routing table has a generation number. That means cached
      routes at sockets will be invalidated when the routing table
      changes. Especially with dynamic routing daemons local connections
      use the up to date route.
    o Route cache hits an misses are printed in netstat(1) statistics.
    o Prevented wg(4) getting stuck on peer destruction.
    o Made umb(4) delete any existing v4 address before setting a new
      one, allowing keeping of a working default route when the address
      changes.
    o Forwarded TCP LRO disabling to parent devices and disabled TCP LR0
      on bridged vlan(4) and default for bpe(4), nvgre(4) and vxlan(4).
    o Fixed race between ifconfig(8) destroy of an interface and the ARP
      timer.
    o Added statistics counters for the route cache, reporting cache
      hits and misses. This is shown in netstat(1) with netstat -s.

 - The following changes were made to the pf(4) firewall:
    o tcpdump on pflog(4) interface shows packets dropped by the default
      rule with the "block" action. Although the default rules is a
      "pass" rule, it blocks malformed packets. Now this is correctly
      logged.
    o Adjustments to keep up firewall aware of MP related changes in the
      network stack.
    o Fix handling of multiple -K(-k) options in pfctl(8), so behavior
      matches what's described in manual.
    o Make pfctl(8) show all tables in all anchors with pfctl -a "*"
      -sT.
    o Added check to ensure pfctl(8) -f won't accept a directory and
      install an empty ruleset.
    o Added validation for IPv4 packet options in divert(4).

 - Routing daemons and other userland network improvements:
    o IPsec support was improved:
       - Made iked(8) always prefer group from the initial KE payload
         as responder if supported.
       - Corrected renewal of expired certificates in iked(8).
       - Added an iked(8) debug message when no policy is found.
       - Implemented a per connection peerid for iked(8) control
         replies.
       - Made iked(8) trigger retransmission only for fragment 1/x to
         prevent each received fragment triggering retransmission of
         the full fragment queue.
       - Prevent routing loops by dropping already encrypted packets
         that are going through sec(4) again.
    o In bgpd(8),
       - Rewrite the internal message passing mechanism to use a new
         memory-safe API.
       - Rewrite most protocol parsers to use the new memory-safe API.
         Convert the UPDATE parser, all of RTR, as well as both the
         MRT dump code in bgpd and the parser in bgpctl.
       - Improve RTR logging, error handling and version negotiation.
    o rpki-client(8) saw these and more changes:
       - Add ability to constrain an RPKI Trust Anchor's effective
         signing authority to a limited set of Internet numbers. This
         allows Relying Parties to enjoy the potential benefits of
         assuming trust, but within a bounded scope.
       - Following a 'failed fetch' (described in RFC 9286), emit a
         warning and continue with a previously cached Manifest file.
       - Emit a warning when the remote repository presents a Manifest
         with an unexpected manifestNumber.
       - Improved CRL extension checking.
       - Experimental support for the P-256 signature algorithm.
       - A failed manifest fetch could result in a NULL pointer
         dereference or a use after free.
       - Reject non-conforming RRDP delta elements that contain
         neither publish nor a withdraw element and fall back to the
         RRDP snapshot.
       - Refactoring and minor bug fixes in the warning display
         functions.
       - The handling of manifests fetched via rsync or RRDP was
         reworked to fully conform to RFC 9286.
       - Fix a race condition between closing an idle connection and
         scheduling a new request on it.
       - The evaluation time specified with -P now also applies to
         trust anchor certificates.
       - Check that the entire CMS eContent was consumed. Previously,
         trailing data would be silently discarded on deserialization
         of products.
       - In file mode do not consider overclaiming intermediate CA
         certificates as invalid. OAA warning is still issued.
       - Print the revocation time of certificates in file mode.
       - Be more careful when converting OpenSSL numeric identifiers
         (NIDs) to strings.
       - Added support for RPKI Signed Prefix Lists.
       - Added an -x flag to opt into parsing and evaluation of file
         types that are still considered experimental.
       - Added a metric to track the number of new files that were
         moved to the validated cache.
       - Ensure that the FileAndHashes list in a Manifest contains no
         duplicate file names and no duplicate hashes.
    o In smtpd(8),
       - Add Message-Id as needed for messages received on the
         submission port.
       - Added support for RFC 7505 "Null MX" handling and treat an MX
         of "localhost" as it were a "Null MX".
       - Allow inline tables and filter listings in smtpd.conf(5) to
         span over multiple lines.
       - Enabled DSN for the implicit socket too.
       - Added the no-dsn option for listen on socket too.
       - Reject headers that start with a space or a tab.
       - Fixed parsing of the ORCPT parameter.
       - Fixed table lookups of IPv6 addresses.
       - Fixed handling of escape characters in To, From and Cc
         headers.
       - Run LMTP deliveries as the recipient user again.
       - Disallow custom commands and file reading in root's .forward
         file.
       - Do not process other users .forward files when an alternate
         delivery user is provided in a dispatcher.
       - Unify the table(5) parser used in smtpd(8) and makemap(8).
       - Allow to use table(5) mappings on various match constraints.
    o Many other changes in various network programs and libraries:
       - If a DNS name is configured as remote syslog server,
         syslogd(8) retries to resolve the loghost name periodically
         until it succeeds. UDP packets that get lost during that
         period are counted and logged later.
       - Added counting of dropped UDP packets to syslogd(8).
       - Prevented use after free of TLS context at syslogd(8)
         shutdown.
       - Introduced dhcpd(8) log output to stderr and '-v' option to
         make this output more verbose.
       - In dhcpd(8), made dhcp-options(5) recognize option
         ipv6-only-preferred (RFC8925).
       - Allowed dhcpleased(8) to request "IPv6-only preferred" and
         deconfigure IPv4 on the interface if the server replies with
         this option.
       - Fixed radiusd(8) to properly fixup MPPE-{Send,Recv}-Key and
         Tunnel-Password attributes of the response.
       - Added nochroot parameter to radiusd(8)
         module_drop_privilege() so that modules can use unveil(2)
         instead of chroot(2) if needed.
       - Ensured correct denominators when converting NTP fixed point
         values to double and vice-versa in ntpd(8).
       - In the resolver, do not short-circuit resolution of localhost
         when AI_NUMERICHOST is set. Ensure that a proper string is
         returned by getaddrinfo(3) when AI_CANONNAME or AI_FQDN is
         set.
       - Added ifconfig(8) support for specifying ports on the src
         address in tunnel endpoints of gif(4), gre(4) and related
         tunnel interfaces.
       - Added an ifconfig(8) endpoint command for "bridges" that use
         addresses as endpoints, usable to add static entries on
         interfaces like vxlan(4).
       - Tightened up relayd(8) HTTP header parsing.
       - Deferred relayd(8) relay_read_http header parsing until after
         line continuation, preventing potential request smuggling
         attacks.
       - Improved httpd(8) auto-index, adding human-readable file
         sizes and allowing per-column sorting.
       - Switched to using whois.internic.net for whois(1) -i.

 - tmux(1) improvements and bug fixes:
    o Made tmux(1) unzoom a window at the start of destroy so it doesn't
      happen later after the layout has been freed.
    o Prevented tmux(1) use of combined UTF-8 characters that are too
      long.
    o Corrected tmux(1) handling of window ops with no pane.
    o Removed flags from the prefix before comparing with the received
      key so that tmux(1) modifier keys with flags work correctly.
    o Increased buffer size to avoid truncating styles in tmux(1).
    o Added two new values for the tmux(1) destroy-unattached option to
      destroy sessions only if they are not members of sessions groups.

 - LibreSSL version 3.9.0
    o Portable changes
       - libcrypto no longer exports compat symbols in cmake builds.
       - Most compatibility symbols are prefixed with libressl_ to
         avoid symbol clashes in static links.
       - Fixed various warnings on Windows.
       - Removed assert pop-ups with Windows debug builds.
       - Fixed crashes and hangs in Windows ARM64 builds.
       - Improved control-flow enforcement (CET) support.
    o Internal improvements
       - Converted uses of OBJ_bsearch_() to standard bsearch(3).
       - Greatly simplified by_file_ctrl().
       - Simplified and cleaned up the OBJ_ API.
       - Cleaned up the EVP_Cipher{Init,Update,Final}(3)
         implementations.
       - Removed unused function pointers from X.509 stores and
         contexts.
       - A lot of cleanup and reorganization in EVP.
       - Removed all remaining ENGINE tentacles.
       - Simplified internals of X509_TRUST handling.
       - Made deletion from a lhash doall callback safe.
       - Rewrote BIO_dump*(3) internals to be less bad.
    o Documentation improvements
       - ENGINE documentation was updated to reflect reality.
       - Made EVP API documentation more accurate and less incoherent.
       - Call out some shortcomings of the EC_KEY_set_* API
         explicitly.
    o Testing and proactive security
       - Bug fixes and simplifications in the Wycheproof tests.
    o Compatibility changes
       - Added ChaCha20 and chacha20 aliases for ChaCha.
       - SSL_library_init(3) now has the same effect as
         OPENSSL_init_ssl().
       - EVP_add_{cipher,digest}() were removed. From the OBJ_NAME
         API, only OBJ_NAME_do_all*() remain. In particular, it is no
         longer possible to add aliases for ciphers and digests.
       - The thread unsafe global tables are no longer supported. It
         is no longer possible to add aliases for ciphers and digests,
         custom ASN.1 strings table entries, ASN.1 methods, PKEY
         methods, digest methods, CRL methods, purpose and trust
         identifiers, or X.509 extensions.
       - Removed the _cb() and _fp() versions of BIO_dump{,_indent}().
       - BIO_set() was removed.
       - BIO_{sn,v,vsn}printf() were removed.
       - Turn the long dysfunctional openssl(1) s_client -pause into a
         noop.
       - openssl(1) x509 now supports -new, -force_pubkey,
         -multivalue-rdn, -set_issuer -set_subject, and -utf8.
       - Support ECDSA with SHA-3 signature algorithms.
       - Support HMAC with truncated SHA-2 and SHA-3 as PBE PRF.
       - GOST and STREEBOG support was removed.
       - CRYPTO_THREADID, _LHASH, _STACK and X509_PURPOSE are now
         opaque, X509_CERT_AUX and X509_TRUST were removed from the
         public API.
       - ASN1_STRING_TABLE_get(3) and X509_PURPOSE_get0*(3) now return
         const pointers.
       - EVP_{CIPHER,MD}_CTX_init()'s signatures and semantics now
         match OpenSSL's behavior.
       - sk_find_ex() and OBJ_bsearch_() were removed.
       - CRYPTO_malloc(3) was fixed to use size_t argument.
         CRYPTO_malloc() and CRYPTO_free() now accept file and line
         arguments.
       - A lot of decrepit CRYPTO memory API was removed.
    o Bug fixes
       - Fixed aliasing issues in BN_mod_exp_simple() and
         BN_mod_exp_recp().
       - Fixed numerous misuses of X509_ALGOR_set0(3) resulting in
         leaks and potentially incorrect encodings.
       - Fixed potential double free in
         X509v3_asid_add_id_or_range(3).
       - Stopped using ASN1_time_parse() outside of libcrypto.
       - Prepared OPENSSL_gmtime(3) and OPENSSL_timegm(3) as public
         API wrappers of internal functions compatible with BoringSSL
         API.
       - Removed print_bin() to avoid overwriting the stack with 5
         bytes of " " when ECPK parameters are printed with large
         indentation.
       - Avoid a NULL dereference after memory allocation failure
         during TLS version downgrade.
       - Fixed various bugs in CMAC internals.
       - Fixed 4-byte overreads in GHASH assembly on amd64 and i386.
       - Fixed various NULL dereferences in PKCS #12 code due to
         mishandling of OPTIONAL content in PKCS #7 ContentInfo.
       - Aligned SSL_shutdown(3) behavior in TLSv1.3 with the legacy
         stack.
       - Fixed the new X.509 verifier to find trust anchors in the
         trusted stack.

 - OpenSSH 9.6 and OpenSSH 9.7
    o Security fixes
       - ssh(1), sshd(8): implement protocol extensions to thwart the
         so-called "Terrapin attack" discovered by Fabian Bäumer,
         Marcus Brinkmann and Jörg Schwenk. This attack allows a MITM
         to effect a limited break of the integrity of the early
         encrypted SSH transport protocol by sending extra messages
         prior to the commencement of encryption, and deleting an
         equal number of consecutive messages immediately after
         encryption starts. A peer SSH client/server would not be able
         to detect that messages were deleted.
         While cryptographically novel, the security impact of this
         attack is fortunately very limited as it only allows deletion
         of consecutive messages, and deleting most messages at this
         stage of the protocol prevents user authentication from
         proceeding and results in a stuck connection.
         The most serious identified impact is that it lets a MITM to
         delete the SSH2_MSG_EXT_INFO message sent before
         authentication starts, allowing the attacker to disable a
         subset of the keystroke timing obfuscation features
         introduced in OpenSSH 9.5. There is no other discernable
         impact to session secrecy or session integrity.
       - ssh-agent(1): when adding PKCS#11-hosted private keys while
         specifying destination constraints, if the PKCS#11 token
         returned multiple keys then only the first key had the
         constraints applied. Use of regular private keys, FIDO tokens
         and unconstrained keys are unaffected.
       - ssh(1): if an invalid user or hostname that contained shell
         metacharacters was passed to ssh(1), and a ProxyCommand,
         LocalCommand directive or "match exec" predicate referenced
         the user or hostname via %u, %h or similar expansion token,
         then an attacker who could supply arbitrary user/hostnames to
         ssh(1) could potentially perform command injection depending
         on what quoting was present in the user-supplied
         ssh_config(5) directive.
         OpenSSH 9.6 now bans most shell metacharacters from user and
         hostnames supplied via the command-line. This countermeasure
         is not guaranteed to be effective in all situations, as it is
         infeasible for ssh(1) to universally filter shell
         metacharacters potentially relevant to user-supplied
         commands.
         User/hostnames provided via ssh_config(5) are not subject to
         these restrictions, allowing configurations that use strange
         names to continue to be used, under the assumption that the
         user knows what they are doing in their own configuration
         files.
    o New features
       - ssh(1), sshd(8): add a "global" ChannelTimeout type that
         watches all open channels and will close all open channels if
         there is no traffic on any of them for the specified
         interval. This is in addition to the existing per-channel
         timeouts added recently.
         This supports situations like having both session and x11
         forwarding channels open where one may be idle for an
         extended period but the other is actively used. The global
         timeout could close both channels when both have been idle
         for too long.
       - All: make DSA key support compile-time optional, defaulting
         to on.
    o Bugfixes
       - sshd(8): don't append an unnecessary space to the end of
         subsystem arguments (bz3667)
       - ssh(1): fix the multiplexing "channel proxy" mode, broken
         when keystroke timing obfuscation was added. (GHPR#463)
       - ssh(1), sshd(8): fix spurious configuration parsing errors
         when options that accept array arguments are overridden
         (bz3657).
       - ssh-agent(1): fix potential spin in signal handler (bz3670)
       - Many fixes to manual pages and other documentation, including
         GHPR#462, GHPR#454, GHPR#442 and GHPR#441.
       - Greatly improve interop testing against PuTTY.

 - Ports and packages:
    o Pre-built packages are available for the following architectures on
      the day of release:
       - aarch64 (arm64): 12145
       - amd64: 12309
       - i386: 10830
       - mips64: 8674
       - powerpc64: 8469
       - riscv64: 10508
       - sparc64: 9432
    o Packages for the following architectures will be made available as
      their builds complete:
       - arm
       - powerpc

 - Some highlights:

    o Asterisk 16.30.1, 18.21.0 and   o Mozilla Thunderbird 115.8.1
      20.6.0                          o Mutt 2.2.13 and NeoMutt 20240201
    o Audacity 3.4.2                  o Node.js 18.19.1
    o CMake 3.28.3                    o OCaml 4.14.1
    o Chromium 122.0.6261.111         o OpenLDAP 2.6.7
    o Emacs 29.2                      o PHP 7.4.33, 8.0.30, 8.1.27,
    o FFmpeg 4.4.4                      8.2.16 and 8.3.3
    o GCC 8.4.0 and 11.2.0            o Postfix 3.8.6
    o GHC 9.6.4                       o PostgreSQL 16.2
    o GNOME 45                        o Python 2.7.18, 3.9.18, 3.10.13
    o Go 1.22.1                         and 3.11.8
    o JDK 8u402, 11.0.22, 17.0.10     o Qt 5.15.12 (+ kde patches) and
      and 21.0.2                        6.6.1
    o KDE Applications 23.08.4        o R 4.2.3
    o KDE Frameworks 5.115.0          o Ruby 3.1.4, 3.2.3 and 3.3.0
    o KDE Plasma 5.27.10              o Rust 1.76.0
    o Krita 5.2.2                     o SQLite 3.44.2
    o LLVM/Clang 13.0.0, 16.0.6 and   o Shotcut 23.07.29
      17.0.6                          o Sudo 1.9.15.5
    o LibreOffice 24.2.1.2.           o Suricata 7.0.3
    o Lua 5.1.5, 5.2.4, 5.3.6 and     o Tcl/Tk 8.5.19 and 8.6.13
      5.4.6                           o TeX Live 2023
    o MariaDB 10.9.8                  o Vim 9.1.139 and Neovim 0.9.5
    o Mono 6.12.0.199                 o Xfce 4.18.1
    o Mozilla Firefox 123.0.1 and
      ESR 115.8.0

 - As usual, steady improvements in manual pages and other documentation.

 - The system includes the following major components from outside suppliers:
    o Xenocara (based on X.Org 7.7 with xserver 21.1.11 + patches,
      freetype 2.13.0, fontconfig 2.14.2, Mesa 23.1.9, xterm 378,
      xkeyboard-config 2.20, fonttosfnt 1.2.3, and more)
    o LLVM/Clang 16.0.6 (+ patches)
    o GCC 4.2.1 (+ patches) and 3.3.6 (+ patches)
    o Perl 5.36.3 (+ patches)
    o NSD 4.8.0
    o Unbound 1.18.0
    o Ncurses 5.7
    o Binutils 2.17 (+ patches)
    o Gdb 6.3 (+ patches)
    o Awk January 22, 2024 version
    o Expat 2.6.0
    o zlib 1.3.1 (+ patches)

------------------------------------------------------------------------
- SECURITY AND ERRATA --------------------------------------------------

We provide patches for known security threats and other important
issues discovered after each release.  Our continued research into
security means we will find new security problems -- and we always
provide patches as soon as possible.  Therefore, we advise regular
visits to

        https://www.OpenBSD.org/security.html
and
        https://www.OpenBSD.org/errata.html

------------------------------------------------------------------------
- MAILING LISTS AND FAQ ------------------------------------------------

Mailing lists are an important means of communication among users and
developers of OpenBSD.  For information on OpenBSD mailing lists, please
see:

        https://www.OpenBSD.org/mail.html

You are also encouraged to read the Frequently Asked Questions (FAQ) at:

        https://www.OpenBSD.org/faq/

------------------------------------------------------------------------
- DONATIONS ------------------------------------------------------------

The OpenBSD Project is a volunteer-driven software group funded by
donations.  Besides OpenBSD itself, we also develop important software
like OpenSSH, LibreSSL, OpenNTPD, OpenSMTPD, the ubiquitous pf packet
filter, the quality work of our ports development process, and many
others.  This ecosystem is all handled under the same funding umbrella.

We hope our quality software will result in contributions that maintain
our build/development infrastructure, pay our electrical/internet costs,
and allow us to continue operating very productive developer hackathon
events.

All of our developers strongly urge you to donate and support our future
efforts.  Donations to the project are highly appreciated, and are
described in more detail at:

        https://www.OpenBSD.org/donations.html

------------------------------------------------------------------------
- OPENBSD FOUNDATION ---------------------------------------------------

For those unable to make their contributions as straightforward gifts,
the OpenBSD Foundation (https://www.openbsdfoundation.org) is a Canadian
not-for-profit corporation that can accept larger contributions and
issue receipts.  In some situations, their receipt may qualify as a
business expense write-off, so this is certainly a consideration for
some organizations or businesses.

There may also be exposure benefits since the Foundation may be
interested in participating in press releases.  In turn, the Foundation
then uses these contributions to assist OpenBSD's infrastructure needs.
Contact the foundation directors at directors@openbsdfoundation.org for
more information.

------------------------------------------------------------------------
- HTTPS INSTALLS -------------------------------------------------------

OpenBSD can be easily installed via HTTPS downloads.  Typically you need
a single small piece of boot media (e.g., a USB flash drive) and then
the rest of the files can be installed from a number of locations,
including directly off the Internet.  Follow this simple set of
instructions to ensure that you find all of the documentation you will
need while performing an install via HTTPS.

1) Read either of the following two files for a list of HTTPS mirrors
   which provide OpenBSD, then choose one near you:

        https://www.OpenBSD.org/ftp.html
        https://ftp.openbsd.org/pub/OpenBSD/ftplist

   As of April 5, 2024, the following HTTPS mirror sites have the
   7.5 release:

        https://cdn.openbsd.org/pub/OpenBSD/7.5/            Global
        https://ftp.eu.openbsd.org/pub/OpenBSD/7.5/         Stockholm, Sweden
        https://ftp.hostserver.de/pub/OpenBSD/7.5/          Frankfurt, Germany
        https://ftp.bytemine.net/pub/OpenBSD/7.5/           Oldenburg, Germany
        https://ftp.fr.openbsd.org/pub/OpenBSD/7.5/         Paris, France
        https://mirror.aarnet.edu.au/pub/OpenBSD/7.5/       Brisbane, Australia
        https://ftp.usa.openbsd.org/pub/OpenBSD/7.5/        CO, USA
        https://ftp5.usa.openbsd.org/pub/OpenBSD/7.5/       CA, USA
        https://mirror.esc7.net/pub/OpenBSD/7.5/            TX, USA
        https://openbsd.cs.toronto.edu/pub/OpenBSD/7.5/     Toronto, Canada
        https://cloudflare.cdn.openbsd.org/pub/OpenBSD/7.5/ Global
        https://fastly.cdn.openbsd.org/pub/OpenBSD/7.5/     Global

        The release is also available at the master site:

        https://ftp.openbsd.org/pub/OpenBSD/7.5/            Alberta, Canada

        However it is strongly suggested you use a mirror.

   Other mirror sites may take a day or two to update.

2) Connect to that HTTPS mirror site and go into the directory
   pub/OpenBSD/7.5/ which contains these files and directories.
   This is a list of what you will see:

        ANNOUNCEMENT     armv7/        octeon/             root.mail
        README           hppa/         openbsd-75-base.pub sparc64/
        SHA256           i386/         packages/           src.tar.gz
        SHA256.sig       landisk/      packages-stable/    sys.tar.gz
        alpha/           loongson/     ports.tar.gz        xenocara.tar.gz
        amd64/           luna88k/      powerpc64/
        arm64/           macppc/       riscv64/

   It is quite likely that you will want at LEAST the following
   files which apply to all the architectures OpenBSD supports.

        README          - generic README
        root.mail       - a copy of root's mail at initial login.
                          (This is really worthwhile reading).

3) Read the README file.  It is short, and a quick read will make
   sure you understand what else you need to fetch.

4) Next, go into the directory that applies to your architecture,
   for example, amd64.  This is a list of what you will see:

        BOOTIA32.EFI*   bsd*            floppy75.img    pxeboot*
        BOOTX64.EFI*    bsd.mp*         game75.tgz      xbase75.tgz
        BUILDINFO       bsd.rd*         index.txt       xfont75.tgz
        INSTALL.amd64   cd75.iso        install75.img   xserv75.tgz
        SHA256          cdboot*         install75.iso   xshare75.tgz
        SHA256.sig      cdbr*           man75.tgz
        base75.tgz      comp75.tgz      miniroot75.img

   If you are new to OpenBSD, fetch _at least_ the file INSTALL.amd64
   and install75.iso.  The install75.iso file (roughly 684MB in size)
   is a one-step ISO-format install CD image which contains the various
   *.tgz files so you do not need to fetch them separately.

   If you prefer to use a USB flash drive, fetch install75.img and
   follow the instructions in INSTALL.amd64.

5) If you are an expert, follow the instructions in the file called
   README; otherwise, use the more complete instructions in the
   file called INSTALL.amd64.  INSTALL.amd64 may tell you that you
   need to fetch other files.

6) Just in case, take a peek at:

        https://www.OpenBSD.org/errata.html

   This is the page where we talk about the mistakes we made while
   creating the 7.5 release, or the significant bugs we fixed
   post-release which we think our users should have fixes for.
   Patches and workarounds are clearly described there.

------------------------------------------------------------------------
- X.ORG FOR MOST ARCHITECTURES -----------------------------------------

X.Org has been integrated more closely into the system.  This release
contains X.Org 7.7.  Most of our architectures ship with X.Org, including
amd64, sparc64 and macppc.  During installation, you can install X.Org
quite easily using xenodm(1), our simplified X11 display manager forked
from xdm(1).

------------------------------------------------------------------------
- PACKAGES AND PORTS ---------------------------------------------------

Many third party software applications have been ported to OpenBSD and
can be installed as pre-compiled binary packages on the various OpenBSD
architectures.  Please see https://www.openbsd.org/faq/faq15.html for
more information on working with packages and ports.

Note: a few popular ports, e.g., NSD, Unbound, and several X
applications, come standard with OpenBSD and do not need to be installed
separately.

------------------------------------------------------------------------
- SYSTEM SOURCE CODE ---------------------------------------------------

The source code for all four subsystems can be found in the
pub/OpenBSD/7.5/ directory:

        xenocara.tar.gz     ports.tar.gz   src.tar.gz     sys.tar.gz

The README (https://ftp.OpenBSD.org/pub/OpenBSD/7.5/README) file
explains how to deal with these source files.

------------------------------------------------------------------------
- THANKS ---------------------------------------------------------------

Ports tree and package building by Jeremie Courreges-Anglas,
Visa Hankala, Stuart Henderson, Peter Hessler, George Koehler,
Kurt Mosiejczuk, and Christian Weisgerber.  Base and X system builds by
Kenji Aoyama, Theo de Raadt, and Miod Vallat.  Release art by
Stipan Morian.

We would like to thank all of the people who sent in bug reports, bug
fixes, donation cheques, and hardware that we use.  We would also like
to thank those who bought our previous CD sets.  Those who did not
support us financially have still helped us with our goal of improving
the quality of the software.

Our developers are:

    Aaron Bieber, Adam Wolk, Aisha Tammy, Alexander Bluhm,
    Alexander Hall, Alexandr Nedvedicky, Alexandr Shadchin,
    Alexandre Ratchov, Andrew Fresh, Anil Madhavapeddy,
    Anthony J. Bentley, Antoine Jacoutot, Anton Lindqvist, Asou Masato,
    Ayaka Koshibe, Benoit Lecocq, Bjorn Ketelaars, Bob Beck,
    Brandon Mercer, Brent Cook, Brian Callahan, Bryan Steele,
    Can Erkin Acar, Caspar Schutijser, Charlene Wendling,
    Charles Longeau, Chris Cappuccio, Christian Weisgerber,
    Christopher Zimmermann, Claudio Jeker, Dale Rahn, Damien Miller,
    Daniel Dickman, Daniel Jakots, Darren Tucker, Dave Voutila,
    David Coppa, David Gwynne, David Hill, Denis Fondras, Edd Barrett,
    Eric Faurot, Florian Obser, Florian Riehm, Frederic Cambus,
    George Koehler, Gerhard Roth, Giannis Tsaraias, Gilles Chehade,
    Giovanni Bechis, Gleydson Soares, Gonzalo L. Rodriguez, Greg Steuck,
    Helg Bredow, Henning Brauer, Ian Darwin, Ian Sutton, Igor Sobrado,
    Ingo Feinerer, Ingo Schwarze, Inoguchi Kinichiro, James Hastings,
    James Turner, Jan Klemkow, Jason McIntyre,
    Jasper Lievisse Adriaanse, Jeremie Courreges-Anglas, Jeremy Evans,
    Job Snijders, Joel Sing, Joerg Jung, Jonathan Armani, Jonathan Gray,
    Jonathan Matthew, Jordan Hargrave, Josh Rickmar, Joshua Sing,
    Joshua Stein, Juan Francisco Cantero Hurtado, Kazuya Goda,
    Kenji Aoyama, Kenneth R Westerback, Kent R. Spillner, Kevin Lo,
    Kirill Bychkov, Klemens Nanni, Kurt Miller, Kurt Mosiejczuk,
    Landry Breuil, Lawrence Teo, Lucas Raab, Marcus Glocker,
    Mark Kettenis, Mark Lumsden, Markus Friedl, Martijn van Duren,
    Martin Natano, Martin Pieuchot, Martin Reindl, Martynas Venckus,
    Matthew Dempsky, Matthias Kilian, Matthieu Herrb, Michael Mikonos,
    Mike Belopuhov, Mike Larkin, Miod Vallat, Moritz Buhl, Nam Nguyen,
    Nayden Markatchev, Nicholas Marriott, Nigel Taylor, Okan Demirmen,
    Omar Polo, Ori Bernstein, Otto Moerbeek, Paco Esteban,
    Pamela Mosiejczuk, Pascal Stumpf, Patrick Wildt, Paul Irofti,
    Pavel Korovin, Peter Hessler, Philip Guenther,
    Pierre-Emmanuel Andre, Pratik Vyas, Rafael Sadowski,
    Rafael Zalamena, Raphael Graf, Remi Locherer, Remi Pointel,
    Renato Westphal, Ricardo Mestre, Richard Procter, Rob Pierce,
    Robert Nagy, Sasano Takayoshi, Scott Soule Cheloha,
    Sebastian Benoit, Sebastian Reitenbach, Sebastien Marie,
    Solene Rapenne, Stefan Fritsch, Stefan Hagen, Stefan Kempf,
    Stefan Sperling, Steven Mestdagh, Stuart Cassoff, Stuart Henderson,
    Sunil Nimmagadda, T.J. Townsend, Ted Unangst, Theo Buehler,
    Theo de Raadt, Thomas Frohwein, Tim van der Molen, Tobias Heider,
    Tobias Stoeckmann, Todd C. Miller, Todd Mortimer, Tom Cosgrove,
    Tracey Emery, Ulf Brosziewski, Uwe Stuehler, Vadim Zhukov,
    Vincent Gross, Visa Hankala, Vitaliy Makkoveev, Volker Schlecht,
    Yasuoka Masahiko, Yojiro Uo