===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1412
retrieving revision 1.1413
diff -c -r1.1412 -r1.1413
*** www/plus.html 2019/02/04 07:51:22 1.1412
--- www/plus.html 2019/02/14 16:12:13 1.1413
***************
*** 82,87 ****
--- 82,138 ----
+
+ - Set pkcs11.so to initialize pkcs11 interaction to allow it to ask for the smartcard's PIN during ssh-keygen(1) with -D.
+
- Adjusted pfctl(8) parser to insist anchor names must not be empty.
+
- Further simplifed trust anchor handling in unwind(8), allowing removal of wpath and cpath pledges from the parent process.
+
- Set logging of x509 peers' certificate subject names during tls client authentication in httpd(8).
+
- Added Allwinner V3s support.
+
- Adjusted scp(1) to accept shell-style brace alternations (e.g. "{foo,bar}") when verifying that filenames sent by the server match client requests.
+
- Changed ssh(1) to log when a connection is dropped for attempting to run a command when ForceCommand=internal-sftp is in effect.
+
- Updated to xf86-video-apm 1.3.0, xf86-video-s3virge 1.11.0, xf86-video-chips 1.3.0, xf86-video-i128 1.4.0, xf86-video-neomagic 1.3.0 and xf86-video-i740 1.4.0.
+
- Switched to xorgproto.
+
+
+
- Fixed ipv4 checksum calculation for mpls_input.c that was being performed in memory half the necessary size.
+
- Fixed a race condition for install(1). This patch makes the -S option a no-op, its functionality becoming the default behavior.
+
- Fixed stack info leak in execve(2).
+
- Made clear in the documentation that httpd(8) supports fastcgi over TCP.
+
- Imported unbound(8) 1.9.0 and updated unwind's copy of libunbound.
+
+
- Removed rpath from the pledge in cut(1) when only stdin is used.
+
- Rewrote trust anchor handling in unwind(8) to stop using libunbound's auto trust anchor feature, allowing tightening of the resolver process pledges.
+
- Implemented processing of EncryptedExtensions in the ssl(3) TLSv1.3 client.
+
- Added lock stack trace saving for witness(4). This setting is not enabled by default.
+
- Adjusted bwfm(4) to correct possible memory leaks by changing it to consistently use m_freem(9) and adding an assert to identify overruns of the task ring queue.
+
+
- Reworked fec(4) handling of descriptors and buffers. Added recovery in the case of a full transmission queue.
+
- Improved handling of roff identifiers that end with a tab character in mandoc(1).
+
- Fixed a possible memory leak in tcp_usrreq().
+
- Replaced overlapping memcpy(3) with memmove(3) in getpathname() for fsck_ffs(8) and fsck_ext2fs(8).
+
- Added display of rcpt address for RCPT errors in smtpd(8).
+
- Added -b to display-panes like run-shell in tmux(1).
+
+
- Fixed addend handling for relaxing R-PPC-PLTREL24 relocations in ld.bfd(1), making -Wl and -relax work well enough to link base clang on macppc.
+
- Fixed a potential out-of-bounds read when regcomp(3) is passed a bad expression.
+
- Adjusted ps(1) to work in single user mode where /var/run is unavailable or in cases where /dev does not exist.
+
- Added an example unwind.conf(5). (Note that unwind(8) works without a config file in many cases).
+
- Converted openssl(1) pkey to the newer style of option handling.
+
- Added handling of Cisco's Encapsulated Remote Switch Port Analyzer (ERSPAN) protocol to tcpdump(8).
+
+
- Fixed printing of major and minor from dev_t in various parts of the tree.
+
- Fixed NULL-deference crash in ssh(1) in the PKCS#11 code.
+
- Fixed a potential mbuf double free in the out-of-band soreceive() path.
+
- Added support for defining variables through the environment in pkg-config(1).
+
- Implemented as-override in bgpd(8), a feature where the neighbor AS is replaced by the local AS in AS paths.
+
- Added --validate flag to pkg-config(1) and updated version to 0.29.0.
+
- Added a pthread_get_name_np(3) to match pthread_set_name_np(3) in pthreads(3).
+
- Fixed an undefined case when neither -msave-args or -mno-save-args are specified in LLVM.
+
- Imported libc++, libc++abi and libunwind version 7.0.1.
+
- Adjusted members of glob_t to match POSIX in glob(3). IMPORTANT NOTE: This required a libc major version bump.
+
- Implementing parsing and processing of TLSv1.3 ServerHello messages in ssl(4).
+
- Fixed a panic caused by bwfm(4) by handling control messages that exceed MLEN.
+
- Applied a fix to update the caller-supplied pointer in semundo_adjust() to prevent a potential use-after-free panic.
- Allowed tun(4) access to AF_MPLS packets from userland.
- Converted openssl(1) rsautl to the newer style of option handling.