Return to 63.html CVS log | Up to [local] / www |
version 1.49, 2018/03/27 05:29:15 | version 1.50, 2018/03/27 05:37:50 | ||
---|---|---|---|
|
|
||
<li>Enforce in <a href="https://man.openbsd.org/pf.4">pf(4)</a> | <li>Enforce in <a href="https://man.openbsd.org/pf.4">pf(4)</a> | ||
that all neighbor discovery packets have 255 in their IPv6 | that all neighbor discovery packets have 255 in their IPv6 | ||
header hop limit field. | header hop limit field. | ||
<li>Support for GRE over IPv6</li> | <li>Support for GRE over IPv6. | ||
<li>New <a href="https://man.openbsd.org/egre.4">egre(4)</a> | <li>New <a href="https://man.openbsd.org/egre.4">egre(4)</a> | ||
driver for Ethernet over GRE tunnels. | driver for Ethernet over GRE tunnels. | ||
<li>Support for the optional GRE Key header and GRE Key Entropy in | <li>Support for the optional GRE key header and GRE key entropy in | ||
<a href="https://man.openbsd.org/gre.4">gre(4)</a> and | <a href="https://man.openbsd.org/gre.4">gre(4)</a> and | ||
<a href="https://man.openbsd.org/egre.4">egre(4)</a>. | <a href="https://man.openbsd.org/egre.4">egre(4)</a>. | ||
<li>New <a href="https://man.openbsd.org/nvgre.4">nvgre(4)</a> | <li>New <a href="https://man.openbsd.org/nvgre.4">nvgre(4)</a> | ||
|
|
||
<li>Mitigation for Meltdown vulnerability for Intel brand amd64 CPUs. | <li>Mitigation for Meltdown vulnerability for Intel brand amd64 CPUs. | ||
<li>OpenBSD/arm64 now uses kernel page table isolation to mitigate | <li>OpenBSD/arm64 now uses kernel page table isolation to mitigate | ||
Spectre variant 3 (Meltdown) attacks. | Spectre variant 3 (Meltdown) attacks. | ||
<li>OpenBSD/armv7 and OpenBSD/arm64 now flush the Branch Target | <li>OpenBSD/armv7 and OpenBSD/arm64 now flush the Branch Target Buffer | ||
Cache (BTB) on processors that do speculative execution to | (BTB) on processors that do speculative execution to | ||
mitigate Spectre variant 2 attacks. | mitigate Spectre variant 2 attacks. | ||
<li><a href="https://man.openbsd.org/pool_get.9">pool_get(9)</a> perturbs | <li><a href="https://man.openbsd.org/pool_get.9">pool_get(9)</a> perturbs | ||
the order of items on newly allocated pages, making the kernel heap | the order of items on newly allocated pages, making the kernel heap | ||
|
|
||
<li>OpenSMTPD 6.0.4 | <li>OpenSMTPD 6.0.4 | ||
<ul> | <ul> | ||
<li>Add <b>spf walk</b> option to | <li>Add <b>spf walk</b> option to | ||
<a href="https://man.openbsd.org/smtpctl.8">smtpctl(8)</a> | <a href="https://man.openbsd.org/smtpctl.8">smtpctl(8)</a>. | ||
</ul> | </ul> | ||
<p> | <p> | ||
|
|
||
allow for expiring keys. | allow for expiring keys. | ||
<li>ssh(1): Add a BindInterface option to allow binding the outgoing | <li>ssh(1): Add a BindInterface option to allow binding the outgoing | ||
connection to an interface's address (basically a more usable | connection to an interface's address (basically a more usable | ||
BindAddress) | BindAddress). | ||
<li>ssh(1): Expose device allocated for tun/tap forwarding via a new | <li>ssh(1): Expose device allocated for tun/tap forwarding via a new | ||
%T expansion for LocalCommand. This allows LocalCommand to be used | %T expansion for LocalCommand. This allows LocalCommand to be used | ||
to prepare the interface. | to prepare the interface. |