version 1.846, 2002/10/17 08:47:58 |
version 1.847, 2002/10/18 18:34:13 |
|
|
|
|
<p> |
<p> |
<h3><font color=#0000e0>We are working on OpenBSD-current.</font></h3><p> |
<h3><font color=#0000e0>We are working on OpenBSD-current.</font></h3><p> |
|
The following list sums up (almost) all the changes made up to October 17. |
|
<p> |
|
|
<ul> |
<ul> |
|
<li>Improved media support and a boundary check fix for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a>. |
|
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=route&sektion=8">route(8)</a> correctly interpret -prefixlen 32 (or 128 for IPv6) network as a host route. |
|
<li>Enable uvm_tree_sanity() check #ifdef DEBUG. |
|
<li>Fix a potential null deref in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=route&sektion=8">route(8)</a>'s arguments parser. |
|
<li>Renumber <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ch&sektion=4">ch(4)</a> CHIO* ioctls. Old definitions renamed to OCHIO*, binary backwards compatibility will be left in intact until post-3.3. |
|
<li>Teach <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kdump&sektion=1">kdump(1)</a> to print AUDIO_* ioctls, and add a few missing syscall defines. |
|
<li>Support <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fxp&sektion=4">fxp(4)</a> on big-endian architectures. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> allows protocols to be specified by a (valid) protocol number. |
|
<li>Add a missing free() in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pflogd&sektion=8">pflogd(8)</a>. |
|
<!-- ^ 20021017 --> |
|
<li>Treat manually- and auto-configured IPv6 address prefixes the same way. |
|
<li>For positively POSIX reasons, implement <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isfdtype&sektion=3">isfdtype(3)</a>. |
|
<li>Bring <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pax&sektion=1">pax(1)</a>'s date handling code back into sync with that in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=date&sektion=1">date(1)</a>. Four digit years parse now. |
|
<li>Start to break out machine-dependent parts of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=MAKEDEV&sektion=8">MAKEDEV(8)</a> into separate files. |
|
<li>Send <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ksh&sektion=1">ksh</a>.kshrc label() and ilable() output to /dev/tty insted of stdout, so command output streams doesn't get messed up. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a> supports system call-granularity privilege elevation! |
|
<li>Correct a typo in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a> that was causing group predicates to be evaluated incorrectly. |
|
<li>Range-check values given to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=atactl&sektion=8">atactl(8)</a>. |
|
<li>Better mask comparision for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> binat. |
|
<!-- ^ 20021016 --> |
|
<li>Remove the setuid bit from <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=login&sektion=1">login(1)</a>. If run with a non-root euid, it invokes <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=su&sektion=1">su(1)</a> with the new -L flag. |
|
<li>Add '-L' flag to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=su&sektion=1">su(1)</a> to make it work like <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=login&sektion=1">login(1)</a>. |
|
<li>Enable the META key in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ksh&sektion=1">ksh(1)</a> for 7-bit locales. |
|
<li>Make sure some varargs end-of-list sentinel NULLs are pointer-width. |
|
<li>Fix a subtle dangling pointer bug in BSD auth. |
|
<li>Sync Brazil's Daylight Savings Time handling with new reality.<br> |
|
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
|
<li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=makewhatis&sektion=8">makewhatis(8)</a> grumbling about having Perl 5.8.x instead of 5.6.x. |
|
<!-- ^ 20021015 --> |
|
<li>In the X server, work around problems caused by certain MTRR configurations whose details are only available under NDA. |
|
<li>Kernel tweaks and hacks in preparation for GCC 3.x (kern/subr_prf.c) |
|
<li>Some fixes in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pool&sektion=9">pool(9)</a>. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> can now binat a whole netblock with one rule. |
|
<!-- ^ 20021014 --> |
|
<li>Remove a potential null pointer deref in BSD authentication code. |
|
<li>Fix a bad printf format string in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftpd&sektion=8">ftpd(8)</a>. Non-critical because it's only ever fed by parts of the authentication system which sanitise the input first. |
|
<li>Do some more unsigned checks to system call parameters, as with the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=setitimer&sektion=2">setitimer(2)</a> <a href="http://www.openbsd.org/errata31.html#kerntime">erratum</a>.<br> |
|
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
|
<!-- ^ 20021013 --> |
|
<li>Prepare the GNU floating-point emulation code on i386 for ELF. |
|
<!-- ^ 20021012 --> |
|
<li>Update <a href="stable.html">stable</a> to OpenSSH 3.5. |
|
<li>Catch some endianness nits and add zero-padding of keys in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a>. |
|
<li>Teach ALTQ CBQ the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> API. The old API remains for now. |
|
<!-- ^ 20021011 --> |
|
<li>Fix memory corruption that could cause panics in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bridge&sektion=4">bridge(4)</a>d systems with scrub enabled. |
|
<li>Fix a bug in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mbuf_tags&sektion=9">m_tag_copy_chain()</a>. |
|
<!-- ^ 20021010 --> |
|
<li>Hush up noisy IPv6 neighbor discovery. Can be made loud again using sysctl net.inet6.icmp6.nd6_debug. |
|
<!-- ^ 20021009 --> |
|
<li>In Sendmail, fix a potential bypass of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smrsh&sektion=8">smrsh(8)</a> (see the Sendmail.org <a href="http://www.sendmail.org/smrsh.adv.txt">advisory</a>.) |
|
<li>Make predicates part of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a>'s grammar. |
|
<!-- ^ 20021008 --> |
|
<li>Start work on a merge of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=altq&sektion=9">altq(9)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> functionality. Oh yes. |
|
<li>Add a missing htons() in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=talkd&sektion=8">talkd(8)</a>. |
|
<li>In pmdb, fix a crash that occurred when an attempt to set a breakpoint failed. |
|
<li>Support SA_RESETHAND support to libc_r, in preparation for SA_SIGINFO support. |
|
<li>Merge in Apache 1.3.27 and mod_ssl 2.8.11. |
|
<li>New block-policy option to set the default response to a block rule. |
|
<li>More rulebase reduction: "block return ..." now does The Right Thing, RST for TCP, ICMP for UDP, silent block otherwise. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> support for icmpv6 returns in response to block rules. |
|
<li>New route-to rule option for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>, works like route-to but applies to 'reply' packets in a stateful connection. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> restarts work even when srm.conf is not present. |
|
<li>Have the X server complain less about unknown scancodes. |
|
<!-- ^ 20021007 --> |
|
<li>Initialise the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uvm&sektion=9">uvm</a>_pglistalloc result list in the function, instead of requiring the caller to do it. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslog&sektion=3">syslog(3)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslog_r&sektion=3">syslog_r(3)</a> now take the new __syslog__ format attribute. |
|
<li>Make the default <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> config files use php4 instead of php3. |
|
<!-- ^ 20021006 --> |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> expands lists left-to-right instead of right-to-left. |
|
<li>Teach <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> how to filter on the IP TOS field. |
|
<!-- ^ 20021005 --> |
|
<li>Fix list handling problem in ALTQ CBQ that showed up with three or more CBQ instances. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smtpd&sektion=8&release=OpenBSD+3.2">smtpd(8)</a> has left the building. |
|
<li>By default, add the -H option to the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sort&sektion=1">sort(1)</a> invoked by <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=locate.updatedb&sektion=8">locate.updatedb(8)</a>. |
|
<li>Give <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=window&sektion=1">window(1)</a> the stdarg treatment. |
|
<li>When routing via <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>, use the outgoing interface as decided by the normal routing code, not the interface to which the rule applies. |
|
<li>Fix cross-site scripting vulnerability (<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840">CAN-2002-0840</a>) in the default error page of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a>. Only applies under specific (and non-OpenBSD default) conditions. |
|
<!-- ^ 20021004 --> |
|
<li>In kernel IP processing, block interrupts with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=splsoftnet&sektion=9">splsoftnet(9)</a> around interface address routing table manipulations. |
|
<li>Make sure <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a> doesn't accept out-of-range TX keys. |
|
<li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ami&sektion=4">ami(4)</a> matching I2O-configured devices. |
|
<li>3.2 -> 3.2-current. |
|
<!-- ^ 20021003 --> |
</ul> |
</ul> |
<p> |
<p> |
|
|