Announcing NetBSD 7.0.1

Introduction

The NetBSD Project is pleased to announce NetBSD 7.0.1, the first security/bugfix update of the NetBSD 7.0 release branch. It represents a selected subset of fixes deemed important for security or stability reasons.

Complete source and binaries for NetBSD 7.0.1 are available for download at many sites around the world. A list of download sites providing FTP, AnonCVS, SUP, and other services may be found at https://www.NetBSD.org/mirrors/. We encourage users who wish to install via ISO or USB disk images to download via BitTorrent by using the torrent files supplied in the images area. A list of hashes for the NetBSD 7.0.1 distribution has been signed with the well-connected PGP key for the NetBSD Security Officer: https://ftp.NetBSD.org/pub/NetBSD/security/hashes/NetBSD-7.0.1_hashes.asc

NetBSD is free. All of the code is under non-restrictive licenses, and may be used without paying royalties to anyone. Free support services are available via our mailing lists and website. Commercial support is available from a variety of sources. More extensive information on NetBSD is available from our website:

www.NetBSD.org

Changes Between 7.0 and 7.0.1

The complete list of changes can be found in the CHANGES-7.0.1 file in the top level directory of the NetBSD 7.0.1 release tree. An abbreviated version is below:

Security fixes

The following security advisories were fixed:

NetBSD-SA2016-001 Multiple vulnerabilities in ntp daemon
NetBSD-SA2016-004 Multiple vulnerabilities in the compatibility layers
NetBSD-SA2016-005 bozohttpd CGI handlers potential remote code execution

Note: Advisories prior to NetBSD-SA2016-001 do not affect NetBSD 7.0.

In addition to fixes for issues covered by the security advisories listed above, the following security fixes are included as well:

BIND: Update to 9.10.3-P4.
expat: Fix CVE-2016-0718.
NTP: Update to 4.2.8p7.
OpenSSH: Fix CVE-2015-5352, CVE-2015-6565, CVE-2015-8325, and CVE-2016-0777.
OpenSSL: Update to 1.0.1t.
xen: Fix XSA155 (CVE-2015-8550).

Other changes

Add wip.pkgsrc.org to ssh_known_hosts.
Avoid "vnconfig -l" infinite loop with netbsd-6 or older userland.
Avoid a crash when mounting an ados file system.
Avoid a panic when unplugging a mounted umass(4) device. PR kern/50467.
Don't leak garbage from the kernel stack on sleep(0) and equivalents.
Fix ARM1136 function selection. PR port-arm/50512.
Fix a crash in NFS. PR kern/50664.
Fix a crash when tmpfs fills up. PR kern/50381.
Fix a crash with alc(4). PR kern/50206.
Fix i386 PAE kernels. PR port-i386/48196.
Fix sftp filename completion. PR bin/50564.
Fix two crashes with gif(4).
ODROID-C1: Fix a problem when trying to use the network if the cable wasn't plugged in at boot.
Prevent a deadlock with two null mounts on the same physical mount. PR kern/50375.
Resolve hostnames with "_". PR lib/50367.
Update root.cache to 20160323.
Update tzdata to 2016b.
bozohttpd(8): Update to 20160415. Changes:
- add CGI support for ~user translation (-E switch)
- add redirects to ~user translation
- fix bugs around ~user translation
- add schema detection for absolute redirects
- fixed few memory leaks
- bunch of minor tweaks
- removed -r support
- smarter redirects
- fix redirection handling
- support transport stream (.ts) and video object (.vob) files
- directory listings show correct file sizes for large files
- add search-word support for CGI
- fix a security issue in CGI suffix handler support which would allow remote code execution
- -C option supports now CGI scripts only
cp(1), mv(1), restore(8), touch(1): Don't truncate at sub-microsecond while preserving timestamps.
cvs(1): Remove trailing whitespace from imported messages when adding new files.
drm2: Avoid NULL dereference in linux_worker_intr(). PR kern/49560.
hp300: Fix panic on machines without arcofi(4) audio.
i386: Fix booting on early 486 CPUs that don't have cpuid.
ndp(8): Fix ndp to ipv6 link-local addresses.
sparc64: Numerous fixes to compat_netbsd32.
terminfo: Correct the x68k's backspace key behavior.
x86: Add missing gptmbr.bin to ramdisk-based install media. PR install/50311.
x86: Make fix for AMD erratum 721 actually work.

NetBSD mirror sites

Please use a mirror site close to you.

System families supported by NetBSD 7.0.1

The NetBSD 7.0.1 release provides supported binary distributions for the following systems:

NetBSD/acorn26 Acorn Archimedes, A-series and R-series systems

NetBSD/acorn32 Acorn RiscPC/A7000, VLSI RC7500

NetBSD/algor Algorithmics, Ltd. MIPS evaluation boards

NetBSD/alpha Digital/Compaq Alpha (64-bit)

NetBSD/amd64 AMD family processors like Opteron, Athlon64, and Intel CPUs with EM64T extension

NetBSD/amiga Commodore Amiga and MacroSystem DraCo

NetBSD/amigappc PowerPC-based Amiga boards.

NetBSD/arc MIPS-based machines following the Advanced RISC Computing spec

NetBSD/atari Atari TT030, Falcon, Hades

NetBSD/bebox Be Inc's BeBox

NetBSD/cats Chalice Technology's CATS and Intel's EBSA-285 evaluation boards

NetBSD/cesfic CES FIC8234 VME processor board

NetBSD/cobalt Cobalt Networks' MIPS-based Microservers

NetBSD/dreamcast Sega Dreamcast game console

NetBSD/emips The Extensible MIPS architecture from Microsoft Research

NetBSD/epoc32 Psion EPOC PDAs

NetBSD/evbarm Various ARM-based evaluation boards and appliances

NetBSD/evbmips Various MIPS-based evaluation boards and appliances

NetBSD/evbppc Various PowerPC-based evaluation boards and appliances

NetBSD/evbsh3 Various Hitachi Super-H SH3 and SH4-based evaluation boards and appliances

NetBSD/ews4800mips NEC's MIPS-based EWS4800 workstation

NetBSD/hp300 Hewlett-Packard 9000/300 and 400 series

NetBSD/hppa Hewlett-Packard 9000 Series 700 workstations

NetBSD/hpcarm StrongARM based Windows CE PDA machines

NetBSD/hpcmips MIPS-based Windows CE PDA machines

NetBSD/hpcsh Hitachi Super-H based Windows CE PDA machines

NetBSD/i386 IBM PCs and PC clones with i486-family processors and up

NetBSD/ibmnws IBM Network Station 1000

NetBSD/iyonix Castle Technology's Iyonix ARM based PCs

NetBSD/landisk SH4 processor based NAS appliances

NetBSD/luna68k OMRON Tateisi Electric's LUNA series

NetBSD/mac68k Apple Macintosh with Motorola 68k CPU

NetBSD/macppc Apple PowerPC-based Macintosh and clones

NetBSD/mipsco MIPS Computer Systems Inc. family of workstations and servers

NetBSD/mmeye Brains mmEye multimedia server

NetBSD/mvme68k Motorola MVME 68k Single Board Computers

NetBSD/mvmeppc Motorola PowerPC VME Single Board Computers

NetBSD/netwinder StrongARM based NetWinder machines

NetBSD/news68k Sony's 68k-based "NET WORK STATION" series

NetBSD/newsmips Sony's MIPS-based "NET WORK STATION" series

NetBSD/next68k NeXT 68k "black" hardware

NetBSD/ofppc OpenFirmware PowerPC machines

NetBSD/pmax Digital MIPS-based DECstations and DECsystems

NetBSD/prep PReP (PowerPC Reference Platform) and CHRP machines

NetBSD/rs6000 IBM RS/6000 MCA-based PowerPC machines.

NetBSD/sandpoint Motorola Sandpoint reference platform, including many PPC-based NAS boxes

NetBSD/sbmips Broadcom SiByte evaluation boards

NetBSD/sgimips Silicon Graphics' MIPS-based workstations

NetBSD/shark Digital DNARD ("shark")

NetBSD/sparc Sun SPARC (32-bit) and UltraSPARC (in 32-bit mode)

NetBSD/sparc64 Sun UltraSPARC (in native 64-bit mode)

NetBSD/sun2 Sun Microsystems Sun 2 machines with Motorola 68010 CPU

NetBSD/sun3 Motorola 68020 and 030 based Sun 3 and 3x machines

NetBSD/vax Digital VAX

NetBSD/x68k Sharp X680x0 series

NetBSD/xen The Xen virtual machine monitor

NetBSD/zaurus Sharp ARM PDAs

Ports available in source form only for this release include the following:

NetBSD/ia64 Itanium family of processors

Acknowledgments

The NetBSD Foundation would like to thank all those who have contributed code, hardware, documentation, funds, colocation for our servers, web pages and other documentation, release engineering, and other resources over the years. More information on the people who make NetBSD happen is available at:

www.NetBSD.org/people/

We would like to especially thank the University of California at Berkeley and the GNU Project for particularly large subsets of code that we use. We would also like to thank the Internet Systems Consortium Inc. and the Network Security Lab at Columbia University's Computer Science Department for current colocation services.

About NetBSD

NetBSD is a free, fast, secure, and highly portable Unix-like Open Source operating system. It is available for a wide range of platforms, from large-scale servers and powerful desktop systems to handheld and embedded devices. Its clean design and advanced features make it excellent for use in both production and research environments, and the source code is freely available under a business-friendly license. NetBSD is developed and supported by a large and vibrant international community. Many applications are readily available through pkgsrc, the NetBSD Packages Collection.

About the NetBSD Foundation

The NetBSD Foundation was chartered in 1995, with the task of overseeing core NetBSD project services, promoting the project within industry and the open source community, and holding intellectual property rights on much of the NetBSD code base. Day-to-day operations of the project are handled by volunteers.

As a non-profit organization with no commercial backing, the NetBSD Foundation depends on donations from its users, and we would like to ask you to consider making a donation to the NetBSD Foundation in support of continuing production of our fine operating system. Your generous donation would be particularly welcome to help with ongoing upgrades and maintenance, as well as with operating expenses for the NetBSD Foundation.

Donations can be done via PayPal to <paypal@NetBSD.org>, or via Google Checkout and are fully tax-deductible in the US. See //www.NetBSD.org/donations/ for more information, or contact <finance-exec@NetBSD.org> directly.

Back to NetBSD 7.x formal releases