version 1.841, 2002/08/27 21:27:35 |
version 1.842, 2002/09/16 20:50:25 |
|
|
|
|
<p> |
<p> |
<h3><font color=#0000e0>We are working on OpenBSD-current.</font></h3><p> |
<h3><font color=#0000e0>We are working on OpenBSD-current.</font></h3><p> |
The following list sums up (almost) all the changes made up to August 23. |
The following list sums up (almost) all the changes made up to September 15. |
<ul> |
<ul> |
|
|
|
<li>Periodically save changes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a> policies. |
|
<li>Various fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=newsyslog&sektion=8">newsyslog(8)</a>. |
|
<li>Re-sync the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=siop&sektion=4">siop(4)</a> driver with NetBSD. |
|
<li>Signal fixes in libevent. |
|
<!-- ^^^ 20020915 --> |
|
<li>Merge in Sendmail 8.12.6. |
|
<li>Give stdio's __cleanup handlers the same mprotect() treatment as <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=atexit&sektion=3">atexit(3)</a> now receives. |
|
<li>Further tweaks to handling of address families in NAT rules. Try to infer the AF from the rule, if that fails then require the user to specify it. |
|
<li>Various fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cy&sektion=4">cy(4)</a>. |
|
<li>Merge in OpenSSL-0.9.7-stable-SNAP-20020911, bump libcrypto minor version. |
|
<!-- ^^^ 20020914 --> |
|
<li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=newsyslog&sektion=8">newsyslog(8)</a> rotating logfiles that only contain logfile rotation messages. |
|
<!-- ^^^ 20020913 --> |
|
<li>License fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pppd&sektion=8">pppd(8)</a>, nearly there now. |
|
<li>Add -H option to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=identd&sektion=8">identd(8)</a> which hides info for non-existent users as well as existing ones. Useful when NATing. |
|
<li>Remove the need for /dev/null and /etc/localtime in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a>'s chroot jail. |
|
<li>Add 'antispoof' keyword to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a>. Oh yes. |
|
<li>Improvements to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a>'s netmask handling. |
|
<!-- ^^^ 20020912 --> |
|
<li>Add a missing pointer initialisation in in6_ifdetach(). |
|
<li>Make the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a> client's ls command useful, with globbing and short/long listings. |
|
<li>Fix initialisation of Broadcom 582x chips by <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ubsec&sektion=4">ubsec(4)</a>. |
|
<!-- ^^^ 20020911 --> |
|
<li>Various signedness fixes. |
|
<li>Versioning info moves to 3.2-beta. |
|
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&sektion=1">ssh-agent(1)</a> check the peer using <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getpeereid&sektion=2">getpeereid(2)</a>. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pmap&sektion=9">pmap</a>_{copy,zero}_page API changes. |
|
<li>Merge in OpenSSL 0.9.7beta3. |
|
<!-- ^^^ 20020910 --> |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=amd&sektion=8">amd(8)</a> now creates a socket listening on 127.0.0.1 as well as one on *, and only responds to amq requests on the former. |
|
<li>Add support for the Silicon Image 680 ATA133 chip to the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pciide&sektion=4">pciide(4)</a> driver. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a> now supports Kerberos authentication in PrivSep mode. |
|
<!-- ^^^ 20020909 --> |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>'s parser takes more care parsing address families in NAT rules. |
|
<li>Add leap second support to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rdate&sektion=8">rdate(8)</a> running in RFC868 mode (it already supports this in NTP mode with the -N option.) |
|
<li>Correct <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=altq&sektion=9">altq(9)</a>'s representation of positive infinity. |
|
<!-- ^^^ 20020908 --> |
|
<li>Signal handler fixes in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bootpd&sektion-8">bootpd(8)</a><!-- on 20020908 -->, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rtadvd&sektion-8">rtadvd(8)</a><!-- on 20020909 --> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rtsold&sektion=8">rtsold(8)</a><!-- on 20020907 -->. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=faithd&sektion=8">faithd(8)</a> dies on FD_SET overruns. |
|
<li>Fix a couple of off-by-ones in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mopd&sektion=8">mopd(8)</a>. |
|
<!-- ^^^ 20020907 --> |
|
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fsck&sektion=8">fsck(8)</a> work properly with long block device filenames (handle MAXPATHLEN chars instead of 32.) |
|
<li>Don't build the somewhat less than ubiquitous <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=photurisd&sektion=8&release=OpenBSD+3.1">photurisd(8)</a> by default any more. |
|
<li>Lots and lots of ANSIfication. |
|
<li>Lots of int -> socklen_t. |
|
<li>Some signedness fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=arp&sektion=8">arp(8)</a>. |
|
<li>Repair a missing msglog() arg in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=routed&sektion=8">routed(8)</a>. |
|
<!-- ^^^ 20020906 --> |
|
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ahc&sektion=4">ahc(4)</a>'s interrupt sharing. |
|
<li>lib<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=usbhid&sektion=3">usbhid(3)</a> now available in the shared variety. |
|
<li>Don't allow data to be appended to the receive buffer of a socket that's been shut down (see NetBSD <a href="http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=18185">PR#18185</a>.) |
|
<li>Merge in OpenSSL 0.9.7beta1. To be continued. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a> interoperability fixes for FreeS/WAN and SSH Sentinel. |
|
<!-- ^^^ 20020905 --> |
|
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rwalld&sektion=8">rwalld(8)</a> revoke its group privileges as well as user privs. |
|
<li>Don't install safe_finger any more. |
|
<li>Add support for the SCSI Reduced Block Command Set (RBC.) |
|
<li>Bump <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>'s LoginGraceTime from one minute to two. |
|
<li>Various compatibility fixes and additions to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ubsec&sektion=4">ubsec(4)</a>. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ifconfig&sektion=8">ifconfig(8)</a> can now set whether or not use of IPv6 deprecated addresses are allowed. |
|
<!-- ^^^ 20020904 --> |
|
<li>_x11 user and group added for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xdm&sektion=1">xdm(1</a> to use. |
|
<li>Pull in XFree86's fix for a serious Xlib security bug (which didn't affect OpenBSD.) |
|
<li>Fix parsing of NAT port ranges. |
|
<li>Check the interface specified with route-to/dup-to/fastroute actually exists. If it does, null terminate its name before moving on. |
|
<!-- ^^^ 20020902 --> |
|
<li>Fix an uninitialised pointer bug in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld.so&sektion=1">ld.so(1)</a>. |
|
<li>The X server now tries to open the aperture driver before trying /dev/mem. Re-enable early privilege drop on i386. |
|
<!-- ^^^ 20020901 --> |
|
<!-- ^^^ 20020831 --> |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=traceroute&sektion=8">traceroute(8)</a> now warns if DNS returns multiple addresses, like traceroute6. |
|
<li>Add support for the Promise Ultra133 TX2 EIDE controller. |
|
<li>Fix an mbuf leak in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a>. |
|
<li>Reenable the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=atexit&sektion=3">atexit(3)</a> handler improvements backed out on 31 July. |
|
<li>Add -I option to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=traceroute6&sektion=8">traceroute6(8)</a> to get ICMP probes instead of UDP. |
|
<!-- ^^^ 20020830 --> |
|
<li>Further reduce the amount of time <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> runs as root when installed setuid. |
|
<li>Fudge <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a> so it only honours the requirement to check against a CRL if there is a CRL loaded... |
|
<!-- ^^^ 20020829 --> |
|
<li>Update the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rt&sektion=4">rt(4)</a> Radiotrack driver, add isapnp support. |
|
<li>Some casts to make 64-bit kernel work with varargs calls. |
|
<!-- ^^^ 20020828 --> |
|
<li>Fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gem&sektion=4">gem(4)</a>. |
|
<li>Properly limit EDNS0 size to 0xffff. |
|
<li>Fix a signedness problem in SSH so that <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=RSA_public_decrypt&sektion=3">RSA_public_decrypt(3)</a> errors can be detected. |
|
<li>Make X's module loader set PROT_EXEC using <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mprotect&sektion=2">mprotect(2)</a> on malloc'd pages containing code (needed since the heap is now mapped without PROT_EXEC.) |
|
<li>DNS responses from <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getaddrinfo&sektion=3">getaddrinfo(3)</a>, gethostby*() and getnetby*() now get a 64K receive buffer.<br> |
|
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
|
<!-- ^^^ 20020827 --> |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=traceroute6&sektion=8">traceroute6(8)</a> warns if DNS returns multiple IP addresses for the target. |
|
<li>Do a yyrestart() after a longjmp in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pcap&sektion-3">pcap(3)</a>. |
|
<li>Fix a dangling pointer bug in sbcompress(). |
|
<li>Make the X server option NoSilkenMouse work again. |
|
<!-- ^^^ 20020826 --> |
|
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=portmap&sektion=8">portmap(8)</a> detect failure of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=svc_register&sektion=3">svc_register</a> and die nicely. |
|
<li>X aperture driver for Alpha, works like i386. |
|
<!-- ^^^ 20020824 --> |
|
<li>Skeleton <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld.so&sektion=1">ld.so(1)</a> support for ELF in i386. Not enabled, nor is it promised anytime soon. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld.so&sektion=1">ld.so(1)</a> warns about symbol size mismatches. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=inet_ntop&sektion=3">inet_ntop(3)</a> handles snprintf errors properly. |
<li>Map the heap non-executable. |
<li>Map the heap non-executable. |
<!-- ^^^ 20020823 --> |
<!-- ^^^ 20020823 --> |
<li>Change the way FREF() and FRELE() are called w.r.t. getvnode() (see <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=file&sektion=9">file(9)</a>.) |
<li>Change the way FREF() and FRELE() are called w.r.t. getvnode() and getsock(). |
<li>Fix a locking problem that can occur when an executable tries to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=exec&sektion=3">exec(3)</a> itself. |
<li>Fix a locking problem that can occur when an executable tries to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=exec&sektion=3">exec(3)</a> itself. |
<li>Avoid a potential int overflow in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=comsat&sektion=8">comsat(8)</a> |
<li>Avoid a potential int overflow in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=comsat&sektion=8">comsat(8)</a> |
<li>Make the resolver ignore DNS AAAA replies containing IPv4-mapped addresses. |
<li>Make the resolver ignore DNS AAAA replies containing IPv4-mapped addresses. |
|
|
<li>Fix raw socket translation for Linux compatibility mode. |
<li>Fix raw socket translation for Linux compatibility mode. |
<li>Properly clear the argument list in pmdb. |
<li>Properly clear the argument list in pmdb. |
<li>Die on fd_set overrun in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mtrace&sektion=8">mtrace(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=map-mbone&sektion=8">map-mbone(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mrouted&sektion=8">mrouted(8)</a> (not built by default.) |
<li>Die on fd_set overrun in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mtrace&sektion=8">mtrace(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=map-mbone&sektion=8">map-mbone(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mrouted&sektion=8">mrouted(8)</a> (not built by default.) |
<li>When emulating Linux, don't have accept()ed sockets inherit flags from the listen socket. |
<li>When emulating Linux, don't have accept()ed sockets inherit flags from the listen socket.<br> |
|
<a href="stable.html">[Applied to 3.1-stable]</a> |
<li>Fix snprintf length in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslogd&sektion=8">syslogd(8)</a>. |
<li>Fix snprintf length in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslogd&sektion=8">syslogd(8)</a>. |
<li>Correct a sizeof bug in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=photurisd&sektion=8">photurisd(8)</a>. |
<li>Correct a sizeof bug in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=photurisd&sektion=8">photurisd(8)</a>. |
<li>Tweak IFF_PROMISC handling in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a> to avoid some unnecessary initialisations. |
<li>Tweak IFF_PROMISC handling in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a> to avoid some unnecessary initialisations. |