Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Kutulutsidwa kwa OpenBSD 6.5

Kutulutsidwa kwa OpenBSD 6.5

adawona kuwala kutulutsidwa kwa pulogalamu yaulere, yofanana ndi nsanja ya UNIX Pulogalamu ya OpenBSD 6.5. Ntchito ya OpenBSD idakhazikitsidwa ndi Theo de Raadt mu 1995, pambuyo pake kukangana ndi opanga NetBSD, chifukwa chake Teo adakanidwa mwayi wopita kunkhokwe ya NetBSD CVS. Zitatha izi, Theo de Raadt ndi gulu la anthu amalingaliro ofanana adapanga njira yatsopano yotseguka yotengera mtengo wa NetBSD, zomwe zolinga zake zinali kunyamula (mothandizidwa ndi 13 hardware nsanja), muyezo, ntchito yolondola, chitetezo yogwira ndi Integrated cryptographic zida. Full unsembe kukula Chithunzi cha ISO OpenBSD 6.5 base system ndi 407 MB.

Kuphatikiza pa machitidwe opangira okha, polojekiti ya OpenBSD imadziwika ndi zigawo zake, zomwe zafala kwambiri m'machitidwe ena ndipo zatsimikizira kuti ndi imodzi mwa njira zotetezeka komanso zapamwamba kwambiri. Mwa iwo: LibreSSL (foloko OpenSSL), OpenSSH, paketi fyuluta PF, kuyendetsa ma daemoni OpenBGPD ndi OpenOSPFD, seva ya NTP OpenNTPD, seva yamakalata OpenSMTPD, ma terminal multiplexer (ofanana ndi skrini ya GNU) tmux, daemon chodziwika ndi kukhazikitsa kwa IDENT protocol, njira ina ya BSDL ku phukusi la GNU groff - mando, ndondomeko yokonzekera machitidwe olekerera zolakwika CARP (Common Address Redundancy Protocol), yopepuka http seva, chothandizira cholumikizira mafayilo OpenRSYNC.

Zina mwa zosintha zodziwika bwino: mtundu wonyamula wa bgpd wayambitsidwa, wosinthidwa kuti ugwire ntchito m'ma OS ena, kugwiritsa ntchito mwayi wa Xenocara ndi tcpdump mizu kwachotsedwa, cholumikizira cha LDD chimathandizidwa ndi kusakhazikika kwa amd64 ndi i386, thandizo la MPLS latha. mapulogalamu okhazikika (ROP), njira yosavuta yosinthira seva ya DNS yowonjezera yawonjezedwa, chowunikira chosadziwika bwino chaphatikizidwa mu kernel, komanso kukhazikitsa kwathu rsync utility adayambitsidwa.

waukulu kuwongolera:

  • Mukamanga zomanga za amd64 ndi i386, cholumikizira cha LDD chopangidwa ndi pulojekiti ya LLVM chimagwiritsidwa ntchito mwachisawawa. Pazomangamanga za mips64, chithandizo chomanga pogwiritsa ntchito Clang chawonjezedwa;
  • Madalaivala atsopano a pvclock a paravirtualized KVM timer ndi ixl ya Intel Ethernet 700. Dalaivala ya uaudio yasinthidwa ndi kukhazikitsa kwatsopano ndi chithandizo cha USB Audio 2.0.
  • Kuchita bwino kwa madalaivala a zida zopanda zingwe bwfm, iwn, iwm ndi athn. Thandizo la mauthenga a RTM_80211INFO awonjezedwa ku stack opanda zingwe kuti atumize zambiri za mawonekedwe a dhclient ndi njira. Khalidwe lachete polumikizana ndi ma netiweki opanda zingwe lasinthidwa - ngati muli ndi mndandanda wolumikizidwa ndi auto, OpenBSD sichimalumikizananso ndi maukonde osadziwika otseguka (kubwezera zomwe zidachitika kale, mutha kuwonjezera maukonde opanda kanthu pamndandanda);
  • Netiweki stack imabweretsa ma driver atsopano a bpe (Backbone Provider Edge) ndi mpip (MPLS IP layer 2) pseudo-device. Thandizo lowonjezera pakukonza madera ena amayendedwe a MPLS. Dalaivala wa vlan wathandizidwa kuti adutse kukonza pamzere ndikutulutsa mwachindunji ku mawonekedwe a netiweki ya makolo. Mawonekedwe a txprio owonjezera ku ifconfig kuti muwongolere kuyika patsogolo pamitu yamapaketi omwe ali ndi tunnel (yothandizira madalaivala a vlan, gre, gif ndi etherip);
  • Pokhazikitsa fyuluta ya bpf, zidakhala zotheka kugwiritsa ntchito makina otsitsa popanda kutenga mapaketi. Izi zimagwiritsidwa ntchito mu tcpdump kusefa pagawo loyambirira la paketi yomwe ikulandiridwa ndi chipangizo;
  • Okhazikitsa amapereka chithandizo rdsetroot kuwonjezera chithunzi cha disk ku kernel RAMDISK. Kuonetsetsa kuti kuchotsedwa kwa zigawo zina zakale zomwe zatulutsidwa panthawi yokonzanso dongosolo;
  • Kuyimba foni kwadongosolo kudzafotokoza, yomwe imapereka kudzipatula kwadongosolo la fayilo. Mtundu watsopanowu umawonjezera kuzindikira kwa machesi okhudzana ndi chikwatu chomwe chikugwira ntchito pakalipano popanga njira zofananira. Kugwiritsiridwa ntchito kwa stat ndi mwayi wa zigawo zoletsedwa zamafayilo ndizoletsedwa. Kwa mapulogalamu ospfd, ospf6d, rebound, getconf, kvm_mkdb, bdftopcf, Xserver, passwd, spamlogd, spamd, sensorsd, snmpd, htpasswd ndi ifstated, chitetezo pogwiritsa ntchito unveil chimakhazikitsidwa;
  • Clang yathandizira zida zolepheretsa kugwiritsa ntchito njira zobwereranso (ROP), zomwe zachepetsa kwambiri zida zapolymorphic zomwe zimapezeka m'mafayilo omwe atha kuchitidwa a i386 ndi amd64 architectures;
  • Clang yasintha magwiridwe antchito komanso chitetezo mukamagwiritsa ntchito
    chitetezo ndondomeko BWINO, cholinga chake ndi kusokoneza machitidwe azinthu zomwe zimagwiritsidwa ntchito pogwiritsa ntchito ma code obwereka ndi njira zobwereranso. Kuti mufulumizitse ntchito, deta imayikidwa m'marejista m'malo mwa stack ngati kuli kotheka, ndipo cache ya processor imagwiritsidwa ntchito bwino pobwerera. RETGUARD imagwiritsidwanso ntchito tsopano m'malo mwachitetezo chamwambo pa amd64 ndi ma arm64;

  • Zothandizira zokhudzana ndi stack network zasinthidwa: Thandizo losefa mapaketi a MPLS awonjezedwa ku pcap-sefa. Kuthekera kokonza zofunika pamayendedwe awonjezedwa ku ospfd, ospf6d ndi ripd. MU
    ripd added mechanism based protection chikole. Onjezani sff ndi sffdump modes kuti ifconfig kuti mupeze chidziwitso chazidziwitso kuchokera ku ma transmitters owoneka;

  • Kutulutsidwa koyamba kwa chosinthira chatsopano chaperekedwa osafafaniza, yomwe imakonza mafunso obwerezabwereza a DNS ndikuvomereza kulumikizana kokha pa mawonekedwe 127.0.0.1.
    Unwind idapangidwa kuti igwiritsidwe ntchito pamakina amakasitomala, monga ma laputopu, oyenda pakati pa maukonde osiyanasiyana opanda zingwe. Ngati iwona kutsekeka kwa magalimoto a DNS pamaneti am'deralo, tsegulani masinthidwe ogwiritsira ntchito adilesi ya seva ya DNS yobwereza yomwe imasamutsidwa kudzera pa DHCP, koma ikupitilizabe nthawi ndi nthawi kuyesa kuthetsa paokha ndipo zopempha zachindunji zikangoyamba, zimabwereranso pakudzipeza paokha. Ma seva a DNS;

  • Mu bgpd, ntchito yachitidwa kuti muchepetse kugwiritsa ntchito kukumbukira, chowonjezera chosavuta cha malamulo chawonjezedwa (kuphatikiza malamulo osefera omwe amasiyana ndi seti ya fyuluta), njira yosinthira ya BGP MPLS VPN yasinthidwa, chithandizo cha IPv6 BGP MPLS VPN chawonjezeredwa. , ndi "monga-owonjezera" magwiridwe antchito akhazikitsidwa kuti alowe m'malo oyandikana nawo AS kupita ku AS m'njira, adawonjezera kuthekera kolumikizana ndi anthu angapo muulamuliro umodzi, adawonjezeranso mawonekedwe atsopano "*", "local-monga" ndi "mnansi". -monga", ntchito yabwino yokhala ndi malamulo akulu, adawonjezeranso malamulo atsopano ogwirira ntchito ndi magulu oyandikana nawo odziyimira pawokha ("bgpctl gulu loyandikana nalo", "bgpctl wonetsani gulu la oyandikana nawo", "bgpctl onetsani gulu la oyandikana nawo"), kuthekera kowonjezera maukonde ku matebulo a BGP VPN awonjezedwa ku bgpctl. Kwa nthawi yoyamba, mtundu wamtundu wa OpenBGPD-portable wakonzedwa, wokonzeka kugwira ntchito pamakina ena kupatula OpenBSD;
  • Njira yowonjezera kubisa kuti muwone milandu ya machitidwe osadziwika mu OpenBSD kernel.
  • Ntchito ya tcpdump imachotseratu kugwiritsa ntchito mwayi wa mizu;
  • Kuchita bwino kwa malloc pamapulogalamu amitundu yambiri;
  • Mtundu woyamba wa pulogalamuyi wawonjezedwa pazolemba OpenRSYNC ndi kukhazikitsa kwake kwa rsync file synchronization utility;
  • Mtundu wa seva yamakalata wa OpenSMTPD wasinthidwa, momwe muyeso watsopano wofananira "kuchokera ku rdns" wawonjezedwa ku smtpd.conf, zomwe zimakulolani kusankha magawo motengera kusintha kwa DNS (kuzindikira dzina la wolandila ndi IP). Pofufuza m'matebulo, kuthekera kogwiritsa ntchito mawu okhazikika kwawonjezeredwa;
  • Phukusi la OpenSSH 8.0 lasinthidwa, tsatanetsatane wa zosinthazi zitha kupezeka apa;
  • Phukusi la LibreSSL lasinthidwa, tsatanetsatane wa zosinthazi zitha kupezeka muzolengeza zotulutsidwa 2.9.0 ΠΈ 2.9.1;
  • Mandoc yasintha kwambiri kutulutsa kwa HTML, kumasulira bwino kwa tebulo, ndikuwonjezera "-O" mbendera kuti mutsegule tsamba ndi tanthauzo la mawu omwe atchulidwa;
  • Kuthekera kwazithunzi za Xenocara kwakulitsidwa: seva ya X sikufunikanso kuyika ndi mbendera ya setuid kuti iyendetse. Dalaivala wa radeonsi Mesa akuphatikizapo chithandizo cha hardware mathamangitsidwe ku Southern Islands (Radeon HD 7000) ndi Sea Islands (Radeon HD 8000) GPUs;
  • Madoko a C ++ azomangamanga osathandizidwa ndi Clang tsopano apangidwa pogwiritsa ntchito GCC kuchokera kumadoko. Chiwerengero cha madoko a zomangamanga za AMD64 chinali 10602, cha aarch64 - 9654, cha i386 - 10535.
    • Asterisk 16.2.1
    • Audacity 2.3.1
    • Mpweya 3.10.2
    • Chromium 73.0.3683.86
    • FFmpeg 4.1.3
    • GCC 4.9.4 ndi 8.3.0
    • GNOME 3.30.2.1
    • Pitani ku 1.12.1
    • JDK 8u202 ndi 11.0.2+9-3
    • LLVM/Clang 7.0.1
    • FreeOffice 6.2.2.2
    • Lua 5.1.5, 5.2.4 ndi 5.3.5
    • Chithunzi cha MariaDB 10.0.38
    • Nyani 5.18.1.0
    • Mozilla Firefox 66.0.2 ndi ESR 60.6.1
    • Mozilla Thunderbird 60.6.1
    • Ndondomeko .js 10.15.0
    • OpenLDAP 2.3.43 ndi 2.4.47
    • PHP 7.1.28, 7.2.17 ndi 7.3.4
    • Postfix 3.3.3 ndi 3.4.20190106
    • PostgreSQL 11.2
    • Python 2.7.16 ndi 3.6.8
    • R 3.5.3
    • Ruby 2.4.6, 2.5.5 ndi 2.6.2
    • Dzimbiri 1.33.0
    • Sendmail 8.16.0.41
    • SQLite3 3.27.2
    • Meerkat 4.1.3
    • Tcl/Tk 8.5.19 ndi 8.6.8
    • TeX Live 2018
    • Vim 8.1.1048 ndi Neovim 0.3.4
    • Xfce 4.12
  • Zigawo zachitatu zomwe zikuphatikizidwa ndi OpenBSD 6.5:
    • Zithunzi za Xenocara zotengera seva ya X.Org 1.19.7 yokhala ndi zigamba, freetype 2.9.1, fontconfig 2.12.4, Mesa 18.3.5, xterm 344, xkeyboard-config 2.20;
    • LLVM/Clang 7.0.1 (ndi zigamba)
    • GCC 4.2.1 (yokhala ndi zigamba) ndi 3.3.6 (yokhala ndi zigamba)
    • Perl 5.28.1 (ndi zigamba)
    • NSD 4.1.27
    • Zosasinthika 1.9.1
    • Namwino 5.7
    • Binutils 2.17 (ndi zigamba)
    • Gdb 6.3 (ndi zigamba)
    • Pa Aug 10, 2011
    • Kutulutsa 2.2.6

Source: opennet.ru

Kuwonjezera ndemanga