===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.893
retrieving revision 1.894
diff -u -r1.893 -r1.894
--- www/plus.html 2003/11/21 03:30:49 1.893
+++ www/plus.html 2003/12/08 06:21:34 1.894
@@ -53,10 +53,73 @@
We are working on OpenBSD-current.
-The following list sums up (almost) all the changes made up to November 10.
+The following list sums up (almost) all the changes made up to November 21.
+
+- Also give cmp(1) and patch(1) the madvise(2) sequential treatment.
+
- Speed up install(1) by using madvise(2) with the MADV_SEQUENTIAL flag.
+
- Fix httpd(8) mod_access IP address tests on sparc64.
+
- New -o option to kvm_mkdb(8), to put the database somewhere other than /var/db.
+
- Fix return code from diff(1) when the -i option is in use.
+
+
- Build ftp(1) statically linked, to help out when things go wrong.
+
- RELIABILITY FIX: An improper bounds check makes it possible for a local user to cause a crash by passing the semctl(2) and semop(2) functions certain arguments.
+ A source code patch is available.
+ [Applied to stable]
+ - RELIABILITY FIX: It is possible for a local user to cause a crash via sysctl(3) with certain arguments.
+ A source code patch is available.
+ [Applied to stable]
+ - Add gcc(1) flags -fnobuiltin-{log,print} for kernel builds on some architectures, the others to be done as test results are collected.
+
- Re-enable build of named(8)'s DNSSEC programs.
+
+
- More wdc(4) probe fixes, sync'ing with NetBSD.
+
- Fix timed(8) breakage caused by the change from select(2) to poll(2).
+
+
- Add rc(8) startup for sensorsd(8).
+
- Merge in BIND v9.2.3.
+
- In crypto(3), enable assembler BN functions on vax, and assembler for most things on i386.
+
- Fix password blinding for non-existent users in sshd(8).
+
- Add new lightweight kernel reader/writer lock code, not used for anything yet.
+
- Performance improvements to pool(9).
+
- In sshd(8), fix the test for a valid authentication context when processing -R port forwards.
+
+
- Fix unnecessary delays in wdc(4)'s device probe. From NetBSD.
+
- Fix a missing initialisation in libkvm.
+
- Don't expose the contents of named(8)'s rndc.key file when diff'd by security(8).
+
- Merge in Apache 1.3.29 and mod_ssl 2.8.16.
+
- Add a missing bounds check and fix an int overflow in compat_ibcs2(8) (not enabled by default.)
+ [Applied to stable]
+ - Two more non-portable extensions to bc(1): Add new boolean operators, and allow relational operators to appear anywhere.
+
- Add drop operator 'R' to dc(1).
+
- Replace ssh(1) authentication mechanism 'gssapi' with 'gssapi-with-mic'.
+
+
- pf(4) stateful connections for generic protocols now work for IPv6 as well as IPv4.
+
- Pull in a patch from XFree86 4.3, preventing a crash on Riva128 cards.
+
- Remove win32 support files from the BIND tree.
+
+
- Set the atime, ctime and mtime of the kernfs boottime file to, uh, the boot time. Useful for find(1).
+
- Fix savecore(8) on big-endian 64-bit architectures.
+
- More fine-grained CPU type detection on i386.
+
- Test for a NULL return from getpass(3) in bdes(1), pppctl(8) and tn3270(1).
+
+
- Fix bogus read(2) error check in mg(1) when writing a backup file.
+
- Let compress(1) inflate multiple concatenated files just like GNU gzip.
+
- Support in dc(1) for boolean operations soon to appear in bc(1).
+
- Allow the pfctl(8) debug level to be set from pf.conf(5) with 'set debug'.
+
- Some fixes in the ssh(1) GSSAPI client code.
+
- Don't include the KAME interface index (used for IPv6 link-local addresses) in the carp(4) HMAC value.
+
+
- Strip out some slightly pointless tests in wdc(4) for an 8-bit value < n, where n > 255.
+
- Fix a bug in bc(1)'s print statement that left garbage on dc(1)'s stack.
+
- Make bc(1)'s exponentiation operator '^' right- instead of left-associative.
+
+
- Fix a potential DoS in ftpd(8) where an attacker could tie up the data port for long periods. From FreeBSD.
+ [Applied to stable]
+ - New behaviour for ssh(1) option VerifyHostKeyDNS, allowing implicit trust for DNSSEC-verified SSHFP records.
+
- Have scp(1) pass through the -q flag to its underlying ssh(1) process, suppressing SSH2 banners.
+
- Merge in OpenSSL 0.9.7c.
- Some nonportable syntactic sugar for dc(1) and bc(1).
- free(9)ing stack variables is a bad idea, don't do it in ubsa(4).
@@ -481,7 +544,7 @@
www@openbsd.org
-
$OpenBSD: plus.html,v 1.893 2003/11/21 03:30:49 deraadt Exp $
+
$OpenBSD: plus.html,v 1.894 2003/12/08 06:21:34 deraadt Exp $