===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1133
retrieving revision 1.1134
diff -u -r1.1133 -r1.1134
--- www/plus.html 2009/02/01 14:22:21 1.1133
+++ www/plus.html 2009/02/01 15:12:21 1.1134
@@ -179,7 +179,9 @@
Removed support for krb4 '.' instance separator in the libc authentication code.
Add "ESMTP" to the smtpd(8) banner now that it does support some extensions.
-Fix DNSSEC signature validation error in named(8).
+SECURITY FIX: DNSSEC signature validation error in named(8).
+A source code patch is available.
+[Applied to stable]
Re-enabled PIE support for powerpc platforms.
Enable vdsk(4) on sparc64 RAMDISK kernels.
Added uaudio(4) support to sgi GENERIC kernels.
@@ -208,6 +210,9 @@
Added multicast support to vnet(4).
Make sure to enable support for RFC2546 TLS extensions to allow for multihomed TLS servers.
+SECURITY FIX: OpenSSL libraries did not correctly check the return value from certain verification functions.
+A source code patch is available.
+[Applied to stable]
Updated OpenSSL to 0.9.8j.
Add support for SDHC cards in the sdmmc(4).
@@ -263,7 +268,9 @@
Plug some memory leakage in the ypldap(8) parser.
Make cdio(1) work with aucat(1) regardless of the buffer size used.
-Add workaround for problem in bgpd(8) when invalid AS4_PATHs are passed over multiple hops.
+RELIABILITY FIX: Reception of an invalid update with 4-byte AS attributes allows a third party to close remote BGP sessions.
+A source code patch is available.
+[Applied to stable]
Added ifb(4) to sparc64 GENERIC kernels.
Use hardware acceleration for scrolling in ifb(4) on sparc64, avoids overlay artifacts.
@@ -470,6 +477,9 @@
Make the kernel fork code allocate required space for systrace early so we are sure the activation code wont sleep in sensitive places.
Major overhaul of wpi(4) to bring in HW CCMP encryption/decryption among other things. Requires new wpi-firmware.
+RELIABILITY FIX: Problems with DH0_DHCP_OPTIONS_OVERLOAD in dhcpd(8).
+A source code patch is available.
+[Applied to stable]
Add malloc and bucket views to systat(1).
Added new sysctl(8) ddb.trigger to take the OS into the ddb(4) debugger if ddb.console=1 and the write comes from the actual console tty.
Fixes for trunk(4) LACP code to help it work with Catalyst 3500s.
@@ -952,7 +962,7 @@
www@openbsd.org
-
$OpenBSD: plus.html,v 1.1133 2009/02/01 14:22:21 jj Exp $
+
$OpenBSD: plus.html,v 1.1134 2009/02/01 15:12:21 jj Exp $