=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v retrieving revision 1.715 retrieving revision 1.716 diff -u -r1.715 -r1.716 --- www/plus.html 2001/01/23 04:18:24 1.715 +++ www/plus.html 2001/01/23 16:04:40 1.716 @@ -4,10 +4,10 @@ OpenBSD-current changes - - + + - + @@ -47,46 +47,211 @@
  • SECURITY FIX: The rnd(4) device does not use all of its input when data is written to it.
    A patch is available.
    [Applied to stable] -
  • IMPLEMENTATION FIX: PS/2 mouse driver, pms, lockup fix.
    - A patch is available.
    - [Applied to stable] -
  • Fix setting of nwid for wi(4).
    - [Applied to stable] +
  • Fix sprintf overflow in +fsinfo(8). +
  • fdisk(8) +can change only the partition ID if desired. +
  • Use gif* instead of enc* for IPsec bridges. +
  • Permit multiple +dhclient(8)s +to run simultaniously. +
  • Have rc initialize RAID parity. +
  • Let talk(1) +pass high characters without escaping; for use with other charsets (disabled by default). +
  • Prevent mountd(8) +from deadlocking due to DNS issues. +
  • ftpd(8) +logs actual bytes transfered as opposed to original file size. +
  • fsck_ffs(8) +no longer marks filesystem clean if fsck needs to be rerun. +
  • dhclient(8) +gracefuly handles missing LEASE_TIME. +
  • gprof(1) +now works under mvme88k. +
  • ssh(1) +option: HostKeyAlias. Other minor ssh(d) fixes. +
  • Make the +auvia(4) +driver behave nicely with fixed rate codecs. +
  • Revoke root priveleges as early as possible in +ping6(8). +
  • Make edquota(8) +and repquota(8) +handle quotas over 4 gigabytes correctly. +
  • SSH cleanups. +
  • In ksh(1), +don't reset nonblock if it's not interactive. +
  • SECURITY FIX: xlock now authenticates via a pipe.
    A patch is available.
    [Applied to stable] + +
  • IMPLEMENTATION FIX: PS/2 mouse driver, pms, lockup fix.
    + A patch is available.
    + [Applied to stable] +
  • Only invoke DMA transfers when transfering over 100 bytes for some drives. +
  • SECURITY FIX: Fix holes in procfs.
    A patch is available.
    [Applied to stable] + +
  • Fix setting of nwid for wi(4).
    + [Applied to stable] +
  • Compaq SMART Array RAID controllers supported. +
  • New machdep.allowaperature sysctl value of "2" to provide access +to entire first megabyte of memory. +
  • Fixed some obscure PCMCIA related panics. +
  • Merged Apache 1.3.14 and mod_ssl 2.7.1. +
  • Add support for the Natsemi 83820. +
  • Fix /etc/sudoers permissions and initial creation handling. +
  • Merged openssl-engine-0.9.6. +
  • More photurisd(8) +cleanup. +
  • Allow sys/netinet/ip_spd.c to compile in non-INET6 kernels. +
  • Synchronized pfkeyv2 implementation with pfkey RFC. +
  • In ipsec(9), look for TDB if gateway is unspecified.
    [Applied to stable] +
  • New CRYPTO option for +options(4). +
  • Add bytecounter stats to +netstat(1). +
  • New timeouts in some SCSI and RAID drivers. +
  • Strengthen random TCP sequence numbers. +
  • IMPLEMENTATION FIX: Compute crypto(9) session IDs correctly for kernel.
    A patch is available.
    [Applied to stable] +
  • In ssh(8), +don't abort login when failing to set tty owner and mode if the tty already has +correct owner and permissions. +
  • sshd(8) +no longer requires a source port > 1024 for rhosts-rsa. +
  • New ICMP types and codes. +
  • Add support for the 802.1D spanning tree protocol for bridges. +
  • Add transport protocol/ports negotiation support to +isakmpd(8), +among other IPsec changes from the EOM-branch merge. +
  • Turn off path MTU when ICMP needfrag messages are blocked. +
  • Big batch of Alpha drivers added to Alpha's GENERIC kernel. +
  • Don't let +route(8) +touch region after free. +
  • Removed libgmp. +
  • Make +photurisd(8) +use bignum. +
  • SECURITY FIX: Fix another security problem in the KerberosIV code.
    A patch is available.
    [Applied to stable] -
  • SECURITY FIX: Fix two security problems in the KerberosIV code.
    - A patch is available.
    - [Applied to stable] +
  • In ssh(1) +when using skey/tis-auth always request new challenge. +
  • Support newer cy cards in the +cy(4) +driver. +
  • New Swiss and jp106 keyboard maps. +
  • CVS_RSH is set to "ssh" by default in +cvs(1). +
  • Fix endianess issues in +ssh(1); +
  • Overhaul the +adw(4) +driver. +
  • Add vrrp, smb, and timed printing to +tcpdump(8). +
  • calendar(4) +only accepts real files. +
  • Fix perror() calls in +pcvt(4) +that were buffer overflows. +
  • Avoid argv passing overflow in +tftp(1). +
  • Support I/O Data USB-ET/T USB ethernet in the +kue(4) +driver. +
  • Fix (partially) the reset sequence for 16-bit PCMCIA cards. +
  • Extend paranoia surrounding passed KRB environment variables in +telnet(1). +
  • Update the +isp(4) +driver adding maxluns support, among other things. +
  • PCI LIVENGOOD chipset support. +
  • Support the other 3com 990 series cards. +
  • libtermlib obsolete; removed. +
  • Fix RIPv0 (RFC 1058) and NFS port-number printing in +tcpdump(8). +
  • Make pcap generated BPF filters work on the tun interface. +
  • Add +ssh-keyscan(1) +to the arsenal. +
  • SECURITY FIX: Fix buffer overflow in ftpd.
    A patch is available.
    [Applied to stable] +
  • IMPLEMENTATION FIX: Fix fastroute related panic.
    A patch is available.
    [Applied to stable] + +
  • SECURITY FIX: Fix two security problems in the KerberosIV code.
    + A patch is available.
    + [Applied to stable] +
  • ftpd(8) +can get umask via a login class in login.conf. +
  • VLAN devices stop sending packets if the parent interface isn't running. +
  • Stability fixes in +isakmpd(8). +
  • ssh-agent(1) +disables agent, x11, and port forwarding if hostkey has changed. +
  • Prevent +ssh-agent(1) +from dumping core. +
  • isakmpd(8)'s +x509 handling ignores the ID length. +
  • Support hot insertion and removal of Texas Instruments PCI113X CardBus bridges. +
  • Fix deletion of flows in pf_key_v2 handling of isakmpd(8)
    [Applied to stable] +
  • Avoid race conditition in +adduser(8). +
  • Fix pciide on 164sx Alphas. +
  • Variable handling in +make(1) +improved, along with other fixes. +
  • MAKEDEV(8) +enforces ttyC[0-f]. +
  • ssh(1) +can gracefuly handle invalid ciphers. +
  • General isakmpd(8) +improvements, including PGPnet interoperability fixes. +
  • Bigger RAM probe delay in +hifn(4) +driver. +
  • Assorted +ksh(1) fixes. +
  • Support for kernel events on vnodes. + +
  • fix CAST-128 key size in isakmpd(8)
    + [Applied to stable] +
  • IMPLEMENTATION FIX: Imac DV reports the VGA device improperly.
    A patch is available.
    [Applied to stable] -
  • fix CAST-128 key size in isakmpd(8)
    - [Applied to stable] +
  • Avoid SIGHUP log issue in +ypserv(8). +
  • Support kernel event queues via +kqueue(2). +
  • Support for quite a few more USB devices, including scanners.
  • RELIABILITY FIX: The qec+qe ethernet cards should not generate NMIs.
    A patch is available.
    [Applied to stable]
  • Repair overriding of pseudo devices in config(8)
    [Applied to stable] +
  • Harden ftpd(8)'s +EPSV and EPRT handling. +
  • Fix off-by-one error in +ssh-agent(1).
  • RELIABILITY FIX: repair AES (rijndael) kernel support.
    A patch is available.
    @@ -94,6 +259,8 @@
  • IMPLEMENTATION FIX: In sshd(8), fix skey support in SSH1 protocol.
    A patch is available    .
    [Applied to stable] +
  • Fix ifconfig(8) +induced panic when given a specific IPv6 option combination.
  • RELIABILITY FIX: The ThunderLAN driver, tl(4), should not claim all interrupts.
    A patch is available    .
    [Applied to stable] @@ -167,7 +334,7 @@
    OpenBSD www@openbsd.org -
    $OpenBSD: plus.html,v 1.715 2001/01/23 04:18:24 jason Exp $ +
    $OpenBSD: plus.html,v 1.716 2001/01/23 16:04:40 deraadt Exp $