version 1.1445, 2019/06/26 19:31:23 |
version 1.1446, 2019/07/31 19:43:48 |
|
|
<p> |
<p> |
|
|
<ul> |
<ul> |
|
<!-- 2019/07/15 --> |
|
<li>Made <a href="https://man.openbsd.org/realpath">realpath(3)</a> posixly correct by changing the kernel implementation not to succeed on final path components which do not exist. |
|
<li>Added support for PKCS8 as an optional format for storage of private <a href="https://man.openbsd.org/ssh">ssh(1)</a> keys, enabled via <code>ssh-keygen -m PKCS8</code>. |
|
<li>Added tls-cert-bundle option to <a href="https://man.openbsd.org/unbound.conf">unbound.conf(5)</a>. TLS connections are not reused by <a href="https://man.openbsd.org/unbound">unbound(8)</a>, so TCP and TLS handshakes will disproportionately increase latency compared to UDP. |
|
<li>Fixed a direct map bug affecting amd64 machines with greater than 1023GB physical memory. |
|
<!-- 2019/07/14 --> |
|
<li>Provided a notification to stderr to indicate messages have been shown when <a href="https://man.openbsd.org/mandoc">mandoc(1)</a> output is printed without a pager, to indicate messages may have preceded the output. |
|
<li>Added an interface to set/update a data property to <a href="https://man.openbsd.org/ldomctl">ldomctl(8)</a>. |
|
<!-- 2019/07/13 --> |
|
<!-- 2019/07/12 --> |
|
<li>Ensured that <a href="https://man.openbsd.org/sndiod">sndiod(8)</a> will not lose track of which volume controls belong to different instances of the same program upon disconnection and reconnection. |
|
<li>Included SHA2-variant RSA key algorithms in KEX proposal, allowing <a href="https://man.openbsd.org/ssh-keyscan">ssh-keyscan(1)</a> to harvest keys from servers that disable SHA1 ssh-rsa. |
|
<!-- 2019/07/11 --> |
|
<li>Added access to <a href="https://man.openbsd.org/timeout">timeout(9)</a> status and statistics to <a href="https://man.openbsd.org/sysctl">sysctl(2)</a>, allowing throughput tracking of the timeout layer from userspace. |
|
<li>Restricted filesystem access for <a href="https://man.openbsd.org/dhclient">dhclient(8)</a> using <a href="https://man.openbsd.org/unveil">unveil(2)</a>. |
|
<!-- 2019/07/10 --> |
|
<li>Enforced a per connection limit of 128 SACK holes managed at the <a href="https://man.openbsd.org/tcp">tcp(4)</a> socket, further preventing an unlikely attack where the lists of SACK options grow due to an attacker attaching all sack holes to a limited number of TCP connections, consuming CPU. |
|
<li>Added the missing <a href="https://man.openbsd.org/openssl">openssl(1)</a> option <code>dsa -modulus</code>. |
|
<li>Ensured that <a href="https://man.openbsd.org/uvideo">uvideo(4)</a> devices are allowed sufficient probe buffer size for the given version. |
|
<li>Implemented Linux <a href="https://man.openbsd.org/kthread">kthread(9)</a> <a href="https://man.openbsd.org/drm">drm(4)</a> interfaces. |
|
<!-- 2019/07/09 --> |
|
<li>Added OpenBSD::Unveil, a perl interface to <a href="https://man.openbsd.org/unveil">unveil(2)</a>. |
|
<!-- 2019/07/08 --> |
|
<li>Fixed a <a href="https://man.openbsd.org/vfs">vfs(9)</a> unlinking failure due to <a href="https://man.openbsd.org/unveil">unveil(2)</a>, which led to a file system which could not be unmounted. |
|
<!-- 2019/07/07 --> |
|
<li>Added support for version 3.0 of the 'mdstore' protocol to <a href="https://man.openbsd.org/ldomctl">ldomctl(8)</a>. |
|
<li>Fixed a race condition in <a href="https://man.openbsd.org/mpii">mpii(4)</a> devices by waiting for ports to finish scanning. |
|
<li>Added user instructions to manually run <code>/usr/libexec/reorder_kernel</code> in case of <a href="https://man.openbsd.org/syspatch">syspatch(8)</a> kernel update failure. |
|
<li>Handled unreliable ntp peers by removing them from the pool upon non-response in <a href="https://man.openbsd.org/ntpd">ntpd(8)</a>, preserving good peers and re-resolving to find a replacement. |
|
<!-- 2019/07/06 --> |
|
<!-- 2019/07/05 --> |
|
<li>Modified octeon to allow all network interfaces for root device selection when there is no explicit device class match for a given boot device. |
|
<li>Improved file cleanup code for <a href="https://man.openbsd.org/syslogd">syslogd(8)</a> that had been blocked by <a href="https://man.openbsd.org/unveil">unveil(2)</a>, preserving the ability to remove a stale <code>/var/run/syslog.pid</code> file. |
|
<li>Prevented a panic with <a href="https://man.openbsd.org/bwfm">bwfm(4)</a> devices due to an overflowing async ring buffer. |
|
<!-- 2019/07/04 --> |
|
<li>Added <a href="https://man.openbsd.org/aggr">aggr(4)</a>, a dedicated driver to implement 802.1AX link aggregration. |
|
<li>Fixed a <a href="https://man.openbsd.org/free">free(3)</a> size panic when detaching a crypto <a href="https://man.openbsd.org/softraid">softraid(4)</a> volume on i386. |
|
<li>Updated the mac/vlan filters appropriately when the mac address changes on an <a href="https://man.openbsd.org/ixl">ixl(4)</a> device. |
|
<li>Added server time.cloudflare.com to <a href="https://man.openbsd.org/ntpd.conf">ntpd.conf(5)</a>. |
|
<!-- 2019/07/03 --> |
|
<li>Improved handling of Raven, Raven2 and Picasso <a href="https://man.openbsd.org/amdgpu">amdgpu(4)</a> devices. |
|
<li>Added <a href="https://man.openbsd.org/tsleep_nsec">tsleep_nsec(9)</a>, <a href="https://man.openbsd.org/msleep_nsec">msleep_nsec(9)</a> and <a href="https://man.openbsd.org/rwsleep_nsec">rwsleep_nsec(9)</a>, which take timeouts in nanoseconds and use INFSLP to indicate a timeout should not be set. |
|
<li>Stopped a segfault in <a href="https://man.openbsd.org/mandoc">mandoc(1)</a> when /tmp is not writable. |
|
<li>Locked the kernel when removing file descriptors from the descriptor table, preventing a race with <a href="https://man.openbsd.org/kevent">kevent(2)</a>. |
|
<!-- 2019/07/02 --> |
|
<li>Fixed a bug in <a href="https://man.openbsd.org/pf">pf(4)</a> where the next hop interface configured with 'route-to' was not used when using source address tracking. |
|
<li>Added thermal zone handling code to link together thermal sensors and cooling devices to actively or passively cool devices. Registered <a href="https://man.openbsd.org/cpu">cpu(4)</a> as a cooling device to support passive cooling and <a href="https://man.openbsd.org/rktemp">rktemp(4)</a> as a thermal sensor. |
|
<!-- 2019/07/01 --> |
|
<li>Switched the default compiler on octeon to <a href="https://man.openbsd.org/clang">clang(1)</a>. |
|
<li>Merged Mesa 19.0.8. |
|
<li>Stored the current filter parameter in the <a href="https://man.openbsd.org/smtpd">smtpd(8)</a> session, fixing a bug where filters in a chain received a null parameter. |
|
<!-- 2019/06/30 --> |
|
<li>Reintroduced ifiq_input counting backpressure by counting the number of times a nic has tried to queue packets before the stack processes them as a measure of load on the network stack, and beginning to drop packets when the load is too high. |
|
<li>Implemented proper HDMI audio support for serial DVO. |
|
<!-- 2019/06/29 --> |
|
<!-- 2019/06/28 --> |
|
<li>Updated libexpat to 2.2.7, including a fix for a potential denial-of-service attack (CVE-2018-20843). |
|
<li>Modified amd64 and i386 to write back and invalidate caches before updating CPU microcode and added a compiler-level memory barrier to the instruction. |
|
<li>Merged Unbound 1.9.2. |
|
<li>Fixed a problem with the <a href="https://man.openbsd.org/bgpd">bgpd(8)</a> session engine which caused it to spin with a poll timeout of 0. |
|
<!-- 2019/06/27 --> |
|
<li>Enabled MSI-X interrupts. |
|
<!-- 2019/06/26 --> |
|
<li>Allowed additional <a href="https://man.openbsd.org/video">video(4)</a> ioctls for the video pledge needed by chromium. |
|
<li>Fixed sign handling in emulated floating point operations on sparc64. |
|
<li>Added support for OCSP stapling to <a href="https://man.openbsd.org/relayd'>relayd(8)</a>. |
|
<!-- 2019/06/25 --> |
|
<li>Added support for bypassing iommu translation on sparc64, providing potentially substantial performance improvements. |
|
<li>Implemented suspend/resume support for MSI-X interrupts. |
|
<li>Fixed an endless loop of peer_down errors on <a href="https://man.openbsd.org/bgpd">bgpd(8)</a> due to an uninitialized peer id. |
|
<li>Removed irrfilter from <a href="https://man.openbsd.org/bgpctl">bgpctl(8)</a>. Other tools can be used to generate AS and prefix sets based on IRR data, such as bgpq3 (in ports). |
<!-- 2019/06/24 --> |
<!-- 2019/06/24 --> |
<li>Added the <a href="https://man.openbsd.org/glkgpio">glkgpio(4)</a> driver for the gpio controllers on Intel's Gemini Lake SoC. |
<li>Added the <a href="https://man.openbsd.org/glkgpio">glkgpio(4)</a> driver for the gpio controllers on Intel's Gemini Lake SoC. |
<li>Stopped retrying to get the usb descriptor in usbd_new_device() when the call times out, making reattaching USB at resume happen more quickly. |
<li>Stopped retrying to get the usb descriptor in usbd_new_device() when the call times out, making reattaching USB at resume happen more quickly. |