BSDSec

deadsimple BSD Security Advisories and Announcements

OpenBSD 7.6 released, Oct 8, 2024

------------------------------------------------------------------------
- OpenBSD 7.6 RELEASED -------------------------------------------------

October 8, 2024.

We are pleased to announce the official release of OpenBSD 7.6.
This is our 57th release.  We remain proud of OpenBSD's record of more
than twenty years with only two remote holes in the default install.

As in our previous releases, 7.6 provides significant improvements,
including new features, in nearly all areas of the system.

With this release all files that existed in the first commit in the
OpenBSD source repository have been updated, modified or replaced at some
point in time, reaching OpenBSD of Theseus.

 - Platforms specific improvements:
    o arm64:
       - Implemented Spectre-V4 mitigations for arm64.
       - Extended Spectre-BHB mitigation support to Cortex-A57.
       - Enable Enhanced Privileged Access Never (EPAN) when available
         on arm64.
       - Recognise Cortex-A520AE (Hayes AE) and Cortex-A720AE (Hunter
         AE) CPUs
       - Made the LEDs work on the SolidRun ClearFog CN9130 Base.
       - Added Qualcomm Snapdragon X Elite (X1E80100) support.
       - Implemented support for deeper idle states offered by PSCI,
         reducing idle power usage.
       - Populate arm64 HWCAP and HWCAP2 flags based on recognized
         feature bits and sanitized values of the ID register values.
       - Made the Samsung Galaxy Book4 Edge (x1e80100) boot in ACPI
         mode.
       - Used FEAT_RNG to feed entropy into the random subsystem on
         arm64 as on amd64.
    o amd64:
       - Mitigated the RFDS (Register File Data Sampling)
         vulnerability present in Intel Atom CPUs (requires updated
         firmware).
       - Implemented support for AVX-512.
       - Shortening of the dmesg(8) output by suppressing cache-info
         lines when they are identical to the previous CPU.
       - Streamlined the display of flag information of amd64 CPU
         flags in dmesg(8).
       - Added AMD Secure Encrypted Virtualization (SEV)-related
         information provided by cpuid to dmesg(8).
       - Implemented bounce buffering for AMD SEV in amd64 bus dma.
       - Implemented hardware masking for MSI and MSI-X on amd64.
       - Implemented wakeup interrupts on amd64.
       - Ensure that the deepest possible C-state is selected during
         suspend-to-idle on amd64 and i386.
       - Set the target ACPI to S5 when powering down amd64 (and i386)
         machines, rather than attempting to put devices into the D3
         power state.
       - Prevented livelocks on amd64 by avoiding caching pages
         belonging to memory ranges with a 'use' count to keep low
         pages available and avoid their exhaustion.
    o riscv64:
       - Use SBI calls to reboot or power down when supported by
         firmware.
       - Communicate cache-coherent DMA status via DMA tag for
         mainbus(4).
       - Support for Milk-V Pioneer board.
       - Enabled UVM percpu cache on riscv64.
    o powerpc:
       - Exported basic HWCAP bits to let applications detect Altivec
         and VSX on powerpc64.
       - Exported basic HWCAP bits to let applications detect Altivec
         on powerpc.
    o mips64:
       - Enabled uvm per-cpu page cache on mips64 (as well as sparc64
         and luna88k)
    o alpha:
       - Switched alpha to MI mplock code.
    o More platform specific changes can be found in the hardware
      support section below.

 - Various kernel improvements:
    o Reduced dmesg(8) output by only printing about PCI resource
      conflicts for resources that are enabled.
    o Deleted the msyscall mechanism, now replaced by the stricter
      mimmutable(2) and pinsyscalls(2).
    o Changed pledge(2), mmap(2)'s MAP_STACK and pinsyscalls(2) failures
      to use uprintf(9) rather than writing into dmesg(8).
    o Made witness(4) display lock cycles longer than two locks.
    o Made "show witness" display witness(4) lock subtypes in ddb(4).
    o Made ddb(4) print mbuf chain and packet list by implementing /c
      and /p modifiers in ddb show mbuf.
    o Repair printing of backtraces on arm64 ddb(4).
    o Added pathconfat(2): pathconf(2) but with at-fd and flags
      arguments, the latter supporting the ability to get timestamp
      resolution of symlinks.
    o Ensure that pmap_create(9) waits in the case of kernel virtual
      space shortage.
    o Made arc4random() depend on fewer subsystems by decoupling
      extract_entropy() from the enqueue_randomness() logic.
    o Ensure that concurrent calls to dequeue_randomness() will use some
      different events.
    o Work to support S0 sleep states, improving the suspend/resume
      experience on modern hardware.
       - Added an implementation of "suspend-to-idle" on amd64,
         enabling suspend on machines that don't support S3.
       - Began printing "S0ix" instead of "S0" on the acpi: sleep
         states line when FADT indicates FADT_POWER_S0_IDLE_CAPABLE,
         assuming that for these machines the vendors agree S0 suspend
         is as good or better than S3.
       - Added a temporary method to force S0 over S3 via
         machdep.lidaction=-1. We are not ready to choose S0-over-S3
         based on the S0ix bit in FADT, but this will allow testing.
       - Fixed suspend/resume related bugs in many drivers.
    o Made exit1() wait for sysctl(2) 'allprocess' loops to prevent
      possible kernel crash due to concurrent process exit1().
    o Prevented potential crash when fuse(4) uses the ufs inode.
    o Ensure that in all filesystems file names passed back by readdir
      name validation do not include a '/' character to avoid unexpected
      path traversal on untrusted file systems.
    o Fixed kernel crashing due to invalid printables in ELF binaries.
    o Increased the default buffer size for AF_UNIX from 8192 to 32768,
      avoiding a fatal error in sshd(8) that can be triggered when the
      network stack is pushed hard enough to consume most of the allowed
      memory.

 - SMP Improvements
    o Network
       - Allowed running UDP input on multiple CPU in parallel.
       - Made raw IPv4 and IPv6 sockets handle input in parallel.
       - Various improvements in the locking of unix4 and udp sockets.
       - Pushed socket lock down to sosend() for SOCK_RAW sockets.
       - Pushed socket lock down to sosend() and removed it from
         soreceive() paths for unix(4) sockets.
       - Switched AF_ROUTE sockets to the new locking scheme.
       - Mark the IP protocol GRE as MP safe from socket layer.
       - Removed kernel lock from socket splice idle timeout.
       - Removed kernel lock from shutdown(2) system call.
       - Run network protocol timer without kernel lock. TCP timers
         also run without kernel lock now.
       - Stopped using KERNEL_LOCK to protect the per process
         kqueue(2) list.
    o Sysctl
       - Used atomic operations to access integers in sysctl(2) making
         it mp-safe.
       - Removed net lock from sysctl(8) net.inet.ip.forwarding,
         net.inet6.ip6.forwarding, net.inet6.ip6.redirect,
         net.inet.ip.directed-broadcast.
       - Pushed kernel lock down to net_sysctl() to unlock uipc, bpf,
         pflow and pipex sysctl.
       - Removed kernel lock from various sysctl kern variables.
    o Stopped grabbing the kernel lock in kbind(2).
    o Added per-CPU caches to the pmemrange allocator.
    o Unlocked sigsuspend(2) and __thrsigdivert syscalls.
    o Converted SCHED_LOCK from a recursive kernel lock to a mutex.
    o Reworked per proc and per process time usage accounting, removing
      a SCHED_LOCK() dependency.

 - Direct Rendering Manager and graphics drivers
    o Updated drm(4) to Linux 6.6.52.
    o Support for Meteor Lake in inteldrm(4).

 - VMM/VMD improvements
    o Improve exposure of CPU features to virtual machines.
    o Fixed incorrect scaling when converting disk images in vmctl(8).
    o Dropped the vmm(4) and vmd(8) "continue" flag to simplify running
      a vcpu.
    o Added vmctl(8) "status -r" to limit the output of "vmctl status"
      to only running VMs.
    o Made vmm(4) update the host cr3 in the vmcs to allow vmx(4) to
      restore the proper cr3 value on the next vm exit.
    o Enabled AMD SEV support in vmm(4).
    o Added psp(4) ioctls to the "vmm" pledge to support AMD SEV and add
      an additional ioctl to support shutdown.
    o Set highest cpuid feature leaf based on host CPU in vmm(4), fixing
      Linux guests on older Intel hardware.
    o Implemented AMD SEV support in vmd(8). To enable SEV for a guest,
      use the parameter "sev" in the guest's vm section in vm.conf.5.
    o Fixed VPID leak on Intel VMX hosts.
    o Add ret-clean operation to interrupt dispatch assembly code.
    o Fixed DHCP request intercept when using local interfaces with
      vmd(8).

 - Various new userland features:
    o Added scandirat(3) from FreeBSD.
    o Added elf_aux_info(3), designed to let userland peek at AT_HWCAP
      and AT_HWCAP2, using an interface from FreeBSD.
    o Added missing function wcsnlen(3) to find length of a wide string
      (i.e. wcslen(3) with a max len argument).
    o Imported libva 2.22.0, an implementation for VA-API (video
      acceleration API). VA-API provides access to graphics hardware
      acceleration capabilities for video processing.
    o Added the option "-u name" to env(1) to remove a variable from the
      environment.

 - Various bugfixes and tweaks in userland:
    o Throughout the source tree, add missing error checks to calls of
      gmtime(3) and localtime(3).
    o Added missing error checks to all calls under libexec and sbin in
      case of ctime(3) and ctime_r(3) failures when timestamps are far
      off.
    o Audited programs that parse IP-adresses and replaced inet_aton(3)
      with better functions such as gethostbyname(3), getnameinfo(3),
      getaddrinfo(3), and inet_pton(3).
    o Added generic channel mapping in place of aucat(1) -j and -c
      options.
    o Allowed any device sample encoding in aucat(1).
    o Fixed a crash in sndiod(8) when the device is disconnected and the
      clients are not migrated to another device.
    o Made sndiod(8) discover new devices on SIGHUP and switch if a new
      device is higher priority (greater -F option number) than the
      current device.
    o Fixed sndiod(8) server.device entries disappearing when usb
      devices are unplugged while in use.
    o Fixed possible sndiod(8) crashes caused by a global table overread
      triggered by the client.
    o Switched pax(1) to write archives using the 'pax' format by
      default. Ramdisk versions will keep using ustar for writing.
    o Corrected detection of 'pax' format archives in pax(1) append
      mode.
    o Fixed a problem in pax(1) where the file list output was
      fully-buffered when used as part of a pipeline.
    o Fixed reading large pax(1) extended records.
    o Switched tar(1) write default format to 'pax'.
    o Added tar(1) -F option to select write format.
    o Used pathconfat(2) to compare mtimes for the pax(1) -u and -Z
      options when the target is "too old."
    o Added patch(1) "-V none" to prevent making any backups.
    o Fixed chroot(2) call in the lpd(8) control process.
    o Fixed a crash in ls(1) -l for files with bogus timestamp values.
    o Repaired malloc operation on systems where the malloc(3) page size
      is larger than the mmu page size.
    o In btrace(8), cache ELF .symtab, .strtab entries in sorted array
      to improve lookup cost from O(n) to O(lg n).
    o In libc, allow writing buffers larger than BUFSIZ or st_blksize,
      vastly improving write performance.
    o Made security(8) silently ignore setuid changes in relinked
      binaries to reduce false positives.
    o Added the flags NOPERM, STALLED, SWAPPABLE and DOOMED to pstat(8)
      -v output.
    o Rewrote dd(1) bytes/sec calculation to make signal handler safe on
      OpenBSD.
    o Added check in pwd_mkdb(8) preventing creation of a passwd(5)
      entry too large for getpwent(3).
    o Fixed cron(8) CVE-2024-43688: buffer underflow for very large step
      values.
    o Escaped newlines in file names in less(1).
    o Removed support for the less(1) LESSOPEN and LESSCLOSE environment
      variables.
    o Allowed the newsyslog(8) -F flag (Force trim logs) to be used on
      its own.
    o Added display of the current line number as percentage of the
      total lines in vi(1) ruler.
    o Ignored universal ctags extended metadata in tagaddress, making
      mg(1) search patterns work again.
    o Fixed mg(1) auto-indent-mode with custom tab widths.
    o Added handling for C-u modifier in M-! and M-| to mg(1).
    o Added an error message for sed(1) -i when the file is unwritable.
    o Fixed a bug in sed(1) where the pattern space is empty but does
      not start with a NUL character, which might occur after using the
      D command.
    o Ensure that giving UTF-8 command line arguments to apropos(1)
      allows searching in UTF-8 and ISO-Latin-1 encoded manual pages if
      the mandoc.db(5) was built makewhatis -T utf8.
    o Fixed a bug in mandoc(1) .Ql handling which could corrupt output.
    o Made gprof(1) output more compact.

 - Improved hardware support and driver bugfixes, including:
    o Added clocks for the RK3588 PWM controller to rkclock(4).
    o Added RK3588 TSADC clocks and resets to rkclock(4).
    o Added RK3588 eMMC clocks and resets to rkclock(4).
    o Added RK3588 support to rktemp(4).
    o Added support for using the power button function of the RK809 to
      rkpmic(4).
    o Added rkpmic(4) support for configuring sleep voltage settings
      based on device tree settings for the RK809.
    o Prevented rkpmic(4) power down after resume initiated by pressing
      the power button.
    o Added RK3588 support to rkusbphy(4).
    o Added dwmshc(4) support for the RK3588 eMMC controller.
    o Made the eMMC come up reliably on the RK3588 eMMC controller by
      resetting the status before executing a new command.
    o Added PCI support for ufshci(4).
    o Enabled UFS "Auto-Hibernation" in ufshci(4).
    o Added ufshci(4) support for suspend/resume.
    o Added hibernation support in ufshci(4).
    o Added ufshci(4) at fdt support, allowing boot of the Samsung
      Galaxy Book4 Edge in DT mode.
    o Fixed ufshci(4) alignment issue where a DMA transfer scheduled on
      an odd slot would fail.
    o Enabled ufshci(4) on amd64.
    o Added CH9102 support to uchcom(4).
    o Added support for the numpad on newer macppc Apple Powerbooks with
      ukbd(4), with Num Lock set as Fn+F6.
    o Added uchcom(4) support for the CH343 uart.
    o Prevented a hang when the nvme(4) controller has disconnected from
      the pcie bus.
    o Added support for NVMe passthrough commands to allow software to
      get information about nvme(4) disks.
    o Enabled hibernate/resume to nvme(4) disks with 4096 byte sectors.
    o Added bio(4) support to nvme(4).
    o Added nvme(4) sensors based on information in the SMART/health log
      page, showing overall device health and temperature.
    o Made acpibat(4) forward AC change notifications to acpiac(4),
      giving access to programs like apm(8).
    o Implemented sleep button and EC events as wakeup events in
      acpi(4).
    o Added qcgpio(4) support for the ACPI PCIO pins necessary to
      support the keyboard, touchpad and touchscreen on the Qualcomm
      Snapdragon X Elite (X1E80100) laptops Asus Vivobook S15 and Lenovo
      Yoga Slim 7x.
    o Made the touchpad on the Samsung Galaxy Book4 Edge work via
      qcgpio(4).
    o Added Meinberg PCI510 to mbg(4).
    o Introduced rpigpio(4), a driver for the RP1 GPIO controller on the
      Raspberry Pi 5.
    o Added support to have bcmpcie(4) as both PCIe bus and simplebus to
      enable use of the Raspberry Pi 5's RP1 I/O controller.
    o Fixed access to Alder Lake-N and Elkhart Lake eMMC.
    o Added psp(4) driver for the AMD Platform Security Processor.
    o Prevent a crash in the openfirmware driver if the temperature for
      a zone can't be read while polling it.
    o Implemented qcspmi(4) support for version 7 controllers.
    o Implemented MSI multiple-vector support in dwpcie(4).
    o Hooked up the Qualcomm UEFI Secure Application that handles EFI
      variables to efi(4) to allow access to EFI variables through
      ioctls on /dev/efi.
    o Fixed uaudio(4) failure to attach when interface number and
      interface index do not match and the wrong interface is claimed.
    o Fixed delayed level setting on audio(4) devices.
    o Introduced intelpmc(4), a driver for the power management
      controller found on various Intel SoCs.
    o Added battery sensors to qcpas(4).
    o Corrected audio drivers to inform children about suspend/resume
      related events.
    o Ensure that softraid(4) sensors are unregistered when the volumes
      are removed.
    o Fixed suspend/resume for ums(4) and umt(4).
    o Ensure that some Intel xhci(4) controllers fully power down by
      issuing a "save state" command on suspend.
    o Fixed xhci(4) issues after resume by giving some AMD Ryzen hHCI
      controllers the extra time they need to transition from D3 into
      D0.
    o Made acpi(4) use ACPI_WAK upon resume, potentially improving S3
      resume on some rare machines.
    o Made xhci(4) restore the saved state upon resume, needed for newer
      Intel xHCI controllers.
    o Skipped Controller Save State (CSS) and Controller Restore State
      (CRS) on AMD 17h/1xh xHCI to avoid problem with resume after
      introduction of CRS to xhci(4).
    o Corrected dwiic(4) to inform children of suspend/resume events and
      prevent sub-drivers racing against dwiic hardware
      re-initialization.
    o Eliminated some resume-hangs on dwiic(4) chips.
    o Added missing child activate handling in iatp(4).

 - New or improved network hardware support:
    o Implemented resetting the PHY via a GPIO pin in cad(4), helping to
      enable the PHY on the Raspberry Pi 5.
    o Fixed TCP Segmentation Offload bugs in ixl(4).
    o Added mcx(4) support for media types from the extended Ethernet
      capabilities fields, fixing a gigabit SFP in the ConnectX-6 Lx.
    o Enabled em(4) on powerpc64.
    o Added VLAN hardware tagging in igc(4).
    o Fixed jumbo frames in igc(4) for strict alignment architectures.
    o Exposed igc(4) hardware counters to kstat(1).
    o Added support for checksum offloading to dwqe(4).
    o Added VLAN hardware tagging in dwqe(4).
    o Improved stability of dwqe(4).
    o Mapped MSI-X in addition to MSI and INTx on rge(4).
    o Fixed TX descriptors DMA syncs in rge(4).
    o Added rge(4) support for the Realtek RTL8126 chip.
    o Improved bus_dmamap_syncs for rx ring descriptors on rge(4)
      hardware.
    o Supported building a single packet out of multiple rx descriptors
      in rge(4).
    o Attempted to leave a gap on the tx ring for rge(4)/re(4) to keep
      entries on the ring from being overwritten, preventing confusion
      of the chip and the tx completion code.
    o Prevented VPID leakage in vmx(4) by allocating at vcpu init.
    o Implemented TCP Segmentation Offload in vmx(4), igc(4) and vio(4).
    o Implemented TCP Large Receive Offload in vmx(4) and vio(4).
    o Enable checksum offloading and TCP Segmentation Offload for
      vlan(4) via vio(4).
    o Improved stability of vio(4).

 - Added or improved wireless network drivers:
    o Fixed qwx(4) display in ifconfig(8) showing a mix of 802.11 modes
      after switching APs.
    o Added a reset attempt for qwx(4) devices when firmware crashes.
    o Made qwx(4) offload TKIP and CCMP crypto to hardware, fixing ARP
      and IPv6 multicast with WPA2.
    o Plugged a memory leak in qwx(4).
    o Fixed a qwx(4) interrupt storm during resume.
    o Fixed iwx(4) monitor mode after firmware update.
    o Prevented firmware panic when iwx(4) runs in monitor mode with
      addresses configured on the interface and leaving 11n/11ac mode
      directly for monitor mode.
    o Added support for Quectel EM060K to umb(4).
    o Fixed WEP on athn(4) USB hostap, preventing potential "key not
      installed for sw crypto" panic.

 - IEEE 802.11 wireless stack improvements and bugfixes:
    o Prevented potential firmware errors in Intel wifi drivers when APs
      send an ADDBA request early.

 - Installer, upgrade and bootloader improvements:
    o Implemented support for the RISC-V UEFI Boot Protocol.
    o Implemented the chmod a-x bsd.upgrade trick in the sparc64 ofwboot
      bootloader.
    o Added boot.conf(8) "machine idle [secs]" to halt at idle
      passphrase prompts for efi(4) systems.
    o Made installboot(8) run again after fw_update(8) on Apple silicon
      to pick up Apple boot firmware.
    o Stopped sysupgrade(8) from enforcing the next version key if
      installing a snapshot.
    o Included BUILDINFO file in the iso/img files and installed it in
      the miniroot if available, to be used in the future in
      sysupgrade(8).
    o Use BUILDINFO to make sure sysupgrade(8) doesn't install an older
      snapshot over a newer one.
    o Ensure that loading a device tree using the "mach dtb" command
      gives firmware a chance to make modifications by using the EFI
      devicetree fixup protocol.
    o Apple machines can now also use USB type-A ports for installation.

 - Security improvements:
    o Added -fret-clean option to the compiler, defaulting to off. This
      new option causes the caller to clean the return address off the
      stack after a call completes. The -fret-clean option was then
      enabled on amd64 for libc, libcrypto, ld.so, kernel, and all the
      ssh tools.
    o Expose branch target identification (BTI) to userland and make
      LLVM generate code with BTI instructions.
    o Enabled PAC in addition to BTI on arm64 such that JIT code matches
      the default branch protection provided by our base compiler.
    o Limit NFS connections to originate from a reserved port, but
      permit null requests (aka server pings) from non-reserved ports in
      nfs.
    o Made local ports bound during connect(2) unique per laddr rather
      than globally unique.
    o Enforced the pinsyscalls(2) rules on non-static/ld.so/libc.so text
      segments.
    o Added pledge and unveil to rpcinfo(8).
    o Added AUDIO_GETDEV ioctl to "audio" pledge(2).

 - New features in the network stack:
    o Made PPP interfaces to run in an rdomain(4) and install a default
      route in the same routing domain.
    o Introduced rport(4) for point-to-point layer 3 connectivity
      between routing domains. Similar to pair(4) but is more efficient
      as it does not add Ethernet headers.
    o Implement IPv6 forwarding IPsec only (sysctl
      net.inet6.ip6.forwarding = 2),the equivalent to
      net.inet.ip.forwarding = 2 for IPv4.
    o Added BIOCSETFNR to bpf(4), like BIOCSETF without resetting the
      buffer or stats.
    o Implemented SO_ACCEPTCONN in getsockopt(2) which can be used to
      check if listen(2) was called and the socket is accepting
      connections.

 - Further changes and bugfixes in the network stack:
    o Expose aggr(4) per port information via kstat(1).
    o Restrict listen(2) to sockets of type SOCK_STREAM or
      SOCK_SEQPACKET.
    o Prohibit userland changes of the interface loopback flag,
      preventing a potential kernel crash.
    o Split single TCP inpcb hash table into separate hash tables for
      IPv4 and IPv6, to help the ongoing work to improve SMP
      performance.
    o Use route cache function in IP input.
    o Implemented rule 5.5 of RFC 6724 (Default Address Selection for
      IPv6) to prefer addresses in a prefix advertised by the next-hop.
    o Stop storing full IPv6 packet in common forwarding case. Instead
      of storing a copy of the full IPv6 packet for the possible need to
      generate an ICMP6 packet. Instead only store the header. In most
      cases this can be kept on the stack resulting in speedup and less
      memory use.
    o Fixed bridging IPv6 fragments with pf reassembly. When output by
      veb(4) and bridge(4), the packets were not refragmented.
    o Fixed source and drain confusion in socket splicing somove(),
      improving performance in a corner case.
    o Drop packets if forwarding of IPsec packets only (sysctl
      net.inet.ip.forwarding = 2) is configured, but no IPsec policy is
      defined.
    o If IP forwarding is IPsec only, do not send ICMP redirect and do
      not accept ICMP redirect packets.

 - The following changes were made to the pf(4) firewall:
    o Added display of pf(4) fragment reassembly counters to pfctl(8)
      and systat(1).
    o Fixed pfsync(4) TCP-state not being updated for destination
      connection peer and reduced excessive pfsync traffic.
    o Allow users to define tables inside an anchor in the same way they
      can define global tables in pf.conf(5). Previously this required a
      separate pfctl -a foo -t bar invocation.

 - Routing daemons and other userland network improvements:
    o IPsec support was improved:
       - Added RADIUS support to iked(8), including authentication,
         accounting and "Dynamic Authorization Extensions" (DAE).
       - Fixed a bug where sasyncd(8) couldn't restore SAs.
    o More RADIUS changes:
       - In npppd(8), modified IPCP to use nameservers from RADIUS.
       - Added Dynamic Authorization Extensions (DAE) for RADIUS
         server to npppd(8).
       - Added support for RADIUS accounting configurable in
         radiusd.conf(5).
       - Changed radiusd.conf(5) syntax for "module" to take a {}
         block and "authentication" to go without. Specifying a
         "module" path is now optional.
       - Introduced radiusd_ipcp(8), a module providing IP
         configuration which manages the IP address pool.
       - Added radiusd_file(8) module, providing authentication by a
         local file.
       - Kept radiusd(8) number of requests for a DAE server below 64
         to avoid congestion.
       - Added radiusctl(8) ipcp delete command to delete the
         specified session without requesting disconnection.
    o In bgpd(8),
       - Repair a withdraw desynchronization problem in bgpd(8).
       - Double peer description length to 64 characters.
       - Improve handling of bgpd AFI IPv4 sessions over IPv6 only
         links.
       - Sessions over IPv6 link-local addresses are now always
         considered to be connected.
       - Allow operators to enforce the presence of certain
         capabilities.
       - Improve capability negotiation and remove 'announce
         capabilities'. The 'announce capabilities [yes|no]' neighbor
         config option needs to be removed from configuration files.
         Instead individual capabilities need to be disabled.
       - Improve negotiation of the multi-protocol capability and the
         fallback to IPv4 only mode.
       - Mark RTR and IPv6 BGP packets with DSCP CS6 (network
         control).
       - Increase RTR PDU limit to 48k and limit number of SPAS to
         10'000.
       - Convert the remaining session engine parsers to the new ibuf
         API.
       - Filtered prefixes are now included in the Local-RIB if the
         config option 'rde rib Loc-RIB include filtered' is set.
       - Add 'bgpctl show rib filtered' to show filtered prefixes.
       - Add 'min-version' RTR config option and default to RTR
         version 1. Set min-version to 2 to enable
         draft-ietf-sidrops-8210bis-14 and ASPA support or better
         define the ASPA table in the config.
       - Adjust RTR ASPA pdu parser to follow
         draft-ietf-sidrops-8210bis-14
       - Check the max_prefix and max_out_prefix limits on config
         reload.
       - Fix race condition between TCP-MD5 key removal and session
         closure to ensure all messages are sent with the proper
         TCP-MD5 signature.
       - Fix 'nexthop qualify via bgp' by re-evaluating the nexthops
         when a BGP route is added to the FIB.
       - Handle the CLUSTER_LIST attribute according to RFC7606.
       - Fix some undefined or non-portable behaviour when handling
         NULL / 0-sized objects.
    o rpki-client(8) saw these and more changes:
       - Impose same-origin policy for RRDP.
       - Introduce tiebreaking for trust anchors. This prevents
         certain forms of replay attack.
       - Fix internal identification of CA resource certificates.
       - Verify self-signage for trust anchors.
       - Introduce a check for filenames as presented by publication
         points.
       - Improved compliance with RFCs 6487 and 8209 for certificates
         and CRLs.
       - Presence of CMS signing-time is now enforced and presence of
         CMS binary-signing-time is disallowed, per RFC 9589.
       - Lowered the maximum acceptable manifest number to 2^159 - 1.
       - Limit number of validated ASPAs per customer ASID.
       - Ensure synchronization jobs are stopped when the timeout is
         reached.
       - Fix a corner case in repository handling. If the last RRDP
         repository failed to load, rpki-client would fail to fall
         back to rsync due to an ordering bug in the event loop.
       - Improve detection of duplicate file paths. Only trigger a
         duplicate error if a valid path is revisited otherwise a bad
         CA could prevent legitimate files from being considered
         valid.
       - Normalize internal representation of the caRepository to have
         a trailing slash and ensure that the rpkiManifest is a file
         inside it.
       - Avoid a quadratic complexity issue in ibuf_realloc() due to
         misuse of recallocarray(). Transferring a manifest with a
         large FileAndHash list across a privsep boundary could cost
         significant resources.
       - RRDP sessions are periodically reinitialized to snapshot at
         random intervals.
       - Signed Prefix List statistics are now only emitted when
         rpki-client is run with -x.
       - The -r command line option formerly enabling RRDP has long
         been the default and is now removed.
       - The CRL number extension in CRLs is checked to be in the
         range [0..2^159-1]. The CRL number is otherwise ignored.
    o In smtpd(8),
       - Set ORIGINAL_RECIPIENT in the environment of MDA scripts for
         postfix compatibility.
       - Add documentation on the expected behaviour and environment
         of MDAs.
       - Fixed smtpd(8) IPv6 address parsing in file-backed table(5).
       - Added smtpd-tables(7), an API to implement table(5) for
         smtpd(8).
       - Introduced a new smtpd(8) K_AUTH service to allow offloading
         the credentials to a table for non-crypt(3) authentication.
       - Implemented smtpd(8) report response for proc-filters as with
         built-in filters.
    o Network auto configuration improvements:
       - Introduced dhcp6leased(8), a daemon to acquire IPv6 prefix
         delegations from DHCPv6 servers.
       - Made rad(8) honor prefixes delegated by DHCPv6.
       - Implemented RFC 4191 Default Router Preferences in rad(8).
       - Made rad(8) send source link-layer address option in router
         advertisements, preventing Apple devices from installing an
         unusable default route.
       - Removed dhclient(8) binary.
    o Many other changes in various network programs and libraries:
       - Audited programs that parse IP-addresses and replaced
         inet_aton(3) with better functions such as gethostbyname(3),
         getnameinfo(3), getaddrinfo(3), and inet_pton(3).
       - Trimmed output of whois(1) to suppress some uninformative
         output by default, still accessible verbatim by using whois
         -S.
       - Removed obsolete whois(1) contact handle support.
       - Made spamd(8) advertise SMTPUTF8 and 8BITMIME extensions in
         EHLO, fixing potential interoperability issues when the real
         MTA supports those extensions.
       - Prevented TOCTOU issues in httpd(8) static file serving and
         auto index generation.
       - Added a "log" option to relayd.conf(5) rules.
       - Made relayd(8) host handle disable/enable commands from
         relayctl(8) correctly in case multiple redirect instances use
         the same host in relayd(8) tables.
       - Improved config validation in relayd(8) to prevent
         incompatibility with the length of names of redirects and
         tags in pf(4).
       - Made ftp(1) send HTTP 'Accept */*' headers.
       - Made ftp(1) send Host: headers with CONNECT requests when
         tunneling TLS over an HTTP proxy.
       - Added the 2024 root zone trust anchor to unwind(8).
       - Made netstat(1) display statistics about expensive mbuf
         operations, counting operations used to allocate mbufs or
         copy memory when memory layout is not optimal to find
         possible optimizations.

 - tmux(1) improvements and bug fixes:
    o Reduced tmux(1) escape-time default to 10 milliseconds (from 500).
    o Added display-menu -M to tmux(1) to always turn mouse on in a
      menu.
    o Added tmux(1) option allow-set-title to forbid applications from
      changing the pane title.
    o Prevented a crash if focusing a pane in tmux(1) that is exiting.
    o Added "N" to search backwards in tmux(1) tree modes.
    o Added tmux(1) "refresh-client -r" for control mode clients to
      provide OSC 10 and 11 responses to tmux so they can set the
      default foreground and background colors.
    o Changed tmux(1) extended-keys behavior to allow applications to
      enter mode 2 but not turn extended keys off entirely.
    o Added a tmux(1) prefix-timeout option to allow setting a period
      after which to ignore the prefix key if no others are pressed.
    o Ignored tmux(1) mouse move keys to prevent accidental prefix
      cancelation.
    o Displayed hyperlinks in tmux(1) copy mode and added
      copy_cursor_hyperlink format to get the hyperlink under the
      cursor.
    o Added search_count and search_count_partial formats in tmux(1)
      copy mode.
    o Revamped tmux(1) extended keys support to more closely match
      xterm1 and support mode 2 as well as mode 1.
    o Added mirrored versions of the main-horizontal and main-vertical
      layouts when the tmux(1) main pane is bottom or right instead of
      top or left.
    o Allowed REP to work with Unicode characters in tmux(1).

 - LibreSSL version 4.0.0
    o Portable changes
       - Added initial Emscripten support in CMake builds.
       - Removed timegm() compatibility layer since all uses were
         replaced with OPENSSL_timegm(). Cleaned up the corresponding
         test harness.
       - The mips32 platform is no longer actively supported.
    o Internal improvements
       - Cleaned up parts of the conf directory. Simplified some
         logic, fixed memory leaks.
       - Simplified X509_check_trust() internals to be somewhat
         readable.
       - Removed last internal uses of gmtime() and timegm() and
         replaced them with BoringSSL's POSIX time conversion API.
       - Removed unnecessary stat calls in by_dir.
       - Split parsing and processing of TLS extensions to ensure that
         extension callbacks are called in a predefined order.
       - Cleaned up the MD4 and MD5 implementations.
       - Assembly functions are no longer exposed in the public API,
         they are all wrapped by C functions.
       - Removed assembly implementations of legacy ciphers on legacy
         architectures.
       - Merged most multi-file implementations of ciphers into one or
         two C files.
       - Removed the cache of certificate validity. This was added for
         performance reasons which no longer apply since BoringSSL's
         time conversion API isn't slow. Also, a recently added error
         check led to obscure, undesirable validation failures.
       - Stopped calling OPENSSL_cpuid_setup() from the .init section
         on amd64 and i386.
       - Rewrote various BN conversion functions.
       - Improved certification request internals.
       - Removed unused DSA methods.
       - Improved X.509v3 extension internals. Fixed various bugs and
         leaks in X509V3_add1_i2d() and X509V3_get_d2i(). Their
         implementations now vaguely resemble code.
       - Rewrote BN_bn2mpi() using CBB.
       - Made most error string tables const.
       - Removed handling for SSLv2 client hello messages.
       - Improvements in the openssl(1) speed app's signal handler.
       - Cleaned up various X509v3_* extension API.
       - Unified the X.509v3 extension methods.
       - Cleaned up cipher handling in SSL_SESSION.
       - Removed get_cipher from SSL_METHOD.
       - Rewrote CRYPTO_EX_DATA from scratch. The only intentional
         change of behavior is that there is now a hard limit on the
         number of indexes that can be allocated.
       - Removed bogus connect() call from netcat.
       - Uses of atoi() and strtol() in libcrypto were replaced with
         strtonum().
       - Introduced crypto_arch.h which will contain the architecture
         dependent code and defines rather than the public
         opensslconf.h.
       - OPENSSL_cpu_caps() is now architecture independent.
       - Reorganized the DES implementation to use fewer files and
         removed optimizations for ancient processors and compilers.
    o New features
       - Added CRLfile option to the cms command of openssl(1) to
         specify additional CRLs for use during verification.
    o Documentation improvements
       - Removed documentation of no longer existing API.
       - Unified the description of the obsolete ENGINE parameter that
         needs to remain in many functions and should always be NULL.
    o Compatibility changes
       - Protocol parsing in libtls was changed. The unsupported
         TLSv1.1 and TLSv1.0 protocols are ignored and no longer
         enable or disable TLSv1.2 in surprising ways.
       - The dangerous EVP_PKEY*_check(3) family of functions was
         removed. The openssl(1) pkey and pkeyparam commands no longer
         support the -check and -pubcheck flags.
       - The one-step hashing functions, MD4(), MD5(), RIPEMD160(),
         SHA1(), all SHA-2, and HMAC() no longer support returning a
         static buffer. Callers must pass in a correctly sized buffer.
       - Support for Whirlpool was removed. Applications still using
         this should honor OPENSSL_NO_WHIRLPOOL.
       - Removed workaround for F5 middle boxes.
       - Removed the useless pem2.h, a public header that was added
         since it was too hard to add a single prototype to one file.
       - Removed conf_api.h and the public API therein.
       - Removed ssl2.h, ssl23.h and ui_compat.h.
       - Numerous conf and attribute functions were removed. Some
         unused types were removed, others were made opaque.
       - Removed the deprecated HMAC_Init() function.
       - Removed OPENSSL_load_builtin_modules().
       - Removed X509_REQ_{get,set}_extension_nids().
       - X509_check_trust() and was removed, X509_VAL was made opaque.
       - Only specified versions can be set on certs, CRLs and CSRs.
       - Removed unused PEM_USER and PEM_CTX types from pem.h.
       - Removed typedefs for COMP_CTX, COMP_METHOD, X509_CRL_METHOD,
         STORE, STORE_METHOD, and SSL_AEAD_CTX.
       - i2d_ASN1_OBJECT() now returns -1 on error like most other
         i2d_*.
       - SPKAC support was removed from openssl(1).
       - Added TLS1-PRF support to the EVP interface.
       - Support for attributes in EVP_PKEYs was removed.
       - The X509at_* API is no longer public.
       - SSL_CTX_set1_cert_store() and
         SSL_CIPHER_get_handshake_digest() were added to libssl.
       - The completely broken UI_UTIL password API was removed.
       - The OpenSSL pkcs12 command and PKCS12_create() no longer
         support setting the Microsoft-specific Local Key Set and
         Cryptographic Service Provider attributes.
    o Bug fixes
       - Made ASN1_TIME_set_string() and ASN1_TIME_set_string_X509()
         match their documentation. They always set an RFC 5280
         conformant time.
       - Improved standards compliance for supported groups and key
         shares extensions:
         - Duplicate key shares are disallowed.
         - Duplicate supported groups are disallowed.
         - Key shares must be sent in the order of supported groups.
         - Key shares will only be selected if they match the most
          preferred supported group by client preference order.
       - Fixed signed integer overflow in bnrand().
       - Prevent negative zero from being created via BN_clear_bit()
         and BN_mask_bits(). Avoids a one byte overread in
         BN_bn2mpi().
       - Add guard to avoid contracting the number linear hash buckets
         to zero, which could lead to a crash due to accessing a zero
         sized allocation.
       - Fixed i2d_ASN1_OBJECT() with an output buffer pointing to
         NULL.
       - Implemented RSA key exchange in constant time. This is done
         by decrypting with RSA_NO_PADDING and checking the padding in
         libssl in constant time. This is possible because the
         pre-master secret is of known length based on the size of the
         RSA key.
       - Rewrote SSL_select_next_proto() using CBS, also fixing a
         buffer overread that wasn't reachable when used as intended
         from an ALPN callback.
       - Avoid pushing a spurious error onto the error stack in
         ssl_sigalg_select().
       - Made fatal alerts fatal in QUIC.

 - OpenSSH 9.8 and OpenSSH 9.9
    o Security fixes
       - Fix a critical race condition in sshd(8) that could be used
         to obtain remote code execution.
       - Fix a logic error in ssh(1) that rendered the
         ObscureKeystrokeTiming option ineffective.
    o New features
       - ssh(1) and sshd(8) now support a new hybrid post-Quantum key
         exchange algorithm "mlkem768x25519-sha256" based on the
         recently-standardised FIPS 203 Module-Lattice Key
         Encapsulation Mechanism (ML-KEM) with ECDH using the X25519
         group.
       - Support for DSA keys is now disabled at compile time in all
         OpenSSH tools.
       - Support for pre-authentication compression has been removed
         from ssh(1) (it was removed from the server a long time ago).
       - The existing default post-quantum key exchange
         "sntrup761x25519-sha512@openssh.com" is now significantly
         faster in both ssh(1) and sshd(8), and is now available under
         the assigned name "sntrup761x25519-sha512".
       - Split sshd(8) into two separate processes: a listener binary
         and a new sshd-session binary that handles each connection.
       - sshd(8) will now penalise clients that connect without
         completing authentication, crash the server or perform other
         unwelcome activities. This behaviour is controlled via the
         PerSourcePenalties and PerSourcePenaltyExemptList
         sshd_config(5) options.
       - ssh(1) now allows the HostkeyAlgorithms option to disable the
         implicit fallback from certificate host keys to plain host
         keys.
       - The ssh_config(5) Include directive can now expand
         environment variables as well as the same set of %-tokens
         that are accepted for "Match Exec".
       - Add a new RefuseConnection directive to ssh_config(5) that
         will cause the connection to be immediately refused, and a
         corresponding "refuseconnection" penalty class that allows
         clients that have connections so refused to be penalised.
       - Add a new sshd_config(5) "invalid-user" Match predicate that
         allows matching on invalid usernames, e.g. to allow
         penalisation of account/password guessers.
       - Add additional protection to private keys from being included
         in core dumps.
    o Bugfixes
       - Many bugfixes. Please see the release notes at
         https://www.openssh.com/releasenotes.html#9.9 for the full
         list.

 - Ports and packages:
    o Pre-built packages are available for the following architectures on
      the day of release:
       - aarch64 (arm64): 12148
       - amd64: 12312
       - i386: 10534
       - mips64: 8629
       - powerpc64: 8314
       - sparc64: 8797
    o Packages for the following architectures will be made available as
      their builds complete:
       - arm
       - powerpc
       - riscv64

 - Some highlights:

    o Asterisk 16.30.1, 18.24.3 and   o Mozilla Firefox 130.0.1 and
      20.9.3                            ESR 128.2.0
    o Audacity 3.6.3                  o Mozilla Thunderbird 128.2.3
    o CMake 3.30.1                    o Mutt 2.2.13 and NeoMutt 20240425
    o Chromium 128.0.6613.137         o Node.js 20.17.0
    o Emacs 29.4                      o OCaml 4.14.2
    o FFmpeg 4.4.5                    o OpenLDAP 2.6.8
    o GCC 8.4.0 and 11.2.0            o PHP 8.1.29, 8.2.23 and 8.3.11
    o GHC 9.6.6                       o Postfix 3.9.0
    o GNOME 46                        o PostgreSQL 16.4
    o Go 1.23.1                       o Python 2.7.18 and 3.11.10
    o JDK 8u402, 11.0.24, 17.0.12     o Qt 5.15.13 (+ kde patches) and
      and 21.0.4                        6.6.3
    o KDE Applications 24.05.2        o R 4.4.1
    o KDE Frameworks 6.5.0            o Ruby 3.1.6, 3.2.5 and 3.3.5
    o KDE Plasma 6.1.4                o Rust 1.81.0
    o Krita 5.2.3                     o SQLite 3.44.2
    o LLVM/Clang 13.0.0, 16.0.6 and   o Shotcut 24.04.28
      17.0.6                          o Sudo 1.9.15.5
    o LibreOffice 24.8.1.2            o Suricata 7.0.6
    o Lua 5.1.5, 5.2.4, 5.3.6 and     o Tcl/Tk 8.5.19 and 8.6.13
      5.4.7                           o TeX Live 2023
    o MariaDB 10.9.8                  o Vim 9.1.707 and Neovim 0.10.1
    o Mono 6.12.0.199                 o Xfce 4.18.1

 - As usual, steady improvements in manual pages and other documentation.

 - The system includes the following major components from outside suppliers:
    o Xenocara (based on X.Org 7.7 with xserver 21.1.13 + patches,
      freetype 2.13.2, fontconfig 2.14.2, Mesa 23.3.6, xterm 393,
      xkeyboard-config 2.20, fonttosfnt 1.2.3, and more)
    o LLVM/Clang 16.0.6 (+ patches)
    o GCC 4.2.1 (+ patches) and 3.3.6 (+ patches)
    o Perl 5.38.2 (+ patches)
    o NSD 4.9.1
    o Unbound 1.21.0
    o Ncurses 6.4
    o Binutils 2.17 (+ patches)
    o Gdb 6.3 (+ patches)
    o Awk July 28, 2024 version
    o Expat 2.6.3
    o zlib 1.3.1 (+ patches)

------------------------------------------------------------------------
- SECURITY AND ERRATA --------------------------------------------------

We provide patches for known security threats and other important
issues discovered after each release.  Our continued research into
security means we will find new security problems -- and we always
provide patches as soon as possible.  Therefore, we advise regular
visits to

        https://www.OpenBSD.org/security.html
and
        https://www.OpenBSD.org/errata.html

------------------------------------------------------------------------
- MAILING LISTS AND FAQ ------------------------------------------------

Mailing lists are an important means of communication among users and
developers of OpenBSD.  For information on OpenBSD mailing lists, please
see:

        https://www.OpenBSD.org/mail.html

You are also encouraged to read the Frequently Asked Questions (FAQ) at:

        https://www.OpenBSD.org/faq/

------------------------------------------------------------------------
- DONATIONS ------------------------------------------------------------

The OpenBSD Project is a volunteer-driven software group funded by
donations.  Besides OpenBSD itself, we also develop important software
like OpenSSH, LibreSSL, OpenNTPD, OpenSMTPD, the ubiquitous pf packet
filter, the quality work of our ports development process, and many
others.  This ecosystem is all handled under the same funding umbrella.

We hope our quality software will result in contributions that maintain
our build/development infrastructure, pay our electrical/internet costs,
and allow us to continue operating very productive developer hackathon
events.

All of our developers strongly urge you to donate and support our future
efforts.  Donations to the project are highly appreciated, and are
described in more detail at:

        https://www.OpenBSD.org/donations.html

------------------------------------------------------------------------
- OPENBSD FOUNDATION ---------------------------------------------------

For those unable to make their contributions as straightforward gifts,
the OpenBSD Foundation (https://www.openbsdfoundation.org) is a Canadian
not-for-profit corporation that can accept larger contributions and
issue receipts.  In some situations, their receipt may qualify as a
business expense write-off, so this is certainly a consideration for
some organizations or businesses.

There may also be exposure benefits since the Foundation may be
interested in participating in press releases.  In turn, the Foundation
then uses these contributions to assist OpenBSD's infrastructure needs.
Contact the foundation directors at directors@openbsdfoundation.org for
more information.

------------------------------------------------------------------------
- HTTPS INSTALLS -------------------------------------------------------

OpenBSD can be easily installed via HTTPS downloads.  Typically you need
a single small piece of boot media (e.g., a USB flash drive) and then
the rest of the files can be installed from a number of locations,
including directly off the Internet.  Follow this simple set of
instructions to ensure that you find all of the documentation you will
need while performing an install via HTTPS.

1) Read either of the following two files for a list of HTTPS mirrors
   which provide OpenBSD, then choose one near you:

        https://www.OpenBSD.org/ftp.html
        https://ftp.openbsd.org/pub/OpenBSD/ftplist

   As of October 8, 2024, the following HTTPS mirror sites have the
   7.6 release:

        https://cdn.openbsd.org/pub/OpenBSD/7.6/            Global
        https://ftp.eu.openbsd.org/pub/OpenBSD/7.6/         Stockholm, Sweden
        https://ftp.hostserver.de/pub/OpenBSD/7.6/          Frankfurt, Germany
        https://ftp.bytemine.net/pub/OpenBSD/7.6/           Oldenburg, Germany
        https://ftp.fr.openbsd.org/pub/OpenBSD/7.6/         Paris, France
        https://mirror.aarnet.edu.au/pub/OpenBSD/7.6/       Brisbane, Australia
        https://ftp.usa.openbsd.org/pub/OpenBSD/7.6/        CO, USA
        https://ftp5.usa.openbsd.org/pub/OpenBSD/7.6/       CA, USA
        https://mirror.esc7.net/pub/OpenBSD/7.6/            TX, USA
        https://openbsd.cs.toronto.edu/pub/OpenBSD/7.6/     Toronto, Canada
        https://cloudflare.cdn.openbsd.org/pub/OpenBSD/7.6/ Global
        https://fastly.cdn.openbsd.org/pub/OpenBSD/7.6/     Global

        The release is also available at the master site:

        https://ftp.openbsd.org/pub/OpenBSD/7.6/            Alberta, Canada

        However it is strongly suggested you use a mirror.

   Other mirror sites may take a day or two to update.

2) Connect to that HTTPS mirror site and go into the directory
   pub/OpenBSD/7.6/ which contains these files and directories.
   This is a list of what you will see:

        ANNOUNCEMENT     armv7/        octeon/             root.mail
        README           hppa/         openbsd-76-base.pub sparc64/
        SHA256           i386/         packages/           src.tar.gz
        SHA256.sig       landisk/      packages-stable/    sys.tar.gz
        alpha/           loongson/     ports.tar.gz        xenocara.tar.gz
        amd64/           luna88k/      powerpc64/
        arm64/           macppc/       riscv64/

   It is quite likely that you will want at LEAST the following
   files which apply to all the architectures OpenBSD supports.

        README          - generic README
        root.mail       - a copy of root's mail at initial login.
                          (This is really worthwhile reading).

3) Read the README file.  It is short, and a quick read will make
   sure you understand what else you need to fetch.

4) Next, go into the directory that applies to your architecture,
   for example, amd64.  This is a list of what you will see:

        BOOTIA32.EFI*   bsd*            floppy76.img    pxeboot*
        BOOTX64.EFI*    bsd.mp*         game76.tgz      xbase76.tgz
        BUILDINFO       bsd.rd*         index.txt       xfont76.tgz
        INSTALL.amd64   cd76.iso        install76.img   xserv76.tgz
        SHA256          cdboot*         install76.iso   xshare76.tgz
        SHA256.sig      cdbr*           man76.tgz
        base76.tgz      comp76.tgz      miniroot76.img

   If you are new to OpenBSD, fetch _at least_ the file INSTALL.amd64
   and install76.iso.  The install76.iso file (roughly 702MB in size)
   is a one-step ISO-format install CD image which contains the various
   *.tgz files so you do not need to fetch them separately.

   If you prefer to use a USB flash drive, fetch install76.img and
   follow the instructions in INSTALL.amd64.

5) If you are an expert, follow the instructions in the file called
   README; otherwise, use the more complete instructions in the
   file called INSTALL.amd64.  INSTALL.amd64 may tell you that you
   need to fetch other files.

6) Just in case, take a peek at:

        https://www.OpenBSD.org/errata.html

   This is the page where we talk about the mistakes we made while
   creating the 7.6 release, or the significant bugs we fixed
   post-release which we think our users should have fixes for.
   Patches and workarounds are clearly described there.

------------------------------------------------------------------------
- X.ORG FOR MOST ARCHITECTURES -----------------------------------------

X.Org has been integrated more closely into the system.  This release
contains X.Org 7.7.  Most of our architectures ship with X.Org, including
amd64, sparc64 and macppc.  During installation, you can install X.Org
quite easily using xenodm(1), our simplified X11 display manager forked
from xdm(1).

------------------------------------------------------------------------
- PACKAGES AND PORTS ---------------------------------------------------

Many third party software applications have been ported to OpenBSD and
can be installed as pre-compiled binary packages on the various OpenBSD
architectures.  Please see https://www.openbsd.org/faq/faq15.html for
more information on working with packages and ports.

Note: a few popular ports, e.g., NSD, Unbound, and several X
applications, come standard with OpenBSD and do not need to be installed
separately.

------------------------------------------------------------------------
- SYSTEM SOURCE CODE ---------------------------------------------------

The source code for all four subsystems can be found in the
pub/OpenBSD/7.6/ directory:

        xenocara.tar.gz     ports.tar.gz   src.tar.gz     sys.tar.gz

The README (https://ftp.OpenBSD.org/pub/OpenBSD/7.6/README) file
explains how to deal with these source files.

------------------------------------------------------------------------
- THANKS ---------------------------------------------------------------

Ports tree and package building by Jeremie Courreges-Anglas,
Visa Hankala, Stuart Henderson, Peter Hessler, George Koehler,
Kurt Mosiejczuk, and Christian Weisgerber.  Base and X system builds by
Kenji Aoyama, Theo de Raadt, and Miod Vallat.  Release art by
Sue Doeksen.

We would like to thank all of the people who sent in bug reports, bug
fixes, donation cheques, and hardware that we use.  We would also like
to thank those who bought our previous CD sets.  Those who did not
support us financially have still helped us with our goal of improving
the quality of the software.

Our developers are:

    Aaron Bieber, Adam Wolk, Aisha Tammy, Alexander Bluhm,
    Alexander Hall, Alexandr Nedvedicky, Alexandr Shadchin,
    Alexandre Ratchov, Andrew Fresh, Anil Madhavapeddy,
    Anthony J. Bentley, Antoine Jacoutot, Anton Lindqvist, Asou Masato,
    Ayaka Koshibe, Benoit Lecocq, Bjorn Ketelaars, Bob Beck,
    Brandon Mercer, Brent Cook, Brian Callahan, Bryan Steele,
    Can Erkin Acar, Caspar Schutijser, Charlene Wendling,
    Charles Longeau, Chris Cappuccio, Christian Weisgerber,
    Christopher Zimmermann, Claudio Jeker, Dale Rahn, Damien Miller,
    Daniel Dickman, Daniel Jakots, Darren Tucker, Dave Voutila,
    David Coppa, David Gwynne, David Hill, Denis Fondras, Edd Barrett,
    Eric Faurot, Florian Obser, Florian Riehm, Frederic Cambus,
    George Koehler, Gerhard Roth, Giannis Tsaraias, Gilles Chehade,
    Giovanni Bechis, Gleydson Soares, Gonzalo L. Rodriguez, Greg Steuck,
    Helg Bredow, Henning Brauer, Ian Darwin, Ian Sutton, Igor Sobrado,
    Ingo Feinerer, Ingo Schwarze, Inoguchi Kinichiro, James Hastings,
    James Turner, Jan Klemkow, Jason McIntyre,
    Jasper Lievisse Adriaanse, Jeremie Courreges-Anglas, Jeremy Evans,
    Job Snijders, Joel Sing, Joerg Jung, Jonathan Armani, Jonathan Gray,
    Jonathan Matthew, Jordan Hargrave, Josh Rickmar, Joshua Sing,
    Joshua Stein, Juan Francisco Cantero Hurtado, Kazuya Goda,
    Kenji Aoyama, Kenneth R Westerback, Kent R. Spillner, Kevin Lo,
    Kirill Bychkov, Klemens Nanni, Kurt Miller, Kurt Mosiejczuk,
    Landry Breuil, Lawrence Teo, Lucas Gabriel Vuotto, Lucas Raab,
    Marcus Glocker, Mark Kettenis, Mark Lumsden, Markus Friedl,
    Martijn van Duren, Martin Natano, Martin Pieuchot, Martin Reindl,
    Martynas Venckus, Matthew Dempsky, Matthias Kilian, Matthieu Herrb,
    Michael Mikonos, Mike Belopuhov, Mike Larkin, Miod Vallat,
    Moritz Buhl, Nam Nguyen, Nayden Markatchev, Nicholas Marriott,
    Nigel Taylor, Okan Demirmen, Omar Polo, Ori Bernstein,
    Otto Moerbeek, Paco Esteban, Pamela Mosiejczuk, Pascal Stumpf,
    Patrick Wildt, Paul Irofti, Pavel Korovin, Peter Hessler,
    Philip Guenther, Pierre-Emmanuel Andre, Pratik Vyas,
    Rafael Sadowski, Rafael Zalamena, Raphael Graf, Remi Locherer,
    Remi Pointel, Renato Westphal, Ricardo Mestre, Richard Procter,
    Rob Pierce, Robert Nagy, Sasano Takayoshi, Scott Soule Cheloha,
    Sebastian Benoit, Sebastian Reitenbach, Sebastien Marie,
    Solene Rapenne, Stefan Fritsch, Stefan Hagen, Stefan Kempf,
    Stefan Sperling, Steven Mestdagh, Stuart Cassoff, Stuart Henderson,
    Sunil Nimmagadda, T.J. Townsend, Ted Unangst, Theo Buehler,
    Theo de Raadt, Thomas Frohwein, Tim van der Molen, Tobias Heider,
    Tobias Stoeckmann, Todd C. Miller, Todd Mortimer, Tom Cosgrove,
    Tracey Emery, Ulf Brosziewski, Uwe Stuehler, Vadim Zhukov,
    Vincent Gross, Visa Hankala, Vitaliy Makkoveev, Volker Schlecht,
    Yasuoka Masahiko, Yojiro Uo