===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1343
retrieving revision 1.1344
diff -u -r1.1343 -r1.1344
--- www/plus.html 2014/06/14 02:18:48 1.1343
+++ www/plus.html 2014/06/22 11:11:00 1.1344
@@ -75,6 +75,58 @@
+
+- Fixed vnode leak in systrace(4).
+
- In ssl(8) aes_gcm_cleanup(), clean the entire context (no longer leaving AES key untouched).
+
- Fixed hang with virtio event_idx feature, to cure occasional network freeze in vio(4).
+
- Updated to xcb-util-renderutil 0.3.9.
+
+
- Avoid infinite loop in fsck_msdos(8) if cluster chain is a cyclic list.
+
- Fixed memory leaks in fsck_msdos(8) bootblock handling.
+
- Fixed fsck_msdos(8) regression in r1.16 of boot.c: write fsinfo, not block into FSInfo region.
+
- Fixed fsck_msdos(8) regression in r1.20 of fat.c by properly incrementing a pointer.
+
- Added more bounded attributes to the buffer and md5/sha headers in ssl(8).
+
+
- Removed wait(2) support for "union wait" (deprecated since 4.3BSD) and WSTOPPED (means something else now in POSIX).
+
- Stopped ze(4/vax) rx ring pointer stalling when running "all multicast" or bpf(4) in promiscuous mode.
+
- Switched dump(8) "blockswritten" to int64_t, so it won't wrap at 2TB.
+
- Correctly calculate the key block length in t1_enc.c and s3_enc.c when using ssl(8) "export" ciphers.
+
- Added ChaCha20-Poly1305 based ciphersuites to ssl(8).
+
- ssl(8) can now change cipher state with an EVP_AEAD, encrypt/decrypt TLS using the EVP_AEAD.
+
- Added getentropy(2) system call.
+
- Indicate in the sysctl(1) LIVELOCKS column if there is a pending (deferred) mbuf(9) update.
+
- Fixed tcp-mss-adjust in pipex(4) and npppd(8).
+
+
- Removed support for the "opaque PRF input" extension from ssl(8) (draft expired 7 years ago and never became an RFC).
+
- Added timingsafe_memcmp() to memcmp(3).
+
- Added MAP_INHERIT_ZERO support to minherit(2). Provides child process with fresh, zero-initialised anonymous memory.
+
- Fixed ptrace(2) hanging hppa and mips64 MP systems, by grab the kernel lock before cleaning up single-step breakpoints.
+
- Updated to nginx(8) version 1.6.0 (including syslog support backported from the 1.7 branch).
+
- Disable the "switch to insertion sort" optimisation in qsort(3). Avoids quadratic behaviour for certain inputs.
+
- Changed pkg_add(1) to display the full url (if possible) for unsigned packages.
+
+
- Fixed memory leak in ssl(8) d1_lib.c.
+
- Restored the original behaviour of RTM_ADD and RTM_DELETE by always generating one message per locally configured ip(4) address.
+
- Always create a local route(4) for every configured IPv4 address on the machine.
+
- Flag any local route(4) as such and make them use the highest possible priority.
+
- Created (currently unused) system taskq ("systqmp") which runs without the kernel lock (see task_add(9)).
+
+
- Raised the low water mark in em(4) so the internal buffers can hold at least two jumbo frames.
+
- On i386/amd64 hibernate, don't map phys pages < 64KB in the resume page table. Matches recent kernel change.
+
- Fixed off by one in fsck_msdos(8) when writing the FAT for FAT12 filesystems.
+
- In ssl(8), check return value of EVP_MD_CTX_copy_ex(). Avoids potential null pointer dereference.
+
- In mtree(8), added ed25519 ssh host keys to /etc/mtree/special.
+
- Lowered nc(1) buffers back to 16k for now, to avoid bufferbloat.
+
- Increased nc(1) buffer size to 64k, and actually use the buffer.
+
- Abandoned the ssl(8) "auto-ENGINE" /dev/crypto interface.
+
- In ssl(3) tls1_cert_verify_mac(), avoid a possible NULL function call on ctx.final().
+
- Implemented slowcgi(8) -u (user to drop privs to) and -p (path to chroot(8) to). Allows slowcgi(8) to run non-chrooted.
+
- Cleaned up slowcgi(8) socket creation.
+
- Multiple fixes for ssl(8) ssl3_digest_cached_records().
+
- Ensured ssl(8) ssl3_final_finish_mac() returns failure if either the MD5 or SHA1 handshake MAC calculation fails.
+
+
- Changed installboot(8) file copying process, to make it less likely that the PBR will change upon update.
+
- Fixed possible out of boundary access by fsck_msdos(8) if the filesystem is full or corrupt.
- Updated to xf86-video-modesetting 0.8.1 and xf86-video-geode 2.11.15.
@@ -821,5 +873,3 @@