| version 1.30, 2017/10/02 21:03:57 |
version 1.31, 2017/10/02 22:31:09 |
|
|
| with a link local source address. |
with a link local source address. |
| <li> FQ-CoDel algorithm has been implemented for use with <a |
<li> FQ-CoDel algorithm has been implemented for use with <a |
| href="https://man.openbsd.org/pf.conf#QUEUEING">pf(4) queueing</a>. |
href="https://man.openbsd.org/pf.conf#QUEUEING">pf(4) queueing</a>. |
| |
<li>Improve IPv6 checks for IPsec policies and make them consistent |
| |
with IPv4. |
| |
<li>Refactor local IP delivery to process IPsec packets in a flow. |
| |
Avoid that they are enqueued a second time. |
| |
<li><a href="https://man.openbsd.org/pf.4">pf(4)</a> |
| |
looks into AH packets and matches on the inner protocol. |
| |
This makes IPv4 authentication headers work like IPv6. |
| |
<li>The length of extension header chains in pf(4) is limited. |
| |
This prevents spending excessive cpu time on crafted packets. |
| |
<li>Block IPv6 packets in pf(4) that have hop-by-hop options |
| |
header or destination options header. |
| |
Such packets can be passed by adding "allow-opts" to the |
| |
rule. |
| |
So IPv6 options are handled like their counterpart in IPv4 |
| |
now. |
| |
<li>If the IPv4 ID gets reused to fast, pf(4) fragment reassembly |
| |
uses a smarter strategy to drop packets. |
| <li>... |
<li>... |
| </ul> |
</ul> |
| <p> |
<p> |
|
|
| <li>Routing daemons and other userland network improvements: |
<li>Routing daemons and other userland network improvements: |
| <ul> |
<ul> |
| <li> A new daemon, <a |
<li> A new daemon, <a |
| href="https://man.openbsd.org/slaacd">slaacd(8)</a> handles IPv6 |
href="https://man.openbsd.org/slaacd.8">slaacd(8)</a> handles IPv6 |
| Stateless Address Autoconfiguration (RFC 4862). |
Stateless Address Autoconfiguration (RFC 4862). |
| <li> <a href="https://man.openbsd.org/rtadvd">rtadvd(8)</a> now supports |
<li> <a href="https://man.openbsd.org/rtadvd.8">rtadvd(8)</a> now supports |
| "Reducing Energy Consumption of Router Advertisements" (RFC 7772). |
"Reducing Energy Consumption of Router Advertisements" (RFC 7772). |
| |
<li><a href="https://man.openbsd.org/ipsecctl.8">ipsecctl(8)</a> |
| |
can show SA bundles now. |
| |
The keyword "bundle" allows to create them explicitly. |
| |
This avoids confusion as they were used implicitly before. |
| |
<li><a href="https://man.openbsd.org/nc.1">nc(1)</a> |
| |
has got the option -W "recvlimit" to terminate netcat after |
| |
receiving a number of packets. |
| |
This allows to send a UDP request, receive a reply and check |
| |
the result on the command line. |
| |
<li>Fix a bunch of races in |
| |
<a href="https://man.openbsd.org/relayd.8">relayd(8)</a> |
| |
expecially in HTTP chunked mode. |
| <li>... |
<li>... |
| </ul> |
</ul> |
| <p> |
<p> |
|
|
| <a href="https://man.openbsd.org/rc.8">rc(8)</a> re-links |
<a href="https://man.openbsd.org/rc.8">rc(8)</a> re-links |
| <a href="https://man.openbsd.org/ld.so.1">ld.so</a> on |
<a href="https://man.openbsd.org/ld.so.1">ld.so</a> on |
| startup, placing the objects in a random order. |
startup, placing the objects in a random order. |
| |
<li>If process accounting is activated with |
| |
<a href="https://man.openbsd.org/accton.8">accton(8)</a>, |
| |
the daily mail shows pledge violations and program crashes. |
| |
<a href="https://man.openbsd.org/lastcomm.8">lastcomm(8)</a> |
| |
uses the flags P and T for such processes. |
| </ul> |
</ul> |
| <p> |
<p> |
| |
|
|
|
| <li>New <a href="https://man.openbsd.org/ctfdump">ctfdump</a> |
<li>New <a href="https://man.openbsd.org/ctfdump">ctfdump</a> |
| and <a href="https://man.openbsd.org/ctfconv">ctfconv</a> tools to manipulate |
and <a href="https://man.openbsd.org/ctfconv">ctfconv</a> tools to manipulate |
| CTF (Compact C Type Format). |
CTF (Compact C Type Format). |
| |
<li>The error handling in |
| |
<a href="https://man.openbsd.org/syslogd.8">syslogd(8)</a> |
| |
has been improved. |
| |
Even if internal errors occur, the deamon tries to keep |
| |
unaffected subsystems active. |
| |
So as many messages as possible are logged. |
| |
They can be filtered by severity and facility "syslog". |
| |
<li>syslogd(8) can now suppress "last message repeated" which is |
| |
useful for remote logging. |
| |
<li>syslogd(8) can listen on multiple TLS sockets. |
| |
<li>syslogd(8) closes the *.514 UDP sockets when they are not |
| |
needed. |
| |
<li>Truncate log messates at 8192 bytes everywhere. |
| |
<li>Nested mount points are umounted in correct order. |
| </ul> |
</ul> |
| <p> |
<p> |
| |
|
|
|
| </ul> |
</ul> |
| <li>New/changed features: |
<li>New/changed features: |
| <ul> |
<ul> |
| |
<li>Add RemoteCommand option to specify a command in the |
| |
<a href="https://man.openbsd.org/ssh.1">ssh(1)</a> |
| |
config file instead of giving it on the client's command |
| |
line. |
| |
The feature allows to automate tasks using ssh config. |
| <li>... |
<li>... |
| </ul> |
</ul> |
| <li>The following significant bugs have been fixed in this release: |
<li>The following significant bugs have been fixed in this release: |
|
|
| <li>Binutils 2.17 (+ patches) |
<li>Binutils 2.17 (+ patches) |
| <li>Gdb 6.3 (+ patches) |
<li>Gdb 6.3 (+ patches) |
| <li>Awk Aug 10, 2011 version |
<li>Awk Aug 10, 2011 version |
| <li>Expat 2.1.1 |
<li>Expat 2.2.4 |
| </ul> |
</ul> |
| </ul> |
</ul> |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to 62.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www