===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/70.html,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -r1.46 -r1.47
--- www/70.html 2021/10/02 15:44:46 1.46
+++ www/70.html 2021/10/02 15:48:08 1.47
@@ -419,33 +419,64 @@
Installer and upgrade improvements:
- - Checked the installer's /tmp/i/hostname.* files for a configured IP address so that configurations without a broadcast address are detected as well.
+
- Checked the installer's /tmp/i/hostname.* files for a configured
+ IP address so that configurations without a broadcast address are
+ detected as well.
- Handled "inet autoconf" in the ramdisk.
-
- Allowed cad(4) recognition as boot interface when using netboot, making autoinstall/upgrade work.
-
- Introduced a short wait in rc(8) after netstart(8) finishes until an IPv4 or IPv6 default route is present before continuing boot. Fixed setups depending on working network and DNS resolution during early boot when using autoconfiguration (dhcpleased(8) or slaacd(8)).
-
- Made fdisk(8) always create an EFI SYS partition if the -b option is specified when initializing a GPT.
-
- Allowed (w)hole disk allocation for GPT disks in arm64, using fdisk(8) -A when an Apple APFS ISC partition is detected and fdisk -ig otherwise. Created EFI SYS boot partitions only on ROOTDISK GPT disks.
-
- Added installboot(8) "-p" to prepare by creating a new filesystem on the partition reserved for the bootloader on relevant architectures.
-
- Added GPT support to armv7 installboot(8).
-
- Added the Spleen 12x24 and 16x32 font on amd64's RAMDISK_CD and RAMDISK kernels.
-
- Use installboot(8) on arm64 ramdisks.
-
- Enable dhcpleased(8) on
- ramdisks, and activate resolvd(8),
- replacing dhclient(8).
-
- Enable sclaacd(8) to configure nameservers on ramsdisks.
-
+ Allowed cad(4)
+ recognition as boot interface when using netboot, making
+ autoinstall/upgrade work.
+ Introduced a short wait in rc(8) after netstart(8) finishes
+ until an IPv4 or IPv6 default route is present before continuing boot.
+ Fixed setups depending on working network and DNS resolution during
+ early boot when using autoconfiguration (dhcpleased(8) or slaacd(8)).
+ Made fdisk(8)
+ always create an EFI SYS partition if the -b option is specified when
+ initializing a GPT.
+ Allowed (w)hole disk allocation for GPT disks in arm64, using fdisk(8) -A when an Apple
+ APFS ISC partition is detected and fdisk -ig otherwise. Created EFI
+ SYS boot partitions only on ROOTDISK GPT disks.
+ Added installboot(8) "-p"
+ to prepare by creating a new filesystem on the partition reserved for
+ the bootloader on relevant architectures.
+ Added GPT support to armv7 installboot(8).
+ Added the Spleen 12x24 and 16x32 font on amd64's RAMDISK_CD and
+ RAMDISK kernels.
+ Use installboot(8) on
+ arm64 ramdisks.
+ Enable dhcpleased(8) on
+ ramdisks, and activate resolvd(8), replacing dhclient(8).
+ Enable sclaacd(8)
+ to configure nameservers on ramsdisks.
+
Security improvements:
- Moved objcopy to base set to allow KARL to work on all installs.
-
- Added unveil(2) calls to xterm in the case where there are no exec-formatted or exec-selected resources set.
-
- Changed usage of %n from a syslog warning to syslog and abort for printf(3) (and associated variants).
+
- Added unveil(2)
+ calls to xterm in the case where there are no exec-formatted or
+ exec-selected resources set.
+
- Changed usage of %n from a syslog warning to syslog and abort for
+ printf(3) (and
+ associated variants).
- Made kernel stop all threads when terminating via pledge_fail().
Routing daemons and other userland network improvements:
- - The bgpd(8) daemon saw the following changes:
+
- The bgpd(8)
+ daemon saw the following changes:
- Stop processing queued UPDATES when the max-prefix limit was reached.
- Improved negotiation for route refresh, graceful restart and
@@ -468,7 +499,10 @@
- Improved output of Adj-RIB-Out by updating nexthop and ASPATH before
adding the prefix to the RIB. This improves `bgpctl show rib out`
output.
-
- Added command line option to both bgpd(8) and bgpctl(8) to show the version
+
- Added command line option to both bgpd(8) and bgpctl(8) to show the
+ version.
- Added support for RFC 9072 - Extended Optional Parameters Lenght for
BGP OPEN Message
- Added support for RFC 8050 - MRT Format with BGP Additional Path Extensions
@@ -535,8 +569,10 @@
jumping backwards as synced repository.
- Made -R (rsync only) also apply to the fetching of TA files.
- Only sync *.{cer,crl,gbr,mft,roa} files via rsync and exclude all others.
-
- When producing output for bgpd(8), make use of the 'roa-set
- expires' attribute to prevent machines from loading outdated roa-sets.
+
- When producing output for bgpd(8), make use of the
+ 'roa-set expires' attribute to prevent machines from loading outdated
+ roa-sets.
- In RRDP, limited the number of deltas to 300 per repo. If more deltas
exist, downloading a full snapshot is faster.
- Limited the validation depth of X509 certificate chains to 12, double
@@ -589,8 +625,6 @@
- Other userland network changes:
- Fixed acme-client(1) SAN generation for CSRs.
-
-
- Added pledge(8) for ftpd(8) user processes.
- Allowed router solicitations from the unspecified address (::) in rad(8).
- Altered slowcgi(8) so it no longer sends debug logging to syslog unless debug logging is requested via the new -v flag.