===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.849
retrieving revision 1.850
diff -u -r1.849 -r1.850
--- www/plus.html 2002/11/13 21:26:19 1.849
+++ www/plus.html 2002/12/09 01:48:36 1.850
@@ -50,10 +50,204 @@
We are working on OpenBSD-current.
-The following list sums up (almost) all the changes made up to November 2.
+The following list sums up (almost) all the changes made up to December 7.
+- strncpy -> strlcpy in pfctl(8).
+
- Make compress(1) accept most of gzip(1)'s long options. Some cleanup also.
+
- Continuing compatibility tweaks to getopt_long(3).
+
+
- pf(4) queue options can now be in any order. The 'scheduler' keyword is no longer used.
+
- More rule shrinkage: The 'fromto' part of a pf(4) is now optional and defaults to 'all', so e.g. 'block' == 'block all' == 'block from any to any'.
+
- pf(4) anchor rules now support parameters, so 'anchor name proto tcp from any to any port smtp' works.
+
- Remove support for the '-a otp' flag from telnetd(8). Use login.conf(5) instead.
+
- Make su(1)'s -a flag work again.
+
- 'pfctl -s' now prints out addresses in rules in the order they are entered.
+
- When telnet(1) receives a SIGPIPE when writing to the terminal, treat it like a user SIGQUIT.
+
- Have pfctl(8) use the actual interface MTU instead of assuming 1500.
+
- Convert string key hashes in pfctl(8) to network byte order.
+
- Fix a bug in Xaw that reads the wrong error return from open(2).
+
+
- All the games set up the RNG with srandomdev(3) instead of by lesser means.
+
- Have isakmpd(8) set the transform from the Default-Phase-1-Configuration.
+
- Make srandomdev(3) fall back to using sysctl if it can't open /dev/arandom.
+
- Make the libc getopt_long(3) more compatible with GNU.
+
- Output from 'pfctl -v' is now valid input to pfctl(8).
+
- Make section and tag comparisons in isakmpd(8) case-insensitive.
+
+
- Allow a null direction in pf(4) rules, so e.g. 'block all' is now valid.
+
- Add named rulesets support to pf(4), invoked from 'anchor' rules in the main ruleset.
+
- Kernel memory allocation debugging can now be used anywhere - if the debugging pool is not yet initialised, it just does nothing.
+
- Fixes to getopt_long(3).
+
- Rule numbers are no longer output by 'pfctl -v'. Use '-v -v' to get them back.
+
- Make scp(1) handle systems with odd block sizes better.
+
+
- Drop unnecessary altq devices from the kernel.
+
- Pass correct sizes to memset in ping6(8).
+
- Make bridge(4) behave better when running spanning tree: Flush the dynamic MAC cache when the forwarding/blocking state changes, and only forward packets while in the forwarding state.
+
- Make isakmpd(8) accept ACQUIRE requests with a null EXT_ADDRESS_SRC.
+
- In pf(4), apply a netmask consistently.
+
+
- Crank the major version numbers of the X libraries.
+
- Continuing cleanup and shrinkage of the installer scripts.
+
- arp(8) now prints the interface name with which an address is associated.
+
- Big cleanup up mixerctl(1).
+
- Import a GNUish getopt_long(3) from NetBSD.
+
- Add -4 and -6 command line options to isakmpd(8) to select the address family to use.
+
- Better MTU setting for pfsync(4).
+
- Correct a missed initialiser in raid(4).
+
- Have pfctl(8) play nice and shut down its sockets when it's done.
+
+
- Crank all (system) library major numbers now that propolice is in.
+
- Make a copy of rather than just refer to a string in ld(1). Cures some ports linking problems.
+
- Allow options at the end of pf(4) pass and block rules to come in any order.
+
- Make the bandwidth specifier optional in altq rules (as well as queue rules.) As a side effect, the altq rules can now have "bandwidth xx%" where the percentage is taken w.r.t. the interface bandwidth.
+
- Implement legacy functions ecvt(3), fcvt(3) and gcvt(3) for standards compliance.
+
- Add propolice stack attack protection into gcc(1).
+
- Updated unifdef(1).
+
+
- Don't have the X server drop privileges if started by root and from a non-standard config path.
+
- Tweaks and fixes to pf(4)'s ioctl code.
+
+
+
- Teach tcpdump(8) about pfsync(4).
+
- Add new pseudo-device pfsync(4), exposing changes to the pf(4) state table.
+
- Kill a null deref in pf(4).
+
- Wrap some noisy altq printf()s with #ifdef ALTQ_DEBUG.
+
+
- file(1) gets a new option, -b, which supresses the output of the pathname.
+
- Allow a qlimit to be specified in pf(4) altq rules as well as in queue rules.
+
- Use a custom hash function (based on that in if_bridge.c) for pf(4) source-hash nat pools instead of MD5.
+
- tcpdump(8) checks for invalid icmp6 option length.
+
+
- page_dir update fixed in realloc(3). MALLOC_OPTIONS=J is now honoured in realloc() as well.
+
- 'fc -e' now works when ksh(1) is invoked in 'sh' mode.
+
- Allow usernames given to ssh(1) to contain '@' characters, i.e. the hostname follows the last '@'.
+
- Tweaks to pf(4) altq rules display.
+
- Stop daemon(3) closing descriptors that isakmpd(8) needs.
+
- Have pfctl(8) read correctly the tbrsize spec.
+
- Fix underflow and wraparound in socket timeout calculation.
+
- Make IPv6 work in Linux emulation mode, though not for IPv4-mapped addresses.
+
+
- The bandwidth statement in pf(4) queue rules is now optional.
+
- Change pf.conf(5) ordering so translation is now after queue...
+
- Parse more include files so that kdump(1) knows about more ioctls.
+
- Pass in the right structure to DIOCCHANGEADDR.
+
+
- Fix 'pfctl -Fq' so altq(9) gets flushed and reset properly.
+
- setuid() -> seteuid() in ftpd(8).
+
- Tweak pf(4)'s handling of address families in rules.
+
- Make pfctl(8) fetch the address properly for lo(4) with LINK1 set.
+
- Use 1KB = 1000B instead of 1024B when dealing with bandwidth in pf(4).
+
- Fix URL CRLF injection bug in lynx(1).
+
+
- Add a missing check for snprintf errors in identd(8).
+
- Protect arc4_getbyte() with an splhigh().
+
- Some cleanup in talkd(8).
+
+
- When malloc(3) stats dumps are enabled, warn if atexit(3) fails.
+
- Enforce new pf.conf(5) ordering: options, normalization, translation, queue, filter.
+
- Copy TAILQs properly in pfctl(8).
+
+
- Remove a potential access-after-free in libc's syslog code.
+
- New manual page gcc-local(1) documenting OpenBSD-specific changes to gcc(1).
+
- So farewell, then, altqd(8) and friends.
+
- Better pfctl(8) altq rule error checking.
+
- Fix a potential null deref in pfctl(8)'s parser, and some general cleanup.
+
- Make sure authpf(8) and pfctl(8) don't try to issue ioctls when running with -n.
+
+
- Implement 'nat pools' in pf(4), allow redirection using (nat, rdr, route-to, dup-to and reply-to) to multiple addresses.
+
- Improvements to the ELF loader.
+
- Some snprintf paranoia in BSD auth, also some extra initialisation.
+
- Added new example dir /usr/share/pf, and example queue rulebase /usr/share/pf/queue1 to show how cool pf+altq is.
+
- Stop authpf(8) accepting non-interactive sessions.
+
- 'pfctl -v' displays altq and queue lines, including child queue assignment.
+
- Match the queue to the return type (icmp-unreach or RST) for pf(4) block rules.
+
- Use a quad_t instead of an int, and fix rlimit sizing for >2GB machines.
+
+
- Fix some strncpy(3) lengths in telnetd(8).
+
- Add _tokenadm and _radius groups so their respective login programs can be setgid instead of setuid(root).
+
- Add _shadow group and change group and mode of /etc/spwd.db to match
+
- Add atoll(3) and strerror_r(3) to libc.
+
- Add simple multiple-card load balancing to crypto(9) and add a simplified driver registration API.
+
- Some int -> unsigned int in isakmpd(8).
+
- New -n option for syslogd(8) to disable DNS lookups.
+
+
- Correct a format string bug in routed(8)'s, er, Makefile.
+
- Fix at(1) breakage when two jobs are set for the same time.
+
- Correct a use-before-init in xterm(1).
+
+
- Create a simple lookup table mechanism [dev/pci/pci.c:pci_matchbyid()] to match PCI device IDs, and have several drivers use it.
+
- vi(1) catalog updates: Fix Russian, add Polish and Ukrainian.
+
- Fix an off-by-one when reading ICMP types and codes by name in pfctl(8).
+
+
- Merge of altq(9) and pf(4), still some work left to do.
+
- Don't overwrite SIG{INT,QUIT,TERM} handlers in ssh(1) if they're set to ignore. This mirrors rsh(1) behaviour.
+
+
+
- Make sure skey(1) issues a fake challenge for a user without an S/Key file.
+
+
- Enable the pthread library, but install it as libnpthreads so autoconf scripts don't pick it up and use it with -lpthread as well as using -pthread.
+
- In ftpd(8), prohibit user id changes once logged in, and run more stuff as the logged-in user.
+
- Add 'Default-Phase-1-Configuration' to isakmpd(8).
+
- Be more careful when loading RSA1 key files in ssh(1).
+
+
- Fix isakmpd(8)'s handling of multiple values and continuation lines.
+
- Improvements to ld.so(1) symbol lookup failure messages.
+
- Allow DNS queries from the initial rulebase loaded by /etc/rc, so pfctl(8) can load at boot-time rulebases containing DNS entries.
+
+
- SECURITY FIX: A buffer overflow in named(8) could allow an attacker to execute code with the privileges of named. On OpenBSD, named runs as a non-root user in a chrooted environment which mitigates the effects of this bug.
+ A source code patch is available.
+ [Applied to stable]
+ - Create links from curses(3) libs to ncurses, to satisfy autoconfiguration scripts that expect the latter instead of checking properly.
+
- pf(4) scrub rules now are subject to the same list expansion as other rules.
+
- Add label macro '$if' to pf.conf(5), now we can have interfaces in expansion lists.
+
- Add some missing pointer initialisations in pfctl(8).
+
+
- Add a null transform to crypto(4), enabled via sysctl kern.cryptodevallowsoft=1.
+
- Fix systrace(1)'s determination of the execve(2) filename.
+
- Kernel IPsec code checks for short IP headers.
+
+
+
+
- systrace(1) checks for invalid system call numbers.
+
+
- Make su(1)'s login emultation mode work even more like login(1).
+
- Avoid a possible reference count leak in kernel file descriptor code.
+
- Remove bogus operations on the not-yet-existent file descriptor table in libc_r.
+
+
- Implement simple vnodeops inheritance for specfs and fifofs,
+
- ftp(1) can now follow HTTP redirects.
+
- Have scp(1) properly reflect check the exit status of its ssh(1) process if an error occurs.
+
- Fix some invalid pointers in pf(4)'s ioctl(2) handler.
+
- Stop makewhatis(8) moaning about non-existent directories.
+
- Don't use the HostbasedAuthentication switch to ssh-keysign(8); instead, add new option EnableSSHKeysign to ssh_config(5).
+
+
- Have groupdel(8) check that the named group exists.
+
- Allow '$' as the last character of a username, to appease Samba.
+
- Make sshd(8)'s -e option (log to stderr) work.
+
- Make the minimum file rotation size 512 bytes instead of 512Kbytes...
+
- Rearrange payload length check for ESP packets so packets with NULL encryption are tested also.
+
+
- Don't allow a simple non-existent server to crash altqstat(1).
+
+
- Solve problems static linking with -lpthread. (-static -pthread still broken.)
+
- Stop up a couple of memory leaks in isakmpd(8).
+
- Fix a few bugs in mount(8), and make its command line arguments handling more consistent.
+
- Keep a correct reference count to the file referenced by ioctl(2) under SVR4 emulation.
+
+
+
- Gracefully handle broken firewalls that block ECN-enabled TCP sessions by falling back to non-ECN.
+
- Some thread-safety fixes to libc.
+
- Add a cast to handle properly size_t larger than u_int in ssh(1).
+
- Fix some problems gzip(1) had displaying information on files > 2GB.
+
+
- Serve pf(4) a strong draught of CIDR (e.g. can use 10/8 now instead of 10.0.0.0/8.)
+
- -STABLE branch created for 3.2. smrsh, pfbridge and kadmind errata fixes applied to it.
+ - When checking a filename in ssh(1), don't fail when realpath(3) for the user's home directory - this happens legitimately when using AFS.
+
+
- Do a better job when comparing dynamic addresses in pf(4).
- In pf(4) AF macros, operate on the whole address (all 128 bits) unless AF_INET is set.
@@ -74,6 +268,7 @@
- Remove a bogus test in dd(1) that stopped a perfectly legal seek on a character device.
- Merge OpenSSL 2.2.18, fixing a cross-site scripting bug and two off-by-ones.
+
- Add a missing break statement in systrace(1)'s arguments parsing code.
- Add getdents64() support under Linux emulation.
@@ -107,7 +302,8 @@
- Fix a null deref in libc_r.
- Make sure the user process tally is right when kernel stack space can't be allocated for the new proc.
- Correctly count the total number of processes in the system.
-
- Fix a remotely exploitable buffer overflow in kadmind(8).
+ - SECURITY FIX: A buffer overflow can occur in the kadmind(8) daemon, leading to possible remote crash or exploit.
+ A source code patch is available.
[Applied to stable]
- Add partial support for the 21145 chip to dc(4).
@@ -148,7 +344,9 @@
- In the X server, work around problems caused by certain MTRR configurations whose details are only available under NDA.
- Kernel tweaks and hacks in preparation for GCC 3.x (kern/subr_prf.c)
-
- Some fixes in pool(9).
+
- A logic error in the pool(9) kernel memory allocator could cause memory corruption in low-memory situations, causing the system to crash.
+ A source code patch is available.
+ [Applied to stable]
- pf(4) can now binat a whole netblock with one rule.
- Remove a potential null pointer deref in BSD authentication code.
@@ -162,12 +360,16 @@
- Catch some endianness nits and add zero-padding of keys in wi(4).
- Teach ALTQ CBQ the pf(4) API. The old API remains for now.
-
- Fix memory corruption that could cause panics in bridge(4)d systems with scrub enabled.
+
- RELIABILITY FIX: Network bridges running pf with scrubbing enabled could cause mbuf corruption, causing the system to crash.
+ A source code patch is available.
+ [Applied to stable]
- Fix a bug in m_tag_copy_chain().
- Hush up noisy IPv6 neighbor discovery. Can be made loud again using sysctl net.inet6.icmp6.nd6_debug.
-
- In Sendmail, fix a potential bypass of smrsh(8) (see the Sendmail.org advisory.)
+
- SECURITY FIX: An attacker can bypass the restrictions imposed by sendmail's restricted shell, smrsh(8), and execute arbitrary commands with the privileges of his own account.
+ A source code patch is available.
+ [Applied to stable]
- Make predicates part of systrace(1)'s grammar.
- Start work on a merge of altq(9) and pf(4) functionality. Oh yes.
@@ -195,6 +397,7 @@
- Give window(1) the stdarg treatment.
- When routing via pf(4), use the outgoing interface as decided by the normal routing code, not the interface to which the rule applies.
- Fix cross-site scripting vulnerability (CAN-2002-0840) in the default error page of httpd(8). Only applies under specific (and non-OpenBSD default) conditions.
+ [Applied to stable]
- In kernel IP processing, block interrupts with splsoftnet(9) around interface address routing table manipulations.
- Make sure wi(4) doesn't accept out-of-range TX keys.
@@ -232,7 +435,7 @@
www@openbsd.org
-
$OpenBSD: plus.html,v 1.849 2002/11/13 21:26:19 deraadt Exp $
+
$OpenBSD: plus.html,v 1.850 2002/12/09 01:48:36 deraadt Exp $