[BACK]Return to 60.html CVS log [TXT][DIR] Up to [local] / www

Diff for /www/60.html between version 1.18 and 1.19

version 1.18, 2016/07/22 20:24:02 version 1.19, 2016/07/22 20:30:32
Line 68 
Line 68 
     <li>...      <li>...
     </ul>      </ul>
 <p>  <p>
   
 <li>Improved hardware support, including:  <li>Improved hardware support, including:
     <ul>      <ul>
       <li>The iwm driver supports more models, notably the 3165 and 8260.
     <li>...      <li>...
     </ul>      </ul>
 <p>  <p>
Line 126 
Line 128 
     <li><a href="http://man.openbsd.org/sigreturn.2">sigreturn(2)</a>      <li><a href="http://man.openbsd.org/sigreturn.2">sigreturn(2)</a>
         can now only be used by the kernel-provided signal trampoline,          can now only be used by the kernel-provided signal trampoline,
         with a cookie to detect attempts to reuse it.          with a cookie to detect attempts to reuse it.
     <li>In <a href="http://man.openbsd.org/rc.8">rc(8)</a>,      <li>To deter ROP exploits, in <a href="http://man.openbsd.org/rc.8">rc(8)</a>,
         re-link libc.so on startup, placing the objects in a random order.          re-link libc.so on startup, placing the objects in a random order.
     <li>In the <a href="http://man.openbsd.org/getpwnam.3">getpwnam(3)</a>      <li>In the <a href="http://man.openbsd.org/getpwnam.3">getpwnam(3)</a>
         family of functions, stop opening the shadow database by default.          family of functions, stop opening the shadow database by default.
Line 136 
Line 138 
         <a href="http://man.openbsd.org/OpenBSD-5.9/systrace">systrace</a>.          <a href="http://man.openbsd.org/OpenBSD-5.9/systrace">systrace</a>.
     <li>Remove Linux emulation support.      <li>Remove Linux emulation support.
     <li>Remove support for the usermount option.      <li>Remove support for the usermount option.
     <li>The TCP SYN cache does reseed its random hash function from      <li>The TCP SYN cache reseeds its random hash function from
         time to time.          time to time.
         This prevents that an attacker can figure out the distribution          This prevents an attacker from calculating the distribution
         of the hash function with a timing attack.          of the hash function with a timing attack.
     <li>To work against SYN flooding attacks the administrator can      <li>To work against SYN flooding attacks the administrator can
         change the size of the hash array now.          change the size of the hash array now.
Legend:
Removed from v.1.18  
changed lines
  Added in v.1.19