version 1.39, 2021/10/02 14:38:53 |
version 1.40, 2021/10/02 14:39:31 |
|
|
<li>Other userland network changes: |
<li>Other userland network changes: |
<ul> |
<ul> |
<li>Fixed <a href="https://man.openbsd.org/acme-client.1">acme-client(1)</a> SAN generation for CSRs. |
<li>Fixed <a href="https://man.openbsd.org/acme-client.1">acme-client(1)</a> SAN generation for CSRs. |
<li>Altered <a href="https://man.openbsd.org/slowcgi.8">slowcgi(8)</a> so it no longer sends debug logging to syslog unless debug logging is requested via the new -v flag. |
|
<li>Added the ability for <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> to send SNMPv3 traps. |
<li>Added the ability for <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> to send SNMPv3 traps. |
<li>Changed the default <a href="https://man.openbsd.org/snmp.1">snmp(1)</a> version to -v3 and removed the default community. |
<li>Changed the default <a href="https://man.openbsd.org/snmp.1">snmp(1)</a> version to -v3 and removed the default community. |
<li>Allowed "any" to be used as a listen on address in <a href="https://man.openbsd.org/snmpd.conf.5">snmpd.conf(5)</a>. |
<li>Allowed "any" to be used as a listen on address in <a href="https://man.openbsd.org/snmpd.conf.5">snmpd.conf(5)</a>. |
<li>Allowed setting of the engineid in <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>. |
<li>Allowed setting of the engineid in <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>. |
<li>Switched default <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> and <a href="https://man.openbsd.org/snmp.1">snmp(1)</a> auth back to hmac-sha1. |
<li>Switched default <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> and <a href="https://man.openbsd.org/snmp.1">snmp(1)</a> auth back to hmac-sha1. |
<li>Fixed incorrect status code for expired mails resulting in a misleading bounce report in <a href="https://man.openbsd.org/smtpd.8">smtpd(8)</a>. |
|
<li>Removed default communities, changed seclevel default from none to enc and only allowed SNMPv3 by default in <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>. Changed default authentication to SHA-256 and privacy protocol to AES in <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> and <a href="https://man.openbsd.org/snmp.1">snmp(1)</a>. |
<li>Removed default communities, changed seclevel default from none to enc and only allowed SNMPv3 by default in <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>. Changed default authentication to SHA-256 and privacy protocol to AES in <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> and <a href="https://man.openbsd.org/snmp.1">snmp(1)</a>. |
|
<li>Fixed incorrect status code for expired mails resulting in a misleading bounce report in <a href="https://man.openbsd.org/smtpd.8">smtpd(8)</a>. |
<li>Added TLS options cafile=(path), nosni, noverify and servername=(name) to <a href="https://man.openbsd.org/smtp.1">smtp(1)</a>. |
<li>Added TLS options cafile=(path), nosni, noverify and servername=(name) to <a href="https://man.openbsd.org/smtp.1">smtp(1)</a>. |
<li>Allowed specification of TLS ciphers and protocols in <a href="https://man.openbsd.org/smtp.1">smtp(1)</a>. |
<li>Allowed specification of TLS ciphers and protocols in <a href="https://man.openbsd.org/smtp.1">smtp(1)</a>. |
<li>Prevented <a href="https://man.openbsd.org/httpd.8">httpd(8)</a> from trying to chunk encode an empty http body coming from an fcgi upstream. |
|
<li>Added <a href="https://man.openbsd.org/pledge.8">pledge(8)</a> for <a href="https://man.openbsd.org/ftpd.8">ftpd(8)</a> user processes. |
<li>Added <a href="https://man.openbsd.org/pledge.8">pledge(8)</a> for <a href="https://man.openbsd.org/ftpd.8">ftpd(8)</a> user processes. |
<li>Allowed router solicitations from the unspecified address (::) in <a href="https://man.openbsd.org/rad.8">rad(8)</a>. |
<li>Allowed router solicitations from the unspecified address (::) in <a href="https://man.openbsd.org/rad.8">rad(8)</a>. |
|
<li>Altered <a href="https://man.openbsd.org/slowcgi.8">slowcgi(8)</a> so it no longer sends debug logging to syslog unless debug logging is requested via the new -v flag. |
|
<li>Prevented <a href="https://man.openbsd.org/httpd.8">httpd(8)</a> from trying to chunk encode an empty http body coming from an fcgi upstream. |
<li>Used relative reference URIs in Location header on directory redirects in <a href="https://man.openbsd.org/httpd.8">httpd(8)</a>, adding support for front-ending httpd with a TLS-terminating gateway that forwards unencrypted http traffic. |
<li>Used relative reference URIs in Location header on directory redirects in <a href="https://man.openbsd.org/httpd.8">httpd(8)</a>, adding support for front-ending httpd with a TLS-terminating gateway that forwards unencrypted http traffic. |
<li>Prevented a crash on strict alignment architectures of <a href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a> WireGuard printer. |
<li>Prevented a crash on strict alignment architectures of <a href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a> WireGuard printer. |
<li>Made <a href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a> split the 802.11 sequence number field into its sequence number and fragment number components rather than printing the whole field in decimal. |
<li>Made <a href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a> split the 802.11 sequence number field into its sequence number and fragment number components rather than printing the whole field in decimal. |