===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1336
retrieving revision 1.1337
diff -c -r1.1336 -r1.1337
*** www/plus.html 2014/04/30 02:07:27 1.1336
--- www/plus.html 2014/05/05 00:27:09 1.1337
***************
*** 74,79 ****
--- 74,136 ----
+
+ - Improved error handling when using dbopen(3) in mandoc(1).
+
- Fixed library search order in libtool(1).
+
- Updated to xproto 7.0.26.
+
- On i386, installboot(8) no longer overwrites disklabel and nearby blocks on 4k-sector disk drives.
+
- Stopped bluetooth(4) HID device grabbing the console.
+
- Re-added "_ppp" user and "_ppp" group, to be solely used by npppd(8) going forward.
+
+
- Stopped ssl(8) using random stack memory as addresses of strings.
+
- Removed support for building openssl(1) on 16-bit Windows.
+
+
- Filter excess data from autoinstall output, to avoid filling the ramdisk.
+
- Made more(1) POSIX compliant with respect to the -e option.
+
- Merged less(1) version 458, including local changes.
+
- Reduced the verbosity of makewhatis(8) -t.
+
- Do not re-probe pms(4) unnecessarily. Fixes 12 seconds Xorg(1) delay on some laptops.
+
- Stopped iked(8) and mpii(4) accessing pointers prior to a null check.
+
- Allow snmpd.conf(5) to set user-defined actions on receipt of snmp traps.
+
+
- Removed kinit(1).
+
- Fixed sudo(8) when checking command line environment variables against the blacklist (CVE 2014-0106).
+
- Fixed copied text in the snmpd(8) error string.
+
+
- Stopped ssl(8) do_ssl3_write() being called recursively; don't release buffer meant for use.
+
- Audited malloc(3)/calloc(3)/realloc(3) usage in mandoc(1) to be safe from overflows.
+
- Fixes in ssl(8) kssl.c to prevent double frees and removed a use-after-free.
+
- Fixed leak in ssl(8) BIO_accept which could have caused the caller to crash.
+
- Audited strlcpy(3)/strlcat(3) usage in mandoc(1).
+
- Removed "Z" option from malloc.conf(5); by default always junk small chunks now.
+
- In unbound(8), use arc4random(9) as PRNG backend, instead of the libcrypto RAND.
+
- disklabel(8) now fills all required fields after clearing. Avoids consistency check failures.
+
+
- Improved malloc(3) hash functions that compute the same on big-endian and little-endian archs.
+
- Removed OPENSSL_indirect_call() from ssl(8) for reduced attack surface.
+
- Fixed a missing splbio(9) in sys/ufs/ffs/ffs_softdep.c which caused crashes.
+
- Remove useless RX checksum offloading support from gem(4) and hme(4).
+
- Removed Apache from base (replaced by nginx(8)).
+
- On bge(4) when VLAN_HWTAGGING is disabled, stopped tagging the packet twice.
+
- Prepend ether_vlan_header rather than regular ethernet header for more efficient vlan tagging.
+
- Kerberos disabled and removed from base, possibly to be moved to ports(7) later.
+
- Support the CA key for ssl(8) inspection in the relayd(8) CA process.
+
+
- Avoid a loop during autoinstall when the path in the responsefile does not exist.
+
- Made iscsictl(8) print bytes read and written in human-readable form.
+
- Allow the installer to configure dhcp for an interface without an active network connection.
+
- Bind iscsid(8) to localAddr if it is specified.
+
- Print the target and initiator name in iscsictl(8) show command.
+
- Verify permissions are correct on the ssh(1) id_ed25519 file.
+
- Fixed msdosfs to cope with 64-bit time_t. Set unrepresentable dates to 1/1/1980.
+
- Made dhclient(8) delete discarded offered leases from the correct TAILQ. Avoids infinite loop.
+
- Implemented sftp(1) upload resume support.
+
- Reverted r1.101 of traceroute(8), which broke source port selection.
+
- Added mallocarray(3) function (like calloc(3) but without the cleared-memory guarantee).
+
- Backed out parts of sys/nfs/nfs_serv.c r1.47, which computed wrong block sizes.
+
- Added pkg_add(1) support for reading/writing long paths and linkpaths as extended headers.
+
- Allow iscsid(8) to send data immediately for write commands, for 20% performance boost.
+
- Stopped disklabel(8) leaking mountpoint info. Fixes mysterious crashes.
- 5.5 RELIABILITY FIX: Disable the ssh(1) curve25519-sha256@libssh.org KEX method when the other party's connection will fail.
- Prevent lpd(8) from looking into hosts.equiv(5). Access control is now done only using hosts.lpd.
***************
*** 182,188 ****
- Allow slowcgi(8) QUERY_STRING to be longer than 127 bytes.
- Update libxcb to version 1.10.
- Made OPENSSL_NO_HEARTBLEED the default and only option in ssl(8) code.
!
- Adapted snmpctl(8), relayd(8) and snmpd(8) to use AgentX protocol to send traps.
- Confirm passwords when signify(1) is generating keys.
- Fixed SQL_STEP failures for man(7) pages lacking descriptions.
--- 239,245 ----
- Allow slowcgi(8) QUERY_STRING to be longer than 127 bytes.
- Update libxcb to version 1.10.
- Made OPENSSL_NO_HEARTBLEED the default and only option in ssl(8) code.
!
- Adapted snmpctl(8), relayd(8) and snmpd(8) to use AgentX protocol to send traps.
- Confirm passwords when signify(1) is generating keys.
- Fixed SQL_STEP failures for man(7) pages lacking descriptions.
***************
*** 462,466 ****