===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.728
retrieving revision 1.729
diff -u -r1.728 -r1.729
--- www/plus.html 2001/03/01 22:38:30 1.728
+++ www/plus.html 2001/03/02 02:28:20 1.729
@@ -53,30 +53,30 @@
SECURITY FIX: on i386, check arguments to USER_LDT (not enabled by default) mappings.
[Applied to stable]
SECURITY FIX: update to sudo-1.6.3p6 which fixes a buffer overflow on very long argv components.
- A patch is available.
+ A patch is available.
[Applied to stable]
OpenSSH 2.5.1 released.
[Applied to stable]
OpenSSH 2.5.0 released.
[Applied to stable]
IMPLEMENTATION FIX: fix port number computation in libwrap client side ident implementation.
- A patch is available.
+ A patch is available.
[Applied to stable]
disable bogus file check in cvs(1).
[Applied to stable]
IMPLEMENTATION FIX: fix memory allocation in the PCI LANCE ethernet driver, le(4).
- A patch is available.
+ A patch is available.
[Applied to stable]
Fix some incorrect return values for mmap(2) functions.
[Applied to stable]
SECURITY FIX: fix some buffer overflows in named(8).
- A patch is available.
+ A patch is available.
[Applied to stable]
SECURITY FIX: The rnd(4) device does not use all of its input when data is written to it.
- A patch is available.
+ A patch is available.
[Applied to stable]
IMPLEMENTATION FIX: Compute crypto(9) session IDs correctly for kernel.
- A patch is available.
+ A patch is availableg>.
[Applied to stable]
Permit stripped VAX kernels to load despite unexpected values from libsa.
Simplify locking and a few more fixes to twe(4).
@@ -139,236 +139,235 @@
Add support for ActivCard, CRYPTOCard, and SNK-004 authentication for the BSD authentication framework.
In ksh(1), remain in non-blocking mode if the shell is not interactive.
SECURITY FIX: xlock now authenticates via a pipe.
- A patch is available.
+ A patch is available.
[Applied to stable]
IMPLEMENTATION FIX: PS/2 mouse driver, pms, lockup fix.
- A patch is available.
+ A patch is available.
[Applied to stable]
Implement a workaround in atapiscsi(4) for buggy Toshiba drivers.
-SECURITY FIX: Fix holes in procfs.
- A patch is available.
+SECURITY FIX: Fix holes in procfs(8).
+ A patch is available.
[Applied to stable]
Put strlcat(3) and strlcpy(3) into libkern for kernel use.
Fix setting of nwid for wi(4).
[Applied to stable]
Change /etc/security to spit out unified diffs.
-Add driver for Compaq SMART Array RAID controllers, cac(4).
-Extend the i386 allowaperature sysctl to allow access to the whole 1st MB of memory.
+Add driver for Compaq SMART Array RAID controllers, cac(4).
+Extend the i386 allowaperature sysctl(3) to allow access to the whole 1st MB of memory.
Add some more sanity checking to the PCMCIA code to fix some obscure panics.
Import Apache 1.3.14 + mod_ssl 2.7.1.
Support multiple pfkeyv2 keying daemons.
-Compute diffie-hellman in parallel between server and client in OpenSSH.
+Compute diffie-hellman in parallel between server and client in OpenSSH.
Support Amigas with more than 64MB of RAM.
Ensure /etc/sudoers is created with a proper secure mode.
-Import OpenSSL 0.9.6.
-More photurisd(8) improvements.
+Import OpenSSL 0.9.6.
+More photurisd(8) improvements.
Update kernel pfkeyv2 code for better conformance to the RFC.
Enable loading of ELF kernels for alpha.
-Add extraction support for shell archives to the bsd.port.mk infrastructure.
+Add extraction support for shell archives to the bsd.port.mk infrastructure.
In ipsec(9), look for TDB if gateway is unspecified.
[Applied to stable]
-Fixes to patch(1) -f and -b.
-Convert some more drivers to the new timeout(9) interface.
-Add bytecounter statistics reporting to netstat(8).
+Fixes to patch(1) -f and -b.
+Convert some more drivers to the new timeout(9) interface.
+Add bytecounter statistics reporting to netstat(1).
Instrument more random TCP sequence numbers.
-In sshd(8), permit logins with read-only root filesystems if the tty already has sane modes set.
-Source port < 1024 is no longer required for rhosts-rsa in sshd(8).
-Remove dead code in hifn(4) driver.
-Proper getopt(3) usage in compress(1).
-Fix a time specification in last(1).
+In sshd(8), permit logins with read-only root filesystems if the tty already has sane modes set.
+Source port < 1024 is no longer required for rhosts-rsa in sshd(8).
+Remove dead code in hifn(4) driver.
+Proper getopt(3) usage in compress(1).
+Fix a time specification in last(1).
Do not disable PMTU for established TCP connections unless there is data to send.
-Add support for the 802.1D spanning tree protocol to bridge(4).
+Add support for the 802.1D spanning tree protocol to bridge(4).
New BSD authentication login scripts.
-Listen to pfkeyv2 acquire messages in photurisd(8), and setup SAs accordingly.
-isakmpd(8) update.
-APM bug fix that helps a few laptops.
-Remove unnecessary code from photurisd(8) in preparation of new SPD framework.
-Repair a memory leak in ICMPv6 code.
-Turn off PMTU when ICMP needfrag messages get blocked.
+Listen to pfkeyv2 acquire messages in photurisd(8), and setup SAs accordingly.
+isakmpd(8) update.
+apm(4) bug fix that helps a few laptops.
+Remove unnecessary code from photurisd(8) in preparation of new SPD framework.
+Repair a memory leak in ICMPv6 code.
+Turn off PMTU when ICMP needfrag messages get blocked.
Finnish updates for inter.phone.
-Display number of successful IPv6 PMTU changes in netstat(8) -s output.
-Do not re-print ETA on completion in scp(1) when copying 0-sized files.
-Validate ICMPv6 "too big" messages based on PCB.
-Do not use already-freed memory in route(8).
-Avoid repeated host controller halted messages in uhci(4).
+Display number of successful IPv6 PMTU changes in netstat(1) -s output.
+Do not re-print ETA on completion in scp(1) when copying 0-sized files.
+Validate ICMPv6 "too big" messages based on PCB.
+Do not use already-freed memory in route(8).
+Avoid repeated host controller halted messages in uhci(4).
Remove unused libgmp.
-Import KerberosIV v1.0.4.
-Always request a new challenge for skey/tis-auth in ssh(1).
-Support newer cy(4) communication cards.
-Provide new international keymaps for pcvt(4).
+Import KerberosIV v1.0.4.
+Always request a new challenge for skey/tis-auth in ssh(1).
+Support newer cy(4) communication cards.
+Provide new international keymaps for pcvt(4).
Ignore filesystems marked "xx" in the install scripts.
-Document that pipe(2) is bidirectional, although this behavior is unportable.
-Move the default cvs(1) connection protocol from rsh(1) to ssh(1).
-Remove a bogus memory free in getnetgrent(3).
-Fix a buffer overflow in bad144(8).
+Document that pipe(2) is bidirectional, although this behavior is unportable.
+Move the default cvs(1) connection protocol from rsh(1) to ssh(1).
+Remove a bogus memory free in getnetgrent(3).
+Fix a buffer overflow in bad144(8).
Revert back to the old rijndael implementation and solve byte ordering bugs there instead.
-Drop unneeded support for RTF_TUNNEL in route(8).
-Maintain count of routing table timer entries in route(8).
-In makewhatis(8), strip weird characters first, then sequences of spaces.
-Big improvements to adw(4).
-Teach tcpdump(8) about VRRP, SMB, and timed.
-Force calendar(1) to only accept real calendar files as input.
-Fix various perror() overflows in pcvt(4).
-Repair a tftp(1) argv parsing overflow.
-Conditionalize some BPF code in wx(4).
-Finally remove remaining references to extra RSA libs, since the patent has expired.
+Drop unneeded support for RTF_TUNNEL in route(8).
+Maintain count of routing table timer entries in route(8).
+In makewhatis(8), strip weird characters first, then sequences of spaces.
+Big improvements to adw(4).
+Teach tcpdump(8) about VRRP, SMB, and timed.
+Force calendar(1) to only accept real calendar files as input.
+Fix various perror(3) overflows in pcvt(4).
+Repair a tftp(1) argv parsing overflow.
+Conditionalize some BPF code in wx(4).
+Finally remove remaining references to extra RSA libs, since the patent has expired.
New rijndael implementation which solves endian issues.
-Support Intel 82801BA pciide(4) controllers.
-Exercise more paranoia with passed KRB environment settings in telnetd(8).
-Convert some more drivers to the new timeout(9) interface.
-Many improvements and modernizations to isp(4).
-Update wx(4) with LIVENGOOD support.
-Recognize and support the IODATA USB-ET/T Ethernet adapter in kue(4).
-Implement asynchronous connections for ssh(1) -R and -L.
-Simplify atrun(8) tasks by using asprintf(3).
+Support Intel 82801BA pciide(4) controllers.
+Exercise more paranoia with passed KRB environment settings in telnetd(8).
+Convert some more drivers to the new timeout(9) interface.
+Many improvements and modernizations to isp(4).
+Update wx(4) with LIVENGOOD support.
+Recognize and support the IODATA USB-ET/T Ethernet adapter in kue(4).
+Implement asynchronous connections for ssh(1) -R and -L.
+Simplify atrun(8) tasks by using asprintf(3).
Kill unused libtermlib.
-Import new pool(9) code.
-Fix RIPv0 packet printing and NFS port number parsing in tcpdump(8).
-Make pcap-generated BPF filters work on the tun(4) interface.
-Import David Maziere's ssh-keyscan(1).
-SECURITY FIX: Fix buffer overflow in ftpd.
- A patch is available.
+Import new pool(9) code.
+Fix RIPv0 packet printing and NFS port number parsing in tcpdump(8).
+Make pcap-generated BPF filters work on the tun(4) interface.
+Import David Maziere's ssh-keyscan(1).
+SECURITY FIX: Fix buffer overflow in ftpd(8).
+ A patch is available.
[Applied to stable]
IMPLEMENTATION FIX: Fix fastroute related panic.
- A patch is available.
+ A patch is available.
[Applied to stable]
-Teach OpenSSH about more version strings to improve interoperability.
+Teach OpenSSH about more version strings to improve interoperability.
SECURITY FIX: Fix another security problem in the KerberosIV code.
- A patch is available.
+ A patch is available.
[Applied to stable]
SECURITY FIX: Fix two security problems in the KerberosIV code.
- A patch is available.
+ A patch is available.
[Applied to stable]
-Permit ftpd(8) umask setting via both the command line and through a login class in login.conf(5).
-Prevent VLAN devices from emitting packets if the parent interface is not up and running.
-Better error checking in ping6(8).
-Some stability fixes to isakmpd(8).
-In ssh(1), disable agent/X11 port forwarding if the hostkey has changed.
-Fix a coredump in ssh-agent(1).
-Reset 16-bit PCMCIA during chip initialization in pccbb(4).
-Correct PCI interrupt setup for TI PCI113X CardBus bridges.
-Properly powerdown PC cards in pccbb(4) at shutdown time.
-Add -D option to sshd(8) to cause startup without a daemon.
-Show both the IP address and hostname when a new key is encountered in ssh(1).
-Fix a bug in MSChapv2 challenge hashing in ppp(8).
-More make(1) tweaks.
+Permit ftpd(8) umask setting via both the command line and through a login class in login.conf(5).
+Prevent vlan(4) devices from emitting packets if the parent interface is not up and running.
+Better error checking in ping6(8).
+Some stability fixes to isakmpd(8).
+In ssh(1), disable agent/X11 port forwarding if the hostkey has changed.
+Fix a coredump in ssh-agent(1).
+Reset 16-bit PCMCIA during chip initialization in pccbb(4).
+Correct PCI interrupt setup for TI PCI113X CardBus bridges.
+Properly powerdown PC cards in pccbb(4) at shutdown time.
+Add -D option to sshd(8) to cause startup without a daemon.
+Show both the IP address and hostname when a new key is encountered in ssh(1).
+Fix a bug in MSChapv2 challenge hashing in ppp(8).
+More make(1) tweaks.
Use -n to test for non-zero variables in /etc/netstart.
Be more careful with ARP packets.
Fix deletion of flows in pf_key_v2 handling of isakmpd(8)
[Applied to stable]
-Prevent setusercontext(3) in ftpd(8) from setting the umask as this conflicts with any command-line umask specification.
-Clock fixes for the alpha architecture.
-Print select collisions in vmstat(8) -s output.
-Implement login_check_expire(3) for libutil.
-Add -u username support to pwd_mkdb(8).
+Prevent setusercontext(3) in ftpd(8) from setting the umask as this conflicts with any command-line umask specification.
+clock(3) fixes for the alpha architecture.
+Print select collisions in vmstat(8) -s output.
+Implement login_check_expire(3) for libutil.
+Add -u username support to pwd_mkdb(8).
Properly implement errno handling for the threaded libc (libc_r) on powerpc.
-In adduser(8), get rid of a race condition and use /etc/ptmp as a lock file.
-Set reasonable defaults for RSA1, RSA, and DSA keys in ssh-keygen(1).
-Reorder check for illegal ciphers in ssh(1) protocol 1 connection code.
-Fix pciide(4) support on Alpha 164SX models.
+In adduser(8), get rid of a race condition and use /etc/ptmp as a lock file.
+Set reasonable defaults for RSA1, RSA, and DSA keys in ssh-keygen(1).
+Reorder check for illegal ciphers in ssh(1) protocol 1 connection code.
+Fix pciide(4) support on Alpha 164SX models.
Support 16 slices per device on VAX machines.
-Considerable cleanups to make(1).
-Improve key repeat logic in wskbd(4).
-Changes from KAME to make ifm_data available in getifaddrs(3).
+Considerable cleanups to make(1).
+Improve key repeat logic in wskbd(4).
+Changes from KAME to make ifm_data available in getifaddrs(3).
Fix absolute path handling in crunchgen(1).
Shorten /dev/ttyC* device names.
-Complain about invalid ciphers in ssh(1), falling back to reasonable defaults when necessary.
-Avoid tty races in wsdisplay(4) when switching virtual terminals.
-Update isakmpd(8).
-Repair lun support in umass(4).
+Complain about invalid ciphers in ssh(1), falling back to reasonable defaults when necessary.
+Avoid tty races in wsdisplay(4) when switching virtual terminals.
+Update isakmpd(8).
+Repair lun support in umass(4).
Zero pw_passwd before freeing its memory in the libc BSD authentication routines.
-Train makewhatis(8) to handle more special cases.
-Avoid double fclose(3) in getcap(3).
-Increase delay in RAM probe for hifn(4).
-Suffix list fix in make(1).
-Various bug fixes in ksh(1).
-When using the tail(1) -f flag on stdin, don't reopen a local file named stdin.
-Extend kqueue(2) to support kernel events on vnodes.
-Bring in BSD authentication support for sudo(8).
-Zap MULOG in inetd(8) to improve code readability.
-Avoid whacking errno in top(1) signal handlers.
-Do not include MFS partitions in quot(8) statistics output.
+Train makewhatis(8) to handle more special cases.
+Avoid double fclose(3) in getcap(3).
+Increase delay in RAM probe for hifn(4).
+Suffix list fix in make(1).
+Various bug fixes in ksh(1).
+When using the tail(1) -f flag on stdin, don't reopen a local file named stdin.
+Extend kqueue(2) to support kernel events on vnodes.
+Bring in BSD authentication support for sudo(8).
+Zap MULOG in inetd(8) to improve code readability.
+Avoid whacking errno in top(1) signal handlers.
+Do not include MFS partitions in quot(8) statistics output.
Add support for the Acenic Copper and Netgear GA620T Gigabit Ethernet cards.
-Prevent a type overflow in recno(3).
+Prevent a type overflow in recno(3).
IMPLEMENTATION FIX: Imac DV reports the VGA device improperly.
- A patch is available.
+ A patch is available.
[Applied to stable]
Import BSD authentication mechanisms from BSDI BSD/OS.
-Implement pw_dup(3), a function which copies struct passwd.
-Replace getpass(3) with a more flexible readpassphrase(3) interface.
-Add strnvis(3), a length-bounded version of the strvis(3) libc function.
+Implement pw_dup(3), a function which copies struct passwd.
+Replace getpass(3) with a more flexible readpassphrase(3) interface.
+Add strnvis(3), a length-bounded version of the strvis(3) libc function.
Better prompting logic in libskey.
Resurrect binutils on alpha.
-Recognize newer Intel audio devices in auich(4).
-Stop amphy(4) from attaching to network devices it doesn't belong to.
-Enable support for pciide(4) found in newer Intel chipsets.
+Recognize newer Intel audio devices in auich(4).
+Stop amphy(4) from attaching to network devices it doesn't belong to.
+Enable support for pciide(4) found in newer Intel chipsets.
Correct URL handling in the install scripts.
-Limit the number of SCSI luns in umass(4).
+Limit the number of SCSI luns in umass(4).
Page size fixes to the alpha port.
Import ssh-ask-pass support for X11.
-Fix a signal race in ypserv(8) SIGHUP handling.
-Enable uaudio(4) by default in GENERIC/i386.
-Reserve all-1s addresses in the IPSec code for future policy discovery features.
+Fix a signal race in ypserv(8) SIGHUP handling.
+Enable uaudio(4) by default in GENERIC/i386.
+Reserve all-1s addresses in the IPSec code for future policy discovery features.
Resolve HMAC nomenclautre issues.
-Be sure to clear passwords out of memory after use in ppp(8).
+Be sure to clear passwords out of memory after use in ppp(8).
Support kernel event queues.
-Add support for USB scanners through the uscanner(4) driver.
-More fixes to qec(4).
+Add support for USB scanners through the uscanner(4) driver.
+More fixes to qec(4).
Recognize newer AMD CPUs.
-Repair incorrect buffer size logic in telnetd(8).
-Add a slew of devices to usbdevs.
-Do not use perror(3) in sshd(8) after forking a child.
+Repair incorrect buffer size logic in telnetd(8).
+Add a slew of devices to usbdevs(8).
+Do not use perror(3) in sshd(8) after forking a child.
RELIABILITY FIX: The qec+qe ethernet cards should not generate NMIs.
- A patch is available.
+ A patch is available.
[Applied to stable]
-Add ifmedia(4) support to qec(4), among other improvements.
-Extra sanity checking in skeyinit(1).
-Repair timeout computations in atapiscsi(4).
+Add ifmedia(4) support to qec(4), among other improvements.
+Extra sanity checking in skeyinit(1).
+Repair timeout computations in atapiscsi(4).
Add initial support for DEC Alpha 21264 systems.
Bring the alpha port a bit closer to a fully operational console.
Support Accton EN2242 MiniPCI Ethernet adapters.
Permit O_RDWR on FIFOs to handle legacy applications that depend on it.
-Add scrollback support to wscons(4) through the vga(4) driver.
-Color change in wscons(4) vt100 emulation to more closely imitate PCVT.
+Add scrollback support to wscons(4) through the vga(4) driver.
+Color change in wscons(4) vt100 emulation to more closely imitate PCVT.
Repair overriding of pseudo devices in config(8)
[Applied to stable]
-Accept -inet and -inet6 as options for the show command in route(8).
-Don't reorder keys in ssh-agent(1) upon key removal.
-Avoid parsing options in ssh(1) if there is an RSA key mismatch.
-Various cleanups to ftpd(8).
+Accept -inet and -inet6 as options for the show command in route(8).
+Don't reorder keys in ssh-agent(1) upon key removal.
+Avoid parsing options in ssh(1) if there is an RSA key mismatch.
+Various cleanups to ftpd(8).
In many programs, sync usage() output with their respective man page SYNOPSIS.
RELIABILITY FIX: The ThunderLAN driver, tl(4), should not claim all interrupts.
- A patch is available.
+ A patch is available.
[Applied to stable]
-In pciide(4), do not map unsafe registers from controllers that require 16-bit I/O space.
-Import new pckbc(4), pckbd(4), vga(4), pcdisplay(4), and ega(4) drivers for wscons(4).
-In ftpd(8), assert check_login upon receipt of EPSV/LPSV.
-Make the aha(4) driver compile without UVM.
+In pciide(4), do not map unsafe registers from controllers that require 16-bit I/O space.
+Import new pckbc(4), pckbd(4), vga(4), pcdisplay(4), and ega(4) drivers for wscons(4).
+In ftpd(8), assert check_login upon receipt of EPSV/LPSV.
+Make the aha(4) driver compile without UVM.
Enforce non-cacheable device space on real 80386 machines.
-Add RSA authentication support for SSH2 to OpenSSH.
+Add RSA authentication support for SSH2 to OpenSSH.
Allow serial mice to work with moused(8) and XFree86 simultaneously.
-Repair an off-by-one error in ssh-agent(1).
-Convert some old drivers to the new timeout(9) interface.
+Repair an off-by-one error in ssh-agent(1).
+Convert some old drivers to the new timeout(9) interface.
RELIABILITY FIX: repair AES (rijndael)
kernel support.
- A patch is available.
+ A patch is available.
[Applied to stable]
Import PCI support for Alpha EB164 machines.
Add bus_space_barrier macros for the powerpc.
Endian fixes to the USB code.
-Better command line parsing in encrypt(1).
+Better command line parsing in encrypt(1).
Numbering fixups in pfkeyv2 to match IANA assignments.
-Crank maximum mbuf size in ppp(8) in order to handle full-sized HDLC frames.
-Improve handling of IPv6 Node Information Query packets for better specification conformance.
-Fix a panic induced by assigning lo0 an IPv6 alias.
+Crank maximum mbuf size in ppp(8) in order to handle full-sized HDLC frames.
+Improve handling of IPv6 Node Information Query packets for better specification conformance.
+Fix a panic induced by assigning lo0 an IPv6 alias.
IMPLEMENTATION FIX: In sshd(8), fix skey support in SSH1 protocol.
- A patch is available.
+ A patch is available.
[Applied to stable]
-Deprecate pltime=0 in ifconfig(8).
-Modifications to the ktrace(2) interface to reduce redundancy.
-Do not advertise dynamic/cloned routes in route6d(8).
-Allow ping6(8) to send ICMP6 packets smaller than 8 bytes.
-
+Deprecate pltime=0 in ifconfig(8).
+Modifications to the ktrace(2) interface to reduce redundancy.
+Do not advertise dynamic/cloned routes in route6d(8).
+Allow ping6(8) to send ICMP6 packets smaller than 8 bytes.
Correct free-before-reference bugs in rshd(8) and rlogind(8).
Improve queue handling in gdt(4).
New Adaptec FSA RAID driver called aac(4).
@@ -385,7 +384,7 @@
Many man page improvements.
Permit handling more than 6 arguments in a hostname.if(5) file.
kcore handling in kvm(3) for alpha.
-Update usb code.
+Update usb code.
Update alpha architecture support. A snapshot will come out soon.
In pchb(4), for Intel random devices, do not busy wait for data.
Switch amiga to uvm(9).
@@ -395,9 +394,9 @@
In aue(4), fix multicast filter programming.
Repair an uninitialized variable bug in ipsec(4) output.
[Applied to stable]
-Add pcibios(4) interrupt setup support for AMD750 chipset.
-RELIABILITY FIX: In sparc zs(4), when using serial console, the interrupt routine was unable to distinguish it's own interrupts.
- A patch is available.
+Add pcibios(4) interrupt setup support for AMD750 chipset.
+RELIABILITY FIX: In sparc zs(4), when using serial console, the interrupt routine was unable to distinguish it's own interrupts.
+ A patch is available.
[Applied to stable]
Generate new hashkey every time a bridge(4) is brought up.
Change bridge(4) code to use lower spl.
@@ -437,9 +436,9 @@
-
-www@openbsd.org
-
$OpenBSD: plus.html,v 1.728 2001/03/01 22:38:30 horacio Exp $
+
+www@openbsd.org
+
$OpenBSD: plus.html,v 1.729 2001/03/02 02:28:20 horacio Exp $