===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.757
retrieving revision 1.758
diff -c -r1.757 -r1.758
*** www/plus.html 2001/04/23 23:05:53 1.757
--- www/plus.html 2001/04/24 06:59:17 1.758
***************
*** 14,20 ****
!
Changes made between OpenBSD 2.8 and OpenBSD-current
This is a partial list of the major machine independent changes
--- 14,20 ----
!
Changes made between OpenBSD 2.9 and OpenBSD-current
This is a partial list of the major machine independent changes
***************
*** 40,45 ****
--- 40,46 ----
For changes leading up to OpenBSD 2.6, click here.
For changes leading up to OpenBSD 2.7, click here.
For changes leading up to OpenBSD 2.8, click here.
+ For changes leading up to OpenBSD 2.9, click here.
***************
*** 48,723 ****
We are working on OpenBSD-current.
! - SECURITY FIX: Avoid DoS attack in ftpd using glob patch.
! A patch is available.
! [Applied to stable]
! - SECURITY FIX: Fix ipf fragment caching bug.
! A patch is available.
! [Applied to stable]
! - SECURITY FIX: Fix buffer overflows contained in glob(3) function.
! A patch is available.
! [Applied to stable]
! - Check for short packets and bad types sent to timed(8).
! [Applied to stable]
! - OpenSSH 2.5.2 released.
! [Applied to stable]
! - SECURITY FIX: Be careful with file permissions in readline library
! A patch is available.
! [Applied to stable]
! - Make buffer size 8k on NE1000, and 16k otherwise for
! ne.
! [Applied to stable]
! - Move bogus packet length test in udp packets to avoid being stuck at splsoftnet.
! [Applied to stable]
! - SECURITY FIX: for ipsec(4), handle AH packets with IP options more strictly.
! A patch is available.
! [Applied to stable]
! - SECURITY FIX: on i386, check arguments to USER_LDT (not enabled by default) mappings.
! A patch is available.
! [Applied to stable]
! - SECURITY FIX: update to sudo-1.6.3p6 which fixes a buffer overflow on very long argv components.
! A patch is available.
! [Applied to stable]
! - OpenSSH 2.5.1 released.
! [Applied to stable]
! - IMPLEMENTATION FIX: fix port number computation in libwrap client side ident implementation.
! A patch is available.
! [Applied to stable]
! - Disable bogus file check in cvs(1).
! [Applied to stable]
! - OpenSSH 2.5.0 released.
! [Applied to stable]
! - OpenSSH 2.3.2 released.
! [Applied to stable]
! - In tcpdump(8), deobfuscate some IP protocols and improve IPSEC tunnelmode printing.
!
- Set the offset for SCSI chain B properly in the VAX ncr(4) driver.
!
- Import XFree86 4.0.2.
!
- Long username fixes to lpd(8) and lprm(1).
!
- Convert the powerpc port to UVM(9).
!
- Import siop(4), a replacement for the ncr(4) SCSI driver.
!
- Support more NE2000 PCMCIA devices.
!
- Avoid passing shared mbufs around the kernel to prevent accidental overwrites.
!
- Add pcscp(4), a driver which supports AMD Am53c974 SCSI controllers.
!
- Modify sliplogin(8) to handle long usernames.
!
- Add portsplus.html which tracks changes to the ports collection.
!
- Allow X to work without pcvt(4).
!
- Fix an authorizer removal problem in keynote(3).
!
- Deactivate function pointers upon interface detach to avoid crashes.
!
- Deal with the real time clock losing interrupts on i386.
!
- Bump maxusers to 32 in the alpha port.
!
- Avoid a theoretical buffer overflow in getpwent(3).
!
- Fix an uninitialized variable in bsd.port.mk(5).
!
- Disregard ospeed in tetris(6).
!
- Modify wall(1) to handle long usernames.
!
- Many isp(4) SCSI driver improvements and updates.
!
- Fix goto-line 0 case in mg(1).
!
- Fix PermitRootLogin option in ssh(1).
!
- In brconfig(8), skip empty lines in the rulefile.
!
- Fix HTTP installs, which were broken for quite awhile.
!
- Repair statclock on mvme88k.
!
- Ensure softupdates is enabled before performing softupdates-specific operations.
!
- Define a sendmail(8) variable to workaround broken name servers.
!
- Allow up to 12 virtual terminals in wscons(4).
!
- Correct VAX signal handling.
!
- Cleanup MAC support in SSH2.
!
- Support attachment of Cheetah devices to vsbus as well as ibus in the VAX port.
!
- Disable a bogus file check in cvs(1) to ease the pain of having replicated repositories.
!
- Ensure $RSH is set in the rcmd(3) functions.
!
- String table fixes to ddb(4) and modload(8).
!
- Update wscons(4) code.
!
- Pull in fixes for potential buffer overflows in xdm(1).
!
- Compatibility fixes to tar(1).
!
- Many OpenSSH cleanups and improvements.
!
- New ELF symbol handling in ddb(4).
!
- Enable wscons support in XFree86.
!
- Modify PCI power state for clct(4) devices so they work after warm reboots.
!
- Repair BPF support in gre(4).
!
- Fix an uninitialized variable in wsdisplay(4).
!
- Fix file attribute passing in sftp-server(8).
!
- Correct a memory usage error in ssh-keyscan(1).
!
- Add support to the powerpc for loading the bootloader and kernel from an HFS filesystem.
!
- Better failure handling in vr(4).
!
- Add support to dc(4) for parsing media blocks from Intel 21143 SROMs.
!
- Strengthen SSH1 to make traffic analysis more difficult.
!
- Updates to /etc/services from IANA.
!
- In ssh(1), enforce non-batch_mode if StrictHostKeyChecking is set to "ask".
!
- Backport a buffer overflow fix from XFree86 4.0.2 to in-tree XFree 3.3.6.
!
- Stricter prototypes, type fixes, and other cleanups in OpenSSH.
!
- Switch IPv6 raw socket code from NRL to KAME.
!
- Stricter checking in SSH2.
!
- Implement an upper limit for icmp6(4) redirects.
!
- Fix rwhod(8) to work, and make debug code a flag option.
!
- Mark our tree such that we use wscons(4) as if it is vt220, instead of vt100.
!
- In wscons(4), when scrolled back, if a new key is pressed, reset us to our previous location, as pcvt(4) used to do.
!
- Permit sftp(1) over SSH1 protocol.
!
- In sftp(1), do not forward agent or X11 traffic.
!
- In tar(1), fix -T option and add support for -C option
!
- Honor TMPDIR variable in tar(1), cpio(1), and pax(1).
!
- perl(1) patch CHANGE6214.
!
- New route6d(8).
!
- Numerous more changes to sftp-server(8) and sftp(1).
!
- Changes to accept(2) to permit return of ECONNABORTED.
!
- Quieten IPv6 DN message reporting by default.
!
- Improve xmalloc() and friends in ssh(1) code..
!
- Remove dead architecture support from the tree.
!
- Remove support for #! from syslogd(8).
!
- cac(4) driver to support Compaq Smart ARRAY RAID controllers.
!
- Ignore blank lines in hostname.if(5) files.
!
- In ssh(1), add -1 option to force protocol 1.
!
- Enable sftp-server(8) by default.
!
- Numerous bug fixes to sftp-server(8) and sftp(1).
!
- Make scsi work on the vaxstation 4000/90.
!
- Same for tun(4), gif(4), and others..
!
- Change lo(4) initialization code so that boot -c pseudo-device editing code can affect it in the expected fashion.
!
- If kernel has ddb(4) support, add a ddb sub-command inside boot -c.
!
- Teach the bridge to deal with ARP alignment in the presence of numerous previous layers...
!
- EtherIP support in tcpdump(8).
!
- Fix a bug introduced a few weeks ago in yppush(8).
!
- A bit of a trawl through the source tree to please the alpha, since various problems occur in the absence of perfect weak symbols.
!
- libc_r works on the alpha now.
!
- Many new fixes to sort(1).
!
- Teach config -e and boot -c about pseudo-devices.
!
- Fix perl(1) h2ph scripts.
!
- More bridge(4) fixes for unicast learning.
!
- Add sftp(1) client.
!
- Fix an off-by-{1,2,4} error in i386_space_copy(). wscons(4) now works perfectly.
!
- More fixes to rtadvd(8).
!
- Fix bugs in atc(6), snake(6), battlestar(6), phantasia(6), and adventure(6).
!
- Enable scrollback from USB keyboards.
!
- Numerous improvements in ppp(8).
!
- At ELF execve(2) time, check for the OpenBSD note first, so that native binaries run best.
!
- Attempt to share crtbegin/crtend in ELF csu, including an OS note.
!
- Change powerpc ld.so(1) so all architectures use DT_INIT for ctors/init.
!
- Fix overlapping bus space copy operations on i386.
!
- Move EtherIP to version 3 (2 byte padded header).
!
- Art does battle with ksyms(4), gets wounded, but eventually wins.
!
- In sshd(8), S/Key is now called ChallengeResponse.
!
- Make ReverseMappingCheck optional in sshd_config.
!
- Mickey the madman goes on a new timeout crawl through pci and isa drivers.
!
- Fix nlist(3) emulation for cases where the ELF header does not exist; permits /dev/ksyms to work on ELF machines.
!
- Emulate some new freebsd signal(2) related things in compat_freebsd(8).
!
- In IPv6, avoid panic when packet to nonexistent link-local address is issued.
!
- xl(4) no longer needs to whine about tx underruns.
!
- Fix ELF support for compat_freebsd(8).
!
- Catch the alpha up to wscons(4) changes.
!
- Fix wscons(4) wsmux(4) attachment.
!
- Support mvme188 card in mvme88k port.
!
- If a pccbb(4) bridge does not have the right voltages, assume it is dead. Permits single connector adapters to work.
!
- Fix some bugs in the bridge(4), especially regarding gif(4).
!
- IMPLEMENTATION FIX: fix memory allocation in the PCI LANCE ethernet driver, le(4).
! A patch is available.
! [Applied to stable]
! - In config(8) -e and -u, do not write out a new kernel if nothing changed.
!
- Numerous fat utmp(5) changes to utilities.
!
- Move utmp(5) to large format.
!
- Fix some incorrect return values for mmap(2) functions.
! [Applied to stable]
! - Make top(1) not setgid.
!
- Update X11 to support the new i386 changes.
!
- Configure wscons(4) defaults to be what our users expect.
!
- moused(8) is dead for now.
!
- Enable uhci(4) and ohci(4) devices by default in GENERIC.
!
- Range-check invalid .max fields in inetd(8).
!
- Various post-merge ipf fixes. Some previous fixes got removed and had to be put back in.
!
- In ATAPI code, ignore PIOMODE errors.
!
- On many architectures, change console name to ttyC? instead of ttyE?.
!
- Add -U option to ELF ldconfig(8).
!
- Move i386 to wscons(4).
!
- Re-org the alpha boot floppies.
!
- More improvements against the Bleichenbacher pkcs#1 attack.
!
- Fix more select overflow issues in ssh(1).
!
- gcc 2.95.3, test 2.
!
- ises(4), start of a driver for the Pijnenburg PCC-ISES crypto chip. Does random entropy insertion.
!
- Permit many compat system calls to match to the same native call (was not permitted before).
!
- A bunch of people are doing a kernel trawl to update drivers to new timeouts.
!
- Support boot -c on the sparc.
!
- Fix an early timeout bug in wdc/ata support, which caused problems with atapi tape drives.
!
- Niklas runs through the tree doing commits in an attempt to keep up with Todd's much higher commit count.
!
- Receive random numbers from ubsec(4) cards.
!
- Make wdc mode printing more portable, so that the powerpc can use it too.
!
- adb(4) drivers in powerpc port.
!
- New upl(4) driver for Prolific PL2301/PL2302 USB host-to-host driver. This acts like a network device.
!
- Remove -Q flag from sshd(8).
!
- Change audio-driver interface so drivers can supply a minimum delta for mixer value changes.
!
- USB sync.
!
- SECURITY FIX: fix some buffer overflows in named(8).
! A patch is available.
! [Applied to stable]
! - Support Cheetah vaxes.
!
- Improve MAKEDEV(8) manual pages on many architectures.
!
- Cause pcibios(4) to route interrupts via the pci router at the time interrupts are established for each driver, not before.
!
- Optimize pcidevs, usbdevs(8), and other tables in the kernel.
!
- Both wi(4) and awi(4) now support more models of cards.
!
- skey(1) SHA1 is supposed to be little endian.
!
- Improve ping6(8) signal handling further.
!
- Merge isakmpd(8) in. It is no longer separate.
!
- Many ppp(8) improvements.
!
- Handle binary data in install floppy dmesg.
!
- Improve ELF handling of nlist(3).
!
- Print CPU speed in GHz if it is that fast.
!
- Detect Transmeta cpus.
!
- On powerpc, ensure that signal delivery fills in rval[1]; at least pthread was affected.
!
- Move powerpc to MACHINE_NEW_NONCONTIG.
!
- In mg(1), do not use rename(2) on the ~ file; make a new copy so that vipw(8) and crontab(1) do the right thing.
!
- Tweak alpha so it sends SIGBUS for unaligned access, and does NOT do a fixup. This encourages people to fix their code.
!
- KGDB support for the i386.
!
- Pack alpha definition of infinity properly, other architectures too.
!
- Recognize Intel P4 cpu.
!
- Various space optimizations for alpha boot floppies.
!
- Fix CF wdc, which was broken for a while.
!
- Add "enable" keyword in config(8) files.
!
- Merge and simplify emulation directory handling code.
!
- Support Initio INI-91xx cards via new iha(4) driver.
!
- In accept(2), when peer disconnects before accept is issued, do not return junk in mbuf by setting length to 0.
!
- Support Hardware RNG on i850 and i860 hubs.
!
- Fix sysctl(3) so that you can clear a string with it.
!
- In sshd(8), rename "skey" to "challenge response", since this mechanism is now more flexible.
!
- Reduce how long we wait for scsi devices to come ready; 50 seconds is enough.
!
- pcvt keyboard LED update lockup patch.
!
- ncurses-5.2-20010114
!
- Fix many more sshd(8) memory leaks.
!
- Fix memory leak in isakmpd(8).
!
- In timed(8), do not accept packets with an unterminated hostname.
! [Applied to stable]
! - Alias map bios rom at both real address and it's own zero-relative address, because bios roms contain bugs.
!
- In rtadvd(8), sync router renumbering flag bit to conform to 2292bis-02 and RR RFC.
!
- Get rid of -R flag in ssh-keygen(1).
!
- Avoid memory leak in ndp(8).
!
- Establish pccbb(4), ohci(4), and uhci(4) interrupt handler much earlier, because of coming pcibios(4) changes.
!
- Numerous small fixes to sshd(8) and friends.
!
- In ssh(1), fix SIGSEGV for -o "".
!
- On i386, validate gate targets.
!
- The easy delete key always returns ^?, while the more difficult one returns ^H.
!
- Incorporate a set of post-4.4BSD changes to the kernel routing code.
!
- Support more than 256MB of ram on powerpc.
!
- Be more careful with assuming with VIA chips can handle U66.
!
- Document better how code using sigblock(3) and sigsetmask(3) would be converted to use sigprocmask(2).
!
- Get sshd(8) ready for auth-login.
!
- In ifconfig(8), permit prefixlen to work against ipv4 addresses.
!
- Change savecore(8) to deal with machines dumping 1GB or more..
!
- Attempt to deal with inverted signal races in terminal handlers better, throughout the source tree -- ie. main code is deep inside stdio, signal handler calls exit().
!
- Document rules that apply to signal handlers in signal(3) and sigaction(2).
!
- ipf 3.4.15
!
- Fix a vi(1) crash.
!
- SECURITY FIX: The rnd(4) device does not use all of its input when data is written to it.
! A patch is available.
! [Applied to stable]
! - Fix C sequence point issues in dd(1), monop(6), tail(1), and rbootd(8).
!
- Fix previous inetd(8) fix.
!
- Fix signal handler race in apmd(8), bootpd(8), syslogd(8).
!
- Constrain isp(4) openings to 128, since the vendor code lies, cheats, steals, and makes us cry.
!
- Fully support SSH2 RSA keys in sshd(8).
!
- Change alpha bootblocks to ELF.
!
- Fix fd_set overflows and signal races in pppoe(1).
!
- Important pthread fix.
!
- Large block of documentation and functionality changes to mail(1).
!
- fd_set overflow fix to routed(8).
!
- Signal handler fix to newfs(1).
!
- Cleanup various signal races and buffer overflows in ed(1).
!
- Fix signal race in mountd(8) by writing our own svc_run() routine.
!
- Fix uninitialized variable bug in config(8) UKC code that ignored first command sometimes.
!
- Various changes ensure that all known le(4) cards now work on sun4, sun4c, and sun4m machines.
!
- Tweak subr_extent code with respect to boundary cases.
!
- sftp-server(8) draft came out; convert our sftp-server(8) to be compliant.
!
- sendmail 8.11.2
!
- Signal race fixes to fsck_ffs(8), rcp(1), slattach(8), shutdown(8).
!
- Change asm and volatile to __asm__ and __volatile__ in any file which might be compiled using -ansi -pedantic or similar.
!
- Some signal handler cleanup in rcp(1).
!
- Cleanup timeout code in adw(4).
!
- Numerous alpha catchups.
!
- New rtadvd(8) code.
!
- Compute UDP checksum in dhcpd(8).
!
- Move mvme88k to UVM(9).
!
- clct(4) driver for Cirrus Logic CS4281 sound chips.
!
- Support {Allow,Deny}Groups in sshd(8).
!
- sshd(8) SSH2 protocol support for keepalives, IPTOS_LOWDELAY, TCP_NODELAY, and IPTOS_THROUGHPUT.
!
- Add kerberos(1) password handling in sshd(8) for kerberosIV.
!
- More memory leak fixes to sshd(8) and ssh(1).
!
- Tweak strlcat(3) to not crash for a certain "illegal pointers, length 0" situation.
!
- Clarify setjmp(3) variants in the manual pages.
!
- Correct fd_set and signals in ping6(8).
!
- Un-race three signal handlers, and fix select overflows in inetd(8).
!
- Fix signal race in route6d(8).
!
- Move mvme88k to MACHINE_NEW_NONCONTIG.
!
- Fix signal races in rwhod(8).
!
- Fix fd_set overflow in yppush(8).
!
- Fix closedown stub generated and hand-whacked by rpcgen(1) in ypserv(8).
!
- Audio driver for most ESS maestro(8) models.
!
- Signal race repairs in talkd(8) and comsat(8).
!
- Fix select overflow in ssh-agent(1).
!
- Fix rpcgen(1) to deal with large fd_set.
!
- Document various signal races in the source tree which are very difficult to fix, or which turn out to be safe even if they look flawed.
!
- Rename ich(4) to auich(4).
!
- Cleanup the sftp-server(8) implementation.
!
- Support !command feature in bridename.if(5) files as well.
!
- Numerous other small changes to isakmpd(8).
!
- Handle memory failures in passwd(1).
!
- In finger(1), fail nicely if memory allocation fails.
!
- Handle DELETE payloads in isakmpd(8).
!
- Remove signal races from sshd(8).
!
- Ease support for road-warrior scenarious in isakmpd(8), by intuiting the Local-ID when possible.
!
- Change 802.11 DS drivers to operate in BSS mode by default.
!
- Create links for FD_SET(3) and such to point to the select(2) page.
!
- Support TCP_NDELAY on ipv6(4) in ssh(1).
!
- Numerous spelling error corrections in the system.
!
- Various other calendar updates.
!
- Ensure replydirname in ftpd(8) does not ever truncate names.
!
- Ensure ftpd(8) does not sometimes return a stray " at the end of a string.
!
- Various large updates to isp(4).
!
- In restore(8), do not skip TS_BITS or TS_CLRI are set.
!
- Change our own custom EtherIP protocol to the standard one (which is very badly designed, but we are trying to get them to fix that).
!
- Fix KerberosIV code to build better if src and obj are in strange places.
!
- Support Banner option in sshd(8).
!
- Make the openssh-p effort a bit easier by merging some simpler portability hacks.
!
- Various missing free(3) calls repaired in ssh(1).
!
- Attempt to support cardbus 3CXFEM656C 56k Global modem.
!
- In pciide(4), support U100 on ICH2, U66 on Via Apollo, and other repairs to Promise.
!
- Spelling changes to calendar files.
!
- Be more careful with stat(2) handling in mv(1).
!
- Fix %p handling in strptime(3).
!
- Fix various buffer overflows and other fixes in indent(1).
!
- Do not spit out icmp6 checksum messages if not a debug kernel.
!
!
- Permit stripped VAX kernels to load despite unexpected values from libsa.
!
- Simplify locking and a few more fixes to twe(4).
!
- Plug some memory leaks in OpenSSH.
!
- Fix -P in ftpd(8).
!
- Emulation fixes to the VAX code.
!
- Protect bits of dhclient(8) with a locking mechanism to prevent multiple instances from using the leases file simultaneously.
!
- Fix 3 cases in mv(1) relating to the moving of symlinks across filesystems.
!
- In ftpd(8), expand the tilde character in ftp-dir login.conf variable.
!
- Prohibit binding to an anycast, notready, or detached IPv6 address.
!
- Rename fsinfo(8) to xfsinfo in X11 to avoid naming conflict.
!
- Set the correct pfkeyv2 direction for KAME SPD entries in isakmpd(8).
!
- Save and restore errno properly in flex(1) since it may be whacked by isatty(3).
!
- Fix sending/receiving passwords in routed(8).
!
- Add an i386-specific sysctl(3) that modifies halt -p processing in APM to deal with some quirky machines.
!
- More sun3 fixes, mostly to conform better to other m68k architecture code.
!
- Handle login banners better in SSH2 instances of ssh(1).
!
- Various spelling and grammar fixes across the tree.
!
- Use new sysctl(3) interface for kernel memory bucket statistics and clock information.
!
- Correctly check for empty mailq(1) in /etc/daily.
!
- Y2K fix in the mvme68k NVRAM code.
!
- Extend sysctl(3) to support quad values.
!
- Improve SMB packet printing in tcpdump(8).
!
- Add common pidfile-writing code to DHCP so each program doesn't need to roll its own.
!
- To please cap_mkdb(1), make it an error to open a zero-length file for read-only access in hash(3).
!
- Some sun3 architecture fixes.
!
- Ignore environment variables in libssl if we're running setugid.
!
- In ssh(1), log the remote IP address on disconnect.
!
- Check for memory allocation failure in vmstat(8).
!
- Fix a buffer overflow in fsinfo(8).
!
- Handle another special case in apm(4).
!
- Fix a panic in the RAIDframe locking management code.
!
- Add setpid command to fdisk(8) for setting the partition ID.
!
- Change bridge(4) to use gif* instead of enc*.
!
- Set SO_REUSEPORT socket option in DHCP code, so multiple dhclients work.
!
- Allow printing of 8-bit ASCII characters in talk(1) through an option.
!
- Do not perform getnetbyname() in mountd(8) if the address is already in dot-notation.
!
- In ftpd(8), log the actual number of bytes transferred instead of the original file size.
!
- Fix ^C in termtype prompt.
!
- Prevent fsck_ffs(8) from marking a filesystem clean if fsck(8) needs to be rerun.
!
- Resolve scheduling conflict in newsyslog(8).
!
- In dhclient(8), set a reasonable default lease time if the server does not provide one.
!
- Suppress uninteresting PCI bus error messages in ahc(4).
!
- Add m88k support to gprof(1).
!
- Add HostKeyAlias option to ssh(1).
!
- Behave nicely with fixed-rate codecs in auvia(4).
!
- Fix a minor off-by-one error in gprof(1).
!
- In the ports infrastructure, take the old non-fake code out-of-line.
!
- Repair a disgusting rwhod(8) crash.
!
- Fix buffer overflow in csh(1) builtin printf(1) implementation.
!
- Convert atoi(3) to strtoul(3) in top(1).
!
- Emulate Linux truncate64, stat64, lstat64, and fstat64 syscalls.
!
- Revoke root privileges earlier in ping6(8) and traceroute6(8).
! [Applied to stable]
! - Many man page fixes.
!
- Use arc4random(3) in jot(1).
!
- Handle quotas over 4GB in edquota(8) and repquota(8).
!
- Fix IPv6 Path MTU Discovery.
!
- Give up euid more carefully in mrinfo(8) and mtrace(8).
!
- Various OpenSSH fixes.
!
- Add support for ActivCard, CRYPTOCard, and SNK-004 authentication for the BSD authentication framework.
!
- In ksh(1), remain in non-blocking mode if the shell is not interactive.
!
- SECURITY FIX: xlock now authenticates via a pipe.
! A patch is available.
! [Applied to stable]
! - IMPLEMENTATION FIX: PS/2 mouse driver, pms, lockup fix.
! A patch is available.
! [Applied to stable]
! - Implement a workaround in atapiscsi(4) for buggy Toshiba drivers.
!
- SECURITY FIX: Fix holes in procfs(8).
! A patch is available.
! [Applied to stable]
! - Put strlcat(3) and strlcpy(3) into libkern for kernel use.
!
- Fix setting of nwid for wi(4).
! [Applied to stable]
! - Change /etc/security to spit out unified diffs.
!
- Add driver for Compaq SMART Array RAID controllers, cac(4).
!
- Extend the i386 allowaperature sysctl(3) to allow access to the whole 1st MB of memory.
!
- Add some more sanity checking to the PCMCIA code to fix some obscure panics.
!
- Import Apache 1.3.14 + mod_ssl 2.7.1.
!
- Support multiple pfkeyv2 keying daemons.
!
- Compute diffie-hellman in parallel between server and client in OpenSSH.
!
- Support Amigas with more than 64MB of RAM.
!
- Ensure /etc/sudoers is created with a proper secure mode.
!
- Import OpenSSL 0.9.6.
!
- More photurisd(8) improvements.
!
- Update kernel pfkeyv2 code for better conformance to the RFC.
!
- Enable loading of ELF kernels for alpha.
!
- Add extraction support for shell archives to the bsd.port.mk infrastructure.
!
- In ipsec(9), look for TDB if gateway is unspecified.
! [Applied to stable]
! - Fixes to patch(1) -f and -b.
!
- Convert some more drivers to the new timeout(9) interface.
!
- Add bytecounter statistics reporting to netstat(1).
!
- Instrument more random TCP sequence numbers.
!
- IMPLEMENTATION FIX: Compute crypto(9) session IDs correctly for kernel.
! A patch is available.
! [Applied to stable]
! - In sshd(8), permit logins with read-only root filesystems if the tty already has sane modes set.
!
- Source port < 1024 is no longer required for rhosts-rsa in sshd(8).
!
- Remove dead code in hifn(4) driver.
!
- Proper getopt(3) usage in compress(1).
!
- Fix a time specification in last(1).
!
- Do not disable PMTU for established TCP connections unless there is data to send.
!
- Add support for the 802.1D spanning tree protocol to bridge(4).
!
- New BSD authentication login scripts.
!
- Listen to pfkeyv2 acquire messages in photurisd(8), and setup SAs accordingly.
!
- isakmpd(8) update.
!
- apm(4) bug fix that helps a few laptops.
!
- Remove unnecessary code from photurisd(8) in preparation of new SPD framework.
!
- Repair a memory leak in ICMPv6 code.
!
- Turn off PMTU when ICMP needfrag messages get blocked.
!
- Finnish updates for inter.phone.
!
- Display number of successful IPv6 PMTU changes in netstat(1) -s output.
!
- Do not re-print ETA on completion in scp(1) when copying 0-sized files.
!
- Validate ICMPv6 "too big" messages based on PCB.
!
- Do not use already-freed memory in route(8).
!
- Avoid repeated host controller halted messages in uhci(4).
!
- Remove unused libgmp.
!
- Import KerberosIV v1.0.4.
!
- Always request a new challenge for skey/tis-auth in ssh(1).
!
- Support newer cy(4) communication cards.
!
- Provide new international keymaps for pcvt(4).
!
- Ignore filesystems marked "xx" in the install scripts.
!
- Document that pipe(2) is bidirectional, although this behavior is unportable.
!
- Move the default cvs(1) connection protocol from rsh(1) to ssh(1).
!
- Remove a bogus memory free in getnetgrent(3).
!
- Fix a buffer overflow in bad144(8).
!
- Revert back to the old rijndael implementation and solve byte ordering bugs there instead.
!
- Drop unneeded support for RTF_TUNNEL in route(8).
!
- Maintain count of routing table timer entries in route(8).
!
- In makewhatis(8), strip weird characters first, then sequences of spaces.
!
- Big improvements to adw(4).
!
- Teach tcpdump(8) about VRRP, SMB, and timed.
!
- Force calendar(1) to only accept real calendar files as input.
!
- Fix various perror(3) overflows in pcvt(4).
!
- Repair a tftp(1) argv parsing overflow.
!
- Conditionalize some BPF code in wx(4).
!
- Finally remove remaining references to extra RSA libs, since the patent has expired.
!
- New rijndael implementation which solves endian issues.
!
- Support Intel 82801BA pciide(4) controllers.
!
- Exercise more paranoia with passed KRB environment settings in telnetd(8).
!
- Convert some more drivers to the new timeout(9) interface.
!
- Many improvements and modernizations to isp(4).
!
- Update wx(4) with LIVENGOOD support.
!
- Recognize and support the IODATA USB-ET/T Ethernet adapter in kue(4).
!
- Implement asynchronous connections for ssh(1) -R and -L.
!
- Simplify atrun(8) tasks by using asprintf(3).
!
- Kill unused libtermlib.
!
- Import new pool(9) code.
!
- Fix RIPv0 packet printing and NFS port number parsing in tcpdump(8).
!
- Make pcap(3)-generated BPF filters work on the tun(4) interface.
!
- Import David Maziere's ssh-keyscan(1).
!
- SECURITY FIX: Fix buffer overflow in ftpd(8).
! A patch is available.
! [Applied to stable]
! - IMPLEMENTATION FIX: Fix fastroute related panic.
! A patch is available.
! [Applied to stable]
! - Teach OpenSSH about more version strings to improve interoperability.
!
- SECURITY FIX: Fix another security problem in the KerberosIV code.
! A patch is available.
! [Applied to stable]
! - SECURITY FIX: Fix two security problems in the KerberosIV code.
! A patch is available.
! [Applied to stable]
! - Permit ftpd(8) umask setting via both the command line and through a login class in login.conf(5).
!
- Prevent vlan(4) devices from emitting packets if the parent interface is not up and running.
!
- Better error checking in ping6(8).
! [Applied to stable]
! - Some stability fixes to isakmpd(8).
!
- In ssh(1), disable agent/X11 port forwarding if the hostkey has changed.
!
- Fix a coredump in ssh-agent(1).
!
- Reset 16-bit PCMCIA during chip initialization in pccbb(4).
!
- Correct PCI interrupt setup for TI PCI113X CardBus bridges.
!
- Properly powerdown PC cards in pccbb(4) at shutdown time.
!
- Add -D option to sshd(8) to cause startup without a daemon.
!
- Show both the IP address and hostname when a new key is encountered in ssh(1).
!
- Fix a bug in MSChapv2 challenge hashing in ppp(8).
!
- More make(1) tweaks.
!
- Use -n to test for non-zero variables in /etc/netstart.
!
- Be more careful with ARP packets.
!
- Fix deletion of flows in pf_key_v2 handling of isakmpd(8)
! [Applied to stable]
! - Prevent setusercontext(3) in ftpd(8) from setting the umask as this conflicts with any command-line umask specification.
!
- clock(3) fixes for the alpha architecture.
!
- Print select collisions in vmstat(8) -s output.
!
- Implement login_check_expire(3) for libutil.
!
- Add -u username support to pwd_mkdb(8).
!
- Properly implement errno handling for the threaded libc (libc_r) on powerpc.
!
- In adduser(8), get rid of a race condition and use /etc/ptmp as a lock file.
!
- Set reasonable defaults for RSA1, RSA, and DSA keys in ssh-keygen(1).
!
- Reorder check for illegal ciphers in ssh(1) protocol 1 connection code.
!
- Fix pciide(4) support on Alpha 164SX models.
!
- Support 16 slices per device on VAX machines.
!
- Considerable cleanups to make(1).
!
- Improve key repeat logic in wskbd(4).
!
- Changes from KAME to make ifm_data available in getifaddrs(3).
!
- Fix absolute path handling in crunchgen(1).
!
- Shorten /dev/ttyC* device names.
!
- Complain about invalid ciphers in ssh(1), falling back to reasonable defaults when necessary.
!
- Avoid tty races in wsdisplay(4) when switching virtual terminals.
!
- Update isakmpd(8).
!
- Repair lun support in umass(4).
!
- Zero pw_passwd before freeing its memory in the libc BSD authentication routines.
!
- Train makewhatis(8) to handle more special cases.
!
- Avoid double fclose(3) in getcap(3).
!
- Increase delay in RAM probe for hifn(4).
!
- Suffix list fix in make(1).
!
- Various bug fixes in ksh(1).
!
- When using the tail(1) -f flag on stdin, don't reopen a local file named stdin.
!
- Extend kqueue(2) to support kernel events on vnodes.
!
- Bring in BSD authentication support for sudo(8).
!
- Zap MULOG in inetd(8) to improve code readability.
!
- Avoid whacking errno in top(1) signal handlers.
!
- Do not include MFS partitions in quot(8) statistics output.
!
- Add support for the Acenic Copper and Netgear GA620T Gigabit Ethernet cards.
!
- Prevent a type overflow in recno(3).
!
- IMPLEMENTATION FIX: Imac DV reports the VGA device improperly.
! A patch is available.
! [Applied to stable]
! - Import BSD authentication mechanisms from BSDI BSD/OS.
!
- Implement pw_dup(3), a function which copies struct passwd.
!
- Replace getpass(3) with a more flexible readpassphrase(3) interface.
!
- Add strnvis(3), a length-bounded version of the strvis(3) libc function.
!
- Better prompting logic in libskey.
!
- Resurrect binutils on alpha.
!
- Recognize newer Intel audio devices in auich(4).
!
- Stop amphy(4) from attaching to network devices it doesn't belong to.
!
- Enable support for pciide(4) found in newer Intel chipsets.
!
- Correct URL handling in the install scripts.
!
- Limit the number of SCSI luns in umass(4).
!
- Page size fixes to the alpha port.
!
- Import ssh-ask-pass support for X11.
!
- Fix a signal race in ypserv(8) SIGHUP handling.
!
- Enable uaudio(4) by default in GENERIC/i386.
!
- Reserve all-1s addresses in the IPSec code for future policy discovery features.
!
- Resolve HMAC nomenclautre issues.
!
- Be sure to clear passwords out of memory after use in ppp(8).
!
- Support kernel event queues.
!
- Add support for USB scanners through the uscanner(4) driver.
!
- More fixes to qec(4).
!
- Recognize newer AMD CPUs.
!
- Repair incorrect buffer size logic in telnetd(8).
!
- Add a slew of devices to usbdevs(8).
!
- Do not use perror(3) in sshd(8) after forking a child.
!
- RELIABILITY FIX: The qec+qe ethernet cards should not generate NMIs.
! A patch is available.
! [Applied to stable]
! - Add ifmedia(4) support to qec(4), among other improvements.
!
- Extra sanity checking in skeyinit(1).
!
- Repair timeout computations in atapiscsi(4).
!
- Add initial support for DEC Alpha 21264 systems.
!
- Bring the alpha port a bit closer to a fully operational console.
!
- Support Accton EN2242 MiniPCI Ethernet adapters.
!
- Permit O_RDWR on FIFOs to handle legacy applications that depend on it.
!
- Add scrollback support to wscons(4) through the vga(4) driver.
!
- Color change in wscons(4) vt100 emulation to more closely imitate PCVT.
!
- Repair overriding of pseudo devices in config(8)
! [Applied to stable]
! - Accept -inet and -inet6 as options for the show command in route(8).
!
- Don't reorder keys in ssh-agent(1) upon key removal.
!
- Avoid parsing options in ssh(1) if there is an RSA key mismatch.
!
- Various cleanups to ftpd(8).
!
- In many programs, sync usage() output with their respective man page SYNOPSIS.
!
- RELIABILITY FIX: The ThunderLAN driver, tl(4), should not claim all interrupts.
! A patch is available.
! [Applied to stable]
! - In pciide(4), do not map unsafe registers from controllers that require 16-bit I/O space.
!
- Import new pckbc(4), pckbd(4), vga(4), pcdisplay(4), and ega(4) drivers for wscons(4).
!
- In ftpd(8), assert check_login upon receipt of EPSV/LPSV.
!
- Make the aha(4) driver compile without UVM.
!
- Enforce non-cacheable device space on real 80386 machines.
!
- Add RSA authentication support for SSH2 to OpenSSH.
!
- Allow serial mice to work with moused(8) and XFree86 simultaneously.
!
- Repair an off-by-one error in ssh-agent(1).
!
- Convert some old drivers to the new timeout(9) interface.
!
- RELIABILITY FIX: repair AES (rijndael) kernel support.
! A patch is available.
! [Applied to stable]
! - Import PCI support for Alpha EB164 machines.
!
- Add bus_space_barrier macros for the powerpc.
!
- Endian fixes to the USB code.
!
- Better command line parsing in encrypt(1).
!
- Numbering fixups in pfkeyv2 to match IANA assignments.
!
- Crank maximum mbuf size in ppp(8) in order to handle full-sized HDLC frames.
!
- Improve handling of IPv6 Node Information Query packets for better specification conformance.
!
- Fix a panic induced by assigning lo0 an IPv6 alias.
!
- IMPLEMENTATION FIX: In sshd(8), fix skey support in SSH1 protocol.
! A patch is available.
! [Applied to stable]
! - Deprecate pltime=0 in ifconfig(8).
!
- Modifications to the ktrace(2) interface to reduce redundancy.
!
- Do not advertise dynamic/cloned routes in route6d(8).
!
- Allow ping6(8) to send ICMP6 packets smaller than 8 bytes.
! [Applied to stable]
! - Correct free-before-reference bugs in rshd(8) and rlogind(8).
!
- Improve queue handling in gdt(4).
!
- New Adaptec FSA RAID driver called aac(4).
!
- Fix DMA error problems in adw(4).
! [Applied to stable]
! - If MANPS environment variable is set, the system will also build and install postscript manual pages into /usr/share/man/ps[1-9]/.
!
- In date(1), fix an off-by-one error which would happen when changing time over DST.
!
- Permit -Tps in nroff(1).
!
- Make some pfkeyv2 interfaces conform to RFC 2367 numbering.
!
- New timeouts in a couple of network drivers.
!
- Prevent nfsd(8) from swapping out.
!
- Use PHOLD/PRELE in various kernel components.
!
- Buffer overflow fix to telnet(1).
!
- Many man page improvements.
!
- Permit handling more than 6 arguments in a hostname.if(5) file.
!
- kcore handling in kvm(3) for alpha.
!
- Update usb code.
!
- Update alpha architecture support. A snapshot will come out soon.
!
- In pchb(4), for Intel random devices, do not busy wait for data.
!
- Switch amiga to uvm(9).
!
- Fix amiga pmap module submap allocations.
!
- Centralized netisr dispatching.
!
- ppp(8) updated.
!
- In aue(4), fix multicast filter programming.
!
- Repair an uninitialized variable bug in ipsec(4) output.
! [Applied to stable]
! - Add pcibios(4) interrupt setup support for AMD750 chipset.
!
- RELIABILITY FIX: In sparc zs(4), when using serial console, the interrupt routine was unable to distinguish it's own interrupts.
! A patch is available.
! [Applied to stable]
! - Generate new hashkey every time a bridge(4) is brought up.
!
- Change bridge(4) code to use lower spl.
!
- Passive FTP support in lynx(1).
!
- In ssh(1), downgrade to SSH1.3 if server is SSH1.4.
!
- In sshd(8), do not disable rhosts(rsa) if server port greater 1024.
!
- In sshd(8) Agent forwarding and -R support for SSH2 protocol.
!
- ipsecadm(8) man page repairs.
! [Applied to stable]
! - In pfkeyv2, send the message to registered promiscuous listeners.
! [Applied to stable]
! - Some minor bridge(4) fixes.
!
- ld.so(1) support for the pmax.
!
- On powerpc, print out the size of the L2 cache size on G3 and G4 machines.
!
- 2.8 release builds are running, but some of us are already working on post-release hacking.
--- 49,55 ----
We are working on OpenBSD-current.
! - 2.9 release builds are running, but some of us are already working on post-release hacking.
***************
*** 738,750 ****
For changes leading up to OpenBSD 2.6, click here.
For changes leading up to OpenBSD 2.7, click here.
For changes leading up to OpenBSD 2.8, click here.
www@openbsd.org
!
$OpenBSD: plus.html,v 1.757 2001/04/23 23:05:53 jason Exp $