www/75.html - diff

Return to 75.html CVS log

Up to [local] / www

Diff for /www/75.html between version 1.33 and 1.34

version 1.33, 2024/03/31 12:44:40

version 1.34, 2024/03/31 21:47:37

Line 111

significantly reduces the side-effects of lock contention on the

kernel map lock and leads to significant speedups on machines with

many CPU cores.

<li>Implemented <a href="https://man.openbsd.org/acpi.4">acpi(4)</a>

RootPathString support in the LoadTable() AML function, fixing OpenBSD

boot on an older version of Hyper-V.

<li>Fixed Linux NFS clients freezing after five minutes of inactivity.

<li>Fixed core file writing when a file map into memory has later been

truncated to be smaller than the mapping.

<li>Disallow<a

href="https://man.openbsd.org/madvise.2">madvise(2)</a> and <a

href="https://man.openbsd.org/msync.2">msync(2)</a> memory/mapping

destructive operations on immutable memory regions. Innstead return EPERM.

<li>Added new amd64-only sysctl machdep.retpoline which says whether

the cpu requires the retpoline branch target injection mitigation.

<li>Added new accounting flag ABTCFI to <a

href="https://man.openbsd.org/acct.5">acct(5)</a> to indicate SIGILL +

code ILL_BTCFI has occurred in the process.

</ul>

<li>SMP Improvements

Line 167

Line 180

<li>Corrected handling of CPUID 0xd subleaves

<li>Added additional use of VERW and register clobbering to mitigate RFDS

vulnerabilities on Intel Atom cores.

<li>Added recv TCP/UDP checksum offloading to <a

href="https://man.openbsd.org/vio.4">vio(4)</a>.

</ul>

<li>Various new userland features:

Line 184

Line 195

<li>Made <a href="https://man.openbsd.org/ps.1">ps(1)</a> accept numerical user IDs.

<li>Built and provide the tzdata.zi and leap-seconds.list files from

zoneinfo. Some third-party software now expects these files to be

installed.

installed. Provide the zonenow.tab file, a table where each row

stands for a timezone where civil timestamps are predicted to agree

from now on.

<li>Added basic write support for <a

href="https://man.openbsd.org/pax.1">pax(1)</a> format archives.

<li>Added 'pax' format support for files over 8GB to <a

href="https://man.openbsd.org/tar.1">tar(1)</a>.

<li>Added 'pax' format support for mtime and atime to <a

href="https://man.openbsd.org/tar.1">tar(1)</a>.

<li>Extended <a href="https://man.openbsd.org/imsg_init.3">imsg</a>

and the <a href="https://man.openbsd.org/ibuf_add.3">ibuf</a> buffer

manipulation API with useful getter methods.

manipulation API with useful getter methods. Unified file descriptior

passing in all imsg using programs with the use of the imsg_get_fd()

function.

<li>Added <a

href="https://man.openbsd.org/mkdtemps.3">mkdtemps(3)</a>, identical

to <a href="https://man.openbsd.org/mkdtemp.3">mkdtemp(3)</a> except

that it permits a suffix to exist in the template.

<li>Added <a href="https://man.openbsd.org/mktemp.1">mktemp(1)</a>

suffix support for compatibility with the GNU version. It is now

possible to use templates where the Xs are not at the end.

</ul>

<li>Various bugfixes and tweaks in userland:

Line 212

Line 233

<li>Prevented <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a>

'flag' from altering other GPT partition attributes when flagging a

partition as the only bootable partition.

<li>Allow <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> to

add GPT partitions of protected types, making it possible to provision

virtual machine images that need a "BIOS Boot" partition.

<li>Added group handling matching <a

href="https://man.openbsd.org/fbtab.5">fbtab(5)</a> to xenodm.

<li>Made <a href="https://man.openbsd.org/grep.1">grep(1)</a> -m behavior match GNU grep.

Line 243

Line 268

<li>Moved non-daemon services to run in a different <a

href="https://man.openbsd.org/rc.8">rc(8)</a> process group to avoid

SIGHUP at boot.

<li>Changed <a

href="https://man.openbsd.org/ld.so.1">ld.so(1)</a> to only load the first libc version encountered

requested and substituting it for all further loads, ensuring that the

libc version requested by an executable itself is the one loaded.

<li>Significantly (for small programs) reduce the size of statically

linked binaries by splitting several libc internal functions into

seperate compilation and thus linkage units. Specifically <a

href="https://man.openbsd.org/getpwnam.3">getpwnam(3)</a> does not

need the full YP socket setup and does not use all possible <a

href="https://man.openbsd.org/dbopen.3">dbopen(3)</a> databease

backends.

<li>Added <a href="https://man.openbsd.org/vi.1">vi(1)</a>

showfilename set option to display the file name in the lower left

corner.

<li>Added backup of disklabel for <a

href="https://man.openbsd.org/softraid.4">softraid(4)</a> chunks to <a

href="https://man.openbsd.org/security.8">security(8)</a>.

</ul>

<li>Improved hardware support and driver bugfixes, including:

Line 284

Line 326

TEMPer{1,2} devices display negative degC.

<li>Improve support for audio devices that via attach multiple <a

href="https://man.openbsd.org/uaudio.4">uaudio(4)</a> drivers.

</ul>

<li>New or improved network hardware support:

Line 316

Line 357

href="https://man.openbsd.org/dwqe.4">dwqe(4)</a>.

<li>Updated <a href="https://man.openbsd.org/rge.4">rge(4)</a>

microcode, initialization and reset behavior.

<li>Prevented a potential <a

href="https://man.openbsd.org/bnxt.4">bnxt(4)</a> crash after failure

to bring up a queue.

</ul>

<li>Added or improved wireless network drivers:

Line 353

Line 397

<li>Installer, upgrade and bootloader improvements:

<ul>

<li>Add support for disk encryption in unattended installations with

<a href="https://man.openbsd.org/autoinstall.8">autoinstall(8)</a>,

both with a plaintext passphrase or a keydisk.

<li>Removed default sets answer in <a

href="https://man.openbsd.org/autoinstall.8">autoinstall(8)</a>

response file such that it now populates only with non-defaults.

Line 365

Line 412

<li>Added support in the installer to encrypt the root disk with a key disk.

<li>Prevent re-starting the automatic upgrade on octeon and

powerpc64, as is already done on other platforms.

<li>Enabled CD9660 in arm64 RAMDISK to allow CD-ROM mounting.

<li>Added CD install images to arm64.

<li>Make the amd64 cdXX.iso and installXX.iso CD images bootable in

EFI mode (by creating an EFI system partition containing the EFI boot

loaders to be installed as an El Torito boot image).

</ul>

<li>Security improvements:

Line 420

Line 466

<li>Fixed race between <a

href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a> destroy of

an interface and the ARP timer.

<li>Added statistics counters for the route cache, reporting cache

hits and misses. This is shown in <a

href="https://man.openbsd.org/netstat.1">netstat(1)</a> with

<code>netstat -s</code>.

</ul>

<li>The following changes were made to the <a

Line 441

Line 490

<li>Added check to ensure <a

href="https://man.openbsd.org/pfctl.8">pfctl(8)</a> -f won't accept a

directory and install an empty ruleset.

<li>Added validation for IPv4 packet options in <a

href="https://man.openbsd.org/divert.4">divert(4)</a>.

</ul>

<li>Routing daemons and other userland network improvements:

<ul>

<li>IPsec support was improved:

<ul>

Line 453

Line 503

prefer group from the initial KE payload as responder if supported.

<li>Corrected renewal of expired certificates in <a

href="https://man.openbsd.org/iked.8">iked(8)</a>.

<li>Added an <a href="https://man.openbsd.org/iked.8">iked(8)</a>

debug message when no policy is found.

<li>Implemented a per connection peerid for <a

href="https://man.openbsd.org/iked.8">iked(8)</a> control replies.

trigger retransmission only for fragment 1/x to prevent each received

fragment triggering retransmission of the full fragment queue.

<li>Prevent routing loops by droping already encrypted packets that are going through <a

href="https://man.openbsd.org/sec.4">sec(4)</a> again.

</ul>

<li>In <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>,

Line 560

Line 619

<li>Fixed <a href="https://man.openbsd.org/radiusd.8">radiusd(8)</a>

to properly fixup MPPE-{Send,Recv}-Key and Tunnel-Password attributes of the

response.

<li>Added nochroot parameter to <a

href="https://man.openbsd.org/radiusd.8">radiusd(8)</a>

module_drop_privilege() so that modules can use <a

href="https://man.openbsd.org/unveil.2">unveil(2)</a> instead of <a

href="https://man.openbsd.org/chroot.2">chroot(2)</a> if needed.

<li>Ensured correct denominators when converting NTP fixed point

values to double and vice-versa in <a

href="https://man.openbsd.org/ntpd.8">ntpd(8)</a>.

<li>Prevented short-circuiting of localhost resolution when AI_NUMERICHOST is set.

<li>In the resolver, do not short-circuit resolution of localhost

when AI_NUMERICHOST is set. Ensure that a proper string is returned by <a

href="https://man.openbsd.org/getaddrinfo.3">getaddrinfo(3)</a> when

AI_CANONNAME or AI_FQDN is set.

<li>Added <a href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a>

support for specifying ports on the src address in tunnel endpoints of

<a href="https://man.openbsd.org/gif.4">gif(4)</a>, <a

Line 582

Line 649

<li>Improved <a href="https://man.openbsd.org/httpd.8">httpd(8)</a>

auto-index, adding human-readable file sizes and allowing per-column

sorting.

<li>Switched to using whois.internic.net for <a

href="https://man.openbsd.org/whois.1">whois(1)</a> -i.

</ul>

</ul>

Line 601

Line 666

<li>Removed flags from the prefix before comparing with the received

key so that <a href="https://man.openbsd.org/tmux.1">tmux(1)</a>

modifier keys with flags work correctly.

<li>Increased buffer size to avoid truncating styles in <a

href="https://man.openbsd.org/tmux.1">tmux(1)</a>.

<li>Added two new values for the <a

href="https://man.openbsd.org/tmux.1">tmux(1)</a> destroy-unattached

option to destroy sessions only if they are not members of sessions

groups.

</ul>

<li>LibreSSL version 3.9.0