| version 1.65, 2016/08/17 16:45:41 |
version 1.66, 2016/08/21 22:51:34 |
|
|
| a new <tt>chown</tt> promise that allows pledged programs to set |
a new <tt>chown</tt> promise that allows pledged programs to set |
| setugid attributes, |
setugid attributes, |
| a stricter enforcement of the <tt>recvfd</tt> promise and |
a stricter enforcement of the <tt>recvfd</tt> promise and |
| <a href="man.openbsd.org/chroot.2">chroot(2)</a> is no longer allowed |
<a href="http://man.openbsd.org/chroot.2">chroot(2)</a> is no longer |
| for pledged programs. |
allowed for pledged programs. |
| <li>a number of |
<li>a number of |
| <a href="http://man.openbsd.org/pledge">pledge(2)</a>-related bugs |
<a href="http://man.openbsd.org/pledge">pledge(2)</a>-related bugs |
| (missing promises, unintended changes of behavior, crashes) were fixed, |
(missing promises, unintended changes of behavior, crashes) were fixed, |
|
|
| and only included for legacy compatibility. |
and only included for legacy compatibility. |
| <li><a href="http://man.openbsd.org/ssh.1">ssh(1)</a>, |
<li><a href="http://man.openbsd.org/ssh.1">ssh(1)</a>, |
| <a href="http://man.openbsd.org/sshd.8">sshd(8)</a>: |
<a href="http://man.openbsd.org/sshd.8">sshd(8)</a>: |
| Improve ordering ordering of MAC verification for |
Improve ordering of MAC verification for |
| <i>Encrypt-then-MAC</i> (EtM) mode transport MAC algorithms to |
<i>Encrypt-then-MAC</i> (EtM) mode transport MAC algorithms to |
| verify the MAC before decrypting any ciphertext. This removes the |
verify the MAC before decrypting any ciphertext. This removes the |
| possibility of timing differences leaking facts about the plaintext, |
possibility of timing differences leaking facts about the plaintext, |
![[BACK]](/icons/back.gif){kind=icon}
Return to 60.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www