OpenBSD-current changes

=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v retrieving revision 1.727 retrieving revision 1.728 diff -u -r1.727 -r1.728 --- www/plus.html 2001/02/23 17:33:02 1.727 +++ www/plus.html 2001/03/01 22:38:30 1.728 @@ -2,7 +2,7 @@ OpenBSD-current changes - + @@ -10,9 +10,9 @@ - + -

Changes made between OpenBSD 2.8 and OpenBSD-current

@@ -20,7 +20,7 @@ This is a partial list of the major machine independent changes (i.e., these are the changes people ask about most often). Port specific changes have also been made, and are sometimes mentioned -in the pages for the specific platforms. +in the pages for the specific platforms.

Changes to the ports collection are documented @@ -48,7 +48,7 @@

We are working on OpenBSD-current.

SECURITY FIX: for ipsec, handle AH packets with IP options more strictly.
+
SECURITY FIX: for ipsec(4), handle AH packets with IP options more strictly.
[Applied to stable]
SECURITY FIX: on i386, check arguments to USER_LDT (not enabled by default) mappings.
[Applied to stable] @@ -62,14 +62,14 @@
IMPLEMENTATION FIX: fix port number computation in libwrap client side ident implementation.
A patch is available.
[Applied to stable] -
disable bogus file check in cvs.
+
disable bogus file check in cvs(1).
[Applied to stable] -
IMPLEMENTATION FIX: fix memory allocation in the PCI LANCE ethernet driver, le.
+
IMPLEMENTATION FIX: fix memory allocation in the PCI LANCE ethernet driver, le(4).
A patch is available.
[Applied to stable] -
Fix some incorrect return values for mmap functions.
+
Fix some incorrect return values for mmap(2) functions.
[Applied to stable] -
SECURITY FIX: fix some buffer overflows in named.
+
SECURITY FIX: fix some buffer overflows in named(8).
A patch is available.
[Applied to stable]
SECURITY FIX: The rnd(4) device does not use all of its input when data is written to it.
@@ -79,76 +79,76 @@ A patch is available.
[Applied to stable]
Permit stripped VAX kernels to load despite unexpected values from libsa. -
Simplify locking and a few more fixes to twe(4). +
Simplify locking and a few more fixes to twe(4).
Plug some memory leaks in OpenSSH. -
Fix -P in ftpd(8). +
Fix -P in ftpd(8).
Emulation fixes to the VAX code. -
Protect bits of dhclient(8) with a locking mechanism to prevent multiple instances from using the leases file simultaneously. -
Fix 3 cases in mv(1) relating to the moving of symlinks across filesystems. -
In ftpd(8), expand the tilde character in ftp-dir login.conf variable. -
Prohibit binding to an anycast, notready, or detached IPv6 address. -
Rename fsinfo to xfsinfo in X11 to avoid naming conflict. -
Set the correct pfkeyv2 direction for KAME SPD entries in isakmpd(8). -
Save and restore errno properly in flex(1) since it may be whacked by isatty(3). -
Fix sending/receiving passwords in routed(8). -
Add an i386-specific sysctl(3) that modifies halt -p processing in APM to deal with some quirky machines. +
Protect bits of dhclient(8) with a locking mechanism to prevent multiple instances from using the leases file simultaneously. +
Fix 3 cases in mv(1) relating to the moving of symlinks across filesystems. +
In ftpd(8), expand the tilde character in ftp-dir login.conf variable. +
Prohibit binding to an anycast, notready, or detached IPv6 address. +
Rename fsinfo(8) to xfsinfo in X11 to avoid naming conflict. +
Set the correct pfkeyv2 direction for KAME SPD entries in isakmpd(8). +
Save and restore errno properly in flex(1) since it may be whacked by isatty(3). +
Fix sending/receiving passwords in routed(8). +
Add an i386-specific sysctl(3) that modifies halt -p processing in APM to deal with some quirky machines.
More sun3 fixes, mostly to conform better to other m68k architecture code. -
Handle login banners better in SSH2 instances of ssh(1). +
Handle login banners better in SSH2 instances of ssh(1).
Various spelling and grammar fixes across the tree. -
Use new sysctl(3) interface for kernel memory bucket statistics and clock information. -
Correctly check for empty mailq(1) in /etc/daily. +
Use new sysctl(3) interface for kernel memory bucket statistics and clock information. +
Correctly check for empty mailq(1) in /etc/daily.
Y2K fix in the mvme68k NVRAM code. -
Extend sysctl(3) to support quad values. -
Improve SMB packet printing in tcpdump(8). +
Extend sysctl(3) to support quad values. +
Improve SMB packet printing in tcpdump(8).
Add common pidfile-writing code to DHCP so each program doesn't need to roll its own. -
To please cap_mkdb(8), make it an error to open a zero-length file for read-only access in hash(3). +
To please cap_mkdb(1), make it an error to open a zero-length file for read-only access in hash(3).
Some sun3 architecture fixes. -
Ignore environment variables in libssl if we're running setugid. -
In ssh(1), log the remote IP address on disconnect. -
Check for memory allocation failure in vmstat(8). -
Fix a buffer overflow in fsinfo(8). -
Handle another special case in APM. -
Fix a panic in the RAIDframe locking management code. -
Add setpid command to fdisk(8) for setting the partition ID. -
Change bridge(4) to use gif* instead of enc*. -
Set SO_REUSEPORT socket option in DHCP code, so multiple dhclients work. -
Allow printing of 8-bit ASCII characters in talk(1) through an option. -
Do not perform getnetbyname() in mountd(8) if the address is already in dot-notation. -
In ftpd(8), log the actual number of bytes transferred instead of the original file size. +
Ignore environment variables in libssl if we're running setugid. +
In ssh(1), log the remote IP address on disconnect. +
Check for memory allocation failure in vmstat(8). +
Fix a buffer overflow in fsinfo(8). +
Handle another special case in apm(4). +
Fix a panic in the RAIDframe locking management code. +
Add setpid command to fdisk(8) for setting the partition ID. +
Change bridge(4) to use gif* instead of enc*. +
Set SO_REUSEPORT socket option in DHCP code, so multiple dhclients work. +
Allow printing of 8-bit ASCII characters in talk(1) through an option. +
Do not perform getnetbyname() in mountd(8) if the address is already in dot-notation. +
In ftpd(8), log the actual number of bytes transferred instead of the original file size.
Fix ^C in termtype prompt. -
Prevent fsck_ffs(8) from marking a filesystem clean if fsck(8) needs to be rerun. -
Resolve scheduling conflict in newsyslog(8). -
In dhclient(8), set a reasonable default lease time if the server does not provide one. -
Suppress uninteresting PCI bus error messages in ahc(4). -
Add m88k support to gprof(1). -
Add HostKeyAlias option to ssh(1). -
Behave nicely with fixed-rate codecs in auvia(4). -
Fix a minor off-by-one error in gprof(1). +
Prevent fsck_ffs(8) from marking a filesystem clean if fsck(8) needs to be rerun. +
Resolve scheduling conflict in newsyslog(8). +
In dhclient(8), set a reasonable default lease time if the server does not provide one. +
Suppress uninteresting PCI bus error messages in ahc(4). +
Add m88k support to gprof(1). +
Add HostKeyAlias option to ssh(1). +
Behave nicely with fixed-rate codecs in auvia(4). +
Fix a minor off-by-one error in gprof(1).
In the ports infrastructure, take the old non-fake code out-of-line. -
Repair a disgusting rwhod(8) crash. -
Fix buffer overflow in csh(1) builtin printf(1) implementation. -
Convert atoi(3) to strtoul(3) in top(1). +
Repair a disgusting rwhod(8) crash. +
Fix buffer overflow in csh(1) builtin printf(1) implementation. +
Convert atoi(3) to strtoul(3) in top(1).
Emulate Linux truncate64, stat64, lstat64, and fstat64 syscalls. -
Revoke root privileges earlier in ping6(8) and traceroute6(8). +
Revoke root privileges earlier in ping6(8) and traceroute6(8).
Many man page fixes. -
Use arc4random(3) in jot(1). -
Handle quotas over 4GB in edquota(8) and repquota(8). +
Use arc4random(3) in jot(1). +
Handle quotas over 4GB in edquota(8) and repquota(8).
Fix IPv6 Path MTU Discovery. -
Give up euid more carefully in mrinfo(8) and mtrace(8). +
Give up euid more carefully in mrinfo(8) and mtrace(8).
Various OpenSSH fixes.
Add support for ActivCard, CRYPTOCard, and SNK-004 authentication for the BSD authentication framework. -
In ksh(1), remain in non-blocking mode if the shell is not interactive. -
SECURITY FIX: xlock now authenticates via a pipe.
+
In ksh(1), remain in non-blocking mode if the shell is not interactive. +
SECURITY FIX: xlock now authenticates via a pipe.
A patch is available.
[Applied to stable]
IMPLEMENTATION FIX: PS/2 mouse driver, pms, lockup fix.
A patch is available.
[Applied to stable] -
Implement a workaround in atapiscsi(4) for buggy Toshiba drivers. +
Implement a workaround in atapiscsi(4) for buggy Toshiba drivers.
SECURITY FIX: Fix holes in procfs.
A patch is available.
[Applied to stable] -
Put strlcat(3) and strlcpy(3) into libkern for kernel use. +
Put strlcat(3) and strlcpy(3) into libkern for kernel use.
Fix setting of nwid for wi(4).
[Applied to stable]
Change /etc/security to spit out unified diffs. @@ -439,7 +439,7 @@
www@openbsd.org -
$OpenBSD: plus.html,v 1.727 2001/02/23 17:33:02 jason Exp $ +
$OpenBSD: plus.html,v 1.728 2001/03/01 22:38:30 horacio Exp $