version 1.889, 2003/10/24 22:12:40 |
version 1.890, 2003/10/29 20:22:08 |
|
|
|
|
<p> |
<p> |
<h3><font color="#0000e0">We are working on OpenBSD-current.</font></h3><p> |
<h3><font color="#0000e0">We are working on OpenBSD-current.</font></h3><p> |
The following list sums up (almost) all the changes made up to September 17. |
The following list sums up (almost) all the changes made up to October 16. |
<p> |
<p> |
|
|
<ul> |
<ul> |
<li>Nothing yet.... |
<!-- ^ 20031017 --> |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=strlcpy&sektion=3">strlcpy(3)</a> -> <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=memcpy&sektion=3">memcpy(3)</a> for non-string buffers in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vi&sektion=1">vi(1)</a>, along with some extra paranoia. |
|
<li>Check for signals earlier in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mountd&sektion=8">mountd(8)</a>, so they can be handled before we <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=select&sektion=2">select(2)</a> until a mount request comes in. |
|
<li>New 'G' malloc.conf option to add a guard page after pagesize-or-larger chunks, and to return less-than-pagesize chunks in random order. |
|
<li>Better SATA support in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wdc&sektion=4">wdc(4)</a>. |
|
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=faithd&sektion=8">faithd(8)</a> args to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=poll&sektion=2">poll(2)</a>. |
|
<!-- ^ 20031016 --> |
|
<li>Fix a out-of-bounds read in libcurses. |
|
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tip&sektion=1">tip(1)</a> return the terminal to a sensible state on fatal errors. |
|
<li>Change <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=malloc&sektion=3">malloc(3)</a> so that it aborts the process on any error other than running out of memory. This is different to the 'A' malloc.conf switch that aborts on any error. |
|
<!-- ^ 20031015 --> |
|
<li>More randomness for temporary directories created by <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&sektion=1">ssh-agent(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>. |
|
<li>Switch on the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> DNS fingerprint (sshfp) lookup code, previously not build by default. Still needs switched on in the config file. |
|
<li>Make e.g. 'MAKEDEV tty08 - tty7f' work. |
|
<li>Only endian-flip the fragment offset once on IPv6 input. |
|
<!-- ^ 20031014 --> |
|
<li>Do a hardware receive checksum in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sk&sektion=4">sk(4)</a> too, working around the fact that sometimes the hardware gets it wrong. |
|
<li>On <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=em&sektion=4">em(4)</a> devices that support it, offload receive checksum calculation to the hardware. From FreeBSD. |
|
<li>Update timezone files again, this time to tzcode2003d. |
|
<li>Bring <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=brgphy&sektion=4">brgphy(4)</a> more in line with updates in FreeBSD and NetBSD, both bug fixes and additional device support. |
|
<li>Remember the filename given when using ^X^W in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mg&sektion=1">mg(1)</a>. |
|
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=shmat&sektion=2">shmat(2)</a> under Linux compat work as expected. |
|
<li>Fix a buffer overflow in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=timedc&sektion=8">timedc(8)</a>. Found by FreeBSD, fixed differently here. |
|
<!-- ^ 20031012 --> |
|
<li>Add division and modulus operator '~' to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dc&sektion=1">dc(1)</a>. |
|
<li>Remove GNU bc and dc from the tree. |
|
<li>Merge in expat 1.95.6 from XFree86 4.3.99.14. |
|
<li>Search for keys in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> agent in reverse order to solve duplicate key problems (OpenSSH bug #684.) |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> option ForwardX11 now has <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xauth&sektion=1">xauth(1)</a> generate untrusted keys by default. Option ForwardX11Trusted restores the old behaviour. |
|
<li>Change <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vnd&sektion=4">vnd(4)</a> major/minor numbering to allow more devices. Requires a MAKEDEV. |
|
<!-- ^ 20031011 --> |
|
<li>Do nfs-specific 'test -x' stuff in the right order in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ksh&sektion=1">ksh(1)</a> (PR#3465.) |
|
<li>More work on <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vr&sektion=4">vr(4)</a>. |
|
<li>Have the linker generate a warning when using 43compat's <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getwd&sektion=3">getwd(3)</a>. |
|
<li>Better calibration code for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=auich&sektion=4">auich(4)</a>. From FreeBSD/NetBSD. |
|
<!-- ^ 20031010 --> |
|
<!-- ^ 20031009 --> |
|
<li>Re-enable the random increment on the return value of uvm_map_hint() (called by <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uvm_map&sektion=9">uvm_map(9)</a>.) |
|
<li>Install a sample config file for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sensorsd&sektion=8">sensorsd(8)</a>. |
|
<li>Prevent symlink races in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a>. |
|
<li>Have GSSAPI default to off in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> client as well as the server. |
|
<li>Unbreak <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> on 64-bit architectures. |
|
<li>Hack <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> so digest authentication works with IE, Safari, etc. From FreeBSD. |
|
<li>Fix potential signedness bug in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fgets&sektion=3">fgets(3)</a> (PR#1709.) |
|
<!-- ^ 20031008 --> |
|
<li>Correct __bounded__ attributes for {MD4,MD5,RMD160,SHA1}DATA functions (PR#3505.) |
|
<li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=newfs&sektion=8">newfs(8)</a> to build small filesystems again by making sure ncyls >= 2. |
|
<li>Plug a memory leak in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=netstat&sektion=1">netstat(1)</a>. |
|
<li>Add nfs attribute cache tuning parameters to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mount_nfs&sektion=8">mount_nfs(8)</a> (Inspired by PR#2567.) |
|
<li>Kill a null deref in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=make&sektion=1">make(1)</a>. |
|
<li>Allow a semicolon to terminate label strings in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sed&sektion=1">sed(1)</a>, so one-liners with labels can work. |
|
<li>A few string and memory fixes in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rup&sektion=1">rup(1)</a>. |
|
<li>Stability fixes for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vr&sektion=4">vr(4)</a>. From FreeBSD. |
|
<li>Add arc4 support to the kernel, and have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a> use it instead of rolling its own. |
|
<li>Unbreak <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>'s handling of quotes in pathnames. |
|
<li>More propolice fixes and improvements. |
|
<!-- ^ 20031007 --> |
|
<li>Remove <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> addon-breaking <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=newsyslog.conf&sektion=5">newsyslog.conf(5)</a> sample lines. |
|
<li>Install <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sensorsd&sektion=8">sensorsd(8)</a> by default. |
|
<li>Really really give xfs a <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=poll&sektion=2">poll(2)</a> backend. |
|
<li>Fix a badly broken <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc&sektion=1">gcc(1)</a> optimisation when calculating structure offsets under certain conditions. See the <a href="http://www.openbsd.org/cgi-bin/cvsweb/src/gnu/egcs/gcc/combine.c#rev1.5">commit log</a> for details. |
|
<li>Unbreak <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lge&sektion=4">lge(4)</a> compile. |
|
<li>Update timezone info files to tzcode2003c. |
|
<!-- ^ 20031006 --> |
|
<li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=em&sektion=4">em(4)</a> stripping 802.1q headers from packets in a <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bridge&sektion=4">bridge(4)</a>. |
|
<li>Add <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vlan&sektion=4">vlan(4)</a> support to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=em&sektion=4">em(4)</a>. |
|
<li>Avoid a division-by-zero panic when benchmarking the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pchb&sektion=4">pchb(4)</a> RNG device. |
|
<li>A couple of read-from-device fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=an&sektion=4">an(4)</a>. From FreeBSD. |
|
<!-- ^ 20031005 --> |
|
<li>Remove non-free licensed <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xlock&sektion=1">xlock(1)</a> bitmaps. |
|
<li>Properly free resources when ffs_mountroot() fails. |
|
<li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a> crashing when the value for LIFE_DURATION is missing. |
|
<li>Back out the new environment variable load in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld.so&sektion=1">ld.so(1)</a> due to sparc breakage. |
|
<li>Unbreak the new xfs poll backend. |
|
<li>Fix a long-standing memory leak in kernel libz (PR#2886.) From NetBSD. |
|
<li>Print a more useful error message when a bad port number is given to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=whois&sektion=1">whois(1)</a>. |
|
<li>Fix broken time parsing in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kadmin&sektion=8">kadmin(8)</a> (PR#3292.) |
|
<!-- ^ 20031004 --> |
|
<li>Initialise environment variables in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld.so&sektion=1">ld.so(1)</a> before calling constructors and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=atexit&sektion=3">atexit(3)</a> functions |
|
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=inetd&sektion=8">inetd(8)</a> exit if no config file is found. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a> submit.mc/cf, bind the msp to 127.0.0.1 instead of localhost just in case localhost doesn't resolve correctly. |
|
<li>Teach <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=netstat&sektion=1">netstat(1)</a> how to deal with KAME embedded scope IDs for -f encap route dumps. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=arc4random&sektion=3">arc4random(3)</a> to generate cookies in the XSecurity extension. |
|
<li>Fix a few off-by-ones in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gethostbyname&sektion=3">gethostbyname(3)</a> and friends. |
|
<li>Allow multiple RCPTs in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8">spamd(8)</a>, and stop looping on invalid commands. |
|
<li>Bring in a number of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pipe&sektion=2">pipe(2)</a> stability fixes from FreeBSD. |
|
<!-- ^ 20031003 --> |
|
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a>'s handling of SSLCertificateChainFile under the chroot. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a> usage output now dumps the OpenSSL version too. |
|
<li>Don't try to send incomplete IPv4 fragments in the ENOBUFS case. Note that this is a behaviour change from 4.4BSD and applies to output from <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bridge&sektion=4">bridge(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> as well as vanilla IP output. |
|
<li>A couple of endianness fixes when setting the IPv4 output fragment offset. |
|
<li>A couple of minor <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=malloc&sektion=3">malloc(3)</a> fixes related to recursive calls and debugging. |
|
<!-- ^ 20031002 --> |
|
<li>Clean up IPv6 flowlabel handling. |
|
<li>New IPv6 ID and flowlabel generation code using <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=arc4random&sektion=9">arc4random(9)</a>. |
|
<li>Remove a bad <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=m_cat&sektion=9">m_cat(9)</a> call when fragmenting outbound IPv6 packets. |
|
<li>Add a missing initialisation in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pflog&sektion=4">pflog(4)</a> that allowed kernel stack garbage to leak into .pcap files. |
|
<li>Have the libc stack protector code use the kernel __sysctl() call directly instead of using the libc <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&sektion=3">sysctl(3)</a> interface. |
|
<li>Stop reading ~/.signature to pre-fill the Organisation: field in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendbug&sektion=1">sendbug(1)</a> (PR#3499.) |
|
<li>Fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=event&sektion=3">event(3)</a> poll code. |
|
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftpd&sektion=8">ftpd(8)</a> listen on both IPv4 and IPv6 ports by default. |
|
<li>Fix an out-of-bounds memory access in kernel <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=compat_ibcs2&sektion=8">compat_ibcs2(8)</a> code. |
|
<li>Add missing check for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=strdup&sektion=3">strdup(3)</a> error in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=talk&sektion=1">talk(1)</a>. |
|
<li>Correct a couple of off-by-ones in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=banner&sektion=1">banner(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=3">ssl(3)</a> (src/ssl/ssl_ciph.c.) |
|
<li>Fix the code that grows ifindex2ifnet in sys/net/if.c. |
|
<li>Add a stack of missing switch break statements needed after the _dl_errno changes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld.so&sektion=1">ld.so(1)</a>. |
|
<!-- ^ 20031001 --> |
|
<li>Teach <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=size&sektion=1">size(1)</a> how to read ELF objects. |
|
<li>POSIX and interoperability fixes for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bc&sektion=1">bc(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dc&sektion=1">dc(1)</a>, |
|
<li><font color="#e00000"><strong>SECURITY FIX: The use of certain ASN.1 encodings or malformed public keys may allow an attacker to mount a denial of service attack against applications linked with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=3">ssl(3)</a>.</strong></font> This does not affect OpenSSH.<br> |
|
<a href="errata.html#asn1">A source code patch is available</a>.<br> |
|
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
|
<!-- ^ 20030930 --> |
|
<li>Properly free resources on <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fxp&sektion=4">fxp(4)</a> attach failures. |
|
<li>Some reliability fixes in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ahc&sektion=4">ahc(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=siop&sektion=4">siop(4)</a>. |
|
<li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sensorsd&sektion=8">sensorsd(8)</a> to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=daemon&sektion=3">daemon(3)</a>ize itself. |
|
<li>Fix an unchecked <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=strdup&sektion=3">strdup(3)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getnetgrent&sektion=3">getnetgrent(3)</a>. |
|
<!-- ^ 20030929 --> |
|
<li>Fix several kernel networking off-by-ones w.r.t. PRC_NCMDS. |
|
<li>Better error checking for new <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bc&sektion=1">bc(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dc&sektion=1">dc(1)</a>. |
|
<li>Make new <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bc&sektion=1">bc(1)</a> compile on sparc64. |
|
<!-- ^ 20030928 --> |
|
<!-- ^ 20030927 --> |
|
<li>Further <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=realloc&sektion=3">realloc(3)</a> cleanup. |
|
<li>Fix bogus getutmp() error check in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=battlestar&sektion=6">battlestar(6)</a>. |
|
<li>Change the xfs backend from select to poll. |
|
<li>Introduce 64-bit <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=byteorder&sektion=3">byteorder(3)</a> macros. |
|
<li>strdup -> strlcpy in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=apmd&sektion=8&arch=i386">apmd(8)</a>, and make sure the socket gets unlinked at exit. |
|
<li>Better <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=malloc&sektion=3">malloc(3)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=realloc&sektion=3">realloc(3)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=strdup&sektion=3">strdup(3)</a> error checks in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=config&sektion=8">config(8)</a>. |
|
<li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pflogd&sektion=8">pflogd(8)</a> shouting 'Reopened logfile' at syslog. |
|
<li>Add a number of missing checks for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=strdup&sektion=3">strdup(3)</a> failure. |
|
<li>Add an <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sscanf&sektion=3">sscanf(3)</a> bounds check to the neighbour cache file code in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ndp&sektion=8">ndp(8)</a>. |
|
<li>Reorder the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> statistics counter code and fix some miscount bugs. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a>, don't listen on INADDR_ANY if the Listen-on option is specified. |
|
<li>Fix an off-by-one and a bad string bounds length in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=atc&sektion=6">atc(6)</a>. |
|
<li>Don't set <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>'s listen socket to non-blocking mode. |
|
<li>Build the new BSD <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bc&sektion=1">bc(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dc&sektion=1">dc(1)</a> in favour of the GNU versions. |
|
<li>Drop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=authpf&sektion=8">authpf(8)</a>'s 15-character username restriction, it's no longer necessary (PR#3491.) |
|
<li>Allocate a buffer large enough to store a full IPX address in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipx_ntoa&sektion=3">ipx_ntoa(3)</a>. |
|
<li>Unbreak <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=netstat&sektion=1">netstat(1)</a> -i display columns for interfaces with no address. |
|
<li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8">spamd(8)</a> dying unceremoniously on <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=accept&sektion=2">accept(2)</a> failures. |
|
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=talk&sektion=1">talk(1)</a> retry if <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=accept&sektion=2">accept(2)</a> returns ECONNABORTED (the same as it does for EINTR.) |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=realloc&sektion=3">realloc(3)</a> fixes in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=brconfig&sektion=8">brconfig(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhclient&sektion=8">dhclient(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lpd&sektion=8">lpd(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pppd&sektion=8">pppd(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rwhod&sektion=8">rwhod(8)</a>. |
|
<li>Add a 'recipe' datafile to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fortune&sektion=6">fortune(6)</a>, starting with some barbecue recipes from the hackathon. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=arc4random&sektion=3">arc4random(3)</a> instead of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=srand&sektion=3">srand(3)</a> to generate a more random salt for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=htpasswd&sektion=1">htpasswd(1)</a>. |
|
<li>Start removing unnecessary null checks before doing <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=free&sektion=3">free(3)</a> on a possibly null pointer. |
|
<!-- ^ 20030926 --> |
|
<li>Fix scrambled display when resuming a suspended <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=less&sektion=1">less(1)</a> process. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=strlcpy&sektion=3">strlcpy(3)</a> instead of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bcopy&sektion=3">bcopy(3)</a> to avoid overflowing the nodename and netname in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=an&sektion=4">an(4)</a>. |
|
<li>Fix a couple of off-by-ones in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=adventure&sektion=6">adventure(6)</a>. |
|
<li>Fix an out-of-bounds write in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a> privsep monitor code. |
|
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dlerror&sektion=3">dlerror(3)</a> clear _dl_errno as expected (PR#3441.) |
|
<li>Correct a couple of off-by-ones in libc. |
|
<li>Fix overflows in the X font server overflow fix. Sigh. |
|
<li>Add a missing free in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1">cvs(1)</a>. |
|
<li>New, BSD-licensed version of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bc&sektion=1">bc(1)</a>. |
|
<li>Fix an off-by-one in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=csh&sektion=1">csh(1)</a> (PR#3163.) |
|
<li>More <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=realloc&sektion=3">realloc(3)</a> fixes. |
|
<li>Fix a bad bounds check that could crash <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sort&sektion=1">sort(1)</a>. |
|
<!-- ^ 20030925 --> |
|
<li>More paranoid privsep parent/child communication in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslogd&sektion=8">syslogd(8)</a>. |
|
<li><font color="#e00000"><strong>SECURITY FIX: It is possible for a local user to cause a system panic by flooding it with spoofed ARP requests.</strong></font><br> |
|
<a href="errata.html#arp">A source code patch is available</a>.<br> |
|
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
|
<li>A number of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=realloc&sektion=3">realloc(3)</a> fixes (removing instances of the the bad idiom described in the manpage) in several programs. |
|
<li>New program <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sensorsd&sektion=8">sensorsd(8)</a> to monitor hardware sensors as exposed by the hw.sensors sysctl. Not installed yet. |
|
<li>Unbreak <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tftp&sektion=1">tftp(1)</a> put command. |
|
<li>Remove and re-add SHA2 support in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a>, minus OpenSSL EVP-related fd leaks. |
|
<li>Fix some realloc bugs in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> tables code. |
|
<li>Initial HIFN 7955/7956 crypto accelerator support. |
|
<li>Increase <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8">spamd(8)</a> maximum connections from 200 to 800. |
|
<!-- ^ 20030924 --> |
|
<li>Install a more complete set of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a> empty config files under /etc/mail. |
|
<li>Throttle 'proc: table is full' messages to once every ten seconds. From NetBSD. |
|
<li>Further improvements to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>'s fatal exit handling. |
|
<li>Use the much simpler <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getifaddrs&sektion=3">getifaddrs(3)</a> instead of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&sektion=3">sysctl(3)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rtadvd&sektion=8">rtadvd(8)</a>. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getaddrinfo&sektion=3">getaddrinfo(3)</a> for name-to-address resolution in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a>. |
|
<li>Replace kernel <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=select&sektion=2">select(2)</a> backends with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=poll&sektion=2">poll(2)</a> backends. This allows for more complete poll() functionality. From NetBSD. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mtrace&sektion=8">mtrace(8)</a> only do mask checks for AF_INET. |
|
<li>Add <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=poll&sektion=2">poll(2)</a> support for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=event&sektion=3">event(3)</a>. |
|
<li>Fix a few suspect <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=strlcpy&sektion=3">strlcpy(3)</a> calls in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ifconfig&sektion=8">ifconfig(8)</a>. |
|
<!-- ^ 20030923 --> |
|
<li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getopt_long&sektion=3">getopt_long(3)</a> to accept an optional argument separated by whitespace, unlike GNU getopt_long. |
|
<li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tsort&sektion=1">tsort(1)</a> reading past the end of its buffer. |
|
<li>Plug a realloc memory leak in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mg&sektion=1">mg(1)</a>. |
|
<li>Off-by-one fixes in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nc&sektion=1">nc(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pmdb&sektion=1">pmdb(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ppp&sektion=8">ppp(8)</a>, libssl, libpthread and a few in the kernel. |
|
<li>Sync up <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a> with BIND 9.2.2-P3, with support for new zone type 'delegation-only'. |
|
<li>In the new <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dc&sektion=1">dc(1)</a>, Make all registers contain zero initially for compatibility. |
|
<li>Fix, clean up and simplify the installer's handling of yes/no responses from the user. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=poll&sektion=2">poll(2)</a> instead of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=select&sektion=2">select(2)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=skey_authenticate&sektion=3">skey_authenticate(3)</a>. |
|
<li>Plug a memory leak in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rtadvd&sektion=8">rtadvd(8)</a>. |
|
<li>Stop extraneous 'no disk label' warnings in the installer. |
|
<!-- ^ 20030921 --> |
|
<li>Implement hardwareflow (hf) option for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tip&sektion=1">tip(1)</a>. Off by default. |
|
<li>Fix an out-of-order free() in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rpc&sektion=3">rpc(3)</a>. |
|
<li>Don't leak memory if memory allocation fails in libc <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rpc&sektion=3">rpc(3)</a> code. |
|
<!-- ^ 20030920 --> |
|
<li>Change the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld&sektion=1">ld(1)</a> script to make contructors and destructors in dynamic binaries non-writable. |
|
<li>Completely new BSD-licensed version of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dc&sektion=1">dc(1)</a> using the OpenSSL <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bn&sektion=3">bn(3)</a> routines. |
|
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scp&sektion=1">scp(1)</a> check for an error code in remote->remote mode. |
|
<li>When chrooting <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a>, use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=initgroups&sektion=3">initgroups(3)</a> so that supplementary group IDs are initialised as well. |
|
<li>Temporarily disable soft interrupts support in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=usb&sektion=4">usb(4)</a> for stability reasons. |
|
<li>Several abnormal exit handler fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>. |
|
<li>Better disk device probe on i386. |
|
<li>Correct the signal number validity check in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=csh&sektion=1">csh(1)</a>'s kill command. |
|
<!-- ^ 20030919 --> |
|
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=grep&sektion=1">grep(1)</a>'s binary file test work for gzipped files the same as for other files, testing against <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isspace&sektion=3">isspace(3)</a> as well as <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isprint&sektion=3">isprint(3)</a>. |
|
<li>Make sure <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=whois&sektion=1">whois(1)</a> can't zap straight past the beginning of the buffer when removing spaces from line endings. |
|
<li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> checking for a netmask if the address type being examined is a table. |
|
<li>Fix a subtle use-after-free in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=modload&sektion=8">modload(8)</a>. |
|
<li>Some int -> u_int paranoia in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>. |
|
<li>More <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> buffer management fixes (CAN-2003-0682.) |
|
<li>Further EDD detection improvements on i386. |
|
<li>Properly flush the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> RSA1 public key from memory when its output file cannot be opened (OpenSSH PR#662.) |
|
<li>Correct a double-free in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> buffer management code (OpenSSH PR#660.) |
|
<li>Fix the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> ConnectTimeout option (OpenSSH PR#656.) |
|
<li>On i386, try harder to boot from removable media by allowing for their removal and insertion. |
|
<!-- 20030918 --> |
|
<li>Updated and better-commented openbsd-proto.mc for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a>. |
|
<li>Upgrade <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a> to version 8.12.10. The address parsing security fix went into 3.4 and -stable, but not the full version update. |
|
<!-- ^ 20030917 --> |
|
<!-- ^ 20030916 --> |
|
<li>3.4 -> 3.4-current. |
|
<!-- ^ 20030915 --> |
</ul> |
</ul> |
<p> |
<p> |
|
|