===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1386
retrieving revision 1.1387
diff -c -r1.1386 -r1.1387
*** www/plus.html 2016/06/03 21:48:00 1.1386
--- www/plus.html 2016/06/06 18:00:17 1.1387
***************
*** 80,85 ****
--- 80,170 ----
+
+ - In tftpd(8), go in the background much later to reduce possible silent failures.
+
- If one of the TCP SYN cache buckets overflow, it might be a collision attack against the hash function. Mitigate this attack by reseeding the hash function as soon as possible.
+
- In uslcom(4), add support for the USB console port on Aruba 7xxx wireless controllers.
+
+
- In ssh(1), remove fallback from moduli to "primes" file that was deprecated in 2001 and fix log messages referring to primes file (bz#2559).
+
- In wsmouse(4), add support for multitouch input.
+
- In rdistd(1), properly create directories that do not exist on the destination.
+
- Improve support for alphas without all IEEE-mode instructions.
+
- In gcc(1), fix optimization for alphas without the "precise arithmetic trap" extension.
+
- In tmux(1), bump the listen(2) backlog up from 16 to 128.
+
- Implement proxy ARP for ART based on mpath support.
+
- In acpi(4), hook up the gpio interrupt on devices that use it for card detection. This makes the SD card slot on machines based on Intel's Bay Trail SoC fully functional.
+
- In bytgpio(4), add support for gpio-based interrupts.
+
- Add getlogin_r(2) system call that checks and returns errors like the userspace getlogin_r() API.
+
- Remove MLINKS from base. They are no longer required by mandoc(1).
+
+
- Enable oce(4) on sparc64.
+
- In binutils, fix fallout from the switch to binutils 2.17: the binaries created by 2.17 aren't recognized by the in-tree gdb(1) because it's built with the bfd code from 2.15.
+
- Add the net.inet.tcp.synuselimit sysctl(8) to adjust tcp_syn_use_limit. This is convenient to test the feature and may be useful to defend against syn flooding in a denial of service condition.
+
- In authpf(8), avoid a dereference of a null object.
+
+
- In tcpdump(8), properly check for the end of captured packet while printing CDP packets.
+
- Ensure that a thread that calls sched_yield(2) ends up on the run queue behind all its sibling threads. This results in significant improvements for processes that suffer from lock, most notably firefox.
+
- Add bytgpio(4), a driver for the gpio controllers found on Intel's Bay Trail SoC.
+
+
- In netstart(8), don't delete the 224/4 route unless it's being done to ensure that a -reject route can be added. This restores the ability to set an interface route before daemons are started.
+
- Avoid an attack that could prevent reseeding of the hash function used for the hash buckets in the TCP SYN cache.
+
- In sdhc(4), make it possible to override the standard card detect mechanism to appease the SD controller on Intel's Bay Trail SoC.
+
- Avoid a NULL pointer dereference when pulling and unmounting a umass(4) USB stick.
+
+
- In libssl, fix a memory leak.
+
- Switch from the SolidRun i.MX6 U-Boot to mainline U-Boot on the CuBox-i.
+
- Always include the route priority in routing messages.
+
- Do not populate RTAX_NETMASK when sending a routing message for RTF_HOST entries. This preserves old behavior with ART and fixes a regression.
+
- In rc.d(8), make it possible to get usage as a non-root user.
+
- In less(1) and ul(1), improve handling of ambiguous overstrike sequences.
+
+
- In gcc(1) on arm, change the default arch target from strongarm (armv4) to arm9e (armv5te without xscale extensions).
+
- Enable ART (Allotment Routing Table).
+
- Ensure that a found proxy ARP entry has the correct flag.
+
+
- In kernel clock, set ticks 15 seconds before its value wraps. This helps to identify issues around ticks wrap in 15 minutes instead of 240ish days.
+
- In kdump(1), display NAMI records and AF_UNIX socket(2) paths with vis(3).
+
- Update to tzdata2016c from ftp.iana.org.
+
+
- In pipex(4), don't leak an mbuf when copying a packet fails.
+
- Remove ARM10 and ARM11 support.
+
- Fix various issues with bad gateways being picked up by bgpd(8).
+
- Remove ARM9E support.
+
+
- In npppd(8), log the reply message from RADIUS server when the authentication fails.
+
- Add pledge(2) to tokeninit(8).
+
- Rename sendsyslog2(2) to sendsyslog(2).
+
- In ral(4), improvements for the RT2860 chip:
+
+ - Fix watchdog timeouts and dropped frames under load.
+
- Fix a bug where oactive is not set and mbufs are dropped.
+
+ - Add a counter in the TCP SYN cache and in netstat(1) -s to show how often the hash function is reseeded and the random bucket distribution changes.
+
- On octeon, use the list of the usable memory regions provided by U-Boot instead of the hardcoded regions in memory setup.
+
- In ksh(1), make the "command" builtin POSIX-compliant and consistent with other current shells.
+
+
- In ld.so(1), let the stack smash handler log to console directly if it is not possible to deliver to syslogd(8).
+
- In vnet(4), plug a memory leak in ioctl(2) code path.
+
- Many improvements of libedit, in particular with regard to UTF-8 support.
+
- In axen(4), initialize the hardware on reset. This allows it to attach reliably and pass traffic, and prevents a panic when unplugging it.
+
- Import libdrm 2.4.67.
+
+
- Attach dwctwo(4) only on Octeon models that have a DWC2 controller.
+
- Remove support for StrongARM (SA1), IXP12x0, IXP425 and XScale 80200.
+
+
- In vi(1), avoid a backwards memcpy(3) when issuing ":e +something".
+
- In tmux(1), make scrolling behaviour more sensible and maintain cursor position, as if the same had been done line-by-line.
+
- In pkg_add(1), use a new _pkgfetch user for separation instead of the _pfetch user.
+
- Remove ARM8 and ARM9T support.
+
+
- Add octuctl(4), a driver for the Octeon II USB Controller Interface, and attachments for ehci(4) and ohci(4).
+
- In puc(4), add support for the TXIC TX382B (currently TX/RX FIFO is not working).
+
+
- In column(1), lpq(1), ls(1), newfs(8), ps(1), rusers(1), sed(1) and growfs(8), use the COLUMNS environment variable first, and either terminal width or a hardcoded value (typically 80) as appropriate.
+
- In libssl, use explicit_bzero(3) for ASN1 objects on free. Too often these contain sensitive information.
+
- In vi(1), add error checking for the COLUMNS and LINES environment variables to avoid a crash.
+
- In sd(4), prevent a use-after-free of the scsi link structure during detach.
+
- Expose new and much simpler audio(4) ioctls.
- In npppd(8), transition to "Req-Sent" had been missing when RTA in "Opened". This caused a timer event leak.
- Update to tzdata2016b from ftp.iana.org.