I see, TCP wrappers has been removed i am assuming using only PF is the practice for stuff people who where using TCP wrappers for
and, thanks for the hard work -Nex6 On Nov 1, 2014, at 10:22 AM, Antoine Jacoutot <ajacou...@openbsd.org> wrote: > November 1, 2014. > > We are pleased to announce the official release of OpenBSD 5.6. > This is our 36th release on CD-ROM (and 37th via FTP/HTTP). We remain > proud of OpenBSD's record of more than ten years with only two remote > holes in the default install. > > As in our previous releases, 5.6 provides significant improvements, > including new features, in nearly all areas of the system: > > - LibreSSL: > o This release forks OpenSSL into LibreSSL, a version of the > TLS/crypto stack with goals of modernizing the codebase, improving > security, and applying best practice development processes. > o No support for legacy MacOS, Netware, OS/2, VMS and Windows > platforms, as well as antique compilers. > o Removal of the IBM 4758, Broadcom ubsec, Sureware, Nuron, GOST, > GMP, CSwift, CHIL, CAPI, Atalla and AEP engines, either because > the hardware is irrelevant, or because they require external > non-free libraries to work. > o No support for FIPS-140 compliance. > o No EBCDIC support. > o No support for big-endian i386 and amd64 platforms. > o Use standard routines from the C library (malloc, strdup, > snprintf...) instead of rolling our own, sometimes badly. > o Remove the old OpenSSL PRNG, and rely upon arc4random_buf from > libc for all the entropy needs. > o Remove the MD2 and SEED algorithms. > o Remove J-PAKE, PSK and SRP (mis)features. > o Aggressive cleaning of BN memory when no longer used. > o No support for Kerberos. > o No support for SSLv2. > o No support for the questionable DTLS heartbeat extension. > o No support for TLS compression. > o No support for US-Export SSL ciphers. > o Do not use the current time as a random seed in libssl. > o Support for ChaCha and Poly1305 algorithm. > o Support for Brainpool and ANSSI elliptic curves. > o Support for AES-GCM and ChaCha20-Poly1305 AEAD modes. > > - Improved hardware support, including: > o SCSI Multipathing support via mpath(4) and associated path drivers > on several architectures. > o New qlw(4) driver for QLogic ISP SCSI HBAs. > o New qla(4) driver for QLogic ISP2100/2200/2300 Fibre Channel HBAs. > o New upd(4) sensor driver for USB Power Devices (UPS). > o New brswphy(4) driver for Broadcom BCM53xx 10/100/1000TX Ethernet > PHYs. > o New uscom(4) driver for simple USB serial adapters. > o New axen(4) driver for ASIX Electronics AX88179 10/100/Gigabit USB > Ethernet devices. > o The inteldrm(4) and radeondrm(4) drivers have improved > suspend/resume support. > o The userland interface for the agp(4) driver has been removed. > o The rtsx(4) driver now supports card readers based on the RTS5227 > and RTL8402 chipsets. > o The firmware for the run(4) driver has been updated to version 0.33. > o The run(4) driver now supports devices based on the RT3900E > chipset. > o The zyd(4) driver, which was broken for some time, has been fixed. > o The bwi(4) driver now works in systems with more than 1GB of RAM. > o The re(4) driver now supports devices based on the RTL8168EP/8111EP, > RTL8168G/8111G, and RTL8168GU/8111GU chipsets. > > - Generic network stack improvements: > o divert(4) now supports checksum offload. > o IPv6 is now turned off on new interfaces by default. Assigning an > IPv6 address will enable IPv6 on an interface. > o Support for RFC4620 IPv6 Node Information Queries has been removed. > o The kernel no longer supports the SO_DONTROUTE socket option. > o The getaddrinfo(3) function now supports the AI_ADDRCONFIG flag > defined in RFC 3493. > o Include router alert option (RAO) in IGMP packets, as required by > RFC2236. > o ALTQ has been removed. > o The hash table for Protocol Control Block (PCB) of TCP and UDP now > resize automatically on load. > > - Installer improvements: > o Remove ftp and tape as install methods. > o Preserve the disklabel (and next 6 blocks) when installing boot > block on 4k-sector disk drives. > o Change the "Server?" question to "HTTP Server?" to allow unambiguous > autoinstall(8) handling. > o Allow autoinstall(8) to fetch and install sets from multiple > locations. > o Many sample configuration files have moved from /etc to > /etc/examples. > > - Routing daemons and other userland network improvements: > o When used with the -v flag, tcpdump(8) now shows the actual bad > checksum within the IP/protocol header itself and what the good > checksum should be. > o ftp(1) now allows its User-Agent to be changed via the -U > command-line option. > o The -r option of ping(8) and traceroute(8) has been removed. > o ifconfig(8) can now explicitly assign an IPv6 link-local address > and turn IPv6 autoconf on or off. > o ifconfig(8) has been made smarter about parsing WEP keys on the > command line. > o ifconfig(8) scan now shows the encryption type of wireless networks > (WEP, WPA, WPA2, 802.1x). > o MS-CHAPv1 (RFC2433) support has been removed from pppd(8). > o traceroute6(8) has been merged into traceroute(8). > o The asr API for asynchronous address resolution and nameserver > querying is now public. > o pflow(4)'s pflowproto 9 has been removed. > o The userland ppp(8) daemon and its associated PPPoE helper, > pppoe(8), have been removed. > o snmpd(8), snmpctl(8), and relayd(8) now communicate via the AgentX > protocol. > o relayd(8) has a new filtering subsystem, where the new configuration > language uses last-matching pf-like rules. > o The new relayd(8) filter rules now support URL-based relaying. > o relayd(8) now uses privilege separation for private keys. This acts > as an additional mitigation to prevent leakage of the private keys > from the processes doing SSL/TLS. > o New httpd(8) HTTP server with FastCGI and SSL support. > > - OpenSMTPD 5.4.3 (includes changes to 5.4.2): > o New/changed features: > - OpenSMTPD replaces Sendmail as the default MTA. > - Queue process now runs under a different user for better > isolation. > - Merged MDA, MTA and SMTP processes into a single unprivileged > process. > - Killed the MFA process, it is no longer needed. > - Added support for email addresses lookups in the table_db > backend. > - Added RSA privilege separation support to prevent possible > private key leakage. > o The following significant bugs have been fixed in this release: > - Minor bug fixes in some corner cases of the routing logic. > - The enqueuer no longer adds its own User-Agent. > - Disabled profiling code, allowing all processes to rest rather > than waking up every second. > - Reworked the purge task to avoid disk-hits unless necessary... > only once at startup. > - Fix various header parsing bugs in the local enqueuer. > - Assorted minor fixes and code cleanups. > > - Security improvements: > o Changed the heuristics of the stack protector to also protect > functions with local array definitions and references to local > frame addresses. This matches the -fstack-protector-strong option > of upstream GCC. > o Position-independent executables (PIE) are now used by default on > powerpc. > o Removed Kerberos. > o Default bcrypt hash type is now $2b$. > o Remove md5crypt support. > o Improved easier to use bcrypt API is now available. > o Increase randomness of random mmap mappings. > o Added getentropy(2). > o Added timingsafe_memcmp(3). > o Removed the MD4 hash algorithm and functions from cksum(1), S/Key, > and libc. > o gets(3) has been removed. > o Added reallocarray(3), which allows multiple sized objects to be > allocated without the cost of clearing memory while avoiding > possible integer overflows. > o Extended fread(3) and fwrite(3) to check for integer overflows. > > - Assorted improvements: > o locate databases for both base and xenocara, as > /usr/lib/locate/src.db and /usr/X11R6/lib/locate/xorg.db. > o Much faster package updates, due to package contents reordering > that precludes re-downloading unchanged files. > o Fix many programs that failed when accessing disks having sector > sizes other than 512 bytes, including badsect(8), df(1), dump(8), > dumpfs(8), fsck_ext2fs(8), fsck_ffs(8), fsdb(8), growfs(8), > ncheck_ffs(8), quotacheck(8), tunefs(8). > o Constrain MSDOS timestamps to 1/1/1980 through 12/31/2107. 64-bit > time_t values outside that range are stored as 1/1/1980. > o bs(6) now prints a battleship splash screen. > o rcp, rsh, rshd, rwho, rwhod, ruptime, asa, bdes, fpr, mkstr, page, > spray, xstr, oldrdist, fsplit, uyap, and bluetooth have been > removed. > o rmail(8) and uucpd(8) have been removed from the base system and > added to the ports tree. > o Lynx has been removed from the base system and added to the ports > tree. > o TCP Wrappers have been removed. > o Fix atexit(3) recursive handlers. > o Enhance disklabel(8) to recover filesystem mountpoint information > when reading saved ascii labels. > o Properly handle msgbuf_write(3) EOF conditions, including uses in > tmux(1), dvmrpd(8), ldapd(8), ldpd(8), ospf6d(8), ospfd(8), > relayd(8), ripd(8), smtpd(8), ypldap(8). > o Constrain fdisk(8) '-l' to disk sizes of 64 blocks or more. > o Sync fdisk(8) built-in MBR with current /usr/mdec/mbr. > o Quiet dhclient(8) '-q' even more. > o Log less redundant dhclient(8) info. > o New leases, lease renewals, cable state changes more obvious to > applications monitoring dhclient(8) files. > o Preserve chronological order of leases in the dhclient.leases(5) > leases files. > o Use 'lease {}' statements in dhclient.conf(5), allowing interfaces > to get an address when no dynamic lease is available. > o Improve dhclient(8) parsing and printing of classess static routes. > o Eliminate unnecessary rewrites of resolv.conf(5) by dhclient(8). > o Added sendsyslog(2): syslog(3) now works even when out of file > descriptors or in a chroot. > o Added errc(3), verrc(3), warnc(3) and vwarnc(3). > o Faster hibernate/unhibernate performance on amd64 and i386 > platforms. > o Support hibernating to softraid(4) crypto volumes. > o Improved performance of seekdir(3) to start of current buffer. > o Added <endian.h> per the revision of the POSIX spec in progress. > o Apache has been removed. > o Read support for ext4 filesystems. > o Reworked mplocks as ticket locks instead of spinlocks on amd64, > i386, and sparc64. This provides fairer access to the kernel lock > between logical CPUs, especially in multi socket systems. > > - OpenSSH 6.7: > o Potentially-incompatible changes: > - sshd(8): The default set of ciphers and MACs has been altered to > remove unsafe algorithms. In particular, CBC ciphers and > arcfour* are disabled by default. > - sshd(8): Support for tcpwrappers/libwrap has been removed. > - OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections > using the "curve25519-sha...@libssh.org" KEX exchange method to > fail when connecting with something that implements the > specification correctly. OpenSSH 6.7 disables this KEX method > when speaking to one of the affected versions. > o New/changed features: > - Major internal refactoring to begin to make part of OpenSSH > usable as a library. So far the wire parsing, key handling and > KRL code has been refactored. Please note that we do not > consider the API stable yet, nor do we offer the library in > separable form. > - ssh(1), sshd(8): Add support for Unix domain socket forwarding. > A remote TCP port may be forwarded to a local Unix domain socket > and vice versa or both ends may be a Unix domain socket. > - ssh(1), ssh-keygen(1): Add support for SSHFP DNS records for > Ed25519 key types. > - sftp(1): Allow resumption of interrupted uploads. > - ssh(1): When rekeying, skip file/DNS lookups of the hostkey if > it is the same as the one sent during initial key exchange. > (bz#2154) > - sshd(8): Allow explicit ::1 and 127.0.0.1 forwarding bind > addresses when GatewayPorts=no; allows client to choose address > family. (bz#2222) > - sshd(8): Add a sshd_config(5) PermitUserRC option to control > whether ~/.ssh/rc is executed, mirroring the no-user-rc > authorized_keys option. (bz#2160) > - ssh(1): Add a %C escape sequence for LocalCommand and ControlPath > that expands to a unique identifer based on a hash of the tuple > of (local host, remote user, hostname, port). Helps avoid > exceeding miserly pathname limits for Unix domain sockets in > multiplexing control paths. (bz#2220) > - sshd(8): Make the "Too many authentication failures" message > include the user, source address, port and protocol in a format > similar to the authentication success/failure messages. (bz#2199) > - Added unit and fuzz tests for refactored code. > o The following significant bugs have been fixed in this release: > - sshd(8): Fix remote forwarding with same listen port but > different listen address. > - ssh(1): Fix inverted test that caused PKCS#11 keys that were > explicitly listed in ssh_config(5) or on the commandline not to > be preferred. > - ssh-keygen(1): Fix bug in KRL generation: multiple consecutive > revoked certificate serial number ranges could be serialised to > an invalid format. Readers of a broken KRL caused by this bug > will fail closed, so no should-have-been-revoked key will be > accepted. > - ssh(1): Reflect stdio-forward ("ssh -W host:port ...") failures > in exit status. Previously we were always returning 0. (bz#2255) > - ssh(1), ssh-keygen(1): Make Ed25519 keys' title fit properly in > the randomart border. (bz#2247) > - ssh-agent(1): Only cleanup agent socket in the main agent process > and not in any subprocesses it may have started (e.g. forked > askpass). Fixes agent sockets being zapped when askpass processes > fatal(). (bz#2236) > - ssh-add(1): Make stdout line-buffered; saves partial output > getting lost when ssh-add(1) fatal()s part-way through (e.g. when > listing keys from an agent that supports key types that > ssh-add(1) doesn't). (bz#2234) > - ssh-keygen(1): When hashing or removing hosts, don't choke on > "@revoked" markers and don't remove "@cert-authority" markers. > (bz#2241) > - ssh(1): Don't fatal when hostname canonicalisation fails and a > ProxyCommand is in use; continue and allow the ProxyCommand to > connect anyway (e.g. to a host with a name outside the DNS behind > a bastion). > - scp(1): When copying local->remote fails during read, don't send > uninitialised heap to the remote end. > - sftp(1): Fix fatal "el_insertstr failed" errors when > tab-completing filenames with a single quote char somewhere in > the string. (bz#2238) > - ssh-keyscan(1): Scan for Ed25519 keys by default. > - ssh(1): When using VerifyHostKeyDNS with a DNSSEC resolver, > down-convert any certificate keys to plain keys and attempt SSHFP > resolution. Prevents a server from skipping SSHFP lookup and > forcing a new-hostkey dialog by offering only certificate keys. > - sshd(8): Avoid crash at exit via NULL pointer reference. > (bz#2225) > - Fix some strict-alignment errors. > > - mandoc 1.13.0: > o New implementation of apropos(1), whatis(1), and makewhatis(8) > based on SQLite3 databases. > o Substantial improvements of mandoc(1) error and warning messages. > o Almost complete implementation of roff(7) numerical expressions. > o About a dozen minor new features and numerous bug fixes. > > - Ports and packages: > o Over 8,800 ports. > > - Many pre-built packages for each architecture: > o i386: 8588 o sparc64: 7965 > o alpha: 6278 o sh: 2626 > o amd64: 8588 o powerpc: 8049 > o sparc: 3394 o arm: 5633 > o hppa: 6143 o vax: 1995 > o mips64: 4686 o mips64el: 6697 > o m88k: 2475 > > - Some highlights: > o GNOME 3.12.2 o KDE 3.5.10 and 4.13.3 > o Xfce 4.10 o MySQL 5.1.73 > o PostgreSQL 9.3.4 o Postfix 2.11.1 > o OpenLDAP 2.3.43 and 2.4.39 o GHC 7.6.3 > o Mozilla Firefox 31.0 o LibreOffice 4.1.6.2 > o Mozilla Thunderbird 31.0 o Vim 7.4.135 > o Emacs 21.4 and 24.3 o Python 2.7.8, 3.3.5 and 3.4.1 > o PHP 5.3.28, 5.4.30 and 5.5.14 o Mono 3.4.0 > o Ruby 1.8.7.374, 1.9.3.545, 2.0.0.481 and 2.1.2 > o Tcl/Tk 8.5.15 and 8.6.1 o Groff 1.22.2 > o JDK 1.6.0.32 and 1.7.0.55 o GCC 4.6.4, 4.8.3 and 4.9.0 > o Chromium 36.0.1985.125 o Go 1.3 > o LLVM/Clang 3.5 (20140228) o Node.js 0.10.28 > > - As usual, steady improvements in manual pages and other documentation. > > - The system includes the following major components from outside suppliers: > o Xenocara (based on X.Org 7.7 with xserver 1.15.2 + patches, > freetype 2.5.3, fontconfig 2.11.1, Mesa 10.2.3, xterm 309, > xkeyboard-config 2.11 and more) > o Gcc 4.2.1 (+ patches) and 3.3.6 (+ patches) > o Perl 5.18.2 (+ patches) > o Nginx 1.6.0 (+ patches) > o SQLite 3.8.4.3 (+ patches) > o Sendmail 8.14.8, with libmilter > o Bind 9.4.2-P2 (+ patches) > o NSD 4.0.3 > o Sudo 1.7.2p8 > o Ncurses 5.7 > o Binutils 2.15 (+ patches) > o Gdb 6.3 (+ patches) > o Less 458 (+ patches) > o Awk Aug 10, 2011 version > > If you'd like to see a list of what has changed between OpenBSD 5.5 > and 5.6, look at > > http://www.OpenBSD.org/plus56.html > > Even though the list is a summary of the most important changes > made to OpenBSD, it still is a very very long list. > We provide patches for known security threats and other important > issues discovered after each CD release. As usual, between the > creation of the OpenBSD 5.6 HTTP/CD-ROM binaries and the actual 5.6 > release date, our team found and fixed some new reliability problems > (note: most are minor and in subsystems that are not enabled by > default). Our continued research into security means we will find > new security problems -- and we always provide patches as soon as > possible. Therefore, we advise regular visits to > > http://www.OpenBSD.org/security.html > and > http://www.OpenBSD.org/errata.html > Mailing lists are an important means of communication among users and > developers of OpenBSD. For information on OpenBSD mailing lists, please > see: > > http://www.OpenBSD.org/mail.html > OpenBSD 5.6 is also available on CD-ROM. The 3-CD set costs 44 EUR and > is available via web order worldwide. > > The CD set includes a colourful booklet which carefully explains the > installation of OpenBSD. A new set of cute little stickers is also > included (sorry, but our HTTP mirror sites do not support STP, the Sticker > Transfer Protocol). As an added bonus, the second CD contains an audio > track, a song entitled "Ride of the Valkyries". MP3 and OGG versions of > the audio track can be found on the first CD. > > Lyrics (and an explanation) for the songs may be found at: > > http://www.OpenBSD.org/lyrics.html#56 > > Profits from CD sales are the primary income source for the OpenBSD > project -- in essence selling these CD-ROM units ensures that OpenBSD > will continue to make another release six months from now. > > The OpenBSD 5.6 CD-ROMs are bootable on the following platforms: > > o i386 > o amd64 > o macppc > o sparc64 > > (Other platforms must boot from network, floppy, or other method). > > For more information on ordering CD-ROMs, see: > > http://www.OpenBSD.org/orders.html > > All of our developers strongly urge you to buy a CD-ROM and support > our future efforts. Additionally, donations to the project are > highly appreciated, as described in more detail at: > > http://www.OpenBSD.org/donations.html > For those unable to make their contributions as straightforward gifts, > the OpenBSD Foundation (http://www.openbsdfoundation.org) is a Canadian > not-for-profit corporation that can accept larger contributions and > issue receipts. In some situations, their receipt may qualify as a > business expense write-off, so this is certainly a consideration for > some organizations or businesses. There may also be exposure benefits > since the Foundation may be interested in participating in press releases. > In turn, the Foundation then uses these contributions to assist OpenBSD's > infrastructure needs. Contact the foundation directors at > direct...@openbsdfoundation.org for more information. > The OpenBSD distribution companies also sell T-shirts and polo shirts, > with new and old designs, available from our web ordering system. > If you choose not to buy an OpenBSD CD-ROM, OpenBSD can be easily > installed via HTTP downloads. Typically you need a single > small piece of boot media (e.g., a USB flash drive) and then the rest > of the files can be installed from a number of locations, including > directly off the Internet. Follow this simple set of instructions > to ensure that you find all of the documentation you will need > while performing an install via HTTP. With the CD-ROMs, > the necessary documentation is easier to find. > > 1) Read either of the following two files for a list of HTTP > mirrors which provide OpenBSD, then choose one near you: > > http://www.OpenBSD.org/ftp.html > http://ftp.openbsd.org/pub/OpenBSD/ftplist > > As of November 1, 2014, the following HTTP mirror sites have the 5.6 release: > > http://ftp.eu.openbsd.org/pub/OpenBSD/5.6/ Stockholm, Sweden > http://ftp.bytemine.net/pub/OpenBSD/5.6/ Oldenburg, Germany > http://ftp.ch.openbsd.org/pub/OpenBSD/5.6/ Zurich, Switzerland > http://ftp.fr.openbsd.org/pub/OpenBSD/5.6/ Paris, France > http://ftp5.eu.openbsd.org/pub/OpenBSD/5.6/ Vienna, Austria > http://mirror.aarnet.edu.au/pub/OpenBSD/5.6/ Brisbane, Australia > http://ftp.usa.openbsd.org/pub/OpenBSD/5.6/ CO, USA > http://ftp5.usa.openbsd.org/pub/OpenBSD/5.6/ CA, USA > http://mirror.esc7.net/pub/OpenBSD/5.6/ TX, USA > > The release is also available at the master site: > > http://ftp.openbsd.org/pub/OpenBSD/5.6/ Alberta, Canada > > However it is strongly suggested you use a mirror. > > Other mirror sites may take a day or two to update. > > 2) Connect to that HTTP mirror site and go into the directory > pub/OpenBSD/5.6/ which contains these files and directories. > This is a list of what you will see: > > ANNOUNCEMENT alpha/ luna88k/ sparc/ > Changelogs/ amd64/ macppc/ sparc64/ > HARDWARE armv7/ octeon/ src.tar.gz > PACKAGES aviion/ packages/ sys.tar.gz > PORTS hppa/ ports.tar.gz tools/ > README i386/ root.mail vax/ > SHA256 landisk/ sgi/ xenocara.tar.gz > SHA256.sig loongson/ socppc/ zaurus/ > > It is quite likely that you will want at LEAST the following > files which apply to all the architectures OpenBSD supports. > > README - generic README > HARDWARE - list of hardware we support > PORTS - description of our ports tree > PACKAGES - description of pre-compiled packages > root.mail - a copy of root's mail at initial login. > (This is really worthwhile reading). > > 3) Read the README file. It is short, and a quick read will make > sure you understand what else you need to fetch. > > 4) Next, go into the directory that applies to your architecture, > for example, amd64. This is a list of what you will see: > > INSTALL.amd64 cd56.iso index.txt xetc56.tgz > SHA256 cdboot* install56.fs xfont56.tgz > SHA256.sig cdbr* install56.iso xserv56.tgz > base56.tgz comp56.tgz man56.tgz xshare56.tgz > bsd* etc56.tgz miniroot56.fs > bsd.mp* floppy56.fs pxeboot* > bsd.rd* game56.tgz xbase56.tgz > > If you are new to OpenBSD, fetch _at least_ the file INSTALL.amd64 > and install56.iso. The install56.iso file (roughly 250MB in size) > is a one-step ISO-format install CD image which contains the various > *.tgz files so you do not need to fetch them separately. > > If you prefer to use a USB flash drive, fetch install56.fs and > follow the instructions in INSTALL.amd64. > > 5) If you are an expert, follow the instructions in the file called > README; otherwise, use the more complete instructions in the > file called INSTALL.amd64. INSTALL.amd64 may tell you that you > need to fetch other files. > > 6) Just in case, take a peek at: > > http://www.OpenBSD.org/errata.html > > This is the page where we talk about the mistakes we made while > creating the 5.6 release, or the significant bugs we fixed > post-release which we think our users should have fixes for. > Patches and workarounds are clearly described there. > > Note: If you end up needing to write a raw floppy using Windows, > you can use "fdimage.exe" located in the pub/OpenBSD/5.6/tools > directory to do so. > X.Org has been integrated more closely into the system. This release > contains X.Org 7.7. Most of our architectures ship with X.Org, including > amd64, sparc, sparc64 and macppc. During installation, you can install > X.Org quite easily. Be sure to try out xdm(1) and see how we have > customized it for OpenBSD. > The OpenBSD ports tree contains automated instructions for building > third party software. The software has been verified to build and > run on the various OpenBSD architectures. The 5.6 ports collection, > including many of the distribution files, is included on the 3-CD > set. Please see the PORTS file for more information. > > Note: some of the most popular ports, e.g., the nginx web server > and several X applications, come standard with OpenBSD. Also, many > popular ports have been pre-compiled for those who do not desire > to build their own binaries (see BINARY PACKAGES, below). > A large number of binary packages are provided. Please see the PACKAGES > file (http://ftp.OpenBSD.org/pub/OpenBSD/5.6/PACKAGES) for more details. > The CD-ROMs contain source code for all the subsystems explained > above, and the README (http://ftp.OpenBSD.org/pub/OpenBSD/5.6/README) > file explains how to deal with these source files. For those who > are doing an HTTP install, the source code for all four subsystems > can be found in the pub/OpenBSD/5.6/ directory: > > xenocara.tar.gz ports.tar.gz src.tar.gz sys.tar.gz > Ports tree and package building by Jasper Lievisse Adriaanse, > Pierre-Emmanuel Andre, Landry Breuil, Stuart Henderson, Peter Hessler, > Nick Holland, Paul Irofti, Sebastian Reitenbach, Miod Vallat, and > Christian Weisgerber. System builds by Jasper Lievisse Adriaanse, > Kenji Aoyama, Theo de Raadt, Nick Holland, and Miod Vallat. > X11 builds by Jasper Lievisse Adriaanse, Kenji Aoyama, Todd Fries, > Nick Holland, and Miod Vallat. ISO-9660 filesystem layout by > Theo de Raadt. > > We would like to thank all of the people who sent in bug reports, bug > fixes, donation cheques, and hardware that we use. We would also like > to thank those who pre-ordered the 5.6 CD-ROM or bought our previous > CD-ROMs. Those who did not support us financially have still helped > us with our goal of improving the quality of the software. > > Our developers are: > > Aaron Bieber, Alexander Bluhm, Alexander Hall, Alexandr Shadchin, > Alexandre Ratchov, Andrew Fresh, Anil Madhavapeddy, > Anthony J. Bentley, Antoine Jacoutot, Austin Hook, Benoit Lecocq, > Bob Beck, Brad Smith, Brandon Mercer, Brent Cook, Bret Lambert, > Brett Mahar, Brian Callahan, Camiel Dobbelaar, Charles Longeau, > Chris Cappuccio, Christian Weisgerber, Christopher Zimmermann, > Claudio Jeker, Damien Miller, Daniel Dickman, Darren Tucker, > David Coppa, David Gwynne, Doug Hogan, Edd Barrett, Eric Faurot, > Federico G. Schwindt, Florian Obser, Gerhard Roth, Gilles Chehade, > Giovanni Bechis, Gleydson Soares, Gonzalo L. Rodriguez, > Henning Brauer, Ian Darwin, Igor Sobrado, Ingo Schwarze, > Jakob Schlyter, James Turner, Jason McIntyre, > Jasper Lievisse Adriaanse, Jeremie Courreges-Anglas, Jeremy Evans, > Jim Razmus II, Joel Sing, Joerg Jung, Jonathan Armani, > Jonathan Gray, Jonathan Matthew, Jordan Hargrave, Joshua Elsasser, > Joshua Stein, Juan Francisco Cantero Hurtado, Kazuya Goda, > Kenji Aoyama, Kenneth R Westerback, Kirill Bychkov, Kurt Miller, > Landry Breuil, Lawrence Teo, Loganaden Velvindron, Luke Tymowski, > Marc Espie, Marco Pfatschbacher, Mark Kettenis, Mark Lumsden, > Markus Friedl, Martin Pelikan, Martin Pieuchot, Martin Reindl, > Martynas Venckus, Masao Uebayashi, Mats O Jansson, Matthew Dempsky, > Matthias Kilian, Matthieu Herrb, Mike Belopuhov, Mike Larkin, > Miod Vallat, Naoya Kaneko, Nayden Markatchev, Nicholas Marriott, > Nick Holland, Nigel Taylor, Okan Demirmen, Otto Moerbeek, > Pascal Stumpf, Paul de Weerd, Paul Irofti, Peter Hessler, > Philip Guenther, Pierre-Emmanuel Andre, Raphael Graf, Remi Pointel, > Renato Westphal, Reyk Floeter, Robert Nagy, Robert Peichaer, > Ryan Thomas McBride, Sasano Takayoshi, Sebastian Benoit, > Sebastian Reitenbach, Simon Perreault, Stefan Fritsch, > Stefan Sperling, Stephan Rickauer, Steven Mestdagh, Stuart Cassoff, > Stuart Henderson, Sylvestre Gallon, Ted Unangst, Theo de Raadt, > Tobias Stoeckmann, Tobias Ulmer, Todd C. Miller, Todd Fries, > Vadim Zhukov, William Yodlowsky, Wouter Wijngaards, > Yasuoka Masahiko, Yojiro Uo [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]