=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v retrieving revision 1.913 retrieving revision 1.914 diff -c -r1.913 -r1.914 *** www/plus.html 2004/03/26 22:28:11 1.913 --- www/plus.html 2004/03/28 09:44:05 1.914 *************** *** 96,102 ****

Fix spamd(8)'s logging when the blacklist limit is hit.

Allow users with write access to bgpd(8)'s control socket to send queries. !

Fix an out-of-bounds read in ssl(3) (CAN-2004-0112.) This code isn't used in OpenBSD.

Always read at least DEV_BSIZE (512) bytes of the disklabel, some disks have smaller block sizes.

RELIABILITY FIX: A missing check for a NULL-pointer dereference has been found in ssl(3). A remote attacker can use the bug to cause an OpenSSL application to crash; this may lead to a denial of service.
A source code patch is available.
--- 96,102 ----

Fix spamd(8)'s logging when the blacklist limit is hit.

Allow users with write access to bgpd(8)'s control socket to send queries. !

Fix an out-of-bounds read in ssl(3) (CAN-2004-0112). This code isn't used in OpenBSD.

Always read at least DEV_BSIZE (512) bytes of the disklabel, some disks have smaller block sizes.

If running at securelevel(7) 2, use the -x option to increase the chances of ntpd using slew mode, since stepping backwards is disabled at this level.

Some mpt(4) stability fixes. !

Don't signal mountd(8) from mount(8) when all that's required is a listing of mounts (PR#3695.)

Create bgpd(8)'s control socket later in the startup.

Remember to unlock USB wi(4) devices on errors.

Since we've allocated a cache for pax(1), let's go right ahead and use it. --- 106,112 ----

If running at securelevel(7) 2, use the -x option to increase the chances of ntpd using slew mode, since stepping backwards is disabled at this level.

Some mpt(4) stability fixes. !

Don't signal mountd(8) from mount(8) when all that's required is a listing of mounts (PR#3695).

Create bgpd(8)'s control socket later in the startup.

Remember to unlock USB wi(4) devices on errors.

Since we've allocated a cache for pax(1), let's go right ahead and use it. *************** *** 135,141 ****

Check the return code of chdir(2) after the privsep chroot(2) in pflogd(8), syslogd(8) and tcpdump(8).

Disable crypto(9) MAC functions for now, no current hardware can use them.

Some oosiop(4) cleanup based on osiop(4). !

In wskbd(4), make the caps lock key do caps lock instead of shift lock (PR#2555.)

Make it easier to kill spamd(8) greylisted processes.

Do pfsync(4) interface setup last in /etc/netstart(8), so that hopefully the syncif gets set up beforehand. --- 135,141 ----

Check the return code of chdir(2) after the privsep chroot(2) in pflogd(8), syslogd(8) and tcpdump(8).

Disable crypto(9) MAC functions for now, no current hardware can use them.

Some oosiop(4) cleanup based on osiop(4). !

In wskbd(4), make the caps lock key do caps lock instead of shift lock (PR#2555).

Make it easier to kill spamd(8) greylisted processes.

Do pfsync(4) interface setup last in /etc/netstart(8), so that hopefully the syncif gets set up beforehand. *************** *** 145,151 ****

Fix wi(4) software WEP on big-endian machines.

Unbreak tail(1) -f mode for filesystems not blessed with kqueue(2) support.

Implement privilege separation for named(8). And there was much rejoicing. !

Plug a rtentry leak when TCP gives up on a cached route (in_pcb.c:in_losing().)

Fix (guess what?) a memory leak in the yacc(1) skeleton code.

Check the payload size more carefully when printing IKE messages in tcpdump(8).

Plug a memory leak in the error path of execve(2). --- 145,151 ----

Fix wi(4) software WEP on big-endian machines.

Unbreak tail(1) -f mode for filesystems not blessed with kqueue(2) support.

Implement privilege separation for named(8). And there was much rejoicing. !

Plug a rtentry leak when TCP gives up on a cached route (in_pcb.c:in_losing()).

Fix (guess what?) a memory leak in the yacc(1) skeleton code.

Check the payload size more carefully when printing IKE messages in tcpdump(8).

Plug a memory leak in the error path of execve(2). *************** *** 157,163 ****

Sync the spamd(8) greylist database after each db operation, to minimise the likelihood of corruption.

Add basic community support to bgpd(8).

Correct a missing malloc(3) error check in bgpctl(8). !

Fix byte-ordering problems in routed(8) (PR#3704.) Based on NetBSD.

RELIABILITY FIX: Defects in the payload validation and processing functions of isakmpd(8) have been discovered. An attacker could send malformed ISAKMP messages and cause isakmpd to crash or to loop endlessly.
--- 157,163 ----

Sync the spamd(8) greylist database after each db operation, to minimise the likelihood of corruption.

Add basic community support to bgpd(8).

Correct a missing malloc(3) error check in bgpctl(8). !

Fix byte-ordering problems in routed(8) (PR#3704). Based on NetBSD.

Fix missing checks for NULL returned from getpass(3) in login_*(8).

Make bgpd(8) work harder to clean up after itself on exit.

More work on capability announcements in bgpd(8). !

Fix an isakmpd(8) crash when deleting an ESP SA with no authentication (PR#2429.)

Symlink-handling improvements in pkg_add(1) etc.'s virtual filesystem code.

Simplify the new scsi(4) LUN scanning logic, and print better diagnostics.

New -b option to spamd(8), used to set the local bind address. !

Allow the wsdisplay(4) screen blanker to be turned off again (PR#3123.)

3.5-beta -> 3.5.

Increase the ssh(1) X11 cookie lifetime from two to twenty minutes.

Plug some memory leaks in error paths of isakmpd(8). --- 168,179 ----

Fix missing checks for NULL returned from getpass(3) in login_*(8).

Make bgpd(8) work harder to clean up after itself on exit.

More work on capability announcements in bgpd(8). !

Fix an isakmpd(8) crash when deleting an ESP SA with no authentication (PR#2429).

Symlink-handling improvements in pkg_add(1) etc.'s virtual filesystem code.

Simplify the new scsi(4) LUN scanning logic, and print better diagnostics.

New -b option to spamd(8), used to set the local bind address. !

Allow the wsdisplay(4) screen blanker to be turned off again (PR#3123).

3.5-beta -> 3.5.

Increase the ssh(1) X11 cookie lifetime from two to twenty minutes.

Plug some memory leaks in error paths of isakmpd(8). *************** *** 214,227 ****

Extend md5(1)'s -c option so it can parse the output of GNU md5sum.

Remove dynamic bufq support from wd(4) due to problems.

Plug some memory leaks in bgpd(8). !

Stop libreadline segfaulting when writing an empty history list to a file (PR#3690.)

Fixes to sftp(1)'s progress meter.

Change sshd(8) child processes' proctitle to '[accepted]' after the, uh, accept(2) completes. !

Repair procfs status output (PR#2102.) !

Fix unintentional ordering dependency in kernel module loading and unloading (PR#2910.)

Allow forced unmount(2)s of nullfs, procfs (both from PR#2394,) and umapfs. !

Fix an off-by-one in procfs so that it can be successfully unmounted (PR#2327.) !

Clean up badsect(8)'s error reporting (PR#3679.)

Start spamd(8) later in /etc/rc(8).

Fix an mbuf(9) leak in tun(4) under failure conditions. From NetBSD. --- 214,227 ----

Extend md5(1)'s -c option so it can parse the output of GNU md5sum.

Remove dynamic bufq support from wd(4) due to problems.

Plug some memory leaks in bgpd(8). !

Stop libreadline segfaulting when writing an empty history list to a file (PR#3690).

Fixes to sftp(1)'s progress meter.

Change sshd(8) child processes' proctitle to '[accepted]' after the, uh, accept(2) completes. !

Repair procfs status output (PR#2102). !

Fix unintentional ordering dependency in kernel module loading and unloading (PR#2910).

Allow forced unmount(2)s of nullfs, procfs (both from PR#2394,) and umapfs. !

Fix an off-by-one in procfs so that it can be successfully unmounted (PR#2327). !

Clean up badsect(8)'s error reporting (PR#3679).

Start spamd(8) later in /etc/rc(8).

Fix an mbuf(9) leak in tun(4) under failure conditions. From NetBSD. *************** *** 235,247 ****

Use daemon(3) instead of DIY in new dhclient(8).

Start sshd(8) earlier in /etc/rc(8).

Generate new dhclient(8)'s transaction id (xid) using arc4random(3) instead of random(3). !

Have dhclient(8) (old and new) exit cleanly if its interface goes away (PR#3648.)

New sysctl(3) net.inet.tcp.reasslimit, to control the size of the memory pool for TCP out-of-order segment reassembly that was introduced in the last erratum.

RELIABILITY FIX: OpenBSD's TCP/IP stack did not impose limits on how many out-of-order TCP segments are queued in the system. An attacker could send out-of-order TCP segments and trick the system into using all available memory buffers.
A source code patch is available.
[Applied to stable]

Strip out all the multiple-interfaces code from new dhclient(8), it's not used any more. !

Be sure to call fifofs' reclaim function from its host filesystems (ext2fs, ffs, nfs.)
[Applied to stable]

Give fifofs a real reclaim function to prevent memory leaks on rovocation, and fix a potential null deref.
[Applied to stable] --- 235,247 ----

Use daemon(3) instead of DIY in new dhclient(8).

Start sshd(8) earlier in /etc/rc(8).

Generate new dhclient(8)'s transaction id (xid) using arc4random(3) instead of random(3). !

Have dhclient(8) (old and new) exit cleanly if its interface goes away (PR#3648).

New sysctl(3) net.inet.tcp.reasslimit, to control the size of the memory pool for TCP out-of-order segment reassembly that was introduced in the last erratum.

Strip out all the multiple-interfaces code from new dhclient(8), it's not used any more. !

Be sure to call fifofs' reclaim function from its host filesystems (ext2fs, ffs, nfs).
[Applied to stable]

Give fifofs a real reclaim function to prevent memory leaks on rovocation, and fix a potential null deref.
[Applied to stable] *************** *** 252,261 ****

Cleanup and paranoia in spamdb(8).

Support 'tagged <name>' specifiers on pf(4) anchor rules.

Better IPv4 address validation in spamd(8). !

Process NOTE_TRUNCATE messages in tail(1) and unbreak file truncation handling in -f mode (PR#3689.)

Allow bgpd(8) to run in route-collector mode, i.e. disable the decision process.

Build libf2c for GCC3 architectures. !

New -d option for nc(1), which disables reading from stdin (PR#3694.)

Fix a memory leak when the control socket detaches from bgpd(8).

Make bgpctl(8)'s control socket nonblocking. --- 252,261 ----

Cleanup and paranoia in spamdb(8).

Support 'tagged <name>' specifiers on pf(4) anchor rules.

Better IPv4 address validation in spamd(8). !

Process NOTE_TRUNCATE messages in tail(1) and unbreak file truncation handling in -f mode (PR#3689).

Allow bgpd(8) to run in route-collector mode, i.e. disable the decision process.

Build libf2c for GCC3 architectures. !

New -d option for nc(1), which disables reading from stdin (PR#3694).

Fix a memory leak when the control socket detaches from bgpd(8).

Make bgpctl(8)'s control socket nonblocking. *************** *** 268,274 ****

Sync the installer with the ftp(1) fetch-mode fix.

Open a new connection for each file pulled down by ftp(1) in fetch mode. Fixes problems where 'CWD /' does unexpected things. !

Fix the test that disallows interface unit numbers greater than INT_MAX (to avoid signedness confusion.)

Don't allow leading zeros in cloner interface names.

Upgrade 3.4-stable to OpenSSH 3.8.

spamd(8) greylist cleanup and fixes. --- 268,274 ----

Sync the installer with the ftp(1) fetch-mode fix.

Open a new connection for each file pulled down by ftp(1) in fetch mode. Fixes problems where 'CWD /' does unexpected things. !

Fix the test that disallows interface unit numbers greater than INT_MAX (to avoid signedness confusion).

Don't allow leading zeros in cloner interface names.

Upgrade 3.4-stable to OpenSSH 3.8.

spamd(8) greylist cleanup and fixes. *************** *** 292,298 ****

Fix ifconfig(8)'s matching of multi-digit interface names, e.g. stop vlan10 matching as vlan1.

Add __va_copy() in <stdarg.h>, following old ISO C89 behaviour. Used by GNU software.

Support dumping of the bgpd(8) RIB via bgpctl(8). !

Have bgpd(8) check that the nexthop is a valid range (i.e. not a class D, class E or a loopback.)

Better logging for ifstated(8), taken from bgpd.

More enhancements to bgpd(8)'s filter language.

Include tcps_rcvmemdrop in netstat(1)'s TCP statistics output. --- 292,298 ----

Fix ifconfig(8)'s matching of multi-digit interface names, e.g. stop vlan10 matching as vlan1.

Add __va_copy() in <stdarg.h>, following old ISO C89 behaviour. Used by GNU software.

Support dumping of the bgpd(8) RIB via bgpctl(8). !

Have bgpd(8) check that the nexthop is a valid range (i.e. not a class D, class E or a loopback).

Better logging for ifstated(8), taken from bgpd.

More enhancements to bgpd(8)'s filter language.

Include tcps_rcvmemdrop in netstat(1)'s TCP statistics output. *************** *** 375,381 ****

Extra bzero(3) paranoia for data coming out of the scsi(4) xfer pool.

Memory and string cleanup in procmap(1).

Implement kevent(2) and kqueue(2) under FreeBSD emulation, using the native calls. !

Fix mishandling of numeric options in sed(1) (PR#3677.)

Add -i option to pfctl(8), restricting operations to the given interface. Only -sI implemented for now.

sparc64 alignment fixes in gcc3 propolice. --- 375,381 ----

Extra bzero(3) paranoia for data coming out of the scsi(4) xfer pool.

Memory and string cleanup in procmap(1).

Implement kevent(2) and kqueue(2) under FreeBSD emulation, using the native calls. !

Fix mishandling of numeric options in sed(1) (PR#3677).

Add -i option to pfctl(8), restricting operations to the given interface. Only -sI implemented for now.

sparc64 alignment fixes in gcc3 propolice. *************** *** 389,395 ****

Add a missing realloc(3) failure check in asn1_compile.

Generate the MAKEDEV(8) manpages automagically based on the same information as the MAKEDEV scripts themselves.

gcc(1) propolice fixes on i386. !

First cut at procmap(1) from NetBSD (where it's called pmap.) Not yet built by default.

New 'split' option in iostat(8) for the newly-separated disk read/write stats.

Check for TDB entries marked as invalid when looking up tcpmd5 connections. --- 389,395 ----

Add a missing realloc(3) failure check in asn1_compile.

Generate the MAKEDEV(8) manpages automagically based on the same information as the MAKEDEV scripts themselves.

gcc(1) propolice fixes on i386. !

First cut at procmap(1) from NetBSD (where it's called pmap). Not yet built by default.

New 'split' option in iostat(8) for the newly-separated disk read/write stats.

Check for TDB entries marked as invalid when looking up tcpmd5 connections. *************** *** 425,438 ****

Install bgpd.conf(5) root:wheel, mode 0600 and make bgpd(8) insist it be so.

Reduce the default number of pty(4) devices from 64 to 16, now that additional ptys will be created on demand. !

Fix an off-by-one when generating pty(4) device names (ptydevname().)

Make tcpdump(8)'s pfsync(4) output more consistent with other tcpdump output.

Plug an mbuf(9) leak by making ip_fragment() free the mbuf on errors instead of expecting the caller to do it.
[Applied to stable]

Add a flag so that hardware sensors can be marked as invalid if, for example, they're disconnected.

Make picky mode in makewhatis(8) even pickier.

Fix an off-by-one in pf(4)'s interface management code. !

Have ndp(8) flush stdout before sleeping in -A mode (KAME pr#584.)

In the new dhclient(8), don't send pointless DHCPDISCOVER messages on interfaces that are known to have an inactive link status.

Allow for the presence of tcpmd5 signatures in the TCP MSS calculation.

Have pfctl(8) display a filter uptime now that we keep track of when it was last enabled. --- 425,438 ----

Install bgpd.conf(5) root:wheel, mode 0600 and make bgpd(8) insist it be so.

Reduce the default number of pty(4) devices from 64 to 16, now that additional ptys will be created on demand. !

Fix an off-by-one when generating pty(4) device names (ptydevname()).

Make tcpdump(8)'s pfsync(4) output more consistent with other tcpdump output.

Plug an mbuf(9) leak by making ip_fragment() free the mbuf on errors instead of expecting the caller to do it.
[Applied to stable]

Add a flag so that hardware sensors can be marked as invalid if, for example, they're disconnected.

Make picky mode in makewhatis(8) even pickier.

Fix an off-by-one in pf(4)'s interface management code. !

Have ndp(8) flush stdout before sleeping in -A mode (KAME pr#584).

In the new dhclient(8), don't send pointless DHCPDISCOVER messages on interfaces that are known to have an inactive link status.

Allow for the presence of tcpmd5 signatures in the TCP MSS calculation.

Have pfctl(8) display a filter uptime now that we keep track of when it was last enabled. *************** *** 454,461 ****

Have lex(1) declare errno for c++ users too.

Allow libstdc++ to build on architectures with no shared libraries. !

Fix a panic when cleaning up after an interface (e.g a PC Card wi(4)) has gone away (PR#3649.) !

Unstick the -a option from ps(1) (PR#3676.)

Sync the installer network startup with changes in netstart(8).

Fix a memory allocation-related panic in pfsync(4) that can occur under very high loads.

Fix a buffer overflow in XFree font aliasing. From XFree86 CVS.
--- 454,461 ----

Have lex(1) declare errno for c++ users too.

Allow libstdc++ to build on architectures with no shared libraries. !

Fix a panic when cleaning up after an interface (e.g a PC Card wi(4)) has gone away (PR#3649). !

Unstick the -a option from ps(1) (PR#3676).

Sync the installer network startup with changes in netstart(8).

Fix a memory allocation-related panic in pfsync(4) that can occur under very high loads.

Fix a buffer overflow in XFree font aliasing. From XFree86 CVS.
*************** *** 479,493 **** A source code patch is available.
[Applied to stable]

Fix a CVS merge error in xterm(1)'s app-defaults file. !

Make pfctl(8) -vvsq loop again (PR#3675.) !

Unbreak the ssh(1) progress meter ETA for files larger than 4GB (OpenSSH bugzilla #791.) !

Fix a memory leak in dhclient(8) (PR#3668.)

If ssh(1) is in privsep mode, pass the SIGALRM from LoginGraceTime expiry through to the child process.

Apply the same strict RFC 2460 interpretation used for the IPv6 MTU to the TCP MSS calculation.

New parser for ifstated(8), and more features. Still more to come.

Fix grep(1)'s ^ and $ anchors that were broken by the recent -w fixes. !

For programs that don't support long options, stop getopt(3) treating '--foo' the same way it treats '--', as per POSIX (PR#3666.)
[Applied to stable]

Let pfctl(8) deal gracefully with 'modulate state' on rules with protos to which it might not apply in the same way as 'keep state', e.g. 'pass proto {tcp udp} modulate state' is now acceptable.

Don't use a valid user id as a flag value in ps(1). --- 479,493 ---- A source code patch is available.
[Applied to stable]

Fix a CVS merge error in xterm(1)'s app-defaults file. !

Make pfctl(8) -vvsq loop again (PR#3675). !

Unbreak the ssh(1) progress meter ETA for files larger than 4GB (OpenSSH bugzilla #791). !

Fix a memory leak in dhclient(8) (PR#3668).

If ssh(1) is in privsep mode, pass the SIGALRM from LoginGraceTime expiry through to the child process.

Apply the same strict RFC 2460 interpretation used for the IPv6 MTU to the TCP MSS calculation.

New parser for ifstated(8), and more features. Still more to come.

Fix grep(1)'s ^ and $ anchors that were broken by the recent -w fixes. !

For programs that don't support long options, stop getopt(3) treating '--foo' the same way it treats '--', as per POSIX (PR#3666).
[Applied to stable]

Let pfctl(8) deal gracefully with 'modulate state' on rules with protos to which it might not apply in the same way as 'keep state', e.g. 'pass proto {tcp udp} modulate state' is now acceptable.

Don't use a valid user id as a flag value in ps(1). *************** *** 499,506 ****

Huge amount of style(9), ANSI and other cleanup in dhclient(8). More to come.

Some std:: namespace and other C++ mode fixes for flex(1). From NetBSD. !

Fix pfctl(8) macro expansion in tags (PR#3664.) !

Unbreak and reapply the don't-use-inet_net_pton(3)-without-a-slash fix (PR#3638.)

Teach libcrypto(3) how to use the VIA C3 crypto functions for (seriously) accelerated aes-{128,192,256}-cbc.

Do temp file cleanup for signals as well as exits in spell(1). --- 499,506 ----

Huge amount of style(9), ANSI and other cleanup in dhclient(8). More to come.

Some std:: namespace and other C++ mode fixes for flex(1). From NetBSD. !

Fix pfctl(8) macro expansion in tags (PR#3664). !

Unbreak and reapply the don't-use-inet_net_pton(3)-without-a-slash fix (PR#3638).

Teach libcrypto(3) how to use the VIA C3 crypto functions for (seriously) accelerated aes-{128,192,256}-cbc.

Do temp file cleanup for signals as well as exits in spell(1). *************** *** 518,524 ****

Allow '-' as a valid character in as(1) mnemonics, as required by a few VIA C3 instructions.

Add a 'paper.txt' make(1) target to generate ASCII output for the documents under /usr/share/doc.

Sync i386 option USER_LDT code with NetBSD, fixing some ports panics. !

In libpthread, add a simple work-around for deadlocking on recursive readlocks on a rwlock while there are writers waiting (from FreeBSD PR#24641.)

Add ARM support and a new port for cats boards.

Rename TCP socket option from TCP_SIGNATURE_ENABLE to TCP_MD5SIG. --- 518,524 ----

Allow '-' as a valid character in as(1) mnemonics, as required by a few VIA C3 instructions.

Add a 'paper.txt' make(1) target to generate ASCII output for the documents under /usr/share/doc.

Sync i386 option USER_LDT code with NetBSD, fixing some ports panics. !

In libpthread, add a simple work-around for deadlocking on recursive readlocks on a rwlock while there are writers waiting (from FreeBSD PR#24641).

Add ARM support and a new port for cats boards.

Rename TCP socket option from TCP_SIGNATURE_ENABLE to TCP_MD5SIG. *************** *** 542,548 ****

On i386 systems with SSE2, halve the time taken to zero a page of memory. Based on FreeBSD.

Switch the new sigaltstack(2) code back on again on alpha and sparc64.

Make ddb(4)'s ps /n command show the correct state for a process. !

Reset the TCP keepalive timer to tcp.keepidle (normally four hours) after the three-way handshake completes. (syncache sets it to tcp.keepinittime, normally 150 seconds.)

Allow a single listen socket to be used for connections with and without tcpmd5.

Avoid a long scsi(4) freeze when attaching live scsibus* devices.

Support RFC 3390 'Increasing TCP's initial window' extension, enabled using sysctl(8) net.inet.tcp.rfc3390. --- 542,548 ----

On i386 systems with SSE2, halve the time taken to zero a page of memory. Based on FreeBSD.

Switch the new sigaltstack(2) code back on again on alpha and sparc64.

Make ddb(4)'s ps /n command show the correct state for a process. !

Reset the TCP keepalive timer to tcp.keepidle (normally four hours) after the three-way handshake completes. (syncache sets it to tcp.keepinittime, normally 150 seconds).

Allow a single listen socket to be used for connections with and without tcpmd5.

Avoid a long scsi(4) freeze when attaching live scsibus* devices.

Support RFC 3390 'Increasing TCP's initial window' extension, enabled using sysctl(8) net.inet.tcp.rfc3390. *************** *** 556,562 ****

Track the number of ftp or http connections to a host in pkg_add(1). Limit to one connection for now.

New -L option to set (pkg_create(1)) or use (pkg_add(1)) the package LOCALBASE. See bsd.port.mk(5) for details.

Use _exit(2) instead of abort(3) when xfs(1) dies due to an error. !

Fix a potential double-free in m_split(9) (PR#3651.)

Add privilege separation for tcpdump(8).

Move gcc2-specific files into the architecure-specific distribution setlists. Gulp.

Don't dump core in patch(1) when the file can't be found but user says to patch anyway. --- 556,562 ----

Track the number of ftp or http connections to a host in pkg_add(1). Limit to one connection for now.

New -L option to set (pkg_create(1)) or use (pkg_add(1)) the package LOCALBASE. See bsd.port.mk(5) for details.

Use _exit(2) instead of abort(3) when xfs(1) dies due to an error. !

Fix a potential double-free in m_split(9) (PR#3651).

Add privilege separation for tcpdump(8).

Move gcc2-specific files into the architecure-specific distribution setlists. Gulp.

Don't dump core in patch(1) when the file can't be found but user says to patch anyway. *************** *** 569,575 ****

In pkg_add(1), exit instead of carrying on regardless when the pre-addition stage fails.

Better pfkeyv2 interface when setting up tcpmd5 in bgpd(8). More to do.

Add support for -f (force) option to pkg_add(1) and pkg_delete(1). !

Allow skey(1)-format usernames (user:skey) in sftp(1) (OpenSSH bugzilla #777.)

In pf_test and pf_test6, immediately drop packets on any interface that doesn't have an associated pfi_kif structure.

Hash tcpmd5 TDB lookups by source address instead of the spi

Add missing case for TCP MD5 sigs in SADB_GETPROTO(). --- 569,575 ----

In pkg_add(1), exit instead of carrying on regardless when the pre-addition stage fails.

Better pfkeyv2 interface when setting up tcpmd5 in bgpd(8). More to do.

Add support for -f (force) option to pkg_add(1) and pkg_delete(1). !

Allow skey(1)-format usernames (user:skey) in sftp(1) (OpenSSH bugzilla #777).

In pf_test and pf_test6, immediately drop packets on any interface that doesn't have an associated pfi_kif structure.

Hash tcpmd5 TDB lookups by source address instead of the spi

Add missing case for TCP MD5 sigs in SADB_GETPROTO(). *************** *** 623,630 **** [Applied to stable]

Stop mixerctl(1) segfaulting on non-existent fields.

Add a simple 802.3x printer to tcpdump(8). !

Allow ftp-proxy(8) to set the outgoing address with the new -a option (PR#3538.) !

In pfctl(8), only use inet_net_pton(3) on addresses containing a '/', otherwise use inet_pton(3) (PR#3638.)

New -S option to nc(1), enabling the TCP MD5 signature option.

Fix collapsing of multiple pfsync(4) update messages into one.

Fix pfsync(4) state timeouts. --- 623,630 ---- [Applied to stable]

Stop mixerctl(1) segfaulting on non-existent fields.

Add a simple 802.3x printer to tcpdump(8). !

Allow ftp-proxy(8) to set the outgoing address with the new -a option (PR#3538). !

In pfctl(8), only use inet_net_pton(3) on addresses containing a '/', otherwise use inet_pton(3) (PR#3638).

New -S option to nc(1), enabling the TCP MD5 signature option.

Fix collapsing of multiple pfsync(4) update messages into one.

Fix pfsync(4) state timeouts. *************** *** 653,659 ****

Fix grep(1)'s -b option.

Fix a missing malloc(3) error check in syslogd(8).

New user _tcpdump for upcoming privsep of, uh, tcpdump(8). !

Avoid half-open deadlock in ssh(1) (OpenSSH bugzilla #790.)

Some sane defaults for afsd.conf(5) and ThisCell(5).

Update sendmail(8) to 8.12.11. --- 653,659 ----

Fix grep(1)'s -b option.

Fix a missing malloc(3) error check in syslogd(8).

New user _tcpdump for upcoming privsep of, uh, tcpdump(8). !

Avoid half-open deadlock in ssh(1) (OpenSSH bugzilla #790).

Some sane defaults for afsd.conf(5) and ThisCell(5).

Update sendmail(8) to 8.12.11. *************** *** 706,716 ****

Use the right type when checking the magic number in savecore(8).

printf(3) integer type cleanup in netstat(1).

Correct a use-after-free in cvs(1), fixing a coredump when the user hits ^C. !

Fix authpf(8) ruleset names that contain the username (PR#3627.)

'=' != '==' in fsck(8).

Let <ctype.h> compile on non-gcc compilers.

Reintroduce old TCP MD5 signature (RFC 2385) code from 4.5 years ago, hopefully with a reduced likelihood of kernel borkage. !

Improvements to sftp(1) batch mode: Allow batchfile input from stdin, and remove stderr junk (OpenSSH bugzilla #754.)

Add IPv6 loopback routes and allow connection to the carp(4) shared IPv6 address from the MASTER host, like for IPv4.

Fix a signed buffer length variable in syslogd(8).

Build local nm(1) and size(1) instead of those from binutils. --- 706,716 ----

Use the right type when checking the magic number in savecore(8).

printf(3) integer type cleanup in netstat(1).

Correct a use-after-free in cvs(1), fixing a coredump when the user hits ^C. !

Fix authpf(8) ruleset names that contain the username (PR#3627).

'=' != '==' in fsck(8).

Let <ctype.h> compile on non-gcc compilers.

Reintroduce old TCP MD5 signature (RFC 2385) code from 4.5 years ago, hopefully with a reduced likelihood of kernel borkage. !

Improvements to sftp(1) batch mode: Allow batchfile input from stdin, and remove stderr junk (OpenSSH bugzilla #754).

Add IPv6 loopback routes and allow connection to the carp(4) shared IPv6 address from the MASTER host, like for IPv4.

Fix a signed buffer length variable in syslogd(8).

Build local nm(1) and size(1) instead of those from binutils. *************** *** 772,778 ****

Logic fixes in diff3(1) where one file has changes but the other does not.

Some scsi(4) probe cleanups and fixes, inspired by NetBSD.

Implement the truly wonderful -p option for diff(1). !

Fix an i386 crash in the ahc(4) device probe (PR#3630.)

Add a field for the emulation type in the struct returned by the KERN_PROC2 sysctl(3).

Switch pkill(1) and pgrep(1) to kvm_getproc2(3), and so enable the -s option to work.

Add kvm_get{argv,envv,proc}2(3) using KERN_PROC2. Based on NetBSD. --- 772,778 ----

Logic fixes in diff3(1) where one file has changes but the other does not.

Some scsi(4) probe cleanups and fixes, inspired by NetBSD.

Implement the truly wonderful -p option for diff(1). !

Fix an i386 crash in the ahc(4) device probe (PR#3630).

Add a field for the emulation type in the struct returned by the KERN_PROC2 sysctl(3).

Switch pkill(1) and pgrep(1) to kvm_getproc2(3), and so enable the -s option to work.

Add kvm_get{argv,envv,proc}2(3) using KERN_PROC2. Based on NetBSD. *************** *** 814,820 ****

In isakmpd(8) only allow an INITIAL-CONTACT when a main-mode SA is in place, and never delete SPIs based on it.

gcc3 handles varargs differently, change the kernel sources to deal with it.

Some poll(2)-related fixes to select(2) under pthreads. From FreeBSD. !

Fix objcopy(1)'s long options list, unbreaking strip(1)'s -s option and others (PR#3623.)
[Applied to stable]

Don't create a pid file for rtsold(8).

If the scsi(4) error code is unknown, at least show the code we didn't have a message for. --- 814,820 ----

In isakmpd(8) only allow an INITIAL-CONTACT when a main-mode SA is in place, and never delete SPIs based on it.

gcc3 handles varargs differently, change the kernel sources to deal with it.

Some poll(2)-related fixes to select(2) under pthreads. From FreeBSD. !

Fix objcopy(1)'s long options list, unbreaking strip(1)'s -s option and others (PR#3623).
[Applied to stable]

Don't create a pid file for rtsold(8).

If the scsi(4) error code is unknown, at least show the code we didn't have a message for. *************** *** 849,861 ****

Allow a precision (-p option) of zero in jot(1).

On i386, properly recognise SiS CPUs.

Hack around a reentrancy bug in the cvs(1) server's abnormal exit handler. !

Allocate what's required for an identifier in config(8) instead of an arbitrary 500-byte buffer (PR#3614.)

Stop libcurses++ fooling with libstdc++ internals so it compiles under gcc3. !

Add -4 and -6 options to telnet(1) for IPv4- and IPv6-only operation (PR#1974.)

Tag ahc(4) I/O operations requeued as a result of aborts, timeouts etc. so that they're not treated as successfully completed operations.

Update security(8) after the recent join(1) change prompted by PR#2208. !

Make join(1) more POSIX for non-matching lines (PR#2208.)

Add dirhash feature from FreeBSD, which uses an in-memory hash table for lookups in large directories. Not enabled by default yet. See UFS_DIRHASH in options(4).

Extend the pfsync(4) protocol to allow a peer to query for complete state information should it receive an update for a state it knows nothing about.

Check for oversize allocations earlier in kernel malloc(9). --- 849,861 ----

Allow a precision (-p option) of zero in jot(1).

On i386, properly recognise SiS CPUs.

Hack around a reentrancy bug in the cvs(1) server's abnormal exit handler. !

Allocate what's required for an identifier in config(8) instead of an arbitrary 500-byte buffer (PR#3614).

Stop libcurses++ fooling with libstdc++ internals so it compiles under gcc3. !

Add -4 and -6 options to telnet(1) for IPv4- and IPv6-only operation (PR#1974).

Tag ahc(4) I/O operations requeued as a result of aborts, timeouts etc. so that they're not treated as successfully completed operations.

Update security(8) after the recent join(1) change prompted by PR#2208. !

Make join(1) more POSIX for non-matching lines (PR#2208).

Add dirhash feature from FreeBSD, which uses an in-memory hash table for lookups in large directories. Not enabled by default yet. See UFS_DIRHASH in options(4).

Extend the pfsync(4) protocol to allow a peer to query for complete state information should it receive an update for a state it knows nothing about.

Check for oversize allocations earlier in kernel malloc(9). *************** *** 891,900 ****

New sshd(8) option KerberosGetAFSToken.

Have ifconfig(8) automagically create network pseudo-interfaces.

Mercifully, turn the non-monotonic time warning off #ifndef DEBUG. !

Initialise the url(4) MAC address properly (PR#3612.)

When sudo(8) is run with -k or -K only complain about missing usernames to stderr and don't log anything, since we may be running in a .logout script at shutdown and the YP etc. daemon may have gone away. !

Fix a remotely exploitable crasher in tcpdump(8)'s l2tp parser (PR#3610.)
[Applied to stable]

Properly clean up 3DES cipher contexts in ssh(1).

Make sure a signal handler-modified variable in sensorsd(8) is typed as volatile sig_atomic_t. --- 891,900 ----

New sshd(8) option KerberosGetAFSToken.

Have ifconfig(8) automagically create network pseudo-interfaces.

Mercifully, turn the non-monotonic time warning off #ifndef DEBUG. !

Initialise the url(4) MAC address properly (PR#3612).

Fix a remotely exploitable crasher in tcpdump(8)'s l2tp parser (PR#3610).
[Applied to stable]

Properly clean up 3DES cipher contexts in ssh(1).

Make sure a signal handler-modified variable in sensorsd(8) is typed as volatile sig_atomic_t. *************** *** 939,949 ****

New queue(3) macros SLIST_FOREACH_PREVPTR (from FreeBSD) and SLIST_REMOVE_NEXT.

Allow cloner interfaces to return an error from their destroy function.

Much string cleaning and abort(3) -> exit(3) in the AFS library. !

Stop newsyslog(8) segfaulting when given an empty command (PR#3578.)

Fix a couple of missing printf(3) args in monop(6) and mopd(8). !

New environment variable MANPAGER for man(1) (PR#3563.)

Add app-layer keepalive option 'ServerAliveInterval' to ssh(1), analogous to ClientAliveInterval on the server. !

Don't do expensive pfsync(4) processing if noone is using it (i.e. no bpf(4) listeners, and no network synchronisation.)

Shorten or '#ifdef SMALL'-out some long message strings in the kernel.

A round of boot floppy space-saving begins. --- 939,949 ----

New queue(3) macros SLIST_FOREACH_PREVPTR (from FreeBSD) and SLIST_REMOVE_NEXT.

Allow cloner interfaces to return an error from their destroy function.

Much string cleaning and abort(3) -> exit(3) in the AFS library. !

Stop newsyslog(8) segfaulting when given an empty command (PR#3578).

Fix a couple of missing printf(3) args in monop(6) and mopd(8). !

New environment variable MANPAGER for man(1) (PR#3563).

Add app-layer keepalive option 'ServerAliveInterval' to ssh(1), analogous to ClientAliveInterval on the server. !

Don't do expensive pfsync(4) processing if noone is using it (i.e. no bpf(4) listeners, and no network synchronisation).

Shorten or '#ifdef SMALL'-out some long message strings in the kernel.

A round of boot floppy space-saving begins. *************** *** 951,957 ****

Fix some fallout from the rlim_t change from signed to unsigned.

Add support for groups 14 through 18 (modp{2048,2072,4096,6144,8192} - see RFC 3526) to isakmpd(8).

Initial support for pf(4) state synchronisation over the network. See pfsync(4). !

Make sh(1) and ksh(1) functions work the way the manual page suggests with respect to non-exported environment variables (PR#2450.)

Allow pf(4) to track stateful connections based on the source IP address. Especially useful for load balancing configurations.

Add awk(1) USD paper in /usr/share/doc/usd/16.awk. --- 951,957 ----

Fix some fallout from the rlim_t change from signed to unsigned.

Add support for groups 14 through 18 (modp{2048,2072,4096,6144,8192} - see RFC 3526) to isakmpd(8).

Initial support for pf(4) state synchronisation over the network. See pfsync(4). !

Make sh(1) and ksh(1) functions work the way the manual page suggests with respect to non-exported environment variables (PR#2450).

Allow pf(4) to track stateful connections based on the source IP address. Especially useful for load balancing configurations.

Add awk(1) USD paper in /usr/share/doc/usd/16.awk. *************** *** 963,970 ****

Don't accept absolute pathnames for module names in cvs(1). From CVS 1.11.10.

Cleanup and POSIXness for join(1). From FreeBSD. !

More POSIX type definitions (rlim_t now unsigned, RLIM_SAVED_{CUR,MAX} defined, id_t defined.) !

Kill annoying pf(4) assertion failure messages, and correct the underlying problem with NAT and table stats (PR#3587.)

Fix sis(4) short cable problems properly. From Linux and the datasheets, via FreeBSD.

Also for poll(2), add pollfd_t (= struct pollfd) as in Solaris. --- 963,970 ----

Don't accept absolute pathnames for module names in cvs(1). From CVS 1.11.10.

Cleanup and POSIXness for join(1). From FreeBSD. !

More POSIX type definitions (rlim_t now unsigned, RLIM_SAVED_{CUR,MAX} defined, id_t defined). !

Kill annoying pf(4) assertion failure messages, and correct the underlying problem with NAT and table stats (PR#3587).

Fix sis(4) short cable problems properly. From Linux and the datasheets, via FreeBSD.

Also for poll(2), add pollfd_t (= struct pollfd) as in Solaris. *************** *** 983,997 ****

Better -n handling for pkg_add(1) and pkg_delete(1) when dependencies are involved.

Make explicit the base package to which pkg_add(1)'s dependency resolution output applies.

Fix error-handling logic in pkg_add(1) that affected the -n option. !

In ssh(1) and sshd(8), don't modify argv when parsing the -o option (unbreaks HUP for sshd.)

Make ssh(1) option ClientKeepAlive work when the -N option (no login shell) is in effect.

Stop ssh-keygen(1)'s -T option from accepting primes with no known generator.

Add some PostScript docs for lex(1).

Fix some missing printf(3) args in tn3270(1) and kernfs.

Some cleanup in compress(1). !

Allow more than one user at a time to use ftp(1) in active mode (PR#3596.)
[Applied to stable] !

Unbreak xfs symlinks (PR#3552.)
[Applied to stable]

In patch(1), get a private mapping from mmap(2) instead of a default (file) mapping. --- 983,997 ----

Better -n handling for pkg_add(1) and pkg_delete(1) when dependencies are involved.

Make explicit the base package to which pkg_add(1)'s dependency resolution output applies.

Fix error-handling logic in pkg_add(1) that affected the -n option. !

In ssh(1) and sshd(8), don't modify argv when parsing the -o option (unbreaks HUP for sshd).

Make ssh(1) option ClientKeepAlive work when the -N option (no login shell) is in effect.

Stop ssh-keygen(1)'s -T option from accepting primes with no known generator.

Add some PostScript docs for lex(1).

Fix some missing printf(3) args in tn3270(1) and kernfs.

Some cleanup in compress(1). !

Allow more than one user at a time to use ftp(1) in active mode (PR#3596).
[Applied to stable] !

Unbreak xfs symlinks (PR#3552).
[Applied to stable]

In patch(1), get a private mapping from mmap(2) instead of a default (file) mapping. *************** *** 1005,1013 ****

New mbuf_tags(9) type ...PF_TRANSLATE_LOCALHOST, used so that pf(4) redirection to localhost doesn't defeat the ability of programs like portmap(8) to tell localhost connections from remote connections.

Add ifconfig create support to ppp(4) and sl(4). No ifconfig destroy yet. !

Fix regex(3) handling of non-ASCII characters (PR#3594.) Fix from FreeBSD. !

Fix grep(1)'s handling of certain patterns containing multiple dots (PR#3597.)

Make ifconfig destroy work on tun(4).

Fix an endianness bug that was causing wicontrol(8) to crash. --- 1005,1013 ----

Add ifconfig create support to ppp(4) and sl(4). No ifconfig destroy yet. !

Fix regex(3) handling of non-ASCII characters (PR#3594). Fix from FreeBSD. !

Fix grep(1)'s handling of certain patterns containing multiple dots (PR#3597).

Make ifconfig destroy work on tun(4).

Fix an endianness bug that was causing wicontrol(8) to crash. *************** *** 1038,1044 ****

Avoid a null-deref in uvm_swap_markbad().

Check signedness before dereferencing in kernel descriptor management code. !

Fix csh(1) variable substitution when shortening strings (PR#3591.)

In aliases(5), direct mail for most fake users (e.g. _syslogd) to /dev/null instead of spamming root.

Add an amd64 target to gcc3.

Add extended register support in dc(1) (-x option,) ready for long variable names support coming to bc(1) soon. --- 1038,1044 ----

Avoid a null-deref in uvm_swap_markbad().

Check signedness before dereferencing in kernel descriptor management code. !

Fix csh(1) variable substitution when shortening strings (PR#3591).

In aliases(5), direct mail for most fake users (e.g. _syslogd) to /dev/null instead of spamming root.

Add an amd64 target to gcc3.

Add extended register support in dc(1) (-x option,) ready for long variable names support coming to bc(1) soon. *************** *** 1051,1057 ****

Fix the regex in security(8) that tests for valid group names.

More fixes to pf(4) stats gathering. !

Fix NFS-over-TCP speed when OpenBSD is serving Linux clients (PR#3561.)

Allow systrace(1) to accept usernames ending in '$'.

Fix missing printf(3) arguments in eeprom(8), elf2aout and elf2ecoff. --- 1051,1057 ----

Fix the regex in security(8) that tests for valid group names.

More fixes to pf(4) stats gathering. !

Fix NFS-over-TCP speed when OpenBSD is serving Linux clients (PR#3561).

Allow systrace(1) to accept usernames ending in '$'.

Fix missing printf(3) arguments in eeprom(8), elf2aout and elf2ecoff. *************** *** 1067,1073 ****

Move libiberty into src/gnu/lib/libiberty, removing it from the egcs directory. The new library is a sync'd to "somewhere between binutils-2.10 and 2.11" with some local changes.

Avoid a double-free in pcap_setfilter(3). !

Have the kernel's MD5 code use the per-architecture optimised bcopy() instead of its own implementation (PR#3549.)

New meaning for the ssh(1) -k option, it's now equivalent to GSSAPIDelegateCredentials=no.

In ssh-keyscan(1), use sysconf(3) to get the maximum fd limit instead of returning an arbitrary number. --- 1067,1073 ----

Move libiberty into src/gnu/lib/libiberty, removing it from the egcs directory. The new library is a sync'd to "somewhere between binutils-2.10 and 2.11" with some local changes.

Avoid a double-free in pcap_setfilter(3). !

Have the kernel's MD5 code use the per-architecture optimised bcopy() instead of its own implementation (PR#3549).

New meaning for the ssh(1) -k option, it's now equivalent to GSSAPIDelegateCredentials=no.

In ssh-keyscan(1), use sysconf(3) to get the maximum fd limit instead of returning an arbitrary number. *************** *** 1115,1121 ****

Fix a missing initialisation in libkvm.

Don't expose the contents of named(8)'s rndc.key file when diff'd by security(8).

Merge in Apache 1.3.29 and mod_ssl 2.8.16. !

Add a missing bounds check and fix an int overflow in compat_ibcs2(8) (not enabled by default.)
[Applied to stable]

Two more non-portable extensions to bc(1): Add new boolean operators, and allow relational operators to appear anywhere.

Add drop operator 'R' to dc(1). --- 1115,1121 ----

Fix a missing initialisation in libkvm.

Don't expose the contents of named(8)'s rndc.key file when diff'd by security(8).

Merge in Apache 1.3.29 and mod_ssl 2.8.16. !

Add a missing bounds check and fix an int overflow in compat_ibcs2(8) (not enabled by default).
[Applied to stable]

Two more non-portable extensions to bc(1): Add new boolean operators, and allow relational operators to appear anywhere.

Add drop operator 'R' to dc(1). *************** *** 1169,1175 ****

Unbreak the anchor rule number returned by pfsync(4).

Avoid a race condition when swapping in a process. !

On i386, fix a crash that occurred with a large number (>1500) of processes (PR#3528.)

New 'no sync' state option to prevent state transitions for a particular rule appearing on the pfsync(4) interface.

Check that carp(4) packets are received on a carp-enabled interface. --- 1169,1175 ----

Unbreak the anchor rule number returned by pfsync(4).

Avoid a race condition when swapping in a process. !

On i386, fix a crash that occurred with a large number (>1500) of processes (PR#3528).

New 'no sync' state option to prevent state transitions for a particular rule appearing on the pfsync(4) interface.

Check that carp(4) packets are received on a carp-enabled interface. *************** *** 1185,1192 ****

The package tools now automatically use the target of the first @cwd in the packing list as the prefix.

Temporarily back out the recent reordering of interface capability tests and pf_test(). pf(4) rdr rules are now generating some bogus checksums.

In isakmpd(8), require encrypted messages as soon as we have the keystate for it, require DELETE payloads to be accompanied by HASHes, and add validation for HASH payloads without active exchanges. !

Allow pf(4) tags to use the same macros as labels (see pf.conf(5).) !

Teach gdb(1) about SIGINFO (PR#3173.)

Add commented-out LoadModule config lines, along with a short description, for each httpd(8) module in the standard build.

In newfs(8) don't write the magic to the superblock until filesystem creation is completed.

Fix netstat(1)'s display of IPv6 link-local multicast addresses. --- 1185,1192 ----

The package tools now automatically use the target of the first @cwd in the packing list as the prefix.

Temporarily back out the recent reordering of interface capability tests and pf_test(). pf(4) rdr rules are now generating some bogus checksums.

In isakmpd(8), require encrypted messages as soon as we have the keystate for it, require DELETE payloads to be accompanied by HASHes, and add validation for HASH payloads without active exchanges. !

Allow pf(4) tags to use the same macros as labels (see pf.conf(5)). !

Teach gdb(1) about SIGINFO (PR#3173).

Add commented-out LoadModule config lines, along with a short description, for each httpd(8) module in the standard build.

In newfs(8) don't write the magic to the superblock until filesystem creation is completed.

Fix netstat(1)'s display of IPv6 link-local multicast addresses. *************** *** 1219,1239 ****

New --posix option for patch(1) for, uh, strict POSIX conformance.

Set pkgpath in the correct order in pkg_add(1) etc.

Re-add the SATA mode detection and reset-pause-IDENTIFY fixes to wdc(4). Drive reset fixes need further testing. !

Allocate the right number of elements in hashinit(9) (PR#3537.)

Look up the groupname (not the username) when getting the gid from a tarfile in pkg_add(1) and friends. Also set file ownership before the mode.

Add IPv6 support to carp(4).

Sync libedit to NetBSD as of 2003-10-01, with some local string cleaning and history bug fixes. There are some api changes as a result of this update.

New port, OPENBSD/pegasos. !

Fix insufficient length check in route6d(8) (KAME PR#507.)

Try to deal with strdup(3) failures in init(8).

More detective work from the spelling police, double-word branch.

Fix lc(4) multicast filter initialisation.

Backout recent wdc(4) reset, identify and mode detection changes, they are breaking things. !

Fix pf(4) binat for incoming connections when a netblock (not just a single address) is used as the rule source (PR#3535.)
[Applied to stable] !

RELIABILITY FIX: A user with write permission to httpd.conf or a .htaccess file can crash httpd(8) or potentially run arbitrary code as the user www (although it is believed that ProPolice will prevent code execution.)
A source code patch is available.
[Applied to stable] --- 1219,1239 ----

New --posix option for patch(1) for, uh, strict POSIX conformance.

Set pkgpath in the correct order in pkg_add(1) etc.

Re-add the SATA mode detection and reset-pause-IDENTIFY fixes to wdc(4). Drive reset fixes need further testing. !

Allocate the right number of elements in hashinit(9) (PR#3537).

Look up the groupname (not the username) when getting the gid from a tarfile in pkg_add(1) and friends. Also set file ownership before the mode.

Add IPv6 support to carp(4).

Sync libedit to NetBSD as of 2003-10-01, with some local string cleaning and history bug fixes. There are some api changes as a result of this update.

New port, OPENBSD/pegasos. !

Fix insufficient length check in route6d(8) (KAME PR#507).

Try to deal with strdup(3) failures in init(8).

More detective work from the spelling police, double-word branch.

Fix lc(4) multicast filter initialisation.

Backout recent wdc(4) reset, identify and mode detection changes, they are breaking things. !

Fix pf(4) binat for incoming connections when a netblock (not just a single address) is used as the rule source (PR#3535).
[Applied to stable] !

RELIABILITY FIX: A user with write permission to httpd.conf or a .htaccess file can crash httpd(8) or potentially run arbitrary code as the user www (although it is believed that ProPolice will prevent code execution).
A source code patch is available.
[Applied to stable] *************** *** 1338,1366 ****

Add division and modulus operator '~' to dc(1).

Remove GNU bc and dc from the tree.

Merge in expat 1.95.6 from XFree86 4.3.99.14. !

Search for keys in the ssh(1) agent in reverse order to solve duplicate key problems (OpenSSH bugzilla #684.)

ssh(1) option ForwardX11 now has xauth(1) generate untrusted keys by default. Option ForwardX11Trusted restores the old behaviour.

Change vnd(4) major/minor numbering to allow more devices. Requires a MAKEDEV. !

Do nfs-specific 'test -x' stuff in the right order in ksh(1) (PR#3465.)

More work on vr(4).

Have the linker generate a warning when using 43compat's getwd(3).

Better calibration code for auich(4). From FreeBSD/NetBSD. !

Re-enable the random increment on the return value of uvm_map_hint() (called by uvm_map(9).)

Install a sample config file for sensorsd(8).

Prevent symlink races in systrace(1).

Have GSSAPI default to off in the ssh(1) client as well as the server.

Unbreak pf(4) on 64-bit architectures.

Hack httpd(8) so digest authentication works with IE, Safari, etc. From FreeBSD. !

Fix potential signedness bug in fgets(3) (PR#1709.) !

Correct __bounded__ attributes for {MD4,MD5,RMD160,SHA1}DATA functions (PR#3505.)

Allow newfs(8) to build small filesystems again by making sure ncyls >= 2.
[Applied to stable]

Plug a memory leak in netstat(1). !

Add nfs attribute cache tuning parameters to mount_nfs(8) (Inspired by PR#2567.)

Kill a null deref in make(1).

Allow a semicolon to terminate label strings in sed(1), so one-liners with labels can work.

A few string and memory fixes in rup(1). --- 1338,1366 ----

Add division and modulus operator '~' to dc(1).

Remove GNU bc and dc from the tree.

Merge in expat 1.95.6 from XFree86 4.3.99.14. !

Search for keys in the ssh(1) agent in reverse order to solve duplicate key problems (OpenSSH bugzilla #684).

ssh(1) option ForwardX11 now has xauth(1) generate untrusted keys by default. Option ForwardX11Trusted restores the old behaviour.

Change vnd(4) major/minor numbering to allow more devices. Requires a MAKEDEV. !

Do nfs-specific 'test -x' stuff in the right order in ksh(1) (PR#3465).

More work on vr(4).

Have the linker generate a warning when using 43compat's getwd(3).

Better calibration code for auich(4). From FreeBSD/NetBSD. !

Re-enable the random increment on the return value of uvm_map_hint() (called by uvm_map(9)).

Install a sample config file for sensorsd(8).

Prevent symlink races in systrace(1).

Have GSSAPI default to off in the ssh(1) client as well as the server.

Unbreak pf(4) on 64-bit architectures.

Hack httpd(8) so digest authentication works with IE, Safari, etc. From FreeBSD. !

Fix potential signedness bug in fgets(3) (PR#1709). !

Correct __bounded__ attributes for {MD4,MD5,RMD160,SHA1}DATA functions (PR#3505).

Allow newfs(8) to build small filesystems again by making sure ncyls >= 2.
[Applied to stable]

Plug a memory leak in netstat(1). !

Add nfs attribute cache tuning parameters to mount_nfs(8) (Inspired by PR#2567).

Kill a null deref in make(1).

Allow a semicolon to terminate label strings in sed(1), so one-liners with labels can work.

A few string and memory fixes in rup(1). *************** *** 1386,1394 ****

Stop isakmpd(8) crashing when the value for LIFE_DURATION is missing.

Back out the new environment variable load in ld.so(1) due to sparc breakage.

Unbreak the new xfs poll backend. !

Fix a long-standing memory leak in kernel libz (PR#2886.) From NetBSD.

Print a more useful error message when a bad port number is given to whois(1). !

Fix broken time parsing in kadmin(8) (PR#3292.)

Initialise environment variables in ld.so(1) before calling constructors and atexit(3) functions

Have inetd(8) exit if no config file is found. --- 1386,1394 ----

Stop isakmpd(8) crashing when the value for LIFE_DURATION is missing.

Back out the new environment variable load in ld.so(1) due to sparc breakage.

Unbreak the new xfs poll backend. !

Fix a long-standing memory leak in kernel libz (PR#2886). From NetBSD.

Print a more useful error message when a bad port number is given to whois(1). !

Fix broken time parsing in kadmin(8) (PR#3292).

Initialise environment variables in ld.so(1) before calling constructors and atexit(3) functions

Have inetd(8) exit if no config file is found. *************** *** 1410,1421 ****

Remove a bad m_cat(9) call when fragmenting outbound IPv6 packets.

Add a missing initialisation in pflog(4) that allowed kernel stack garbage to leak into .pcap files.

Have the libc stack protector code use the kernel __sysctl() call directly instead of using the libc sysctl(3) interface. !

Stop reading ~/.signature to pre-fill the Organisation: field in sendbug(1) (PR#3499.)

Fixes to event(3) poll code.

Have ftpd(8) listen on both IPv4 and IPv6 ports by default.

Fix an out-of-bounds memory access in kernel compat_ibcs2(8) code.

Add missing check for strdup(3) error in talk(1). !

Correct a couple of off-by-ones in banner(1) and ssl(3) (src/ssl/ssl_ciph.c.)

Fix the code that grows ifindex2ifnet in sys/net/if.c.

Add a stack of missing switch break statements needed after the _dl_errno changes to ld.so(1). --- 1410,1421 ----

Remove a bad m_cat(9) call when fragmenting outbound IPv6 packets.

Add a missing initialisation in pflog(4) that allowed kernel stack garbage to leak into .pcap files.

Have the libc stack protector code use the kernel __sysctl() call directly instead of using the libc sysctl(3) interface. !

Stop reading ~/.signature to pre-fill the Organisation: field in sendbug(1) (PR#3499).

Fixes to event(3) poll code.

Have ftpd(8) listen on both IPv4 and IPv6 ports by default.

Fix an out-of-bounds memory access in kernel compat_ibcs2(8) code.

Add missing check for strdup(3) error in talk(1). !

Correct a couple of off-by-ones in banner(1) and ssl(3) (src/ssl/ssl_ciph.c).

Fix the code that grows ifindex2ifnet in sys/net/if.c.

Add a stack of missing switch break statements needed after the _dl_errno changes to ld.so(1). *************** *** 1450,1460 ****

Fix an off-by-one and a bad string bounds length in atc(6).

Don't set sshd(8)'s listen socket to non-blocking mode.

Build the new BSD bc(1) and dc(1) in favour of the GNU versions. !

Drop authpf(8)'s 15-character username restriction, it's no longer necessary (PR#3491.)

Allocate a buffer large enough to store a full IPX address in ipx_ntoa(3).

Unbreak netstat(1) -i display columns for interfaces with no address.

Stop spamd(8) dying unceremoniously on accept(2) failures. !

Make talk(1) retry if accept(2) returns ECONNABORTED (the same as it does for EINTR.)

realloc(3) fixes in brconfig(8), dhclient(8), lpd(8), pppd(8) and rwhod(8).

Add a 'recipe' datafile to fortune(6), starting with some barbecue recipes from the hackathon.

Use arc4random(3) instead of srand(3) to generate a more random salt for htpasswd(1). --- 1450,1460 ----

Fix an off-by-one and a bad string bounds length in atc(6).

Don't set sshd(8)'s listen socket to non-blocking mode.

Build the new BSD bc(1) and dc(1) in favour of the GNU versions. !

Drop authpf(8)'s 15-character username restriction, it's no longer necessary (PR#3491).

Allocate a buffer large enough to store a full IPX address in ipx_ntoa(3).

Unbreak netstat(1) -i display columns for interfaces with no address.

Stop spamd(8) dying unceremoniously on accept(2) failures. !

Make talk(1) retry if accept(2) returns ECONNABORTED (the same as it does for EINTR).

realloc(3) fixes in brconfig(8), dhclient(8), lpd(8), pppd(8) and rwhod(8).

Add a 'recipe' datafile to fortune(6), starting with some barbecue recipes from the hackathon.

Use arc4random(3) instead of srand(3) to generate a more random salt for htpasswd(1). *************** *** 1464,1475 ****

Use strlcpy(3) instead of bcopy(3) to avoid overflowing the nodename and netname in an(4).

Fix a couple of off-by-ones in adventure(6).

Fix an out-of-bounds write in the isakmpd(8) privsep monitor code. !

Make dlerror(3) clear _dl_errno as expected (PR#3441.)

Correct a couple of off-by-ones in libc.

Fix overflows in the X font server overflow fix. Sigh.

Add a missing free in cvs(1).

New, BSD-licensed version of bc(1). !

Fix an off-by-one in csh(1) (PR#3163.)

More realloc(3) fixes.

Fix a bad bounds check that could crash sort(1). --- 1464,1475 ----

Use strlcpy(3) instead of bcopy(3) to avoid overflowing the nodename and netname in an(4).

Fix a couple of off-by-ones in adventure(6).

Fix an out-of-bounds write in the isakmpd(8) privsep monitor code. !

Make dlerror(3) clear _dl_errno as expected (PR#3441).

Correct a couple of off-by-ones in libc.

Fix overflows in the X font server overflow fix. Sigh.

Add a missing free in cvs(1).

New, BSD-licensed version of bc(1). !

Fix an off-by-one in csh(1) (PR#3163).

More realloc(3) fixes.

Fix a bad bounds check that could crash sort(1). *************** *** 1525,1535 ****

Stop pfctl(8) checking for a netmask if the address type being examined is a table.

Fix a subtle use-after-free in modload(8).

Some int -> u_int paranoia in ssh(1). !

More ssh(1) buffer management fixes (CAN-2003-0682.)

Further EDD detection improvements on i386. !

Properly flush the ssh(1) RSA1 public key from memory when its output file cannot be opened (OpenSSH bugzilla #662.) !

Correct a double-free in the ssh(1) buffer management code (OpenSSH PR#660.) !

Fix the ssh(1) ConnectTimeout option (OpenSSH PR#656.)

On i386, try harder to boot from removable media by allowing for their removal and insertion.

Updated and better-commented openbsd-proto.mc for sendmail(8). --- 1525,1535 ----

Stop pfctl(8) checking for a netmask if the address type being examined is a table.

Fix a subtle use-after-free in modload(8).

Some int -> u_int paranoia in ssh(1). !

More ssh(1) buffer management fixes (CAN-2003-0682).

Further EDD detection improvements on i386. !

Properly flush the ssh(1) RSA1 public key from memory when its output file cannot be opened (OpenSSH bugzilla #662). !

Correct a double-free in the ssh(1) buffer management code (OpenSSH PR#660). !

Fix the ssh(1) ConnectTimeout option (OpenSSH PR#656).

On i386, try harder to boot from removable media by allowing for their removal and insertion.

Updated and better-commented openbsd-proto.mc for sendmail(8). *************** *** 1571,1577 ****

www@openbsd.org !
$OpenBSD: plus.html,v 1.913 2004/03/26 22:28:11 jmc Exp $ --- 1571,1577 ----

www@openbsd.org !
$OpenBSD: plus.html,v 1.914 2004/03/28 09:44:05 deraadt Exp $