===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1359
retrieving revision 1.1360
diff -c -r1.1359 -r1.1360
*** www/plus.html 2014/10/27 23:04:50 1.1359
--- www/plus.html 2014/11/02 07:22:27 1.1360
***************
*** 75,80 ****
--- 75,115 ----
+
+ - Allow the current lease to expire without causing dhclient(8) to seg fault when it tries to get a new one.
+
- Fixed possible infinite recursion in perl(1) Data::Dumper (CVE-2014-4330).
+
- Improved mandoc(1) -Tascii output for unicode escape sequences: for the first 512 code points, provide ASCII approximations; provide approximations for some sequences above codepoint 512 via mandoc_char(7) character table.
+
- When using the local enqueuer and the internal SMTP session fails, made smtpd(8) copy the original message to ~/dead.letter so it's not lost.
+
- On hppa, fixed "read section header string table failed(0)" errors when attempting to boot lif.fs.
+
+
- Fixed smtpd(8) so newaliases and makemap can parse multi-line aliases entries.
+
- Stopped mandoc(1) attempting to parse empty equations. Fixes a null pointer dereference.
+
- In mandoc(1), report arguments to .EQ if they have caused an error.
+
- Don't attempt to suspend/resume a partially attached drm(4) driver. Fixes crash upon resume with ATI FireMV 2400 card.
+
- Stopped the page zeroing thread launching on m88k multiprocessor systems. Avoids a deadlock between reaper and zerothread.
+
- Added pane_input_off format to tmux(1).
+
+
- Retired networks(5) support from amd(8) and getent(1).
+
+
- Extended features in autoinstall(8).
+
- No longer limit physmem to 2GB on hppa.
+
- Removed networks(5) support from netstat(1).
+
+
- Avoid an ssl(8) null pointer dereference that could be triggered by SSL3_RT_HANDSHAKE replays.
+
- Allow reliable IPv6 communication between carp(4) master and backup across a shared IPv6 subnet.
+
- URL-decode the httpd(8) request path.
+
+
- Only redraw the tmux(1) pane when it has actually changed.
+
- Reworked httpd(8) error messages: do not send details of 40x errors, to avoid possibility of javascript injection attacks.
+
- Made tftp(1) cope with sending or receiving files beyond 65536 blocks in length.
+
+
- Fixed du(1) regression, always report the size of files listed.
+
- 5.6 SECURITY FIX: disabled SSLv3 by default.
A source code patch is available for 5.6.
+ - In getent(1), error out when hosts enumeration is requested.
+
- Made mandoc(1) correctly parse spacing around in-line equations.
+
- Removed the "interface" option from relayd(8) "transparent forward" directive.
+
- Fixed memory leak in ssl(8) d2i_SSL_SESSION.
+
- Backported fix for binutils bug 11867: ".quad" directive not assembled correctly.
- Use sha512 instead of md5 for tcp(4) initial sequence number.
- In ssl(8) s_client, no longer call shutdown on a non-existent socket descriptor.
***************
*** 505,508 ****
--- 540,550 ----