Announcing NetBSD 3.0.1
The NetBSD Project is pleased to announce that update 3.0.1 of the NetBSD operating system is now available. NetBSD 3.0.1 is the first security/critical update of the NetBSD 3.0 release branch. This represents a selected subset of fixes deemed critical in nature for stability or security reasons, no new features have been added.
NetBSD 3.0.1 runs on 57 different system architectures featuring 17 machine architectures across 17 distinct CPU families, and is being ported to more. The NetBSD 3.0.1 release contains complete binary releases for 53 different machine types, with the platforms amigappc, bebox, pc532 and playstation2 released in source form only. Complete source and binaries for NetBSD 3.0.1 are available for download at many sites around the world. A list of download sites providing FTP, AnonCVS, SUP, and other services is provided at the end of this announcement; the latest list of available download sites may also be found at http://www.NetBSD.org/mirrors/. We encourage users who wish to install via a CD-ROM ISO image to download via BitTorrent by using the torrent files supplied in the ISO image area.
A list of checksums for the NetBSD 3.0.1 distribution has been signed with the well-connected PGP key for the NetBSD Security Officer: ftp://ftp.NetBSD.org/pub/NetBSD/security/hashes/NetBSD-3.0.1_hashes.asc
Please note that all fixes in security/critical updates (ie, NetBSD 3.0.1, 3.0.2, etc) are cumulative, so the latest update contains all such fixes since the corresponding minor release. These fixes will also appear in future minor releases (ie, NetBSD 3.1, 3.2, etc), together with other less-critical fixes and feature enhancements.
The NetBSD Foundation would like to dedicate the NetBSD 3.0.1 release to the memory of Richard Rauch, who died in March 2006 from injuries he suffered during a traffic accident caused by no fault of his own.
Richard was an active NetBSD user who contributed a great deal to improving the quality of the NetBSD operating system through bug reports and patches. His death came as a shock, and he will be greatly missed by all of us. May he rest in peace.
The complete list of changes can be found in the CHANGES-3.0.1 file in the top level directory of the NetBSD 3.0.1 release tree. A shortened list is as follows:
- Hold kernel_lock while calling systrace_exit().
- In systrace_make_msg(), sleep uninterruptibly while waiting for the response from the systrace daemon, so that the message protocol between the kernel and the daemon doesn't get out of sync.
- RAIDframe: mark used spares as failed if they encounter IO errors.
- wdc(4): after a reset don't wait for drives to come ready if there are no drives (fixes a 30s hang after resume).
- Fix support in wdc(4) for 1 and 2TB disks.
- Fix a bug in the pf(4) fragment cache which could cause kernel panics (SA2006-004).
- Fix a crash caused by azalia(4) when a connection list has invalid NIDs.
- aic(4): work around an rbus resource allocation problem so cards work again.
- RAIDframe was erroneously re-initializing the Parity Stripe Status pool each time a new array was configured. This causes grief with things like 'vmstat -m' by causing it to loop. Make RAIDframe only initialize PSS bits once.
- twe(4): fix a memory leak in the TWEIO_GET_PARAM ioctl.
- Prevent system crashes caused by malformed ELF interpreters (SA2006-008).
- usb(4): Allow a NULL pointer as argument to usb_get_next_event(), and don't allocate a "struct usb_event" on stack in usb_add_event().
- Check the "oldlen" argument to sysctl(2) before passing it to uvm_vslock(9). This prevents a local DOS (SA2006-013).
- Use a pmatch(9) expression which should catch all present and future seagate drives larger than 200GB for the WD_QUIRK_FORCE_LBA48 quirks.
- Fix the 'audioctl of death' problem (SA2006-014).
- Limit the size of any kernel buffers allocated by the VOP_READDIR routines to MAXBSIZE.
- Make sure all bridge(4) structs are initialized to 0.
- Fix a memory disclosure in bridge(4) (SA2006-005).
- Use sigaction(2) to setup automatic disposal of child processes after daemonizing rpc.statd(8). This is more portable and avoids zombie rpc.statd(8) processes after an NFS client running e.g. Mac OS X shuts down.
- Prevent system crash when attempting to gather information about a non-existing alias of a network interface via the SIOCGIFALIAS ioctl (SA2006-012).
- Fix a panic caused by insufficient validation when parsing IPv6 socket options (SA2006-016).
- Change union_unmount() to not play with the fs root vnode explicitly. Let it get recycled along with all of the others. This is important as if the root vnode has already been reclaimed, then we get a panic when we try to vget it.
- xdr_rec.c missing a bugfix for an improper security check. The correct way to check for a zero record length is to check for it without the LAST_FRAG marker in it, since it's legal to send a LAST_FRAG marker with 0 bytes of data.
- pam_nologin(8): use the class of the user, not then default class, when checking for nologin and ignorelogin login.conf(5) capabilities.
- pam_unix(8): fix an uninitialized variable, and remove some unreachable code.
- Make PAM work on NetBSD ports without shared library support.
- Make password aging work again.
- Fix a bug in signal handling which could e.g get the MySQL daemon stuck in a tight loop after receiving a HUP signal.
- Improve rnd(4) code probing for the Intel hardware RNG to avoid false detections (SA2006-009).
- mail(1) creates record file with insecure umask (SA2006-007).
- Fix a remote code execution vulnerability in sendmail (SA2006-010).
- A vulnerability was found in the fast_ipsec(4) stack that renders the IPSec anti-replay service ineffective under certain circumstances (SA2006-011).
- Fix a number of small security problems with the games.
- Fix an FPU Information leak on i386/amd64/Xen platforms with AMD CPUs (SA2006-015).
- Fix several integer overflows and NULL-pointer dereferences in freetype2.
- Fix a denial of service vulnerability in sendmail when handling malformed multipart MIME messages (SA2006-017).
- Sync the Nvidia drivers with XFree86's sources as of December 24th, 2005. These changes fix lots of problems (i.e. freezes) with the latest cards (such as a GeForce 6600GT).
- Give systrace its own version of realpath() that does what it wants, call it intercept_realpath(). Unbreaks systrace.
- login(1), pam_securetty(8): don't issue a different message for root login on an insecure terminal.
- Fix some unpaired sigblocks which possibly leave a process with all signals blocked (esp. apparent under Gnome).
- Fix a NULL pointer dereference in ftp(1).
- Make sh(1) expand "$@" correctly again.
- Avoid panics under NetBSD/acorn26 whenever a process exits.
- Stop NetBSD/acorn26 from allocating eight times as much pool memory as it needs, leading to a rapid exhaustion of physical memory. NetBSD/acorn26 now boots multi-user again.
- Installer: don't ask for the root device before the user had a chance to identify how it's called under NetBSD.
- Fix the bootloader so it doesn't print garbage to the bitmap console.
- Fix a huge number of pkgsrc build problems.
- Fix boot failure problem on HP400t with fb console.
- Fix a problem with the probe of SCSI disks in the installer.
- Update pciide at pnpbios to work with the last changes to wdc(4), especially the deferral of drive probe.
- Avoid kernel panics caused by binaries compiled with "-mips2" or better.
- Update FPE trapsignal functions for new siginfo.
- For GCC3 and later, use the __builtin_va* constructs. Avoids a build problem with Firefox.
- Avoid dom0 kernel crash when destroying a domain with active I/O going.
- Fix the FPU problems detected by paranoia on a NetBSD/Xen guest.
- Check the destination ethernet address when not in promiscuous mode. Fix a problem where packets would be duplicated, possibly looping, when a domU is doing IP routing.
- Avoid panics under high system load.
Please note that at the moment, sysinst will not assist you in installing pre-built third-party binary packages or the pkgsrc system itself. See the NetBSD packages collection documentation:
NetBSD is a free, secure and highly portable UNIX-like Open Source operating system available for many platforms, from 64-bit Opteron machines and desktop systems to handheld and embedded devices. Its clean design and advanced features make it excellent in both production and research environments, and it is user-supported with complete source. In addition to its highly portable high performance kernel, NetBSD features a complete set of user utilities, compilers for several languages, the X Window System, firewall software and numerous other tools, all accompanied by full source code. The NetBSD Packages Collection, pkgsrc, contains over 5,700 packages. Binary package releases for a number of platforms are currently in progress.
NetBSD descended from the Berkeley Networking Release 2 (Net/2), 4.4BSD-Lite, and 4.4BSD-Lite2, and is the work of a diverse group of people spread around the world. The “Net” in our name is a tribute to the Internet, which enables us to communicate and share code, and without which the project would not exist.
More information on the goals of the NetBSD Project can be procured from the NetBSD website at:
NetBSD is freely available, all of the code is under non-restrictive licenses and may be used without paying royalties to anyone. Free support services are available via our mailing lists and website, commercial support is available from a variety of sources; some are listed at:
More extensive information on NetBSD is available from the NetBSD website:
The NetBSD 3.0.1 release provides supported binary distributions for the following systems:
NetBSD/acorn26 | Acorn Archimedes, A-series and R-series systems |
NetBSD/acorn32 | Acorn RiscPC/A7000, VLSI RC7500 |
NetBSD/algor | Algorithmics, Ltd. MIPS evaluation boards |
NetBSD/alpha | Digital/Compaq Alpha (64-bit) |
NetBSD/amd64 | Computers with x86_64 capable CPUs |
NetBSD/amiga | Commodore Amiga, MacroSystem DraCo |
NetBSD/arc | MIPS-based machines following the Advanced RISC Computing spec |
NetBSD/atari | Atari TT030, Falcon, Hades |
NetBSD/cats | Chalice Technology's CATS and Intel's EBSA-285 evaluation boards |
NetBSD/cesfic | CES FIC8234 VME processor board |
NetBSD/cobalt | Cobalt Networks' MIPS-based Microservers |
NetBSD/dreamcast | Sega Dreamcast game console |
NetBSD/evbarm | ARM evaluation boards |
NetBSD/evbmips | MIPS-based evaluation boards |
NetBSD/evbppc | Evaluation boards and appliances with PowerPC CPUs |
NetBSD/evbsh3 | Evaluation boards with Hitachi Super-H SH3 and SH4 CPUs |
NetBSD/evbsh5 | Evaluation boards with Hitachi Super-H SH5 CPUs |
NetBSD/hp300 | Hewlett-Packard 9000/300 and 400 series |
NetBSD/hppa | Hewlett-Packard 9000 Series 700 workstations |
NetBSD/hpcarm | StrongARM based Windows CE PDA machines |
NetBSD/hpcmips | MIPS-based Windows CE PDA machines |
NetBSD/hpcsh | Hitachi SH3/4 based Windows CE PDA machines |
NetBSD/i386 | 80x86-based IBM PCs and clones |
NetBSD/ibmnws | IBM Network Station 1000 |
NetBSD/iyonix | Castle Technology's Iyonix ARM based PCs |
NetBSD/luna68k | OMRON Tateisi Electric's LUNA series |
NetBSD/mac68k | Apple Macintosh with 68k CPU |
NetBSD/macppc | Apple Power Macintosh and clones |
NetBSD/mipsco | MIPS Computer Systems Inc. family of workstations and servers |
NetBSD/mmeye | Brains mmEye multimedia server |
NetBSD/mvme68k | Motorola MVME 68k SBCs |
NetBSD/mvmeppc | Motorola PowerPC VME SBCs |
NetBSD/netwinder | StrongARM based NetWinder machines |
NetBSD/news68k | Sony's 68k-based “NET WORK STATION” series |
NetBSD/newsmips | Sony's MIPS-based “NET WORK STATION” series |
NetBSD/next68k | NeXT 68k “black” hardware |
NetBSD/ofppc | OpenFirmware PowerPC machines |
NetBSD/pmax | Digital MIPS-based DECstations and DECsystems |
NetBSD/pmppc | Artesyn's PM/PPC board |
NetBSD/prep | PReP (PowerPC Reference Platform) and CHRP machines |
NetBSD/sandpoint | Motorola Sandpoint reference platform |
NetBSD/sbmips | Broadcom SiByte evaluation boards |
NetBSD/sgimips | Silicon Graphics' MIPS-based workstations |
NetBSD/shark | Digital DNARD (“shark”) |
NetBSD/sparc | Sun SPARC (32-bit) and UltraSPARC (in 32-bit mode) |
NetBSD/sparc64 | Sun UltraSPARC (in native 64-bit mode) |
NetBSD/sun2 | Sun 2 |
NetBSD/sun3 | Sun 3 and 3x |
NetBSD/vax | Digital VAX |
NetBSD/x68k | Sharp X680x0 series |
Ports available in source form only for this release include the following:
NetBSD/amigappc | PowerPC-based Amiga boards |
NetBSD/bebox | Be Inc's BeBox |
NetBSD/pc532 | The NS32532-based PC532 computer |
NetBSD/playstation2 | SONY PlayStation 2 |
The NetBSD Foundation would like to thank all those who have contributed code, hardware, documentation, funds, colocation for our servers, web pages and other documentation, release engineering, and other resources over the years. More information on the people who make NetBSD happen is available at:
We would like to especially thank the University of California at Berkeley and the GNU Project for particularly large subsets of code that we use. We would also like to thank the Internet Systems Consortium Inc., Columbia University and Ludd (Luleå Academic Computer Society) computer society at Luleå University of Technology for current colocation services.
The NetBSD Foundation was chartered in 1995, with the task of overseeing core NetBSD project services, promoting the project within industry and the open source community, and holding intellectual property rights on much of the NetBSD code base. Day-to-day operations of the project are handled by volunteers.
As a non-profit organization with no commercial backing, The NetBSD Foundation depends on donations from its users, and we would like to ask you to consider making a donation to the NetBSD Foundation in support of continuing production of our fine operating system. Your generous donation would be particularly welcome assistance with ongoing upgrades and maintenance, as well as with operating expenses for The NetBSD Foundation.
Donations can be done via PayPal to <paypal@NetBSD.org>
and
are fully tax-deductible in the US. If you would prefer not to use PayPal,
or would like to make other arrangements, please contact
<finance-exec@NetBSD.org>
.
Please use a mirror site close to you.
Please also note our list of CD-ROM vendors.
Back to NetBSD 3.x formal releases