===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1356
retrieving revision 1.1357
diff -u -r1.1356 -r1.1357
--- www/plus.html 2014/10/03 09:27:34 1.1356
+++ www/plus.html 2014/10/10 03:45:00 1.1357
@@ -75,6 +75,57 @@
+
+- Check object allocation for success before using it in ssl(8) v3_cpols.c.
+
- In ssl(8), fixed memory leaks in the error path of v2i_AUTHORITY_KEYID() and set_dist_point_name().
+
- Switched syslogd(8) from using poll(2) to libevent.
+
- Updated xterm(1) to version 311.
+
- Stopped xhci(4) Intel Series 7 controllers reporting illegal context state transition when detaching devices.
+
+
- In ftp(1), only pass the remote host name (not any ":portnumber" suffix) to ressl_connect_socket().
+
- Forced smtpd(8) to strip any empty BCC header in the DATA part of the SMTP transaction.
+
+
- Cleaned up the reporting socket code in syslogd(8).
+
- Introduced a thread for zeroing uvm(9) pages without holding the kernel lock, to reduce latency.
+
- In syslog_r(3), strip trailing newlines from syslog messages, to avoid empty lines when printing.
+
- Allow ssl(8) to disable hostname and certificate verification separately.
+
- Enabled automatic handling of ephemeral EC keys by ssl(8).
+
- Allowed many code paths in myx(4) to run without the kernel lock.
+
+
- Now that pool(9) are mpsafe, made the mbuf(9) allocators on top of pools mpsafe too.
+
- Fixed a crash when there is text after a failed %Z conversion in strptime(3).
+
- When no domain is specified in MAIL FROM or RCPT TO, smtpd(8) now assumes local user.
+
- Fixed httpd(8) endless event loop that could eat all CPU time.
+
- Added local subnet route (RFC 3442) support to dhclient(8).
+
- Enlarged columns for 4-byte ASN display with bgpctl(8) "show summary" output.
+
- Fixed route(4) so arp(8) will no longer report an incomplete entry for lo0.
+
- Made tmux(1) take account of window-status-separator when checking window position.
+
- Update status when a tmux(1) pane is selected with a mouse.
+
+
- Always call waitpid(2) on SIGCHLD when client_attached is set in tmux(1). Avoids potential zombie.
+
- Fixed some incorrect format specifiers in a debug printf(9) in apm(8).
+
- Fixed loopback related breakage introduced by the conversion of in_ouraddr() to use the route(4) table.
+
- Map out-of-range facility values to LOG_USER to avoid array over-read in syslogd(8).
+
- No longer define default_bits in openssl.cnf. Allows the compiled-in default to take priority.
+
- Switched openssl(1) "req" command to using SHA256 (hashes) and AES256 (on-disk keys) by default.
+
- 5.6 RELIABILITY FIX: Fixed some run(4) devices working in 5.5 but not in 5.6-release.
+
- More optimisations of luna frame buffer. Makes 4bpp wscons(4) putchar ~8% faster on luna88k.
+
- Unhooked sliplogin(8), sl(4), slstats(8) and slattach(8).
+
- Check speed of a new device does not exceed parent's speed prior to calling usbd_new_device().
+
+
- 5.4, 5.5 and 5.6 SECURITY FIX: Stopped nginx (in base) reusing cached ssl(8) sessions in unrelated contexts (CVE-2014-3616).
A source code patch is available for 5.4, 5.5 and 5.6.
+ - Added support for "physical devices" to mfii(4).
+
- In ssl(8), cleaned up EC cipher handling in ssl3_choose_cipher().
+
- Prevented dmesg(8) spam from some windows-only keys (found on very new thinkpads).
+
- Do not use the global list of IPv4 addresses in icmp_reflect(), use the route(4) table.
+
+
- Increased text segment size on arm to 32MB.
+
- When setting env(1) in an at(1) atrun script, use the "export foo=bar" form. Allows shell to catch variable names that are not valid shell identifiers.
+
- Fixed r1.12 of ssl(8) x509_att.c which had a NULL pointer dereference in the error path.
+
- Added option that allows any enabled ssl(8) protocols to be explicitly configured.
+
- Use raster operation (ROP) function on luna frame buffer. 4bpp wscons(4) putchar now ~20% faster.
+
- vds(4/sparc64) now supports block devices.
+
- Reversion fixed in smtpd(8), which had broken table_passwd.
- In ssl(8) check_cert(), reset ctx->current_crl to NULL before freeing it.
- In ssl(8) X509_NAME_get_text_by_OBJ(), made sure we do not pass a negative size to memcpy(3).
@@ -381,4 +432,8 @@