NetBSD 7.2 released (August 29, 2018)

Introduction

The NetBSD Project is pleased to announce NetBSD 7.2, the second feature update of the NetBSD 7 release branch. It represents a selected subset of fixes deemed important for security or stability reasons, as well as new features and enhancements.

General Security Note

The NetBSD 7.2 release is a maintenance release of the netbsd-7 branch, which had it's first major release, NetBSD 7.0 in September 2015. A lot of security features have been added to later NetBSD versions, and for new installations we highly recommend using our latest release, NetBSD 8.0 instead.

Some highlights of the 7.2 release are:

  • Support for USB 3.0.
  • Enhancements to the Linux emulation subsystem.
  • Fixes in binary compatibility for ancient NetBSD executables.
  • iwm(4) driver for Intel Wireless 726x, 316x, 826x and 416x series added.
  • Support for Raspberry Pi 3 added.
  • Fix interrupt setup on Hyper-V VMs with Legacy Network Adapter.
  • SVR4 and IBCS2 compatibility subsystems have been disabled by default (besides IBCS2 on VAX). These subsystems also do not auto-load their modules any more.
  • Various USB stability enhancements.
  • Numerous bug fixes and stability improvements.

Complete source and binaries for NetBSD 7.2 are available for download at many sites around the world. A list of download sites providing FTP, AnonCVS, SUP, and other services may be found at https://www.NetBSD.org/mirrors/. We encourage users who wish to install via ISO or USB disk images to download via BitTorrent by using the torrent files supplied in the images area. A list of hashes for the NetBSD 7.2 distribution has been signed with the well-connected PGP key for the NetBSD Security Officer: https://cdn.NetBSD.org/pub/NetBSD/security/hashes/NetBSD-7.2_hashes.asc

NetBSD is free. All of the code is under non-restrictive licenses, and may be used without paying royalties to anyone. Free support services are available via our mailing lists and website. Commercial support is available from a variety of sources. More extensive information on NetBSD is available from our website:

Changes Between 7.1.2 and 7.2

Below is an abbreviated list of changes in this release. The complete list of changes since NetBSD 7.1 can be found in the CHANGES-7.2 file in the top level directory of the NetBSD 7.2 release tree.

Security Advisory Fixes

The following security advisories were fixed:

Note: Advisories prior to NetBSD-SA2018-007 do not affect NetBSD 7.2.

Other Security Fixes

  • Xorg-server: fixes for CVE-2017-10971, CVE-2017-10972, CVE-2017-12176 to CVE-2017-12187 (the latter also applied to old XFree server)
  • Heimdahl updated to 7.1, fixing CVE-2016-2400.
  • WPA: fixes for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088.
  • libXfont and libXcursor: fixes for CVEs 2017-13722, 2017-13720, 2017-16611, and 2017-16612.
  • Fixes from libX11 1.6.5 for CVE-2018-14599, CVE-2018-14600, CVE-2018-14598.
  • Kerberos fixed to avoid impersonation attacks on the KDC-REP service.
  • Prevent unrestricted userland access to I/O ports in XEN.

General kernel

  • Support USB 3.0, add xhci(4) driver
  • Add pselect6 linux system call emulation
  • kqueue(2): add EVFILT_WRITE, to help go programs.
  • Fixes to file descriptor locking that could make go programs trigger a kernel crash.
  • Fixed a vnode leak introduced with the openat(2) system call.

Drivers

  • carp(4): fix link state handling.
  • ipf(4): fragment and package state are separate, the user needs to specify both "keep state" and "keep frags" to get the same behaviour as before.
  • iwm(4) driver for Intel Wireless 726x, 316x, 826x and 416x series added.
  • bridge(4): Add handling of VLAN packets where the parent supports it.
  • wm(4): various improvements and add support for more hardware.

Platforms

  • x86:
    • Handle stack faults on iret proerly
    • Increase max io mem on amd64
    • System calls in ancient (native) binaries that used the osyscall call gate is now done via emulation, as the call gate allowed for a race condition that could panic the kernel.
    • Option VM86 (virtual 8086 emulation) has been removed from GENERIC kernels. Use an emulator instead.
    • Fixed interrupt setup on Hyper-V VMs with Legacy Network Adapter.
    • Made the direct map non-executable on amd64.
  • xen:
    • Make xen dom0 SMP bootable again.
    • Improve xennet(4) performance.
  • powerpc:
    • Fix execution of old binaries generated by old (and buggy) binutils.
  • hpcarm:
    • Restore wscons keymaps feature
  • evbarm:
    • Add support for Raspberry Pi 3.
  • sparc:
    • Fixed ddb(4) errors due to alignement issues.
    • Fixed time goes backwards problems.
    • Improve interprocessor interrupt handling.
    • Make audio work again on some machines.

Userland

  • ld.elf_so(1): fixes to the promotion of DSO TLS blocks into statis thread allocation.
  • xdr(3): fixed RPCBPROC_GETSTAT endocde/decode interoperability with other operating systems.
  • resize_ffs(8): Fixed overflow errors which could lead to superblock corruption on large filesystems.
  • Update root.cache to 2017102400.
  • httpd(8): fixed errors when executing cgi scripts via the -C mechanism.
  • httpd(8): do not degrade https to http when redirecting or returning errors.
  • inetd(8): increased max argument count to 64.
  • gpt(8): various improvements and new options.
  • 3rd party software updates:
    • dhcpcd(8) updated to 7.0.8
    • libexpat updated to 2.2.1
    • lua(1) updated to 5.3.4
    • timezone data updated to tzdata2018e

NetBSD mirror sites

Please use a mirror site close to you.

System families supported by NetBSD 7.2

The NetBSD 7.2 release provides supported binary distributions for the following systems:

NetBSD/acorn26 Acorn Archimedes, A-series and R-series systems
NetBSD/acorn32 Acorn RiscPC/A7000, VLSI RC7500
NetBSD/algor Algorithmics, Ltd. MIPS evaluation boards
NetBSD/alpha Digital/Compaq Alpha (64-bit)
NetBSD/amd64 AMD family processors like Opteron, Athlon64, and Intel CPUs with EM64T extension
NetBSD/amiga Commodore Amiga and MacroSystem DraCo
NetBSD/amigappc PowerPC-based Amiga boards.
NetBSD/arc MIPS-based machines following the Advanced RISC Computing spec
NetBSD/atari Atari TT030, Falcon, Hades
NetBSD/bebox Be Inc's BeBox
NetBSD/cats Chalice Technology's CATS and Intel's EBSA-285 evaluation boards
NetBSD/cesfic CES FIC8234 VME processor board
NetBSD/cobalt Cobalt Networks' MIPS-based Microservers
NetBSD/dreamcast Sega Dreamcast game console
NetBSD/emips The Extensible MIPS architecture from Microsoft Research
NetBSD/epoc32 Psion EPOC PDAs
NetBSD/evbarm Various ARM-based evaluation boards and appliances
NetBSD/evbmips Various MIPS-based evaluation boards and appliances
NetBSD/evbppc Various PowerPC-based evaluation boards and appliances
NetBSD/evbsh3 Various Hitachi Super-H SH3 and SH4-based evaluation boards and appliances
NetBSD/ews4800mips NEC's MIPS-based EWS4800 workstation
NetBSD/hp300 Hewlett-Packard 9000/300 and 400 series
NetBSD/hppa Hewlett-Packard 9000 Series 700 workstations
NetBSD/hpcarm StrongARM based Windows CE PDA machines
NetBSD/hpcmips MIPS-based Windows CE PDA machines
NetBSD/hpcsh Hitachi Super-H based Windows CE PDA machines
NetBSD/i386 IBM PCs and PC clones with i486-family processors and up
NetBSD/ibmnws IBM Network Station 1000
NetBSD/iyonix Castle Technology's Iyonix ARM based PCs
NetBSD/landisk SH4 processor based NAS appliances
NetBSD/luna68k OMRON Tateisi Electric's LUNA series
NetBSD/mac68k Apple Macintosh with Motorola 68k CPU
NetBSD/macppc Apple PowerPC-based Macintosh and clones
NetBSD/mipsco MIPS Computer Systems Inc. family of workstations and servers
NetBSD/mmeye Brains mmEye multimedia server
NetBSD/mvme68k Motorola MVME 68k Single Board Computers
NetBSD/mvmeppc Motorola PowerPC VME Single Board Computers
NetBSD/netwinder StrongARM based NetWinder machines
NetBSD/news68k Sony's 68k-based NET WORK STATION series
NetBSD/newsmips Sony's MIPS-based NET WORK STATION series
NetBSD/next68k NeXT 68k black hardware
NetBSD/ofppc OpenFirmware PowerPC machines
NetBSD/pmax Digital MIPS-based DECstations and DECsystems
NetBSD/prep PReP (PowerPC Reference Platform) and CHRP machines
NetBSD/rs6000 IBM RS/6000 MCA-based PowerPC machines.
NetBSD/sandpoint Motorola Sandpoint reference platform, including many PPC-based NAS boxes
NetBSD/sbmips Broadcom SiByte evaluation boards
NetBSD/sgimips Silicon Graphics' MIPS-based workstations
NetBSD/shark Digital DNARD (shark)
NetBSD/sparc Sun SPARC (32-bit) and UltraSPARC (in 32-bit mode)
NetBSD/sparc64 Sun UltraSPARC (in native 64-bit mode)
NetBSD/sun2 Sun Microsystems Sun 2 machines with Motorola 68010 CPU
NetBSD/sun3 Motorola 68020 and 030 based Sun 3 and 3x machines
NetBSD/vax Digital VAX
NetBSD/x68k Sharp X680x0 series
NetBSD/xen The Xen virtual machine monitor
NetBSD/zaurus Sharp ARM PDAs

Ports available in source form only for this release include the following:

NetBSD/ia64 Itanium family of processors

Acknowledgments

The NetBSD Foundation would like to thank all those who have contributed code, hardware, documentation, funds, colocation for our servers, web pages and other documentation, release engineering, and other resources over the years. More information on the people who make NetBSD happen is available at:

We would like to especially thank the University of California at Berkeley and the GNU Project for particularly large subsets of code that we use. We would also like to thank the Internet Systems Consortium Inc. and the Network Security Lab at Columbia University's Computer Science Department for current colocation services.

About NetBSD

NetBSD is a free, fast, secure, and highly portable Unix-like Open Source operating system. It is available for a wide range of platforms, from large-scale servers and powerful desktop systems to handheld and embedded devices. Its clean design and advanced features make it excellent for use in both production and research environments, and the source code is freely available under a business-friendly license. NetBSD is developed and supported by a large and vibrant international community. Many applications are readily available through pkgsrc, the NetBSD Packages Collection.

About the NetBSD Foundation

The NetBSD Foundation was chartered in 1995, with the task of overseeing core NetBSD project services, promoting the project within industry and the open source community, and holding intellectual property rights on much of the NetBSD code base. Day-to-day operations of the project are handled by volunteers.

As a non-profit organization with no commercial backing, the NetBSD Foundation depends on donations from its users, and we would like to ask you to consider making a donation to the NetBSD Foundation in support of continuing production of our fine operating system. Your generous donation would be particularly welcome to help with ongoing upgrades and maintenance, as well as with operating expenses for the NetBSD Foundation.

Donations can be done via PayPal to , or via Google Checkout and are fully tax-deductible in the US. See www.NetBSD.org/donations/ for more information, or contact directly.


Back to NetBSD 7.x formal releases