===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1404
retrieving revision 1.1405
diff -c -r1.1404 -r1.1405
*** www/plus.html 2018/04/06 14:46:20 1.1404
--- www/plus.html 2018/04/16 14:29:51 1.1405
***************
*** 84,89 ****
--- 84,154 ----
+
+ - Fix "heap full" errors in the amd64 boot loader when loading microcode.
+
- Add support in com(4) for Exar XR17V354 4-port devices.
+
+
- Add TCP support to snmpd(8). Apart from processing multiple requests in parallel, this implements RFC 3430.
+
- Make relayd(8) set destination host state to HOST_DOWN in case of TCP read timeout.
+
- 6.1, 6.2 and 6.3 SECURITY FIX: Correct heap overflow bugs in perl(1).
A source code patch is available for 6.1, 6.2 and 6.3.
+
+ - Make ENGINE_finish() succeed on NULL in LibreSSL, simplifies caller code.
+
- Make ksh(1) count $SECONDS using monotonic clock.
+
- Fix for mg(1) when trying to write backups in home dir when run under a different effective user.
+
+
- Remove hfsc support from pfctl(8).
+
- Don't panic if ipmi_sendcmd() fails.
+
- Make sshd(8) more resilient against user enumeration timing attacks.
+
- Implemented MAP_STACK option for mmap(2). At pagefaults and syscalls the kernel will check that the SP points to MAP_STACK memory.
+
+
- Stop using the PID in ping(8).
+
- Make httpd(8) listen on all IPv4 and IPv6 addresses for "listen on *".
+
- More steps for i386 Meltdown fixes, will trigger some performance issues.
+
- Make re(4) handle newer devices with only 64bit BARs, and map 32bit BAR as a fallback.
+
+
- Add mixer save/restore capability to the audio(4) driver for use during suspend/resume.
+
- Add support in umsm(4) for Huawei k3772-based devices.
+
- Make sasyncd(8) schedule events against the monotonic clock so it fires punctually even if system clock is changed.
+
- Have fstat(1) print rtable for internet sockets unless it's the default.
+
- In tmux(1), add x and X to choose-tree to kill an item.
+
- Make sure the kernel doesn't call logwakeup() while holding a mutex to prevent lock ordering issues.
+
+
- Make mandoc(1) define a previously undefined integer as being zero.
+
- Make ksh(1) support 64bit integer operations on 32bit arches too.
+
- Added octcrypto(4), a driver for the octeon cryptographic unit, providing hardware-accelerated implementations for several encryption and authentication algorithms for ipsec(4). Disabled for now.
+
+
- Make smtpd(8) spfwalk check for legitimate IPv4 and IPv6 addresses before printing.
+
- Make headers, manpages and kernel prefer and recommend AF_UNIX name rather than AF_LOCAL.
+
- In kqueue, test for preexisting conditions when re-enabling events.
+
- Make pcidump(8) print BARs for bridges as well.
+
- On amd64, add support for EFI Random Number Generator and use it to XOR random data into the kernel.
+
- Add a hook to the standalone boot code to use a firmware-supplied random function in addition of the machine dependent random function to insert entropy into the booted kernel.
+
+
- IPv6 fix for gif(4).
+
- Attach the mbuf tag on output gif(4) packets to suppress loops over the interface and avoid leak of the tag on every packet.
+
- For certain arm devices, if the PHY address isn't specified, only attach a single PHY. Makes Theobrama Systems RK3399-Q7 SoM network interfaces work.
+
- Make shutdown(8) print deadline estimates in the local timezone.
+
- Simplify dd(1) SIGINFO output routines so the summary printout becomes atomic.
+
- Enable islrtc(4) on arm64 GENERIC and RAMDISK kernels.
+
- Added islrtc(4), a driver for the ISL208 real time clock.
+
- Work around libtool exec limitations.
+
- Correct libtls tls_config_clear_keys(3) behaviour, leaving other configuration data intact.
+
- In libtls, switch to OPENSSL_init_ssl(3) to prevent an openssl configuration file from being loaded behind our backs.
+
- Add support in dwmmc(4) for GPIO card detection.
+
- Increase em(4) delay after reset to 20ms and add a fix for i219 based devices.
+
+
- In UEFI, respect the parts where mappings indicate they can be made non-readable, non-executable or read-only.
+
- Fixed tmpfs(4) to not attempt calling copyin(9) itself.
+
- Patch binutils 2.17 so it passes option -Wno-null-pointer-arithmetic when compiled with LLVM 6.0.0.
+
- Updated llvm to 6.0.0.
+
- Make fstat(1) print a p flag for file descriptors opened after pledge(2).
+
- Better rounding to cylinder boundaries in disklabel(8).
+
- In ssh(1), allow "Sendenv -PATTERN" to clear environment previously labeled for sending.
+
- Fix file descriptor leak in httpd(8) after processing ranged requests.
+
- Use existing pf state to speed up UDP socket lookup.
+
- Fix memory leak in libcrypto if EVP_Digest() fails.
+
+
- In libcrypto, tighten up various checks for X509_VERIFY_PARAM functions.
- In ssh(1), relax checking of authorized_keys environment="..." options to allow underscores in variable names
- Stop using a non-portable .R man(7) macro in mandoc(1).
- Update mandoc(1) to use documented and portable character escape sequences for .Do/.Dq.