Announcing NetBSD 5.2
The NetBSD Project is pleased to announce that version 5.2 of the NetBSD operating system is now available. NetBSD 5.2 is the second feature update of the NetBSD 5.0 release branch. It represents a selected subset of fixes deemed critical for security or stability reasons, as well as new features and enhancements.
Please note that all fixes in security/critical updates (i.e., NetBSD 5.0.2, 5.1.2, etc.) are cumulative, so the latest update contains all such fixes since the corresponding minor release. These fixes will also appear in future minor releases (i.e., NetBSD 5.3, etc.), together with other less-critical fixes and feature enhancements.
Complete source and binaries for NetBSD 5.2 are available for download at many sites around the world. A list of download sites providing FTP, HTTP, AnonCVS, SUP, and other services may be found at http://www.NetBSD.org/mirrors/. We encourage users who wish to install via ISO images to download via BitTorrent by using the torrent files supplied in the ISO image area. A list of hashes for the NetBSD 5.2 distribution has been signed with the well-connected PGP key for the NetBSD Security Officer: http://ftp.NetBSD.org/pub/NetBSD/security/hashes/NetBSD-5.2_hashes.asc
NetBSD is free. All of the code is under non-restrictive licenses, and may be used without paying royalties to anyone. Free support services are available via our mailing lists and website. Commercial support is available from a variety of sources. More extensive information on NetBSD is available from our website:
The complete list of changes can be found in the CHANGES-5.2 file in the top level directory of the NetBSD 5.2 release tree. An abbreviated list is as follows:
- NetBSD-SA2010-012, OpenSSL TLS extension parsing race condition
- NetBSD-SA2011-001, BIND DoS due to improper handling of RRSIG records
- NetBSD-SA2011-002, OpenSSL TLS extension parsing race condition
- NetBSD-SA2011-003, Exhausting kernel memory from user controlled value
- NetBSD-SA2011-004, Kernel stack overflow via nested IPCOMP packet (CVE-2011-1547)
- NetBSD-SA2011-005, ISC dhclient does not strip shell meta-characters (CVE-2011-0997)
- NetBSD-SA2011-006, BIND DoS via packet with rrtype zero
- NetBSD-SA2011-007, LZW decoding loop on manipulated compressed files
- NetBSD-SA2011-008, OpenPAM privilege escalation (CVE-2010-1166)
- NetBSD-SA2011-009, BIND resolver DoS
- NetBSD-SA2012-001, OpenSSL buffer overflow in DER read function
- NetBSD-SA2012-002, OpenSSL Invalid TLS/DTLS record attack
- NetBSD-SA2012-003, Intel processors sysret to non-canonical address behaviour
- NetBSD-SA2012-004, BIND resolver DoS when using DNSSEC Validation
Note: Advisories prior to NetBSD-SA2010-012 do not affect NetBSD 5.2.
- openssl: Fix CVE-2010-3864, CVE-2010-4180, CVE-2011-0014, CVE-2011-4109, CVE-2011-4576, CVE-2012-0050, CVE-2012-2110, and CVE-2012-2333.
- postfix: Fix CVE-2011-0411 and CVE-2011-1720.
- xrdb: Fix CVE-2011-0465.
- dhcpcd(8): Fix CVE-2011-996.
- BIND: Fix CVE-2011-1910, CVE-2011-0414, CVE-2011-2464, CVE-2011-4313, CVE-2012-3817, CVE-2012-4244, and CVE-2012-5166.
- Address CVE-2011-2895, buffer overflow in decompression, affecting multiple system utilities.
- bpf(4): avoid stack memory disclosure.
- Fix ptrace(2) PT_SYSCALL.
- WAPBL: Fix an error that could lead to file system corruption and "freeing free block" panics.
- ext2fs: support inodes > 128 bytes, variable inode sizes, and 32 bit UID fields.
- fss(4): various fixes for snapshots.
- Numerous fixes for extended attributes on UFS1 file systems.
- Fix rename locking for UFS.
- wm(4): add support for more chips, work around some other issues.
- bge(4): add support for many more chips, and many bugfixes.
- ne(4): add NE2000 with 8bit bus width support, and EtherNEC support.
- Fix NULL pointer dereferences in IPv6 ESP code paths.
- Make EtherIP in IPv6 input path work.
- Fix MPPE in pppd.
- Clean up setting ECN bit in TOS.
- Added SOCK_SEQPACKET to PL_LOCAL sockets.
- Prevent a crash when destroying an interface.
- btmagic(4): add Apple Magic Mouse driver.
- rnd(4): prevent crash if len field in ioctl(RNDADDDATA) is garbage.
- uts(4): driver for USB touchscreens.
-
hdaudio(4):
- Add support for NVidia controllers.
- Fix 32KHz playback. PR#43542.
- esiop(4)/siop(4): Improve error paths. PR#43278.
- aac(4): support more boards.
- dk(4): avoid a LOCKDEBUG panic on raid(4).
- ciss(4): Fix a performance problem. Also fix a DIAGNOSTIC panic.
- Fix an issue with >2TB disks.
-
raid(4)
- Add support for >2TB raid devices.
- Add support for non-512-byte sector disks (up to 16KB).
- Add a hack to fix up disks with very old raidframe component labels.
- mpt(4): Add byte-swapping so this works on bigendian platforms. Allow mpt(4) to use tagged queueing on SAS adapters.
- vnd(4): fix using sparse files as backing store.
- raid(4): parity maps always have at least one parity region.
-
x86 (amd64 and i386)
- Fix an array overflow when cpuid >= 32.
- Xorg: add more support for Intel HD3000/4000 and some for HD5000.
- Various fixes to allow NetBSD to run unmodified under Linux KVM.
-
amiga
- Raise address of user stack to highest safe address, which increases available user address space by 256MB.
-
atari
- Add support for the SMC Elite Ultra Ethernet.
- Allow users to change serial console behavior with binpatch(8).
- Fixes for scheduling callback functions.
- dreamcast: Add workaround to make audio work.
- hp300: Make install.md probe cd(4) devices properly.
- hpcmips: Fix pcic kthread creation timing. PRs 41791 and 41164.
- m68k:
- macppc: pbms(4): Avoid an immediate crash during attach, and fix the aspect ratio of the trackpad on the geyser2 model.
- pmax: Make ksyms(4) actually work.
- sh3: Fix logic error in copyinstr() when deciding whether to return EFAULT or ENAMETOOLONG.
-
sparc
- Many fixes for sparc SMP.
-
vax
- Corrected the definition of leap year for vax.
-
x68k:
- Fix boot problem on X68030+060turbo in 060 mode.
- Fix panics on heavy key strokes while running X.
-
xen
- Fix xennet hotplug and implement feature-rx-copy, improving support under Linux Dom0.
- xbdback: prevent dom0 pool corruption.
- Fix xenbus probe so NetBSD DomU can boot on Linux Dom0 with xl.
- Fix random kernel panics on domains with large memory.
- Expose Xen kernfs entries inside a domU to make it possible to use xentools inside a domU to query XenStore entries.
- passwd(1): Log successful and unsuccessful attempts to change passwords, via -l or PAM.
-
ftp(1):
- Avoid NULL dereference in log output.
- Parse HTTP 'Date' entries in the 'C' locale rather than the user's.
- Improve 'boot -z' support.
- Update to libfetch 2.31.
- top(1): improve the default display for large numbers of CPUs.
- Updated 32/64-bit compat to version 2.
- Stop nfsd(8) from exiting prematurely during port-scan.
- resize_ffs(8): support growing and shrinking all FFSv1 and growing all FFSv2 file systems.
Using block device nodes directly for I/O may cause a kernel crash when the file system containing /dev is FFS and is mounted with -o log. Workaround: use raw disk devices, or remount the file system without -o log.
Occasionally, gdb may cause a process that is being debugged to hang when "single stepped". Workaround: kill and restart the affected process.
gdb cannot debug running threaded programs correctly. Workaround: generate a core file from the program using gcore(1) and pass the core to gdb, instead of debugging the running program.
Please use a mirror site close to you.
The NetBSD 5.2 release provides supported binary distributions for the following systems:
NetBSD/acorn26 | Acorn Archimedes, A-series and R-series systems |
NetBSD/acorn32 | Acorn RiscPC/A7000, VLSI RC7500 |
NetBSD/algor | Algorithmics, Ltd. MIPS evaluation boards |
NetBSD/alpha | Digital/Compaq Alpha (64-bit) |
NetBSD/amd64 | AMD family processors like Opteron, Athlon64, and Intel CPUs with EM64T extension |
NetBSD/amiga | Commodore Amiga and MacroSystem DraCo |
NetBSD/arc | MIPS-based machines following the Advanced RISC Computing spec |
NetBSD/atari | Atari TT030, Falcon, Hades |
NetBSD/bebox | Be Inc's BeBox |
NetBSD/cats | Chalice Technology's CATS and Intel's EBSA-285 evaluation boards |
NetBSD/cesfic | CES FIC8234 VME processor board |
NetBSD/cobalt | Cobalt Networks' MIPS-based Microservers |
NetBSD/dreamcast | Sega Dreamcast game console |
NetBSD/evbarm | Various ARM-based evaluation boards and appliances |
NetBSD/evbmips | Various MIPS-based evaluation boards and appliances |
NetBSD/evbppc | Various PowerPC-based evaluation boards and appliances |
NetBSD/evbsh3 | Various Hitachi Super-H SH3 and SH4-based evaluation boards and appliances |
NetBSD/ews4800mips | NEC's MIPS-based EWS4800 workstation |
NetBSD/hp300 | Hewlett-Packard 9000/300 and 400 series |
NetBSD/hppa | Hewlett-Packard 9000 Series 700 workstations |
NetBSD/hpcarm | StrongARM based Windows CE PDA machines |
NetBSD/hpcmips | MIPS-based Windows CE PDA machines |
NetBSD/hpcsh | Hitachi Super-H based Windows CE PDA machines |
NetBSD/i386 | IBM PCs and PC clones with i486-family processors and up |
NetBSD/ibmnws | IBM Network Station 1000 |
NetBSD/iyonix | Castle Technology's Iyonix ARM based PCs |
NetBSD/landisk | SH4 processor based NAS appliances |
NetBSD/luna68k | OMRON Tateisi Electric's LUNA series |
NetBSD/mac68k | Apple Macintosh with Motorola 68k CPU |
NetBSD/macppc | Apple PowerPC-based Macintosh and clones |
NetBSD/mipsco | MIPS Computer Systems Inc. family of workstations and servers |
NetBSD/mmeye | Brains mmEye multimedia server |
NetBSD/mvme68k | Motorola MVME 68k Single Board Computers |
NetBSD/mvmeppc | Motorola PowerPC VME Single Board Computers |
NetBSD/netwinder | StrongARM based NetWinder machines |
NetBSD/news68k | Sony's 68k-based “NET WORK STATION” series |
NetBSD/newsmips | Sony's MIPS-based “NET WORK STATION” series |
NetBSD/next68k | NeXT 68k “black” hardware |
NetBSD/ofppc | OpenFirmware PowerPC machines |
NetBSD/pmax | Digital MIPS-based DECstations and DECsystems |
NetBSD/prep | PReP (PowerPC Reference Platform) and CHRP machines |
NetBSD/sandpoint | Motorola Sandpoint reference platform |
NetBSD/sbmips | Broadcom SiByte evaluation boards |
NetBSD/sgimips | Silicon Graphics' MIPS-based workstations |
NetBSD/shark | Digital DNARD (“shark”) |
NetBSD/sparc | Sun SPARC (32-bit) and UltraSPARC (in 32-bit mode) |
NetBSD/sparc64 | Sun UltraSPARC (in native 64-bit mode) |
NetBSD/sun2 | Sun Microsystems Sun 2 machines with Motorola 68010 CPU |
NetBSD/sun3 | Motorola 68020 and 030 based Sun 3 and 3x machines |
NetBSD/vax | Digital VAX |
NetBSD/x68k | Sharp X680x0 series |
NetBSD/xen | The Xen virtual machine monitor |
NetBSD/zaurus | Sharp ARM PDAs |
Ports available in source form only for this release include the following:
NetBSD/amigappc | PowerPC-based Amiga boards |
NetBSD/ia64 | Itanium family of processors |
NetBSD/playstation2 | SONY PlayStation2 |
NetBSD/rs6000 | IBM RS/6000 MCA-based PowerPC machines. |
The NetBSD Foundation would like to thank all those who have contributed code, hardware, documentation, funds, colocation for our servers, web pages and other documentation, release engineering, and other resources over the years. More information on the people who make NetBSD happen is available at:
We would like to especially thank the University of California at Berkeley and the GNU Project for particularly large subsets of code that we use. We would also like to thank the Internet Systems Consortium Inc., the Network Security Lab at Columbia University's Computer Science Department, and Ludd (Luleå Academic Computer Society) computer society at Luleå University of Technology for current colocation services.
NetBSD is a free, fast, secure, and highly portable Unix-like Open Source operating system. It is available for a wide range of platforms, from large-scale servers and powerful desktop systems to handheld and embedded devices. Its clean design and advanced features make it excellent for use in both production and research environments, and the source code is freely available under a business-friendly license. NetBSD is developed and supported by a large and vivid international community. Many applications are readily available through pkgsrc, the NetBSD Packages Collection.
The NetBSD Foundation was chartered in 1995, with the task of overseeing core NetBSD project services, promoting the project within industry and the open source community, and holding intellectual property rights on much of the NetBSD code base. Day-to-day operations of the project are handled by volunteers.
As a non-profit organization with no commercial backing, The NetBSD Foundation depends on donations from its users, and we would like to ask you to consider making a donation to the NetBSD Foundation in support of continuing production of our fine operating system. Your generous donation would be particularly welcome assistance with ongoing upgrades and maintenance, as well as with operating expenses for The NetBSD Foundation.
Donations can be made via PayPal to <[email protected]>
and
are fully tax-deductible in the US. If you would prefer not to use PayPal,
or would like to make other arrangements, please contact
<[email protected]>
.
Back to NetBSD 5.x formal releases