version 1.1461, 2019/11/29 22:23:09 |
version 1.1462, 2019/12/05 10:41:13 |
|
|
<p> |
<p> |
|
|
<ul> |
<ul> |
|
<!-- 2019/12/03 --> |
|
<li>Added <a href="https://man.openbsd.org/pwmfan">pwmfan(4)</a>, a driver for PWM-regulated fans. |
|
<li>Added <a href="https://man.openbsd.org/rkpwm">rkpwm(4)</a>, a driver for the RK3399's PWM controller. |
|
<li>Added support for the RK3399's PWM clock to <a href="https://man.openbsd.org/rkclock">rkclock(4)</a>. |
|
<!-- 2019/12/02 --> |
|
<li>Added <a href="https://man.openbsd.org/tcpdump">tcpdump(8)</a> support for printing RFC 8300 Network Service Header (NSH). |
|
<li>Added <a href="https://man.openbsd.org/tcpdump">tcpdump(8)</a> support for VXLAN-GPE. |
|
<li>Rewrote dhcpv6 parsing in <a href="https://man.openbsd.org/tcpdump">tcpdump(8)</a> to match the rfc, correctly handling dhcpv6 messages. |
|
<li>Assumed <a href="https://man.openbsd.org/grep">grep(1)</a> -R passed with "." rather than printing a warning by default. |
|
<li>Reverted switch to tickless backend. |
|
<!-- 2019/12/01 --> |
|
<li>Allowed forcing specific domains to be resolved by specific resolvers in <a href="https://man.openbsd.org/unwind.conf">unwind.conf(5)</a>, handling typical split-horizon setups. |
|
<li>Simplified <a href="https://man.openbsd.org/sysupgrade">sysupgrade directory check and creation (/home/_syspatch). It can now be a symlink. |
|
<!-- 2019/11/30 --> |
|
<li>Accepted netmask for IPv6 properly in <a href="https://man.openbsd.org/ifconfig">ifconfig(8)</a>. |
<!-- 2019/11/29 --> |
<!-- 2019/11/29 --> |
<li>Added uvm_objfree to uvm to efficiently free all pages from a uvm object, use in buffer cache for considerable speedup when freeing pages |
<li>Added a create-vdisk command to <a href="https://man.openbsd.org/ldomctl">ldomctl(8)</a> analogous to amd64's <a href="https://man.openbsd.org/vmctl">vmctl(8)</a> create. |
|
<li>Added uvm_objfree to uvm to efficiently free all pages from a uvm object, used in the buffer cache for considerable speedup when freeing pages. |
|
<li>Added <a href="https://man.openbsd.org/rkemmcphy">rkemmcphy(4)</a>, a driver for the RK3399's eMMC PHY. |
|
<li>Added support for the RK3399's eMMC clock to <a href="https://man.openbsd.org/rkclock">rkclock(4)</a>. |
<!-- 2019/11/28 --> |
<!-- 2019/11/28 --> |
<li>Modified buffer cache to use individual uvm_objs per buffer to speed page lookups |
<li>Introduced <a href="https://man.openbsd.org/msyscall">msyscall(2)</a>, permitting system calls from selected code regions only: the main program, <a href="https://man.openbsd.org/ld.so">ld.so(1)</a>, libc.so and sigtramp. This is intended to harden against a mixture of W^X failures and JIT bugs allowing syscall misinterpretation. |
|
<li>Modified root's <a href="https://man.openbsd.org/crontab">crontab(1)</a> to run <a href="https://man.openbsd.org/rpki-client">rpki-client(8)</a> and reload <a href="https://man.openbsd.org/bgpd">bgpd(8)</a> configuration, enabling RPKI ROA filtering. |
|
<li>Modified buffer cache to use individual uvm_objs per buffer to speed page lookups. |
|
<li>Decayed the <a href="https://man.openbsd.org/unwind">unwind(8)</a> resolver histogram data over time to reflect strategy performance. |
|
<li>Removed the -r flag in <a href="https://man.openbsd.org/rpki-client">rpki-client(8)</a>. CRLs will always be checked. |
|
<li>Added the "console" command to <a href="https://man.openbsd.org/ldomctl">ldomctl(8)</a> which executes <a href="https://man.openbsd.org/cu">cu(1)</a> on the domain's console. |
|
<li>Printed guest domain <a href="https://man.openbsd.org/vcctty">vcctty(4)</a> devices in status output in <a href="https://man.openbsd.org/ldomctl">ldomctl(8)</a>. |
|
<li>Removed km_mapblocks from kmemstats and its always-zero column from the <a href="https://man.openbsd.org/ddb">ddb(4)</a> "show malloc" output. |
|
<!-- 2019/11/27 --> |
|
<li>Implemented a hexdump command in the bootloader, helping to inspect the memory layout created by the firmware and useful for UEFI debugging. |
|
<li>Added list-io command to <a href="https://man.openbsd.org/ldomctl">ldomctl(8)</a>, listing the available PCIe devices to be used with the iodevice parameter in <a href="https://man.openbsd.org/ldom.conf">ldom.conf(5)</a>. |
|
<li>Measured performance of resolving strategies in <a href="https://man.openbsd.org/unwind">unwind(8)</a>, sorting them and choosing the next best strategy when one fails. |
|
<li>Removed captive portal detection from <a href="https://man.openbsd.org/unwind">unwind(8)</a>. |
|
<li>Reinstated support for monitor mode and multiple frames in <a href="https://man.openbsd.org/iwm">iwm(4)</a>. |
|
<li>Updated GLU to 9.0.1. |
|
<li>Updated libdrm to 2.4.100. |
<!-- 2019/11/26 --> |
<!-- 2019/11/26 --> |
<li>Added support for TLS 1.3 post handshake handshake messages and key updates to <a href="https://www.libressl.org/">LibreSSL</a> |
<li>Added support for TLS 1.3 post handshake handshake messages and key updates to <a href="https://www.libressl.org/">LibreSSL</a>. |
|
<li>Fixed <a href="https://man.openbsd.org/scsi">scsi(8)</a> softraid crypto volumes on 4K-sector disks. |
|
<li>Faked disk info to match expected boot disk when EFI bootloader has been received via TFTP, fixing a hang during HP Elitebook UEFI boot. |
|
<li>Fixed kernel crash in pf_ioctl with WITH_PF_LOCK and NET_TASKQ > 1. |
|
<li>Switched to tickless backend in <a href="https://man.openbsd.org/timeout">timeout(9)</a>, adding new interface <a href="https://man.openbsd.org/timeout_at_ts">timeout_at_ts(9)</a> to avoid backwardly compatible behavior. |
|
<li>Allowed use of 'auth' as an origin in <a href="https://man.openbsd.org/smtpd.conf">smtpd.conf(5)</a>. |
|
<li>Added support for MSI-X for <a href="https://man.openbsd.org/iwm">iwm(4)</a> devices. |
|
<!-- 2019/11/25 --> |
|
<li>Allowed use of mail-from and rctp-to as for and from parameters in <a href="https://man.openbsd.org/smtpd.conf">smtpd.conf(5)</a>. |
|
<li>Computed RSSI on 9k <a href="https://man.openbsd.org/iwm">iwm(4)</a> devices as for previous generations, fixing spurious signal strength values of over 100%. |
|
<li>Added a <a href="https://man.openbsd.org/tmux">tmux(1)</a> p format modifier for padding to width. |
|
<li>Stored <a href="https://man.openbsd.org/smtp">smtp(1)</a> session usernames in an envelope, allowing the ruleset to match specific users or mailing addresses. |
|
<!-- 2019/11/24 --> |
|
<li>Added "no-touch-required" options to <a href="https://man.openbsd.org/ssh-keygen">ssh-keygen(1)</a> and <a href="https://man.openbsd.org/sshd">sshd(8)</a> to disable touch requirement for authorized_keys and certificates. |
|
<li>Added an <a href="https://man.openbsd.org/sshd_config">sshd_config(5)</a> PubkeyAuthOptions directive allowing specification of whether <a href="https://man.openbsd.org/sshd">sshd(8)</a> should check whether user presence was tested before a security key was made. |
|
<!-- 2019/11/23 --> |
|
<li>Withdrew all proposals on <a href="https://man.openbsd.org/slaacd">slaacd(8)</a> startup to prevent indefinite retention of nameservers on interfaces no longer flagged for autoconf. |
|
<!-- 2019/11/22 --> |
|
<!-- 2019/11/21 --> |
|
<li>Prevented a timeout in <a href="https://man.openbsd.org/ssh">ssh(1)</a> when the server doesn't immediately send a banner, such as with multiplexers like sslh. |
|
<li>Allowed <a href="https://man.openbsd.org/rc.d">rc.d(8)</a> script to reload <a href="https://man.openbsd.org/sndiod">sndiod(8)</a>. |
|
<li>Added tracking of which interfaces have learned nameservers to <a href="https://man.openbsd.org/unwind">unwind(8)</a>. |
|
<!-- 2019/11/20 --> |
|
<li>Improved <a href="https://man.openbsd.org/ksmn">ksmn(4)</a> temperature conversion precision. |
|
<li>Added a quirk to handle Apollo Lake, Gemini Lake and 100 Series Intel SD/MMC <a href="https://man.openbsd.org/sdhc">sdhc(4)</a> controllers which should not have voltages set to 0V. |
|
<li>Added Gemini Lake SD/MMC controller <a href="https://man.openbsd.org/pci">pci(4)</a> ids. |
|
<li>Ensured proper kernel stack alignment on mips64, fixing a panic on octeon related to <a href="https://man.openbsd.org/pppoe">pppoe(4)</a>. |
|
<!-- 2019/11/19 --> |
|
<li>Adjusted on-wire signature encoding for ecdsh-sk <a href="https://man.openbsd.org/ssh">ssh(1)</a> keys to better match ec25519-sk keys. |
|
<!-- 2019/11/18 --> |
|
<li>Fixed an off-by-one TRB issue in bulk transfers larger than 64k, making <a href="https://man.openbsd.org/udl">udl(4)</a> work on <a href="https://man.openbsd.org/xhci">xhci(4)</a>. |
|
<li>Added <a href="https://man.openbsd.org/iwm">iwm(4)</a> support for 9260 and 9560 devices. |
|
<li>Enabled ESP UDP-encapsulation with the <a href="https://man.openbsd.org/iked">iked(8)</a> -t flag. |
|
<li>Added -keyopt option to <a href="https://man.openbsd.org/openssl">openssl(1)</a> cms subcommand, providing rsa_padding_mode:oaep for cms -encrypt and rsa_padding_mode:pss for cms -sign. |
|
<li>Added -f for full size to join-pane in <a href="https://man.openbsd.org/tmux">tmux(1)</a>. |
|
<!-- 2019/11/17 --> |
|
<li>Added <a href="https://man.openbsd.org/rge">rge(4)</a>, a new driver for Realtek 8125 PCI Express 2.5Gb ethernet devices. |
|
<li>Repaired the "set delay" option for <a href="https://man.openbsd.org/pf">pf(4)</a> to function as specified in <a href="https://man.openbsd.org/pf.conf">pf.conf(5)</a>. |
|
<li>Added the initial framework for the TLSv1.3 server. |
|
<li>Used disable-bt overlay with raspberry pi to use <a href="https://man.openbsd.org/pluart">pluart(4)</a> as console, rather than the 'mini uart'. |
|
<!-- 2019/11/16 --> |
|
<li>Added a -d option to <a href="https://man.openbsd.org/pkg_add">pkg_add(1)</a> to add debug packages if present alongside intended updates or additions. |
|
<!-- 2019/11/15 --> |
|
<li>Fixed a segmentation fault in <a href="https://man.openbsd.org/ncurses">ncurses(3)</a>. |
|
<!-- 2019/11/14 --> |
|
<li>Implemented HTTP/1.1 in <a href="https://man.openbsd.org/ftp">ftp(1)</a>. |
|
<li>Added direct support for U2F/FIDO2 security keys in <a href="https://man.openbsd.org/ssh">ssh(1)</a>. |
|
<li>Began resolving captive portal hosts internally in <a href="https://man.openbsd.org/unwind">unwind(8)</a>. |
|
<li>Changed <a href="https://man.openbsd.org/tmux">tmux(1)</a> new-session -A to attach to the best existing session when a session name is not specified, rather than creating a new session. |
|
<li>Added an option to <a href="https://man.openbsd.org/tmux">tmux(1)</a> to set the key sent by backspace for systems using ^H. |
|
<!-- 2019/11/13 --> |
|
<li>Prevented non-root users from using <a href="https://man.openbsd.org/ioctl">ioctl(2)</a> to alter the address of a network interface. |
|
<li>Prevented non-root users from setting the parameters of <a href="https://man.openbsd.org/pppoe">pppoe(4)</a> interfaces. |
|
<li>Prevented a local user from causing the system to hang by reading specific registers when Intel Gen8/Gen9 graphics hardware is in a low power state. |
|
<li>Prevented writes to memory allowed by the Intel Gen9 graphics hardware. |
|
<!-- 2019/11/12 --> |
|
<li>Notified the user via TTY or $SSH_ASKPASS when <a href="https://man.openbsd.org/ssh">ssh(1)</a> security keys must be tapped/touched in order to perform a signature operation. |
|
<li>Enabled ed25519 support in <a href="https://man.openbsd.org/ssh">ssh(1)</a>. |
|
<li>Fixed <a href="https://man.openbsd.org/iwm">iwm(4)</a> support and loaded new firmware for 3168 devices. |
|
<!-- 2019/11/11 --> |
|
<li>Enabled <a href="https://man.openbsd.org/rpki-client">rpki-client(8)</a>. |
|
<li>Printed the URL when <a href="https://man.openbsd.org/sysupgrade">sysupgrade(8)</a> fetches new sets. |
|
<li>Prevented a crash in ieee80211_node2req() which could be triggered by an <a href="https://man.openbsd.org/ioctl">ioctl(2)</a> if the driver had not yet initialized the channel map. |
|
<li>Implemented DNS proposals in <a href="https://man.openbsd.org/unwind">unwind(8)</a> to learn nameservers from network autoconfiguration daemons. |
|
<!-- 2019/11/10 --> |
|
<li>Moved /usr and var remounting earlier to allow <a href="https://man.openbsd.org/unwind">unwind(8)</a> to start before <a href="https://man.openbsd.org/pf">pf(4)</a> is configured. |
|
<li>Added a Content-Security-Policy HTTP header to <a href="https://man.openbsd.org/mandoc">mandoc(1)</a> that allows only CSS. |
|
<li>Added an opportunistic run of <a href="https://man.openbsd.org/fw_update">fw_update(1)</a> to <a href="https://man.openbsd.org/sysupgrade">sysupgrade(8)</a> before rebooting to run the upgrade. |
|
<li>Introduced a "trusted" modifier to <a href="https://man.openbsd.org/ntpd">ntpd(8)</a>, for peers which should be on a local net, used in situations where https constraints cannot be used but auto settime is desired. |
|
<li>Stopped connecting to available open wifi networks when an interface is marked up. This behavior must now be explicitly enabled with <a href="https://man.openbsd.org/ifconfig">ifconfig(8)</a> join "". |
|
<!-- 2019/11/09 --> |
|
<li>Added support for active scan to <a href="https://man.openbsd.org/bwfm">bwfm(4)</a>. |
|
<li>Lowered the priority of APs which fail to connect in the <a href="https://man.openbsd.org/ifconfig">ifconfig(8)</a> join list, allowing switching wifi networks by moving between them without having to down/up the interface or suspend/resume. |
|
<!-- 2019/11/08 --> |
|
<li>Triggered a background scan when root runs the <a href="https://man.openbsd.org/ifconfig">ifconfig(8)</a> scan command, updating the list of cached APs for future scans and forcing a search for a better AP to roam to. |
|
<li>Switched 8260 and 8265 <a href="https://man.openbsd.org/iwm">iwm(4)</a> devices to -34 firmware. |
|
<!-- 2019/11/07 --> |
|
<li>Added support for buttons 2 and 3 to <a href="https://man.openbsd.org/imt">imt(4)</a>. |
|
<li>Enabled DNSSEC validation in <a href="https://man.openbsd.org/unbound">unbound(8)</a> by default. |
|
<li>Prevented non-root users from setting the WEP key on <a href="https://man.openbsd.org/an">an(4)</a> wireless network devices. |
|
<li>Added -F flag to <a href="https://man.openbsd.org/tmux">tmux(1)</a> send-keys to expand formats in search-backward and forward copy mode commands. |
|
<!-- 2019/11/06 --> |
|
<li>Performed constraint validation against 9.9.9.9 and 2620:fe::fe by default in <a href="https://man.openbsd.org/ntpd.conf">ntpd.conf(5)</a>. |
|
<li>Fixed a bug where outstanding frames on the <a href="https://man.openbsd.org/iwn">iwn(4)</a> aggregation queue interfere with roaming to another AP. |
|
<li>Raised net80211's "beacon miss" threshold to avoid frequent reconnects to APs suffering packet loss due to distance. |
|
<!-- 2019/11/05 --> |
|
<!-- 2019/11/04 --> |
|
<li>Removed mobileip(4). |
|
<li>Added <a href="https://man.openbsd.org/ogx">ogx(4)</a>, a driver for the OCTEON III network processor. |
|
<li>Reinstated <a href="https://man.openbsd.org/openssl">OpenSSL(1)</a> CMS. |
|
<li>Switched <a href="https://man.openbsd.org/iwm">iwm(4)</a> 3160, 7260 and 7265 to -17 firmware images. |
|
<li>Enabled DQA mode for <a href="https://man.openbsd.org/iwm">iwm(4)</a>. |
|
<li>Added support for <a href="https://man.openbsd.org/iwm">iwm(4)</a> firmware paging, required for newer 8k device firmware. |
|
<!-- 2019/11/03 --> |
|
<li>Fixed a possible crash in <a href="https://man.openbsd.org/smtpd">smtpd(8)</a> when combining "from rdns" with nested virtual aliases under a particular configuration. |
|
<li>Released <a href="https://man.openbsd.org/smtpd">smtpd(8)</a>. |
|
<li>Added opportunistic DoT support to <a href="https://man.openbsd.org/unwind">unwind(8)</a>. |
<!-- 2019/11/02 --> |
<!-- 2019/11/02 --> |
<li>Hooked <a href="https://man.openbsd.org/rpki-client">rpki-client(8)</a> up to the build. |
<li>Hooked <a href="https://man.openbsd.org/rpki-client">rpki-client(8)</a> up to the build. |
<li>Enabled CMS in <a href="https://man.openbsd.org/ssl">ssl(8)</a>. |
<li>Enabled CMS in <a href="https://man.openbsd.org/ssl">ssl(8)</a>. |