=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v retrieving revision 1.1336 retrieving revision 1.1337 diff -c -r1.1336 -r1.1337 *** www/plus.html 2014/04/30 02:07:27 1.1336 --- www/plus.html 2014/05/05 00:27:09 1.1337 *************** *** 74,79 **** --- 74,136 ----

Improved error handling when using dbopen(3) in mandoc(1). +
Fixed library search order in libtool(1). +
Updated to xproto 7.0.26. +
On i386, installboot(8) no longer overwrites disklabel and nearby blocks on 4k-sector disk drives. +
Stopped bluetooth(4) HID device grabbing the console. +
Re-added "_ppp" user and "_ppp" group, to be solely used by npppd(8) going forward. + +
Stopped ssl(8) using random stack memory as addresses of strings. +
Removed support for building openssl(1) on 16-bit Windows. + +
Filter excess data from autoinstall output, to avoid filling the ramdisk. +
Made more(1) POSIX compliant with respect to the -e option. +
Merged less(1) version 458, including local changes. +
Reduced the verbosity of makewhatis(8) -t. +
Do not re-probe pms(4) unnecessarily. Fixes 12 seconds Xorg(1) delay on some laptops. +
Stopped iked(8) and mpii(4) accessing pointers prior to a null check. +
Allow snmpd.conf(5) to set user-defined actions on receipt of snmp traps. + +
Removed kinit(1). +
Fixed sudo(8) when checking command line environment variables against the blacklist (CVE 2014-0106). +
Fixed copied text in the snmpd(8) error string. + +
Stopped ssl(8) do_ssl3_write() being called recursively; don't release buffer meant for use. +
Audited malloc(3)/calloc(3)/realloc(3) usage in mandoc(1) to be safe from overflows. +
Fixes in ssl(8) kssl.c to prevent double frees and removed a use-after-free. +
Fixed leak in ssl(8) BIO_accept which could have caused the caller to crash. +
Audited strlcpy(3)/strlcat(3) usage in mandoc(1). +
Removed "Z" option from malloc.conf(5); by default always junk small chunks now. +
In unbound(8), use arc4random(9) as PRNG backend, instead of the libcrypto RAND. +
disklabel(8) now fills all required fields after clearing. Avoids consistency check failures. + +
Improved malloc(3) hash functions that compute the same on big-endian and little-endian archs. +
Removed OPENSSL_indirect_call() from ssl(8) for reduced attack surface. +
Fixed a missing splbio(9) in sys/ufs/ffs/ffs_softdep.c which caused crashes. +
Remove useless RX checksum offloading support from gem(4) and hme(4). +
Removed Apache from base (replaced by nginx(8)). +
On bge(4) when VLAN_HWTAGGING is disabled, stopped tagging the packet twice. +
Prepend ether_vlan_header rather than regular ethernet header for more efficient vlan tagging. +
Kerberos disabled and removed from base, possibly to be moved to ports(7) later. +
Support the CA key for ssl(8) inspection in the relayd(8) CA process. + +
Avoid a loop during autoinstall when the path in the responsefile does not exist. +
Made iscsictl(8) print bytes read and written in human-readable form. +
Allow the installer to configure dhcp for an interface without an active network connection. +
Bind iscsid(8) to localAddr if it is specified. +
Print the target and initiator name in iscsictl(8) show command. +
Verify permissions are correct on the ssh(1) id_ed25519 file. +
Fixed msdosfs to cope with 64-bit time_t. Set unrepresentable dates to 1/1/1980. +
Made dhclient(8) delete discarded offered leases from the correct TAILQ. Avoids infinite loop. +
Implemented sftp(1) upload resume support. +
Reverted r1.101 of traceroute(8), which broke source port selection. +
Added mallocarray(3) function (like calloc(3) but without the cleared-memory guarantee). +
Backed out parts of sys/nfs/nfs_serv.c r1.47, which computed wrong block sizes. +
Added pkg_add(1) support for reading/writing long paths and linkpaths as extended headers. +
Allow iscsid(8) to send data immediately for write commands, for 20% performance boost. +
Stopped disklabel(8) leaking mountpoint info. Fixes mysterious crashes.
5.5 RELIABILITY FIX: Disable the ssh(1) curve25519-sha256@libssh.org KEX method when the other party's connection will fail.
Prevent lpd(8) from looking into hosts.equiv(5). Access control is now done only using hosts.lpd. *************** *** 182,188 ****
Allow slowcgi(8) QUERY_STRING to be longer than 127 bytes.
Update libxcb to version 1.10.
Made OPENSSL_NO_HEARTBLEED the default and only option in ssl(8) code. !
Adapted snmpctl(8), relayd(8) and snmpd(8) to use AgentX protocol to send traps.
Confirm passwords when signify(1) is generating keys.
Fixed SQL_STEP failures for man(7) pages lacking descriptions. --- 239,245 ----
Allow slowcgi(8) QUERY_STRING to be longer than 127 bytes.
Update libxcb to version 1.10.
Made OPENSSL_NO_HEARTBLEED the default and only option in ssl(8) code. !
Adapted snmpctl(8), relayd(8) and snmpd(8) to use AgentX protocol to send traps.
Confirm passwords when signify(1) is generating keys.
Fixed SQL_STEP failures for man(7) pages lacking descriptions. *************** *** 462,466 **** - --- 519,522 ----