OpenBSD 7.2 released: Oct 20, 2022

------------------------------------------------------------------------
- OpenBSD 7.2 RELEASED -------------------------------------------------

October 20, 2022.

We are pleased to announce the official release of OpenBSD 7.2.
This is our 53rd release. We remain proud of OpenBSD's record of more
than twenty years with only two remote holes in the default install.

As in our previous releases, 7.2 provides significant improvements,
including new features, in nearly all areas of the system:

- New/extended platforms:
o Added support for Ampere Altra
o Added support for Apple M2
o Added support for Lenovo ThinkPad x13s and other machines using
the Qualcomm Snapdragon 8cx Gen 3 (SC8280XP) SoC.

- Various kernel improvements:
o Allowed bsd.rd and bsd/bsd.mp to boot on Oracle Cloud amd64
instances.
o Added support for switching from glass console to serial console
on arm64 systems that default to glass console.
o pf(4) automatically allows IGMP and ICMP6 MLD packets with the
router alert option. Special allow-opts rules are no longer needed
for multicast discovery.
o Fixed a pf(4) NULL dereference panic triggered by relayd(8).
o Implement "show all routes" to print routing tables in ddb(4).
o Added a method (ESC D) to enter ddb(4) on serial drivers that do
not have a true BREAK mechanism.
o Added "show all routes" and the ability to show individual routes
(e.g. "show route 0xfffffd807e9b0000") to ddb(4).
o Added a "show swap" command to ddb(4) to help debugging.
o Count dropped network packets due to low memory in netstat(1).
o Simplified machine command handling in ddb(4).
o Changed to a simpler formula to calculate a default kern.maxthread
value: 2*NPROCESS.
o Enabled kstat(4), a device that exports kernel statistics that can
be read by kstat(1).
o Added CPU frequency sensors for each core on CPUs that have
MPERF/APERF support.
o Merged the UVM swap-backed and object-backed inactive page lists.
o Fixed rwlock(9) implementation to be fair to writers. Previously,
readers could grab the lock even if writers were waiting first.
o Made the CPU frequency scaling duration relative to the load when
in automatic mode on battery.
o Fixed luna88k MULTIPROCESSOR kernels booting with CPU modules
installed in arbitrary slots.
o Added a missing kqueue(2) wakeup, found by a Go testcase hang.
o Bumped the maximum number of supported CPUs to 256 on arm64.
o Ensure uvm_swap_io() can succeed, even in out of memory
situations, by reserving a second segment for the page daemon.
o Ensured progress in the swapper by pre-allocating pages in a
DMA-reachable region.
o Made the page daemon consider pmemrange regions when trying to
free pages from the inactive list. Previously the page daemon
could use a lot of CPU without freeing a page because the global
limits were satisfied.
o Ensured that uvm_swap_get() will always sleep rather than
returning an error. Previously an error could be returned to the
fault handler which would result in processes dying when a system
was under a lot of memory pressure.
o Added support for using non-standard UARTs (such as the Synopsys
DesignWare UART) as an early console.
o Remove NexGen CPU identification code as the kernel cannot run on
these CPUs anyway.
o Remove Rise CPU identification code.
o Dropped detection code for 386sx/386dx CPUs. OpenBSD/i386 hasn't
actually supported running on either for some time.
o Dropped detection code for Cyrix CPUs older than the Cyrix M2.
o Implemented the fundamentals for suspend/resume on arm64.
o Simplified TSC synchronization testing on amd64.
o Corrected sparc64 ofwboot to default to the softraid(4) volume on
the boot device to make root on softraid work out of the box on
sparc64 and be more consistent with softraid boot on other
architectures.
o Removed the obsolete kern.nselcoll sysctl(2).
o Changed mips64, octeon, and loongson to trigger deferred clock
interrupts from splx(9). This isolates the clock interrupt
schedule from the MD clock interrupt code.
o Fixed a potential kernel panic when an msdos partition is out of
space by fixing instances where msdosfs passed a NULL proc pointer
to detrunc().
o Add a delay_init() function that helps on i386 and amd64
architectures in setting up delay_func for different timers and
switching between them depending on their quality properties. This
improves how timers backing delay(9) are managed.

- SMP Improvements
o Make route timer MP safe and use rttimer pool.
o Use kernel lock to protect parts of ARP, ND6 and PPPoE that are
not MP safe. Lookup of existing ARP entries is MP safe and can run
in parallel.
o Start up to 4 softnet tasks to run IP input and forwarding in
parallel on multiple cores.
o Run IPv4 packet reassembly in parallel.
o Run IPv6 hop-by-hop options processing in parallel.
o Add a mutex to rate limiting functions to make them MP safe.
o Introduce mutex and reference counter for internet protocol
control block.
o Protect UDP, raw IP, and divert packet input routines with a
per-socket mutex.
o Protect recv(2) system call for UDP and raw IP packets with a
per-socket mutex and shared netlock. Allows to receive packets
while forwarding in parallel.
o Protect multicast deliver loop for UDP and raw IP sockets with
rwlock.
o Only grab netlock in IGMP and MLD timer when necessary.
o TCP slow timer runs without netlock.
o Rework rwlock so that a writer will get the lock eventually.
Readers cannot share the lock forever. This prevents starvation of
the writer.
o Run interface media ioctl with shared netlock so packets can be
processed while running ifconfig(8).
o btrace(8) can be used to debug reference counting.
o Use MP safe refcount for interface addresses.
o Unlocked kbind(2).
o Unlocked the pledge(2) system call.
o Made UNIX domain sockets locking per-socket rather than coarse
locking of the entire domain sockets layer.

- Direct Rendering Manager and graphics drivers
o Updated drm(4) to Linux 5.15.69
o inteldrm(4): support for Alder Lake, Raptor Lake
o Reimplemented the TTM page allocation code using bus_dma(9) APIs
to make sure DMA addresses are translated properly on
architectures with an IOMMU. This fixed amdgpu(4) and radeondrm(4)
on powerpc64, sparc64, and arm64 machines with SMMU.
o Implemented support for framebuffers that don't start on a page
boundary (like those on the 2021 14" and 16" MacBook Pro).
o Added handling for framebuffers where the first pixel isn't
page-aligned to wsfb(4).
o Fixed Xorg(1) when using the luna88k 1bpp framebuffer hardware.

- VMM/VMD improvements
o Improved error handling and logging in vmd(8)
o Unify all internal structures and interfaces between vmd(8),
vmctl(8) and vmm(4) to use bytes for memory and disk sizes.
o Fix rebooting a received VM in vmd(8).
o Have vmd(8) provide a copy of bios at 4g boundary. SeaBIOS and
newer Linux kernels expect it there.
o In vmd(8), fix off by one in VM memory range check.
o In vmd(8), add support for MMIO assist. In vmm(4), send all port
I/O emulation to userland.
o Have vmd(8) compute i8254 read-back command latch from singular
timestamp.
o Improve the command line parsing in vmctl(8).
o Let vmm(4) allow reading MSR_TSC on Intel hosts.
o In vmm(4), reference count VMs and VCPUs.
o In vmm(4), zero virtual addresses of VCPU state pages after
freeing.
o Fix `vmctl send` on Intel hosts by load the vmcs before reading
VCPU registers in vmm(4).
o Fix `vmctl receive` on Intel hosts by adding an additional fault
type in vmm(4).
o Add additional dt(4) tracepoints in various vmm(4) codepaths.
o Add snmpd(8) AgentX support based around VM-MIB (RFC7666).

- Various new userland features:
o Replaced rc.d(8) $rcexec variable with an rc_exec function. This
will require a mechanical change from ${rcexec} to rc_exec in rc.d
scripts. Kept compatibility to give people a chance to fix their
custom scripts.
o Introduced a new daemon_execdir variable to rc.d(8) for changing
to a specified directory before running rc_exec.
o Added ts(1), a timestamp utility.
o Add a new configtest action to rc.d(8) and rcctl(8) to check
configuration syntax of a daemon.
o Added forest (-f) mode to ps(1).

- Various bugfixes and tweaks in userland:
o Fixed openrsync(1) on sparc64 by eliminating a redundant second
conversion of the int value from little to host endian.
o Added connection timeout functionality to openrsync(1) via the
--contimeout option.
o Set the default openrsync(1) connection timeout that
rpki-client(8) uses to 15 seconds.
o Made use of the fact that repositories are unique objects in
pkg_add(1) and annotated the quirks repository as cached, allowing
for a large speed increase.
o Enabled pkg_add(1) caching by default.
o Changed the tied algorithm in pkg_add(1) to prevent O(n^2)
behavior when packages contain several hundred copies of the same
file.
o Added a "processing" message for when pkg_add(1) is transferring
data to inform the user that pkg_add is still working.
o Added missing uuid_dec_le() to init_gp() so fdisk(8) -A works on
big-endian architectures.
o Aligned fdisk(8) logic with that used in the kernel to allow the
protective EFI GPT partition to be in MBR partitions 0-3, not just
0.
o Prevented use of "-u" when fdisk(8) is operating on GPT formatted
disks.
o Stopped telling fdisk(8) that macppc HAS_MBR.
o Made fdisk(8) reject input of excessive length.
o Fixed an fdisk(8) regression to allow editing an MBR of all
zeroes.
o Changed fdisk(8) to restrict user actions if neither GPT nor MBR
structures can be found on the disk.
o Made fdisk(8) print a warning when an MBR partition starts or
extends past the end of the device.
o Made fdisk(8) print a warning when a GPT partition start or end is
outside the usable LBA area of the device.
o Made fdisk(8) display "Microsoft basic data" instead of "FAT12"
for GPT_UUID_MSDOS partitions.
o Made fdisk(8) print GPT attributes in verbose output.
o Made fdisk(8) use the correct GPT bootable attribute bit.
o Made fdisk(8) not spoof GPT partitions with the attribute
REQUIRED.
o Made fdisk(8) ensure GPT headers, table entries and usable area
don't overlap each other.
o Installed useful btrace(8) scripts in /usr/share/btrace.
o Made btrace(8) execute the END probe upon receiving a SIGTERM
signal.
o Moved the wait for autoconf interfaces from rc(8) to netstart(8)
to fix tunnel interfaces that depend on working autoconf
interfaces.
o Made netstart(8) create virtual interfaces up front if specified
on the command line.
o Changed rc.subr(8) to copy the message to stdout when using
logger(1) to avoid needing to check syslog when running in debug
mode.
o Fixed kbd(8) so it doesn't fail silently when executed by a
regular user.
o In the sndio library, added the function sio_flush(3) to stop
playback immediately. Altered sndiod(8) to wait until the buffer
is drained before closing the device.
o Made xterm(1) use a much safer FD-passing idiom for updating
utmp(5).
o Prevented a crash in vi(1) when cursor key support is disabled.
o Updated vi(1) to apply expandtab to the output of a ! command.
o Made mg(1) automatically delete trailing whitespace on RET in
c-mode and auto-indent-mode.
o Made grep(1) provide full context when using match count (-m)
o Added the --null flag to grep(1) which makes grep print an ASCII
NUL byte after the file name to make the output unambiguous.
o Fixed multiple memory leaks in awk(1).
o Changed compress(1) to print a more accurate message when -v is
used with -k.
o Fixed gzip(1) byte counts with 32-bit integers.
o Fixed the growth check in compress(1) and gzip(1) in cases of
small files or files with sufficiently random data.
o Made timeout(1) -s accept HUP like kill(1) and GNU timeout(1) do.
o Updated capitals and countries in the game quiz(6).
o Set default sleep value of ico(1) to 10ms.
o Fixed a bug in cron(8) where it could exit silently if ppoll(2)
exited. Now it will log to syslog(3) instead of stderr.
o Added llvm-profdata(1) to base so that ports can benefit from
profiled builds.
o Changed rc(8) to only attempt to set the yp(8) domainname if it
has not been set yet.
o Raised the "staff" login class data-size-cur on arm64 to be the
same as that for amd64 in login.conf(5) (1536M).
o Fixed patch(1) locate-hunk in empty files.
o Fixed patch(1) in the case of reversing a patch that creates a
file.
o Added seconds to the uptime display of top(1).
o Made putenv(3) return an error if the string starts with the '='
character. This matches the behavior on FreeBSD and NetBSD.
o Fixed overflow of the number of errors in renice(8) by setting
error instead of incrementing it.
o Removed the "-c" compatibility option from vnconfig(8).
o Stopped vnconfig(8) from printing the device name on failure.
o Print a message when ld.so(1) fails inside execve(2) to clarify
the failure mode when a dynamic executable is run while /usr isn't
mounted.
o Improved bioctl(8) RAID level parsing to check numeric levels
before checking single character levels. This allows recognition
of RAID 10 as a valid but unsupported level.
o Fixed installboot(8) messaging when verbose (-v) and dry-run (-n)
modes are combined with softraid(4).
o Sped up wc(1) word counting.

- Improved hardware support and driver bugfixes, including:
o New aplaudio(4) driver for Apple audio subsystem.
o New aplmca(4) driver for Apple MCA controller.
o New aplsart(4) driver for Apple SART address filter.
o New alpdc, apldchidev, apldckbd, apldcms, and aplrtk drivers for
keyboard and trackpad on Apple M2 laptops.
o New qcgpio(4) driver for Qualcomm Snapdragon GPIO controller.
o New qciic(4) driver for Qualcomm Snapdragon GENI I2C controller.
o New sfgpio(4) driver for SiFive GPIO controller.
o New stfclock(4) driver for StarFive JH7100 clock controller.
o New stfpinctrl(4) driver for StarFive JH7100 pin configuration.
o New stftemp driver for StarFive JH7100 temperature sensor.
o New sxirintc(4) driver for Allwinner wakeup interrupt controller.
o New gpiorestart driver for system reset via GPIO pin.
o Added support for more power sensors to ipmi(4).
o Added support for the ehci(4) controller on Marvell 3720 boards.
o Extended ksmn(4) to show CCD temperatures if available.
o Fixed missing interrupts for trackpads on some machines after
resume by making sure amdgpio(4) restores pin configuration on
resume.
o Added FIFO support and allow baud rate changes to pluart(4).
o Added support for the Synopsys DesignWare UART found on the Ryzen
Embedded V1000 SoCs to com(4).
o Added xhci(4) support for the dual role controllers integrated on
the Qualcomm Snapdragon 8cx gen 3 SoC.
o Added support for using the power button to wake up from suspend
to axppmic(4).
o Modified pms(4) to discard relative movement packets outside of
the [-127, 127] range to prevent cursor jumps when using the
trackpoint on some Lenovo laptops.
o Allowed spdmem(4) to attach to gdiumiic(4).
o Make spdmem(4) attach on 2F-based loongson systems.
o Added power button support to aplsmc(4).
o Changed the mfii(4) RAID controller driver to allow the firmware
more time to transition out of the UNDEFINED state.
o Added Wacom One S (CTL-472) support to uwacom(4).

- New or improved network hardware support:
o Increased rx buffer size on uaq(4) to 62kB.
o Repaired rge(4) hardware VLAN tagging.
o Provide statistics via kstats for mvneta(4).
o Enabled aq(4) on arm64.
o Implemented and enabled IPv4, TCP, and UDP checksum offloading for
igc(4).
o Fixed a panic triggered by ifconfig bnxt0 down by changing bnxt(4)
devices to not run rx and tx interrupt handlers when the interface
is not running.
o Introduced Large Receive Offloading of TCP segment offloading in
ix(4). Also added a tso option to ifconfig(8) to enable and
disable this feature.

- Added or improved wireless network drivers:
o Made device matching in iwx(4) more similar to Linux iwlwifi in
order to recognize more devices.
o Added support for AX210/AX211 devices to iwx(4).
o Fixed iwx(4) setting of HT/VHT bits in rate flags of the Tx
command that could cause a firmware panic.
o Added handling of 9k devices which do not support antenna B to
iwm(4).
o Fixed bwfm(4) ifconfig media display on devices with sta_info
command version 3.
o Fixed a bwfm(4) crash during USB detach.
o Fixed detection of the Rx data rate on rtl8192eu urtwn(4) devices.
o Fixed integer overflows in the iwm(4) and iwx(4) firmware file
parsers.

- IEEE 802.11 wireless stack improvements and bugfixes:
o Make sure drivers initialize all of ieee80211_rxinfo struct.

- Installer, upgrade and bootloader improvements:
o Fixed the watchdog in the installer so that it is reset after each
download and each set installation.
o Ensured that running sysupgrade(8) on -stable will move to the
next release, not -current.
o Added the -b option to sysupgrade(8) to set an alternative base
directory to which the installation files will be downloaded.
o Increased the disklabel(8) auto partitioner's maximum size for
/usr to 30G.
o Altered installer behavior so the vlan(4) question won't be asked
unless another network interface exists.
o Added support for wildcards in fw_update(8) patterns.
o Added support for booting from RAID 1C softraid(4) volumes on
amd64, sparc64 and arm64.
o Added NFS client support to the luna88k RAMDISK kernel.
o Made the EFI bootloader provide the extra parameters necessary to
use non-standard UARTs on the AMD Ryzen Embedded V1000 SoCs as
console.
o Switched bootloaders to the extended BOOTARG_CONSDEV struct.
o Added UFS2 support to landisk boot blocks.

- Security improvements:
o Implemented privilege separation in xlock(1).
o Added privilege separation to snmpd(8).
o The TZ environment variable no longer supports absolute paths, to
fit better into the pledge(2) bypass model.
o AF_UNIX socket bind(2) and connect(2) now follow unveil(2)
configuration.
o New ypconnect(2) system call creates a socket based upon the IP
address encoded directly in a locked ypbinding file, thereby
removing a horrible hack to support YP lookups in programs using
strong pledge(2) rules.
o Processes that pledge("vminfo") may now use the read-only
swapctl(2) operations SWAP_NSWAP and SWAP_STATS providing
information on swap devices.
o Randomized the rekey interval of arc4random(3).
o Reduce the attack surface by introducing a 'local bind' mode to
ypldap(8). In this mode ypldap binds its RPC sockets to loopback,
so YP services are only available to the host it's running on.
ypldap writes the YP binding file in /var/yp/binding itself and
replaces ypbind(8) and ypserv(8). This also implies that
portmap(8) doesn't need to be running anymore when local bind mode
is used.
o Changed the /sbin daemons dhcpleased(8), mountd(8), nfsd(8),
pflogd(8), resolvd(8), slaacd(8), and unwind(8) to be dynamically
linked to allow them to benefit from all the additional
mitigations that dynamically linked executables gain. NFS mounting
of /usr must now use statically configured IP addresses.

- Changes in the network stack:
o Added the recvmmsg(2) system call that allows receiving multiple
msghdrs at once, and the sendmmsg syscall that allows sending
multiple msghdrs at once.
o Relaxed address availability check for multicast(4) binds so
processes listening for the same multicast address do not need to
be the same UID.
o Introduced dedicated link entries for snapshots to pfsync(4).
o Changed pf(4) handling of IGMP and ICMP6 MLD packets to allow
multicast control packets to work by default.
o Made pf(4) more paranoid about IGMP/MLD messages.
o Fixed a logic bug in pf_find_state() that could cause pf(4) to
incorrectly block a packet.
o Fixed pf(4) syncookies during fast TCP port reuse.
o Fixed a bug in pf(4) where a pool defined like "172.16.0.0/16"
would count as a pool size of one address. Also fixed random
selection of source address to be uniform across the whole pool.
o Fixed a kernel panic in pf(4) if IP options with an ICMP payload
were truncated. Such packets will now be dropped instead.
o Allow forwarding to and from IPs in the 240/4 range.
o Corrected the Virtual Ethernet Bridge veb(4) to avoid calling
if_enqueue from an smr critical section.
o Reworked the kroute rttimer code to fix icmp_pmtu_timeout crashes.
o Fixed an interrupt storm upon suspend on Amlogic arm64 boards.
o Fixed a race between pflow_output_process() and
pflow_clone_destroy() in pflow(4).
o Added a missing input validation step to pipex(4) MPPE keylenbits.

- Routing daemons and other userland network improvements:
o IPsec support was improved:
- Made iked(8) ignore any CERT payload after the first rather
than failing the exchange when more than one CERT payload is
received.
- Added iked(8) support for sending certificate chains with
intermediate CAs in multiple CERT payloads.
- Added an OpenIKED Vendor ID payload in the iked(8) initial
handshake to make it easier to handle interoperability
problems with older versions in the future.
- Added iked(8) connection statistics for successful and failed
connections, error types, and other events that can be
printed with "ikectl show stats".
o In bgpd(8),
- Implement max-communities filter to limit the number of
allowed communities, ext-communities and large-communities.
- Fix insertion of additional non-transitive extended
communities when sending out prefixes.
- Relax IP address limitation by allowing prefixes in 240/4.
- Implement RFC 9234 - Route Leak Prevention and Detection
Using Roles in UPDATE and OPEN Messages.
- Full support for RFC 7911 - Advertisement of Multiple Paths
in BGP (ADD-PATH).
- Improve FIB code, handle IPv6 scoped addresses properly.
- Add bgplgd(8), a FastCGI server providing a REST API to
execute bgpctl(8) commands.
- Bugfix: bgpd(8) could fail to invalidate nexthops and
incorrectly leave them in the FIB or Adj-RIB-Out.
- Speedup bgpctl show rib 10/8 or-longer and show rib 10/8
or-shorter
- Switch various static hash tables to RB trees improving
performance on large systems
- Export per neighbor pending update and withdraw statistics
- Fix race between a neighbor session reset and its update
message backlog
- Improve handling of nexthop reachability state changes
- Made sure only one bgpd(8) roa softreconfig runner is run at
any time.
o rpki-client(8) saw some changes:
- Allowed more than one CRL URI in certificates.
- Do not apply timezone offsets when converting X509 times.
X509 times are in UTC and comparing them to times in
different timezones would cause validity problems.
- Add support for an operator-configurable skiplist facility.
Operators can specify a list of FQDNs which should not be
contacted when synchronizing the local cache to the network.
- Emit a warning when a RRDP session serial number decreases.
- DER decoding functions were refactored to leverage ASN.1
templates.
- Add support to validate & inspect .sig files containing RPKI
Signed Checklists in filemode (-f).
(draft-ietf-sidrops-rpki-rsc-08)
- Print various statistics after the completion of the main
process.
- Add support to decode & print TAL (RFC 8630) details in
filemode (-f).
- Emit objects in Concatenated JSON format when filemode (-f)
and the JSON output flag (-j) are combined.
- Add support for validating Autonomous System Provider
Authorization (ASPA) objects conforming to
draft-ietf-sidrops-aspa-profile-10. Validated ASPA payloads
are visible in JSON and filemode (-f) output.
- Set rsync(1) connection I/O idle timeout to 15 seconds.
- Unify the maximum idle I/O and connect timeouts for rsync(1)
& HTTPS.
- rpki-client(8) now performs stricter EE certificate
validation:
o Disallow AS Resources extensions in ROA EE certificates.
o Disallow Subject Information Access (SIA) extensions in
RPKI Signed Checklist (RSC) EE certs.
o Check the resources in ROAs and RSCs against EE certs.
- Improve readability and add various information being printed
in verbose mode.
- Extend filemode (-f) output and print X.509 certificates in
PEM format when increased verbosity (-vv) is specified.
- Shorten the RRDP I/O idle timeout.
- Introduce a deadline timer that aborts all repository
synchronization after seven eights of timeout (-s). With this
rpki-client has improved chances to complete and produce an
output even when a CA is excessively slow.
- Abort a currently running RRDP request process when the
per-repository timeout is reached.
- Permit multiple AccessDescription entries in SIA X.509
extensions. While fetching from secondary locations is not
yet supported, rpki-client will not treat occurrence as a
fatal error.
- Resolve a potential for a race condition in non-atomic RRDP
deltas.
- Fix some memory leaks.
- Improve compliance with the HTTP protocol specification.
o In snmpd(8),
- Allow object names to be used in addition to OIDs in
snmpd.conf(5).
- Better type hinting for debug logging.
- Introduce a blocklist feature, which removes subtrees from
view.
- Reintroduce AgentX master support.
- Move non-SNMP related metrics to their own AgentX based
backend.
- The snmpe process is now pledged stdio recvfd inet unix.
- Imported snmpd_metrics(8). This allows those who need to use
net-snmpd the ability to access base snmpd(8) metrics.
o In ldapd(8), match password schemas case sensitive.
o In ospfd(8), relax the limitations on what is an acceptable
unicast IP. There are no more experiments in IPv4 and so there is
less reason for network daemons to deny formerly experimental IP
space. Multicast IPs (224/4) and loopback (127/8) are still
disallowed.
o Added check to acme-client(1) to ensure the challenge token is
turned into a filename that is base64url encoded.
o Added RFC 9234 "BGP Role" support to tcpdump(8)
o Have tcpdump(8) print ASnumbers in 'asplain' format instead of the
old 'asdot' format.
o Fixed a crash in libpcap when it would walk off the end of the
array performing frees.
o Made -X connect SOCKS work with IPv6 addresses in nc(1).
o Introduced a blocklist backend and keyword to snmpd(8), this
deprecates filter-pf-addresses.
o Changed dhclient(8) to defer to dhcpleased(8) by doing execve
ifconfig and providing syslog warnings about deprecated options.
o Implemented dig(1) support for SVCB and HTTPS record types.
o Made resolvd(8) write /etc/resolv.conf in a more atomic manner.
o Added a slowcgi(8) -t flag to change the request timeout.
o Corrected handling of an abnormal FastCGI termination in httpd(8).
o Made newer MIME type definitions take precedence over existing
ones in httpd(8).
o Moved the relayd(8) daemon(3) call to just before forking the
children so the parent disassociates from its controlling terminal
and shell, but not from its children.
o Changed ftp(1) to use non-blocking connect(2) with ppoll(2) and
timeout instead of alarm(3). This allows failing over to another
IP address for hosts that have more than one.

- tmux(1) improvements and bug fixes:
o Added an ACL list for multiple users attaching to the tmux(1)
socket.
o Ensured cursor remains on selected item on menu.
o Added support for OSC 8 hyperlinks.
o Added support for hyperlinks with capture-pane -e and a
mouse_hyperlink format.
o Added an "all" state to allow-passthrough to work even in
invisible panes.
o Fixed a crash when searching for .* with extremely long lines.
o Added vi(1) Home/End bindings.
o Added a Nobr terminfo capability to tell tmux(1) the terminal does
not use bright colors for bold.
o Added a notification when a paste buffer is deleted.
o Fixed window size reporting.

- LibreSSL version 3.6.0
o New features
- EVP API for HKDF ported from OpenSSL and subsequently cleaned
up.
- The security level API
(SSL_{,CTX}_{get,set}_security_level()) is now available.
Callbacks and ex_data are not supported. Sane software will
not be using this.
- Experimental support for the BoringSSL QUIC API.
- Add initial support for TS ESSCertIDv2 verification.
- LibreSSL now uses the Baillie-PSW primality test instead of
Miller-Rabin.
o Compatibility changes
- The ASN.1 time parser has been refactored and rewritten using
CBS. It has been made stricter in that it now enforces the
rules from RFC 5280.
- ASN1_AFLG_BROKEN was removed.
- Error check tls_session_secret_cb() like OpenSSL.
- Added ASN1_INTEGER_{get,set}_{u,}int64()
- Move leaf certificate checks to the last thing after chain
validation.
- Added -s option to openssl(1) ciphers that only shows the
ciphers supported by the specified protocol.
- Use TLS_client_method(3) instead of TLSv1_client_method(3) in
the openssl(1) ciphers command.
- Validate the protocols in SSL{_CTX,}_set_alpn_protos().
- Made TS and PKCS12 opaque.
- Per RFC 7292, safeContentsBag is a SEQUENCE OF, not a SET OF.
- Align PKCS12_key_gen_uni() with OpenSSL
- Various PKCS12 and TS accessors were added. In particular,
the TS_RESP_CTX_set_time_cb() function was added back.
- Allow a NULL header in PEM_write{,_bio}()
- Allow empty attribute sets in CSRs.
- Adjust signatures of BIO_ctrl functions.
- Provide additional defines for EVP AEAD.
- Provide OPENSSL_cleanup().
- Make BIO_info_cb() identical to bio_info_cb().
o Bug fixes
- Avoid use of uninitialized in BN_mod_exp_recp().
- Fix X509_get_extension_flags() by ensuring that
EXFLAG_INVALID is set on X509_get_purpose() failure.
- Fix HMAC() with NULL key.
- Add ERR_load_{COMP,CT,KDF}_strings() to
ERR_load_crypto_strings().
- Avoid strict aliasing violations in BN_nist_mod_*().
- Do not return X509_V_ERR_UNSPECIFIED from X509_check_ca(). No
return value of X509_check_ca() indicates failure.
Application code should therefore issue a checked call to
X509_check_purpose() before calling X509_check_ca().
- Rewrite and fix X509v3_asid_subset() to avoid segfaults on
some valid input.
- Call the ASN1_OP_D2I_PRE callback after ASN1_item_ex_new().
- Fix d2i_ASN1_OBJECT to advance the *der_in pointer correctly.
- Avoid use of uninitialized in ASN1_STRING_to_UTF8().
- Do not pass uninitialized pointer to ASN1_STRING_to_UTF8().
- Do not refuse valid IPv6 addresses in nc(1)'s HTTP CONNECT
proxy.
- Do not reject primes in trial divisions.
- Error out on negative shifts in BN_{r,l}shift() instead of
accessing arrays out of bounds.
- Fix URI name constraints, allow for URIs with no host part.
- Fix the legacy verifier callback behaviour for untrusted
certs.
- Correct serfver-side handling of TLSv1.3 key updates.
- Plug leak in PKCS12_setup_mac().
- Plug leak in X509V3_add1_i2d().
- Only print X.509 versions we know about.
- Avoid signed integer overflow due to unary negation
- Initialize readbytes in BIO_gets().
- Plug memory leak in CMS_add_simple_smimecap().
- Plug memory leak in X509_REQ_print_ex().
- Check HMAC() return value to avoid a later use of
uninitialized.
- Avoid potential NULL dereference in ssl_set_pkey().
- Check return values in ssl_print_tmp_key().
- Switch loop bounds from size_t to int in check_hosts().
- Avoid division by zero if no connection was made in s_time.c.
- Check sk_SSL_CIPHER_push() return value
- Avoid out-of-bounds read in ssl_cipher_process_rulestr().
- Use LONG_MAX as the limit for ciphers with long based APIs.
o Internal improvements
- Avoid expensive RFC 3779 checks during cert verification.
- The templated ASN.1 decoder has been cleaned up, refactored,
modernized with parts rewritten using CBB and CBS.
- The ASN.1 time parser has been rewritten.
- Rewrite and fix ASN1_STRING_to_UTF8().
- Use asn1_abs_set_unused_bits() rather than inlining it.
- Simplify ec_asn1_group2curve().
- First pass at a clean up of ASN1_item_sign_ctx()
- ssl_txt.c was cleaned up.
- Internal function arguments and struct member have been
changed to size_t.
- Lots of missing error checks of EVP API were added.
- Clean up and clarify BN_kronecker().
- Simplify ASN1_INTEGER_cmp()
- Rewrite ASN1_INTEGER_{get,set}() using CBS and CBB and reuse
the ASN1_INTEGER functions for ASN1_ENUMERATED.
- Use ASN1_INTEGER to parse and build {Z,}LONG_it
- Refactored and cleaned up group (elliptic curve) handling in
t1_lib.c.
- Simplify certificate list handling code in the legacy server.
- Make CBB_finish() fail if *out_data is not NULL.
- Remove tls_buffer_set_data() and remove/revise callers.
- Rewrite SSL{_CTX,}_set_alpn_protos() using CBS.
- Simplify tlsext_supported_groups_server_parse().
- Remove redundant length checks in tlsext parse functions.
- Simplify tls13_server_encrypted_extensions_recv().
- Add read and write support to tls_buffer.
- Convert TLS transcript from BUF_MEM to tls_buffer.
- Clear key on exit in PKCS12_gen_mac().
- Minor fixes in PKCS12_parse().
- Provide and use a primitive clear function for BIGNUM_it.
- Use ASN1_INTEGER to encode/decode BIGNUM_it.
- Add stack frames to AES-NI x86_64 assembly.
- Use named initialisers for BIGNUMs.
- Tidy up some of BN_nist_mod_*.
- Expand BLOCK_CIPHER_* and related macros.
- Avoid shadowing the cbs function parameter in
tlsext_alpn_server_parse()
- Deduplicate peer certificate chain processing code.
- Make it possible to signal an error from an i2c_* function.
- Rewrite i2c_ASN1_INTEGER() using CBB/CBS.
- Remove UINT32_MAX limitation on ChaCha() and
CRYPTO_chacha_20().
- Remove bogus length checks from EVP_aead_chacha20_poly1305().
- Reworked DSA_size() and ECDSA_size().
- Stop using CBIGNUM_it internal to libcrypto.
- Provide c2i_ASN1_ENUMERATED_cbs() and call it from
asn1_c2i_primitive().
- Ensure ASN.1 types are appropriately encoded.
- Avoid recycling ASN1_STRINGs when decoding ASN.1.
- Tidy up asn1_c2i_primitive() slightly.
- Mechanically expand IMPLEMENT_BLOCK_CIPHER, IMPLEMENT_CFBR,
BLOCK_CIPHER and the looney M_do_cipher macros.
- Use correct length for EVP CFB mode ciphers.
- Provide a version of ssl_msg_callback() that takes a CBS.
- Use CBS to parse TLS alerts in the legacy stack.
- Increment the input and output position for EVP AES CFB1.
- Ensure there is no trailing data for a CCS received by the
TLSv1.3 stack.
- Use CBS when procesing a CCS message in the legacy stack.
- Be stricter with middlebox compatibility mode in the TLSv1.3
server.

- OpenSSH 9.1
o Security
- ssh-keyscan(1): fix a one-byte overflow in SSH banner
processing
- ssh-keygen(1): fix double free() in error path of
signing/verify code
- ssh-keysign(8): fix double-free in error path introduced in
OpenSSH 8.9.
o Potentially-incompatible changes
- ssh(1), sshd(8): SetEnv directives in ssh_config and
sshd_config are now first-match-wins to match other
directives. Previously if an environment variable was
multiply specified the last set value would have been used.
- ssh-keygen(8): ssh-keygen -A (generate all default host key
types) will no longer generate DSA keys, as these are
insecure and have not been used by default for some years.
- ssh(1), sshd(8): add a RequiredRSASize directive to set a
minimum RSA key length. Keys below this length will be
ignored for user authentication and for host authentication
in sshd(8).
ssh(1) will terminate a connection if the server offers an
RSA key that falls below this limit, as the SSH protocol does
not include the ability to retry a failed key exchange
- sftp-server(8): add a users-groups-by-id@openssh.com
extension request that allows the client to obtain user/group
names that correspond to a set of uids/gids.
- sftp(1): use users-groups-by-id@openssh.com sftp-server
extension (when available) to fill in user/group names for
directory listings.
- sftp-server(8): support the home-directory extension request
defined in draft-ietf-secsh-filexfer-extensions-00. This
overlaps a bit with the existing "expand-path@openssh.com",
but some other clients support it.
- ssh-keygen(1), sshd(8): allow certificate validity intervals,
sshsig verification times and authorized_keys expiry-time
options to accept dates in the UTC time zone in addition to
the default of interpreting them in the system time zone.
YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted
as UTC if suffixed with a 'Z' character.
Also allow certificate validity intervals to be specified in
raw seconds-since-epoch as hex value, e.g. -V
0x1234:0x4567890. This is intended for use by regress tests
and other tools that call ssh-keygen as part of a CA
workflow.
- sftp(1): allow arguments to the sftp -D option, e.g. sftp -D
/usr/libexec/sftp-server -el debug3.
- ssh-keygen(1): allow the existing -U (use agent) flag to work
with -Y sign operations, where it will be interpreted to
require that the private keys is hosted in an agent.
o Bugfixes
- ssh-keygen(1): implement the "verify-required" certificate
option. This was already documented when support for
user-verified FIDO keys was added, but the ssh-keygen(1) code
was missing.
- ssh-agent(1): hook up the restrict_websafe command-line flag;
previously the flag was accepted but never actually used.
- sftp(1): improve filename tab completions: never try to
complete names to non-existent commands, and better match the
completion type (local or remote filename) against the
argument position being completed.
- ssh-keygen(1), ssh(1), ssh-agent(1): several fixes to FIDO
key handling, especially relating to keys that request
user-verification. These should reduce the number of
unnecessary PIN prompts for keys that support intrinsic user
verification.
- ssh-keygen(1): when enrolling a FIDO resident key, check if a
credential with matching application and user ID strings
already exists and, if so, prompt the user for confirmation
before overwriting the credential.
- sshd(8): improve logging of errors when opening
authorized_keys files.
- ssh(1): avoid multiplexing operations that could cause
SIGPIPE from causing the client to exit early. bz3454
- ssh_config(5), sshd_config(5): clarify that the RekeyLimit
directive applies to both transmitted and received data.
- ssh-keygen(1): avoid double fclose() in error path.
- sshd(8): log an error if pipe() fails while accepting a
connection.
- ssh(1), ssh-keygen(1): fix possible NULL deref when built
without FIDO support.
- ssh-keyscan(1): add missing *-sk types to ssh-keyscan
manpage.
- sshd(8): ensure that authentication passwords are cleared
from memory in error paths.
- ssh(1), ssh-agent(1): avoid possibility of notifier code
executing kill(-1).
- ssh_config(5): note that the ProxyJump directive also accepts
the same tokens as ProxyCommand.
- scp(1): do not not ftruncate(3) files early when in sftp
mode. The previous behaviour of unconditionally truncating
the destination file would cause scp ~/foo localhost: and scp
localhost:foo ~/ to delete all the contents of their
destination.
- ssh-keygen(1): improve error message when ssh-keygen -Y sign
is unable to load a private key.
- sftp(1), scp(1): when performing operations that glob(3) a
remote path, ensure that the implicit working directory used
to construct that path escapes glob(3) characters. This
prevents glob characters from being processed in places they
shouldn't, e.g. cd /tmp/a*/, get *.txt should have the get
operation treat the path /tmp/a* literally and not attempt to
expand it.
- ssh(1), sshd(8): be stricter in which characters will be
accepted in specifying a mask length; allow only 0-9.
- ssh-keygen(1): avoid printing hash algorithm twice when
dumping a KRL.
- ssh(1), sshd(8): continue running local I/O for open channels
during SSH transport rekeying. This should make ~-escapes
work in the client (e.g. to exit) if the connection happened
to have stalled during a rekey event.
- ssh(1), sshd(8): avoid potential poll() spin during rekeying
- Further hardening for sshbuf internals: disallow
"reparenting" a hierarchical sshbuf and zero the entire
buffer if reallocation fails.

- mandoc 1.14.6 plus some new features and many bugfixes, including:
o Significantly improved accessibility of mandoc(1) -T html and
man.cgi(8) output by using semantically better HTML elements in
several places and by adding ARIA and DPUB-ARIA roles and
aria-label attributes to several HTML elements.
o Got rid of archaic HTML table markup for header and footer lines
in favor of flexbox CSS. Rendering now adapts to browser windows
of arbitrary narrowness.
o Prevented -T html output from turning breakable hyphens into
underscores in URI fragment identifiers.
o Improved the roff(7) escape sequence parser in several fundamental
ways regarding output correctness and groff compatibility.
o Corrected output that depends on the order of evaluation of
roff(7) escape sequences by parsing them left-to-right rather than
right-to-left.
o Significantly improved -T lint diagnostics regarding syntax errors
in roff(7) escape sequences and in their arguments.
o Stopped emitting vertical space before the tbl(7) .TS (table
start) macro for compatibility with the same change in groff. This
implies .PP or .Pp macros may need to be inserted before .TS in
some (but not all!) places in some manual pages using tbl(7).
o Stopped skipping vertical space after the tbl(7) .TE (table end)
macro of boxed tables for compatibility with the same change in
groff. This implies .sp requests may need to be removed after .TE
in some manual pages using tbl(7).
o Corrected the calculation of the width of spanned tbl(7) columns.
o Improved the handling of literal tab characters in filled text in
multiple ways for compatibility with groff and Heirloom troff.
o Plus bugfixes for two segfaults, two infinite loops, and several
assertion failures.

- Ports and packages:
o Pre-built packages are available for the following architectures on
the day of release:
- aarch64 (arm64): 11261
- amd64: 11451
- i386: 10225
- mips64: 8759
- powerpc64: XXX
- riscv64: 9808
- sparc64: 9275
o Packages for the following architectures will be made available as
their builds complete:
- arm
- powerpc

- Some highlights:

o Asterisk 16.28.0, 18.14.0 and o Mozilla Thunderbird 102.3.0
19.6.0 o Mutt 2.2.7 and NeoMutt 20220429
o Audacity 2.4.2 o Node.js 16.17.1
o CMake 3.24.2 o OCaml 4.12.1
o Chromium 105.0.5195.125 o OpenLDAP 2.6.3
o Emacs 28.2 o PHP 7.4.30, 8.0.23 and 8.1.10
o FFmpeg 4.4.2 o Postfix 3.7.2
o GCC 8.4.0 and 11.2.0 o PostgreSQL 14.5
o GHC 9.2.4 o Python 2.7.18, 3.9.14 and 3.10.7
o GNOME 42.4 o Qt 5.15.6 and 6.3.1
o Go 1.19.1 o R 4.2.1
o JDK 8u342, 11.0.16 and 17.0.4 o Ruby 2.7.6, 3.0.4 and 3.1.2
o KDE Applications 22.08.1 o Rust 1.63.0
o KDE Frameworks 5.98.0 o SQLite 3.39.3
o Krita 5.1.1 o Shotcut 22.06.23
o LLVM/Clang 13.0.0 o Sudo 1.9.11.2
o LibreOffice 7.4.1.2 o Suricata 6.0.6
o Lua 5.1.5, 5.2.4 and 5.3.6 o Tcl/Tk 8.5.19 and 8.6.12
o MariaDB 10.9.3 o TeX Live 2021
o Mono 6.12.0.182 o Vim 9.0.0192 and Neovim 0.7.2
o Mozilla Firefox 105.0.1 and o Xfce 4.16
ESR 102.3.0

- As usual, steady improvements in manual pages and other documentation.

- The system includes the following major components from outside suppliers:
o Xenocara (based on X.Org 7.7 with xserver 21.1.4 + patches,
freetype 2.12.1, fontconfig 2.13.94, Mesa 22.1.7, xterm 372,
xkeyboard-config 2.20, fonttosfnt 1.2.2, and more)
o LLVM/Clang 13.0.0 (+ patches)
o GCC 4.2.1 (+ patches) and 3.3.6 (+ patches)
o Perl 5.32.1 (+ patches)
o NSD 4.6.0
o Unbound 1.16.3
o Ncurses 5.7
o Binutils 2.17 (+ patches)
o Gdb 6.3 (+ patches)
o Awk September 12, 2022 version
o Expat 2.4.9

------------------------------------------------------------------------
- SECURITY AND ERRATA --------------------------------------------------

We provide patches for known security threats and other important
issues discovered after each release. Our continued research into
security means we will find new security problems -- and we always
provide patches as soon as possible. Therefore, we advise regular
visits to

https://www.OpenBSD.org/security.html
and
https://www.OpenBSD.org/errata.html

------------------------------------------------------------------------
- MAILING LISTS AND FAQ ------------------------------------------------

Mailing lists are an important means of communication among users and
developers of OpenBSD. For information on OpenBSD mailing lists, please
see:

https://www.OpenBSD.org/mail.html

You are also encouraged to read the Frequently Asked Questions (FAQ) at:

https://www.OpenBSD.org/faq/

------------------------------------------------------------------------
- DONATIONS ------------------------------------------------------------

The OpenBSD Project is a volunteer-driven software group funded by
donations. Besides OpenBSD itself, we also develop important software
like OpenSSH, LibreSSL, OpenNTPD, OpenSMTPD, the ubiquitous pf packet
filter, the quality work of our ports development process, and many
others. This ecosystem is all handled under the same funding umbrella.

We hope our quality software will result in contributions that maintain
our build/development infrastructure, pay our electrical/internet costs,
and allow us to continue operating very productive developer hackathon
events.

All of our developers strongly urge you to donate and support our future
efforts. Donations to the project are highly appreciated, and are
described in more detail at:

https://www.OpenBSD.org/donations.html

------------------------------------------------------------------------
- OPENBSD FOUNDATION ---------------------------------------------------

For those unable to make their contributions as straightforward gifts,
the OpenBSD Foundation (https://www.openbsdfoundation.org) is a Canadian
not-for-profit corporation that can accept larger contributions and
issue receipts. In some situations, their receipt may qualify as a
business expense write-off, so this is certainly a consideration for
some organizations or businesses.

There may also be exposure benefits since the Foundation may be
interested in participating in press releases. In turn, the Foundation
then uses these contributions to assist OpenBSD's infrastructure needs.
Contact the foundation directors at directors@openbsdfoundation.org for
more information.

------------------------------------------------------------------------
- HTTPS INSTALLS -------------------------------------------------------

OpenBSD can be easily installed via HTTPS downloads. Typically you need
a single small piece of boot media (e.g., a USB flash drive) and then
the rest of the files can be installed from a number of locations,
including directly off the Internet. Follow this simple set of
instructions to ensure that you find all of the documentation you will
need while performing an install via HTTPS.

1) Read either of the following two files for a list of HTTPS mirrors
which provide OpenBSD, then choose one near you:

https://www.OpenBSD.org/ftp.html
https://ftp.openbsd.org/pub/OpenBSD/ftplist

As of October 20, 2022, the following HTTPS mirror sites have the
7.2 release:

https://cdn.openbsd.org/pub/OpenBSD/7.2/ Global
https://ftp.eu.openbsd.org/pub/OpenBSD/7.2/ Stockholm, Sweden
https://ftp.hostserver.de/pub/OpenBSD/7.2/ Frankfurt, Germany
https://ftp.bytemine.net/pub/OpenBSD/7.2/ Oldenburg, Germany
https://ftp.fr.openbsd.org/pub/OpenBSD/7.2/ Paris, France
https://mirror.aarnet.edu.au/pub/OpenBSD/7.2/ Brisbane, Australia
https://ftp.usa.openbsd.org/pub/OpenBSD/7.2/ CO, USA
https://ftp5.usa.openbsd.org/pub/OpenBSD/7.2/ CA, USA
https://mirror.esc7.net/pub/OpenBSD/7.2/ TX, USA
https://openbsd.cs.toronto.edu/pub/OpenBSD/7.2/ Toronto, Canada
https://cloudflare.cdn.openbsd.org/pub/OpenBSD/7.2/ Global
https://fastly.cdn.openbsd.org/pub/OpenBSD/7.2/ Global

The release is also available at the master site:

https://ftp.openbsd.org/pub/OpenBSD/7.2/ Alberta, Canada

However it is strongly suggested you use a mirror.

Other mirror sites may take a day or two to update.

2) Connect to that HTTPS mirror site and go into the directory
pub/OpenBSD/7.2/ which contains these files and directories.
This is a list of what you will see:

ANNOUNCEMENT armv7/ octeon/ root.mail
README hppa/ openbsd-72-base.pub sparc64/
SHA256 i386/ packages/ src.tar.gz
SHA256.sig landisk/ packages-stable/ sys.tar.gz
alpha/ loongson/ ports.tar.gz xenocara.tar.gz
amd64/ luna88k/ powerpc64/
arm64/ macppc/ riscv64/

It is quite likely that you will want at LEAST the following
files which apply to all the architectures OpenBSD supports.

README - generic README
root.mail - a copy of root's mail at initial login.
(This is really worthwhile reading).

3) Read the README file. It is short, and a quick read will make
sure you understand what else you need to fetch.

4) Next, go into the directory that applies to your architecture,
for example, amd64. This is a list of what you will see:

BOOTIA32.EFI* bsd* floppy72.img pxeboot*
BOOTX64.EFI* bsd.mp* game72.tgz xbase72.tgz
BUILDINFO bsd.rd* index.txt xfont72.tgz
INSTALL.amd64 cd72.iso install72.img xserv72.tgz
SHA256 cdboot* install72.iso xshare72.tgz
SHA256.sig cdbr* man72.tgz
base72.tgz comp72.tgz miniroot72.img

If you are new to OpenBSD, fetch _at least_ the file INSTALL.amd64
and install72.iso. The install72.iso file (roughly 583MB in size)
is a one-step ISO-format install CD image which contains the various
*.tgz files so you do not need to fetch them separately.

If you prefer to use a USB flash drive, fetch install72.img and
follow the instructions in INSTALL.amd64.

5) If you are an expert, follow the instructions in the file called
README; otherwise, use the more complete instructions in the
file called INSTALL.amd64. INSTALL.amd64 may tell you that you
need to fetch other files.

6) Just in case, take a peek at:

https://www.OpenBSD.org/errata.html

This is the page where we talk about the mistakes we made while
creating the 7.2 release, or the significant bugs we fixed
post-release which we think our users should have fixes for.
Patches and workarounds are clearly described there.

------------------------------------------------------------------------
- X.ORG FOR MOST ARCHITECTURES -----------------------------------------

X.Org has been integrated more closely into the system. This release
contains X.Org 7.7. Most of our architectures ship with X.Org, including
amd64, sparc64 and macppc. During installation, you can install X.Org
quite easily using xenodm(1), our simplified X11 display manager forked
from xdm(1).

------------------------------------------------------------------------
- PACKAGES AND PORTS ---------------------------------------------------

Many third party software applications have been ported to OpenBSD and
can be installed as pre-compiled binary packages on the various OpenBSD
architectures. Please see https://www.openbsd.org/faq/faq15.html for
more information on working with packages and ports.

Note: a few popular ports, e.g., NSD, Unbound, and several X
applications, come standard with OpenBSD and do not need to be installed
separately.

------------------------------------------------------------------------
- SYSTEM SOURCE CODE ---------------------------------------------------

The source code for all four subsystems can be found in the
pub/OpenBSD/7.2/ directory:

xenocara.tar.gz ports.tar.gz src.tar.gz sys.tar.gz

The README (https://ftp.OpenBSD.org/pub/OpenBSD/7.2/README) file
explains how to deal with these source files.

------------------------------------------------------------------------
- THANKS ---------------------------------------------------------------

Ports tree and package building by Jasper Lievisse Adriaanse,
Jeremie Courreges-Anglas, Visa Hankala, Stuart Henderson, Peter Hessler,
George Koehler, Kurt Mosiejczuk, and Christian Weisgerber. Base and X
system builds by Kenji Aoyama, Theo de Raadt, and Miod Vallat. Release
art contributed by Jon Chad.

We would like to thank all of the people who sent in bug reports, bug
fixes, donation cheques, and hardware that we use. We would also like
to thank those who bought our previous CD sets. Those who did not
support us financially have still helped us with our goal of improving
the quality of the software.

Our developers are:

Aaron Bieber, Adam Wolk, Alexander Bluhm, Alexander Hall,
Alexandr Nedvedicky, Alexandr Shadchin, Alexandre Ratchov,
Andrew Fresh, Anil Madhavapeddy, Anthony J. Bentley,
Antoine Jacoutot, Anton Lindqvist, Asou Masato, Ayaka Koshibe,
Benoit Lecocq, Bjorn Ketelaars, Bob Beck, Brandon Mercer,
Brent Cook, Brian Callahan, Bryan Steele, Can Erkin Acar,
Caspar Schutijser, Charlene Wendling, Charles Longeau,
Chris Cappuccio, Christian Weisgerber, Christopher Zimmermann,
Claudio Jeker, Dale Rahn, Damien Miller, Daniel Dickman,
Daniel Jakots, Darren Tucker, Dave Voutila, David Coppa,
David Gwynne, David Hill, Denis Fondras, Edd Barrett,
Elias M. Mariani, Eric Faurot, Florian Obser, Florian Riehm,
Frederic Cambus, George Koehler, Gerhard Roth, Giannis Tsaraias,
Gilles Chehade, Giovanni Bechis, Gleydson Soares,
Gonzalo L. Rodriguez, Greg Steuck, Helg Bredow, Henning Brauer,
Ian Darwin, Ian Sutton, Igor Sobrado, Ingo Feinerer, Ingo Schwarze,
Inoguchi Kinichiro, James Hastings, James Turner, Jan Klemkow,
Jason McIntyre, Jasper Lievisse Adriaanse, Jeremie Courreges-Anglas,
Jeremy Evans, Job Snijders, Joel Sing, Joerg Jung, Jonathan Armani,
Jonathan Gray, Jonathan Matthew, Jordan Hargrave, Joris Vink,
Joshua Stein, Juan Francisco Cantero Hurtado, Kazuya Goda,
Kenji Aoyama, Kenneth R Westerback, Kent R. Spillner, Kevin Lo,
Kirill Bychkov, Klemens Nanni, Kurt Miller, Kurt Mosiejczuk,
Landry Breuil, Lawrence Teo, Lucas Raab, Marc Espie, Marcus Glocker,
Mark Kettenis, Mark Lumsden, Markus Friedl, Martijn van Duren,
Martin Natano, Martin Pieuchot, Martin Reindl, Martynas Venckus,
Matthew Dempsky, Matthias Kilian, Matthieu Herrb, Michael Mikonos,
Mike Belopuhov, Mike Larkin, Miod Vallat, Moritz Buhl, Nam Nguyen,
Nayden Markatchev, Nicholas Marriott, Nigel Taylor, Okan Demirmen,
Omar Polo, Ori Bernstein, Otto Moerbeek, Paco Esteban,
Pamela Mosiejczuk, Pascal Stumpf, Patrick Wildt, Paul Irofti,
Pavel Korovin, Peter Hessler, Philip Guenther,
Pierre-Emmanuel Andre, Pratik Vyas, Rafael Sadowski,
Rafael Zalamena, Raphael Graf, Remi Locherer, Remi Pointel,
Renato Westphal, Ricardo Mestre, Richard Procter, Rob Pierce,
Robert Nagy, Sasano Takayoshi, Scott Soule Cheloha,
Sebastian Benoit, Sebastian Reitenbach, Sebastien Marie,
Solene Rapenne, Stefan Fritsch, Stefan Hagen, Stefan Kempf,
Stefan Sperling, Steven Mestdagh, Stuart Cassoff, Stuart Henderson,
Sunil Nimmagadda, T.J. Townsend, Ted Unangst, Theo Buehler,
Theo de Raadt, Thomas Frohwein, Tim van der Molen, Tobias Heider,
Tobias Stoeckmann, Todd C. Miller, Todd Mortimer, Tom Cosgrove,
Tracey Emery, Ulf Brosziewski, Uwe Stuehler, Vadim Zhukov,
Vincent Gross, Visa Hankala, Vitaliy Makkoveev, Yasuoka Masahiko,
Yojiro Uo