=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v retrieving revision 1.805 retrieving revision 1.806 diff -c -r1.805 -r1.806 *** www/plus.html 2001/12/19 04:03:38 1.805 --- www/plus.html 2001/12/24 00:01:27 1.806 *************** *** 54,59 **** --- 54,124 ----

We are working on OpenBSD-current.

Correctly print the payload string of tcp(4) RST segments when tcpdump(8) is verbose. +
Implement a scalable timeout(9) mechanism with constant-time add and delete. +
Let mvme68k systems lacking a configured pcc device compile. +
Don't default to generate rsa1 keys in ssh-keygen(1), and try all standard key files when invoked without arguments. +
Have crontab(1) send SIGUSR1 to cron(8) when a crontab file has changed, making changes take effect sooner. +
Send failing packet sequence number when sshd(8) is responding with an SSH_MSG_UNIMPLEMENTED. +
Ensure that user and system times increase monotonically. +
Add powerhook support to yds(4) to handle apm(8) resumes correctly. +
Repair memory leak in pcap(3) associated with compiled bpf(4) programs. +
Support span ports so that one can snoop a bridge from another interface/machine/network. +
Disestablish the xl(4) powerhook on detach. +
Add a -u flag to fdisk(8) which updates the MBR code but leaves the partition table intact. +
Big isp(4) overhaul. +
Improve signal handling in cron(8) so that processes run by cron(8) can't zombify until cron(8) wakes up. +
Add a pf(2) DIOCADDSTATE ioctl(2) that adds state entries. +
Support primitive stateful pf(4) filtering for other non-TCP/UDP/ICMP protocols. +
Fix icmp6(4) MIB counter. +
Better signal handling in login_skey(8) to avoid a possible race condition. +
Update signal handlers in passwd(1) to complement new catching getpass(3) call. +
Allow vnd(4) to create things larger than 2G. +
Perform a sanity check on the inner IP header of IP-in-IP encapsulated packets. +
Support -o for sshd(8), like ssh(1). +
Catch -- don't block -- SIGINT and SIGTSTP in readpassphrase(3) and getpass(3). +
Enable rootdev auto-configuration by device drivers during boot and add support for raid devices. +
Parse hex numbers in pf(4) correctly. +
Curtail the use of regex(3) in ssh(1). +
Make NKMEMPAGES dynamic based on memory size, deprecating NKMEMCLUSTERS in favour of NKMEMPAGES, NKMEMPAGES_MIN, and NKMEMPAGES_MAX. +
Forbid the coupling of different address families in pf(4) nat, binat, and rdr rules. +
Release the right descriptors when pipe(2) fails. +
Use pidfile(3) throughout the tree instead of hand-rolled imitations. +
Don't let sshd(8) pass user-defined variables to login(1). +
Nuke smartkey(1). +
Remove pipe based interface to photurisd(8), leaving only PF_KEY. +
Issue a "failed" message instead of a 2nd challenge if sshd(8) sees the same key in authroized_keys twice. +
Let the sshd(8) fake X11 server listen on localhost by default. +
Use ip6(4) in sendmail(1) when possible. +
Fix an alignment bug on alpha by using getifaddrs(3) instead of various ioctl(2) calls in named(8). +
Conform to historic behaviour in fmt(1); don't format lines that start with a dot. +
Avoid a "thundering herd" problem in accept(2), and fix an infinite loop on 64-bit systems. +
Use pool(9) for socket allocations. +
Correctly signal an error condition in newsyslog(8) so we don't send a signal to PID 0. +
Repair an error in uipc_socket that could make a transient error permanent. +
Perform a pf_route() before logging in case the logging created a bogus rule, avoiding a panic. +
Have socket connection queues use a tailq queue(3). +
Add fastroute option to pf(4). +
Support pasting characters with codes above 127 using the mouse via wscons(4). +
Handle PID files terminated with newlines correctly in newsyslog(8). +
Among other improvements, don't leak memory in ppp(8). +
During installation, preserve blank space in responses. +
Centralize the mount list, unifying locking, and add vfs_isbusy to help verify that a mount point is locked. +
Strengthen the mbuf traversal code in pf(4), avoiding potential crashes on ip6(4) packets with options. +
Make dummies for aclocal and the auto* family in cvs(1), hopefully mitigating upgrade hastles. +
Don't allow the pf(4) CHANGEBINAT ioctl(2) when securelevel > 1. +
Include stub dl* function definitions in libc on ELF, making libdl unneeded. +
Enhance network handling during installations. +
Block signals in find(1) when running fts_read(). +
Move NFS creds out of the standard buf structure and into the nfs node, and use pool(9) for NFS node allocation. +
Fix the password length check in user(8). +
Use lockmgr in procfs (mount_procfs(8)) instead of a home-made version. +
Correctly mark items on the syncer worklist with VBIOONSYNCLIST, ensuring items not on the list don't have this mark. +
Convert to using the vn_marktext() function instead of VTEXT to mark a vnode as executing a text image. +
Enable the NI_WITHSCOPEID getnameinfo(3) flag by default. +
sendmail(8) should listen on port 587 for ip(6), like ip4(6). +
Add sanity to the apmd(8) battery alert when the battery is charging. +
Let chdir(2) errors in rwhod(8) be seen.
SECURITY FIX: update ssh to OpenSSH-3.0.1.
A source code patch is available.
[Applied to stable] *************** *** 142,148 ****
www@openbsd.org !
$OpenBSD: plus.html,v 1.805 2001/12/19 04:03:38 deraadt Exp $ --- 207,213 ----
www@openbsd.org !
$OpenBSD: plus.html,v 1.806 2001/12/24 00:01:27 deraadt Exp $