version 1.836, 2002/07/23 21:56:24 |
version 1.837, 2002/07/31 22:56:49 |
|
|
|
|
<p> |
<p> |
<h3><font color=#0000e0>We are working on OpenBSD-current.</font></h3><p> |
<h3><font color=#0000e0>We are working on OpenBSD-current.</font></h3><p> |
The following list sums up (almost) all the changes made up to July 16. |
The following list sums up (almost) all the changes made up to July 29. |
<ul> |
<ul> |
|
|
<li>Cardbus support for macppc. <!-- the macppc page still says it's not supported. --> |
<li>New 'PermitUserEnvironment' option for SSH. Off by default. |
<li>Fix graceful restarts of chrooted <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a>. |
<li>Add 'with or without modification' clause to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gprof&sektion=1">gprof(1)</a> licensing. |
|
<li>Sync with OpenSSL 0.9.6e-0.9.7 <a href="http://www.openssl.org/news/patch_20020730_0_9_7.txt">CHANGES file</a>. |
|
<li><font color="#e00000"><strong>SECURITY FIX: Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8">ssl(8)</a> library, as in the ASN.1 parser code in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypto&sektion=3">crypto(3)</a> library, all of them being potentially remotely exploitable.</strong></font><br> |
|
<a href="errata.html#ssl">A source code patch is available</a>.<br> |
|
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>, allow TCP flags to be specified in all rules that include TCP (before the rules had to be exclusively TCP.) |
|
<!-- ^^^ 20020730 --> |
|
<li>Fix a buffer overflow in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=backgammon&sektion=6">backgammon(6)</a>, and replace its gameplay algorithm. |
|
<li>Kill a kernel tty memory leak. |
|
<li>Super-cautious strcpy()->strlcpy() in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=exec&sektion=3">exec*(3)</a>. |
|
<li>Return failure if the parameters given to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=calloc&sektion=3">calloc(3)</a> would cause an overflow of size_t.<br> |
|
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
|
<li>Don't enable so many authentication methods by default in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=login.conf&sektion=5">login.conf(5)</a>. |
|
<li><font color=#e00000><strong>SECURITY FIX: A buffer overflow can occur in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xdr_array&sektion=3">xdr_array(3)</a> RPC code, leading to possible remote crash.</strong></font></br> |
|
<a href="errata.html#xdr">A source code patch is available</a>.<br> |
|
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
|
<li>Privilege drop in new X servers is disabled for now on x86 due to a problem with xf86OpenConsole(). |
|
<li>Support DMA for two more ServerWorks <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pciide&sektion=4">pciide(4)</a> devices. |
|
<li><font color=#e00000><strong>SECURITY FIX: A race condition exists in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pppd&sektion=8">pppd(8)</a> daemon which may cause it to alter the file permissions of an arbitrary file.</strong></font><br> |
|
<a href="errata.html#pppd">A source code patch is available</a>.<br> |
|
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mprotect&sektion=2">mprotect(2)</a> function pointers stored by <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=atexit&sektion=3">atexit(3)</a> to stop bad guys tweaking the exit handlers. |
|
<li>"undrugs" <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gpr&sektion=4">gpr(4)</a>. |
|
<li>Fix two off-by-one bugs in ext2fs. |
|
<li>Add ld.so support for sparc. |
|
<li>Lookup of ip6.arpa, then ip6.int for IPv6 reverse resolution. See <a href="http://www.ietf.org/rfc/rfc3152.txt">RFC3152</a> for why. |
|
<li>Small fix for GCC 3.1.1 in IPv4 checksum code. |
|
<!-- 20020729 --> |
|
<li>Apply the 'broken PCI burst-write' workaround to all <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=hifn&sektion=4">hifn(4)</a> 7811-based devices. |
|
<li>Show <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uftdi&sektion=4">uftdi(4)</a> how to use hardware and software flow control. |
|
<li>Fix a potential access-after-free() in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kue&sektion=4">kue(4)</a>. |
|
<!-- ^^^ 20020728 --> |
|
<li>/tmp/.X11-unix and /tmp/.ICE-unix are created in rc, owned by root, removing the need for root privs later on. |
|
<li>Again, this time in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld&sektion=1">ld(1)</a>, map BSS non-executable. |
|
<li>Rearrange the new XFree86 server so all tasks for which root privs are needed get done early in osinit(). Of course, revoke root right afterwards. |
|
<li>Add Dell-specific PERC (right) product IDs so that <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=aac&sektion=4">aac(4)</a> configures Dell PowerEdge 2650 RAID. |
|
<li>Add leapsecond support to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rdate&sektion=8">rdate(8)</a>'s NTP client. |
|
<!-- ^^^ 20020727 --> |
|
<li>The install/upgrade scripts no longer automatically mount NFS filesystems. |
|
<li>Kernel a.out code now allocates (mostly) non-executable BSS. |
|
<li>Miscellaneous fixes to several games. |
|
<li>Lots of work on the sparc64 <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=creator&sektion=4&arch=sparc64">creator(4/sparc64)</a> framebuffer driver. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> the order of the log and quick keywords is now irrelevant. |
|
<!-- ^^^ 20020726 --> |
|
<li>Allow X servers to be built without DGA. |
|
<li>At securelevel 2, stop an attacker from setting the clock forwards to within a year of the time it wraps around to zero. |
|
<li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=altq&sektion=9">altq(9)</a> to work on pre-Pentium x86 machines that lack pentium_mhz stuff. |
|
<li>Add a distrib note that due to major changes to the port, the sparc installer won't allow upgrades to 3.2 |
|
<li>Only include a single <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wscons&sektion=4">wscons(4)</a> font when building with option SMALL_KERNEL. |
|
<li>Add a few more RFC2142-suggested mailbox aliases. |
|
<li>Improve <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mg&sektion=1">mg(1)</a>'s filename handling. |
|
<li>More <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=hifn&sektion=4">hifn(4)</a> fixes. |
|
<li>Fix comparison bug in IPv6 multicast routing MTU check. |
|
<!-- ^^^ 20020725 --> |
|
<li>Correct bad sizeof() in kernel NFS code. |
|
<li>Checks for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=snprintf&sektion=3">snprintf(3)</a> return values < 0. |
|
<li>Improve <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a>'s uid/gid tracking. |
|
<li>Fix the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=csh&sektion=1">csh(1)</a> large directory fix. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>, help avoid a potential man-in-the-middle attack by showing all known host keys for a host when we're warning about an unknown host key. |
|
<li>Fix a TAILQ null deref in pmdb. |
|
<!-- ^^^ 20020724 --> |
|
<li>Make the second parameter to r?index()/strr?chr() an int instead of a char. |
|
<li>Stick a thread mutex around name lookups in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getaddrinfo&sektion=3">getaddrinfo(3)</a>. |
|
<li>Fix a <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a> double free(). |
|
<li>Cardbus support for macppc. |
|
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dc&sektion=4">dc(4)</a> cardbus reads. |
|
<li>Remove a signedness bug in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>'s handling of utmp_len (-u option.) |
|
<li>Fix some bugs in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pool&sektion=9">pool(9)</a>. |
|
<!-- ^^^ 20020723 --> |
|
<li>More additions to GNU <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=as&sektion=1">as(1)</a>, this time to make Ogle compile. |
|
<li>Fix graceful restarts of chroot'ed <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a>. |
|
<li>Have SSH fall back to the standard path if setusercontext() can't set it. |
|
<!-- ^^^ 20020722 --> |
|
<li>Add a sequence number to kernel messages for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a>. |
|
<li>Teach pmdb about corefiles. |
|
<!-- ^^^ 20020721 --> |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=noct&sektion=4">noct(4)</a> now works around NSP2000 PCI bridge brokenness. Fix a similar problem in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=hifn&sektion=4">hifn(4)</a>. |
|
<li>Drop the requirement for commas in many <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> lists, useful when used in conjunction with the new variable concat feature. |
|
<li>Implement string concatenation for variable declarations in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>. |
|
<li>Big change to the way signal trampolines are stored and called. |
<li>Add milter build support to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a>, see the Makefile. |
<li>Add milter build support to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a>, see the Makefile. |
|
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sudo&sektion=8">sudo(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=inetd&sektion=8">inetd(8)</a> die if setusercontext() fails. |
|
<!-- ^^^ 20020720 --> |
|
<li>Fix a disk masher bug in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=siop&sektion=4">siop(4)</a>, a little too late for some. |
|
<li>Don't install <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mk-amd-map&sektion=8&manpath=OpenBSD+3.1">mk-amd-map(8)</a> any more, we don't use it. And it's broken. |
<li>Merge Apache 1.3.26 and mod_ssl 2.8.10. |
<li>Merge Apache 1.3.26 and mod_ssl 2.8.10. |
<li>/etc/systrace directory added. |
<li>Have SSH remove fatal cleanups after calling fork(). |
|
<!-- ^^^ 20020719 --> |
|
<li>/etc/systrace directory added along with policies for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lpd&sektion=8">lpd(8)</a>. |
|
<li>Make OpenSSL use /bin/sh instead of $SHELL when running scripts. Not everyone uses a Bourne-like shell. |
|
<li>String handling and other fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rogue&sektion=6">rogue(6)</a>. |
|
<!-- ^^^ 20020718 --> |
|
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pax&sektion=1">pax(1)</a> -s replacement string truncation. |
|
<li>Fix a deref after free() in the kernel's routing socket code. |
|
<li>Add 'fdcache' to Apache, part of the work to make graceful restart work properly under the chroot(). |
|
<li>The search for a shorter rulebase continues, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> now recognises 'self' as an address, meaning all IPv4 and IPv6 addresses on all interfaces. |
|
<!-- ^^^ 20020717 --> |
|
<li>Fix wayward string termination in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rbootd&sektion=8">rbootd(8)</a>. |
|
<li>Fix a DIAGNOSTIC bug in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ffs_softupdates&sektion=4">ffs_softupdates(4)</a>, and also make panic() calls show the right type. |
|
<li>Some mbuf Fixes to the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=hifn&sektion=4">hifn(4)</a> driver, more fixes to come. |
|
<li>Add DES and 3DES to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=noct&sektion=4">noct(4)</a> as well. |
|
<li>Fix some broken memset() and lseek() calls. |
|
<!-- ^^^ 20020716 --> |
|
<li>Work around some limitations of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=noct&sektion=4">noct(4)</a> hardware. Add MD5 and SHA1 support. |
<li>Small additions to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=as&sektion=1">as(1)</a> to make <a href="http://www.gnupg.org/">gnupg</a> compile. |
<li>Small additions to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=as&sektion=1">as(1)</a> to make <a href="http://www.gnupg.org/">gnupg</a> compile. |
|
<li>Add some new users (names beginning with underscore) to replace user nobody for portmap, rstatd, identd, rusersd and fingerd. |
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=csh&sektion=1">csh(1)</a> directory completion SIGSEGV with large directories. |
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=csh&sektion=1">csh(1)</a> directory completion SIGSEGV with large directories. |
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=atrun&sektion=8">atrun(8)</a> part of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a>, removing the need for the atrun cronjob. |
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=atrun&sektion=8">atrun(8)</a> part of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a>, removing the need for the atrun cronjob. |
<li>More <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>: accept !<interface> syntax. Oh yes. |
<li>More <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>: accept !<interface> syntax. Oh yes. |
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=top&sektion=1">top(1)</a> now has a BSD license. |
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=top&sektion=1">top(1)</a> now has a BSD license. |
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> parser spots more silly combinations (return-rst on non-TCP rules, keep-state on block rules.) |
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> parser spots more silly combinations (return-rst on non-TCP rules, keep-state on block rules.) |
|
<!-- ^^^ 20020715 --> |
|
<li>Fix a double free in BSD authentication. |
|
<!-- XXX sendmail SuperSafe=... thing ? --> |
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftpd&sektion=8">ftpd(8)</a> always use high port numbers for passive data connections (no more -h option.) |
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftpd&sektion=8">ftpd(8)</a> always use high port numbers for passive data connections (no more -h option.) |
<li>The XFree86 3.3.x servers that are left now revoke their root privileges after getting I/O access. |
<!-- ^^^ 20020714 --> |
<li>Teach MMX (not SSE) to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=as&sektion=1">as(1)</a>. |
<li>Add SIGALRM to the list of signals that can be sent (after uid/euid checks) to set[ug]id child processes. |
<li>Add support for AGP GART on i386 (see <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vga&sektion=4">vga(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=options&sektion=4">options(4)</a>,) and enable by default. |
<li>Enable list expansion for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> NAT rules, broken since the pf.conf/nat.conf merge. |
<li>Make xterm revoke its root privileges, and install it setgid(utmp). |
<li>The XFree86 3.3.x servers that are left now revoke their root privileges right after getting I/O access. |
|
<li>Now that <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xterm&sektion=1">xterm(1)</a> drops its root privileges, install it setgid(utmp) for utmp updates. Revoke setgid too if not needed. |
|
<!-- ^^^ 20020713 --> |
<li>Fix at least one <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcpdump&sektion=8">tcpdump(8)</a> buffer overflow.<br> |
<li>Fix at least one <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcpdump&sektion=8">tcpdump(8)</a> buffer overflow.<br> |
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
|
<li>Teach MMX (not SSE) to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=as&sektion=1">as(1)</a>. |
|
<li>Add <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=radio&sektion=4">radio(4)</a> device attachment for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bktr&sektion=4&arch=i386">bktr(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fms&sektion=4">fms(4)</a>. |
|
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pcibios&sektion=4&arch=i386">pcibios(4)</a> detect and ignore a too-short PCI IRQ routing table header. |
|
<li>Changes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld.so&sektion=1">ld.so(1)</a>: Search order now always looks like a.out, destructors are called on dlclose(), move some libc-like functions into private namespace. |
|
<li>Add support for AGP GART on some i386 AGP chipsets (see <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vga&sektion=4">vga(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=options&sektion=4">options(4)</a>.) |
|
<li>Remove '\\' -> '\' translation in crontabs to keep the shell happy. |
|
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xterm&sektion=1">xterm(1)</a> revoke its root privileges. |
|
<li>Remove a race and some other bugs from the mountpoint locking code. <!-- ok art@ --> |
|
<li>Add some flags to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dohooks&sektion=9">dohooks(8)</a> and fix a time-honoured memory leak in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=hook_disestablish&sektion=9">hook_disestablish(9)</a>. |
|
<!-- ^^^ 20020712 --> |
|
<li>New, hard-won firmware image for the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=txp&sektion=4">txp(4)</a> driver. |
|
<li>Remove the www group's privileges to the mod_ssl mutex semaphore. |
|
<li>Really remove SuperProbe from X. |
<li>Create a skeleton UserDir tree under /var/www/users. |
<li>Create a skeleton UserDir tree under /var/www/users. |
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> chroot() and drop root privileges by default. |
<li>Have Apache initialise OpenSSL (opening /dev/crypto) before chroot. No more /var/www/dev/crypto. |
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> now accepts an interface in most of the places it can take an IP address, and picks up all the IPv4 <em>and</em> IPv6 addresses on that interface. |
<!-- ^^^ 20020711 --> |
|
<li>Basic IPv6 fragment support (no normalisation yet) in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>. |
|
<li>Correct a memcpy error in the kernel and ssh's Rijndael code. |
|
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a> filename intercepts work with chroot(). |
|
<li>Try to make resetting of USB ports work better. |
|
<li>Add fchmod translation support to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a>. |
|
<li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a> closing the std file descriptors when going daemon. |
|
<!-- ^^^ 20020710 --> |
|
<li>Fix ni6_nametodns() pointer bug in icmp6; NetBSD PR17540. |
|
<li>Add support in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uftdi&sektion=4">uftdi(4)</a> for FT8U232AM-based USB serial adapters, likewise add more devices to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uplcom&sektion=4">uplcom(4)</a>. |
|
<li>Fix miniroot typo that was breaking FTP installs. |
|
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sed&sektion=1">sed(1)</a>'s r command (PR2755.) |
|
<li>Add a daemon mode to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a>. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=udsbr&sektion=4">udbsr(4)</a> driver for D-Link radio cards added. |
|
<li>Add a timeout value to USB I/O calls, rather than having a systemwide timeout. |
|
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> chroot() and drop root privileges by default. A lot module chroot fixes to come. |
|
<li>Add syscall aliasing to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a> (e.g. stat/fstat/readlink/access/... become 'fsread'.) |
|
<li>Some fixes to <li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=umidi&sektion=4">umidi(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uscanner&sektion=4">uscanner(4)</a>. |
|
<li>Add SMC 2206 support to <li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=aue&sektion=4">aue(4)</a>. |
|
<li>Fix a potential off-by-five error in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a>. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> now accepts an interface in most of the places it can take an IP address, and picks up all the IPv4 and IPv6 addresses on that interface. |
|
<!-- ^^^ 20020709 --> |
|
<li>Don't try to load a 32-bit quart into a 16-bit pint register in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xl&sektion=4">xl(4)</a>. |
|
<li>Always load ELF binaries to the address at which they were linked. |
|
<li>Rig <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=opendir&sektion=3">opendir(3)</a>'s sort so it can't fail due to lack of memory. |
|
<li>Compatibility fixes for the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ubsec&sektion=4">ubsec(4)</a> 582x series. |
<li>Some updates to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a>. |
<li>Some updates to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a>. |
|
<li>Grab a security fix to bcopy/memcpy from FreeBSD. See their cvsweb entry for <a href="http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libc/i386/string/bcopy.S">bcopy.S</a>. |
|
<li>Work around <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tl&sektion=4">tl(4)</a>'s broken multicast filter. |
<li>Remove <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ab&manpath=OpenBSD+3.1">ab(1)</a> from the Apache installation. |
<li>Remove <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ab&manpath=OpenBSD+3.1">ab(1)</a> from the Apache installation. |
<li>Remove <a href="http://www.eecis.udel.edu/~ntp/">NTP</a> support from the kernel. |
<li>Remove <a href="http://www.eecis.udel.edu/~ntp/">NTP</a> support from the kernel. |
<li>Don't attempt to resubmit a structure we just freed in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&sektion=4">ipsec(4)</a> / <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipcomp&sektion=4">ipcomp(4)</a>. |
<li>Don't attempt to resubmit a structure we just freed in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&sektion=4">ipsec(4)</a> / <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipcomp&sektion=4">ipcomp(4)</a>. |