=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v retrieving revision 1.715 retrieving revision 1.716 diff -c -r1.715 -r1.716 *** www/plus.html 2001/01/23 04:18:24 1.715 --- www/plus.html 2001/01/23 16:04:40 1.716 *************** *** 4,13 **** OpenBSD-current changes ! ! ! --- 4,13 ---- OpenBSD-current changes ! ! ! *************** *** 47,92 ****
  • SECURITY FIX: The rnd(4) device does not use all of its input when data is written to it.
    A patch is available.
    [Applied to stable] !
  • IMPLEMENTATION FIX: PS/2 mouse driver, pms, lockup fix.
    ! A patch is available.
    ! [Applied to stable] !
  • Fix setting of nwid for wi(4).
    ! [Applied to stable]
  • SECURITY FIX: xlock now authenticates via a pipe.
    A patch is available.
    [Applied to stable]
  • SECURITY FIX: Fix holes in procfs.
    A patch is available.
    [Applied to stable]
  • In ipsec(9), look for TDB if gateway is unspecified.
    [Applied to stable]
  • IMPLEMENTATION FIX: Compute crypto(9) session IDs correctly for kernel.
    A patch is available.
    [Applied to stable]
  • SECURITY FIX: Fix another security problem in the KerberosIV code.
    A patch is available.
    [Applied to stable] !
  • SECURITY FIX: Fix two security problems in the KerberosIV code.
    ! A patch is available.
    ! [Applied to stable]
  • SECURITY FIX: Fix buffer overflow in ftpd.
    A patch is available.
    [Applied to stable]
  • IMPLEMENTATION FIX: Fix fastroute related panic.
    A patch is available.
    [Applied to stable]
  • Fix deletion of flows in pf_key_v2 handling of isakmpd(8)
    [Applied to stable]
  • IMPLEMENTATION FIX: Imac DV reports the VGA device improperly.
    A patch is available.
    [Applied to stable] !
  • fix CAST-128 key size in isakmpd(8)
    ! [Applied to stable]
  • RELIABILITY FIX: The qec+qe ethernet cards should not generate NMIs.
    A patch is available.
    [Applied to stable]
  • Repair overriding of pseudo devices in config(8)
    [Applied to stable]
  • RELIABILITY FIX: repair AES (rijndael) kernel support.
    A patch is available.
    --- 47,257 ----
  • SECURITY FIX: The rnd(4) device does not use all of its input when data is written to it.
    A patch is available.
    [Applied to stable] !
  • Fix sprintf overflow in ! fsinfo(8). !
  • fdisk(8) ! can change only the partition ID if desired. !
  • Use gif* instead of enc* for IPsec bridges. !
  • Permit multiple ! dhclient(8)s ! to run simultaniously. !
  • Have rc initialize RAID parity. !
  • Let talk(1) ! pass high characters without escaping; for use with other charsets (disabled by default). !
  • Prevent mountd(8) ! from deadlocking due to DNS issues. !
  • ftpd(8) ! logs actual bytes transfered as opposed to original file size. !
  • fsck_ffs(8) ! no longer marks filesystem clean if fsck needs to be rerun. !
  • dhclient(8) ! gracefuly handles missing LEASE_TIME. !
  • gprof(1) ! now works under mvme88k. !
  • ssh(1) ! option: HostKeyAlias. Other minor ssh(d) fixes. !
  • Make the ! auvia(4) ! driver behave nicely with fixed rate codecs. !
  • Revoke root priveleges as early as possible in ! ping6(8). !
  • Make edquota(8) ! and repquota(8) ! handle quotas over 4 gigabytes correctly. !
  • SSH cleanups. !
  • In ksh(1), ! don't reset nonblock if it's not interactive. !
  • SECURITY FIX: xlock now authenticates via a pipe.
    A patch is available.
    [Applied to stable] + +
  • IMPLEMENTATION FIX: PS/2 mouse driver, pms, lockup fix.
    + A patch is available.
    + [Applied to stable] +
  • Only invoke DMA transfers when transfering over 100 bytes for some drives. +
  • SECURITY FIX: Fix holes in procfs.
    A patch is available.
    [Applied to stable] + +
  • Fix setting of nwid for wi(4).
    + [Applied to stable] +
  • Compaq SMART Array RAID controllers supported. +
  • New machdep.allowaperature sysctl value of "2" to provide access + to entire first megabyte of memory. +
  • Fixed some obscure PCMCIA related panics. +
  • Merged Apache 1.3.14 and mod_ssl 2.7.1. +
  • Add support for the Natsemi 83820. +
  • Fix /etc/sudoers permissions and initial creation handling. +
  • Merged openssl-engine-0.9.6. +
  • More photurisd(8) + cleanup. +
  • Allow sys/netinet/ip_spd.c to compile in non-INET6 kernels. +
  • Synchronized pfkeyv2 implementation with pfkey RFC. +
  • In ipsec(9), look for TDB if gateway is unspecified.
    [Applied to stable] +
  • New CRYPTO option for + options(4). +
  • Add bytecounter stats to + netstat(1). +
  • New timeouts in some SCSI and RAID drivers. +
  • Strengthen random TCP sequence numbers. +
  • IMPLEMENTATION FIX: Compute crypto(9) session IDs correctly for kernel.
    A patch is available.
    [Applied to stable] +
  • In ssh(8), + don't abort login when failing to set tty owner and mode if the tty already has + correct owner and permissions. +
  • sshd(8) + no longer requires a source port > 1024 for rhosts-rsa. +
  • New ICMP types and codes. +
  • Add support for the 802.1D spanning tree protocol for bridges. +
  • Add transport protocol/ports negotiation support to + isakmpd(8), + among other IPsec changes from the EOM-branch merge. +
  • Turn off path MTU when ICMP needfrag messages are blocked. +
  • Big batch of Alpha drivers added to Alpha's GENERIC kernel. +
  • Don't let + route(8) + touch region after free. +
  • Removed libgmp. +
  • Make + photurisd(8) + use bignum. +
  • SECURITY FIX: Fix another security problem in the KerberosIV code.
    A patch is available.
    [Applied to stable] !
  • In ssh(1) ! when using skey/tis-auth always request new challenge. !
  • Support newer cy cards in the ! cy(4) ! driver. !
  • New Swiss and jp106 keyboard maps. !
  • CVS_RSH is set to "ssh" by default in ! cvs(1). !
  • Fix endianess issues in ! ssh(1); !
  • Overhaul the ! adw(4) ! driver. !
  • Add vrrp, smb, and timed printing to ! tcpdump(8). !
  • calendar(4) ! only accepts real files. !
  • Fix perror() calls in ! pcvt(4) ! that were buffer overflows. !
  • Avoid argv passing overflow in ! tftp(1). !
  • Support I/O Data USB-ET/T USB ethernet in the ! kue(4) ! driver. !
  • Fix (partially) the reset sequence for 16-bit PCMCIA cards. !
  • Extend paranoia surrounding passed KRB environment variables in ! telnet(1). !
  • Update the ! isp(4) ! driver adding maxluns support, among other things. !
  • PCI LIVENGOOD chipset support. !
  • Support the other 3com 990 series cards. !
  • libtermlib obsolete; removed. !
  • Fix RIPv0 (RFC 1058) and NFS port-number printing in ! tcpdump(8). !
  • Make pcap generated BPF filters work on the tun interface. !
  • Add ! ssh-keyscan(1) ! to the arsenal. !
  • SECURITY FIX: Fix buffer overflow in ftpd.
    A patch is available.
    [Applied to stable] +
  • IMPLEMENTATION FIX: Fix fastroute related panic.
    A patch is available.
    [Applied to stable] + +
  • SECURITY FIX: Fix two security problems in the KerberosIV code.
    + A patch is available.
    + [Applied to stable] +
  • ftpd(8) + can get umask via a login class in login.conf. +
  • VLAN devices stop sending packets if the parent interface isn't running. +
  • Stability fixes in + isakmpd(8). +
  • ssh-agent(1) + disables agent, x11, and port forwarding if hostkey has changed. +
  • Prevent + ssh-agent(1) + from dumping core. +
  • isakmpd(8)'s + x509 handling ignores the ID length. +
  • Support hot insertion and removal of Texas Instruments PCI113X CardBus bridges. +
  • Fix deletion of flows in pf_key_v2 handling of isakmpd(8)
    [Applied to stable] +
  • Avoid race conditition in + adduser(8). +
  • Fix pciide on 164sx Alphas. +
  • Variable handling in + make(1) + improved, along with other fixes. +
  • MAKEDEV(8) + enforces ttyC[0-f]. +
  • ssh(1) + can gracefuly handle invalid ciphers. +
  • General isakmpd(8) + improvements, including PGPnet interoperability fixes. +
  • Bigger RAM probe delay in + hifn(4) + driver. +
  • Assorted + ksh(1) fixes. +
  • Support for kernel events on vnodes. + +
  • fix CAST-128 key size in isakmpd(8)
    + [Applied to stable] +
  • IMPLEMENTATION FIX: Imac DV reports the VGA device improperly.
    A patch is available.
    [Applied to stable] !
  • Avoid SIGHUP log issue in ! ypserv(8). !
  • Support kernel event queues via ! kqueue(2). !
  • Support for quite a few more USB devices, including scanners.
  • RELIABILITY FIX: The qec+qe ethernet cards should not generate NMIs.
    A patch is available.
    [Applied to stable]
  • Repair overriding of pseudo devices in config(8)
    [Applied to stable] +
  • Harden ftpd(8)'s + EPSV and EPRT handling. +
  • Fix off-by-one error in + ssh-agent(1).
  • RELIABILITY FIX: repair AES (rijndael) kernel support.
    A patch is available.
    *************** *** 94,99 **** --- 259,266 ----
  • IMPLEMENTATION FIX: In sshd(8), fix skey support in SSH1 protocol.
    A patch is available    .
    [Applied to stable] +
  • Fix ifconfig(8) + induced panic when given a specific IPv6 option combination.
  • RELIABILITY FIX: The ThunderLAN driver, tl(4), should not claim all interrupts.
    A patch is available    .
    [Applied to stable] *************** *** 167,173 ****
    OpenBSD www@openbsd.org !
    $OpenBSD: plus.html,v 1.715 2001/01/23 04:18:24 jason Exp $ --- 334,340 ----
    OpenBSD www@openbsd.org !
    $OpenBSD: plus.html,v 1.716 2001/01/23 16:04:40 deraadt Exp $