===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.755
retrieving revision 1.756
diff -u -r1.755 -r1.756
--- www/plus.html 2001/04/18 01:08:46 1.755
+++ www/plus.html 2001/04/23 23:03:31 1.756
@@ -48,17 +48,21 @@
We are working on OpenBSD-current.
-- Fix ipf fragment caching bug.
+ - Avoid DoS attack in ftpd using glob patch.
+ A patch is available.
[Applied to stable]
+ - Fix ipf fragment caching bug.
+ A patch is available.
+ [Applied to stable]
- SECURITY FIX: Fix buffer overflows contained in glob(3) function.
- A patch is available.
+ A patch is available.
[Applied to stable]
- Check for short packets and bad types sent to timed(8).
[Applied to stable]
- OpenSSH 2.5.2 released.
[Applied to stable]
- SECURITY FIX: Be careful with file permissions in readline library
- A patch is available.
+ A patch is available.
[Applied to stable]
- Make buffer size 8k on NE1000, and 16k otherwise for
ne.
@@ -66,18 +70,18 @@
- Move bogus packet length test in udp packets to avoid being stuck at splsoftnet.
[Applied to stable]
- SECURITY FIX: for ipsec(4), handle AH packets with IP options more strictly.
- A patch is available.
+ A patch is available.
[Applied to stable]
- SECURITY FIX: on i386, check arguments to USER_LDT (not enabled by default) mappings.
- A patch is available.
+ A patch is available.
[Applied to stable]
- SECURITY FIX: update to sudo-1.6.3p6 which fixes a buffer overflow on very long argv components.
- A patch is available.
+ A patch is available.
[Applied to stable]
- OpenSSH 2.5.1 released.
[Applied to stable]
- IMPLEMENTATION FIX: fix port number computation in libwrap client side ident implementation.
- A patch is available.
+ A patch is available.
[Applied to stable]
- Disable bogus file check in cvs(1).
[Applied to stable]
@@ -201,7 +205,7 @@
- If a pccbb(4) bridge does not have the right voltages, assume it is dead. Permits single connector adapters to work.
- Fix some bugs in the bridge(4), especially regarding gif(4).
- IMPLEMENTATION FIX: fix memory allocation in the PCI LANCE ethernet driver, le(4).
- A patch is available.
+ A patch is available.
[Applied to stable]
- In config(8) -e and -u, do not write out a new kernel if nothing changed.
- Numerous fat utmp(5) changes to utilities.
@@ -238,7 +242,7 @@
- USB sync.
- SECURITY FIX: fix some buffer overflows in named(8).
- A patch is available.
+ A patch is available.
[Applied to stable]
- Support Cheetah vaxes.
- Improve MAKEDEV(8) manual pages on many architectures.
@@ -297,7 +301,7 @@
- ipf 3.4.15
- Fix a vi(1) crash.
- SECURITY FIX: The rnd(4) device does not use all of its input when data is written to it.
- A patch is available.
+ A patch is available.
[Applied to stable]
- Fix C sequence point issues in dd(1), monop(6), tail(1), and rbootd(8).
- Fix previous inetd(8) fix.
@@ -437,14 +441,14 @@
- Add support for ActivCard, CRYPTOCard, and SNK-004 authentication for the BSD authentication framework.
- In ksh(1), remain in non-blocking mode if the shell is not interactive.
- SECURITY FIX: xlock now authenticates via a pipe.
- A patch is available.
+ A patch is available.
[Applied to stable]
- IMPLEMENTATION FIX: PS/2 mouse driver, pms, lockup fix.
- A patch is available.
+ A patch is available.
[Applied to stable]
- Implement a workaround in atapiscsi(4) for buggy Toshiba drivers.
- SECURITY FIX: Fix holes in procfs(8).
- A patch is available.
+ A patch is available.
[Applied to stable]
- Put strlcat(3) and strlcpy(3) into libkern for kernel use.
- Fix setting of nwid for wi(4).
@@ -470,7 +474,7 @@
- Add bytecounter statistics reporting to netstat(1).
- Instrument more random TCP sequence numbers.
- IMPLEMENTATION FIX: Compute crypto(9) session IDs correctly for kernel.
- A patch is available.
+ A patch is available.
[Applied to stable]
- In sshd(8), permit logins with read-only root filesystems if the tty already has sane modes set.
- Source port < 1024 is no longer required for rhosts-rsa in sshd(8).
@@ -528,17 +532,17 @@
- Make pcap(3)-generated BPF filters work on the tun(4) interface.
- Import David Maziere's ssh-keyscan(1).
- SECURITY FIX: Fix buffer overflow in ftpd(8).
- A patch is available.
+ A patch is available.
[Applied to stable]
- IMPLEMENTATION FIX: Fix fastroute related panic.
- A patch is available.
+ A patch is available.
[Applied to stable]
- Teach OpenSSH about more version strings to improve interoperability.
- SECURITY FIX: Fix another security problem in the KerberosIV code.
- A patch is available.
+ A patch is available.
[Applied to stable]
- SECURITY FIX: Fix two security problems in the KerberosIV code.
- A patch is available.
+ A patch is available.
[Applied to stable]
- Permit ftpd(8) umask setting via both the command line and through a login class in login.conf(5).
- Prevent vlan(4) devices from emitting packets if the parent interface is not up and running.
@@ -593,7 +597,7 @@
- Add support for the Acenic Copper and Netgear GA620T Gigabit Ethernet cards.
- Prevent a type overflow in recno(3).
- IMPLEMENTATION FIX: Imac DV reports the VGA device improperly.
- A patch is available.
+ A patch is available.
[Applied to stable]
- Import BSD authentication mechanisms from BSDI BSD/OS.
- Implement pw_dup(3), a function which copies struct passwd.
@@ -621,7 +625,7 @@
- Add a slew of devices to usbdevs(8).
- Do not use perror(3) in sshd(8) after forking a child.
- RELIABILITY FIX: The qec+qe ethernet cards should not generate NMIs.
- A patch is available.
+ A patch is available.
[Applied to stable]
- Add ifmedia(4) support to qec(4), among other improvements.
- Extra sanity checking in skeyinit(1).
@@ -639,8 +643,8 @@
- Avoid parsing options in ssh(1) if there is an RSA key mismatch.
- Various cleanups to ftpd(8).
- In many programs, sync usage() output with their respective man page SYNOPSIS.
-
- RELIABILITY FIX: The ThunderLAN driver, tl(4), should not claim all interrupts.
- A patch is available.
+ - RELIABILITY FIX: The ThunderLAN driver, tl(4), should not claim all interrupts.
+ A patch is available.
[Applied to stable]
- In pciide(4), do not map unsafe registers from controllers that require 16-bit I/O space.
- Import new pckbc(4), pckbd(4), vga(4), pcdisplay(4), and ega(4) drivers for wscons(4).
@@ -651,9 +655,8 @@
- Allow serial mice to work with moused(8) and XFree86 simultaneously.
- Repair an off-by-one error in ssh-agent(1).
- Convert some old drivers to the new timeout(9) interface.
-
- RELIABILITY FIX: repair AES (rijndael)
-kernel support.
- A patch is available.
+ - RELIABILITY FIX: repair AES (rijndael) kernel support.
+ A patch is available.
[Applied to stable]
- Import PCI support for Alpha EB164 machines.
- Add bus_space_barrier macros for the powerpc.
@@ -663,8 +666,8 @@
- Crank maximum mbuf size in ppp(8) in order to handle full-sized HDLC frames.
- Improve handling of IPv6 Node Information Query packets for better specification conformance.
- Fix a panic induced by assigning lo0 an IPv6 alias.
-
- IMPLEMENTATION FIX: In sshd(8), fix skey support in SSH1 protocol.
- A patch is available.
+ - IMPLEMENTATION FIX: In sshd(8), fix skey support in SSH1 protocol.
+ A patch is available.
[Applied to stable]
- Deprecate pltime=0 in ifconfig(8).
- Modifications to the ktrace(2) interface to reduce redundancy.
@@ -699,7 +702,7 @@
[Applied to stable]
- Add pcibios(4) interrupt setup support for AMD750 chipset.
- RELIABILITY FIX: In sparc zs(4), when using serial console, the interrupt routine was unable to distinguish it's own interrupts.
- A patch is available.
+ A patch is available.
[Applied to stable]
- Generate new hashkey every time a bridge(4) is brought up.
- Change bridge(4) code to use lower spl.
@@ -741,7 +744,7 @@
www@openbsd.org
-
$OpenBSD: plus.html,v 1.755 2001/04/18 01:08:46 jason Exp $
+
$OpenBSD: plus.html,v 1.756 2001/04/23 23:03:31 jason Exp $