Return to 57.html CVS log | Up to [local] / www |
version 1.62, 2015/03/12 21:25:55 | version 1.63, 2015/03/13 00:03:50 | ||
---|---|---|---|
|
|
||
<li>Installer improvements: | <li>Installer improvements: | ||
<ul> | <ul> | ||
<li>The <tt>etc</tt> and <tt>xetc</tt> sets are now part of <tt>base</tt> and | <li>The <tt>etc</tt> and <tt>xetc</tt> sets are now part of <tt>base</tt> and | ||
<tt>xbase</tt> and are not distributed separately anymore. They are extracted | <tt>xbase</tt> and are not distributed separately any more. They are extracted | ||
from <tt>base</tt> and <tt>xbase</tt> during installation and upgrade.<br> | from <tt>base</tt> and <tt>xbase</tt> during installation and upgrade.<br> | ||
<b>Note that this includes the <tt>rc</tt> and <tt>rc.conf</tt> files!</b> | <b>Note that this includes the <tt>rc</tt> and <tt>rc.conf</tt> files!</b> | ||
<li>The installer now supports | <li>The installer now supports | ||
|
|
||
<li>All architectures have been transitioned to static PIE, meaning the statically linked binaries in /bin and /sbin now have randomly located text segments. | <li>All architectures have been transitioned to static PIE, meaning the statically linked binaries in /bin and /sbin now have randomly located text segments. | ||
<li>Allow larger .openbsd.randomdata ELF segments. | <li>Allow larger .openbsd.randomdata ELF segments. | ||
<li>Sync kernel AES code and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> AES code to the one shipped with OpenSSL/LibreSSL. | <li>Sync kernel AES code and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> AES code to the one shipped with OpenSSL/LibreSSL. | ||
<li>removed <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=passwd&sektion=1">passwd(1)</a> support for all password cyphers except <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=blowfish&sektion=3">blowfish(3)</a> | <li>removed <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=passwd&sektion=1">passwd(1)</a> support for all password ciphers except <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=blowfish&sektion=3">blowfish(3)</a> | ||
<li>Use sha512 instead of md5 for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcp&sektion=4">tcp(4)</a> initial sequence number. | <li>Use sha512 instead of md5 for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcp&sektion=4">tcp(4)</a> initial sequence number. | ||
<li>Use sha512 instead of md5 in the random number generator. | <li>Use sha512 instead of md5 in the random number generator. | ||
<li>Delete secret or secret-derived data in many base utilities with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=explicit_bzero&sektion=3">explicit_bzero(3)</a>. | <li>Delete secret or secret-derived data in many base utilities with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=explicit_bzero&sektion=3">explicit_bzero(3)</a>. | ||
|
|
||
the compatibility layer for other operating systems has been removed. | the compatibility layer for other operating systems has been removed. | ||
The API is still compatible with upstream libevent 1.4.15-stable. | The API is still compatible with upstream libevent 1.4.15-stable. | ||
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=openssl&sektion=1">openssl(1)</a> | <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=openssl&sektion=1">openssl(1)</a> | ||
s_client got a -proxy parameter for connecting over a HTTP proxy. | s_client now supports a -proxy parameter for connecting over a HTTP proxy. | ||
<li>Ground work laid for improved SMP scalability. | <li>Ground work laid for improved SMP scalability. | ||
<li>gzsig has been removed. | <li>gzsig has been removed. | ||
<li>switch last workq API uses to | <li>switch last workq API uses to | ||
|
|
||
<li>OpenBSD <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a>: | <li>OpenBSD <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a>: | ||
<ul> | <ul> | ||
<li>SSLv2/3 is not supported anymore; renamed all occurrences of "SSL" to "TLS". | <li>SSLv2/3 is not supported any more; renamed all occurrences of "SSL" to "TLS". | ||
<li>Various TLS improvements with better support for ECDHE/DHE forward secrecy. | <li>Various TLS improvements with better support for ECDHE/DHE forward secrecy. | ||
<li>Improved support for virtual hosts by supporting name- and IP- based aliases. | <li>Improved support for virtual hosts by supporting name- and IP- based aliases. | ||
<li>Added support for basic authentication by checking against files created with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=htpasswd&sektion=1">htpasswd(1)</a>. | <li>Added support for basic authentication by checking against files created with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=htpasswd&sektion=1">htpasswd(1)</a>. | ||
|
|
||
<li>OpenSMTPD 5.4.4: | <li>OpenSMTPD 5.4.4: | ||
<ul> | <ul> | ||
<li>SSLv3 is not supported anymore. | <li>SSLv3 is not supported any more. | ||
<li>Added support for a new message and headers parser. | <li>Added support for a new message and headers parser. | ||
<li>Added support for append-domain. | <li>Added support for append-domain. | ||
<li>Restricted address lookups to configured address families. | <li>Restricted address lookups to configured address families. |