===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/60.html,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- www/60.html 2016/07/22 20:24:02 1.18
+++ www/60.html 2016/07/22 20:30:32 1.19
@@ -68,8 +68,10 @@
...
+
Improved hardware support, including:
+ - The iwm driver supports more models, notably the 3165 and 8260.
- ...
@@ -126,7 +128,7 @@
sigreturn(2)
can now only be used by the kernel-provided signal trampoline,
with a cookie to detect attempts to reuse it.
- In rc(8),
+ To deter ROP exploits, in rc(8),
re-link libc.so on startup, placing the objects in a random order.
In the getpwnam(3)
family of functions, stop opening the shadow database by default.
@@ -136,9 +138,9 @@
systrace.
Remove Linux emulation support.
Remove support for the usermount option.
- The TCP SYN cache does reseed its random hash function from
+ The TCP SYN cache reseeds its random hash function from
time to time.
- This prevents that an attacker can figure out the distribution
+ This prevents an attacker from calculating the distribution
of the hash function with a timing attack.
To work against SYN flooding attacks the administrator can
change the size of the hash array now.