===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1404
retrieving revision 1.1405
diff -c -r1.1404 -r1.1405
*** www/plus.html	2018/04/06 14:46:20	1.1404
--- www/plus.html	2018/04/16 14:29:51	1.1405
***************
*** 84,89 ****
--- 84,154 ----
  <p>
  
  <ul>
+ <!-- 2018-04-16 -->
+ <li>Fix "heap full" errors in the amd64 boot loader when loading microcode.
+ <li>Add support in <a href="https://man.openbsd.org/com.4">com(4)</a> for Exar XR17V354 4-port devices.
+ <!-- 2018-04-15 -->
+ <li>Add TCP support to <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>. Apart from processing multiple requests in parallel, this implements RFC 3430.
+ <li>Make <a href="https://man.openbsd.org/relayd.8">relayd(8)</a> set destination host state to HOST_DOWN in case of TCP read timeout.
+ <li><font color="#e00000">6.1, 6.2 and 6.3 SECURITY FIX: Correct heap overflow bugs in <a href="https://man.openbsd.org/perl.1">perl(1)</a>.</font><br>A source code patch is available for <a href="errata61.html#p039_perl">6.1</a>, <a href="errata62.html#p011_perl">6.2</a> and <a href="errata63.html#p001_perl">6.3</a>.
+ <!-- 2018-04-14 -->
+ <li>Make ENGINE_finish() succeed on NULL in LibreSSL, simplifies caller code.
+ <li>Make <a href="https://man.openbsd.org/ksh.1">ksh(1)</a> count $SECONDS using monotonic clock.
+ <li>Fix for <a href="https://man.openbsd.org/mg.1">mg(1)</a> when trying to write backups in home dir when run under a different effective user.
+ <!-- 2018-04-13 -->
+ <li>Remove hfsc support from <a href="https://man.openbsd.org/pfctl.8">pfctl(8)</a>.
+ <li>Don't panic if ipmi_sendcmd() fails.
+ <li>Make <a href="https://man.openbsd.org/sshd.8">sshd(8)</a> more resilient against user enumeration timing attacks.
+ <li>Implemented MAP_STACK option for <a href="https://man.openbsd.org/mmap.2">mmap(2)</a>. At pagefaults and syscalls the kernel will check that the SP points to MAP_STACK memory.
+ <!-- 2018-04-12 -->
+ <li>Stop using the PID in <a href="https://man.openbsd.org/ping.8">ping(8)</a>.
+ <li>Make <a href="https://man.openbsd.org/httpd.8">httpd(8)</a> listen on all IPv4 and IPv6 addresses for "listen on *".
+ <li>More steps for i386 Meltdown fixes, will trigger some performance issues.
+ <li>Make <a href="https://man.openbsd.org/re.4">re(4)</a> handle newer devices with only 64bit BARs, and map 32bit BAR as a fallback.
+ <!-- 2018-04-11 -->
+ <li>Add mixer save/restore capability to the <a href="https://man.openbsd.org/audio.4">audio(4)</a> driver for use during suspend/resume.
+ <li>Add support in <a href="https://man.openbsd.org/umsm.4">umsm(4)</a> for Huawei k3772-based devices.
+ <li>Make <a href="https://man.openbsd.org/sasyncd.8">sasyncd(8)</a> schedule events against the monotonic clock so it fires punctually even if system clock is changed.
+ <li>Have <a href="https://man.openbsd.org/fstat.1">fstat(1)</a> print rtable for internet sockets unless it's the default.
+ <li>In <a href="https://man.openbsd.org/tmux.1">tmux(1)</a>, add x and X to choose-tree to kill an item.
+ <li>Make sure the kernel doesn't call logwakeup() while holding a mutex to prevent lock ordering issues.
+ <!-- 2018-04-10 -->
+ <li>Make <a href="https://man.openbsd.org/mandoc.1">mandoc(1)</a> define a previously undefined integer as being zero.
+ <li>Make <a href="https://man.openbsd.org/ksh.1">ksh(1)</a> support 64bit integer operations on 32bit arches too.
+ <li>Added <a href="https://man.openbsd.org/octcrypto.4">octcrypto(4)</a>, a driver for the octeon cryptographic unit, providing hardware-accelerated implementations for several encryption and authentication algorithms for <a href="https://man.openbsd.org/ipsec.4">ipsec(4)</a>. Disabled for now.
+ <!-- 2018-04-09 -->
+ <li>Make <a href="https://man.openbsd.org/smtpd.8">smtpd(8)</a> spfwalk check for legitimate IPv4 and IPv6 addresses before printing.
+ <li>Make headers, manpages and kernel prefer and recommend AF_UNIX name rather than AF_LOCAL.
+ <li>In kqueue, test for preexisting conditions when re-enabling events.
+ <li>Make <a href="https://man.openbsd.org/pcidump.8">pcidump(8)</a> print BARs for bridges as well.
+ <li>On amd64, add support for EFI Random Number Generator and use it to XOR random data into the kernel.
+ <li>Add a hook to the standalone boot code to use a firmware-supplied random function in addition of the machine dependent random function to insert entropy into the booted kernel.
+ <!-- 2018-04-08 -->
+ <li>IPv6 fix for <a href="https://man.openbsd.org/gif.4">gif(4)</a>.
+ <li>Attach the mbuf tag on output <a href="https://man.openbsd.org/gif.4">gif(4)</a> packets to suppress loops over the interface and avoid leak of the tag on every packet.
+ <li>For certain arm devices, if the PHY address isn't specified, only attach a single PHY. Makes Theobrama Systems RK3399-Q7 SoM network interfaces work.
+ <li>Make <a href="https://man.openbsd.org/shutdown.8">shutdown(8)</a> print deadline estimates in the local timezone.
+ <li>Simplify <a href="https://man.openbsd.org/dd.1">dd(1)</a> SIGINFO output routines so the summary printout becomes atomic.
+ <li>Enable <a href="https://man.openbsd.org/islrtc.4">islrtc(4)</a> on arm64 GENERIC and RAMDISK kernels.
+ <li>Added <a href="https://man.openbsd.org/islrtc.4">islrtc(4)</a>, a driver for the ISL208 real time clock.
+ <li>Work around libtool exec limitations.
+ <li>Correct libtls <a href="https://man.openbsd.org/tls_config_clear_keys.3">tls_config_clear_keys(3)</a> behaviour, leaving other configuration data intact.
+ <li>In libtls, switch to <a href="https://man.openbsd.org/OPENSSL_init_ssl.3">OPENSSL_init_ssl(3)</a> to prevent an openssl configuration file from being loaded behind our backs.
+ <li>Add support in <a href="https://man.openbsd.org/dwmmc.4">dwmmc(4)</a> for GPIO card detection.
+ <li>Increase <a href="https://man.openbsd.org/em.4">em(4)</a> delay after reset to 20ms and add a fix for i219 based devices.
+ <!-- 2018-04-17 -->
+ <li>In UEFI, respect the parts where mappings indicate they can be made non-readable, non-executable or read-only.
+ <li>Fixed <a href="https://man.openbsd.org/tmpfs.4">tmpfs(4)</a> to not attempt calling <a href="https://man.openbsd.org/copyin.9">copyin(9)</a> itself.
+ <li>Patch binutils 2.17 so it passes option -Wno-null-pointer-arithmetic when compiled with LLVM 6.0.0.
+ <li>Updated llvm to 6.0.0.
+ <li>Make <a href="https://man.openbsd.org/fstat.1">fstat(1)</a> print a p flag for file descriptors opened after <a href="https://man.openbsd.org/pledge.2">pledge(2)</a>.
+ <li>Better rounding to cylinder boundaries in <a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>.
+ <li>In <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>, allow "Sendenv -PATTERN" to clear environment previously labeled for sending.
+ <li>Fix file descriptor leak in <a href="https://man.openbsd.org/httpd.8">httpd(8)</a> after processing ranged requests.
+ <li>Use existing pf state to speed up UDP socket lookup.
+ <li>Fix memory leak in libcrypto if EVP_Digest() fails.
+ <!-- 2018-04-06 -->
+ <li>In libcrypto, tighten up various checks for X509_VERIFY_PARAM functions.
  <li>In <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>, relax checking of authorized_keys environment="..." options to allow underscores in variable names
  <li>Stop using a non-portable .R <a href="https://man.openbsd.org/man.7">man(7)</a> macro in <a href="https://man.openbsd.org/mandoc.1">mandoc(1)</a>.
  <li>Update <a href="https://man.openbsd.org/mandoc.1">mandoc(1)</a> to use documented and portable character escape sequences for .Do/.Dq.