Announcing NetBSD 9.3 (August 4, 2022)
The NetBSD Project is pleased to announce NetBSD 9.3, the third update of the NetBSD 9 release branch.
It represents a selected subset of fixes deemed important for security or stability reasons since the release of NetBSD 9.2 in May 2021, as well some enhancements backported from the development branch. It is fully compatible with NetBSD 9.0. Users running 9.2 or an earlier release are strongly recommended to upgrade.
The general NetBSD community is very excited about NetBSD 10.0, but it
was deemed necessary to make this bug fix release available while
we wait for the resolution of some compatibility problems in NetBSD-current
concerning FFS Access Control Lists preventing the
Aside from many bug fixes, 9.3 includes backported improvements to suspend and resume support, various minor additions of new hardware to existing device drivers, compatibility with UDF file systems created on Windows 10, enhanced support for newer Intel Gigabit Ethernet chipsets, better support for new Intel and AMD Zen 3 chipsets, support for configuring connections to Wi-Fi networks using the installer sysinst(8), support for wsfb-based X11 servers on the Commodore Amiga, and minor performance improvements for the Xen hypervisor.
- USB stick installation images: 64-bit x86 (hybrid), 64-bit x86 (legacy BIOS only), 32-bit x86
SD card live images:
ARMv7 (most 32-bit boards),
ARMv6 (Raspberry Pi 1 only)
All ARM boards without UEFI or Raspberry Pi firmware also require U-Boot to be written the SD card separately. U-Boot can be obtained from pkgsrc.
CD/DVD installation images:
Use the USB stick images for anything other than optical media and VMs!
- Other images and distribution files for other architectures (Alpha, Apple PowerPC, Dreamcast, MIPS, Motorola 68000, SPARC32, VAX…)
zcat ./NetBSD-9.3-amd64-install.img.gz | dd of=/dev/sd0d bs=1m && sync
An existing installation can be upgraded by booting an installation image and selecting the Upgrade option.
Unattended upgrades can be performed using the sysupgrade tool from pkgsrc. If you are using sysupgrade from a release earlier than 9.0, update the kernel and modules first, then reboot and update the rest of the system.
- drm - fixed memory leaks primarily affecting radeon GPU drivers.
fifofs - fixed "poll(2) should yield
POLLHUPwhen last writer to a FIFO closes it" (PR 56429)
- fifofs - ensure that FIFOs have the same select/poll thresholds as pipes.
i915drmkms - fixed a
LOCKDEBUGpanic and potential deadlock.
- netinet6 - avoid use-after-free in ND L2 cache
- netinet6 - fixed "MTU discovery fails with IPv6 sockets bound to IPv4 mapped address" (PR 56348).
- nfs - fixed incorrect file size limit.
- ntfs - fixed a kernel crash for some NTFS file systems (PR 56160)
kernfs - add missing
VOP_KQFILTER, fixed permissons on
- quota - various reliability improvements.
- udf - fixed "mount_udf’s mount structure is malformed on 64 bit kernel with 32 bit userland" (PR 56801)
- udf - fixed bug-compatibility with Windows 10. Prevent device lockup on some drives on switching from writing to reading.
- uvm - fixed pageout crashes (PR 55702, PR 55945)
vfs - fixed newer Samba’s usage of
O_CREATfor Linux compatibility.
- zfs - default files to BSD group ownership in line with FFS.
clone(2) - document that
_GNU_SOURCEmust be defined for the prototypes
flock(2) - tie the maximum number of locks per unprivilegied uid to
pipe(2) - fixed "`zgrep -l` sometimes hangs" (deadlock in
pipe_write) (PR 56422)
- stat(2) - fixed kernel memory disclosure in legacy binary compat.
- acpiout(4) - work around firmware rejecting some brightness values, fixing support for brightness hotkeys on some laptops.
- ata(4) - avoid an unaccounted extra ATA channel freeze (PR 56745)
- ata(4) - fixed "kernel crash in ata_recovery_resume()" (PR 54790)
- audio(4) - fixed gain and balance being unable to be set at the same time through legacy "non-mixer" API (PR 56308)
- bge(4) - improved handling of chips with ASF/IPMI firmware (PR 56848)
- cd(4) - fixed "SCSI getconfiguration requests have size limit on USB3 only but do not return errors" (PR 56109)
- cgd(4) - fixed detach when still in use by wedges (seen as a hang on system shutdown).
- cgd(4) - fixed "cgd tests fail randomly" (PR 56546)
- ddb(4) - fixed a double fault in ddb when a NULL function pointer is called.
- ehci(4) - fixed suspend/resume locking.
- ichsmb(4) - added support for Intel 400, 495, and 500 series, Jasper Lake, Elkhart Lake.
- ipmi(4) - various stability improvements and fix for PR 56539 ("wdogctl starts early, but ipmi takes its time").
- ixg(4) - fixed dma memory unmap/free error that could cause kernel panics seen on Xen.
- ixg(4), ixv(4) - many fixes and enhancements; added code to support mailbox API 1.5.
- ksyms(4) - fixed races, allow multiple concurrent opens.
- ld(4) - fixed suspend/resume support.
- mfi(4), mfii(4) - added support for Dell PERC H310; various reliability improvements.
- mii(4) - added Intel Network Connection I347-AT4 support, various workarounds for QEMU e1000.
- nvmm(4) - added suspend/resume support.
- pci(4) - enhanced decoding of extended capabilities.
ppp(4) - avoid undefined behavior in
- pppoe(4) - fixed CVE-2022-29867 - discovery phase local network mbuf corruption.
- puc(4) - support for various new serial cards.
- piixpm(4) - fixed a bug that I2C access panics on old AMD chipsets (e.g SB600) (PR 56525).
- raid(4) - fixed "RAIDframe could run out of IO buffers".
- spdmem(4) - various reliability fixes.
synaptics(4) - new sysctl knob
hw.synaptics.debugto enable debug output.
- tpm(4) - various improvements; handle TPM 2.0 source for /dev/[u]random
- uhidev(4) - fixed "Fnatic Gear Rush Pro keyboard ignores keypress on 6KRO mode" (PR 55019)
- ualea(4) - added suspend/resume support.
- uslsa(4) - fixed "uslsa(4) seems to not work on big endian machines" (PR 56946)
- urtwn(4) - added support for the Edimax N150 Wi-Fi adapter.
- usb(4) - ignore Cyperpower UPS, APC UPS, and Microchip PICkit2/3 programmers when matching uhid(4) devices.
- umass(4) - fixed suspend/resume support.
- wm(4) - added support for Intel Ethernet Connection I219V 15-19 and I219LM 16-19.
- wm(4) - fixed "unused wm0 periodically prints "device timeout" and causes kernel latency" (PR 56478)
- wm(4) - various reliability improvements.
- wm(4) - various opimizations.
- xhci(4) - added suspend/resume support.
- xhci(4) - avoid potential double free of interrupt handles (PR 55855)
- ethersubr(9) - fixed handling of VLAN 0 tag.
- apropos(1) - fixed "`man -k config | less` broken" (PR 54343)
- apropos(1) - return proper exit status in case of write errors.
- cp(1) - fixed "`cp` of a FIFO yields an empty file" (PR 54564).
- ftp(1) - attempt to prevent timeouts of the control connection (PR 56129)
- ftp(1) - improved signal handler restoration.
- ftp(1) - validate address from PASV and LPSV response.
- ftp(1) - use raw write(2) instead of fwrite(3) to avoid stream corruption because of the progress bar interrupts.
man(1) - fixed
-moption so it works as documented.
mkdir(1) - fixed mode of final component of paths when
-mis used (PR 56398).
- msgs(1) - fixed execution of the mail(1) command.
sh(1) - fixed the behavior of
sh(1) - fixed
cd/$PWDfollies (PR 45390).
sh(1) - fixed "sh(1) reads
./.profilerather than `~/.profile`" (PR 56464)
- vmstat(1) - fixed overflow errors for pools larged than 4GB when using -M/-m
- crypt(3) - fixed a floating point exception when a low number of HMAC-SHA1 iterations are specified.
- pthread(3) - fixed “recvfrom()` is not a cancelation point as documented in `pthread_setcanceltype.3” (PR 56424)
- res_init(3) - handle kqueue(2) close-on-fork semantics.
bioctl(8) - don’t print garbage
- cpuctl(8) - add ability to identify newer Intel chipsets. Decode Intel Hybrid Information Enumeration.
- dump(8) - prevent crashes for large file systems.
- mail.local(8) - fixed local privilege escalation due to a race condition.
- mount_9p(8) - fixed writing to a file opened with write-only mode.
- sysinst(8) - make swap in sysinst optional for upgrades (PR 56354)
- sysinst(8) - on x86, make sure to update the bootloader when upgrading existing installations.
- sysinst(8) - added support for connecting to Wi-Fi networks inside or outside of the installation process in the network configuraton menu.
- sysinst(8) - fixed "adding a NetBSD partition to existing GPT partitions fails" (PR 56893)
- aarch64 - atomic ops improvements / fixes.
- aarch64 - fixed conversion between aarch64 and aarch32 fpregs to fix crashes in VFP-optimized code running on compat_netbsd32(8).
- aarch64 - fixed failure of longjmp test cases.
- amd64 - fixed CPU topology detection for AMD Zen 3 systems.
amd64 - added tpm(4) at acpi to the
- amd64 - restore having a BIOS-only USB image, some systems struggled to boot the hybrid UEFI/BIOS image.
- amiga - enabled wsfb(4) based X11 using amidisplaycc(4).
- arm - minor fixes for memory detection.
- arm - fixed various complex arithmetics issues (PR 55897).
- arm - align stack pointer to 8-byte boundary as required by EABI.
- arm - fixed display init on Pinebook Pro w/ U-Boot 2021.07.
- atari - fixed "iteconfig -h 480 triggers vm_fault panic on ATARITT kernel" (PR 56859)
- hppa - many reliability improvements and bug fixes.
- hp300 - various rd(4) improvements.
- luna68k - make kernel messages green to match other ports and show off color support.
- sun2, sun3 - fixed miniroot upgrade scripts.
various - fixed behavior of C implementation of
- x86 - various enhancements to CPU identification.
- xen - performance improvements for zeroing pages.
MKREPRO(reproducible builds) when building from Mercurial or git.
Corrected C99 / C++11 feature testing in some functions in
- build.sh - added "distsets" alias for "distribution sets".
Various third-party components included with the NetBSD base system were updated:
- Xorg(1) - restore keyboard settings when the X server aborts on ports that use WSDISPLAY_COMPAT_RAWKBD (PR 56415).
startx(1) - silence annoying log messages about trying to trap
- xterm(1) - applied upstream fix for CVE-2022-24130.
- libarchive - sync with HEAD, fixing tar segfaults during emacs build (PR 56257)
- libX11 - applied upstream fixes for CVE-2021-31535 (and one other bug)
- openssh - applied upstream fix for CVE-2019-16905.
Back to NetBSD 9.x formal releases