===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1405
retrieving revision 1.1406
diff -u -r1.1405 -r1.1406
--- www/plus.html 2018/04/16 14:29:51 1.1405
+++ www/plus.html 2018/10/09 15:12:03 1.1406
@@ -76,157 +76,16 @@
6.0,
6.1,
6.2,
-6.3.
+6.3,
+6.4.
-
Changes made between OpenBSD 6.3 and -current
+Changes made between OpenBSD 6.4 and -current
-
-- Fix "heap full" errors in the amd64 boot loader when loading microcode.
-
- Add support in com(4) for Exar XR17V354 4-port devices.
-
-
- Add TCP support to snmpd(8). Apart from processing multiple requests in parallel, this implements RFC 3430.
-
- Make relayd(8) set destination host state to HOST_DOWN in case of TCP read timeout.
-
- 6.1, 6.2 and 6.3 SECURITY FIX: Correct heap overflow bugs in perl(1).
A source code patch is available for 6.1, 6.2 and 6.3.
-
- - Make ENGINE_finish() succeed on NULL in LibreSSL, simplifies caller code.
-
- Make ksh(1) count $SECONDS using monotonic clock.
-
- Fix for mg(1) when trying to write backups in home dir when run under a different effective user.
-
-
- Remove hfsc support from pfctl(8).
-
- Don't panic if ipmi_sendcmd() fails.
-
- Make sshd(8) more resilient against user enumeration timing attacks.
-
- Implemented MAP_STACK option for mmap(2). At pagefaults and syscalls the kernel will check that the SP points to MAP_STACK memory.
-
-
- Stop using the PID in ping(8).
-
- Make httpd(8) listen on all IPv4 and IPv6 addresses for "listen on *".
-
- More steps for i386 Meltdown fixes, will trigger some performance issues.
-
- Make re(4) handle newer devices with only 64bit BARs, and map 32bit BAR as a fallback.
-
-
- Add mixer save/restore capability to the audio(4) driver for use during suspend/resume.
-
- Add support in umsm(4) for Huawei k3772-based devices.
-
- Make sasyncd(8) schedule events against the monotonic clock so it fires punctually even if system clock is changed.
-
- Have fstat(1) print rtable for internet sockets unless it's the default.
-
- In tmux(1), add x and X to choose-tree to kill an item.
-
- Make sure the kernel doesn't call logwakeup() while holding a mutex to prevent lock ordering issues.
-
-
- Make mandoc(1) define a previously undefined integer as being zero.
-
- Make ksh(1) support 64bit integer operations on 32bit arches too.
-
- Added octcrypto(4), a driver for the octeon cryptographic unit, providing hardware-accelerated implementations for several encryption and authentication algorithms for ipsec(4). Disabled for now.
-
-
- Make smtpd(8) spfwalk check for legitimate IPv4 and IPv6 addresses before printing.
-
- Make headers, manpages and kernel prefer and recommend AF_UNIX name rather than AF_LOCAL.
-
- In kqueue, test for preexisting conditions when re-enabling events.
-
- Make pcidump(8) print BARs for bridges as well.
-
- On amd64, add support for EFI Random Number Generator and use it to XOR random data into the kernel.
-
- Add a hook to the standalone boot code to use a firmware-supplied random function in addition of the machine dependent random function to insert entropy into the booted kernel.
-
-
- IPv6 fix for gif(4).
-
- Attach the mbuf tag on output gif(4) packets to suppress loops over the interface and avoid leak of the tag on every packet.
-
- For certain arm devices, if the PHY address isn't specified, only attach a single PHY. Makes Theobrama Systems RK3399-Q7 SoM network interfaces work.
-
- Make shutdown(8) print deadline estimates in the local timezone.
-
- Simplify dd(1) SIGINFO output routines so the summary printout becomes atomic.
-
- Enable islrtc(4) on arm64 GENERIC and RAMDISK kernels.
-
- Added islrtc(4), a driver for the ISL208 real time clock.
-
- Work around libtool exec limitations.
-
- Correct libtls tls_config_clear_keys(3) behaviour, leaving other configuration data intact.
-
- In libtls, switch to OPENSSL_init_ssl(3) to prevent an openssl configuration file from being loaded behind our backs.
-
- Add support in dwmmc(4) for GPIO card detection.
-
- Increase em(4) delay after reset to 20ms and add a fix for i219 based devices.
-
-
- In UEFI, respect the parts where mappings indicate they can be made non-readable, non-executable or read-only.
-
- Fixed tmpfs(4) to not attempt calling copyin(9) itself.
-
- Patch binutils 2.17 so it passes option -Wno-null-pointer-arithmetic when compiled with LLVM 6.0.0.
-
- Updated llvm to 6.0.0.
-
- Make fstat(1) print a p flag for file descriptors opened after pledge(2).
-
- Better rounding to cylinder boundaries in disklabel(8).
-
- In ssh(1), allow "Sendenv -PATTERN" to clear environment previously labeled for sending.
-
- Fix file descriptor leak in httpd(8) after processing ranged requests.
-
- Use existing pf state to speed up UDP socket lookup.
-
- Fix memory leak in libcrypto if EVP_Digest() fails.
-
-
- In libcrypto, tighten up various checks for X509_VERIFY_PARAM functions.
-
- In ssh(1), relax checking of authorized_keys environment="..." options to allow underscores in variable names
-
- Stop using a non-portable .R man(7) macro in mandoc(1).
-
- Update mandoc(1) to use documented and portable character escape sequences for .Do/.Dq.
-
-
- Import pcap_set_immediate_mode() from mainline libpcap which allows a libpcap-based program to process packets as soon as they arrive.
-
- Remove obsolete PF_TRANS_ALTQ from pf(4). Note the required steps in the update guide if updating from source.
-
- Update default IPQoS in ssh(1) and sshd(8).
-
- Libcrypto fixes in X509_NAME_add_entry().
-
-
- Fix crash in dig(1) when +trace option is enabled and a truncated reply forces fallback to TCP.
-
-
- Deactivate WITNESS checks in ddb(4), when db_active is set.
-
- On vlan(4) interfaces, use link0 to use llprio in transmitted packets.
-
- Imported regenerated moduli files for ssh(1).
-
- Tweak vlan printing in tcpdump(8) to properly decode priority field.
-
- OpenSSH 7.7 released.
-
- Enabled mvrng(4) for arm64 GENERIC and RAMDISK kernels.
-
- Fix in bgpd(8) for aspath_verify() regarding 2-byte vs 4-byte AS path entries.
-
- Enabled imxiomuxc(4) on arm64 GENERIC and RAMDISK kernels.
-
- Unhook libXfont from xenocara builds, obsoleted by libXfont2.
-
- Enabled dwpcie(4), fec(4) and imxccm(4) on arm64 GENERIC and RAMDISK kernels.
-
- Add minimal driver dwpcie(4) for the Synopsys Designware PCIe core.
-
- Added support for more Intel Apollo Lake devices found on some NUC and Celeron based systems.
-
- In com(4), add support for register shift/IO-width to allow UARTs using 32-bit registers instead of 8-bit, found on some armv7, arm64 and amd64 SoCs.
-
- Add support for arbitrary-length integers in test(1).
-
-
- Fix binutils 2.17 to build without warnings on LLVM 6.0.0.
-
- Enabled imxanatop(4) on armv7 RAMDISK kernels.
-
- Fix for previously incorrect MII speed setting on armv7 fec(4).
-
- Fixes in apply(1) for realloc(3) noticed when malloc.conf(5) had the J option enabled.
-
- LibreSSL 2.7.2 released.
-
- Fixes for UFS2 with softdep enabled.
-
-
- Implemented an EFI driver to allow PXE boot over EFIs Simple Network Protocol, allowing TFTP boot on U-Boot based armv7 and arm64 machines.
-
- Fix '-v' option to procmap(1) when using -a to help show holes in the process map.
-
- Enabled mvtemp(4) on arm64 GENERIC kernels.
-
- Added mvtemp(4) a driver for temperature sensors found on Marvell Armada SoCs.
-
- Fix mbuf reuse when sending ARP responses to prevent stale mbuf state affecting the ARP reply packet.
-
- Fix 64bit integer overflows in expr(1).
-
- Fix a hang in i386 vmware guests in /sbin/init.
-
- Recommit of the i386 Meltdown fix.
-
- Fix '-i' on dhclient(8) to discard previously defined values.
-
-
- Enable imxiic(4) and imxanatop(4) on arm64 GENERIC and RAMDISK kernels.
-
- Enable imxgpc(4), imxgpio(4) and imxesdhc(4) on GENERIC and RAMDISK kernels for the arm64 platform.
-
- Also move imxgpc(4), imxgpio(4) and imxesdhc(4) drivers so they can be shared between arm64 and armv7.
-
- Fix potential overflow in cut(1) for 64bit systems.
-
-
- Updated bdftopcf to version 1.1.
-
- Moved driver for imxuart(4) so it can be shared by arm64 and armv7.
-
- Updated xterm(1) to version 331.
-
- Updated unbound(8) to 1.7.0.
-
- Enable mvclock(4), mvicu(4), mvpinctrl(4), mvgpio(4) and mvrtc(4) on GENERIC and RAMDISK kernels for arm64 platforms.
-
- Added support for mvrtc(4), a real time clock integrated on various Marvell Armada SoCs.
-
- Fixed some setlocale(3) bugs.
-
- Add support in the flattened device tree code for legacy binding of Marvell devices for "usb-nop-xceiv" PHYs.
-
- Fix memory leak in sparc64 ofwboot when booting softraid(4) crypto devices.
-
- Prevent tmux(1) from crashing in certain cases with empty windows.
-
-
- Fixed network locking in pppx(4).
-
- Fix in libcrypto for CVS-2018-0739 regarding ASN.1 recursive definition depth.
-
- Remove RDTSCP from CPUID flags reported to vmm(4) guests.
-
- Fix remaining external file system locking so VOP_LOCKs are done in accordance with how WITNESS wants it.
-
- Fix memory leak in pf(4) when adding same table twice.
-
- Check for possible NFS race after sleeping to prevent future lock ordering problem.
-
- Mark ext2fs inode recursive lock as RWL_IS_VNODE to help when WITNESS is enabled.
-
- Configure dwxe(4) TX and RX chain delay based on device tree properties.
-
-
- In the X.org DRM code, defer disabling the vblank IRQ until next interrupt.
-
- Updated time zone data to tzdata2018d.
-
- Added acpicmos(4), a driver that implements SystemCMOS access support.
-
- SSLeay history from 0.4 to 0.8.1b added to SSL manpages.
-
- Make sure nc(1) clears password buffers in non-terminating cases.
-
- Fix wrong execution and out of boundary writes in apply(1).
-
- Make sure programs violating a pledge(2) promise cannot block the final SIGABRT.
-
- Try harder to execute code protected by mutexes after entering ddb(4).
-
- Exclude SIGKILL from ptrace(2) interception to prevent deadlock when parent waits for the traced process.
-
+
- ...