version 1.805, 2001/12/19 04:03:38 |
version 1.806, 2001/12/24 00:01:27 |
|
|
<p> |
<p> |
<h3><font color=#0000e0>We are working on OpenBSD-current.</font></h3><p> |
<h3><font color=#0000e0>We are working on OpenBSD-current.</font></h3><p> |
<ul> |
<ul> |
|
<li>Correctly print the payload string of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcp&sektion=4">tcp(4)</a> RST segments when <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcpdump&sektion=8">tcpdump(8)</a> is verbose. |
|
<li>Implement a scalable <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=timeout&sektion=9">timeout(9)</a> mechanism with constant-time add and delete. |
|
<li>Let mvme68k systems lacking a configured pcc device compile. |
|
<li>Don't default to generate rsa1 keys in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>, and try all standard key files when invoked without arguments. |
|
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crontab&sektion=1">crontab(1)</a> send SIGUSR1 to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a> when a crontab file has changed, making changes take effect sooner. |
|
<li>Send failing packet sequence number when <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a> is responding with an SSH_MSG_UNIMPLEMENTED. |
|
<li>Ensure that user and system times increase monotonically. |
|
<li>Add powerhook support to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=yds&sektion=4">yds(4)</a> to handle <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=apm&sektion=8">apm(8)</a> resumes correctly. |
|
<li>Repair memory leak in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pcap&sektion=3">pcap(3)</a> associated with compiled <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bpf&sektion=4">bpf(4)</a> programs. |
|
<li>Support span ports so that one can snoop a bridge from another interface/machine/network. |
|
<li>Disestablish the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xl&sektion=4">xl(4)</a> powerhook on detach. |
|
<li>Add a -u flag to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fdisk&sektion=8">fdisk(8)</a> which updates the MBR code but leaves the partition table intact. |
|
<li>Big <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isp&sektion=4">isp(4)</a> overhaul. |
|
<li>Improve signal handling in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a> so that processes run by <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a> can't zombify until <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a> wakes up. |
|
<li>Add a <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=2">pf(2)</a> DIOCADDSTATE <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ioctl&sektion=2">ioctl(2)</a> that adds state entries. |
|
<li>Support primitive stateful <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> filtering for other non-TCP/UDP/ICMP protocols. |
|
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=icmp6&sektion=4">icmp6(4)</a> MIB counter. |
|
<li>Better signal handling in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=login_skey&sektion=8">login_skey(8)</a> to avoid a possible race condition. |
|
<li>Update signal handlers in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=passwd&sektion=1">passwd(1)</a> to complement new catching <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getpass&sektion=3">getpass(3)</a> call. |
|
<li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vnd&sektion=4">vnd(4)</a> to create things larger than 2G. |
|
<li>Perform a sanity check on the inner IP header of IP-in-IP encapsulated packets. |
|
<li>Support -o for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>, like <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>. |
|
<li>Catch -- don't block -- SIGINT and SIGTSTP in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=readpassphrase&sektion=3">readpassphrase(3)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getpass&sektion=3">getpass(3)</a>. |
|
<li>Enable rootdev auto-configuration by device drivers during boot and add support for raid devices. |
|
<li>Parse hex numbers in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> correctly. |
|
<li>Curtail the use of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=regex&sektion=3">regex(3)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>. |
|
<li>Make NKMEMPAGES dynamic based on memory size, deprecating NKMEMCLUSTERS in favour of NKMEMPAGES, NKMEMPAGES_MIN, and NKMEMPAGES_MAX. |
|
<li>Forbid the coupling of different address families in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> nat, binat, and rdr rules. |
|
<li>Release the right descriptors when <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pipe&sektion=2">pipe(2)</a> fails. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pidfile&sektion=3">pidfile(3)</a> throughout the tree instead of hand-rolled imitations. |
|
<li>Don't let <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a> pass user-defined variables to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=login&sektion=1">login(1)</a>. |
|
<li>Nuke smartkey(1). |
|
<li>Remove pipe based interface to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=photurisd&sektion=8">photurisd(8)</a>, leaving only PF_KEY. |
|
<li>Issue a "failed" message instead of a 2nd challenge if <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a> sees the same key in authroized_keys twice. |
|
<li>Let the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a> fake X11 server listen on localhost by default. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ip6&sektion=4">ip6(4)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=1">sendmail(1)</a> when possible. |
|
<li>Fix an alignment bug on alpha by using <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getifaddrs&sektion=3">getifaddrs(3)</a> instead of various <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ioctl&sektion=2">ioctl(2)</a> calls in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a>. |
|
<li>Conform to historic behaviour in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fmt&sektion=1">fmt(1)</a>; don't format lines that start with a dot. |
|
<li>Avoid a "thundering herd" problem in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=accept&sektion=2">accept(2)</a>, and fix an infinite loop on 64-bit systems. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pool&sektion=9">pool(9)</a> for socket allocations. |
|
<li>Correctly signal an error condition in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=newsyslog&sektion=8">newsyslog(8)</a> so we don't send a signal to PID 0. |
|
<li>Repair an error in uipc_socket that could make a transient error permanent. |
|
<li>Perform a pf_route() before logging in case the logging created a bogus rule, avoiding a panic. |
|
<li>Have socket connection queues use a tailq <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=queue&sektion=3">queue(3)</a>. |
|
<li>Add fastroute option to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>. |
|
<li>Support pasting characters with codes above 127 using the mouse via <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wscons&sektion=4">wscons(4)</a>. |
|
<li>Handle PID files terminated with newlines correctly in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=newsyslog&sektion=8">newsyslog(8)</a>. |
|
<li>Among other improvements, don't leak memory in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ppp&sektion=8">ppp(8)</a>. |
|
<li>During installation, preserve blank space in responses. |
|
<li>Centralize the mount list, unifying locking, and add vfs_isbusy to help verify that a mount point is locked. |
|
<li>Strengthen the mbuf traversal code in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>, avoiding potential crashes on <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ip6&sektion=4">ip6(4)</a> packets with options. |
|
<li>Make dummies for aclocal and the auto* family in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1">cvs(1)</a>, hopefully mitigating upgrade hastles. |
|
<li>Don't allow the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> CHANGEBINAT <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ioctl&sektion=2">ioctl(2)</a> when securelevel > 1. |
|
<li>Include stub dl* function definitions in libc on ELF, making libdl unneeded. |
|
<li>Enhance network handling during installations. |
|
<li>Block signals in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=find&sektion=1">find(1)</a> when running fts_read(). |
|
<li>Move NFS creds out of the standard buf structure and into the nfs node, and use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pool&sektion=9">pool(9)</a> for NFS node allocation. |
|
<li>Fix the password length check in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=user&sektion=8">user(8)</a>. |
|
<li>Use lockmgr in procfs <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=(mount_procfs&sektion=8">(mount_procfs(8)</a>) instead of a home-made version. |
|
<li>Correctly mark items on the syncer worklist with VBIOONSYNCLIST, ensuring items not on the list don't have this mark. |
|
<li>Convert to using the vn_marktext() function instead of VTEXT to mark a vnode as executing a text image. |
|
<li>Enable the NI_WITHSCOPEID <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getnameinfo&sektion=3">getnameinfo(3)</a> flag by default. |
|
<li>sendmail(8) should listen on port 587 for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ip&sektion=6">ip(6)</a>, like <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ip4&sektion=6">ip4(6)</a>. |
|
<li>Add sanity to the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=apmd&sektion=8">apmd(8)</a> battery alert when the battery is charging. |
|
<li>Let <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=chdir&sektion=2">chdir(2)</a> errors in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rwhod&sektion=8">rwhod(8)</a> be seen. |
<li><font color=#e00000><strong>SECURITY FIX: update <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh</a> to OpenSSH-3.0.1.</strong></font><br> |
<li><font color=#e00000><strong>SECURITY FIX: update <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh</a> to OpenSSH-3.0.1.</strong></font><br> |
<a href="errata.html#sshd">A source code patch is available</a>.<br> |
<a href="errata.html#sshd">A source code patch is available</a>.<br> |
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |