------------------------------------------------------------------------ - OpenBSD 7.2 RELEASED ------------------------------------------------- October 20, 2022. We are pleased to announce the official release of OpenBSD 7.2. This is our 53rd release. We remain proud of OpenBSD's record of more than twenty years with only two remote holes in the default install. As in our previous releases, 7.2 provides significant improvements, including new features, in nearly all areas of the system: - New/extended platforms: o Added support for Ampere Altra o Added support for Apple M2 o Added support for Lenovo ThinkPad x13s and other machines using the Qualcomm Snapdragon 8cx Gen 3 (SC8280XP) SoC. - Various kernel improvements: o Allowed bsd.rd and bsd/bsd.mp to boot on Oracle Cloud amd64 instances. o Added support for switching from glass console to serial console on arm64 systems that default to glass console. o pf(4) automatically allows IGMP and ICMP6 MLD packets with the router alert option. Special allow-opts rules are no longer needed for multicast discovery. o Fixed a pf(4) NULL dereference panic triggered by relayd(8). o Implement "show all routes" to print routing tables in ddb(4). o Added a method (ESC D) to enter ddb(4) on serial drivers that do not have a true BREAK mechanism. o Added "show all routes" and the ability to show individual routes (e.g. "show route 0xfffffd807e9b0000") to ddb(4). o Added a "show swap" command to ddb(4) to help debugging. o Count dropped network packets due to low memory in netstat(1). o Simplified machine command handling in ddb(4). o Changed to a simpler formula to calculate a default kern.maxthread value: 2*NPROCESS. o Enabled kstat(4), a device that exports kernel statistics that can be read by kstat(1). o Added CPU frequency sensors for each core on CPUs that have MPERF/APERF support. o Merged the UVM swap-backed and object-backed inactive page lists. o Fixed rwlock(9) implementation to be fair to writers. Previously, readers could grab the lock even if writers were waiting first. o Made the CPU frequency scaling duration relative to the load when in automatic mode on battery. o Fixed luna88k MULTIPROCESSOR kernels booting with CPU modules installed in arbitrary slots. o Added a missing kqueue(2) wakeup, found by a Go testcase hang. o Bumped the maximum number of supported CPUs to 256 on arm64. o Ensure uvm_swap_io() can succeed, even in out of memory situations, by reserving a second segment for the page daemon. o Ensured progress in the swapper by pre-allocating pages in a DMA-reachable region. o Made the page daemon consider pmemrange regions when trying to free pages from the inactive list. Previously the page daemon could use a lot of CPU without freeing a page because the global limits were satisfied. o Ensured that uvm_swap_get() will always sleep rather than returning an error. Previously an error could be returned to the fault handler which would result in processes dying when a system was under a lot of memory pressure. o Added support for using non-standard UARTs (such as the Synopsys DesignWare UART) as an early console. o Remove NexGen CPU identification code as the kernel cannot run on these CPUs anyway. o Remove Rise CPU identification code. o Dropped detection code for 386sx/386dx CPUs. OpenBSD/i386 hasn't actually supported running on either for some time. o Dropped detection code for Cyrix CPUs older than the Cyrix M2. o Implemented the fundamentals for suspend/resume on arm64. o Simplified TSC synchronization testing on amd64. o Corrected sparc64 ofwboot to default to the softraid(4) volume on the boot device to make root on softraid work out of the box on sparc64 and be more consistent with softraid boot on other architectures. o Removed the obsolete kern.nselcoll sysctl(2). o Changed mips64, octeon, and loongson to trigger deferred clock interrupts from splx(9). This isolates the clock interrupt schedule from the MD clock interrupt code. o Fixed a potential kernel panic when an msdos partition is out of space by fixing instances where msdosfs passed a NULL proc pointer to detrunc(). o Add a delay_init() function that helps on i386 and amd64 architectures in setting up delay_func for different timers and switching between them depending on their quality properties. This improves how timers backing delay(9) are managed. - SMP Improvements o Make route timer MP safe and use rttimer pool. o Use kernel lock to protect parts of ARP, ND6 and PPPoE that are not MP safe. Lookup of existing ARP entries is MP safe and can run in parallel. o Start up to 4 softnet tasks to run IP input and forwarding in parallel on multiple cores. o Run IPv4 packet reassembly in parallel. o Run IPv6 hop-by-hop options processing in parallel. o Add a mutex to rate limiting functions to make them MP safe. o Introduce mutex and reference counter for internet protocol control block. o Protect UDP, raw IP, and divert packet input routines with a per-socket mutex. o Protect recv(2) system call for UDP and raw IP packets with a per-socket mutex and shared netlock. Allows to receive packets while forwarding in parallel. o Protect multicast deliver loop for UDP and raw IP sockets with rwlock. o Only grab netlock in IGMP and MLD timer when necessary. o TCP slow timer runs without netlock. o Rework rwlock so that a writer will get the lock eventually. Readers cannot share the lock forever. This prevents starvation of the writer. o Run interface media ioctl with shared netlock so packets can be processed while running ifconfig(8). o btrace(8) can be used to debug reference counting. o Use MP safe refcount for interface addresses. o Unlocked kbind(2). o Unlocked the pledge(2) system call. o Made UNIX domain sockets locking per-socket rather than coarse locking of the entire domain sockets layer. - Direct Rendering Manager and graphics drivers o Updated drm(4) to Linux 5.15.69 o inteldrm(4): support for Alder Lake, Raptor Lake o Reimplemented the TTM page allocation code using bus_dma(9) APIs to make sure DMA addresses are translated properly on architectures with an IOMMU. This fixed amdgpu(4) and radeondrm(4) on powerpc64, sparc64, and arm64 machines with SMMU. o Implemented support for framebuffers that don't start on a page boundary (like those on the 2021 14" and 16" MacBook Pro). o Added handling for framebuffers where the first pixel isn't page-aligned to wsfb(4). o Fixed Xorg(1) when using the luna88k 1bpp framebuffer hardware. - VMM/VMD improvements o Improved error handling and logging in vmd(8) o Unify all internal structures and interfaces between vmd(8), vmctl(8) and vmm(4) to use bytes for memory and disk sizes. o Fix rebooting a received VM in vmd(8). o Have vmd(8) provide a copy of bios at 4g boundary. SeaBIOS and newer Linux kernels expect it there. o In vmd(8), fix off by one in VM memory range check. o In vmd(8), add support for MMIO assist. In vmm(4), send all port I/O emulation to userland. o Have vmd(8) compute i8254 read-back command latch from singular timestamp. o Improve the command line parsing in vmctl(8). o Let vmm(4) allow reading MSR_TSC on Intel hosts. o In vmm(4), reference count VMs and VCPUs. o In vmm(4), zero virtual addresses of VCPU state pages after freeing. o Fix `vmctl send` on Intel hosts by load the vmcs before reading VCPU registers in vmm(4). o Fix `vmctl receive` on Intel hosts by adding an additional fault type in vmm(4). o Add additional dt(4) tracepoints in various vmm(4) codepaths. o Add snmpd(8) AgentX support based around VM-MIB (RFC7666). - Various new userland features: o Replaced rc.d(8) $rcexec variable with an rc_exec function. This will require a mechanical change from ${rcexec} to rc_exec in rc.d scripts. Kept compatibility to give people a chance to fix their custom scripts. o Introduced a new daemon_execdir variable to rc.d(8) for changing to a specified directory before running rc_exec. o Added ts(1), a timestamp utility. o Add a new configtest action to rc.d(8) and rcctl(8) to check configuration syntax of a daemon. o Added forest (-f) mode to ps(1). - Various bugfixes and tweaks in userland: o Fixed openrsync(1) on sparc64 by eliminating a redundant second conversion of the int value from little to host endian. o Added connection timeout functionality to openrsync(1) via the --contimeout option. o Set the default openrsync(1) connection timeout that rpki-client(8) uses to 15 seconds. o Made use of the fact that repositories are unique objects in pkg_add(1) and annotated the quirks repository as cached, allowing for a large speed increase. o Enabled pkg_add(1) caching by default. o Changed the tied algorithm in pkg_add(1) to prevent O(n^2) behavior when packages contain several hundred copies of the same file. o Added a "processing" message for when pkg_add(1) is transferring data to inform the user that pkg_add is still working. o Added missing uuid_dec_le() to init_gp() so fdisk(8) -A works on big-endian architectures. o Aligned fdisk(8) logic with that used in the kernel to allow the protective EFI GPT partition to be in MBR partitions 0-3, not just 0. o Prevented use of "-u" when fdisk(8) is operating on GPT formatted disks. o Stopped telling fdisk(8) that macppc HAS_MBR. o Made fdisk(8) reject input of excessive length. o Fixed an fdisk(8) regression to allow editing an MBR of all zeroes. o Changed fdisk(8) to restrict user actions if neither GPT nor MBR structures can be found on the disk. o Made fdisk(8) print a warning when an MBR partition starts or extends past the end of the device. o Made fdisk(8) print a warning when a GPT partition start or end is outside the usable LBA area of the device. o Made fdisk(8) display "Microsoft basic data" instead of "FAT12" for GPT_UUID_MSDOS partitions. o Made fdisk(8) print GPT attributes in verbose output. o Made fdisk(8) use the correct GPT bootable attribute bit. o Made fdisk(8) not spoof GPT partitions with the attribute REQUIRED. o Made fdisk(8) ensure GPT headers, table entries and usable area don't overlap each other. o Installed useful btrace(8) scripts in /usr/share/btrace. o Made btrace(8) execute the END probe upon receiving a SIGTERM signal. o Moved the wait for autoconf interfaces from rc(8) to netstart(8) to fix tunnel interfaces that depend on working autoconf interfaces. o Made netstart(8) create virtual interfaces up front if specified on the command line. o Changed rc.subr(8) to copy the message to stdout when using logger(1) to avoid needing to check syslog when running in debug mode. o Fixed kbd(8) so it doesn't fail silently when executed by a regular user. o In the sndio library, added the function sio_flush(3) to stop playback immediately. Altered sndiod(8) to wait until the buffer is drained before closing the device. o Made xterm(1) use a much safer FD-passing idiom for updating utmp(5). o Prevented a crash in vi(1) when cursor key support is disabled. o Updated vi(1) to apply expandtab to the output of a ! command. o Made mg(1) automatically delete trailing whitespace on RET in c-mode and auto-indent-mode. o Made grep(1) provide full context when using match count (-m) o Added the --null flag to grep(1) which makes grep print an ASCII NUL byte after the file name to make the output unambiguous. o Fixed multiple memory leaks in awk(1). o Changed compress(1) to print a more accurate message when -v is used with -k. o Fixed gzip(1) byte counts with 32-bit integers. o Fixed the growth check in compress(1) and gzip(1) in cases of small files or files with sufficiently random data. o Made timeout(1) -s accept HUP like kill(1) and GNU timeout(1) do. o Updated capitals and countries in the game quiz(6). o Set default sleep value of ico(1) to 10ms. o Fixed a bug in cron(8) where it could exit silently if ppoll(2) exited. Now it will log to syslog(3) instead of stderr. o Added llvm-profdata(1) to base so that ports can benefit from profiled builds. o Changed rc(8) to only attempt to set the yp(8) domainname if it has not been set yet. o Raised the "staff" login class data-size-cur on arm64 to be the same as that for amd64 in login.conf(5) (1536M). o Fixed patch(1) locate-hunk in empty files. o Fixed patch(1) in the case of reversing a patch that creates a file. o Added seconds to the uptime display of top(1). o Made putenv(3) return an error if the string starts with the '=' character. This matches the behavior on FreeBSD and NetBSD. o Fixed overflow of the number of errors in renice(8) by setting error instead of incrementing it. o Removed the "-c" compatibility option from vnconfig(8). o Stopped vnconfig(8) from printing the device name on failure. o Print a message when ld.so(1) fails inside execve(2) to clarify the failure mode when a dynamic executable is run while /usr isn't mounted. o Improved bioctl(8) RAID level parsing to check numeric levels before checking single character levels. This allows recognition of RAID 10 as a valid but unsupported level. o Fixed installboot(8) messaging when verbose (-v) and dry-run (-n) modes are combined with softraid(4). o Sped up wc(1) word counting. - Improved hardware support and driver bugfixes, including: o New aplaudio(4) driver for Apple audio subsystem. o New aplmca(4) driver for Apple MCA controller. o New aplsart(4) driver for Apple SART address filter. o New alpdc, apldchidev, apldckbd, apldcms, and aplrtk drivers for keyboard and trackpad on Apple M2 laptops. o New qcgpio(4) driver for Qualcomm Snapdragon GPIO controller. o New qciic(4) driver for Qualcomm Snapdragon GENI I2C controller. o New sfgpio(4) driver for SiFive GPIO controller. o New stfclock(4) driver for StarFive JH7100 clock controller. o New stfpinctrl(4) driver for StarFive JH7100 pin configuration. o New stftemp driver for StarFive JH7100 temperature sensor. o New sxirintc(4) driver for Allwinner wakeup interrupt controller. o New gpiorestart driver for system reset via GPIO pin. o Added support for more power sensors to ipmi(4). o Added support for the ehci(4) controller on Marvell 3720 boards. o Extended ksmn(4) to show CCD temperatures if available. o Fixed missing interrupts for trackpads on some machines after resume by making sure amdgpio(4) restores pin configuration on resume. o Added FIFO support and allow baud rate changes to pluart(4). o Added support for the Synopsys DesignWare UART found on the Ryzen Embedded V1000 SoCs to com(4). o Added xhci(4) support for the dual role controllers integrated on the Qualcomm Snapdragon 8cx gen 3 SoC. o Added support for using the power button to wake up from suspend to axppmic(4). o Modified pms(4) to discard relative movement packets outside of the [-127, 127] range to prevent cursor jumps when using the trackpoint on some Lenovo laptops. o Allowed spdmem(4) to attach to gdiumiic(4). o Make spdmem(4) attach on 2F-based loongson systems. o Added power button support to aplsmc(4). o Changed the mfii(4) RAID controller driver to allow the firmware more time to transition out of the UNDEFINED state. o Added Wacom One S (CTL-472) support to uwacom(4). - New or improved network hardware support: o Increased rx buffer size on uaq(4) to 62kB. o Repaired rge(4) hardware VLAN tagging. o Provide statistics via kstats for mvneta(4). o Enabled aq(4) on arm64. o Implemented and enabled IPv4, TCP, and UDP checksum offloading for igc(4). o Fixed a panic triggered by ifconfig bnxt0 down by changing bnxt(4) devices to not run rx and tx interrupt handlers when the interface is not running. o Introduced Large Receive Offloading of TCP segment offloading in ix(4). Also added a tso option to ifconfig(8) to enable and disable this feature. - Added or improved wireless network drivers: o Made device matching in iwx(4) more similar to Linux iwlwifi in order to recognize more devices. o Added support for AX210/AX211 devices to iwx(4). o Fixed iwx(4) setting of HT/VHT bits in rate flags of the Tx command that could cause a firmware panic. o Added handling of 9k devices which do not support antenna B to iwm(4). o Fixed bwfm(4) ifconfig media display on devices with sta_info command version 3. o Fixed a bwfm(4) crash during USB detach. o Fixed detection of the Rx data rate on rtl8192eu urtwn(4) devices. o Fixed integer overflows in the iwm(4) and iwx(4) firmware file parsers. - IEEE 802.11 wireless stack improvements and bugfixes: o Make sure drivers initialize all of ieee80211_rxinfo struct. - Installer, upgrade and bootloader improvements: o Fixed the watchdog in the installer so that it is reset after each download and each set installation. o Ensured that running sysupgrade(8) on -stable will move to the next release, not -current. o Added the -b option to sysupgrade(8) to set an alternative base directory to which the installation files will be downloaded. o Increased the disklabel(8) auto partitioner's maximum size for /usr to 30G. o Altered installer behavior so the vlan(4) question won't be asked unless another network interface exists. o Added support for wildcards in fw_update(8) patterns. o Added support for booting from RAID 1C softraid(4) volumes on amd64, sparc64 and arm64. o Added NFS client support to the luna88k RAMDISK kernel. o Made the EFI bootloader provide the extra parameters necessary to use non-standard UARTs on the AMD Ryzen Embedded V1000 SoCs as console. o Switched bootloaders to the extended BOOTARG_CONSDEV struct. o Added UFS2 support to landisk boot blocks. - Security improvements: o Implemented privilege separation in xlock(1). o Added privilege separation to snmpd(8). o The TZ environment variable no longer supports absolute paths, to fit better into the pledge(2) bypass model. o AF_UNIX socket bind(2) and connect(2) now follow unveil(2) configuration. o New ypconnect(2) system call creates a socket based upon the IP address encoded directly in a locked ypbinding file, thereby removing a horrible hack to support YP lookups in programs using strong pledge(2) rules. o Processes that pledge("vminfo") may now use the read-only swapctl(2) operations SWAP_NSWAP and SWAP_STATS providing information on swap devices. o Randomized the rekey interval of arc4random(3). o Reduce the attack surface by introducing a 'local bind' mode to ypldap(8). In this mode ypldap binds its RPC sockets to loopback, so YP services are only available to the host it's running on. ypldap writes the YP binding file in /var/yp/binding itself and replaces ypbind(8) and ypserv(8). This also implies that portmap(8) doesn't need to be running anymore when local bind mode is used. o Changed the /sbin daemons dhcpleased(8), mountd(8), nfsd(8), pflogd(8), resolvd(8), slaacd(8), and unwind(8) to be dynamically linked to allow them to benefit from all the additional mitigations that dynamically linked executables gain. NFS mounting of /usr must now use statically configured IP addresses. - Changes in the network stack: o Added the recvmmsg(2) system call that allows receiving multiple msghdrs at once, and the sendmmsg syscall that allows sending multiple msghdrs at once. o Relaxed address availability check for multicast(4) binds so processes listening for the same multicast address do not need to be the same UID. o Introduced dedicated link entries for snapshots to pfsync(4). o Changed pf(4) handling of IGMP and ICMP6 MLD packets to allow multicast control packets to work by default. o Made pf(4) more paranoid about IGMP/MLD messages. o Fixed a logic bug in pf_find_state() that could cause pf(4) to incorrectly block a packet. o Fixed pf(4) syncookies during fast TCP port reuse. o Fixed a bug in pf(4) where a pool defined like "172.16.0.0/16" would count as a pool size of one address. Also fixed random selection of source address to be uniform across the whole pool. o Fixed a kernel panic in pf(4) if IP options with an ICMP payload were truncated. Such packets will now be dropped instead. o Allow forwarding to and from IPs in the 240/4 range. o Corrected the Virtual Ethernet Bridge veb(4) to avoid calling if_enqueue from an smr critical section. o Reworked the kroute rttimer code to fix icmp_pmtu_timeout crashes. o Fixed an interrupt storm upon suspend on Amlogic arm64 boards. o Fixed a race between pflow_output_process() and pflow_clone_destroy() in pflow(4). o Added a missing input validation step to pipex(4) MPPE keylenbits. - Routing daemons and other userland network improvements: o IPsec support was improved: - Made iked(8) ignore any CERT payload after the first rather than failing the exchange when more than one CERT payload is received. - Added iked(8) support for sending certificate chains with intermediate CAs in multiple CERT payloads. - Added an OpenIKED Vendor ID payload in the iked(8) initial handshake to make it easier to handle interoperability problems with older versions in the future. - Added iked(8) connection statistics for successful and failed connections, error types, and other events that can be printed with "ikectl show stats". o In bgpd(8), - Implement max-communities filter to limit the number of allowed communities, ext-communities and large-communities. - Fix insertion of additional non-transitive extended communities when sending out prefixes. - Relax IP address limitation by allowing prefixes in 240/4. - Implement RFC 9234 - Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages. - Full support for RFC 7911 - Advertisement of Multiple Paths in BGP (ADD-PATH). - Improve FIB code, handle IPv6 scoped addresses properly. - Add bgplgd(8), a FastCGI server providing a REST API to execute bgpctl(8) commands. - Bugfix: bgpd(8) could fail to invalidate nexthops and incorrectly leave them in the FIB or Adj-RIB-Out. - Speedup bgpctl show rib 10/8 or-longer and show rib 10/8 or-shorter - Switch various static hash tables to RB trees improving performance on large systems - Export per neighbor pending update and withdraw statistics - Fix race between a neighbor session reset and its update message backlog - Improve handling of nexthop reachability state changes - Made sure only one bgpd(8) roa softreconfig runner is run at any time. o rpki-client(8) saw some changes: - Allowed more than one CRL URI in certificates. - Do not apply timezone offsets when converting X509 times. X509 times are in UTC and comparing them to times in different timezones would cause validity problems. - Add support for an operator-configurable skiplist facility. Operators can specify a list of FQDNs which should not be contacted when synchronizing the local cache to the network. - Emit a warning when a RRDP session serial number decreases. - DER decoding functions were refactored to leverage ASN.1 templates. - Add support to validate & inspect .sig files containing RPKI Signed Checklists in filemode (-f). (draft-ietf-sidrops-rpki-rsc-08) - Print various statistics after the completion of the main process. - Add support to decode & print TAL (RFC 8630) details in filemode (-f). - Emit objects in Concatenated JSON format when filemode (-f) and the JSON output flag (-j) are combined. - Add support for validating Autonomous System Provider Authorization (ASPA) objects conforming to draft-ietf-sidrops-aspa-profile-10. Validated ASPA payloads are visible in JSON and filemode (-f) output. - Set rsync(1) connection I/O idle timeout to 15 seconds. - Unify the maximum idle I/O and connect timeouts for rsync(1) & HTTPS. - rpki-client(8) now performs stricter EE certificate validation: o Disallow AS Resources extensions in ROA EE certificates. o Disallow Subject Information Access (SIA) extensions in RPKI Signed Checklist (RSC) EE certs. o Check the resources in ROAs and RSCs against EE certs. - Improve readability and add various information being printed in verbose mode. - Extend filemode (-f) output and print X.509 certificates in PEM format when increased verbosity (-vv) is specified. - Shorten the RRDP I/O idle timeout. - Introduce a deadline timer that aborts all repository synchronization after seven eights of timeout (-s). With this rpki-client has improved chances to complete and produce an output even when a CA is excessively slow. - Abort a currently running RRDP request process when the per-repository timeout is reached. - Permit multiple AccessDescription entries in SIA X.509 extensions. While fetching from secondary locations is not yet supported, rpki-client will not treat occurrence as a fatal error. - Resolve a potential for a race condition in non-atomic RRDP deltas. - Fix some memory leaks. - Improve compliance with the HTTP protocol specification. o In snmpd(8), - Allow object names to be used in addition to OIDs in snmpd.conf(5). - Better type hinting for debug logging. - Introduce a blocklist feature, which removes subtrees from view. - Reintroduce AgentX master support. - Move non-SNMP related metrics to their own AgentX based backend. - The snmpe process is now pledged stdio recvfd inet unix. - Imported snmpd_metrics(8). This allows those who need to use net-snmpd the ability to access base snmpd(8) metrics. o In ldapd(8), match password schemas case sensitive. o In ospfd(8), relax the limitations on what is an acceptable unicast IP. There are no more experiments in IPv4 and so there is less reason for network daemons to deny formerly experimental IP space. Multicast IPs (224/4) and loopback (127/8) are still disallowed. o Added check to acme-client(1) to ensure the challenge token is turned into a filename that is base64url encoded. o Added RFC 9234 "BGP Role" support to tcpdump(8) o Have tcpdump(8) print ASnumbers in 'asplain' format instead of the old 'asdot' format. o Fixed a crash in libpcap when it would walk off the end of the array performing frees. o Made -X connect SOCKS work with IPv6 addresses in nc(1). o Introduced a blocklist backend and keyword to snmpd(8), this deprecates filter-pf-addresses. o Changed dhclient(8) to defer to dhcpleased(8) by doing execve ifconfig and providing syslog warnings about deprecated options. o Implemented dig(1) support for SVCB and HTTPS record types. o Made resolvd(8) write /etc/resolv.conf in a more atomic manner. o Added a slowcgi(8) -t flag to change the request timeout. o Corrected handling of an abnormal FastCGI termination in httpd(8). o Made newer MIME type definitions take precedence over existing ones in httpd(8). o Moved the relayd(8) daemon(3) call to just before forking the children so the parent disassociates from its controlling terminal and shell, but not from its children. o Changed ftp(1) to use non-blocking connect(2) with ppoll(2) and timeout instead of alarm(3). This allows failing over to another IP address for hosts that have more than one. - tmux(1) improvements and bug fixes: o Added an ACL list for multiple users attaching to the tmux(1) socket. o Ensured cursor remains on selected item on menu. o Added support for OSC 8 hyperlinks. o Added support for hyperlinks with capture-pane -e and a mouse_hyperlink format. o Added an "all" state to allow-passthrough to work even in invisible panes. o Fixed a crash when searching for .* with extremely long lines. o Added vi(1) Home/End bindings. o Added a Nobr terminfo capability to tell tmux(1) the terminal does not use bright colors for bold. o Added a notification when a paste buffer is deleted. o Fixed window size reporting. - LibreSSL version 3.6.0 o New features - EVP API for HKDF ported from OpenSSL and subsequently cleaned up. - The security level API (SSL_{,CTX}_{get,set}_security_level()) is now available. Callbacks and ex_data are not supported. Sane software will not be using this. - Experimental support for the BoringSSL QUIC API. - Add initial support for TS ESSCertIDv2 verification. - LibreSSL now uses the Baillie-PSW primality test instead of Miller-Rabin. o Compatibility changes - The ASN.1 time parser has been refactored and rewritten using CBS. It has been made stricter in that it now enforces the rules from RFC 5280. - ASN1_AFLG_BROKEN was removed. - Error check tls_session_secret_cb() like OpenSSL. - Added ASN1_INTEGER_{get,set}_{u,}int64() - Move leaf certificate checks to the last thing after chain validation. - Added -s option to openssl(1) ciphers that only shows the ciphers supported by the specified protocol. - Use TLS_client_method(3) instead of TLSv1_client_method(3) in the openssl(1) ciphers command. - Validate the protocols in SSL{_CTX,}_set_alpn_protos(). - Made TS and PKCS12 opaque. - Per RFC 7292, safeContentsBag is a SEQUENCE OF, not a SET OF. - Align PKCS12_key_gen_uni() with OpenSSL - Various PKCS12 and TS accessors were added. In particular, the TS_RESP_CTX_set_time_cb() function was added back. - Allow a NULL header in PEM_write{,_bio}() - Allow empty attribute sets in CSRs. - Adjust signatures of BIO_ctrl functions. - Provide additional defines for EVP AEAD. - Provide OPENSSL_cleanup(). - Make BIO_info_cb() identical to bio_info_cb(). o Bug fixes - Avoid use of uninitialized in BN_mod_exp_recp(). - Fix X509_get_extension_flags() by ensuring that EXFLAG_INVALID is set on X509_get_purpose() failure. - Fix HMAC() with NULL key. - Add ERR_load_{COMP,CT,KDF}_strings() to ERR_load_crypto_strings(). - Avoid strict aliasing violations in BN_nist_mod_*(). - Do not return X509_V_ERR_UNSPECIFIED from X509_check_ca(). No return value of X509_check_ca() indicates failure. Application code should therefore issue a checked call to X509_check_purpose() before calling X509_check_ca(). - Rewrite and fix X509v3_asid_subset() to avoid segfaults on some valid input. - Call the ASN1_OP_D2I_PRE callback after ASN1_item_ex_new(). - Fix d2i_ASN1_OBJECT to advance the *der_in pointer correctly. - Avoid use of uninitialized in ASN1_STRING_to_UTF8(). - Do not pass uninitialized pointer to ASN1_STRING_to_UTF8(). - Do not refuse valid IPv6 addresses in nc(1)'s HTTP CONNECT proxy. - Do not reject primes in trial divisions. - Error out on negative shifts in BN_{r,l}shift() instead of accessing arrays out of bounds. - Fix URI name constraints, allow for URIs with no host part. - Fix the legacy verifier callback behaviour for untrusted certs. - Correct serfver-side handling of TLSv1.3 key updates. - Plug leak in PKCS12_setup_mac(). - Plug leak in X509V3_add1_i2d(). - Only print X.509 versions we know about. - Avoid signed integer overflow due to unary negation - Initialize readbytes in BIO_gets(). - Plug memory leak in CMS_add_simple_smimecap(). - Plug memory leak in X509_REQ_print_ex(). - Check HMAC() return value to avoid a later use of uninitialized. - Avoid potential NULL dereference in ssl_set_pkey(). - Check return values in ssl_print_tmp_key(). - Switch loop bounds from size_t to int in check_hosts(). - Avoid division by zero if no connection was made in s_time.c. - Check sk_SSL_CIPHER_push() return value - Avoid out-of-bounds read in ssl_cipher_process_rulestr(). - Use LONG_MAX as the limit for ciphers with long based APIs. o Internal improvements - Avoid expensive RFC 3779 checks during cert verification. - The templated ASN.1 decoder has been cleaned up, refactored, modernized with parts rewritten using CBB and CBS. - The ASN.1 time parser has been rewritten. - Rewrite and fix ASN1_STRING_to_UTF8(). - Use asn1_abs_set_unused_bits() rather than inlining it. - Simplify ec_asn1_group2curve(). - First pass at a clean up of ASN1_item_sign_ctx() - ssl_txt.c was cleaned up. - Internal function arguments and struct member have been changed to size_t. - Lots of missing error checks of EVP API were added. - Clean up and clarify BN_kronecker(). - Simplify ASN1_INTEGER_cmp() - Rewrite ASN1_INTEGER_{get,set}() using CBS and CBB and reuse the ASN1_INTEGER functions for ASN1_ENUMERATED. - Use ASN1_INTEGER to parse and build {Z,}LONG_it - Refactored and cleaned up group (elliptic curve) handling in t1_lib.c. - Simplify certificate list handling code in the legacy server. - Make CBB_finish() fail if *out_data is not NULL. - Remove tls_buffer_set_data() and remove/revise callers. - Rewrite SSL{_CTX,}_set_alpn_protos() using CBS. - Simplify tlsext_supported_groups_server_parse(). - Remove redundant length checks in tlsext parse functions. - Simplify tls13_server_encrypted_extensions_recv(). - Add read and write support to tls_buffer. - Convert TLS transcript from BUF_MEM to tls_buffer. - Clear key on exit in PKCS12_gen_mac(). - Minor fixes in PKCS12_parse(). - Provide and use a primitive clear function for BIGNUM_it. - Use ASN1_INTEGER to encode/decode BIGNUM_it. - Add stack frames to AES-NI x86_64 assembly. - Use named initialisers for BIGNUMs. - Tidy up some of BN_nist_mod_*. - Expand BLOCK_CIPHER_* and related macros. - Avoid shadowing the cbs function parameter in tlsext_alpn_server_parse() - Deduplicate peer certificate chain processing code. - Make it possible to signal an error from an i2c_* function. - Rewrite i2c_ASN1_INTEGER() using CBB/CBS. - Remove UINT32_MAX limitation on ChaCha() and CRYPTO_chacha_20(). - Remove bogus length checks from EVP_aead_chacha20_poly1305(). - Reworked DSA_size() and ECDSA_size(). - Stop using CBIGNUM_it internal to libcrypto. - Provide c2i_ASN1_ENUMERATED_cbs() and call it from asn1_c2i_primitive(). - Ensure ASN.1 types are appropriately encoded. - Avoid recycling ASN1_STRINGs when decoding ASN.1. - Tidy up asn1_c2i_primitive() slightly. - Mechanically expand IMPLEMENT_BLOCK_CIPHER, IMPLEMENT_CFBR, BLOCK_CIPHER and the looney M_do_cipher macros. - Use correct length for EVP CFB mode ciphers. - Provide a version of ssl_msg_callback() that takes a CBS. - Use CBS to parse TLS alerts in the legacy stack. - Increment the input and output position for EVP AES CFB1. - Ensure there is no trailing data for a CCS received by the TLSv1.3 stack. - Use CBS when procesing a CCS message in the legacy stack. - Be stricter with middlebox compatibility mode in the TLSv1.3 server. - OpenSSH 9.1 o Security - ssh-keyscan(1): fix a one-byte overflow in SSH banner processing - ssh-keygen(1): fix double free() in error path of signing/verify code - ssh-keysign(8): fix double-free in error path introduced in OpenSSH 8.9. o Potentially-incompatible changes - ssh(1), sshd(8): SetEnv directives in ssh_config and sshd_config are now first-match-wins to match other directives. Previously if an environment variable was multiply specified the last set value would have been used. - ssh-keygen(8): ssh-keygen -A (generate all default host key types) will no longer generate DSA keys, as these are insecure and have not been used by default for some years. - ssh(1), sshd(8): add a RequiredRSASize directive to set a minimum RSA key length. Keys below this length will be ignored for user authentication and for host authentication in sshd(8). ssh(1) will terminate a connection if the server offers an RSA key that falls below this limit, as the SSH protocol does not include the ability to retry a failed key exchange - sftp-server(8): add a users-groups-by-id@openssh.com extension request that allows the client to obtain user/group names that correspond to a set of uids/gids. - sftp(1): use users-groups-by-id@openssh.com sftp-server extension (when available) to fill in user/group names for directory listings. - sftp-server(8): support the home-directory extension request defined in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the existing "expand-path@openssh.com", but some other clients support it. - ssh-keygen(1), sshd(8): allow certificate validity intervals, sshsig verification times and authorized_keys expiry-time options to accept dates in the UTC time zone in addition to the default of interpreting them in the system time zone. YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if suffixed with a 'Z' character. Also allow certificate validity intervals to be specified in raw seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This is intended for use by regress tests and other tools that call ssh-keygen as part of a CA workflow. - sftp(1): allow arguments to the sftp -D option, e.g. sftp -D /usr/libexec/sftp-server -el debug3. - ssh-keygen(1): allow the existing -U (use agent) flag to work with -Y sign operations, where it will be interpreted to require that the private keys is hosted in an agent. o Bugfixes - ssh-keygen(1): implement the "verify-required" certificate option. This was already documented when support for user-verified FIDO keys was added, but the ssh-keygen(1) code was missing. - ssh-agent(1): hook up the restrict_websafe command-line flag; previously the flag was accepted but never actually used. - sftp(1): improve filename tab completions: never try to complete names to non-existent commands, and better match the completion type (local or remote filename) against the argument position being completed. - ssh-keygen(1), ssh(1), ssh-agent(1): several fixes to FIDO key handling, especially relating to keys that request user-verification. These should reduce the number of unnecessary PIN prompts for keys that support intrinsic user verification. - ssh-keygen(1): when enrolling a FIDO resident key, check if a credential with matching application and user ID strings already exists and, if so, prompt the user for confirmation before overwriting the credential. - sshd(8): improve logging of errors when opening authorized_keys files. - ssh(1): avoid multiplexing operations that could cause SIGPIPE from causing the client to exit early. bz3454 - ssh_config(5), sshd_config(5): clarify that the RekeyLimit directive applies to both transmitted and received data. - ssh-keygen(1): avoid double fclose() in error path. - sshd(8): log an error if pipe() fails while accepting a connection. - ssh(1), ssh-keygen(1): fix possible NULL deref when built without FIDO support. - ssh-keyscan(1): add missing *-sk types to ssh-keyscan manpage. - sshd(8): ensure that authentication passwords are cleared from memory in error paths. - ssh(1), ssh-agent(1): avoid possibility of notifier code executing kill(-1). - ssh_config(5): note that the ProxyJump directive also accepts the same tokens as ProxyCommand. - scp(1): do not not ftruncate(3) files early when in sftp mode. The previous behaviour of unconditionally truncating the destination file would cause scp ~/foo localhost: and scp localhost:foo ~/ to delete all the contents of their destination. - ssh-keygen(1): improve error message when ssh-keygen -Y sign is unable to load a private key. - sftp(1), scp(1): when performing operations that glob(3) a remote path, ensure that the implicit working directory used to construct that path escapes glob(3) characters. This prevents glob characters from being processed in places they shouldn't, e.g. cd /tmp/a*/, get *.txt should have the get operation treat the path /tmp/a* literally and not attempt to expand it. - ssh(1), sshd(8): be stricter in which characters will be accepted in specifying a mask length; allow only 0-9. - ssh-keygen(1): avoid printing hash algorithm twice when dumping a KRL. - ssh(1), sshd(8): continue running local I/O for open channels during SSH transport rekeying. This should make ~-escapes work in the client (e.g. to exit) if the connection happened to have stalled during a rekey event. - ssh(1), sshd(8): avoid potential poll() spin during rekeying - Further hardening for sshbuf internals: disallow "reparenting" a hierarchical sshbuf and zero the entire buffer if reallocation fails. - mandoc 1.14.6 plus some new features and many bugfixes, including: o Significantly improved accessibility of mandoc(1) -T html and man.cgi(8) output by using semantically better HTML elements in several places and by adding ARIA and DPUB-ARIA roles and aria-label attributes to several HTML elements. o Got rid of archaic HTML table markup for header and footer lines in favor of flexbox CSS. Rendering now adapts to browser windows of arbitrary narrowness. o Prevented -T html output from turning breakable hyphens into underscores in URI fragment identifiers. o Improved the roff(7) escape sequence parser in several fundamental ways regarding output correctness and groff compatibility. o Corrected output that depends on the order of evaluation of roff(7) escape sequences by parsing them left-to-right rather than right-to-left. o Significantly improved -T lint diagnostics regarding syntax errors in roff(7) escape sequences and in their arguments. o Stopped emitting vertical space before the tbl(7) .TS (table start) macro for compatibility with the same change in groff. This implies .PP or .Pp macros may need to be inserted before .TS in some (but not all!) places in some manual pages using tbl(7). o Stopped skipping vertical space after the tbl(7) .TE (table end) macro of boxed tables for compatibility with the same change in groff. This implies .sp requests may need to be removed after .TE in some manual pages using tbl(7). o Corrected the calculation of the width of spanned tbl(7) columns. o Improved the handling of literal tab characters in filled text in multiple ways for compatibility with groff and Heirloom troff. o Plus bugfixes for two segfaults, two infinite loops, and several assertion failures. - Ports and packages: o Pre-built packages are available for the following architectures on the day of release: - aarch64 (arm64): 11261 - amd64: 11451 - i386: 10225 - mips64: 8759 - powerpc64: XXX - riscv64: 9808 - sparc64: 9275 o Packages for the following architectures will be made available as their builds complete: - arm - powerpc - Some highlights: o Asterisk 16.28.0, 18.14.0 and o Mozilla Thunderbird 102.3.0 19.6.0 o Mutt 2.2.7 and NeoMutt 20220429 o Audacity 2.4.2 o Node.js 16.17.1 o CMake 3.24.2 o OCaml 4.12.1 o Chromium 105.0.5195.125 o OpenLDAP 2.6.3 o Emacs 28.2 o PHP 7.4.30, 8.0.23 and 8.1.10 o FFmpeg 4.4.2 o Postfix 3.7.2 o GCC 8.4.0 and 11.2.0 o PostgreSQL 14.5 o GHC 9.2.4 o Python 2.7.18, 3.9.14 and 3.10.7 o GNOME 42.4 o Qt 5.15.6 and 6.3.1 o Go 1.19.1 o R 4.2.1 o JDK 8u342, 11.0.16 and 17.0.4 o Ruby 2.7.6, 3.0.4 and 3.1.2 o KDE Applications 22.08.1 o Rust 1.63.0 o KDE Frameworks 5.98.0 o SQLite 3.39.3 o Krita 5.1.1 o Shotcut 22.06.23 o LLVM/Clang 13.0.0 o Sudo 1.9.11.2 o LibreOffice 7.4.1.2 o Suricata 6.0.6 o Lua 5.1.5, 5.2.4 and 5.3.6 o Tcl/Tk 8.5.19 and 8.6.12 o MariaDB 10.9.3 o TeX Live 2021 o Mono 6.12.0.182 o Vim 9.0.0192 and Neovim 0.7.2 o Mozilla Firefox 105.0.1 and o Xfce 4.16 ESR 102.3.0 - As usual, steady improvements in manual pages and other documentation. - The system includes the following major components from outside suppliers: o Xenocara (based on X.Org 7.7 with xserver 21.1.4 + patches, freetype 2.12.1, fontconfig 2.13.94, Mesa 22.1.7, xterm 372, xkeyboard-config 2.20, fonttosfnt 1.2.2, and more) o LLVM/Clang 13.0.0 (+ patches) o GCC 4.2.1 (+ patches) and 3.3.6 (+ patches) o Perl 5.32.1 (+ patches) o NSD 4.6.0 o Unbound 1.16.3 o Ncurses 5.7 o Binutils 2.17 (+ patches) o Gdb 6.3 (+ patches) o Awk September 12, 2022 version o Expat 2.4.9 ------------------------------------------------------------------------ - SECURITY AND ERRATA -------------------------------------------------- We provide patches for known security threats and other important issues discovered after each release. Our continued research into security means we will find new security problems -- and we always provide patches as soon as possible. Therefore, we advise regular visits to https://www.OpenBSD.org/security.html and https://www.OpenBSD.org/errata.html ------------------------------------------------------------------------ - MAILING LISTS AND FAQ ------------------------------------------------ Mailing lists are an important means of communication among users and developers of OpenBSD. For information on OpenBSD mailing lists, please see: https://www.OpenBSD.org/mail.html You are also encouraged to read the Frequently Asked Questions (FAQ) at: https://www.OpenBSD.org/faq/ ------------------------------------------------------------------------ - DONATIONS ------------------------------------------------------------ The OpenBSD Project is a volunteer-driven software group funded by donations. Besides OpenBSD itself, we also develop important software like OpenSSH, LibreSSL, OpenNTPD, OpenSMTPD, the ubiquitous pf packet filter, the quality work of our ports development process, and many others. This ecosystem is all handled under the same funding umbrella. We hope our quality software will result in contributions that maintain our build/development infrastructure, pay our electrical/internet costs, and allow us to continue operating very productive developer hackathon events. All of our developers strongly urge you to donate and support our future efforts. Donations to the project are highly appreciated, and are described in more detail at: https://www.OpenBSD.org/donations.html ------------------------------------------------------------------------ - OPENBSD FOUNDATION --------------------------------------------------- For those unable to make their contributions as straightforward gifts, the OpenBSD Foundation (https://www.openbsdfoundation.org) is a Canadian not-for-profit corporation that can accept larger contributions and issue receipts. In some situations, their receipt may qualify as a business expense write-off, so this is certainly a consideration for some organizations or businesses. There may also be exposure benefits since the Foundation may be interested in participating in press releases. In turn, the Foundation then uses these contributions to assist OpenBSD's infrastructure needs. Contact the foundation directors at directors@openbsdfoundation.org for more information. ------------------------------------------------------------------------ - HTTPS INSTALLS ------------------------------------------------------- OpenBSD can be easily installed via HTTPS downloads. Typically you need a single small piece of boot media (e.g., a USB flash drive) and then the rest of the files can be installed from a number of locations, including directly off the Internet. Follow this simple set of instructions to ensure that you find all of the documentation you will need while performing an install via HTTPS. 1) Read either of the following two files for a list of HTTPS mirrors which provide OpenBSD, then choose one near you: https://www.OpenBSD.org/ftp.html https://ftp.openbsd.org/pub/OpenBSD/ftplist As of October 20, 2022, the following HTTPS mirror sites have the 7.2 release: https://cdn.openbsd.org/pub/OpenBSD/7.2/ Global https://ftp.eu.openbsd.org/pub/OpenBSD/7.2/ Stockholm, Sweden https://ftp.hostserver.de/pub/OpenBSD/7.2/ Frankfurt, Germany https://ftp.bytemine.net/pub/OpenBSD/7.2/ Oldenburg, Germany https://ftp.fr.openbsd.org/pub/OpenBSD/7.2/ Paris, France https://mirror.aarnet.edu.au/pub/OpenBSD/7.2/ Brisbane, Australia https://ftp.usa.openbsd.org/pub/OpenBSD/7.2/ CO, USA https://ftp5.usa.openbsd.org/pub/OpenBSD/7.2/ CA, USA https://mirror.esc7.net/pub/OpenBSD/7.2/ TX, USA https://openbsd.cs.toronto.edu/pub/OpenBSD/7.2/ Toronto, Canada https://cloudflare.cdn.openbsd.org/pub/OpenBSD/7.2/ Global https://fastly.cdn.openbsd.org/pub/OpenBSD/7.2/ Global The release is also available at the master site: https://ftp.openbsd.org/pub/OpenBSD/7.2/ Alberta, Canada However it is strongly suggested you use a mirror. Other mirror sites may take a day or two to update. 2) Connect to that HTTPS mirror site and go into the directory pub/OpenBSD/7.2/ which contains these files and directories. This is a list of what you will see: ANNOUNCEMENT armv7/ octeon/ root.mail README hppa/ openbsd-72-base.pub sparc64/ SHA256 i386/ packages/ src.tar.gz SHA256.sig landisk/ packages-stable/ sys.tar.gz alpha/ loongson/ ports.tar.gz xenocara.tar.gz amd64/ luna88k/ powerpc64/ arm64/ macppc/ riscv64/ It is quite likely that you will want at LEAST the following files which apply to all the architectures OpenBSD supports. README - generic README root.mail - a copy of root's mail at initial login. (This is really worthwhile reading). 3) Read the README file. It is short, and a quick read will make sure you understand what else you need to fetch. 4) Next, go into the directory that applies to your architecture, for example, amd64. This is a list of what you will see: BOOTIA32.EFI* bsd* floppy72.img pxeboot* BOOTX64.EFI* bsd.mp* game72.tgz xbase72.tgz BUILDINFO bsd.rd* index.txt xfont72.tgz INSTALL.amd64 cd72.iso install72.img xserv72.tgz SHA256 cdboot* install72.iso xshare72.tgz SHA256.sig cdbr* man72.tgz base72.tgz comp72.tgz miniroot72.img If you are new to OpenBSD, fetch _at least_ the file INSTALL.amd64 and install72.iso. The install72.iso file (roughly 583MB in size) is a one-step ISO-format install CD image which contains the various *.tgz files so you do not need to fetch them separately. If you prefer to use a USB flash drive, fetch install72.img and follow the instructions in INSTALL.amd64. 5) If you are an expert, follow the instructions in the file called README; otherwise, use the more complete instructions in the file called INSTALL.amd64. INSTALL.amd64 may tell you that you need to fetch other files. 6) Just in case, take a peek at: https://www.OpenBSD.org/errata.html This is the page where we talk about the mistakes we made while creating the 7.2 release, or the significant bugs we fixed post-release which we think our users should have fixes for. Patches and workarounds are clearly described there. ------------------------------------------------------------------------ - X.ORG FOR MOST ARCHITECTURES ----------------------------------------- X.Org has been integrated more closely into the system. This release contains X.Org 7.7. Most of our architectures ship with X.Org, including amd64, sparc64 and macppc. During installation, you can install X.Org quite easily using xenodm(1), our simplified X11 display manager forked from xdm(1). ------------------------------------------------------------------------ - PACKAGES AND PORTS --------------------------------------------------- Many third party software applications have been ported to OpenBSD and can be installed as pre-compiled binary packages on the various OpenBSD architectures. Please see https://www.openbsd.org/faq/faq15.html for more information on working with packages and ports. Note: a few popular ports, e.g., NSD, Unbound, and several X applications, come standard with OpenBSD and do not need to be installed separately. ------------------------------------------------------------------------ - SYSTEM SOURCE CODE --------------------------------------------------- The source code for all four subsystems can be found in the pub/OpenBSD/7.2/ directory: xenocara.tar.gz ports.tar.gz src.tar.gz sys.tar.gz The README (https://ftp.OpenBSD.org/pub/OpenBSD/7.2/README) file explains how to deal with these source files. ------------------------------------------------------------------------ - THANKS --------------------------------------------------------------- Ports tree and package building by Jasper Lievisse Adriaanse, Jeremie Courreges-Anglas, Visa Hankala, Stuart Henderson, Peter Hessler, George Koehler, Kurt Mosiejczuk, and Christian Weisgerber. Base and X system builds by Kenji Aoyama, Theo de Raadt, and Miod Vallat. Release art contributed by Jon Chad. We would like to thank all of the people who sent in bug reports, bug fixes, donation cheques, and hardware that we use. We would also like to thank those who bought our previous CD sets. Those who did not support us financially have still helped us with our goal of improving the quality of the software. Our developers are: Aaron Bieber, Adam Wolk, Alexander Bluhm, Alexander Hall, Alexandr Nedvedicky, Alexandr Shadchin, Alexandre Ratchov, Andrew Fresh, Anil Madhavapeddy, Anthony J. Bentley, Antoine Jacoutot, Anton Lindqvist, Asou Masato, Ayaka Koshibe, Benoit Lecocq, Bjorn Ketelaars, Bob Beck, Brandon Mercer, Brent Cook, Brian Callahan, Bryan Steele, Can Erkin Acar, Caspar Schutijser, Charlene Wendling, Charles Longeau, Chris Cappuccio, Christian Weisgerber, Christopher Zimmermann, Claudio Jeker, Dale Rahn, Damien Miller, Daniel Dickman, Daniel Jakots, Darren Tucker, Dave Voutila, David Coppa, David Gwynne, David Hill, Denis Fondras, Edd Barrett, Elias M. Mariani, Eric Faurot, Florian Obser, Florian Riehm, Frederic Cambus, George Koehler, Gerhard Roth, Giannis Tsaraias, Gilles Chehade, Giovanni Bechis, Gleydson Soares, Gonzalo L. Rodriguez, Greg Steuck, Helg Bredow, Henning Brauer, Ian Darwin, Ian Sutton, Igor Sobrado, Ingo Feinerer, Ingo Schwarze, Inoguchi Kinichiro, James Hastings, James Turner, Jan Klemkow, Jason McIntyre, Jasper Lievisse Adriaanse, Jeremie Courreges-Anglas, Jeremy Evans, Job Snijders, Joel Sing, Joerg Jung, Jonathan Armani, Jonathan Gray, Jonathan Matthew, Jordan Hargrave, Joris Vink, Joshua Stein, Juan Francisco Cantero Hurtado, Kazuya Goda, Kenji Aoyama, Kenneth R Westerback, Kent R. Spillner, Kevin Lo, Kirill Bychkov, Klemens Nanni, Kurt Miller, Kurt Mosiejczuk, Landry Breuil, Lawrence Teo, Lucas Raab, Marc Espie, Marcus Glocker, Mark Kettenis, Mark Lumsden, Markus Friedl, Martijn van Duren, Martin Natano, Martin Pieuchot, Martin Reindl, Martynas Venckus, Matthew Dempsky, Matthias Kilian, Matthieu Herrb, Michael Mikonos, Mike Belopuhov, Mike Larkin, Miod Vallat, Moritz Buhl, Nam Nguyen, Nayden Markatchev, Nicholas Marriott, Nigel Taylor, Okan Demirmen, Omar Polo, Ori Bernstein, Otto Moerbeek, Paco Esteban, Pamela Mosiejczuk, Pascal Stumpf, Patrick Wildt, Paul Irofti, Pavel Korovin, Peter Hessler, Philip Guenther, Pierre-Emmanuel Andre, Pratik Vyas, Rafael Sadowski, Rafael Zalamena, Raphael Graf, Remi Locherer, Remi Pointel, Renato Westphal, Ricardo Mestre, Richard Procter, Rob Pierce, Robert Nagy, Sasano Takayoshi, Scott Soule Cheloha, Sebastian Benoit, Sebastian Reitenbach, Sebastien Marie, Solene Rapenne, Stefan Fritsch, Stefan Hagen, Stefan Kempf, Stefan Sperling, Steven Mestdagh, Stuart Cassoff, Stuart Henderson, Sunil Nimmagadda, T.J. Townsend, Ted Unangst, Theo Buehler, Theo de Raadt, Thomas Frohwein, Tim van der Molen, Tobias Heider, Tobias Stoeckmann, Todd C. Miller, Todd Mortimer, Tom Cosgrove, Tracey Emery, Ulf Brosziewski, Uwe Stuehler, Vadim Zhukov, Vincent Gross, Visa Hankala, Vitaliy Makkoveev, Yasuoka Masahiko, Yojiro Uo