===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/74.html,v
retrieving revision 1.86
retrieving revision 1.87
diff -c -r1.86 -r1.87
*** www/74.html 2023/10/14 23:00:49 1.86
--- www/74.html 2023/10/15 00:30:41 1.87
***************
*** 253,259 ****
Extend and improve the ibuf API in libutil and add
function for more specific data types, for modifying data at specific
! offsets, for getting and setting the filedescriptor stored on the ibuf
and for efficient wrapping of ibufs into imesgs. The ibuf API is
mostly used in network daemons.
In wsconsctl(8),
--- 253,259 ----
Extend and improve the ibuf API in libutil and add
function for more specific data types, for modifying data at specific
! offsets, for getting and setting the file descriptor stored on the ibuf
and for efficient wrapping of ibufs into imesgs. The ibuf API is
mostly used in network daemons.
In wsconsctl(8),
***************
*** 394,400 ****
@weekly, @daily and @hourly entries.
Fix a bug in cron(8) where whitespace
! after usernames would not be completly skipped while parsing the
href="https://man.openbsd.org/crontab.5">crontab(5) file.
In pax(1), safely escape characters when displaying messages
that may include file names, and truncate times to the correct maximum
--- 394,400 ----
@weekly, @daily and @hourly entries.
Fix a bug in cron(8) where whitespace
! after usernames would not be completely skipped while parsing the
href="https://man.openbsd.org/crontab.5">crontab(5) file.
In pax(1), safely escape characters when displaying messages
that may include file names, and truncate times to the correct maximum
***************
*** 417,423 ****
Add support for TEMPerGold 3.4 temperature sensor to
ugold(4).
Add qcrng(4),
! a driver for the Qualcomm RNG device found on the Thinkpad X13s.
Add rkusbphy(4),
a driver for the usb2phy on Rockchip SoCs.
Support AP806/CP110 SoCs in
--- 417,423 ----
Add support for TEMPerGold 3.4 temperature sensor to
ugold(4).
Add qcrng(4),
! a driver for the Qualcomm RNG device found on the ThinkPad X13s.
Add rkusbphy(4),
a driver for the usb2phy on Rockchip SoCs.
Support AP806/CP110 SoCs in
***************
*** 449,455 ****
a driver for the PMIC Shared Direct Access Memory found on
Qualcomm SoCs.
Add stfrng(4), a
! driver for the random number generator on the risc-v JH7110 SoC.
Add support for the PCIe controller on the JH7110 SoC with stfpciephy(4)
--- 449,455 ----
a driver for the PMIC Shared Direct Access Memory found on
Qualcomm SoCs.
Add stfrng(4), a
! driver for the random number generator on the StarFive JH7110 SoC.
Add support for the PCIe controller on the JH7110 SoC with stfpciephy(4)
***************
*** 645,670 ****
Security improvements:
- Enabled support for branch target identification (BTI) in both
! the kernel and userland. On hardware that supports this feautre, it
! helps enforcing control flow integrety by making sure malicious code
cannot jump into the middle of a function.
- Enabled support for pointer authentication (PAC) in userland. On
hardware that supports this feature it helps enforcing control flow
! integrety by making sure malicious code cannot manipulate a
function's return address.
- On the amd64 architecture, enabled support for indirect
branch tracking (IBT) in both the kernel and userland. On hardware
! that supports this feature, it helps enforcing control flow integrety
by making sure malicious code cannot jump into the middle of a
function.
- On the arm64 architecture, enabled support for branch target
identification (BTI) in both the kernel and userland. On hardware
! that supports this feature, it helps enforcing control flow integrety
by making sure malicious code cannot jump into the middle of a
function.
- On the arm64 architecture, enabled support for pointer
authentication (PAC) in userland. On hardware that supports this
! feature it helps enforcing control flow integrety by making sure
malicious code cannot manipulate a function's return address.
--- 645,670 ----
Security improvements:
- Enabled support for branch target identification (BTI) in both
! the kernel and userland. On hardware that supports this feature, it
! helps enforcing control flow integrity by making sure malicious code
cannot jump into the middle of a function.
- Enabled support for pointer authentication (PAC) in userland. On
hardware that supports this feature it helps enforcing control flow
! integrity by making sure malicious code cannot manipulate a
function's return address.
- On the amd64 architecture, enabled support for indirect
branch tracking (IBT) in both the kernel and userland. On hardware
! that supports this feature, it helps enforcing control flow integrity
by making sure malicious code cannot jump into the middle of a
function.
- On the arm64 architecture, enabled support for branch target
identification (BTI) in both the kernel and userland. On hardware
! that supports this feature, it helps enforcing control flow integrity
by making sure malicious code cannot jump into the middle of a
function.
- On the arm64 architecture, enabled support for pointer
authentication (PAC) in userland. On hardware that supports this
! feature it helps enforcing control flow integrity by making sure
malicious code cannot manipulate a function's return address.
***************
*** 964,970 ****
Allowed arguments on NOOP.
! Many other changes in various network programms and libraries:
! Many other changes in various network programs and libraries:
- Allow libpcap to read files with some additional link-layer type values.
- Let Allow UDP for built-in inetd(8) services on
! 127.0.0.1. This restriction was added in year 2000 due to IPv6 compatibleand
mapped addresses. Nowadays our kernel does not support these IPv6
features and blocks localhost addresses on non-loopback interfaces.
Make IPv4 127.0.0.1/8 and IPv6 ::1 behave identically and provide
--- 1040,1046 ----
- Allow UDP for built-in inetd(8) services on
! 127.0.0.1. This restriction was added in year 2000 due to IPv6 compatible and
mapped addresses. Nowadays our kernel does not support these IPv6
features and blocks localhost addresses on non-loopback interfaces.
Make IPv4 127.0.0.1/8 and IPv6 ::1 behave identically and provide