===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.1501
retrieving revision 1.1502
diff -u -r1.1501 -r1.1502
--- www/plus.html 2021/12/09 20:33:22 1.1501
+++ www/plus.html 2022/01/05 08:17:40 1.1502
@@ -94,6 +94,200 @@
+
+- Reworked garbage collector for unix(4) sockets to prevent potential kernel panics.
+
- Added address locators for the ACPI "bus" and used these to fix the order of the com(4) devices to match the traditional order on the ISA bus.
+
+
- Made "set skip on ..." in pf.conf(5) dynamic.
+
+
- Allowed bare numbers for key and mouse bindings in cwm(1).
+
- Made uniq(1) skip() each input line only once, improving performance.
+
+
- Introduced apliic(4), a driver for the I2C controller found on various Apple SoCs.
+
- Protected ipsec(4) input and output with the kernel lock to allow forwarding of non-ipsec traffic in parallel.
+
+
- Disabled minimum power consumption in bwfm(4) hostap mode, improving connection reliability when used as an access point.
+
- Updated to nsd(8) 4.3.9.
+
+
+
- Made dhcpd(8) start listening on DOWN interfaces.
+
- Made iwm(4) attach to PCI devices with product ID 0x31dc, part of the 9560 chip family.
+
- Introduced mtw(4), a driver for MediaTek MT7601U wifi devices.
+
+
- Added unbound and host-bound options for ssh(1) PubkeyAuthentication for hardware devices unable to sign longer pubkey authentication challenges.
+
- Required host-bound userauth requests for forwarded SSH connections.
+
- Gave ssh-agent(1) the ability to parse restrict-destination-v00@openssh.com constraints and to apply them to keys.
+
- Made ssh-add(1) accept a list of "destination constraints" that allow restricting where keys may be used in conjunction with an ssh-agent/ssh that supports session ID/hostkey binding.
+
+
- Fixed radeondrm(4) console colors on sparc64.
+
- Introduced aplmbox(4), a driver for the mailbox that provides a communication channel with additional cores integrated on Apple SoCs.
+
+
- Updated to LLVM 13.0.0.
+
+
- Attached com(4) over acpi(4) on amd64.
+
+
- Added create permissions to unveil(2) on ldapd(8).
+
- Restricted usbhidctl(1) and usbhidaction(1) file system access with unveil(2).
+
+
- Implemented em(4) support for selecting SMGII or SerDes mode depending on the plugged-in SFP transceiver and for reading out transceiver information via ifconfig(8).
+
- Used "rng-seed" and "kaslr-seed" properties from the device tree to mix extra entropy into the pool for arm64.
+
+
- Added pclk clock used by dwdog(4) on RK3399 to rkclock(4).
+
- Increased tee(1) I/O buffer size for 8KB to 64KB.
+
- Added handling of multi-port controllers to uslcom(4).
+
- Added a pane-border-format pane option to tmux(1).
+
- Reduced unnecessary usage of sys/cdefs.h includes.
+
- Cleaned up unnecessary sys/param.h includes across the kernel and userland, replacing some macros with local copies.
+
+
- Added a "vnode" parameter to VOP_STRATEGY(9).
+
+
- Added acpipci(4) support for interrupts represented by ACPI PCI Interrupt Link Devices, making PCI interrupts work on QEMU's SBSA target.
+
+
+
- Fixed a potential DOS associated with BIO_indent(3) when a caller asks for a negative number of bytes of output.
+
- Fixed a bug where iked(8) sent zero-prefixed NAT-T messages on port 500, causing parsing errors.
+
- Introduced aplpmgr(4), a driver for the power management controller found on various Apple SoCs.
+
+
+
- Taught the net80211 stack to remove corresponding frames from ic_pwrsaveq when a power-saving client decides to leave our hostap interface, preventing a panic.
+
- Allowed fdisk(8) to extend the default OpenBSD partition to the end of the disk, rather than truncating at the end of the last full cylinder.
+
+
+
+
- Fixed spurious abort of a VM by vmd(8) when the scheduler moves a VM to a different core while it is sleeping on a lock.
+
- Fixed broken vmd(8) "boot device cdrom" feature after a fix in seabios.
+
+
- Switched iwx(4) to new -67 firmware images.
+
- Disabled probe requests during scans in iwx(4) again, preventing device timeouts for some devices.
+
- Implemented bgscan_done() handlers for iwx(4) and iwm(4).
+
- Introduced an optional driver-specific bgscan_done() handler which allows the driver to take control of the roaming teardown sequence, ensuring that race conditions between firmware state and net80211 state are avoided.
+
- Fixed an xserver 1.21.1 crash when attempting to run fvwm(1) on an x61/965gm with the modesetting driver on amd64.
+
+
- Prevented a potential race which could make umount(8) fail spuriously in the installer.
+
- Improved the testing of credentials against inserted FIDO keys, reducing spurious "Confirm user presence" notifications for key handles relating to FIDO keys which are not currently inserted.
+
+
- Ensured ^C may be used to kill ssh(1) sessions where SessionType=none.
+
- Fixed removal of SAs that could not be flushed with ipsecctl(8) -F.
+
- Fixed booting from an IDE block device on the Sun Blade 100.
+
+
+
- Prevented select(2) from blocking if registering found pending events.
+
- Enabled uhid(4)/fido(4) on riscv64.
+
- Unlocked accept(2) and accept4(2) syscalls.
+
- Added iked(8) -V to display the version.
+
+
- Prevented a crash in slaacd(8) due to updating an interface which no longer exists.
+
+
- Let iwx(4) and iwm(4) use per-Tx-queue interface timers to ensure timeout if a particular Tx queue gets stuck.
+
- Added ssh-keygen(1) -Y match-principals operation to perform matching of principals names against an allowed signers file.
+
+
- Dropped support for netscape certificates and server gated keys in openssl(1).
+
+
- Released LibreSSL 3.4.2.
+
- Prevented the possible creation of MBRs with overlapping partitions 0 and 3 in fdisk(8).
+
+
- Fixed a panic when running utvfu(4) on xhci(4).
+
- Fixed timestamp printing in Signed Certificate Timestamps.
+
+
- Switched to calculating pppoe(4) session duration using system uptime rather than UTC.
+
- Updated to openchrome(4) 0.6.409.
+
- Switched LLD_ARCHs to llvm-ar(1).
+
+
- Introduced pcyrtc(4), a driver for the NXP PCF85063A/TP RTC chips.
+
- Implemented RFC6840 (AD flag processing) if using trusted name servers.
+
- Aligned memory allocation for USB device drivers and USB HC drivers, enlarging the USB memory pool.
+
+
- Added ikectl(8) "show certinfo" to show trusted CAs and certificates.
+
- Introduced iicmux(4), a driver that switches between I2C busses connected to a single I2C controller by using the pin muxing facilities of an SoC.
+
+
+
- Made config(8) -c cmdfile use lines from the command file for all input, not just commands. This allows complex actions like changing device parameters.
+
- Allowed interface names as scope-id in IPv6 link-local addresses in unbound(8).
+
- Made futexes work in shared anonymous memory.
+
- Fixed monitor mode on iwm(4) and iwx(4).
+
+
+
- Made uniq(1) ignore trailing newlines when comparing lines.
+
- Fixed a crash when xrandr(1) is invoked with X server 21.1.1.
+
- Added display of DNS information from sppp(4) to ifconfig(8).
+
- Disabled active scanning on iwm(4) 9260 and 9560 to prevent a device lockup.
+
+
- Installed missing scope identifiers for IPv6 link-local addresses for unwind(8) and resolvd(8).
+
- Fixed hilkbd(4) Swedish keyboard layout on non-PS/2 style keyboards.
+
+
+
- Improved and simplified timer handling in rc.d(8) "stop" and "reload".
+
+
- Switched to using long filenames by default with mount_msdos(8) on FAT filesystems.
+
+
- Added support for controlling keyboard LEDs to aplhidev(4).
+
- Implemented the probe variable in bt(5).
+
- Updated awk(1) to the Nov 3, 2021 version.
+
- Added support for 40MHz channels to iwn(4).
+
+
- Reduced the time overhead of kqueue(2)-based poll(2) and select(2) systems calls by keeping knotes between the system calls.
+
- Made config(8) -e work with ramdisk kernels.
+
+
- Fixed crashes in httpd(8).
+
- Fixed iwn(4) with 4965 devices.
+
- Retired switch(4), switchd(8) and switchctl(8).
+
- Updated to Xserver(1) 21.1.1.
+
- Updated to libXi 1.8.
+
- Updated to libXfixes 6.0.0.
+
- Updated to xorgprotos 2021.5.
+
- Updated to fontconfig 2.13.94.
+
- Updated to Freetype 2.11.0.
+
+
- Added support for PPP IPCP extensions for DNS to sppp(4).
+
- Fixed broken key exchange negotiation with matching proposals in iked(8).
+
+
- Added the sntrup761x25519-sha512@openssh.com hybrid ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the default KEXAlgorithms list fo ssh_config(5) and sshd_config(5).
+
- Fixed ssh-keysign(8) for KEX algorithms that use SHA384/512 exchange hashes.
+
- Added gpiokeys(4) for arm64, a driver which handles events triggered by GPIO keys such as lid status and power button.
+
- Published rpki-client 7.5.
+
- Limited the number of publication points under a given TAL in rpki-client(8).
+
+
- Documented install.site(5), OpenBSD installation and upgrade customization.
+
+
- Fixed handling of interrupts shared between multiple swiic(4) devices.
+
+
- Allowed passing a different signal than SIGTERM in the default rc_stop() function in rc.subr(8).
+
+
- Made the kqread event filter MP-safe.
+
- Corrected httpd(8) version string checking, responding with 505 Version Not Supported rather than 400 Bad Request when the version format is incorrect.
+
+
+
- Limited the number of openrsync(1) processes being spawned by rpki-client(8) to 16.
+
- Fixed ASN1_TIME_diff(3) with NULL times.
+
- Added a cursor-style option to tmux(1).
+
- Fixed "(null node)" panics on run(4).
+
+
- Improved handling of FIDO keys on tokens which provide user verification on the device itself, including biometric keys.
+
- Corrected "!" escape handling in the installer when accepting WEP/WPA passphrase.
+
- Updated awk(1) to the October 12, 2021 version.
+
+
- Added uniq(1) support for arbitrarily long input lines.
+
- Prevented awk(1) access to uninitialized data.
+
- Improved SNI hostname validation.
+
- Stopped binding audio devices exposed by sndiod(8) to physical devices.
+
- Fixed "null node" panics in run(4).
+
- Added a cursor-colour option to tmux(1).
+
- Added aplhidev(4) support for the keyboard/touchpad on Apple M1 laptops.
+
+
- Enabled RFC 3779 (X.509 Extensions for IP Addresses and AS Identifiers) code in OpenSSl.
+
- Fixed octal escape parsing in tr(1) backslash().
+
- Disabled xterm(1) mouse tracking by default.
+
- Added aplspi(4), a driver for the SPI controller found on the Apple M1 SoC.
+
- Added igc(4), a driver for the Intel 2.5Gb Ethernet controllers.
+
- Made athn(4) attach to the Sony UWA-BR100.
+
+
- Changed sysctl(8) default to hw.perfpolicy=auto at startup, defaulting to 100% performance with AC power connected and using the auto algorithm when on battery.
+
- Fixed UNIX domain sockets leak in soclose().
+
+
- Updated to libepoxy 1.5.9.
+
- Limited rpki-client(8) HTTP requests to 2GB of data.
+
- Implemented openrsync(1) --max-size and --min-size.
+
- When downloading resident keys from a FIDO token, made ssh(1) pass back the user ID that was used when the key was created and append it to the filename the key was written to (if not the default).