Carding 4 Carders
Professional
The free UNIX-like operating system OpenBSD 7.4 is now available.
A version of the free UNIX-like operating system OpenBSD 7.4 was released. The project was founded by Teo de Raadt in 1995 after a conflict with the NetBSD developers, which led to the fact that Teo was denied access to the NetBSD CVS repository. Then he gathered a team of like-minded people and created a new open operating system based on the source code of NetBSD. The main goals of the project are portability ( the system runs on 13 different platforms), standardization, reliability, security, and built-in cryptographic functions. The full installation ISO image of the OpenBSD 7.4 base system takes up 630 MB.
The OpenBSD project is also known for its components that have been successfully implemented in other operating systems and are recognized as one of the most secure and high-quality solutions. These include LibreSSL (a variant of OpenSSL), OpenSSH, the PF packet filter, the OpenBGPD and OpenOSPFD routing daemons, the OpenNTPD exact time server, the OpenSMTPD mail server, the tmux text terminal multiplexer (similar to GNU screen), the identd daemon with the implementation of the IDENT protocol, an alternative to the GNU groff - mandoc package, the CARP protocol (Common Address Redundancy Protocol) for system reliability, a lightweight HTTP server, and the OpenRSYNC file synchronization utility.
The presented version of the system has many improvements:
A version of the free UNIX-like operating system OpenBSD 7.4 was released. The project was founded by Teo de Raadt in 1995 after a conflict with the NetBSD developers, which led to the fact that Teo was denied access to the NetBSD CVS repository. Then he gathered a team of like-minded people and created a new open operating system based on the source code of NetBSD. The main goals of the project are portability ( the system runs on 13 different platforms), standardization, reliability, security, and built-in cryptographic functions. The full installation ISO image of the OpenBSD 7.4 base system takes up 630 MB.
The OpenBSD project is also known for its components that have been successfully implemented in other operating systems and are recognized as one of the most secure and high-quality solutions. These include LibreSSL (a variant of OpenSSL), OpenSSH, the PF packet filter, the OpenBGPD and OpenOSPFD routing daemons, the OpenNTPD exact time server, the OpenSMTPD mail server, the tmux text terminal multiplexer (similar to GNU screen), the identd daemon with the implementation of the IDENT protocol, an alternative to the GNU groff - mandoc package, the CARP protocol (Common Address Redundancy Protocol) for system reliability, a lightweight HTTP server, and the OpenRSYNC file synchronization utility.
The presented version of the system has many improvements:
- For amd64 and i386 architectures, support for updating the microcode of AMD processors has been added. New versions of microcode are now installed automatically at system boot. The "ports/sysutils/firmware/amd" port has been developed for distributing binary files with microcode. The new microcode is installed using the fw_update utility.
- Added IBT (Indirect Branch Tracking, amd64) and BTI (Branch Target Identification, arm64) protection mechanisms for the kernel and user space. They are designed to prevent a violation of the normal execution order when exploits are used that modify function pointers stored in memory ((the implemented protection prevents malicious code from jumping to the middle of the function).
- The arm64 architecture introduces support for Pointer Authentication, which uses specialized ARM64 instructions to verify return addresses using digital signatures stored in the upper bits of the pointer. This improves system security.
- The settings of the clang system compiler, as well as clang and gcc ports, have been changed to apply the above-mentioned security mechanisms. This significantly improves the security of basic applications and most port applications from exploits that use return-oriented programming (ROP)methods
- Added a new kqueue1 system call, which differs from the regular kqueue by passing flags. Currently, kqueue1 only supports the O_CLOEXEC (close-on-exec) flag to automatically close file descriptors in child processes after calling exec().
- For amd64 and i386 architectures, dt pseudo-device support has been added for dynamic system and application tracing. To insert user entries in the ktrace log, the utrace system call is added .
- Fixes that resolve undefined behavior when using MS-DOS file systems have been migrated from FreeBSD.
- The softdep mount option, which is used for deferred grouped metadata recording, is disabled.
- Programs protected by the unveil system call are allowed to save core dumps in the current working directory.
- For the ARM64 architecture, support for the deep idle states available in Apple M1/M2 chips has been activated to better manage power consumption.
- Added additional protection against the Zenbleed vulnerability in AMD processors.
- Improved support for multiprocessor systems (SMP). The arprequest () function, the code for processing input ARP packets, and the implementation of detecting neighboring nodes in the IPv6 stack are freed from locks.
- The pfsync batch filter table synchronization interface has been rewritten for better lock handling and compatibility with future work on parallelizing the network stack.
- The implementation of the drm (Direct Rendering Manager) framework is synchronized with the Linux 6.1.55 kernel, which improves performance on systems with Intel processors based on the Alder Lake and Raptor Lake microarchitectures.
- The VMM hypervisor now supports a multiprocessor model for block and network virtio devices. Also added support for vector I / O in zero-copy mode for block virtio devices. Guest systems are restricted from accessing the p-state modes of AMD processors, and VM owners are allowed to override the bootable kernel via vmctl.
- Added a new uchar header file.h with the char32_t and char16_t types, as well as the corresponding functions defined in the C11 standard.
- The malloc function now supports the "D" option for detecting memory leaks using ktrace ("MALLOC_OPTIONS=D ktrace -tu program") and kdump ("kdump-u malloc...").
- The make utility now supports the ${.VARIABLES} variable for displaying the names of all set global variables.
- The "--size-only" and "--ignore-times"options have been added to the openrsync utility.
- Cron and crontab now support random offsets when specifying ranges of values with a specific step. This allows you to avoid simultaneous resource requests from different machines that have the same rules in cron. For example, specifying "059/30 " or" /30 " in the minutes field causes the command to run twice an hour at consecutive randomly selected intervals.
- The wsconsctl utility adds the ability to map buttons for two-or three-finger taps on the clickpad.
- This version of OpenBSD also adds support for new hardware and includes new drivers.
- Installation on systems with armv7 and arm64 processors is now improved, and support for downloading files from the EFI System Partition is added.
- The installer improves support for soft RAID (softraid), including placing the root partition in softraid on riscv64 and arm64 systems. Softraid is also added to the ramdisk for the powerpc64 architecture. Arm64 supports Guided Disk Encryption.
- The malloc function now includes checking all blocks in the deferred memory release list to detect write situations to the released memory area.
- To execute the shutdown command, you now need to add a user to the "_shutdown" group, which allows you to separate the permissions associated with shutdown and direct reading from disk devices.
- Using the unveil system call, the patch utility is restricted to access only the current directory, the directory with temporary files, and files listed on the command line.
- Added sysctl net. inet6. icmp6. nd6_queued to display the number of packets waiting for an ND6 response (similar to ARP).
- When configuring an IPv6 address on the network interface, an announcement is now sent to neighboring routers at the multicast address.
- Added initial support for TSO (TCP Segmentation Offload) and LRO (TCP Large Receive Offload) for processing segments and combining packets on the network card side.
- Loading of pf packet filter rules by the pfctl utility has also been accelerated, including processing "keep state" and "nat-to" actions for error messages returned via ICMP.
- IP, TCP, and UDP checksums are no longer calculated for loopback interfaces.
- This version adds initial support for route-based IPsec VPNs.
- BGPD adds support for Flowspec (RFC5575) with announcing flowspec rules. The implementation of ASPA (Autonomous System Provider Authorization) has been brought into compliance with the draft-ietf-sidrops-aspa-verification-16 and draft-ietf-sidrops-aspa-profile-16 specifications, and converted to the use of search tables independent of AFI (Address Family Indicator).
- rpki-client performance has been increased by 30-50%, and support for gzip and deflate compression has been added.
- Updated LibreSSL and OpenSSH packages.
- The number of ports for the AMD64 architecture was 11845 (it was 11764), for aarch64 - 11508 (it was 11561), for i386-10603 (it was 10572). Among app versions in ports:
- Asterisk 16.30.1, 18.19.0б, 20.4.0
- Audacity 3.3.3
- CMake 3.27.5
- Chromium 117.0.5938.149
- Emacs 29.1
- FFmpeg 4.4.4
- GCC 8.4.0 and 11.2.0
- GHC 9.2.7
- GNOME 44
- Go 1.21.1
- JDK 8u382, 11.0.20 and 17.0.8
- KDE Applications 23.08.0
- KDE Frameworks 5.110.0
- Krita 5.1.5
- LLVM / Clang 13.0.0 and 16.0.6
- LibreOffice 7.6.2.1
- Lua 5.1.5, 5.2.4, 5.3.6 and 5.4.6
- MariaDB 10.9.6
- Mono 6.12.0.199
- Mozilla Firefox 118.0.1 and ESR 115.3.1
- Mozilla Thunderbird 115.3.1
- Mutt 2.2.12 and NeoMutt 20230517
- Node.js 18.18.0
- OpenLDAP 2.6.6
- PHP 7.4.33, 8.0.30, 8.1.24 and 8.2.11
- Postfix 3.7.3
- PostgreSQL 15.4
- Python 2.7.18, 3.9.18, 3.10.13 and 3.11.5
- Qt 5.15.10 and 6.5.2
- R 4.2.3
- Ruby 3.0.6, 3.1.4, and 3.2.2
- Rust 1.72.1
- SQLite 3.42.0
- Shotcut 23.07.29
- Sudo 1.9.14.2
- Suricata 6.0.12
- Tcl/Tk 8.5.19 and 8.6.13
- TeX Live 2022
- Vim 9.0.1897 and Neovim 0.9.1
- Xfce 4.18
- Updated third-party components included in OpenBSD 7.3:
- LLVM / Clang 13.0.0 (+ patches)
- GCC 4.2.1 (+ patches) and 3.3.6 (+ patches)
- Perl 5.36.1 (+ patches)
- NSD 4.7.0
- Unbound 1.18
- Ncurses 5.7
- Binutils 2.17 (+ patches)
- Gdb 6.3 (+ patch )
- Awk 12.9.2023
- Expat 2.5.0.
