===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/48.html,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- www/48.html	2010/09/25 21:30:17	1.13
+++ www/48.html	2010/09/26 09:13:47	1.14
@@ -91,6 +91,8 @@
       driver for ABIT temperature, voltage and fan sensors.
     <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=owctr&sektion=4&format=html">owctr(4)</a>
       driver for 1-Wire counter devices.
+    <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pgs&arch=macppc&secktion=4">pgs(4)</a>
+	driver for Programmers Switch found on some macppc machines.
     <li>Support for 82576 fiber and 82577/82578 (PCH) based devices
         has been added to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=em&amp;sektion=4">em(4)</a>.
     <li>Support for 24-bit encodings and USB 2.0 playback
@@ -106,6 +108,9 @@
     <li>Support for Intel Core i3/i5 internal graphics (Ironlake)
         has been added to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=inteldrm&amp;sektion=4">inteldrm(4)</a>
         and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=agp&amp;sektion=4">agp(4)</a>.
+    <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ss&sektion=4&format=html">ss(4)</a> and
+	<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uscanner&sektion=4&format=html">uscanner(4)</a>
+	drivers have been removed.
     </ul>
 <p>
 
@@ -160,6 +165,7 @@
         <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=aucat&amp;sektion=1">aucat(1)</a>
 	server was lowered to a single block, improving
 	usability of low-latency programs without stability compromise.
+    <li>Many memory leaks have been fixed in various userland utilities.
     <li>...
     </ul>
 <p>
@@ -179,12 +185,90 @@
 <li>OpenSSH 5.6:
     <ul>
     <li>New features:
-        <ul>
-        <li>...
+	<ul>
+        <li>Added a <em>ControlPersist</em> option to
+	    <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>.
+        <li>Hostbased authentication may now use certificate host keys.
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>
+	    now supports signing certificate using a CA key that has been stored
+	    in a PKCS#11 token.
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
+	    will now log the hostname and address that we connected to at
+	    LogLevel=verbose after authentication is successful to mitigate
+	    "phishing" attacks.
+        <li>Expand %h to the hostname in ssh_config Hostname options.
+	<li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>
+	    to import and export of PEM and PKCS#8 keys.
+	<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>
+	    will now queue debug messages for bad ownership or permissions on
+	    the user's keyfiles encountered during authentication.
+	<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
+	    connection multiplexing now supports remote forwarding with
+	    dynamic port allocation and can report the allocated port back to
+	    the user.
+	<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>
+	    now supports indirection in matching of principal names listed in
+	    certificates.
+	    <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>
+	    now has a new <em>AuthorizedPrincipalsFile</em> option.
+	<li>Additional <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5">sshd_config(5)</a>
+	    options are now valid inside Match blocks:
+	    <ul>
+		<li><em>AuthorizedKeysFile</em>
+		<li><em>AuthorizedPrincipalsFile</em>
+		<li><em>HostbasedUsesNameFromPacketOnly</em>
+		<li><em>PermitTunnel</em>
+	    </ul>
         </ul>
     <li>The following significant bugs have been fixed in this release:
         <ul>
-        <li>...
+        <li>The PKCS#11 code now retries a lookup for a private key if there is
+	    no matching key with <em>CKA_SIGN</em> attribute enabled (bz#1736).
+        <li>Unbreak strdelim() skipping past quoted strings.
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
+	fix swapped args in upload_dir_internal() (bz#1797).
+        <li>Fix a longstanding problem where if you suspend
+	    <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scp&sektion=1">scp(1)</a>
+	    at the password/passphrase prompt the terminal mode is not restored.
+        <li>Fix a PKCS#11 crash on some smartcards by validating the length
+	    returned for C_GetAttributValue (bz#1773).
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
+	fix ls in working directories that contain globbing
+	    characters in their pathnames (bz#1655).
+        <li>Print warning for missing home directory when
+	    <em>ChrootDirectory=none.</em> (bz#1564).
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
+	    fix a memory leak in do_realpath() error path (bz#1771).
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
+	    Standardise error messages when attempting to open
+	    private key files to include "progname: filename: error reason" (bz#1783).
+        <li>Replace verbose and overflow-prone Linebuf code with
+	    read_keyfile_line() (bz#1565).
+        <li>Include the user name on "subsystem request for ..." log messages.
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
+	    and
+	    <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
+	    remove hardcoded limit of 100 permitopen clauses and port forwards
+	    per direction (bz#1327).
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
+	    ignore stderr output from subsystems to avoid hangs if a subsystem
+	    or shell initialisation writes to stderr (bz#1750).
+        <li>Skip the initial check for access with an empty password when
+	    <em>PermitEmptyPasswords=no</em> (bz#1638).
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
+	    fix logspam when key options (from="..." especially) deny
+	    non-matching keys (bz#1765).
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
+	    display a more helpful error message when $HOME is
+	    inaccessible while trying to create .ssh directory (bz#1740).
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
+	    fix hang when terminating a mux slave using ~ (bz#1758).
+        <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
+	    refuse to generate keys longer than
+	    <em>OPENSSL_[RD]SA_MAX_MODULUS_BITS</em> (bz#1516).
+        <li>Suppress spurious tty warning when using -O and stdin is not a tty
+	    (bz#1746).
+        <li>Kill channel when pty allocation requests fail (bz#1698).
         </ul>
     </ul>
 <p>
@@ -649,7 +733,7 @@
 alt="OpenBSD"></a>
 <a href="mailto:www@openbsd.org">www@openbsd.org</a>
 <br><small>
-$OpenBSD: 48.html,v 1.13 2010/09/25 21:30:17 jasper Exp $
+$OpenBSD: 48.html,v 1.14 2010/09/26 09:13:47 jasper Exp $
 </small>
 
 </body>