=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v retrieving revision 1.1454 retrieving revision 1.1455 diff -u -r1.1454 -r1.1455 --- www/plus.html 2019/09/24 17:23:52 1.1454 +++ www/plus.html 2019/09/25 20:33:12 1.1455 @@ -105,7 +105,7 @@
  • Added octpip(4), a driver for the Octeon packet input processing unit.
  • Implemented hardware vlan tagging in iavf(4). -
  • Corrected multiple unveil(2) violations due to login.conf.db access and stat(2) on _PATH_MASTERPASSWD_LOCK. +
  • Corrected multiple unveil(2) violations due to login.conf.db access and stat(2) on _PATH_MASTERPASSWD_LOCK.
  • Allowed quoted SSIDs in the installer, rather than ignoring those containing whitespace. @@ -136,7 +136,7 @@
  • Fixed a crash at power down when Supermicro X8DTH-i/6/iF/6F fails to attach uhci(4) via PCI and AHCI.
  • Added support for the Allwinner H6 to sxipio(4) and sxiccmu(4).
  • Fixed a potential endless loop when em(4) is in an error state. -
  • Added the set_blksz() and set_nblks() audio(9) driver functions, allowing audio drivers to easily set the block size, matching both playback and recording constraints. +
  • Added the set_blksz() and set_nblks() audio(9) driver functions, allowing audio drivers to easily set the block size, matching both playback and recording constraints.
  • Introduced "junk" built-in filter actions to smtpd(8). @@ -191,7 +191,7 @@
  • Added Intel 100 series LP eMMC/SDXC and Intel WHL-U Host pci(4) ids. -
  • Added kern.utc_offset to sysctl(2). This is a successor to the DST/TIMEZONE options(4), which are incompatible with KARL. Also switches to using an offset in minutes east of UTC. +
  • Added kern.utc_offset to sysctl(2). This is a successor to the DST/TIMEZONE options(4), which are incompatible with KARL. Also switches to using an offset in minutes east of UTC.
  • Lowered sysupgrade(8) timeout to 30 minutes per set.
  • Fixed a race condition in the invalidation of remote TLB entries for mips64.
  • Removed support for semantically opaque interface identifiers (RFC 7217) for IPv6 link local addresses. @@ -321,7 +321,7 @@
  • Ensured that sndiod(8) will not lose track of which volume controls belong to different instances of the same program upon disconnection and reconnection.
  • Included SHA2-variant RSA key algorithms in KEX proposal, allowing ssh-keyscan(1) to harvest keys from servers that disable SHA1 ssh-rsa. -
  • Added access to timeout(9) status and statistics to sysctl(2), allowing throughput tracking of the timeout layer from userspace. +
  • Added access to timeout(9) status and statistics to sysctl(2), allowing throughput tracking of the timeout layer from userspace.
  • Restricted filesystem access for dhclient(8) using unveil(2).
  • Enforced a per connection limit of 128 SACK holes managed at the tcp(4) socket, further preventing an unlikely attack where the lists of SACK options grow due to an attacker attaching all sack holes to a limited number of TCP connections, consuming CPU. @@ -371,7 +371,7 @@
  • Enabled MSI-X interrupts. -
  • Allowed additional video(4) ioctls for the video pledge needed by chromium. +
  • Allowed additional video(4) ioctls for the video pledge needed by chromium.
  • Fixed sign handling in emulated floating point operations on sparc64.
  • Added support for OCSP stapling to relayd(8). @@ -393,7 +393,7 @@
  • Updated clang(1) build infrastructure for LLVM 8.0.0.
  • Updated LLVM to 8.0.0. -
  • Unlocked read(2) and write(2) syscalls. +
  • Unlocked read(2) and write(2) syscalls.
  • Switched KARL to using install(1) -F rather than cp for fsync(2) to reduce likelihood of an incomplete kernel transfer to disk.
  • Fixed conversions to long double on sparc64. @@ -414,11 +414,11 @@
  • Prevented a panic in pci_intr_establish(9) by assigning an address to the BAR used by the MSI-X tables if none has been assigned.
  • Rewrote bgpd(8) community matching and handling code and improved performance for setups using many communities. -
  • Removed the old userland realpath(3) and replaced it with __realpath(2), a kernel implementation. This will prevent calling readlink() on every component of a path and improve performance for unveil(2). +
  • Removed the old userland realpath(3) and replaced it with __realpath(), a kernel implementation. This will prevent calling readlink() on every component of a path and improve performance for unveil(2).
  • Added a -c option to logger(1) for passing LOG_CONS to syslog(3).
  • Replaced chroot(2) with unveil(2) for acme-client(1).
  • Rewrote doas(1) environment inheritance not to inherit, and instead reset to the target user's values. -
  • Restricted sysctl(2) filesystem access to read only _PATH_DEVDB and /dev through unveil(2). +
  • Restricted sysctl(2) filesystem access to read only _PATH_DEVDB and /dev through unveil(2).
  • Stopped tmux(1) from looping if a menu item contains invisible characters. @@ -457,14 +457,14 @@
  • Prevented corruption of the pckbc(4) command queue when the first of multiple synchronous commands to timeout clears the command queue.
  • Allowed mg(1) beginning-of-buffer and end-of-buffer commands the ability to take a numeric argument and remove n/10th of the way from the top or bottom of the current buffer respectively. -
  • Fixed MSI/MSI-X on arm64 machines with agintc(4). +
  • Fixed MSI/MSI-X on arm64 machines with agintc.
  • Implemented mcx(4) rx filtering using the flow table.
  • Switched bintime routines to bintimeadd(9) and introduced bintimecmp(9), with similar behavior to the timeradd(3) macros.
  • Used a simple hash table to look up blocks by the fast-hash in openrsync(1) and used a rolling computation, putting openrsync speed on par with gpl rsync for file updates.
  • Added mandoc(1) support for 'prefers-color-scheme: dark'. -
  • Called uvm_growkernel(9) before uvm is initialized on arm64 to ensure machines with large amounts of physical memory do not fail to initialize uvm. +
  • Called pmap_growkernel(9) before uvm is initialized on arm64 to ensure machines with large amounts of physical memory do not fail to initialize uvm.
  • Added support for the Cortex-A65 CPU.
  • Re-enabled RETGUARD leaf function optimization for arm64. @@ -559,7 +559,7 @@
  • Introduced a -k flag to sysupgrade(8) to preserve the files in /home/_sysupgrade after upgrading.
  • Added measurement of poll intervals with monotonic clock to acpisbs(4).
  • Added consistent use of 'ifconfig $_if [-inet| -inet6]' to clear existing configurations completely after restarting an install. -
  • Added a sysctl(8) accessor to struct pf_status to allow export of current status and statistics without super-user rights via sysctl. Used this to print systat pf. +
  • Added a sysctl(2) accessor to struct pf_status to allow export of current status and statistics without super-user rights via sysctl. Used this to print systat pf.
  • Changed the behavior of swap-window -d in tmux(1) to match swap-pane.
  • Preserved dhcp configuration when restarting an install. @@ -697,7 +697,7 @@
  • Prevented attaching drivers to devices for which a driver was attached early with simplebus on armv7 and arm64.
  • Adjusted myx(4) i2c reads to read only one byte at a time, increasing reliability.
  • Fixed sff page reads for myx(4) devices on little endian architectures. -
  • Rewrote rdsetroot(8) using libelf(3). +
  • Rewrote rdsetroot(8) using elf(3).
  • Imported xf86-video-amdgpu 19.0.1 for amd64 and i386.
  • Implemented tx mitigation by calling the hardware transmit routine per several packets rather than for individual packets. Defers calls to the transmit routine to a network taskq, or until a backlog of packets has built up. @@ -713,5 +713,5 @@
  • Increased information displayed for -v and -vv options for tcpdump(8) during md5 authentication.
  • Added missing compatibles for newer Linux kernel bindings to mvpinctrl(4). -
  • Fixed a leak in SSL_dup_CA_list() in ssl(3). +
  • Fixed a leak in SSL_dup_CA_list() in ssl(3).