===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/72.html,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -r1.51 -r1.52
--- www/72.html 2022/10/03 20:41:40 1.51
+++ www/72.html 2022/10/03 21:30:58 1.52
@@ -615,16 +615,19 @@
locked ypbinding file, thereby removing a horrible hack to support YP
lookups in programs using strong
pledge(2) rules.
- Restrict pledge("vminfo") callers to read-only swapctl(2) operations.
+ Processes that pledge("vminfo") may only use the swapctl(2) operations
+ SWAP_NSWAP and SWAP_STATS providing information on swap devices.
Randomized the rekey interval of arc4random(3).
- Added local bind mode to Reduce the attack surface by introducing a 'local bind' mode to ypldap(8). In this mode
ypldap binds its RPC sockets to loopback, so YP services are only
- available to the host ypldap is running on. In local bind mode one
- does not need to run portmap(8).
+ available to the host it's running on. ypldap replaces ypbind(8) and writes the
+ YP binding file in /var/yp/binding itself. This also implies that portmap(8) doesn't need
+ to be running anymore when local bind mode is used.
Changed the /sbin daemons dhcpleased(8), mountd(8), Relax IP address limitation by allowing prefixes in 240/4.
Implement RFC 9234 - Route Leak Prevention and Detection Using Roles
in UPDATE and OPEN Messages.
- Full support for RFC 7911 - Advertisement of Multiple Paths in BGP.
+ Full support for RFC 7911 - Advertisement of Multiple Paths in BGP (ADD-PATH).
Improve FIB code, handle IPv6 scoped addresses properly.
Add bgplgd(8),
a FastCGI server providing a REST API to execute
@@ -724,8 +727,6 @@
Fix race between a neighbor session reset and its update message
backlog
Improve handling of nexthop reachability state changes
- Added send side RFC 7911 (ADD-PATH) support to bgpd(8).
Made sure only one bgpd(8) roa softreconfig
runner is run at any time.