===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.715
retrieving revision 1.716
diff -c -r1.715 -r1.716
*** www/plus.html 2001/01/23 04:18:24 1.715
--- www/plus.html 2001/01/23 16:04:40 1.716
***************
*** 4,13 ****
OpenBSD-current changes
!
!
!
--- 4,13 ----
OpenBSD-current changes
!
!
!
***************
*** 47,92 ****
SECURITY FIX: The rnd(4) device does not use all of its input when data is written to it.
A patch is available.
[Applied to stable]
! IMPLEMENTATION FIX: PS/2 mouse driver, pms, lockup fix.
! A patch is available.
! [Applied to stable]
! Fix setting of nwid for wi(4).
! [Applied to stable]
SECURITY FIX: xlock now authenticates via a pipe.
A patch is available.
[Applied to stable]
SECURITY FIX: Fix holes in procfs.
A patch is available.
[Applied to stable]
In ipsec(9), look for TDB if gateway is unspecified.
[Applied to stable]
IMPLEMENTATION FIX: Compute crypto(9) session IDs correctly for kernel.
A patch is available.
[Applied to stable]
SECURITY FIX: Fix another security problem in the KerberosIV code.
A patch is available.
[Applied to stable]
! SECURITY FIX: Fix two security problems in the KerberosIV code.
! A patch is available.
! [Applied to stable]
SECURITY FIX: Fix buffer overflow in ftpd.
A patch is available.
[Applied to stable]
IMPLEMENTATION FIX: Fix fastroute related panic.
A patch is available.
[Applied to stable]
Fix deletion of flows in pf_key_v2 handling of isakmpd(8)
[Applied to stable]
IMPLEMENTATION FIX: Imac DV reports the VGA device improperly.
A patch is available.
[Applied to stable]
! fix CAST-128 key size in isakmpd(8)
! [Applied to stable]
RELIABILITY FIX: The qec+qe ethernet cards should not generate NMIs.
A patch is available.
[Applied to stable]
Repair overriding of pseudo devices in config(8)
[Applied to stable]
RELIABILITY FIX: repair AES (rijndael)
kernel support.
A patch is available.
--- 47,257 ----
SECURITY FIX: The rnd(4) device does not use all of its input when data is written to it.
A patch is available.
[Applied to stable]
! Fix sprintf overflow in
! fsinfo(8).
! fdisk(8)
! can change only the partition ID if desired.
! Use gif* instead of enc* for IPsec bridges.
! Permit multiple
! dhclient(8)s
! to run simultaniously.
! Have rc initialize RAID parity.
! Let talk(1)
! pass high characters without escaping; for use with other charsets (disabled by default).
! Prevent mountd(8)
! from deadlocking due to DNS issues.
! ftpd(8)
! logs actual bytes transfered as opposed to original file size.
! fsck_ffs(8)
! no longer marks filesystem clean if fsck needs to be rerun.
! dhclient(8)
! gracefuly handles missing LEASE_TIME.
! gprof(1)
! now works under mvme88k.
! ssh(1)
! option: HostKeyAlias. Other minor ssh(d) fixes.
! Make the
! auvia(4)
! driver behave nicely with fixed rate codecs.
! Revoke root priveleges as early as possible in
! ping6(8).
! Make edquota(8)
! and repquota(8)
! handle quotas over 4 gigabytes correctly.
! SSH cleanups.
! In ksh(1),
! don't reset nonblock if it's not interactive.
!
SECURITY FIX: xlock now authenticates via a pipe.
A patch is available.
[Applied to stable]
+
+ IMPLEMENTATION FIX: PS/2 mouse driver, pms, lockup fix.
+ A patch is available.
+ [Applied to stable]
+ Only invoke DMA transfers when transfering over 100 bytes for some drives.
+
SECURITY FIX: Fix holes in procfs.
A patch is available.
[Applied to stable]
+
+ Fix setting of nwid for wi(4).
+ [Applied to stable]
+ Compaq SMART Array RAID controllers supported.
+ New machdep.allowaperature sysctl value of "2" to provide access
+ to entire first megabyte of memory.
+ Fixed some obscure PCMCIA related panics.
+ Merged Apache 1.3.14 and mod_ssl 2.7.1.
+ Add support for the Natsemi 83820.
+ Fix /etc/sudoers permissions and initial creation handling.
+ Merged openssl-engine-0.9.6.
+ More photurisd(8)
+ cleanup.
+ Allow sys/netinet/ip_spd.c to compile in non-INET6 kernels.
+ Synchronized pfkeyv2 implementation with pfkey RFC.
+
In ipsec(9), look for TDB if gateway is unspecified.
[Applied to stable]
+ New CRYPTO option for
+ options(4).
+ Add bytecounter stats to
+ netstat(1).
+ New timeouts in some SCSI and RAID drivers.
+ Strengthen random TCP sequence numbers.
+
IMPLEMENTATION FIX: Compute crypto(9) session IDs correctly for kernel.
A patch is available.
[Applied to stable]
+ In ssh(8),
+ don't abort login when failing to set tty owner and mode if the tty already has
+ correct owner and permissions.
+ sshd(8)
+ no longer requires a source port > 1024 for rhosts-rsa.
+ New ICMP types and codes.
+ Add support for the 802.1D spanning tree protocol for bridges.
+ Add transport protocol/ports negotiation support to
+ isakmpd(8),
+ among other IPsec changes from the EOM-branch merge.
+ Turn off path MTU when ICMP needfrag messages are blocked.
+ Big batch of Alpha drivers added to Alpha's GENERIC kernel.
+ Don't let
+ route(8)
+ touch region after free.
+ Removed libgmp.
+ Make
+ photurisd(8)
+ use bignum.
+
SECURITY FIX: Fix another security problem in the KerberosIV code.
A patch is available.
[Applied to stable]
! In ssh(1)
! when using skey/tis-auth always request new challenge.
! Support newer cy cards in the
! cy(4)
! driver.
! New Swiss and jp106 keyboard maps.
! CVS_RSH is set to "ssh" by default in
! cvs(1).
! Fix endianess issues in
! ssh(1);
! Overhaul the
! adw(4)
! driver.
! Add vrrp, smb, and timed printing to
! tcpdump(8).
! calendar(4)
! only accepts real files.
! Fix perror() calls in
! pcvt(4)
! that were buffer overflows.
! Avoid argv passing overflow in
! tftp(1).
! Support I/O Data USB-ET/T USB ethernet in the
! kue(4)
! driver.
! Fix (partially) the reset sequence for 16-bit PCMCIA cards.
! Extend paranoia surrounding passed KRB environment variables in
! telnet(1).
! Update the
! isp(4)
! driver adding maxluns support, among other things.
! PCI LIVENGOOD chipset support.
! Support the other 3com 990 series cards.
! libtermlib obsolete; removed.
! Fix RIPv0 (RFC 1058) and NFS port-number printing in
! tcpdump(8).
! Make pcap generated BPF filters work on the tun interface.
! Add
! ssh-keyscan(1)
! to the arsenal.
!
SECURITY FIX: Fix buffer overflow in ftpd.
A patch is available.
[Applied to stable]
+
IMPLEMENTATION FIX: Fix fastroute related panic.
A patch is available.
[Applied to stable]
+
+ SECURITY FIX: Fix two security problems in the KerberosIV code.
+ A patch is available.
+ [Applied to stable]
+ ftpd(8)
+ can get umask via a login class in login.conf.
+ VLAN devices stop sending packets if the parent interface isn't running.
+ Stability fixes in
+ isakmpd(8).
+ ssh-agent(1)
+ disables agent, x11, and port forwarding if hostkey has changed.
+ Prevent
+ ssh-agent(1)
+ from dumping core.
+ isakmpd(8)'s
+ x509 handling ignores the ID length.
+ Support hot insertion and removal of Texas Instruments PCI113X CardBus bridges.
+
Fix deletion of flows in pf_key_v2 handling of isakmpd(8)
[Applied to stable]
+ Avoid race conditition in
+ adduser(8).
+ Fix pciide on 164sx Alphas.
+ Variable handling in
+ make(1)
+ improved, along with other fixes.
+ MAKEDEV(8)
+ enforces ttyC[0-f].
+ ssh(1)
+ can gracefuly handle invalid ciphers.
+ General isakmpd(8)
+ improvements, including PGPnet interoperability fixes.
+ Bigger RAM probe delay in
+ hifn(4)
+ driver.
+ Assorted
+ ksh(1) fixes.
+ Support for kernel events on vnodes.
+
+ fix CAST-128 key size in isakmpd(8)
+ [Applied to stable]
+
IMPLEMENTATION FIX: Imac DV reports the VGA device improperly.
A patch is available.
[Applied to stable]
! Avoid SIGHUP log issue in
! ypserv(8).
! Support kernel event queues via
! kqueue(2).
! Support for quite a few more USB devices, including scanners.
RELIABILITY FIX: The qec+qe ethernet cards should not generate NMIs.
A patch is available.
[Applied to stable]
Repair overriding of pseudo devices in config(8)
[Applied to stable]
+ Harden ftpd(8)'s
+ EPSV and EPRT handling.
+ Fix off-by-one error in
+ ssh-agent(1).
RELIABILITY FIX: repair AES (rijndael)
kernel support.
A patch is available.
***************
*** 94,99 ****
--- 259,266 ----
IMPLEMENTATION FIX: In sshd(8), fix skey support in SSH1 protocol.
A patch is available.
[Applied to stable]
+ Fix ifconfig(8)
+ induced panic when given a specific IPv6 option combination.
RELIABILITY FIX: The ThunderLAN driver, tl(4), should not claim all interrupts.
A patch is available.
[Applied to stable]
***************
*** 167,173 ****
www@openbsd.org
!
$OpenBSD: plus.html,v 1.715 2001/01/23 04:18:24 jason Exp $