===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1320
retrieving revision 1.1321
diff -c -r1.1320 -r1.1321
*** www/plus.html 2014/01/10 02:24:46 1.1320
--- www/plus.html 2014/01/16 13:47:16 1.1321
***************
*** 76,81 ****
--- 76,125 ----
+
+ - Enabled gcc(1) Wbounded by default.
+
- New signify(1) options: -m message and -x signature.
+
- Reverted to pkg_add(1) PackageRepository.pm r1.97, as there is a memory leak when using internal GZip.
+
+
+
- Updated to freetype 2.5.2.
+
- Added -DNOCPIO option to pax(1), for use by distrib/special
+
- Let tcpdump(8) detect bad ICMP/ICMPv6 checksums with the -v flag.
+
- While the hibernated image is being unpacked, acpi(4) now demotes APs to real mode, place them in HLT loop. Fixes some spurious reboots on resume.
+
- Added MSI support to jme(4).
+
- Corrected sigpending(2) argument handling, to stop it writing to the wrong memory on hppa and hppa64.
+
- When md5(1) is using a checklist, print MISSING for non-existent files.
+
+
- Fixed ping6(8) bug where binary built with stack-protector-strong would fail to set the routing table id.
+
- Made ddb(4) "show mbuf" print all mbuf(9) fields in a consistent way.
+
- Don't let ssh(1) or sshd(8) connect to clients/servers that suffer from SSH_BUG_DERIVEKEY. These are too vulnerable to KEX attacks.
+
- Option "-e" for embedded signatures added to signify(1).
+
- Allow tmux(1) "attach-session -t" to accept a window and pane to select them on attach; made "switch-client -t" accept a window and pane.
+
- tmux(1) changes: check for truncation when copying path; don't use a temporary buffer in screen_set_title; include strerror in output when connecting to server fails.
+
- Fixed the radeon(4) burner method, ensuring cookie is a pointer to rasops_info. Fixes hangs on shutdown.
+
+
- When sftp(1) is formating the time, show dates in the future with the year; fixed incorrect date calculations.
+
- Updated pax(1) -v format to match ls(1) -l: display the year for dates in the future; eliminate bogus handling of LC_TIME environment variable.
+
- Per POSIX, times in the future are now reported by ls(1) with the year.
+
- Added support for -h hashfile to cksum(1), md5(1), sha1(1) and sha256(1).
+
+
- Updated to libXfont 1.4.7 (includes fix for CVE-2013-6462).
+
- 5.3 and 5.4 SECURITY FIX: CVE-2013-6462: unlimited "sscanf" can overflow the Xserver(1) libXfont stack buffer.
A source code patch is available for 5.3 and 5.4.
+ - Restrict what characters can be in a pkg_add(1) signer, to make certain it's not possible to go ../ from /etc/signify.
+
- Propagate an rdomain number to the icmp6(4) nd6_lookup independently from the ifp pointer. Prevents a crash.
+
- Follow-up fixes for IFID collision handling in IPv6CP; properly change the link-local address.
+
- Made pkg_add(1) verify all checksums, including special files (e.g. prevents people from tampering with DESC).
+
- Sped up mandocdb(8) -Q by another 3% (now at 39.5% of makewhatis(8)).
+
+
- Delay checking vnode(9) locking of the target vnodes in tmpfs_rename() until we've confirmed they're on the same filesystem as the source.
+
- Allow pkg_add(1) processing of package lists in parallel, a large speedup when re-gzipping a signed package.
+
- Enable memory beyond 1.5GB on sgi octane, to test if kernel panics seen on some MP systems have been fixed.
+
- More speedups for mandocdb(8) -Q mode, found with gprof(1).
+
- Fixed sparc64 kernel profiling.
+
- On sgi, let 2048-byte sector media use a volume header using fake 512-byte sectors, yet still allow reading the native label from it.
+
- Fixed mandocdb(8) -d and -u (broken by recent optimisations).
+
- Make sure in6_ifdetach() removes the ff01::1 route for the detaching interface, too.
+
- make(1) "target: prereq" solving now done after parsing, not during command execution.
- Added option -Q (quick) to mandoc(1), for accelerated generation of reduced-size databases.
- On i386/amd64, don't use the first 64KB memory for anything (including tramps and uvm). Avoids possible corruption by buggy BIOS SMM code.
***************
*** 1082,1095 ****
www@openbsd.org
!
$OpenBSD: plus.html,v 1.1320 2014/01/10 02:24:46 brett Exp $