=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v retrieving revision 1.1380 retrieving revision 1.1381 diff -c -r1.1380 -r1.1381 *** www/plus.html 2016/02/29 20:14:58 1.1380 --- www/plus.html 2016/02/29 21:16:41 1.1381 *************** *** 76,782 ****

Add the _rebound user and group in order to improve privdrop for rebound(8). !
Use pledge(2) in ftp(1), identd(8), login_token(8), rebound(8) and sdiff(1). !
Import rebound(8), a lightweight DNS proxy. !
In disklabel(8), remove -B. !
In x99token(1), avoid a race between fopen(3) and fchmod(2). This prevents an attacker to open an old file with wrong permissions before the secret is written into it. It also guarantees that a new file with correct permissions is created. !
On vax, use MI installboot(8) instead of "disklabel -B" to install boot blocks. !
Add proper support for vax to installboot(8). !
Use pledge(2) in x99token(1). !
Remove the "!" (subshell) and "v" (edit) commands from the ramdisk more(1) command. !
On octeon, let the rx path of cnmac(4) run without the kernel lock. !
In smtpctl(8), allow "all" as an argument for the "resume envelope", "pause envelope" and "remove" subcommands. ! !
In tcpdump(8), fix a crash that occurs when printing the filename in a malformed NFS request packet. !
5.6, 5.7 and 5.8 RELIABILITY FIX: the OBJ_obj2txt function in libcrypto contains a one byte buffer overrun and memory leak.
A source code patch is available for 5.6, 5.7, 5.8. !
In tar(1), use a strict $PATH to run the (de)compressors. !
In newsyslog.conf(5), allow the wheel group to read /var/log/maillog. !
RELEASE CD ISSUE: the "src.tar.gz" file on the source tree was created on the wrong day and does not match the 5.8 release builds.
A replacement file is available for 5.8. !
5.6, 5.7 and 5.8 RELIABILITY FIX: a problem with timer kevents could result in a kernel hang (local denial of service).
A source code patch is available for 5.6, 5.7 and 5.8. !
In ping6(8), use ping(8)-like semantics for -I. !
In sort(1), copy permissions and ownership when -o will override an input file. !
In fsck_ext2fs(8), fsck_ffs(8) and fsck_msdos(8), only accept one filesystem/device as argument for checking. !
Use pledge(2) in banner(6), bcd(6), caesar(6), factor(6), fsck_ext2fs(8), fsck_ffs(8), fsck_msdos(8), login_passwd(8), login_reject(8), morse(6), number(6), pig(6), pom(6), ppt(6), rain(6) and random(6). ! !
In ugen(4), prevent a NULL-pointer dereference when closing a ugen(4) node in case the kernel failed to change the interface of a device. !
In mg(1), check if a file name can be extracted from a line before marking for deletion. !
In sort(1), ignore the setuid/setgid/sticky bits when copying the permissions of an input file to the new output file. !
In ping6(8), remove the -b flag. !
Make sure RTF_LOCAL route entries are UP when added to the tree. !
Use pledge(2) in crunchgen(8), lockspool(1), mklocale(1), netgroup_mkdb(8), newfs_ext2fs(8), nologin(8), smtpd(8). syslogc(8) and yes(1), ! !
In mg(1), when refreshing a dired buffer, avoid losing the files marked for deletion. !
In ping6(8), deprecate and remove the -W flag. !
Make ftp(1) non-static, allowing for better ASLR. !
In ntpd(8), improve the privsep design. In particular, remove the delays that have been introduced by expensive constraint forks. !
Use pledge(2) in apropos(1), config(8), dev_mkdb(8), help(1), kvm_mkdb(8), mailwrapper(8), makewhatis(8), man(1), mandoc(1), mesg(1), mkuboot(8), mksuncd(1), skey(1) and whatis(1). ! !
Use pledge(2) in ac(8), biff(1), clri(8), clri(8)/pax(1)/tar(1), tunefs(8) and zdump(8). !
In bgpd.conf(5), allow the blackhole well-known community to be given by name. !
In bgpctl(8), add "best" as an alias for "selected". !
In pkg-config(1), handle comma-separated list of arguments. ! !
Disallow "rm -rf /". !
Always set the timeout at least one tick in the future for EVFILT_TIMER to avoid looping in softclock(). !
In bc(1), avoid fork/execve of dc(1). This allows a for a strong pledge(2). !
Use pledge(2) in apply(1), arithmetic(6), awk(1), dvmrpctl(8), encrypt(1), env(1), fsirand(8), fstat(1), gencat(1), infocmp(1), kill(1), ln(1), lndir(1), pflogd(8), pkill(1), rcs(1), rpcgen(1), scan_ffs(8), sdiff(1), sendbug(1), spell(1), tftpd(8), tic(1), time(1), tsort(1), ul(1), unexpand(1), which(1), xargs(1), yacc(1) and ypcat(1). !
In asmc(4), add location to the fan description. !
In mg(1), make functions that accept multiple iterations via C-u N, honour 0. Except C-k which has a defined behaviour. !
Make tcpdump(8) print more information from the HT Capabilities element. ! !
In syslogd(8), if it is started with -S, it accepts TLS connections to receive encrypted messages and the server certificates are taken from /etc/ssl. !
Use pledge(2) in cmp(1), du(1), eigrpctl(8), eigrpd(8), getcap(1), getent(1), ksh(1), lex(1), ospf6ctl(8), relayctl(8) and relayd(8). !
In ksh(1), disable the mknod builtin. !
In comsat(8), remove NFS spool support. !
In syslogd(8), add the -S option to accept TLS connections and receive encrypted messages. !
In smtpd(8), turn the local enqueuer setgid(2) _smtpq and restrict access to the offline queue. !
In mg(1), fix a line number bug when calling onlywind(). !
Use pledge(2) in comsat(8), ospfctl(8), ripctl(8), syslogd(8) and tradcpp(1). ! !
Rename tame(2) to pledge(2). !
On amd64 and i386, increase the HEAP_LIMIT from 0x90000 to 0xA0000, to fix an out-of-heap when booting on a large block size (32K) partition. !
In tame(2), add the "mcast" request that exposes a small set of multicast (IP_MULTICAST_IF, IP_ADD_MEMBERSHIP and IP_DROP_MEMBERSHIP) join operators. !
In ksh(1), don't open history files that don't belong to the user. !
Lock the page queues by turning uvm_lock_pageq() and uvm_unlock_pageq() into mtx_enter() and mtx_leave() operations. !
Use tame(2) in make(1), portmap(8) and signify(1). !
In trunk(4), if the mbuf has a valid flowid, use it instead of using siphash24 and a bunch of header fields we have to parse the mbuf for. !
Unlock the softnet task. !
In httpd(8), fix an fd leak if a socket connection fails. !
In snmpd(8): !
- Use correct return value for IP-MIB::ipForwarding. !
- Fix getbulk requests for multiple OIDs. !
! !
Add initial support for UEFI/GPT installs to the installer. !
In ssh(1), include PubkeyAcceptedKeyTypes in "ssh -G" config dump. !
In g++(1), correct handling of enum attributes. !
In tmux(1), fix a couple of memory leaks in error paths. !
Use tame(2) in cp(1), ctags(1), from(1), getopt(1), head(1), htpasswd(1), lastcomm(1), logname(1), look(1), mkdir(1), mktemp(1), nl(1), paste(1), pr(1), printenv(1), readlink(1), rev(1), rmdir(1), split(1), tee(1), tftp(1), tty(1), users(1) and uudecode(1). ! !
In installboot(8), add initial support for installing UEFI boot files to a GPT EFI System Partition. !
In ssh(1), make it possible to use tun(4) and tap(4) networking as non-root user if device permissions and interface flags are pre-established. !
In em(4), fix the watchdog timeouts reported by various people. !
In skeyinit(1), remove the -C option that converts an S/Key database to the new format. !
In smtpd(8), fix a memory leak in an error path. !
Use tame(2) in csplit(1), date(1), ed(1), join(1), jot(1), lam(1), lock(1), openssl(1), printf(1), tail(1), touch(1), tr(1), units(1), unvis(1) and what(1). ! !
Fix cu(1) to make xmodem work with -d. !
In diff(1), remove the non-standard -l flag that pipes the output through pr(1). !
On the alpha ramdisk, remove cd(4). !
Use tame(2) in bgpd(8), cal(1), col(1), colrm(1), column(1), comm(1), cut(1), deroff(1), diff(1), diff3(1), dirname(1), expand(1), fgen(1), find(1), fmt(1), fold(1), hexdump(1), id(1), indent(1), kdump(1), logger(1), nm(1), rs(1), stat(1), unifdef(1), vis(1) and write(1). ! !
In disklabel(8), remove -B support on landisk. It has been superseded by MI installboot(8). !
On landisk, use MI installboot(8) instead of disklabel(8) -B to put boot blocks on installation media. !
In fdisk(8), enhance -g to create a default GPT label in addition to the protective MBR. If -b is specified, an EFI System partition of the requested size is created. !
In eigrpd(8): !
- Add option to configure or disable the DUAL active timeout. !
- Ignore IPv4 TLVs in IPv6 instances and vice-versa. !
- When the SIA state is declared for a given destination, reset the adjacency with the unresponsive neighbor(s). !
!
Add the _eigrpd user and group for eigrpd(8). !
In rcctl(8), make it possible to give the same action to several daemons at once. !
In asmc(4), check the validity flag earlier and do not try to attach invalid (non-existing) keys. !
In ahci(4), fix a memory leak in an error path. !
Apply the tame(2) facility to banner(1), dd(1), df(1), dmesg(8), expr(1), file(1), ls(1) and pwd(1). ! !
Enable eigrpd(8) and eigrpctl(8). !
In dc(1): !
- Remove the "!" command. This makes dc(1) better tameable. !
- Use tame(2). !
!
On octeon, fix a memory leak in an error code path. !
Use tame(2) in cat(1), echo(1), test(1), uname(1) and wc(1). !
Add IPv6 transport for pflow(4) data. !
When multiple vxlan(4) interfaces are configured with same VNI, select the interface whose tunnel destination corresponded to the incoming packets' source address. !
In libssl, fix reference counting and memory leak in error path in an error path. ! !
Use tame(2) in acpidump(8), arp(8), basename(1), chflags(1), finger(1), grep(1), gzip(1), kdump(1), leave(1), md5(1), ntpctl(8), ntpd(8), patch(1), ping(8), ping6(8), script(1), sed(1), sleep(1), sshd(8), tcpdump(8), traceroute(8), uniq(1) and whois(1). !
Revert the mmap(2) unlock. It causes vnode-related panics on several architectures in the codepath that implements mmap(2). !
In iked(8): !
- Fix EAP (user-based auth) with IKEv2 in El Capitan. !
- Remove MD5 from the default proposals !
!
Fix EAP (user-based auth) with IKEv2 in El Capitan. !
In pfctl(8), make the "-s all" option show queues. !
In libssl, conform with RFC 5280 for times allowed in a X509 certificate. !
In snmpd(8), mitigate the risk of user-injected file descriptor leakage from the optional world-writable restricted control socket. ! !
Add ktracing of argv and envp to execve(2), with envp not traced by default. !
Add eigrpd(8) (and eigrpctl(8)), an Enhanced Interior Gateway Routing Protocol daemon. !
5.6, 5.7 and 5.8 SECURITY FIX: multiple reliability and security issues in smtpd(8).
A source code patch is available for 5.6, 5.7 and 5.8. !
In smtpd(8): !
- Do not allow connection IDs to wrap and collide with another active connection ID. This allows a local user to force the daemon to exit. !
- Fix a stack-based buffer overflow in the token expansion code of the (unprivileged) lookup process. This allows a local user to crash the server or potentially to execute arbitrary code. !
- Allow reading of imsg while discarding fd's when reading from a context where we don't expect/want to receive one. This prevents a local user from exhausting resources and causing smtpd to hang by crafting valid imsg that don't expect a descriptor but passing one anyway. !
- Prevent users from playing hardlink/symlink/mkfifo games with their offline messages and ~/.forward files. This allows a a local user to hang smtpd or even reset chflags and read the first line of an arbitrary file. !
- Do not exit on unexpected causes of SIGCHLD. This allows a specially crafted mda to cause smtpd to exit. !
- Make uid checking on ~/.forward files more strict. This avoids users from creating hardlink to root-owned files and leaking the first line. !
- Fix a use-after-free and out-of-bounds memory reads in the (unprivileged) lookup process. This avoids crashes or potential arbitrary code execution. !
!
Update to tzdata2015g from ftp.iana.org. !
In asmc(4), relax vendor comparison to match variations found in older models such as the MacMini1,1. !
On alpha, make the pmap (more) MP-safe by protecting both the pmap itself and the pv lists with a mutex. This should make pmap_enter(9), pmap_remove(9) and pmap_page_protect(9) safe to use without holding the kernel lock. !
In iked(8), fix several interoperability issues: !
- If we don't get a (valid) CERTREQ but a CERT, respond with a local CERT that was selected based on our own policy instead of leaving it out. This seems to be valid with the RFC that makes the CERTREQ optional and allows to ignore it or to apply an own policy. !
- Don't reject an "empty" CERTREQ (one with no CA hashes), instead treat it as if no CERTREQ were received. This may fix other interoperability issues. !
!
In sndio(7), remove support for the AUCAT_COOKIE environment variable. !
Update to pixman 0.32.8. ! !
On amd64, add asmc(4), a driver for the Apple System Management Controller (SMC). !
Implement a new "prot_exec" tame(2) request. !
In em(4), run the tx completion path without the kernel lock held. !
Do not try to refetch a route at the L2 layer if the given one is down and always return EHOSTUNREACH. !
Remove Cisco HDLC support from sppp(4). It is no longer used. !
Update to libxcb 1.11.1. !
Hopefully fix the stability problems seen on SandyBridge and up after the PPGTT code got enabled. ! !
On mips64, fix the R8000 kernel to have all their m[ft]c0 instructions correctly wrapped. !
In oce(4), unlock interrupt handler rx path with intr_barrier(9). !
In mg(1), fix the location of the cursor when opening a directory using filevisit, findvisitalt and poptofile. !
Add support for the Huawei K4511 3G to umsm(4). ! !
5.7 and 5.8 SECURITY FIX: an incorrect operation in uvm could result in system panic.
A source code patch is available for 5.7 and 5.8. !
In mmap(2), remove the no longer needed kernel lock in the fixed case. !
Add the UVM_FLAG_UNMAP flag to indicate to uvm_map(9) that it should unmap to make space. !
5.7 RELIABILITY FIX: various problems were identified in relayd.
A source code patch is available for 5.7. !
Fix a panic in inteldrm(4). !
In tame(2), make using the "/" path work. !
In mg(1), make dired mode treat a double "/" in a path like fundamental mode. !
In inteldrm(4), no longer support the "Quanta Transcode" device. This avoids incorrectly overriding the generic match for the HD Graphics P4000. ! !
Enable monitor hot plugging for the framebuffer console. !
Add IP26 kernels and boot blocks to the installation media. !
In iwm(4): !
- Fix problems occurring when doing bsd.rd upgrades. !
- Fix the bug where the firmware stops passing traffic after the MAC address is changed. !
!
Add the Ed25519 SSH host key to changelist(5). ! !
Make carp_input() MP-safe. !
Prevent X from crashing the kernel when attaching inteldrm(4) fails. !
Protect the list of free map entries with a mutex. This should fix crashes on i386. !
Unlock the mmap(2) system call. !
Add transpose-paragraphs to mg(1). !
Correct a range problem in citrus-utf8 version of wcrtomb(3) in order to match RFC 3629. !
In inteldrm(4): !
- Make the PPGTT code work. This seems to fix the caching issues on Broadwell. !
- Don't hardcode the type of BARs to be 64-bit. !
! !
On octeon and sgi, restore the interrupt mask even on secondary CPUs. This prevents the IPI from being left disabled accidentally on a non-primary CPU which will cause the system to hang eventually. !
On octeon, let MP-safe interrupt handlers run without the kernel lock. !
In mandoc(1), fix multiple aspects of SYNOPSIS .Nm formatting. !
In tmux(1), if the terminal has colors=256, only try to use setaf/setab if they exist. !
Fix inteldrm(4) on the GM45 chipset. !
In slowcgi(8), output the contents of the environment in debug mode. !
In inteldrm(4): !
- Disable IPS for now. It causes unsynched displays after waking it from standby or after VT switches. !
- Backport some of the Broadwell fixes. !
!
In tmux(1), free the history when it is cleared. !
Ensure the GPT header size is in a valid range before checksumming it. This prevents a crash. !
Ensure that RTF_LOCAL route entries always stay UP, even when a link state change occurs. ! !
In inteldrm(4): !
- Properly implement waitqueue_active(). !
- Enable MSIs on hardware that supports it. !
!
In disklabel(8), expunge VAX SMD special handling. !
On sgi, properly handle IP26 streaming cache controller bus error interrupts. !
In mg(1), fix where the cursor is positioned after expunging files. !
In trunk(4), avoid theoretical m_pullup(9) mishandling by delegating the mbuf reclaiming to the PDU and marker input routines. !
In tmux(1), fix two fd leaks and a memory leak. !
In ssh(1), add the CertificateFile option to explicitly list a certificate (bz#2436). ! !
In mg(1): !
- Fix multiple iterations of kill-paragraph. !
- Add mark-paragraph. !
!
Update inteldrm to the code from Linux 3.14.52. !
In ld.so(1) on alpha, avoid write-protecting .data when it shares a page with the GOT and PLT. !
On mips64: !
- When inserting an entry for a KV1 address, avoid having to write back the ASID value. !
- Use conditional instructions when picking a random TLB set number. !
!
In iwm(4): !
- While not associated, pass the broadcast ethernet address to the firmware, rather than zeros. !
- Properly reset the RX ring by clearing RX buffer status memory. !
!
In cwm(1), avoid unnecessary pointer querying. !
In trunk(4): !
- Remove watchdog code since it doesn't do anything useful. !
- Adapt code to avoid locking protection in the future. !
! !
In mg(1), fix line number handling in dired delete functions. !
Prevent the efiboot and kernel memory regions from overlapping. This fixes a problem where the kernel fails to boot. !
When a connected route is deleted, pass the corresponding priority to rtrequest1(9). Otherwise the route will remain attached to a stale ifa. ! !
In mandoc(1), account for significant whitespace when determining the width of a tag. !
Remove SHA-0 and MD2 remnants from openssl(1). !
In bpgd(8): !
- Allow for empty blocks for peers. !
- Allow to log all updates sent from an individual peer, and, when applied to a group, to disable logging on a sub-member of the group. !
!
In tmux(1), reset the alerts timer always on activity. !
Fix a couple of libtool(1) issues. !
In mg(1), fix behaviour when opening the same directory twice in dired mode. ! !
On alpha, powerpc and mips64, fix membar positioning in mtx_enter_try(9) and mtx_leave(9). !
In ssh(1), fix a possible hang on closed output (bz#2469). !
On sparc, increase MAXTSIZ to 64 MB. This is required for gcc/gnat. !
Fix suspend on machines with em(4) now that it uses intr_barrier(9). !
In syslogd(8), avoid potential event loss due to misuse of TLS read and write in libevent. !
Enable IP26 builds. !
On mips64, correctly compute the userland pte index in a pte page in the userland tlb miss handler. !
Add the -d, -r and -w flags to rmt(8) to make it run in a restricted mode. !
In ld.so(1), delete the bind lock, the callback, the sigprocmask stub. ! !
On powerpc, make sure PROT_EXEC is set on the GOT for BSS-PLT binaries. !
In em(4), avoid using a mutex in the rx completion path. Instead rely on intr_barrier(9) to avoid having the interrupt handler touch the rx data structures while the interface is brought down. ! !
On sgi, go back to the previous approach when managing individual HPC DMA descriptors: provide an optional storage for a copy of the descriptor in the "sync" (fetch) function, and use the returned address afterwards. !
In sysmerge(8), in case of a hard error, avoid missing files for comparison at the next run. !
Fix an uninitialized variable in iec(4). !
In tmux(1), let the -l option of join-pane and split-window apply to the new pane instead of the old one when -b is also specified. !
Revert r1.25 of src/lib/libssl/src/crypto/bn/bn_print.c. It introduces a NULL dereference. !
Implement SRPL_INSERT_AFTER_LOCKED(9). ! !
Make vmx(4) interrupts MP-safe. !
Back out r1.125 of src/sys/uvm/uvm_km.c. This avoids page queue corruptions and the resulting uvm_pmr_size_RB_REMOVE_COLOR() faults. ! !
Update to xserver 1.17.2. !
In cc(1), enable -msecure-plt by default on powerpc. !
In od(1), fix two bugs in the [+]offset[.][Bb] XSI offset syntax. !
Fix an uninitialized variable in bios(4) and in arp(4). ! !
Fix an overlapping memcpy(3) in vdsp(4). !
In ugen(4), fix a panic when using pcsc-lite. ! !
Unbreak booting from GPT partitions. !
Add tls_config_insecure_noverifytime(3) to libtls to disable certificate validity checking. !
In LibreSSL, add support for disabling certificate and CRL validity checking. ! !
Remove SHA-0 and MD4 support from libcrypto. !
Put the 12x22 font on alpha and macppc installation kernels. !
In netstart(8), only print the "IPv6 autoconf" line if there are interfaces to configure. !
In ssh-add(1), when adding keys to the agent, don't ignore the comment of keys for which the user is prompted for a passphrase. !
In tmux(1), add the -e flag to copy-mode to exit copy mode when scrolling off the bottom. !
In libcrypto, check ECDH output buffer length and avoid truncation. !
Introduce intr_barrier(9), an interface that guarantees that an interrupt handler that was running has finished. !
Introduce sched_barrier(), an interface that acts as a scheduler barrier in the sense that it guarantees that the specified CPU went through the scheduler. !
Add the Certplus CA root certificate to /etc/ssl/cert.pem. !
In nc(1), display negotiated TLS version and cipher suite in verbose mode. !
In libcrypto, add OPENSSL_cpu_caps(), to return the currently running CPU's specific hardware capabilities users of libcrypto might be interested in. !
In LibreSSL, if there is hardware acceleration for AES, prefer AES as a symmetric cipher over CHACHA20. Otherwise, prefer CHACHA20 with AES second. ! !
Make if_get() and vlan_input() MP-safe using SRPs. !
On arm, use kbind(2) for lazy binding GOT/PLT updates. !
In openssl(1): !
- Fix the "prime" command: when checking a decimal number for primality, do not unnecessarily convert the original decimal number to hex in the output. Hex numbers explicitly specified with -hex remain unchanged. !
- Add support for AEAD algorithms to the "speed" command. !
- Remove support for the SSLEAY_CONF environment variable. !
!
Add an ftpproxy6 rc script. ftp-proxy(8) can only open one listening socket at a time, so a second instance of the daemon is required. !
Introduce if_input_local(), a function to feed local traffic back to the protocol queues. !
In ping6(8), avoid out-of-boundary access on invalid or short packet reads. !
In ddb(4), show the non-idle, on-proc threads before showing the stack trace when panicking. ! !
In em(4), add support for the 88E1512/88E1514 phys. !
Update to sqlite3 3.8.11.1. !
In acpicpu(4), work around broken AML by treating FFH vendor 8 the same as vendor 1 (Intel). !
Make the powerpc pmap (more) MP-safe. This should make pmap_enter(9), pmap_remove(9) and pmap_page_protect(9) safe to use without holding the kernel lock. !
Add TLS support to nc(1). !
Remove RTF_XRESOLVE support from route(4), route(8), netstat(1) and route6d(8). !
Introduce refcnt, a wrapper around reference counts. !
Introduce rtref(9), a function to increment a reference to a routing entry, and use it in rtable_lookup(). !
In "ifconfig media", stop advertising media with fixed data rates on wireless interfaces. !
Don't generate ICMPv6 packets with incorrect checksums for dropped IPv6 packets. !
Fix a use-after-free in route(4). !
In openssl(1), remove the engine command and parameters. !
Save/restore MSR_APICBASE during suspend/resume. This re-enables x2apic on the application processors at resume. !
Remove the unfinished che(4) driver. !
In libtls, do not match a wildcard against a name with no host part. !
Make room for media types of the future: extend the ifmedia word to 64 bits. !
In netstart(8), set "inet6 autoconf" individually on interfaces that have rtsol set in hostname.if(5). Previously, netstart tried to configure them all at once. !
Take a first step towards making ix(4) MP-safe. !
In mkhybrid(8), cast the isascii(3) argument to unsigned char, to avoid undefined behaviour. !
In qle(4), don't copy more sense data than we have space for. This avoids a crash when trying to talk to a Sun STK6140 (although it still doesn't work). !
Spoof EFI SYSTEM GPT partitions as MSDOS partitions, as is done with MBR EFI SYSTEM partitions. !
No longer grab the kernel lock in the interrupt-safe multi page backend allocator implementation. This is possible because that interrupt-safe uvm maps are now properly locked. !
Fix a NULL dereference in bpf(4). !
Fix hangs on systems with more than 7 interfaces. !
In ddb(4), add ps/o to display just the non-idle on-proc threads. !
Don't spoof GPT OpenBSD partitions. Simply record and use the first one found, as is done in MBR processing. !
Change device locators type from int to long, for the sake of 64-bit ports without proper device trees. ! !
In ssh(1), expand %i in ControlPath to UID (bz#2449). !
In openssl(1), make the s_time command perform a proper shutdown by default. This allows s_time to benchmark a full TLS connection more accurately. The new -no_shutdown flag restores the previous behaviour. !
In syslogd(8), instead of having global variables containing the libevent structures, allocate them with malloc. This makes the address space layout more random. !
Add kqueue(2) support for wsmouse(4), wskbd(4) and wsmux(4). This is needed for the libinput port. !
In LibreSSL: !
- Remove support for DTLS_BAD_VER. We do not support non-standard and incomplete implementations. !
- When loading a DSA key from a raw (without DH parameters) ASN.1 serialization, perform some consistency checks on its "p" and "q" values, and return an error if the checks failed. !
!
Enable GPT in the GENERIC kernel. !
Avoid division by zero in fsck_ext2fs(8). !
Use the full IPv6 source address (rather than only half of it) as input for the syn cache hash. Using only half the address makes it trivial to create syn cache collisions. !
Move the if input handler list to an SRP list. !
In libc, add hidden _libc_FOO aliases for the system call stubs. !
Various cleanups of the ksh(1) code. !
Several libtls API changes and improvements. !
In tmux(1), add session_last_attached time and format. !
Remove link_addr(3). ! !
Add locking for interrupt-safe maps. !
In mkhybrid(8), fix various buffer overflows and make it work on unsigned char platforms. !
Add client certificate support to libtls. !
Move to the next tame(2) API. The flags are now passed as a very simple string. !
Introduce reference counts for interfaces. The new if_put() function releases the reference acquired by if_get(). !
In ntpd(8), plug a memory leak in an error path. !
Convert bpf to using an srp list for the list of descriptors. !
Implement a singly linked list built with SRPs. !
On powerpc, it is no longer needed to use mprotect(2) to take away PROT_WRITE. This fixes ld(1) -Z and paves the way for the new Secure-PLT ABI. !
In binutils 2.17, force .ctors, .dtors and .got to be read-only for truly static binaries. This prevents W^X violations on architectures that need an executable GOT (basically BSS-PLT powerpc). ! !
Prevent nc(1) from hanging when writing more than the low water mark of the socket write buffer. !
In disklabel(8), avoid a SIGSEGV with FGJ malloc.conf flags when a template is used. !
The default backend allocator implementation no longer needs to grab the kernel lock. ! !
Build xf86-video-wsfb on amd64 and i386. It can be used by efifb now. !
In efifb(4), make scrolling a bit faster. !
Delete ktracing of context switches. It is unused and not particularly useful. !
In smtpd(8), insert a Message-Id header if necessary. !
In httpd(8), prevent a potential double free introduced in r1.64 of src/usr.sbin/httpd/server.c. ! !
It is no longer necessary to grab the kernel lock for allocating and freeing pages in the (default) single page pool backend allocator. !
In libc, fix aliasing of sys_errlist, sys_nerr, sys_siglist, and sys_signame to eliminate duplicate copies of the tables and get direct access internally. !
In wsfontload(8), avoid a floating point exception when an invalid font width was specified. !
On the minirootXX.fs and iso images, create an EFI system partition using fdisk(8) -b and put the UEFI boot loader on there. !
Add support for QEMU PCI serial devices to puc(4). ! !
In awk(1), revert srand() to its old behaviour with regard to what values it returns. !
On sgi, remove the need for the memory controller to switch between "fast" and "slow" mode every time a DMA descriptor is updated. !
Update to xterm 320. !
In pms(4): !
- Improve tap-and-drag detection for ALPS touchpads. !
- Support Synaptics touchpads without W mode. !
!
Use the new resolution framework for wrapping catopen(3), catgets(3) and catclose(3), and for dbopen(3). !
In wscons(4), add support for xterm-compatible SGR escapes 39 and 49 (reset fg/bg colour to default). !
Some symbol cleanup in libc. ! !
In fdisk(8), add a -b option, to be used together with -i, to add a special boot partition on architectures that need it. !
In audio(4), improve the search for candidates for the wskbd "record level" control. This may fix "record level" keys on certain keyboards. !
In ugen(4), do not use an intermediary buffer on the stack of the caller when submitting a bulk write request. This means big bulk write requests are no longer split into multiple small transfers which libusb consumers do not expect. !
Give every consumer of the radix tree a chance to explicitly initialize the shared data structures, instead of relying on another subsystem to do the initialization. ART kernels should now be fully usable because pf(4) and IPSEC properly initialize the radix tree. !
In ssh(1) and sshd(8), plug minor memory leaks when options are used more than once (bz#2182). !
In netstat(1), fix mbuf memory accounting after the recent *8 pool size change. !
Fix a use-after-free in pflow(4). !
Add support for the RTL8168H to re(4). ! !
In libkvm, fix a race when fetching files from the kernel. !
On i386, fix a race in pmap_page_remove_86() and pmap_page_remove_pae(). !
On amd64, fix a race in pmap_page_remove(). !
Adapt ping(8) to tame(2). !
In dwc2, fix timeout-related crashes. !
Again revert the two uses of rtisvalid(9). They break NFS. !
In dwc2, avoid a possible lock recursion panic on transfer timeout. !
Modify acpidump(8) to work on systems booted from efi boot. !
Bring back the two uses of rtisvalid(9). The bug it exposed has been fixed. !
Unconditionally set the RTF_UP flags when adding a route to the table. This makes dhclient(8)-configured default routes usable without relying on the link-state change hooks not present in RAMDISK kernels. !
In ugen(4), do not use an intermediary buffer on the stack of the caller when submitting a read request. This means big read requests are no longer split into multiple small transfers which libusb consumers do not expect. ! !
In smtpd(8), remove the session kicking mechanism until it is redesigned. It has an accounting bug leading to some legitimate sessions being kicked if they generate too many consecutive errors. !
On sparc64, make pmap_kenter_pa(9) and pmap_kremove(9) MP-safe. !
In syslogd(8), log a message about failed log attempts using sendsyslog(2). !
Revert the two uses of rtisvalid(9). It breaks dhclient(8)-configured networks on RAMDISK kernels. ! !
Add the uefi boot loader. !
In ping6(8), display the correct source address when using a non-default routing table. !
In pf(4), don't let route-to, dup-to and reply-to override the block action. !
In syslogd(8), bind the *:514 UDP socket with SO_REUSEADDR. !
On octeon, increase the transfer FIFOs for dwc2. This improves USB performance. !
Convert the (cached) route entry checks in ip{,6}_output() to rtisvalid(9). !
In doas(1), restrict the exec path only if the rule specifies a command. !
Introduce rtisvalid(9), a function to check if a (cached) route entry can be used or should be released by rtfree(9). !
Reject USB requests that could damage the bus integrity. !
Fix a use-after-free in tame_namei(). !
On powerpc, make bus_dmamap_load_raw(9) respect the segment size constraint. This makes xhci(4) work on the G5. !
In efifb(4): !
- Only advertise the color depth that is actually supported. This makes the xf86-video-wsfb driver work. !
- Map the framebuffer in write-combining mode. This significantly speeds up. !
! !
In static binaries, invoke kbind(2) once to disable it. !
On m88k and sparc, use kbind(2) for lazy binding GOT/PLT updates. !
It is no longer needed to hold the kernel lock for MP-safe bpfs (again). !
Bring back the commit that makes bpf_mtap MP-safe by using srp, but now using srp_follow(9) to avoid races and corruption. !
Add srp_follow(9) which is necessary to correctly order the taking and releasing of SRP critical sections in situations such as following a chain of data structures linked with SRPs. !
In dhclient(8), accept multiple domain names in dhcp option 15 (Domain Name). This allows resolv.conf(5) "search" statements to be built with multiple entries. !
In syslogd(8), don't truncate program names and hostnames in syslog.conf(5). This fixes matching with IP addresses if syslogd is started with -n. !
In efifb(4), check the driver name so that the driver only attempts to attach when we actually want it to. !
In binutils 2.17, raise the number of spare local GOT entries from 5 to 7. This fixes building liblto_plugin.so in the gcc 4.9 port. !
In tame(2) mode: !
- Return EPERM for *chmod(2) if uid/gid change is not towards cr_uid/cr_gid (effective ids). !
- Consider getfsstat(2) an RPATH. !
!
Rather than killing when *chmod(2) is asked to do setuid/setgid, clear those bits in the request and continue. !
Do not install connected routes on loopback interfaces. This will allow systems with AUTOCONF'd addresses to see loopback connected routes in the routing table. !
Fix a use-after-free in uow(4). !
Compute the checksum before looping back the copy of an IPv6 multicast packet. ! !
Add a framework for resolving libc namespace issues. !
In gunzip(1) and uncompress(1), ignore setuid/setgid settings from a compress/gzip file. !
In mandoc(1): !
- Don't die on an assertion if an .Fo macro lacks its mandatory argument. !
- Drop leading, internal, and trailing blank characters in \o (overstrike) escape sequences. !
!
In ping6(8), remove RH0 support. !
In ddb(4): !
- Automatically perform traces upon panic. !
- Shrink the message to save vertical space and point to http://www.openbsd.org/ddb.html. !
!
In the kernel, use a global table for domains instead of building a list at run time. !
Prepare the kernel to boot from UEFI. Amongst other things, add efifb(4). !
Enable xhci(4) on macppc. !
On macppc, map the whole config1 space based on the size read from the device tree. This allows supplementary PCIe cards to be properly detected and should prevent the kernel from faulting when reading unmapped PCI addresses. !
Prevent cards with no midi connectors from attaching midi(4) devices. ! !
For *chmod(2), allow S_ISTXT in tame(2) mode. !
In mandoc(1): !
- Add a minimal implementation of the read-only number register \n(.$ which returns the number of arguments of the current macro. !
- Implement the escape sequence \\$* which expands to all arguments of the current user-defined macro. !
- Parse and ignore the escape sequences \, and \/. !
- Don't escape breakable hyphens yet when we have to reparse the text line because we spring an input line trap. !
!
Create a miniroot for alpha. !
In ws(4) and synaptics(4), read multiple events at once. ! !
In tmux(1), check for name changes at most once every 500 milliseconds. !
On sparc64, add support for switching CPUs in ddb(4). !
On sh, use kbind(2) for lazy binding GOT/PLT updates. !
Make gdb(1) work again on mips64 PIE binaries by making sure a reasonable 64-bit ABI is selected for 64-bit ELF files instead of a 32-bit ABI. !
5.8 SECURITY FIX: LibreSSL 2.2.2 incorrectly handles ClientHello messages that do not include TLS extensions, resulting in such handshakes being aborted.
A source code patch is available for 5.8. !
In apmd(8), log battery changes every 10%, not every 21%. !
In envy(4), disable interrupts while the midi uart is not in use. This avoids generating unused interrupts when a chatty peripheral is connected but not used. !
In binutils 2.17, add support for Irix-style "64-bit" archives. !
Fix the build of the drm libraries on sparc64. !
In envy(4), fix support of M-Audio Delta 44 cards that use different GPIO pins. !
In tmux(1): !
- Allow environment variables in #{}. !
- Remove the lock-server option. !
- Plug a memory leak. !
!
In binutils 2.17, do proper GOT slot accounting for symbols that were forced to be local. ! !
Rework the UNIX domain socket garbage collector. !
Make ld.so(1) work on hppa when _dl_bind_start gets hidden by the version script. !
Fix rare occurrences of wrong floating-point values with MP kernels on Octeon. !
On mips64, access the image of the floating point registers via p_md.md_regs instead of directly on the frame. This prevents updates from getting lost. !
Ensure that syslogd(8) uses its original command-line arguments when it reloads its configuration and re-executes itself. !
Prevent a socket that poll(2) reports is writable from becoming unwritable before write(2) is called. !
In doas(1), add a type of "auth-doas" to the perm check to allow login.conf(5) fiddling. !
In aucat(1), allow sparse blocks to be used as silence if samples are encoded as signed integers. !
Remove SSLv3 support from LibreSSL. ! !
On hppa, use kbind(2) for lazy binding GOT/PLT updates. !
Add more overflow checks to libexpat. !
5.8 SECURITY FIX: in sshd(8), inverted logic made PermitRootLogin "prohibit-password" unsafe.
A source code patch is available for 5.8. !
Let MBR have priority over GPT. !
Fix an alignment issue in bridge(4). ! !
Add TIOCGETA to the TAME_IOCTL list. This is used by readpassphrase(3) and libcurses. !
In radiusd(8), fix a use-after-free in an error path. !
On alpha and mips64, use kbind(2) for lazy binding GOT/PLT updates. !
Remove exect(2). It was unused and not portable across arches. !
Hide many libc symbols that should not be used. !
In cron(8), use ppoll(2) instead of poll(2). This avoids time conversion issues and eliminates a race condition that could delay SIGCHLD and SIGHUP actions. !
In syslogd(8), don't use strlcpy(3) on strings that are not NUL-terminated. This prevents a crash. !
Fix an out-of-bounds read in tmux(1). !
On i386 and powerpc, use kbind(2) for lazy binding GOT/PLT updates. ! !
On i386, enforce the kernel W^X policy by properly setting NX (as needed) for kernel text, PTEs, .rodata, data, bss and the symbol regions. !
In restore(8), switch from utimes(2) to utimensat(2). !
Re-enable GTP support on amd64 and i386. !
Remove the -h option from radiusd(8). !
Set the required IPL at the syn-cache pool instead of doing a splsoftnet() explicitly. !
Prevent the kernel from removing connected (/64) routes as soon as it configures an AUTOCONF'd address based on a RA. !
Fix the GPT code to work with non-DEV_BSIZE disks. !
Fix a crash in tmux(1). !
Fix a cheating bug in worm(6). !
Fix a crash during "ifconfig bridge0 destroy". !
In bm(4), work around slow transfer speed. !
In cwm(1): !
- Don't allow freeze operations on fullscreen. !
- Implement _NET_CLIENT_LIST_STACKING. !
!
Use IPL_SOFTNET protection for the pool. This fixes a panic. !
In sysmerge(8): !
- Switch from /usr/share/sysmerge to /var/sysmerge. !
- Use /var/sysmerge/backups for persistent backups and keep three earlier rotations. !
!
Avoid two potential double frees in tame(2). ! !
Fix an fd leak in mv(1). !
Apply a symbol export list to ld.so(1) with just the expected dl*() and the two symbols needed by gdb. !
Make the Atom S1200 UART work. !
In binutils 2.17, introduce -Bsymbolic-functions and related flags. !
On amd64 and sparc64, use kbind(2) for lazy binding GOT/PLT updates. !
In tame(2): !
- Perform maximum one cwd lookup. !
- Fix /tmp handling of unlink(2). !
!
Update to xf86-video-geode 2.11.17. !
In cwm(1), make CLIENT_STICKY apply to group hide/unhide rather than client hide/unhide. !
In cc(1), make the -msecure-plt option work, which is necessary to generate Secure-PLT ABI code. !
On powerpc, add support for the Secure-PLT ABI variant. This will give us better W^X support on powerpc. !
In binutils 2.17, fully enable the Secure-PLT ABI. !
In libc, restore codeset checking instead of silently falling back to ASCII. !
Revert the bpf+srp commits. They cause problems in a bridge setup. ! !
Move to the tame(int flags, char *paths[]) API/ABI. !
Explicitly list the symbols permitted to be exported by libc. This will prevent unintentional additions in the future and sets the stage for reductions. !
In doas(1), add the cwd context to the syslog entry. !
Make urtwn(4) attach to Netgear WNA1000Mv2. !
Ensure tls_read(3) and tls_write(3) always set outlen to zero on error. !
In rc(8), properly handle double quotes in wsconsctl.conf(5). ! !
In ctags(1), avoid calling system(3) for the -u option. !
Update to libdrm 2.4.64. !
In ssh(1), fix printing of HostKeyAlgorithms=+... when using -G. !
In sshd(8), fix expansion of HostkeyAlgorithms=+... !
Regenerate moduli(5). !
In cwm(1): !
- Preserve the command list order from .cwmrc. !
- Hide the "term" and "lock" commands in the application menu. !
- Don't let _NET_WM_STATE_STICKY apply to the position and size of a window. !
- Add the client freeze extension to _NET_WM_STATE Atom, allowing flag to persist. !
!
In em(4), run the part of the interrupt handler that does rx completion without holding the kernel lock. !
In relayd(8), don't drop the reply messages when "check icmp" is used with many hosts. !
In httpd(8), avoid an HTTP 405 error when using the WebDAV MOVE method. !
Whitelist TIOCGPGRP (for tcgetpgrp(3)) in TAME_IOCTL. !
In azalia(4), enable beep and CD controls on ALC292. ! !
In sshd(8), fix the inverted logic that broke PermitRootLogin. !
If we're allowed to try and use large pages, we try and fit at least 8 of the items. This amortises the per page cost of an item a bit. !
In acpi(4), respect the access size when reading or writing to pci config space and ensure writes are properly aligned. This prevents panics and fixes at least battery status passthrough in vmware and the brightness keys on the X220. !
In exp2(3), avoid left-shifting a negative integer. !
In cwm(1), make the big move and resize bindings match what is in the manual page. !
On octeon, use the IPD Clock Count register as a timecounter. !
Import an alternative routing table backend based on Yoichi Hariguchi's ART implementation. !
In identd(8) and tftpd(8), use SOCK_NONBLOCK to avoid a FIONBIO ioctl(2). !
In identd(8), don't exit on unknown write(2) failures. !
In azalia(4), enable audio on ThinkPad docks. !
Reactivate tame(2) after release. ! !
Remove unused vesafb code. !
Update to libepoxy 1.3.1. !
In LibreSSL, properly handle missing TLS extensions in client hello as a non-failure. !
In ssh: !
- Don't call unlink(2) with an uninitialised path in ssh-keygen(1). !
- Don't free an uninitialised pointer in ssh(1). !
- Fix a double free in an error path. !
- Improve compat matching for WinSCP and add compat matching for FuTTY. !
!
Enable the build of libOSMesa. !
In pf(4), keep the IPv6 fragment size as chosen by sender also for packets that are routed on behalf of route-to. !
Prevent mips64 FPU emulation from corrupting the page queues in MP systems. !
Do not use a stale local address from the routing table. This prevents an interface address without interface pointer causing a uvm_fault. !
On octeon, allow booting the SP kernel with a set of CPUs that does not contain core 0. !
Unbreak the ikectl(8) "ca" commands after the removal of $ENV:: overwriting in LibreSSL. ! !
Remove casts from many calls to malloc(3)-like functions. ! !
Update the en_US.UTF-8 locale to Unicode 7.0.0. !
Remove the last fragments of ST-506 support. !
In whois(1), fix whois server detection for new TLDs. !
Accept NULL pointers in rtfree(9). This will simplify upcoming conversions of rt_refcnt-- to rtfree(9). ! !
5.6 and 5.7 SECURITY FIX: a change to sshd(8) resulted in incorrect permissions being applied to pseudo terminal devices, allowing local users to write to (but not read from) them.
A source code patch is available for 5.7. !
No longer hold the kernel lock when calling bpf. !
Make bpf_mtap MP-safe by using srp. !
Avoid a TOCTOU problem in if_input in the bpf handling. !
In tmux(1), come out of copy mode when history is cleared. ! !
Add Loongson 3A support. !
On alpha, consider ISA interrupts level-triggered if the SRM has explicitly set them up that way. This makes the kernel correctly run with serial console on the Multia. !
Enable AlphaBook 1 support in alpha bsd.rd. !
In smtpd(8): !
- Increase the size of acceptable headers lines. !
- Assume messages use 8-bit bytes by default. !
! !
Remove charsets other than UTF-8 from locale(1) output. !
Load LC_MESSAGES locale only if the character encoding is UTF-8. !
Disable support for loading LC_CTYPE locales other than UTF-8. !
In swapctl(8), use vfork(2) & execl(2) instead of system(3) when invoking mount_nfs(8). !
In myx(4): !
- Rework the way the packets on the rx rings are tracked. !
- Move to a per rx ring timeout for refilling empty rings. This gets rid of the locking around the refilling of the rx ring. !
- Use a single atomic op instead of one per packet when doing global tx free accounting. This allows packets to be sent a little faster. !
!
On macppc and powerpc, replace the assembly mutexes with a C implementation. ! !
Add ml_requeue(9) and mq_requeue(9) to prepend mbufs on lists/queues. !
Move the locate(1) database build directory back to /tmp. !
In ntpd(8), avoid calling poll() multiple times with no timeout, racking up CPU time for no real reason. !
Add the -A, -P and -t options to nm(1). !
Remove discarded attributes from disktab(5). !
In rc(8), improve the sysctl.conf(5), mixerctl.conf(5) and wsconsctl(5) parsers. !
Let pkg_create(1) recreate packages correctly. !
Prevent an mbuf leak when no handler consumed that mbuf. ! !
Fix a case where ceill(3) returns 1.0L. !
Rework the /etc/rc script. !
In tmux(1), add the "-of" suffix to the "left", "right", "up" and "down" special tokens for the pane index. !
Plug two memory leaks in ti(4). ! !
In acpihpet(4), check for a proper HPET period value during attach. !
In file(1), add various improvements to the magic(5) parser. !
In sndiod(8), don't make system calls when not being used. !
Update time zone data to tzdata2015f. !
Fix recent regressions in ugold(4). ! !
Improve openssl(1) s_client -starttls xmpp support. ! >>>>>>> 1.1379

--- 76,82 ----

Nothing yet.