![[BACK]](/icons/back.gif){kind=icon}
Return to 60.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www|
Return to 60.html CVS log | Up to [local] / www |
| version 1.2, 2016/07/03 20:20:13 | version 1.3, 2016/07/21 09:57:48 | ||
|---|---|---|---|
|
|
||
| <li>Security improvements: | <li>Security improvements: | ||
| <ul> | <ul> | ||
| <li><tt>W^X</tt> is now strictly enforced by default; | |||
| a program can only violate it if the executable is marked with | |||
| <tt>PT_OPENBSD_WXNEEDED</tt> and its is located on a filesystem | |||
| mounted with the <tt>wxallowed</tt> <a href="http://man.openbsd.org/?query=mount&sec=8">mount(8)</a> option. | |||
| <li>The <a href="http://man.openbsd.org/?query=setjmp&sec=3">setjmp(3)</a> | |||
| family of functions now apply XOR cookies to stack and return-address | |||
| values in the jmpbuf on amd64, hppa, i386, mips64, and powerpc. | |||
| <li><a href="http://man.openbsd.org/?query=sigreturn&sec=2">sigreturn(2)</a> | |||
| can now only be used by the kernel-provided signal trampoline, | |||
| with a cookie to detect attempts to reuse it. | |||
| <li>... | <li>... | ||
| </ul> | </ul> | ||
| <p> | <p> | ||
| <li>Assorted improvements: | <li>Assorted improvements: | ||
| <ul> | <ul> | ||
| <li>The thread library can now be loaded into a single-threaded process. | |||
| <li>Improved symbol handling and standards compliance in libc. | |||
| For example, defining an <tt>open()</tt> function will no longer | |||
| interfere with the operation of | |||
| <a href="http://man.openbsd.org/?query=fopen&sec=3">fopen(3)</a>. | |||
| <li><tt>PT_TLS</tt> sections are now supported in initially loaded object. | |||
| <li>Improved handling of "no paths" and "empty path" in | |||
| <a href="http://man.openbsd.org/?query=fts&sec=3">fts(3)</a>. | |||
| <li><a href="http://man.openbsd.org/?query=kdump&sec=1">kdump(1)</a> | |||
| now dumps pollfd structures. | |||
| <li>... | <li>... | ||
| </ul> | </ul> | ||
| <p> | <p> |