| version 1.46, 2021/10/02 15:44:46 |
version 1.47, 2021/10/02 15:48:08 |
|
|
| |
|
| <li>Installer and upgrade improvements: |
<li>Installer and upgrade improvements: |
| <ul> |
<ul> |
| <li>Checked the installer's /tmp/i/hostname.* files for a configured IP address so that configurations without a broadcast address are detected as well. |
<li>Checked the installer's /tmp/i/hostname.* files for a configured |
| |
IP address so that configurations without a broadcast address are |
| |
detected as well. |
| <li>Handled "inet autoconf" in the ramdisk. |
<li>Handled "inet autoconf" in the ramdisk. |
| <li>Allowed <a href="https://man.openbsd.org/cad.4">cad(4)</a> recognition as boot interface when using netboot, making autoinstall/upgrade work. |
<li>Allowed <a href="https://man.openbsd.org/cad.4">cad(4)</a> |
| <li>Introduced a short wait in <a href="https://man.openbsd.org/rc.8">rc(8)</a> after <a href="https://man.openbsd.org/netstart.8">netstart(8)</a> finishes until an IPv4 or IPv6 default route is present before continuing boot. Fixed setups depending on working network and DNS resolution during early boot when using autoconfiguration (<a href="https://man.openbsd.org/dhcpleased.8">dhcpleased(8)</a> or <a href="https://man.openbsd.org/slaacd.8">slaacd(8)</a>). |
recognition as boot interface when using netboot, making |
| <li>Made <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> always create an EFI SYS partition if the -b option is specified when initializing a GPT. |
autoinstall/upgrade work. |
| <li>Allowed (w)hole disk allocation for GPT disks in arm64, using <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> -A when an Apple APFS ISC partition is detected and fdisk -ig otherwise. Created EFI SYS boot partitions only on ROOTDISK GPT disks. |
<li>Introduced a short wait in <a |
| <li>Added <a href="https://man.openbsd.org/installboot.8">installboot(8)</a> "-p" to prepare by creating a new filesystem on the partition reserved for the bootloader on relevant architectures. |
href="https://man.openbsd.org/rc.8">rc(8)</a> after <a |
| <li>Added GPT support to <a href="armv7.html">armv7</a> <a href="https://man.openbsd.org/installboot.8">installboot(8)</a>. |
href="https://man.openbsd.org/netstart.8">netstart(8)</a> finishes |
| <li>Added the Spleen 12x24 and 16x32 font on amd64's RAMDISK_CD and RAMDISK kernels. |
until an IPv4 or IPv6 default route is present before continuing boot. |
| <li>Use <a href="https://man.openbsd.org/installboot.8">installboot(8)</a> on arm64 ramdisks. |
Fixed setups depending on working network and DNS resolution during |
| <li>Enable <a href="https://man.openbsd.org/dhcpleased.8">dhcpleased(8)</a> on |
early boot when using autoconfiguration (<a |
| ramdisks, and activate <a href="https://man.openbsd.org/resolvd.8">resolvd(8)</a>, |
href="https://man.openbsd.org/dhcpleased.8">dhcpleased(8)</a> or <a |
| replacing <a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a>. |
href="https://man.openbsd.org/slaacd.8">slaacd(8)</a>). |
| <li>Enable <a href="https://man.openbsd.org/slaacd.8">sclaacd(8)</a> to configure nameservers on ramsdisks. |
<li>Made <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> |
| </ul> |
always create an EFI SYS partition if the -b option is specified when |
| |
initializing a GPT. |
| |
<li>Allowed (w)hole disk allocation for GPT disks in arm64, using <a |
| |
href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> -A when an Apple |
| |
APFS ISC partition is detected and fdisk -ig otherwise. Created EFI |
| |
SYS boot partitions only on ROOTDISK GPT disks. |
| |
<li>Added <a |
| |
href="https://man.openbsd.org/installboot.8">installboot(8)</a> "-p" |
| |
to prepare by creating a new filesystem on the partition reserved for |
| |
the bootloader on relevant architectures. |
| |
<li>Added GPT support to <a href="armv7.html">armv7</a> <a |
| |
href="https://man.openbsd.org/installboot.8">installboot(8)</a>. |
| |
<li>Added the Spleen 12x24 and 16x32 font on amd64's RAMDISK_CD and |
| |
RAMDISK kernels. |
| |
<li>Use <a |
| |
href="https://man.openbsd.org/installboot.8">installboot(8)</a> on |
| |
arm64 ramdisks. |
| |
<li>Enable <a |
| |
href="https://man.openbsd.org/dhcpleased.8">dhcpleased(8)</a> on |
| |
ramdisks, and activate <a |
| |
href="https://man.openbsd.org/resolvd.8">resolvd(8)</a>, replacing <a |
| |
href="https://man.openbsd.org/dhclient.8">dhclient(8)</a>. |
| |
<li>Enable <a href="https://man.openbsd.org/slaacd.8">sclaacd(8)</a> |
| |
to configure nameservers on ramsdisks. |
| |
</ul> |
| |
|
| <li>Security improvements: |
<li>Security improvements: |
| <ul> |
<ul> |
| <li>Moved objcopy to base set to allow KARL to work on all installs. |
<li>Moved objcopy to base set to allow KARL to work on all installs. |
| <li>Added <a href="https://man.openbsd.org/unveil.2">unveil(2)</a> calls to xterm in the case where there are no exec-formatted or exec-selected resources set. |
<li>Added <a href="https://man.openbsd.org/unveil.2">unveil(2)</a> |
| <li>Changed usage of %n from a syslog warning to syslog and abort for <a href="https://man.openbsd.org/printf.3">printf(3)</a> (and associated variants). |
calls to xterm in the case where there are no exec-formatted or |
| |
exec-selected resources set. |
| |
<li>Changed usage of %n from a syslog warning to syslog and abort for |
| |
<a href="https://man.openbsd.org/printf.3">printf(3)</a> (and |
| |
associated variants). |
| <li>Made kernel stop all threads when terminating via pledge_fail(). |
<li>Made kernel stop all threads when terminating via pledge_fail(). |
| </ul> |
</ul> |
| |
|
| <li>Routing daemons and other userland network improvements: |
<li>Routing daemons and other userland network improvements: |
| <ul> |
<ul> |
| <li>The <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> daemon saw the following changes: |
<li>The <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> |
| |
daemon saw the following changes: |
| <ul> |
<ul> |
| <li>Stop processing queued UPDATES when the max-prefix limit was reached. |
<li>Stop processing queued UPDATES when the max-prefix limit was reached. |
| <li>Improved negotiation for route refresh, graceful restart and |
<li>Improved negotiation for route refresh, graceful restart and |
|
|
| <li>Improved output of Adj-RIB-Out by updating nexthop and ASPATH before |
<li>Improved output of Adj-RIB-Out by updating nexthop and ASPATH before |
| adding the prefix to the RIB. This improves `bgpctl show rib out` |
adding the prefix to the RIB. This improves `bgpctl show rib out` |
| output. |
output. |
| <li>Added command line option to both <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> and <a href="https://man.openbsd.org/bgpctl.8">bgpctl(8)</a> to show the version |
<li>Added command line option to both <a |
| |
href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> and <a |
| |
href="https://man.openbsd.org/bgpctl.8">bgpctl(8)</a> to show the |
| |
version. |
| <li>Added support for RFC 9072 - Extended Optional Parameters Lenght for |
<li>Added support for RFC 9072 - Extended Optional Parameters Lenght for |
| BGP OPEN Message |
BGP OPEN Message |
| <li>Added support for RFC 8050 - MRT Format with BGP Additional Path Extensions |
<li>Added support for RFC 8050 - MRT Format with BGP Additional Path Extensions |
|
|
| jumping backwards as synced repository. |
jumping backwards as synced repository. |
| <li>Made -R (rsync only) also apply to the fetching of TA files. |
<li>Made -R (rsync only) also apply to the fetching of TA files. |
| <li>Only sync *.{cer,crl,gbr,mft,roa} files via rsync and exclude all others. |
<li>Only sync *.{cer,crl,gbr,mft,roa} files via rsync and exclude all others. |
| <li>When producing output for <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>, make use of the 'roa-set |
<li>When producing output for <a |
| expires' attribute to prevent machines from loading outdated roa-sets. |
href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>, make use of the |
| |
'roa-set expires' attribute to prevent machines from loading outdated |
| |
roa-sets. |
| <li>In RRDP, limited the number of deltas to 300 per repo. If more deltas |
<li>In RRDP, limited the number of deltas to 300 per repo. If more deltas |
| exist, downloading a full snapshot is faster. |
exist, downloading a full snapshot is faster. |
| <li>Limited the validation depth of X509 certificate chains to 12, double |
<li>Limited the validation depth of X509 certificate chains to 12, double |
|
|
| <li>Other userland network changes: |
<li>Other userland network changes: |
| <ul> |
<ul> |
| <li>Fixed <a href="https://man.openbsd.org/acme-client.1">acme-client(1)</a> SAN generation for CSRs. |
<li>Fixed <a href="https://man.openbsd.org/acme-client.1">acme-client(1)</a> SAN generation for CSRs. |
| |
|
| |
|
| <li>Added <a href="https://man.openbsd.org/pledge.8">pledge(8)</a> for <a href="https://man.openbsd.org/ftpd.8">ftpd(8)</a> user processes. |
<li>Added <a href="https://man.openbsd.org/pledge.8">pledge(8)</a> for <a href="https://man.openbsd.org/ftpd.8">ftpd(8)</a> user processes. |
| <li>Allowed router solicitations from the unspecified address (::) in <a href="https://man.openbsd.org/rad.8">rad(8)</a>. |
<li>Allowed router solicitations from the unspecified address (::) in <a href="https://man.openbsd.org/rad.8">rad(8)</a>. |
| <li>Altered <a href="https://man.openbsd.org/slowcgi.8">slowcgi(8)</a> so it no longer sends debug logging to syslog unless debug logging is requested via the new -v flag. |
<li>Altered <a href="https://man.openbsd.org/slowcgi.8">slowcgi(8)</a> so it no longer sends debug logging to syslog unless debug logging is requested via the new -v flag. |
![[BACK]](/icons/back.gif){kind=icon}
Return to 70.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www