Netbsd 4.0.1 Is Released

[TRUNASUCI 15]

Sender: [email protected]

List-Id: netbsd-announce

Announcing NetBSD 4.0.1

About the NetBSD 4.0.1 Release

The NetBSD Project is pleased to announce that update 4.0.1 of the

NetBSD operating system is now available. NetBSD 4.0.1 is the first

security/critical update of the NetBSD 4.0 release branch. This

represents a selected subset of fixes deemed critical in nature for

stability or security reasons, no new features have been added.

NetBSD 4.0.1 runs on 54 different system architectures featuring 17

machine architectures across 17 distinct CPU families, and is being

ported to more. The NetBSD 4.0.1 release contains complete binary

releases for 51 different machine types, with the platforms amigappc,

bebox and ews4800mips released in source form only. Complete source

and binaries for NetBSD 4.0.1 are available for download at many sites

around the world. A list of download sites providing FTP, AnonCVS,

SUP, and other services is provided at the end of this announcement;

the latest list of available download sites may also be found at

http://www.NetBSD.org/mirrors/. We encourage users who wish to install

via a CD-ROM ISO image to download via BitTorrent by using the torrent

files supplied in the ISO image area. A list of hashes for the NetBSD

4.0.1 distribution has been signed with the well-connected PGP key for

the NetBSD Security Officer:

ftp://ftp.NetBSD.org/pub/NetBSD/security/....0.1_hashes.asc

Please note that all fixes in security/critical updates (i.e., NetBSD

4.0.1, 4.0.2, etc) are cumulative, so the latest update contains all

such fixes since the corresponding minor release. These fixes will

also appear in future minor releases (i.e., NetBSD 4.1, 4.2, etc),

together with other less-critical fixes and feature enhancements.

NetBSD is free. All of the code is under non-restrictive licenses, and

may be used without paying royalties to anyone. Free support services

are available via our mailing lists and website. Commercial support is

available from a variety of sources; some are listed at

http://www.NetBSD.org/gallery/consultants.html. More extensive

information on NetBSD is available from our website:

http://www.NetBSD.org/

Changes Between 4.0 and 4.0.1 update

The complete list of changes can be found in the CHANGES-4.0.1

file in the top level directory of the NetBSD 4.0.1 release tree

(ftp://ftp.NetBSD.org/pub/NetBSD/NetBSD-4.0.1/CHANGES-4.0.1).

A shortened list is as follows:

Security Advisories Fixes

o NetBSD-SA2008-004, multiple issues (CVE-2008-1372 and

CVE-2005-0953), has been fixed by upgrading to bzip2 to 1.0.5

o NetBSD-SA2008-005, OpenSSH Multiple issues (CVE-2008-1483 and

CVE-2008-1657), has been fixed by applying patches from upstream.

o NetBSD-SA2008-006, integer overflow in strfmon(3) function

(CVE-2008-1391), has been fixed.

o NetBSD-SA2008-008, OpenSSL Montgomery multiplication

(CVE-2007-3108), has been fixed.

o NetBSD-SA2008-009, BIND cache poisoning (CVE-2008-1447 and CERT

VU#800113), has been fixed by updating BIND to 9.4.2-P2. Note

there are two related changes to this advisory:

o The default behavior of ipfilter's Port Address Translation

has been changed to using random port allocation rather than

sequential mappings, to avoid decreasing the randomness of

source ports used for DNS queries which affects the BIND

cache poisoning problem.

o A `query-source' statement, which could allow the BIND cache

poisoning attack, has been commented out in the default

named.conf(5) file.

o NetBSD-SA2008-010, malicious PPPoE discovery packet can overrun a

kernel buffer (CVE-2008-3584), has been fixed.

o NetBSD-SA2008-011, ICMPv6 MLD query (CVE-2008-2464), has been

fixed.

o NetBSD-SA2008-012, Denial of Service issues in racoon(8)

(CVE-2008-3652), has been fixed by upgrading ipsec-tools to

release 0.7.1. Note this also fixes CVE-2008-3651.

o upcoming NetBSD-SA2008-013, IPv6 Neighbor Discovery Protocol

routing vulnerability (CVE-2008-2476), has been fixed.

o upcoming NetBSD-SA2008-014, remote cross-site request forgery

attack issue in ftpd(8) (CVE-2008-4247), has been fixed.

o upcoming NetBSD-SA2008-015, remove kernel panics on IPv6

connections (CVE-2008-3530), has been fixed.

Note: NetBSD-SA2008-007 and advisories prior to NetBSD-SA2008-004

don't affect NetBSD 4.0.

Other Security Fixes

o Fix a buffer overrun which could crash a FAST_IPSEC kernel.

o tcpdump(8): fix CVE-2007-1218, CVE-2007-3798 and CAN-2005-1278 in

base-tcpdump.

o Fix a buffer overflow of PCF font parser in X11 libXfont library

(CVE-2008-0006).

o Fix a buffer overflow of Tektronix Hex Format support in binutils

(CVE-2006-2362).

o machfb(4) and voodoofb(4): introduce two missing

KAUTH_GENERIC_ISSUSER checks in the mmap(2) code.

Networking

o Update root.cache to 2008020400 version.

o Fix IP packet forwarding code to make sure to send a reasonable

fragment size when IPsec is configured.

o Fix a bug in TCP SACK code which causes data corruption.

o Fix an rc.d(8) script for amd(8) not to shutdown gracefully since

it seems to cause problems for more people than the old (also

broken) behavior.

o ftpd(8): fix and reorganize PAM support.

Libraries

o Pthread support of BIND has been disabled for future binary

compatibility after removal of the scheduler activations.

o Fix coredump of gdtoa (conversion between binary floating-point

and ASCII string) functions on out of memory conditions.

Drivers

o fxp(4): fix random pool corruption and hangup problems.

o wd(4): handle more LBA48 bug quirks on some Hitachi's SATA/IDE

drives.

Miscellaneous

o Disable a NULL pointer check in zlib for standalone programs. This

fixes errors on loading a gzipped kernel (including installation

kernels) on several ports (news68k etc.) whose kernels are loaded

at address zero.

o awk(1): bring back an accidentally removed fix to allow escape of

a newline in string literals.

o gcc(1):

o fix compilation of native sh3 gcc on 64-bit build machines

o fix an internal compiler error on compiling m68k softfloat or

m68010 targets on 64-bit build machines.

o zgrep(1): make `-h' option (suppress filenames on output when

multiple files are searched) actually work.

o Fix parallel build failure on building hpcarm, hpcmips and hpcsh

releases.

Platform specific

o acorn32: fix a bootloader problem on some RiscPCs.

o cobalt:

o add a workaround to avoid panic on probing a multi function

PCI device on Qube's PCI slot

o fix a bug in the interrupt handler which causes network

freeze if more than one interfaces are used.

o hp700: fix potential kernel / userland memory corruption in

copyinstr(9) and copyoutstr(9).

o sparc64: fix a bug in locore.s which causes unexpected behavior.

o sun3: fix a bug which might cause an occasional panic during boot.

o vax: make syscall handler use proper copyin(9) function on parsing

syscall args.

System families supported by NetBSD 4.0.1

The NetBSD 4.0.1 release provides supported binary distributions for

the following systems:

NetBSD/acorn26 Acorn Archimedes, A-series and R-series systems

NetBSD/acorn32 Acorn RiscPC/A7000, VLSI RC7500

NetBSD/algor Algorithmics, Ltd. MIPS evaluation boards

NetBSD/alpha Digital/Compaq Alpha (64-bit)

NetBSD/amd64 AMD family processors like Opteron, Athlon64, and

Intel CPUs with EM64T extension

NetBSD/amiga Commodore Amiga and MacroSystem DraCo

NetBSD/arc MIPS-based machines following the Advanced RISC

Computing spec

NetBSD/atari Atari TT030, Falcon, Hades

NetBSD/cats Chalice Technology's CATS and Intel's EBSA-285

evaluation boards

NetBSD/cesfic CES FIC8234 VME processor board

NetBSD/cobalt Cobalt Networks' MIPS-based Microservers

NetBSD/dreamcast Sega Dreamcast game console

NetBSD/evbarm Various ARM-based evaluation boards and appliances

NetBSD/evbmips Various MIPS-based evaluation boards and appliances

NetBSD/evbppc Various PowerPC-based evaluation boards and

appliances

NetBSD/evbsh3 Various Hitachi Super-H SH3 and SH4-based evaluation

boards and appliances

NetBSD/hp300 Hewlett-Packard 9000/300 and 400 series

NetBSD/hp700 Hewlett-Packard 9000 Series 700 workstations

NetBSD/hpcarm StrongARM based Windows CE PDA machines

NetBSD/hpcmips MIPS-based Windows CE PDA machines

NetBSD/hpcsh Hitachi Super-H based Windows CE PDA machines

NetBSD/i386 IBM PCs and PC clones with i386-family processors and

up

NetBSD/ibmnws IBM Network Station 1000

NetBSD/iyonix Castle Technology's Iyonix ARM based PCs

NetBSD/landisk SH4 processor based NAS appliances

NetBSD/luna68k OMRON Tateisi Electric's LUNA series

NetBSD/mac68k Apple Macintosh with Motorola 68k CPU

NetBSD/macppc Apple PowerPC-based Macintosh and clones

NetBSD/mipsco MIPS Computer Systems Inc. family of workstations and

servers

NetBSD/mmeye Brains mmEye multimedia server

NetBSD/mvme68k Motorola MVME 68k Single Board Computers

NetBSD/mvmeppc Motorola PowerPC VME Single Board Computers

NetBSD/netwinder StrongARM based NetWinder machines

NetBSD/news68k Sony's 68k-based "NET WORK STATION" series

NetBSD/newsmips Sony's MIPS-based "NET WORK STATION" series

NetBSD/next68k NeXT 68k "black" hardware

NetBSD/ofppc OpenFirmware PowerPC machines

NetBSD/pmax Digital MIPS-based DECstations and DECsystems

NetBSD/pmppc Artesyn's PM/PPC board

NetBSD/prep PReP (PowerPC Reference Platform) and CHRP machines

NetBSD/sandpoint Motorola Sandpoint reference platform

NetBSD/sbmips Broadcom SiByte evaluation boards

NetBSD/sgimips Silicon Graphics' MIPS-based workstations

NetBSD/shark Digital DNARD ("shark")

NetBSD/sparc Sun SPARC (32-bit) and UltraSPARC (in 32-bit mode)

NetBSD/sparc64 Sun UltraSPARC (in native 64-bit mode)

NetBSD/sun2 Sun Microsystems Sun 2 machines with Motorola 68010

CPU

NetBSD/sun3 Motorola 68020 and 030 based Sun 3 and 3x machines

NetBSD/vax Digital VAX

NetBSD/x68k Sharp X680x0 series

NetBSD/xen The Xen virtual machine monitor

Ports available in source form only for this release include the

following:

NetBSD/amigappc PowerPC-based Amiga boards

NetBSD/bebox Be Inc's BeBox

NetBSD/ews4800mips NEC's MIPS-based EWS4800 workstation

Acknowledgments

The NetBSD Foundation would like to thank all those who have

contributed code, hardware, documentation, funds, colocation for our

servers, web pages and other documentation, release engineering, and

other resources over the years. More information on the people who

make NetBSD happen is available at:

http://www.NetBSD.org/people/

We would like to especially thank the University of California at

Berkeley and the GNU Project for particularly large subsets of code

that we use. We would also like to thank the Internet Systems

Consortium Inc., the Network Security Lab at Columbia University's

Computer Science Department, and Ludd (Luleaa Academic Computer

Society) computer society at Luleaa University of Technology for

current colocation services.

About the NetBSD Foundation

The NetBSD Foundation was chartered in 1995, with the task of

overseeing core NetBSD project services, promoting the project within

industry and the open source community, and holding intellectual

property rights on much of the NetBSD code base. Day-to-day operations

of the project are handled by volunteers.

As a non-profit organization with no commercial backing, The NetBSD

Foundation depends on donations from its users, and we would like to

ask you to consider making a donation to the NetBSD Foundation in

support of continuing production of our fine operating system. Your

generous donation would be particularly welcome assistance with

ongoing upgrades and maintenance, as well as with operating expenses

for The NetBSD Foundation. Please visit:

http://www.NetBSD.org/donations/

Donations can be done via PayPal to <[email protected]> and are fully

tax-deductible in the US. If you would prefer not to use PayPal, or

would like to make other arrangements, please contact

<[email protected]>.

NetBSD mirror sites

Please use a mirror site close to you.

o FTP - http://www.NetBSD.org/mirrors/#ftp

o ISO images - http://www.NetBSD.org/mirrors/#iso

o Anonymous CVS - http://www.NetBSD.org/mirrors/#anoncvs

o BitTorrent - http://www.NetBSD.org/mirrors/#bittorrent

o SUP - http://www.NetBSD.org/mirrors/#sup

o CVSup - http://www.NetBSD.org/mirrors/#cvsup

o rsync - http://www.NetBSD.org/mirrors/#rsync

o AFS - http://www.NetBSD.org/mirrors/#afs

Please also note our list of CD-ROM vendors, located at:

http://www.NetBSD.org/sites/cdroms.html

[NetBSD® is a registered trademark of The NetBSD Foundation, Inc.]

aku dah upgrade dan pakai dr beberapa hari lepas dah

NetBSD# uname -a

NetBSD NetBSD 4.0.1_PATCH NetBSD 4.0.1_PATCH (GENERIC) #5: Sun Oct 12 21:27:46 MYT 2008 root@NetBSD:/usr/obj/sys/arch/i386/compile/GENERIC i386

[game-game 0]

trunasuci,

netbsd ni bleh install kat dalam logical partition ke? aku pernah try install pcbsd, die taknak logical, die nak primary.. kalau bleh aku taknak create banyak2 primary partition dlm harddisk aku..

[TRUNASUCI 15]

trunasuci,
netbsd ni bleh install kat dalam logical partition ke? aku pernah try install pcbsd, die taknak logical, die nak primary.. kalau bleh aku taknak create banyak2 primary partition dlm harddisk aku..

as pengalaman aku boleh, cuma kena hati2 ngan bootloader tu.. kalau nak guna linus bootloader mcm GRUB ( let saya ada linux gak dalam HDD tu ) boleh point ke partition netbsd, setkan sama mcm partition windows, guna chainloader...

masa install NetBSD make sure gak jgn write ke master boot record.. anyway kalau install ke MBR, bootloader dia still detected OS lain mcm windows/linux/*BSD/UNIX etc..

cuma kalau tak sure try2 la dulu dalam VmWare atau kat HDD spare

selamat mencuba..