===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1342
retrieving revision 1.1343
diff -u -r1.1342 -r1.1343
--- www/plus.html 2014/06/11 00:55:08 1.1342
+++ www/plus.html 2014/06/14 02:18:48 1.1343
@@ -75,6 +75,36 @@
+
+- Updated to xf86-video-modesetting 0.8.1 and xf86-video-geode 2.11.15.
+
+
- Further cleanup of context handling in ssl(3) tls1_change_cipher_state().
+
- In run(4), fixed TXWI and RXWI offset calculations so RT5592 devices function.
+
+
- When relying on the local enqueuer, let smtpd(8) cope with long To/Cc lines. Avoids broken headers and confusing some MUAs.
+
+
- Fixed inverted test in ssh(1) so PKCS#11 keys that are explicitly listed are preferred.
+
- Reset properly when tmux(1) c0-change-trigger is increased from zero, so panes don't get stuck.
+
- 5.4 and 5.5 and -current SECURITY FIXES in ssl(8) for: buffer overflow with crafted DTLS fragments (CVE-2014-0195); DTLS infinite recursion flaw with "Hello Request" (CVE-2014-0221); SSL/TLS MITM vulnerability (CVE-2014-0224); anonymous ECDH denial of service (CVE-2014-3470).
A source code patch is available for 5.4 and 5.5.
+ - Reduced amount of traceroute(8) code running as root; only error out if the creation of a needed socket failed.
+
- Moved ld.so(1) to a (slightly stripped) version of libc malloc(3).
+
- 5.4 and 5.5 and -current SECURITY FIX: improper close-on-exec flag handling by sendmail(8) (CVE-2014-3956).
A source code patch is available for 5.4 and 5.5.
+ - Added support for COLUMNS env variable to ps(1).
+
- Included work-around in mandoc(1), as makewhatis(8) expects its current dir to not be /.
+
+
- vflush(9) now works for fuse(4).
+
- Do not skip or add a byte for the report ID when usbhid(3) is manipulating data.
+
- Made uaudio(4) properly compare endpoint addresses by ignoring the direction bit.
+
+
- Accept -C as an alias for -c in tr(1).
+
- Made zyd(4) compile with ZYD_DEBUG.
+
- Fix zyd(4) frame length adjustment in the RX path.
+
+
- In libm math code, made sure STRICT_ASSIGN handles double as well.
+
- Stripped openssl(1) functions called when "-rand" is specified (underlying code long gone).
+
- Removed easy access to the unsafe intel RDRAND instruction from ssl(8).
+
- When checking for unicast and broadcast addresses, do one lookup instead of two.
+
- Fixed uninitialised variable, which caused sndiod(1) crashes when handling errors.
- In ssl(3) tls1_setup_key_block(), use the correct IV length for GCM mode. Fixes key block length calculation.
@@ -791,6 +821,5 @@