===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/63.html,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- www/63.html	2018/03/24 17:10:16	1.9
+++ www/63.html	2018/03/24 17:26:39	1.10
@@ -105,12 +105,26 @@
 
 <li>Routing daemons and other userland network improvements:
     <ul>
+    <li><a href="https://man.openbsd.org/bgpctl.8">bgpctl(8)</a> has a new
+        <b>ssv<b/> option which outputs rib entries as a single semicolon-seperated
+        like for selection before output.
     <li>...
     </ul>
 <p>
 
 <li>Security improvements:
     <ul>
+    <li>Use even more trap-sleds on various architectures.
+    <li>More use of .rodata for constant variables in assembly source.
+    <li>Stop using x86 "repz ret" in dusty corners of the tree.
+    <li>Introduce "execpromises" in
+        <a href="https://man.openbsd.org/pledge.2">pledge(2)</a>.
+    <li>Prepare for the introduction of <b>MAP_STACK</b> to 
+        <a href="https://man.openbsd.org/mmap.2">mmap(2)</a> after 6.3.
+    <li>Push a small piece of KARL-linked kernel text into the random
+        number generator as entropy at startup.
+    <li>Put a small random gap at the top of thread stacks, so that attackers
+        have yet another calculation to perform for their ROP work.
     <li>...
     </ul>
 <p>
@@ -133,6 +147,11 @@
     <li>Code reorganization and other improvements to
         <a href="https://man.openbsd.org/malloc.3">malloc(3)</a>
 	and friends to make them more efficient.
+    <li>When performing suspend or hibernate operations, ensure all filesystems
+        are properly syncronized and marked clean, or if they cannot be
+        put into perfectly clean state on disk (due to open+unlinked files)
+        then mark them dirty, so that a failed resume/unhinbernate is gauranteed
+	to perform fsck.
     <li>...
     </ul>
 <p>