It is likely they released early because they want additional testing time for the SMP diffs they are about to merge. With 6.0 we may be seeing both fully SMP routing and PF support. As of now, routing and PF are fully giantlocked in the kernel, and can only run on one core. This should greatly speed up routing and filtering performance.

"The less(1) we're all familiar with has been completely rewritten. After importing a fork from illumos' Garrett D'Amore, OpenBSD continued to make improvements to the code. A safer and more modern tool was the end result, even if it's just for viewing text. Hopefully there will be less bugs now."

Impressive work.

> If running OpenBSD under Xen (such as on Amazon's cloud platform) sounds interesting to you, you'll be happy to know that 5.9 includes some pretty solid support for this.

Exciting! Does the default build include Xen PV drivers for networking and storage, or is a custom build needed? How about SMP support? OpenBSD would make an excellent firewall VM for Qubes, XenServer, etc.

Good work to OpenBSD team. Especially on pledge. Widespread changes are risky and often fail. Just speaks even more about the quality of work they do.

Don't forget to donate to the OpenBSD Foundation!

PayPal/Check/Bank Transfer: http://www.openbsdfoundation.org/donations.html

802.11n

Another big one for laptop users: initial support for N wireless has landed in both the iwm(4) and iwn(4) drivers.

Does that mean that 802.11n wasn't supported by OpenBSD until now? 802.11n was first available in (2010?) and is no longer the current version (802.11ac is).

The release notes mention good support for running on AWS. I would love to see more distributions embrace building AMIs, or at the least provide good documentation to get it running. Ubuntu probably has the best support by building AMIs for all the regions, it would be awesome to see some others do the same thing. I think this is probably an overlooked area that could provide more growth for the BSDs.

After saving an old laptop at work from landing on the garbage pile, I took it home and, on a whim, decided to install OpenBSD on it.

I expected problems of some kind or another and was mentally prepared to install Debian instead, but I was pleasantly surprised that all of the hardware worked out of the box. Since it is old an fragile, and the battery lasts about five minutes, I don't do much with it but keep it around for good luck.

Guess I'll be upgrading this weekend. As luck will have it, I am also binge-watching Doctor Who currently, which fits in nicely with the cover art. ;-)

OpenBSD has been my go to firewall since my firewall was a Sparcstation IPC. There have been some major changes along the way, but most of the time rebuilding the system takes less than an hour and is a matter of porting a few config files to a fresh copy of the OS. Even the major changes are usually trivial since the documentation is kept up-to-date and there are plenty of examples in the docs and on the mailing lists.

The last time I saw anyone test packet passing speeds against OpenBSD it was around the time of the pf/ipf split and rewrite and OpenBSD was the slowest of the lot. Although modern hardware can saturate a cable modem, the multithreading of their network stack is still a positive, as is the work to support modern wifi cards (N); hopefully AC will be next.

Also definitely looking forward to pledge since it further reduces attack surfaces on an already hardened OS.

The 5.9 release includes many pledge(2)'d programs in base, but some notable ports include decompressors like bzip2/unzip/p7zip/xz.. oh, and Chromium.

I'm hoping for a portable version of OpenBSD's less(1) fork (now rewrite) ever since Theo mentioned it in his pledge(2) talk at Hackfest.

Another great release from the OpenBSD team. Always looking forward to the great things Theo and team put out. Pleasantly surprised to see this release a month early.

OpenBSD has been my favorite OS since 2000. Such an easy-to-use OS for any number of things. I've used it for firewalls, Web servers, and a nice simple desktop with a custom FVWM config. Fast and simple.

Can anyone explain pledge?

So it's now possible to have a -1 day exploit ?

Considering how much the OpenBSD team cares about secure programming and the time they invest rewriting unsafe kernel and userland code, why do they still use C when they could use a safe language like Rust?