NetBSD 7.1.2 released (March 15, 2018)
The NetBSD Project is pleased to announce NetBSD 7.1.2, the second security/critical update of the NetBSD 7.1 release branch. It represents a selected subset of fixes deemed important for security or stability reasons.
Complete source and binaries for NetBSD 7.1.2 are available for download at many sites around the world. A list of download sites providing FTP, AnonCVS, and other services may be found at https://www.NetBSD.org/mirrors/. We encourage users who wish to install via ISO or USB disk images to download via BitTorrent by using the torrent files supplied in the images area. A list of hashes for the NetBSD 7.1.2 distribution has been signed with the well-connected PGP key for the NetBSD Security Officer: https://ftp.NetBSD.org/pub/NetBSD/security/hashes/NetBSD-7.1.2_hashes.asc
NetBSD is free. All of the code is under non-restrictive licenses, and may be used without paying royalties to anyone. Free support services are available via our mailing lists and website. Commercial support is available from a variety of sources. More extensive information on NetBSD is available from our website:
Below is an abbreviated list of changes in this release. The complete list can be found in the CHANGES-7.1.2 file in the top level directory of the NetBSD 7.1.2 release tree.
The following security advisories were fixed:
- NetBSD-SA2018-003: Remote DoS in IPsec (IPv6)
- NetBSD-SA2018-004: Remote Memory Corruption in IPv6
- NetBSD-SA2018-005: Privilege separation bug in Xen-amd64
- NetBSD-SA2018-006: Several vulnerabilities in the network stack
Note: Advisories prior to NetBSD-SA2018-003 do not affect NetBSD 7.1.1.
- Disable compat_svr4 and compat_svr4_32 by default on all ports.
- Disable compat_ibcs2 everywhere but on Vax.
- Remove svr4/svr4_32/ibcs2/freebsd from the module autoload list.
- Disable LSRR (loose source and record route) and SSRR (strict source and record route) by default.
- amd64: Make the direct map non executable.
- BIND: update bind.keys.
- bozohttpd(8): Fix issue where bozohttpd would fail to exec scripts via the -C mechanism.
- drm2: Fix issues preventing the use of more than one graphics device.
- Fix detection of duplicate symbols in kernel modules.
- ipfilter: Fix a kernel panic when altering the ipf state table size at runtime.
-
ipsec:
- Fix a couple use-after-free issues.
- Fix IPv6-IPsec-AH tunnels.
- Fix inverted logic that could crash the kernel.
- Fix out-of-bounds read.
- Strengthen sanity checks (AH/ESP).
- IPv6: Kick nested IPv6 fragments.
- ksh: Create HISTFILE with mode 0600, not 777.
-
sparc:
- Fix time goes backwards problems.
- Fix problem using the ps command in ddb.
- tlp(4): Fix timeout using the Legacy Network Adapter in Microsoft Windows Server Hyper-V VMs.
- ypserv(8): Avoid returning stale request data to the client.
Please use a mirror site close to you.
The NetBSD 7.1.2 release provides supported binary distributions for the following systems:
NetBSD/acorn26 | Acorn Archimedes, A-series and R-series systems |
NetBSD/acorn32 | Acorn RiscPC/A7000, VLSI RC7500 |
NetBSD/algor | Algorithmics, Ltd. MIPS evaluation boards |
NetBSD/alpha | Digital/Compaq Alpha (64-bit) |
NetBSD/amd64 | AMD family processors like Opteron, Athlon64, and Intel CPUs with EM64T extension |
NetBSD/amiga | Commodore Amiga and MacroSystem DraCo |
NetBSD/amigappc | PowerPC-based Amiga boards. |
NetBSD/arc | MIPS-based machines following the Advanced RISC Computing spec |
NetBSD/atari | Atari TT030, Falcon, Hades |
NetBSD/bebox | Be Inc's BeBox |
NetBSD/cats | Chalice Technology's CATS and Intel's EBSA-285 evaluation boards |
NetBSD/cesfic | CES FIC8234 VME processor board |
NetBSD/cobalt | Cobalt Networks' MIPS-based Microservers |
NetBSD/dreamcast | Sega Dreamcast game console |
NetBSD/emips | The Extensible MIPS architecture from Microsoft Research |
NetBSD/epoc32 | Psion EPOC PDAs |
NetBSD/evbarm | Various ARM-based evaluation boards and appliances |
NetBSD/evbmips | Various MIPS-based evaluation boards and appliances |
NetBSD/evbppc | Various PowerPC-based evaluation boards and appliances |
NetBSD/evbsh3 | Various Hitachi Super-H SH3 and SH4-based evaluation boards and appliances |
NetBSD/ews4800mips | NEC's MIPS-based EWS4800 workstation |
NetBSD/hp300 | Hewlett-Packard 9000/300 and 400 series |
NetBSD/hppa | Hewlett-Packard 9000 Series 700 workstations |
NetBSD/hpcarm | StrongARM based Windows CE PDA machines |
NetBSD/hpcmips | MIPS-based Windows CE PDA machines |
NetBSD/hpcsh | Hitachi Super-H based Windows CE PDA machines |
NetBSD/i386 | IBM PCs and PC clones with i486-family processors and up |
NetBSD/ibmnws | IBM Network Station 1000 |
NetBSD/iyonix | Castle Technology's Iyonix ARM based PCs |
NetBSD/landisk | SH4 processor based NAS appliances |
NetBSD/luna68k | OMRON Tateisi Electric's LUNA series |
NetBSD/mac68k | Apple Macintosh with Motorola 68k CPU |
NetBSD/macppc | Apple PowerPC-based Macintosh and clones |
NetBSD/mipsco | MIPS Computer Systems Inc. family of workstations and servers |
NetBSD/mmeye | Brains mmEye multimedia server |
NetBSD/mvme68k | Motorola MVME 68k Single Board Computers |
NetBSD/mvmeppc | Motorola PowerPC VME Single Board Computers |
NetBSD/netwinder | StrongARM based NetWinder machines |
NetBSD/news68k | Sony's 68k-based “NET WORK STATION” series |
NetBSD/newsmips | Sony's MIPS-based “NET WORK STATION” series |
NetBSD/next68k | NeXT 68k “black” hardware |
NetBSD/ofppc | OpenFirmware PowerPC machines |
NetBSD/pmax | Digital MIPS-based DECstations and DECsystems |
NetBSD/prep | PReP (PowerPC Reference Platform) and CHRP machines |
NetBSD/rs6000 | IBM RS/6000 MCA-based PowerPC machines. |
NetBSD/sandpoint | Motorola Sandpoint reference platform, including many PPC-based NAS boxes |
NetBSD/sbmips | Broadcom SiByte evaluation boards |
NetBSD/sgimips | Silicon Graphics' MIPS-based workstations |
NetBSD/shark | Digital DNARD (“shark”) |
NetBSD/sparc | Sun SPARC (32-bit) and UltraSPARC (in 32-bit mode) |
NetBSD/sparc64 | Sun UltraSPARC (in native 64-bit mode) |
NetBSD/sun2 | Sun Microsystems Sun 2 machines with Motorola 68010 CPU |
NetBSD/sun3 | Motorola 68020 and 030 based Sun 3 and 3x machines |
NetBSD/vax | Digital VAX |
NetBSD/x68k | Sharp X680x0 series |
NetBSD/xen | The Xen virtual machine monitor |
NetBSD/zaurus | Sharp ARM PDAs |
Ports available in source form only for this release include the following:
NetBSD/ia64 | Itanium family of processors |
The NetBSD Foundation would like to thank all those who have contributed code, hardware, documentation, funds, colocation for our servers, web pages and other documentation, release engineering, and other resources over the years. More information on the people who make NetBSD happen is available at:
We would like to especially thank the University of California at Berkeley and the GNU Project for particularly large subsets of code that we use. We would also like to thank the Internet Systems Consortium Inc. and the Network Security Lab at Columbia University's Computer Science Department for current colocation services.
NetBSD is a free, fast, secure, and highly portable Unix-like Open Source operating system. It is available for a wide range of platforms, from large-scale servers and powerful desktop systems to handheld and embedded devices. Its clean design and advanced features make it excellent for use in both production and research environments, and the source code is freely available under a business-friendly license. NetBSD is developed and supported by a large and vibrant international community. Many applications are readily available through pkgsrc, the NetBSD Packages Collection.
The NetBSD Foundation was chartered in 1995, with the task of overseeing core NetBSD project services, promoting the project within industry and the open source community, and holding intellectual property rights on much of the NetBSD code base. Day-to-day operations of the project are handled by volunteers.
As a non-profit organization with no commercial backing, the NetBSD Foundation depends on donations from its users, and we would like to ask you to consider making a donation to the NetBSD Foundation in support of continuing production of our fine operating system. Your generous donation would be particularly welcome to help with ongoing upgrades and maintenance, as well as with operating expenses for the NetBSD Foundation.
Donations can be done via PayPal to
<[email protected]>
, or via Google Checkout and are fully
tax-deductible in the US. See
www.NetBSD.org/donations/ for more information, or
contact <[email protected]>
directly.
Back to NetBSD 7.x formal releases