Bob Beck | 19 May 14:48 2010

OpenBSD 4.7 Released, May 19 2010

May 19, 2010.

We are pleased to announce the official release of OpenBSD 4.7.
This is our 27th release on CD-ROM (and 28th via FTP).  We remain
proud of OpenBSD's record of more than ten years with only two remote
holes in the default install.

As in our previous releases, 4.7 provides significant improvements,
including new features, in nearly all areas of the system:

 - New/extended platforms:
    o OpenBSD/alpha
      o Added support for the DS15/DS25/ES45.
    o OpenBSD/loongson
      New platform for systems based on the Loongson 2E and 2F MIPS-compatible
      processors. Supported machines include:
      o Lemote Fuloong 2F mini-PC
      o Lemote Lynloong all-in-one-PC
      o Lemote Yeeloong netbook (8.9" and 10.1" models)
      o EMTEC Gdium Liberty 1000 netbook
    o OpenBSD/sgi
      o Added support for multi-node SGI Origin systems, in M mode.
      o Added support for the SGI Origin 350, Onyx 350, Onyx 4 and
        Tezro systems.
      o Added SMP support on the SGI Octane.
      o Support for many more onboard devices on Octane and Origin systems.
    o OpenBSD/socppc
      o Added support for the RouterBOARD RB600A.
    o OpenBSD/sparc64
      o Preliminary support for running OpenBSD in a guest domain on top of
        an OpenBSD control domain on sun4v machines.

 - Improved hardware support, including:
    o Revamped SCSI midlayer and improved driver support.
    o UDF 2.5 and 2.6 (HDDVD and Blu-ray) disks support.
    o Added mpath(4), a driver that steals paths to scsi devices if they could
      be available via multiple paths and then made available via mpath(4).
    o New aibs(4) driver for ASUSTeK AI Booster hardware monitoring.
    o New uthum(4) driver for the TEMPerHUM USB temperature and humidity
    o New utrh(4) driver for USBRH temperature and humidity sensors.
    o New uyurex(4) driver for the Maywa-denki & KAYAC YUREX twitch/jiggle of
      knee sensor.
    o New urndis(4) driver for remote NDIS Ethernet over USB devices (phones).
    o New xf86-video-wsudl(4) Xorg driver for USB DisplayLink devices
      supported by udl(4).
    o New mpii(4) driver for LSI Logic Fusion MPT Message Passing Interface II
      based SAS 2 controllers.
    o New athn(4) driver for Atheros IEEE 802.11a/g/n wireless network devices.
    o New alc(4) driver for Atheros AR8131/AR8132 10/100/Gigabit Ethernet
    o New lisa(4) driver for STMicroelectronics LIS331DL MEMS motion sensors.
    o New gcu(4) driver for Intel EP80579 Global Configuration Unit.
    o New lom(4) driver for LOMLite and LOMLite2 as found on many of Sun's
      UltraSPARC-IIi servers.
    o New vsw(4) driver for virtual switches on sun4v machines.
    o New vds(4) driver for virtual disk servers on sun4v machines.
    o Support for EP80579 integrated Ethernet and ICH9 M V has been added
      to em(4).
    o Support for 82599 and SFP+ 82598 devices has been added to ix(4).
    o Support for the Sun GigabitEthernet SBus Adapter 1.0/1.1 has been
      added to ti(4).
    o Support for SBus variants of the QLogic Fibre Channel host adapters
      has been added to isp(4).
    o Support for SBus variants of the Sun Gigabit Ethernet has been added
      to gem(4).
    o Support for Intel WiFi Link 1000 and Intel Centrino
      Advanced-N 6200/Ultimate-N 6300 has been added to iwn(4).
    o Support for Ralink RT3572 based 802.11n devices has been added to run(4).
    o VIA Tremor 5.1, M-Audio Revolution 5.1 cards has been added to envy(4).
    o New uhts(4) driver for USB HID touchscreens.
    o Improved touchscreen support in the xf86-input-ws(4) Xorg driver and
      improved calibration using the new device properties from Xinput.
    o Support for ON CAT6095 and ON CAT34TS02 temperature sensors added
      to sdtemp(4).
    o Several improvements and bug fixes to existing Ethernet drivers,
      including em(4), re(4), ti(4) and vge(4).
    o Support for the PIC PCI-X controller added to the SGI xbridge(4) driver.
    o Support for the onboard Fast Ethernet interface found on SGI Octane
      and many SGI Origin family systems, iec(4).
    o Support for more SGI input and video devices on Octane and Origin
      systems, with iockbc(4), impact(4), and odyssey(4).
    o Improved PCI resource allocation; more hardware left unconfigured by
      the machine's firmware (including hotplugged hardware) should work now.
    o Support for recording/full-duplex added to mavb(4).
    o Improved support for USB audio devices in uaudio(4).
    o Improved support for bwi(4) devices on strict-alignment architectures
      like armish.
    o Eliminate usage of SCSI tagged queueing mechanisms other than simple
      queuing, thus avoiding incorrect implementations on various disk devices.
    o Eliminate spurious dhclient(8) error messages when the specified
      interface does not exist.
    o Eliminate spurious softraid(4) error messages for removable devices
      without media.

 - New tools:
    o newfs_ext2fs(8) for creating ext2 filesystems.
    o mkuboot(8) for creating U-Boot boot loader images.
    o midicat(1) MIDI server allowing MIDI programs to communicate
    o POSIX-compliant fuser(1) to identify process IDs holding a file open

 - Filesystem midlayer improvements:
    o Dynamic Buffer Cache now supported to a max size set with sysctl
    o Dynamic VFS name cache rewrite, now uses Red/Black trees instead of
      linked lists.
    o Numerous NFS client stability fixes.
    o Fix FAT32 mounting.
    o Fix cd9660 directory handling to eliminate looping and random
      truncation of directory entries.
    o Fix various internal locking problems with cd9660, udf, msdosfs
      and ffs file systems.

 - pf(4) improvements:
    o nat-to, rdr-to, binat-to options replace the nat, rdr and binat
      translation rules.
      changes for more info.
    o The route-to, reply-to, dup-to and fastroute options in pf.conf
      move to filteropts.
    o pf(4) can now translate packets between different routing domains.
    o Added -S and -L options to pfctl(8) to store and load pf state table
      from a file.
    o Added support for IPV4 and IPv6 divert sockets.

 - OpenBGPD, OpenOSPFD and other routing daemon improvements:
    o Update capability code in bgpd(8) to follow RFC 5492.
    o BGP MPLS VPN (RFC 4364) support added to the bgpd RIB.
    o In bgpd(8), implement the RFC4486 BGP Cease Notification
      Message subcodes.
    o It is now possible to enable/disable specific BGP capabilities.
    o Update bgpctl(8) irrfilter to support IPv6 and 4-byte AS numbers.
    o Minimal router-dead-time of 1 second and sub-second hello intervals
      added to ospfd(8). Additionally it is now possible to specify
      sub-second SPF timers for faster route fail-over.
    o ospf6d(8) is now installed by default. The RIB can be synced with
      the kernel routing table now. Support for AS-ext LSA has been added.
      This is still work-in-progress but testing is highly appreciated.
    o ldpd -- the MPLS label distribution protocol daemon -- is now
      installed by default. A custom kernel with option MPLS is needed
      to use it.

 - Generic network stack improvements:
    o brconfig is now integrated into ifconfig(8)
    o Added vether(4), a virtual Ethernet device.
    o Two bugs in IPsec/HMAC-SHA2 were fixed, resulting in an incompatibility
      with the HMAC-SHA-256/384/512 hash algorithms with previous versions
      of OpenBSD and other IPsec implementations sharing the bugs.
    o In dhcpd(8), echo back the Relay Agent Information option if present,
      and add support for the ipsec-tunnel hardware type.
    o Make dhcrelay(8) pick up the routing domain from the specified interface
      and use that rdomain for relaying the packets to the server.
    o Added support in dhcrelay(8) for RFC3046 "DHCP-over-ipsec".
    o Make the tcpdump(8) BGP OPEN capability parser RFC 5492 compliant.
    o Added an exec command to route(8) to run a process and its children
      in a specified routing domain.
    o ifconfig(8) now deals with more than 64 alias addresses.
    o Various fixes to mbuf defragmenting and mbuf chain copying
      improve reliability.

 - Assorted improvements:
    o malloc(3) now has an S flag to turn on the options that help debugging
      and improve security.
    o Updated terminfo(3) database and ncurses(3) library.
    o Added support for lazy binding in on hppa.
    o Added POSIX silent check option (-C) to sort(1).
    o Added POSIX extended regular expression support to sed(1) (-E option).
    o Added GNU-compatible macro prefix option (-P) to m4(1).
    o Make it possible to specify a port in resolv.conf(5).
    o Improved FILE locking support in stdio(3).
    o Added SO_SNDTIMEO and SO_RCVTIMEO support in pthreads(3).
    o cdio(1) no longer prints bogus information if no TOC is found on
      the disk.
    o New -v flag causes cdio(1) to print profile and feature information.
    o whois(1) no longer attempts to keep the memory of 6Bone alive.
    o Added per-application MIDI-controlled volume knob to aucat(1)
    o Added MMC and MTC support to aucat(1) making possible MIDI-to-audio
    o Added mio_open(3) interface to access hardware and software MIDI ports
    o Many memory leaks found by parfait and eliminated.
    o Make handling of floppy disk disklabels more reliable by properly
      initializing starting label.

 - Install/Upgrade process changes:
    o Take more care to ensure all filesystems are umount'ed when restarting
      an install or upgrade.
    o If no possible root disk is found, keep checking until one appears.
    o The default ftp directory for -stable is now the release directory
      instead of the snapshot directory.
    o Selection of TZ during installs is no longer confused by
      trailing slashes.
    o If /etc/X11 is found during upgrades, add the X sets to the list
      of default sets to install.

 - OpenSSH 5.5:
    o New features:
      o SSH protocol 1 is disabled by default.
      o Remove the libsectok/OpenSC-based smartcard code and add support
        for PKCS#11 tokens.
      o Add support for certificate authentication of users and hosts
        using a new, minimal OpenSSH certificate format (not X.509).
      o Added a 'netcat mode' to ssh(1).
      o Add the ability to revoke keys in sshd(8) and ssh(1).
      o Rewrite the ssh(1) multiplexing support to support non-blocking
        operation of the mux master.
      o Add a 'read-only' mode to sftp-server(8) that disables open in
        write mode and all other fs-modifying protocol methods. (bz#430)
      o Allow setting an explicit umask on the sftp-server(8) commandline
        to override whatever default the user has. (bz#1229)
      o Many improvements to the sftp(1) client.
      o New RSA keys will be generated with a public exponent of 65537
        instead of the previous value 35.
      o Passphrase-protected SSH protocol 2 private keys are now protected
        with AES-128 instead of 3DES.
    o The following significant bugs have been fixed in this release:
      o Fixed a minor information leak of environment variables specified in
        authorized_keys if an attacker happens to know the public key in use.
      o When using ChrootDirectory, make sure we test for the existence of
        the user's shell inside the chroot and not outside. (bz#1679)
      o Cache user and group name lookups in sftp-server using
        user_from_[ug]id(3) to improve performance on hosts where these
        operations are slow. (bz#1495)
      o Fix problem that prevented passphrase reading from being interrupted
        in some circumstances. (bz#1590)
      o Ignore and log any Protocol 1 keys where the claimed size is not
        equal to the actual size.
      o Make HostBased authentication work with a ProxyCommand. (bz#1569)
      o Avoid run-time failures when specifying hostkeys via a relative path
        by prepending the current working directory in these cases. (bz#1290)
      o Do not prompt for a passphrase if we fail to open a keyfile, and log
        the reason why the open failed to debug. (bz#1693)
      o Document that the PubkeyAuthentication directive is allowed in a
        sshd_config(5) Match block. (bz#1577)
      o When converting keys, truncate key comments at 72 chars as per
        RFC4716. (bz#1630)
      o Do not allow logins if /etc/nologin exists but is not readable by
        the user logging in.
      o Output a debug log if sshd(8) can't open an existing
        authorized_keys. (bz#1694)
      o Quell tc[gs]etattr(3) warnings when forcing a tty (ssh -tt), since
        we usually don't actually have a tty to read/set. (bz#1686)
      o Prevent sftp(1) from crashing when given a "-" without a command;
        also, allow whitespace to follow a "-". (bz#1691)
      o After sshd(8) receives a SIGHUP, ignore subsequent HUPs while
        sshd(8) re-execs itself; prevents two HUPs in quick succession
        from resulting in sshd(8) dying. (bz#1692)
      o Clarify in sshd_config(5) that StrictModes does not apply to
        ChrootDirectory; permissions and ownership are always checked
        when chrooting. (bz#1532)
      o Set close-on-exec on various descriptors so they don't get leaked
        to child processes. (bz#1643)
      o Fix very rare race condition in x11/agent channel allocation
      o Fix incorrect exit status when multiplexing and channel ID 0 is
        recycled. (bz#1570)
      o Fail with an error when an attempt is made to connect to a server
        with ForceCommand=internal-sftp with a shell session. (bz#1606)
      o Warn but do not fail if stat(2)ing the subsystem binary
        fails. (bz#1599)
      o Change "Connecting to host..." message to "Connected to host." and
        delay it until after the sftp protocol connection has been
        established. (bz#1588)
      o Use the HostKeyAlias rather than the hostname specified on the
        commandline when prompting for passwords. (bz#1039)
      o Correct off-by-one in percent_expand(). (bz#1607)
      o Fix passing of empty options from scp(1) and sftp(1) to the
        underlying ssh(1); also add support for the stop option "--".
      o Fix an incorrect magic number and typo in PROTOCOL. (bz#1688)
      o Don't escape backslashes when displaying the SSH2 banner. (bz#1533)
      o Don't unnecessarily dup() the in and out fds for
        sftp-server(8). (bz#1566)
      o Force use of the correct hash function for random-art signature
        display. (bz#1611)
      o Do not fall back to adding keys without constraints when the agent
        refuses the constrained add request. (bz#1612)
      o Fix a race condition in ssh-agent(1) that could result in a wedged
        or spinning agent. (bz#1633)
      o Flush stdio before exec() to ensure that everything has made it out
        before the streams go away. (bz#1596)
      o Set FD_CLOEXEC on in/out sockets in sshd(8). (bz#1706)

 - Over 5,800 ports, major robustness and speed improvements in package tools.
 - Many pre-built packages for each architecture:
    o i386: 5951
    o sparc64: 5745
    o alpha: 5641
    o sh: 768
    o amd64: 5879
    o powerpc: 5785
    o sparc: 4053
    o arm: 3711
    o hppa: 5500
    o vax: 1785
    o mips64: 3690
    o mips64el: 4316

 - Some highlights:
    o Gnome 2.28.2.
    o KDE 3.5.10.
    o Xfce 4.6.1.
    o MySQL 5.1.42.
    o PostgreSQL 8.4.2.
    o Postfix 2.6.5.
    o OpenLDAP 2.3.43.
    o Mozilla Firefox 3.0.18 and 3.5.8.
    o Mozilla Thunderbird
    o 3.1.1.
    o Emacs 21.4 and 22.3
    o Vim 7.2.267.
    o PHP 5.2.12.
    o Python 2.4.6, 2.5.4 and 2.6.3.
    o Ruby

 - As usual, steady improvements in manual pages and other documentation.

 - The system includes the following major components from outside suppliers:
    o Xenocara (based on X.Org 7.4 with xserver 1.6.5 + patches,
      freetype 2.3.9, fontconfig 2.6.0, Mesa 7.4.2, xterm 250 and more)
    o Gcc 2.95.3 (+ patches) and 3.3.5 (+ patches)
    o Perl 5.10.1 (+ patches)
    o Our improved and secured version of Apache 1.3, with SSL/TLS
      and DSO support
    o OpenSSL 0.9.8k (+ patches)
    o Groff 1.15
    o Sendmail 8.14.3, with libmilter
    o Bind 9.4.2-P2 (+ patches)
    o Lynx 2.8.6rel.5 with HTTPS and IPv6 support (+ patches)
    o Sudo 1.7.2
    o Ncurses 5.7
    o Latest KAME IPv6
    o Heimdal 0.7.2 (+ patches)
    o Arla 0.35.7
    o Binutils 2.15 (+ patches)
    o Gdb 6.3 (+ patches)

If you'd like to see a list of what has changed between OpenBSD 4.6
and 4.7, look at

Even though the list is a summary of the most important changes
made to OpenBSD, it still is a very very long list.
We provide patches for known security threats and other important
issues discovered after each CD release.  As usual, between the
creation of the OpenBSD 4.7 FTP/CD-ROM binaries and the actual 4.7
release date, our team found and fixed some new reliability problems
(note: most are minor and in subsystems that are not enabled by
default).  Our continued research into security means we will find
new security problems -- and we always provide patches as soon as
possible.  Therefore, we advise regular visits to

Security patch announcements are sent to the security-announce <at>
mailing list.  For information on OpenBSD mailing lists, please see:
OpenBSD 4.7 is also available on CD-ROM.  The 3-CD set costs $50 CDN and
is available via mail order and from a number of contacts around the
world.  The set includes a colourful booklet which carefully explains the
installation of OpenBSD.  A new set of cute little stickers is also
included (sorry, but our FTP mirror sites do not support STP, the Sticker
Transfer Protocol).  As an added bonus, the second CD contains an audio
track, a song entitled "I'm still here".  MP3 and OGG versions of
the audio track can be found on the first CD.

Lyrics (and an explanation) for the songs may be found at:

Profits from CD sales are the primary income source for the OpenBSD
project -- in essence selling these CD-ROM units ensures that OpenBSD
will continue to make another release six months from now.

The OpenBSD 4.7 CD-ROMs are bootable on the following four platforms:

  o i386
  o amd64
  o macppc
  o sparc64

(Other platforms must boot from floppy, network, or other method).

For more information on ordering CD-ROMs, see:

The above web page lists a number of places where OpenBSD CD-ROMs
can be purchased from.  For our default mail order, go directly to:

All of our developers strongly urge you to buy a CD-ROM and support
our future efforts.  Additionally, donations to the project are
highly appreciated, as described in more detail at:
For those unable to make their contributions as straightforward gifts,
the OpenBSD Foundation ( is a Canadian
not-for-profit corporation that can accept larger contributions and
issue receipts.  In some situations, their receipt may qualify as a
business expense writeoff, so this is certainly a consideration for
some organizations or businesses.  There may also be exposure benefits
since the Foundation may be interested in participating in press releases.
In turn, the Foundation then uses these contributions to assist OpenBSD's
infrastructure needs.  Contact the foundation directors at
directors <at> for more information.
The OpenBSD distribution companies also sell tshirts and polo shirts.
And our users like them too.  We have a variety of shirts available,
with the new and old designs, from our web ordering system at, as
described above.

The OpenBSD 4.7 t-shirts are available now.  We also sell our older
shirts, as well as a selection of OpenSSH t-shirts.
If you choose not to buy an OpenBSD CD-ROM, OpenBSD can be easily
installed via FTP.  Typically you need a single small piece of boot
media (e.g., a boot floppy) and then the rest of the files can be
installed from a number of locations, including directly off the
Internet.  Follow this simple set of instructions to ensure that
you find all of the documentation you will need while performing
an install via FTP.  With the CD-ROMs, the necessary documentation
is easier to find.

1) Read either of the following two files for a list of ftp
   mirrors which provide OpenBSD, then choose one near you:

   As of May 19, 2010, the following ftp mirror sites have the 4.7 release:	Stockholm, Sweden         Oldenburg, Germany     Brisbane, Australia        Vienna, Austria	CO, USA	CA, USA         Michigan, USA

	The release is also available at the master site:	        Alberta, Canada
	However it is strongly suggested you use a mirror.

   Other mirror sites may take a day or two to update.

2) Connect to that ftp mirror site and go into the directory
   pub/OpenBSD/4.7/ which contains these files and directories.
   This is a list of what you will see:

        ANNOUNCEMENT     armish/          mvme68k/         sparc64/
        Changelogs/      ftplist          mvme88k/         src.tar.gz
        HARDWARE         hp300/           packages/        sys.tar.gz
        PACKAGES         hppa/            ports.tar.gz     tools/
        PORTS            i386/            root.mail        vax/
        README           landisk/         sgi/             xenocara.tar.gz
        alpha/           mac68k/          socppc/          zaurus/
        amd64/           macppc/          sparc/

   It is quite likely that you will want at LEAST the following
   files which apply to all the architectures OpenBSD supports.

        README          - generic README
        HARDWARE        - list of hardware we support
        PORTS           - description of our "ports" tree
        PACKAGES        - description of pre-compiled packages
        root.mail       - a copy of root's mail at initial login.
			  (This is really worthwhile reading).

3) Read the README file.  It is short, and a quick read will make
   sure you understand what else you need to fetch.

4) Next, go into the directory that applies to your architecture,
   for example, i386.  This is a list of what you will see:

	INSTALL.i386    cd47.iso        floppyB47.fs    pxeboot*
	INSTALL.linux   cdboot*         floppyC47.fs    xbase47.tgz
	MD5             cdbr*           game47.tgz      xetc47.tgz
	base47.tgz      cdemu47.iso     index.txt       xfont47.tgz
	bsd*            comp47.tgz      install47.iso   xserv47.tgz*         etc47.tgz       man47.tgz       xshare47.tgz
	bsd.rd*         floppy47.fs     misc47.tgz

   If you are new to OpenBSD, fetch _at least_ the file INSTALL.i386
   and the appropriate floppy*.fs or install47.iso files.  Consult the
   INSTALL.i386 file if you don't know which of the floppy images
   you need (or simply fetch all of them).

   If you use the install47.iso file (roughly 200MB in size), then you
   do not need the various *.tgz files since they are contained on that
   one-step ISO-format install CD.

5) If you are an expert, follow the instructions in the file called
   README; otherwise, use the more complete instructions in the
   file called INSTALL.i386.  INSTALL.i386 may tell you that you
   need to fetch other files.

6) Just in case, take a peek at:

   This is the page where we talk about the mistakes we made while
   creating the 4.7 release, or the significant bugs we fixed
   post-release which we think our users should have fixes for.
   Patches and workarounds are clearly described there.

Note: If you end up needing to write a raw floppy using Windows,
      you can use "fdimage.exe" located in the pub/OpenBSD/4.7/tools
      directory to do so.
X.Org has been integrated more closely into the system.  This release
contains X.Org 7.4.  Most of our architectures ship with X.Org, including
amd64, sparc, sparc64 and macppc.  During installation, you can install
X.Org quite easily.  Be sure to try out xdm(1) and see how we have
customized it for OpenBSD.
The OpenBSD ports tree contains automated instructions for building
third party software.  The software has been verified to build and
run on the various OpenBSD architectures.  The 4.7 ports collection,
including many of the distribution files, is included on the 3-CD
set.  Please see the PORTS file for more information.

Note: some of the most popular ports, e.g., the Apache web server
and several X applications, come standard with OpenBSD.  Also, many
popular ports have been pre-compiled for those who do not desire
to build their own binaries (see BINARY PACKAGES, below).
A large number of binary packages are provided.  Please see the PACKAGES
file ( for more details.
The CD-ROMs contain source code for all the subsystems explained
above, and the README (
file explains how to deal with these source files.  For those who
are doing an FTP install, the source code for all four subsystems
can be found in the pub/OpenBSD/4.7/ directory:

        xenocara.tar.gz     ports.tar.gz   src.tar.gz     sys.tar.gz
Ports tree and package building by Jasper Lievisse Adriaanse, Michael Erdely,
Simon Bertrang, Stuart Henderson, Antoine Jacoutot, Robert Nagy,
Nikolay Sturm, and Christian Weisgerber.  System builds by Theo de Raadt,
Mark Kettenis, and Miod Vallat.  X11 builds by Todd Fries and Miod Vallat.
ISO-9660 filesystem layout by Theo de Raadt.

We would like to thank all of the people who sent in bug reports, bug
fixes, donation cheques, and hardware that we use.  We would also like
to thank those who pre-ordered the 4.7 CD-ROM or bought our previous
CD-ROMs.  Those who did not support us financially have still helped
us with our goal of improving the quality of the software.

Our developers are:

    Alexander Bluhm, Alexander Hall, Alexander von Gernler,
    Alexander Yurchenko, Alexandre Ratchov, Alexey Vatchenko,
    Anders Magnusson, Andreas Gunnarsson, Anil Madhavapeddy,
    Antoine Jacoutot, Ariane van der Steldt, Artur Grabowski,
    Austin Hook, Benoit Lecocq, Bernd Ahlers, Bob Beck, Bret Lambert,
    Can Erkin Acar, Chad Loder, Charles Longeau, Chris Kuethe,
    Christian Weisgerber, Claudio Jeker, Dale Rahn, Damien Bergamini,
    Damien Miller, Dariusz Swiderski, Darren Tucker,
    David Gwynne,  David Hill, David Krause, Edd Barrett, Eric Faurot,
    Esben Norby,  Fabien Romano, Federico G. Schwindt, Felix Kronlage,
    Gilles Chehade, Giovanni Bechis, Gordon Willem Klok, 
    Henning Brauer, Ian Darwin, Igor Sobrado, Ingo Schwarze,
    Jacek Masiulaniec, Jacob Meuser, Jakob Schlyter, Janne Johansson,
    Jared Yanovich, Jason Dixon, Jason George, Jason McIntyre,
    Jason Meltzer, Jasper Lievisse Adriaanse, Jim Razmus II, Joel Sing,
    Joerg Goltermann, Johan Mson Lindman, Jolan Luff, Jonathan Armani,
    Jonathan Gray, Jordan Hargrave, Joshua Stein, Kenneth R Westerback,
    Kevin Lo, Kevin Steves, Kjell Wooding, Kurt Miller, Landry Breuil,
    Laurent Fanis, Marc Espie, Marco Peereboom, Marco Pfatschbacher,
    Marco S Hyman, Marcus Glocker, Marek Vasut, Mark Kettenis,
    Mark Uemura, Markus Friedl, Martin Reindl, Martynas Venckus,
    Mathieu Sauve-Frankel, Mats O Jansson, Matthias Kilian,
    Matthieu Herrb, Michael Erdely, Michael Knudsen, Michele Marchetto,
    Mike Larkin, Miod Vallat, Moritz Grimm, Moritz Jodeit,
    Nicholas Marriott, Nick Holland, Nikolay Sturm, Okan Demirmen,
    Oleg Safiullin, Otto Moerbeek, Owain Ainsworth, Paul de Weerd,
    Paul Irofti, Peter Hessler, Peter Stromberg, Peter Valchev,
    Philip Guenther, Pierre-Emmanuel Andre, Pierre-Yves Ritschard,
    Rainer Giedat, Reyk Floeter, Robert Nagy, Rui Reis,
    Ryan Thomas McBride, Simon Bertrang, Simon Perreault, Stefan Kempf,
    Stefan Sperling, Stephan A. Rickauer, Steven Mestdagh,
    Stuart Henderson, Takuya Asada, Ted Unangst, Theo de Raadt,
    Thordur I Bjornsson, Tobias Stoeckmann, Tobias Weingartner,
    Todd C. Miller, Todd Fries, Will Maier, William Yodlowsky,
    Xavier Santolaria, Yasuoka Masahiko, Yojiro Uo