------------------------------------------------------------------------ - OpenBSD 7.9 RELEASED ------------------------------------------------- May 19, 2026. We are pleased to announce the official release of OpenBSD 7.9. This is our 60th release. We remain proud of OpenBSD's record of more than thirty years with only two remote holes in the default install. As in our previous releases, 7.9 provides significant improvements, including new features, in nearly all areas of the system: - Platforms specific improvements: o arm64: - Enabled ice(4) on arm64. - Added support for the RK3588 and RK3576 SoCs. - Added SMU support to amdpmc(4). The SMU is a microcontroller buried deep in the bowels of AMD SoCs and needs to be tickled in order to reach the lowest power states in suspend. - Added support for the Genesys Logic GL9755 SDHC controller (which includes the SDHC controller on some of the Apple Silicon laptops) to sdmmc(4). - Added rkusbdpphy(4), a driver for the USB DP Combo PHY on Rockchip SoCs. o amd64: - Disabled Panel Self Refresh (PSR) in amdgpu to avoid a potential hang on a ThinkPad X13 gen 6. - Increased MAXCPUs on amd64 to 255. o m88k: - Remove an unused variable in the pmap_table on m88k. - Switch m88k (luna88k) to gcc4. - Switch m88k to PIE by default. o Other architectures: - Fix various errors on big-endian systems in ice(4) to make it work on sparc64. - Change powerpc64 memory barriers to "sync". - Rework and improve tlb shootdown on alpha - Enable USBVERBOSE on riscv64. o More platform specific changes can be found in the hardware support section below. - Various kernel improvements: o Add infrastructure to allow future support of up to 52 partitions per disk. o Replace the cas spinlock in kernel mutexes with a "parking" lock. o Stop forcing the page daemon to sleep when there are outstanding paging requests. o Implement a ddb(4) stop command that sends a SIGSTOP to the specified pid. - Suspend/Hibernate Support: o Implemented delayed hibernation: The machdep.hibernatedelay sysctl is used to configure the number of seconds after which the system will wake up from suspend and hibernate itself. - SMP Improvements: o Unlock socket splicing. o Unlock icmp6_sysctl(). o Unlock the IGMP slow timeout. o Enable parallel fault handling on amd64 and arm64. o Make bse(4) interrupts mp-safe. - Direct Rendering Manager and graphics drivers: o Updated drm(4) to Linux 6.18.22. - VMM/VMD and virtualization improvements: o Adopted PCI-based semantics for reading unsupported or invalid registers by returning all 1's. Newer Linux kernels have started using 128-bit feature spaces.) o Add sysctl(8) machdep.vmmode to indicate status as a host or guest (and SEV mode). o Added vmboot, a tiny kernel that allows sysupgrade(8) to work for vmd(8) VMs. o Allow cd(4)/vioscsi(4) on a VM employing confidential computing methods, e.g. AMD SEV. o Fix a segfault in vmd(8) during vmmci timeout firing. o Use 32-bit direct kernel launch for both amd64 and i386 in vmd(8). o Fix a race in vmd(8) vm pause barrier usage. o Fix race in vmm(4) vm termination path. o Emulate AMD SysCfg MSR in vmm(4). o Make OpenBSD work on Apple Virtualization. o Only expose pvclock in vmm(4) if tsc frequency is known. o Reduce vmd(8) lowmem area in the memory map to help Linux guest reboot issues. o Prevent vmd(8) pause deadlock when vcpu doesn't halt. - Various new userland features: o Dynamically determine the possible partition names to show in the disklabel(8) editor a(dd) command help message. o Allow the disklabel(8) 'd'elete editor command to zero out FS_UNUSED partitions despite current value of d_npartitions. o Add display of the close-on-fork flag as 'f' in R/W column to fstat(1). o Add support for the XDG_RUNTIME_DIR environment variable in login(1) and xenodm(1) via login_cap(3). Set it by default, pointing to /tmp/run/user/${uid} which gets created if needed. - More bugfixes and tweaks in userland: o Make libsndio restart the audio(4) device upon underrun. o Fix LLVM x86 frame lowering for -msave-args. o Enable fall-back audio devices by default in sndiod(8). o Make pthread_set_name_np(3) succeed with long thread names instead of silently failing. o Handle calls to freeaddrinfo(3) with NULL argument, instead of crashing, and improve the manpage. o Made pcidump(8) print PCI bridge windows when they are "open". o Fix an editline(3) bug that truncates completion candidates when the input wraps to a new line. o Add file(1) support for PSF2 fonts detection. o Add file(1) support for Web Open Font Format (WOFF) detection. o Fix mg(1) replace-regexp issues. o Improve handling of strdup(3) failures in mg(1). o Improve the "No changes need to be saved" check in mg(1). o When ksh(1) is running not interactive, do not initialize curses. This avoids opening and parsing of the terminfo(3) file. o Add echo(1) -e to process escape sequences and support for multiple groups of dash args like ksh's echo. o Increased the length of arguments that can be given to pkill(1). This allows matching of commands with longer command line arguments. o Make the -0 option override -E in xargs(1) - Improved hardware support and driver bugfixes, including: o Tweak PCI device power management such that drivers can change their own power state. Let xhci(4) power itself down such that its companion USB4 controller can go to sleep in its DVACT_POWERDOWN implementation. o Add nhi(4), a driver for USB4 controllers. o Add an audio(9) driver interface to expose the hardware's display name. o Change envy(4) and uaudio(4) devices to return the product name as the display name. o Handle uaudio(4) devices with a single clock exposed in multiple domains. o Fix truncated uaudio(4) device names. o Improve acpi(4) handling of PCI bridges. o Implement "StorageD3Enable" support in acpi(4). o Stop acpi(4) calling pci function when an aml node has neither _ADR or _HID. o Add iasuskbd(4) support for special keys on the ASUS I2C laptop keyboards. o Add sgmsi(4), a driver for the MSI controller implementation on Sophgo SG2042 SoCs. o Add cdpcie(4), a driver for the Cadence PCIe controller, supporting the variant found on the Sophgo SG2042 SoC. o Add dwpcie(4) Qualcomm SC7280 support. o Add qcuart(4), a driver for Qualcomm GENI UART serial consoles. o Added support for blocking reads to fuse(4). o Add basic implementation of the low-level FUSE API sufficient to compile and run lowntfs-3g. o Allow uhidev(4) to attach to and work with devices that don't have an input interrupt endpoint. o Add the ispi(4) driver for Intel LPSS SPI controller. o Add an Apple variant to the "de" keyboard encoding for wskbd(4). o Add acpihid(4), a driver for the Generic Buttons Device defined by the ACPI specification. o Make viogpu(4) viogpu_wsmmap() return a physical address via bus_dmamem_mmap(9). o Add support for "Apple Inc. Virtual USB Digitizer", to expose the touchpad on Apple Virtualization. o Add support for the PSP found on the AMD EPYC 9005 to psp(4). o Add support for the AlphaSmart Dana to uvisor(4) as a PALM4 device. - New or improved network hardware support: o Fix memory leaks in bnxt(4) o In umb(4), make uplink and downlink speeds visible through kstat(4) o Add support for Quectel EC200A LTE modems to umsm(4) o Add rge(4) support for RTL8126 chip revision 0x64a00000. o Turn on SoftLRO by default on bnxt(4) and ice(4). o Fix the ice(4) "too many data commands" error on TSO packets. o Increase urndis(4) buffer size to 16k. o Fix an issue where dwqe(4), e.g. on a veb(4), doesn't recover when the link is done but packets are bridged. o Make the output of bse(4) mp-safe. o Enable 64 bit DMA transfers on aq(4), em(4), rge(4), re(4), iavf(4), ix(4), ixv(4), ixl(4), igc(4), ice(4) and iwx(4). o Add support for BCM575xx devices (also known as Thor or P5) to bnxt(4) - IEEE 802.11 wireless stack improvements and bugfixes: o Fixed association to access points which have all 802.11b rates disabled. o Update ieee80211_classify to RFC8325 to prioritize interactive SSH sessions correctly, and rate-limit high-prio QoS packets. o Initialize TIDs 4-7 to improve QoS behaviour during Tx aggregation. - Added or improved wireless network drivers: o Improve chances of qwx(4) receiving the initial WPA handshake message. o Reinitialize the qwx(4) HAL state when resuming from suspend. o Enable iwx(4) on i386. o Add PMF (Protected Management Frames) support to iwm(4) ,iwx(4), and qwx(4), and add support for 802.11 AKM SHA256-PSK to ifconfig(8) and enable it by default if the driver supports PMF. o Fix iwx(4) issues related to roaming and PMF and firmware crypto keys. o Set the assoc ID field in iwx(4) firmware commands correctly. o Add support for BZ devices with WiFi 6e radio to iwx(4). o Make iwx(4) not load incomplete firmware images and report a proper error instead. o Fix iwn(4) setting of DMA base addresses of Tx rings 17 and beyond. o Add powersave support to iwx(4). o Add support for 160 MHz channel width to iwx(4). o Increase VHT frame aggregation size limit from 64k to 1024k on iwx(4). - Installer, upgrade, bootloader, and pkg-tools improvements: o Allow installboot(8) to finish, even if efi(4) can't be accessed. o Make sysupgrade fail if "df /usr" says the filesystem is over 90% full, rather than potentially completely breaking the system. o Scan both dmesg.boot and dmesg(8) output for devices with fw_update(8). o On amd64, add support for loading files (kernels) from the efi system partition. This means one can put the openbsd boot loader and bsd.rd on the efi boot partition and run the installer that way. This already works on arm64. o Improve keydisk partition detection in the installer. o Add aggr(4) support to arm64 RAMDISK and i386/amd64 RAMDISK_CD. - Security improvements: o Stop allowing root to bypass bpf(4) BIOCLOCK. o Retire the pledge(2) 'tmppath' promise. The use of unveil(2) "/tmp" "rwc", unveil "/" "r" or similar together with pledge "rpath wpath cpath" replaces all use cases of 'tmppath' in a safer way. o Introduce __pledge_open(2) system call which is pretty much the same as open(2), except libc will use it to differentiate certain well-controlled pathnames which follow special rules in pledge and can be accessed even when "rpath" or unveil(2) don't allow so. If a fd came from libc doing the __pledge_open(2) system call, do not allow write(2), chmod(2), chflags(2), chown(2), ftruncate(2), or fdpassing. pledge_open(2) is an unexported interface that libc will use (soon) to open 2 devices (null and tty), about 9 files (based upon pledge promises), and files within the zoneinfo directory. This works because libc only reads from those fd. Currently those files are openable by non-libc code, but soon only static libc code will be able to do those opens. Use __pledge_open(2) for files that libc urgently needs even in lower promise levels. You must be running a kernel at least 4 days old. soon, another commit will happen that breaks compatibility even further, and you'll need new static binaries and new libc.so, along with a new kernel. This removes an old pledge design decision which is weak. In the pledge_namei() callback, stop looking for the libc special files when the open(2) system call was used, and only do this for __pledge_open(2) which libc will use when it intends to access those files. This breaks compatibility in a pretty major way, but that's the price being paid to undo this historical shortcut I made to satisfy libc's internal requirements and make pledge(2) a possibility. All the other parts are already in the tree. There may be a few dangling issues in ports or base which we'll find over time. o In dig(1), fix pledge/unveil issues relating to manual opening of /etc/resolv.conf. o Fix unveil(2) to handle a filesystem that is mounted on a mount point that is itself the root of another filesystem. + - New features in the network stack: o Make the Virtual Ethernet Bridge veb(4) a vlan aware bridge. Ports in veb(4) now have a pvid (port vlan identifier) used to determine which vlan untagged packets get associated with, and a bitmap of allows vids (vlan ids) that say what vlans tagged traffic can interact with. Ports can be configured as "access" ports by only configuring a pvid but with no entries in the vid map, or as a "trunk" by disabling the pvid and adding entries to the vid map, or a "hybrid" port by configuring both a pvid and entries in the vid map. To maintain compatibility with existing (simple) setups, veb defaults to using pvid 1 on ports added to the bridge. o Add a LOCKED flag to veb(4) ports that are added to a bridge(4). This makes sure that the source mac-address of frames received by these ports has an entry in the fib/address cache pointing at the same interface. o In IPFIX/Netflow v10, add NAT template with post-NAT source and destination IP address and ports, allowing use of pflow to track internal to external translations. o Enable IPv6 autoconf (SLAAC) by default. - Further changes and bugfixes in the network stack: o Implement "checksum offload" between rport(4) pairs. This allows the kernel to skip ip/tcp/udp checksum calculation for packets between rdomains. o Implement IFCAP_TSO in rport(4). This allows the stack to pass large tcp frames between rdomains. o In rport(4), use multiple txqs to spread traffic handling over softnet threads. o Fix a panic when autodial (link1) on pppoe(4) tries to run. o Allow bpf(4) in tun_dev_read see VLAN tags when IFCAP_VLAN_HWTAGGING is enabled. o Add XOR and MOD operations to bpf(4). o Made tpmr(4) work with ether_offload_ifcap like veb(4) and bridge(4). o Add Private VLAN support to veb(4) as per RFC 5517. o Allow vlan tags (and therefore vlan interfaces) on top of vports. o Use per cpu refs in the input path instead of one refcnt per port to improve performance on tpmr(4), veb.4 and aggr(4). o Remove lacp support from trunk(4), now better supported by aggr(4). o Introduce global interface queue limit. o Update codel implementation to comply with RFCs 8289 and 8290. o Improve vio(4) feature negotiation for Large Receive Offload/TCP Segmentation Offload. o Prevent false ELOOP error in socket splicing with SO_SPLICE. - The following changes were made to the pf(4) firewall: o Introduce source and state limiters in pf(4). o Extend pf(4) limiters so administrator can specify the action the rule executes when limit is reached. o In pfctl(8) change default limiter action from no-match to block o Have pf(4) state and source limiter state cleanup assert on the right lock. o Fix pfctl(8) with '-nvf ...' option to provide output which matches pfctl grammar for rules that use source/state limiters. o Print both nat-to and rdr-to in pfctl(8) show rules. - Routing daemons, network services and other userland network programs saw the following improvements: o Do not log an error when dhcp6leased(8) cannot add a route because it already exists. o In dhcpleased(8), do not pass pointers over process' privilege boundaries via imsg, only data. o Do not log an error when slaacd(8) cannot add a route because it already exists. o Fix a buffer overflow reachable via rogue router advertisements in slaacd(8). o Fix smtpd(8) dying if a malformed imsg is sent on the local socket. o Improved the logging of filter processing in smtpd(8). o Change the default "tagged" operation for ifconfig(8) to add VLAN ids rather than replace them. o Allow the ifconfig(8) and brconfig(8) "tagged" operation to accept multiple vids and/or ranges of vi o Add support for non-default config file paths to unbound(8) rc.d script. o In unwind(8) allow one to configure forced resolvers outside of preference blocks. o Add a "no banner" option to suppress Server header in httpd(8) o Restore httpd(8) server_http_time() use of GMT. o Make httpd(8) error out on presence of Content-Length and Transfer-Encoding headers for GET, HEAD and other methods that should have no body. o Make relayd(8) and httpd(8) use the same internal log functions as bgpd (and several other daemons). o Restore relayd(8) relay_http_time() use of GMT. o Add relayd(8) support for PROXY protocol in TCP relays. o Set a User-Agent in HTTP healthchecks sent by relayd(8). o Fix a race condition in relayd(8) that could cause a crash during configuration reload. o Fix ftp(1) http_time() to use GMT, not UTC, per RFC 9110. o Report success in ftp(1) when file is fully retrieved o Make tcpdump(8) show the 802.11 QoS TID with -v. o Add printing of netbios and dns servers in ipcp to tcpdump(8). o Extend tcpdump(8) for printing of DHCPv6 information. o Make sure that internal counters do not go out of bounds if the '-n' or '-A' traceroute(8) options are specified more than once. o Raise rad(8) lifetimes for the router, dns and nat64 to 60 minutes and lower the prefix valid lifetime to 60 minutes. It does not make sense for one piece of information to time out before another when these are transmitted in one router advertisement packet. - acme-client(1) saw several changes: o Only display port numbers in acme-client(1) Host headers when it's not 443. o Add support for IP Address certificates in acme-client(1). o Use ASN1_STRING_* accessor functions instead of reaching into ASN1_STRING objects directly. - In bgpd(8): o Rewrite the Adj-RIB-Out handling to be more memory efficient and faster. For large IXP route server deployments a reduction in memory usage of more than 50% should be feasible. o Process UPDATE messages in two phases: first update Adj-RIB-In, Loc-RIB, and FIB, then process all the Adj-RIB-Out tables. This significantly reduces the latency since updating all the Adj-RIB-Out tables could take a fair amount of time. o Introduce CH hash tables - a scalable hash map implementation that boosts performance through improved cache locality. o Introduce new metrics that track the amount of time spent in various parts of the main event loop of the route decision engine. o Fix various non-critical things uncovered by Coverity scanner. o Improve outbound filter performance by storing the rules in an array and also deduplicate equal filters across peers. This and the filter_set change reduce the initial sync duration of large route servers by more than 25%. o Improve performance of filter_sets processing in the RDE process by moving to a linear array of set objects to reduce cache misses. o Add better logging for attribute parse errors which cause a session reset via UPDATE ATTRLIST error notification. o Introduce various additional memory metrics which are part of the 'show rib memory' command. Some values are also tracked per-neighbor and visible via 'show neighbor'. o Fix logic error when handling per-peer and per-group MRT message dump configurations. - In rpki-client(8): o The Canonical Cache Representation underwent a breaking change after the adoption of https://datatracker.ietf.org/doc/draft-ietf-sidrops-rpki-ccr/ as a SIDROPS working group item. Apart from several CMS-related cosmetics, it now uses a IANA-assigned content type. As a result, rpki-client 9.7 cannot parse rpki-client 9.6's .ccr files and vice versa. o Support for Ghostbusters Record objects (RFC 6493) has been removed. Nobody showed interest in deploying this and there are other, widely supported ways of exchanging operational contact information such as RDAP. RFC 6493 is undergoing a status review to be marked as historic: https://datatracker.ietf.org/doc/status-change-rpki-ghostbusters-r ecord-to-historic/ o Prepare the code base for the opaque ASN1_STRING structure in OpenSSL 4. o Fixed two reliability issues: one where a malicious RPKI Certification Authority can trigger a crash, one where malicious Trust Anchor can provoke memory exhaustion. Thanks to Xie Yifan for reporting. o Various refactoring for improved compatibility with various libcrypto implementations and in CA/BGPsec certificate handling. o Fixed an accounting issue in HTTP gzip compression detection. o Added a warning in extra verbose mode (-vv) about standards non-compliant Issuer and Subject ASN.1 string encodings. o Added a check for canonical encoding of ASPA eContent in alignment with draft-ietf-sidrops-aspa-profile-22. o Ensure that a repository timeout correctly stops repository processing. Thanks to Fedor Vompe from Deutsche Telekom for reporting. o Fixed a defect in Canonical Cache Representation ROAIPAddressFamily sort order. As a result, rpki-client 9.8 cannot parse rpki-client 9.7's .ccr files and vice versa. Thanks to Bart Bakker from RIPE NCC for reporting. o Fixed an issue in the parser for the locally configured constraints. Thanks to Daniel Anderson. o A malicious RRDP Publication Server can cause a NULL dereference. Thanks to Daniel Anderson for reporting. o A malicious RPKI Publication Server can cause an incorrect error exit. Thanks to Yuheng Zhang, Qi Wang, Jianjun Chen from Tsinghua University, and Teatime Lab for reporting. - tmux(1) improvements and bug fixes: o Fix the logic of the no-detached case for detach-on-destroy option. o Support case insensitive search in tmux(1) modes in the same way as copy mode (like emacs, so all-lowercase means case insensitive). o Add -l flag to tmux(1) command-prompt to disable splitting into multiple prompts. o Allow show-messages to work without a client. o Add seconds to tmux(1) clock mode. o Make tmux(1) clock mode seconds synchronized to the second. o Add support for synchronized output mode (DECSET 2026). o Add a focus-follows-mouse option. o Reduce request timeout to 500 milliseconds to match the extended escape time and discard palette requests if receiving a reply for a different index. o Add -e flag to tmux' command-prompt to close if empty. o Fix window-size=latest not resizing on switch-client in session groups. o Make tmux respond to DECRQM 2026. o Break out the sorting code into a common file so formats and modes use the same code and add -O for sorting to the list commands. o Add sorting (-O flag) and a custom format (-F) to list-keys. o Fix several memory leaks. o Allow copy mode to work for readonly clients, except for copy commands o Avoid a crash by checking for NULL before dereferencing. o Make -c (shell command) work with new-session -A. o Draw message as one format, allowing prompts and messages to occupy only a portion of the status bar, overlaying the normal status content rather than replacing the entire line. o Add a short builtin help text for each mode accessible with C-h. - LibreSSL version 4.3.0: o Portable changes - ... o Internal improvements - Remove the unused sequence number from X509_REVOKED. - Replace a call to atoi(3) with strtonum(3) in nc(1) and replace a misleading use of ntohs(3) with htons(3). - openssl(1) speed now uses HMAC-SHA256 for its hmac benchmark. - Reimplemented only use of ASN1_PRINTABLE_type() in openssl(1) ca. The API will be removed in an upcoming release. - Add curve NID to EC_POINT objects so the library has a clue on which curve a given EC_POINT is supposed to live. - Use curve NID to check for compatibility between group and points in various EC API. This isn't 100% failsafe but good enough for sane uses. - Require SSE in order to use gcm_{gmult,ghash}_4bit_mmx(). On rare i386 machines supporting MMX but not SSE this could result in an illegal instruction. - Cleaned up asn1t.h to make it somewhat readable and more robust by using C99 initializers in particular. - Further assembly macro improvements for -portable. - Add fast path for well-known DH primes in DH_check(3) (including those from RFC 7919). Some projects still fiddle with this in 2025. - Rewrite ec_point_cmp() for readability and robustness. - Improve EVP_{Open,Seal}Init(3) internals. This is legacy API that cannot be removed since one scripting language still exposes it. - ASN1_BIT_STRING_set_bit(3) now trims trailing zero bits itself rather than relying on i2c_ASN1_BIT_STRING(3) to do that when encoding. - Fix and add workarounds to libtls to improve const correctness and to avoid warnings when compiling with OpenSSL 4. - Prefix EC_KEY methods with ec_key_ to avoid problems in some static links. - Remove mac_packet, a leftover from accepting SSLv2 ClientHellos. - Remove ssl_server_legacy_first_packet(). - In addition to what was done in LibreSSL 4.0 for the version handling, disable TLSv1.1 and lower also on the method level. - Remove workaround for SSL 3.0/TLS 1.0 CBC vulnerability. - Refactor ocsp_find_signer_sk() to avoid neglecting the ASN.1's semantics by direct reaching into deeply nested OCSP structures. o Compatibility changes - Expose X509_VERIFY_PARAM_set_hostflags(3) as a public symbol. - Provide SSL_SESSION_dup(3). - BIGNUMs now use the C99 types uint64_t/uint32_t for the word width. Fixes long-standing issues with 32-bit longs on 64-bit Windows. - Many unused BN_* macros with incomprehensible names were removed: BN_LONG, BN_BITS{,4}, BN_MASK2{,l,h,h1}, BN_TBIT, BN_DEC_CONV, BN_{DEC,HEX}_FMT{1,2}, ... - openssl(1) cms no longer accepts the unsupported -compress and -uncompress switches. - Added PKCS7_NO_DUAL_CONTENT flag/behavior. This is incorrect legacy behavior but some language bindings decided to rely on it in 2025. - Remove STABLE_FLAGS_MALLOC but keep STABLE_NO_MASK because there is still one user... - Fix ASN1_ADB_END macro to have compatible signature with OpenSSL. The adb_cb() argument is currently ignored. - Unexport ASN1_LONG_UNDEF. o New features - Support for MLKEM768_X25519 keyshare in TLS. - Added ML-KEM benchmarks to openssl(1) speed. - Added support for starttls protocol sieve. - Add support for RSASSA-PSS with pubkey OID RSASSA-PSS to libssl. o Bug fixes - Ensure the group selected by a TLSv1.3 server for a HelloRetryRequest is not one for which the client has already sent a key share. - Plug memory leak in CMS_EncryptedData_encrypt(3). - Plug possible memory leak and double free in nref_nos(). - Removed always zero test results for some no longer available legacy primitives in openssl(1) speed. - List SHA-3 digests in openssl(1) help output. - Fix encoding of bit strings with trailing zeroes on which ASN1_STRING_FLAG_BITS_LEFT is not set. - Add missing NULL pointer check to PKCS12_item_decrypt_d2i(3). - Avoid type confusion leading to 1-byte read at address 0x00-0xff in PKCS#12 parsing. - Fix type confusion in timestamp response parsing for v2 signing certs. - Fix EVP_SealInit(3) to return 0 on error, not -1. - Replace incorrect strncmp(3) with strcmp(3) in CRL distribution point config parsing. - openssl x509 -text writes its output to the file specified by -out like all other openssl(1) subcommands. - Stop Delta CRL processing in the verifier if the cRLNumber is missing. This is flagged on deserialization, but nothing checks that flag. This can lead to a NULL dereference if the verification has enabled Delta CRL checking by setting X509_V_FLAG_USE_DELTAS. - Fix NULL dereference that can be triggered with malformed OAEP parameter encoding for CMS decryption. - Add missing length checks before BIO_new_mem_buf(3) in libtls. - Improve libtls error reporting consistency, avoid reporting unrelated errnos. - Fix SAN dNSName constraints: instead of substring matching, match exactly and allow zero or more components in front of the candidate. o Reliability fix - Fix off-by-one error in the X.509 verifier depth checking. This can lead to a 4-byte overwrite on heap allocated memory for clients talking to a malicious server or for servers that have client certificate verification enabled. In addition, the maximum depth must be set to the maximum allowed value of 32. o Testing and proactive security - Port Wycheproof tests to testvectors_v1 and improve coverage and correctness. Add tests for ML-KEM in particular. - OpenSSH 10.3: o Security fixes: - ssh(1): validation of shell metacharacters in user names supplied on the command-line was performed too late to prevent some situations where they could be expanded from %-tokens in ssh_config. For certain configurations, such as those that use a "%u" token in a "Match exec" block, an attacker who can control the user name passed to ssh(1) could potentially execute arbitrary shell commands. Reported by Florian Kohnhäuser. We continue to recommend against directly exposing ssh(1) and other tools' command-lines to untrusted input. Mitigations such as this can not be absolute given the variety of shells and user configurations in use. - sshd(8): when matching an authorized_keys principals="" option against a list of principals in a certificate, an incorrect algorithm was used that could allow inappropriate matching in cases where a principal name in the certificate contains a comma character. Exploitation of the condition requires an authorized_keys principals="" option that lists more than one principal *and* a CA that will issue a certificate that encodes more than one of these principal names separated by a comma (typical CAs strongly constrain which principal names they will place in a certificate). This condition only applies to user- trusted CA keys in authorized_keys, the main certificate authentication path (TrustedUserCAKeys/AuthorizedPrincipalsFile) is not affected. Reported by Vladimir Tokarev. - scp(1): when downloading files as root in legacy (-O) mode and without the -p (preserve modes) flag set, scp did not clear setuid/setgid bits from downloaded files as one might typically expect. This bug dates back to the original Berkeley rcp program. Reported by Christos Papakonstantinou of Cantina and Spearbit. - sshd(8): fix incomplete application of PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms with regard to ECDSA keys. Previously if one of these directives contains any ECDSA algorithm name (say "ecdsa-sha2-nistp384"), then any other ECDSA algorithm would be accepted in its place regardless of whether it was listed or not. Reported by Christos Papakonstantinou of Cantina and Spearbit. - ssh(1): connection multiplexing confirmation (requested using "ControlMaster ask/autoask") was not being tested for proxy mode multiplexing sessions (i.e. "ssh -O proxy ..."). Reported by Michalis Vasileiadis. o Potentially incompatible changes: - ssh(1), sshd(8): remove bug compatibility for implementations that don't support rekeying. If such an implementation tries to interoperate with OpenSSH, it will now eventually fail when the transport needs rekeying. - sshd(8): prior to this release, a certificate that had an empty principals section would be treated as matching any principal (i.e. as a wildcard) when used via authorized_keys principals="" option. This was intentional, but created a surprising and potentially risky situation if a CA accidentally issued a certificate with an empty principals section: instead of being useless as one might expect, it could be used to authenticate as any user who trusted the CA via authorized_keys. [Note that this condition did not apply to CAs trusted via the sshd_config(5) TrustedUserCAKeys option.] This release treats an empty principals section as never matching any principal, and also fixes interpretation of wildcard characters in certificate principals. Now they are consistently implemented for host certificates and not supported for user certificates. - ssh(1): the -J and equivalent -oProxyJump="..." options now validate user and host names for ProxyJump/-J options passed via the command-line (no such validation is performed for this option in configuration files). This prevents shell injection in situations where these were directly exposed to adversarial input, which would have been a terrible idea to begin with. Reported by rabbit. o New features: - ssh(1), sshd(8): support IANA-assigned codepoints for SSH agent forwarding, as per draft-ietf-sshm-ssh-agent. Support for the new names is advertised via the EXT_INFO message. If a server offers support for the new names, then they are used preferentially. Support for the pre-standardisation "@openssh.com" extensions for agent forwarding remains supported. - ssh-agent(1): implement support for draft-ietf-sshm-ssh-agent "query" extension. - ssh-add(1): support querying the protocol extensions via the agent "query" extension with a new -Q flag. - ssh(1): support multiple files in ssh_config and sshd_config RevokedHostKeys directive. bz3918 - ssh(1): add a ~I escape option that shows information about the current SSH connection. - ssh(1): add an "ssh -Oconninfo user@host" multiplexing command that shows connection information, similar to the ~I escapechar. - ssh(1): add an ssh -O channels user@host multiplexing command to get a running mux process to show information about what channels are currently open. - sshd(8): add invaliduser penalty to PerSourcePenalties, which is applied to login attempts for usernames that do not match real accounts. Defaults to 5s to match 'authfail' but allows administrators to block such attempts for longer if desired. - sshd(8): add a GSSAPIDelegateCredentials option for the server, controlling whether it accepts delegated credentials offered by the client. This option mirrors the same option in ssh_config. - ssh(1), sshd(8): support the VA DSCP codepoint in the IPQoS directive. - sshd(8): convert PerSourcePenalties to using floating point time, allowing penalties to be less than a second. This is useful if you need to penalise things you expect to occur at >=1 QPS. - ssh-keygen(1): support writing ED25519 keys in PKCS8 format. - Support the ed25519 signature scheme via libcrypto. o Bugfixes: - sshd(8): make IPQoS first-match-wins in sshd_config, like other configuration directives. bz3924 - sshd(8): fix potential crash when MaxStartups is using a single argument (i.e. not using the MaxStartups x:y:z form) to a value below 10. bz3941 - sshd(8): fix a potential hang during key exchange if needed DH group values were missing from /etc/moduli. - ssh-agent(1): fix return values from extensions to be correct wrt draft-ietf-sshm-ssh-agent: extension requests should indicate failure using SSH_AGENT_EXTENSION_FAILURE rather than the generic SSH_AGENT_FAILURE error code. This allows the client to discern between "the request failed" and "the agent doesn't support this extension". - ssh(1): use fmprintf for showing challenge-response name and info to preserve UTF-8 characters where appropriate. - scp(1): when uploading a directory using sftp/sftp (e.g. during a recursive transfer), don't clobber the remote directory permissions unless either we created the directory during the transfer or the -p flag was set. bz3925 - All: implement missing pieces of FIDO/webauthn signature support, mostly related to certificate handling and enable acceptance of this signature format by default. bz3748 - sshd_config(5): make it clear that DenyUsers/DenyGroups overrides AllowUsers/AllowGroups. Previously we specified the order in which the directives are processed but it was ambiguous as to what happened if both matched. - ssh(1): don't try to match certificates held in an agent to private keys. This matching is done to support certificates that were loaded without their private key material, but is unnecessary for agent-hosted certificate which always have private key material available in the agent. Worse, this matching would mess up the request sent to the agent in such a way as to break usage of these keys when the key usage was restricted in the agent. bz3752 - sftp(1): if editline has been switched to vi mode (i.e. via "bind -v" in .editrc), setup a keybinding so that command mode can be entered. - ssh(1), sshd(8): improve performance of keying the sntrup761 key agreement algorithm. - ssh(1), sshd(8): enforce maximum packet/block limit during pre-authentication phase. - sftp(1): don't misuse the sftp limits extension's open-handles field. This value is supposed to be the number of handles a server will allow to be opened and not a number of outstanding read/write requests that can be sent during an upload/download. - sshd(8): don't crash at connection time if the main sshd_config lacks any subsystem directive but one is defined in a Match block. bz3906 - sshd_config(5): add a warning next to the ForceCommand directive that forcing a command doesn't automatically disable forwarding. - sshd_config(5): add a warning that TOKENS are replaced without filtering or escaping and that it's the administrator's responsibility to ensure they are used safely in context. - scp(1): correctly quote filenames in verbose output for local-> local copies. bz3900 - sshd(8): don't mess up the PerSourceNetBlockSize IPv6 mask if sscanf didn't decode it. - ssh-add(1): when loading FIDO2 resident keys, set the comment to the FIDO application string. This matches the behaviour of ssh-keygen -K. - sshd(8): don't strnvis() log messages that are going to be logged by sshd-auth via its parent sshd-session process, as the parent will also run them though strnvis(). Prevents double-escaping of non-printing characters in some log messages. bz3896 - ssh-agent(1): escape SSH_AUTH_SOCK paths that are sent to the shell as setenv commands. Unbreaks ssh-agent for home directory paths that contain whitespace. bz3884 - All: Remove unnecessary checks for ECDSA public key validity. - sshd(8): activate UnusedConnectionTimeout only after the last channel has closed. Previously UnusedConnectionTimeout could fire early after a ChannelTimeout. This was not a problem for the OpenSSH client because it terminates once all channels have closed but could cause problems for other clients (e.g. API clients) that do things differently. bz3827 - All: fix PKCS#11 key PIN entry problems introduced in openssh-10.1/10.2. bz3879 - scp(1): when using the SFTP protocol for transfers, fix implicit destination path selection when source path ends with "..". bz3871 - sftp(1): when tab-completing a filename, ensure that the completed string does not end up mid-way through a multibyte character, as this will cause a fatal() later on. - ssh-keygen(1): fix crash at exit (visible via ssh-keygen -D) when multiple keys loaded. - scp(1)/sftp(1): correctly display bandwidths >2GBps in the progress meter. - Ports and packages: o Pre-built packages are available for the following architectures on the day of release: - aarch64 (arm64): 12883 - amd64: 13044 - i386: 10631 - mips64: 9309 - powerpc64: 9507 - sparc64: 10079 o Packages for the following architectures will be made available as their builds complete: - arm - powerpc - riscv64 - Some highlights: o Asterisk 16.30.1, 18.26.4, o Mutt 2.3.1 and NeoMutt 20260406 20.16.0 and 22.9.0 o Node.js 22.22.2 o Audacity 3.7.7 o OCaml 4.14.2 o CMake 4.2.3 o OpenLDAP 2.6.13 o Chromium 147.0.7727.101 o PHP 8.2.30, 8.3.30, 8.4.20 and o Emacs 30.2 8.5.5 o FFmpeg 8.0.1 o Postfix 3.5.25 and 3.11.1 o GCC 15.2.0 o PostgreSQL 18.3 o GHC 9.10.3 o Python 2.7.18 and 3.13.13 o GNOME 49 o Qt 5.15.18 (+ kde patches) and o Go 1.26.2 6.10.2 o JDK 11.0.30, 17.0.18, 21.0.10, o R 4.5.2 25.0.2 o Ruby 3.3.1, 3.4.9 and 4.0.2 o KDE Applications 25.12.3 o Rust 1.94.1 o KDE Frameworks 6.23.0 o SQLite 3.51.3 o KDE Plasma 6.6.4 o Shotcut 26.2.26 o Krita 5.2.1 o Sudo 1.9.17p2 o LLVM/Clang 19.1.7, 20.1.8 o Suricata 7.0.7 21.1.8 o Tcl/Tk 8.5.19. 8.6.17 and 9.0.3 o LibreOffice 26.2.2.2 o TeX Live 2025 o Lua 5.1.5, 5.2.4, 5.3.6 and o Vim 9.2.0357 and Neovim 0.12.1 5.4.8 o Vulkan 1.4.341.0 o MariaDB 11.4.10 o Wayland 1.24.0 with compositors o Mono 6.14.1 Labwc, Mango, Niri, Sway and o Mozilla Firefox 150.0 and Wayfire ESR 140.10.0 o Xfce 4.20.0 o Mozilla Thunderbird 140.10.0 - As usual, steady improvements in manual pages and other documentation. - The system includes the following major components from outside suppliers: o Xenocara (based on X.Org 7.7 with xserver 21.1.21 + patches, freetype 2.14.2, fontconfig 2.17.1, Mesa 25.0.7, xterm 406, xkeyboard-config 2.20, fonttosfnt 1.2.4, and more) o LLVM/Clang 19.1.7 (+ patches) o GCC 4.2.1 (+ patches) o Perl 5.42.2 (+ patches) o pkgconf 2.4.3 o NSD 4.14.2 o Unbound 1.24.2 o Ncurses 6.4 o Binutils 2.17 (+ patches) o Gdb 6.3 (+ patches) o Awk 20250116 o Expat 2.7.5 o zlib 1.3.2 (+ patches) ------------------------------------------------------------------------ - SECURITY AND ERRATA -------------------------------------------------- We provide patches for known security threats and other important issues discovered after each release. Our continued research into security means we will find new security problems -- and we always provide patches as soon as possible. Therefore, we advise regular visits to https://www.OpenBSD.org/security.html and https://www.OpenBSD.org/errata.html ------------------------------------------------------------------------ - MAILING LISTS AND FAQ ------------------------------------------------ Mailing lists are an important means of communication among users and developers of OpenBSD. For information on OpenBSD mailing lists, please see: https://www.OpenBSD.org/mail.html You are also encouraged to read the Frequently Asked Questions (FAQ) at: https://www.OpenBSD.org/faq/ ------------------------------------------------------------------------ - DONATIONS ------------------------------------------------------------ The OpenBSD Project is a volunteer-driven software group funded by donations. Besides OpenBSD itself, we also develop important software like OpenSSH, LibreSSL, OpenNTPD, OpenSMTPD, the ubiquitous pf packet filter, the quality work of our ports development process, and many others. This ecosystem is all handled under the same funding umbrella. We hope our quality software will result in contributions that maintain our build/development infrastructure, pay our electrical/internet costs, and allow us to continue operating very productive developer hackathon events. All of our developers strongly urge you to donate and support our future efforts. Donations to the project are highly appreciated, and are described in more detail at: https://www.OpenBSD.org/donations.html ------------------------------------------------------------------------ - OPENBSD FOUNDATION --------------------------------------------------- For those unable to make their contributions as straightforward gifts, the OpenBSD Foundation (https://www.openbsdfoundation.org) is a Canadian not-for-profit corporation that can accept larger contributions and issue receipts. In some situations, their receipt may qualify as a business expense write-off, so this is certainly a consideration for some organizations or businesses. There may also be exposure benefits since the Foundation may be interested in participating in press releases. In turn, the Foundation then uses these contributions to assist OpenBSD's infrastructure needs. Contact the foundation directors at directors@openbsdfoundation.org for more information. ------------------------------------------------------------------------ - RELEASE SONG --------------------------------------------------------- OpenBSD 7.9 comes with the song "Diamond in the Rough". Lyrics (and an explanation) of the song may be found at: https://www.OpenBSD.org/lyrics.html#79 ------------------------------------------------------------------------ - HTTPS INSTALLS ------------------------------------------------------- OpenBSD can be easily installed via HTTPS downloads. Typically you need a single small piece of boot media (e.g., a USB flash drive) and then the rest of the files can be installed from a number of locations, including directly off the Internet. Follow this simple set of instructions to ensure that you find all of the documentation you will need while performing an install via HTTPS. 1) Read either of the following two files for a list of HTTPS mirrors which provide OpenBSD, then choose one near you: https://www.OpenBSD.org/ftp.html https://ftp.openbsd.org/pub/OpenBSD/ftplist As of May 19, 2026, the following HTTPS mirror sites have the 7.9 release: https://cdn.openbsd.org/pub/OpenBSD/7.9/ Global https://ftp.eu.openbsd.org/pub/OpenBSD/7.9/ Stockholm, Sweden https://ftp.hostserver.de/pub/OpenBSD/7.9/ Frankfurt, Germany https://ftp.bytemine.net/pub/OpenBSD/7.9/ Oldenburg, Germany https://ftp.fr.openbsd.org/pub/OpenBSD/7.9/ Paris, France https://mirror.aarnet.edu.au/pub/OpenBSD/7.9/ Brisbane, Australia https://ftp.usa.openbsd.org/pub/OpenBSD/7.9/ CO, USA https://ftp5.usa.openbsd.org/pub/OpenBSD/7.9/ CA, USA https://mirror.esc7.net/pub/OpenBSD/7.9/ TX, USA https://openbsd.cs.toronto.edu/pub/OpenBSD/7.9/ Toronto, Canada https://cloudflare.cdn.openbsd.org/pub/OpenBSD/7.9/ Global https://fastly.cdn.openbsd.org/pub/OpenBSD/7.9/ Global The release is also available at the master site: https://ftp.openbsd.org/pub/OpenBSD/7.9/ Alberta, Canada However it is strongly suggested you use a mirror. Other mirror sites may take a day or two to update. 2) Connect to that HTTPS mirror site and go into the directory pub/OpenBSD/7.9/ which contains these files and directories. This is a list of what you will see: ANNOUNCEMENT armv7/ octeon/ root.mail README hppa/ openbsd-79-base.pub sparc64/ SHA256 i386/ packages/ src.tar.gz SHA256.sig landisk/ packages-stable/ sys.tar.gz alpha/ loongson/ ports.tar.gz xenocara.tar.gz amd64/ luna88k/ powerpc64/ arm64/ macppc/ riscv64/ It is quite likely that you will want at LEAST the following files which apply to all the architectures OpenBSD supports. README - generic README root.mail - a copy of root's mail at initial login. (This is really worthwhile reading). 3) Read the README file. It is short, and a quick read will make sure you understand what else you need to fetch. 4) Next, go into the directory that applies to your architecture, for example, amd64. This is a list of what you will see: BOOTIA32.EFI* bsd* floppy79.img pxeboot* BOOTX64.EFI* bsd.mp* game79.tgz xbase79.tgz BUILDINFO bsd.rd* index.txt xfont79.tgz INSTALL.amd64 cd79.iso install79.img xserv79.tgz SHA256 cdboot* install79.iso xshare79.tgz SHA256.sig cdbr* man79.tgz base79.tgz comp79.tgz miniroot79.img If you are new to OpenBSD, fetch _at least_ the file INSTALL.amd64 and install79.iso. The install79.iso file (roughly 762MB in size) is a one-step ISO-format install CD image which contains the various *.tgz files so you do not need to fetch them separately. If you prefer to use a USB flash drive, fetch install79.img and follow the instructions in INSTALL.amd64. 5) If you are an expert, follow the instructions in the file called README; otherwise, use the more complete instructions in the file called INSTALL.amd64. INSTALL.amd64 may tell you that you need to fetch other files. 6) Just in case, take a peek at: https://www.OpenBSD.org/errata.html This is the page where we talk about the mistakes we made while creating the 7.9 release, or the significant bugs we fixed post-release which we think our users should have fixes for. Patches and workarounds are clearly described there. ------------------------------------------------------------------------ - X.ORG FOR MOST ARCHITECTURES ----------------------------------------- X.Org has been integrated more closely into the system. This release contains X.Org 7.7. Most of our architectures ship with X.Org, including amd64, sparc64 and macppc. During installation, you can install X.Org quite easily using xenodm(1), our simplified X11 display manager forked from xdm(1). ------------------------------------------------------------------------ - PACKAGES AND PORTS --------------------------------------------------- Many third party software applications have been ported to OpenBSD and can be installed as pre-compiled binary packages on the various OpenBSD architectures. Please see https://www.openbsd.org/faq/faq15.html for more information on working with packages and ports. Note: a few popular ports, e.g., NSD, Unbound, and several X applications, come standard with OpenBSD and do not need to be installed separately. ------------------------------------------------------------------------ - SYSTEM SOURCE CODE --------------------------------------------------- The source code for all four subsystems can be found in the pub/OpenBSD/7.9/ directory: xenocara.tar.gz ports.tar.gz src.tar.gz sys.tar.gz The README (https://ftp.OpenBSD.org/pub/OpenBSD/7.9/README) file explains how to deal with these source files. ------------------------------------------------------------------------ - THANKS --------------------------------------------------------------- Ports tree and package building by Jeremie Courreges-Anglas, Visa Hankala, Stuart Henderson, Peter Hessler, George Koehler, Kurt Mosiejczuk, and Christian Weisgerber. Base and X system builds by Kenji Aoyama, Theo de Raadt, and Miod Vallat. Release art by Lyra Henderson. We would like to thank all of the people who sent in bug reports, bug fixes, donation cheques, and hardware that we use. We would also like to thank those who bought our previous CD sets. Those who did not support us financially have still helped us with our goal of improving the quality of the software. Our developers are: Aaron Bieber, Adam Wolk, Aisha Tammy, Alexander Bluhm, Alexander Hall, Alexandr Nedvedicky, Alexandr Shadchin, Alexandre Ratchov, Andrew Hewus Fresh, Anil Madhavapeddy, Anthony J. Bentley, Antoine Jacoutot, Anton Lindqvist, Asou Masato, Ayaka Koshibe, Benoit Lecocq, Bjorn Ketelaars, Bob Beck, Brandon Mercer, Brent Cook, Brian Callahan, Bryan Steele, Can Erkin Acar, Caspar Schutijser, Charlene Wendling, Charles Longeau, Chris Cappuccio, Christian Ludwig, Christian Weisgerber, Christopher Zimmermann, Claudio Jeker, Dale Rahn, Damien Miller, Daniel Dickman, Daniel Jakots, Darren Tucker, Dave Voutila, David Coppa, David Gwynne, David Hill, David Leadbeater, Denis Fondras, Edd Barrett, Eric Faurot, Florian Obser, Florian Riehm, Frederic Cambus, George Koehler, Gerhard Roth, Giannis Tsaraias, Gilles Chehade, Giovanni Bechis, Gleydson Soares, Gonzalo L. Rodriguez, Greg Steuck, Hans-Joerg Hoexer, Helg Bredow, Henning Brauer, Ian Darwin, Ian Sutton, Igor Sobrado, Ingo Feinerer, Ingo Schwarze, Inoguchi Kinichiro, James Hastings, James Turner, Jan Klemkow, Jason McIntyre, Jasper Lievisse Adriaanse, Jeremie Courreges-Anglas, Jeremy Evans, Job Snijders, Joel Sing, Joerg Jung, Johannes Thyssen Tishman, Jonathan Armani, Jonathan Gray, Jonathan Matthew, Jordan Hargrave, Josh Rickmar, Joshua Sing, Joshua Stein, Juan Francisco Cantero Hurtado, Kazuya Goda, Kenji Aoyama, Kenjiro Nakayama, Kenneth R Westerback, Kent R. Spillner, Kevin Lo, Kirill A. Korinsky, Kirill Bychkov, Klemens Nanni, Kurt Miller, Kurt Mosiejczuk, Landry Breuil, Lawrence Teo, Lucas Gabriel Vuotto, Lucas Raab, Marcus Glocker, Mark Kettenis, Mark Lumsden, Markus Friedl, Martijn van Duren, Martin Natano, Martin Reindl, Martynas Venckus, Matthew Dempsky, Matthias Kilian, Matthieu Herrb, Michael Mikonos, Mike Belopuhov, Mike Larkin, Miod Vallat, Moritz Buhl, Nam Nguyen, Nayden Markatchev, Nicholas Marriott, Nigel Taylor, Okan Demirmen, Omar Polo, Ori Bernstein, Otto Moerbeek, Paco Esteban, Pamela Mosiejczuk, Pascal Stumpf, Patrick Wildt, Paul Irofti, Pavel Korovin, Peter Hessler, Philip Guenther, Pierre-Emmanuel Andre, Pratik Vyas, Rafael Sadowski, Rafael Zalamena, Raphael Graf, Remi Locherer, Remi Pointel, Renato Westphal, Renaud Allard, Ricardo Mestre, Richard Procter, Rob Pierce, Robert Nagy, Sasano Takayoshi, Scott Soule Cheloha, Sebastian Benoit, Sebastian Reitenbach, Sebastien Marie, Solene Rapenne, Stefan Fritsch, Stefan Hagen, Stefan Kempf, Stefan Sperling, Steven Mestdagh, Stuart Cassoff, Stuart Henderson, Sunil Nimmagadda, T.J. Townsend, Ted Unangst, Theo Buehler, Theo de Raadt, Thomas Frohwein, Tim van der Molen, Tobias Heider, Tobias Stoeckmann, Todd C. Miller, Todd Mortimer, Tom Cosgrove, Tracey Emery, Ulf Brosziewski, Uwe Stuehler, Vadim Zhukov, Vincent Gross, Visa Hankala, Vitaliy Makkoveev, Volker Schlecht, Yasuoka Masahiko, Yojiro Uo