===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.848
retrieving revision 1.849
diff -u -r1.848 -r1.849
--- www/plus.html 2002/10/18 21:19:55 1.848
+++ www/plus.html 2002/11/13 21:26:19 1.849
@@ -50,10 +50,73 @@
We are working on OpenBSD-current.
-The following list sums up (almost) all the changes made up to October 17.
+The following list sums up (almost) all the changes made up to November 2.
+- Do a better job when comparing dynamic addresses in pf(4).
+
- In pf(4) AF macros, operate on the whole address (all 128 bits) unless AF_INET is set.
+
+
+
- Fix perl(1)'s MakeMaker so manpages get installed the way we like.
+
- Plug a memory leak in IPv6 (ip6_output.c)
+
+
- Make sure processes aren't added to the process list until they're completely initialised.
+
- Implement some 4.3BSD emulation functions in terms of setresuid() etc.
+
- Use the new setresuid() etc. calls for FreeBSD, HP-UX and Linux emulation of the same calls.
+
- Implement [gs]etres[gu]id(2) system calls. Minor version bump for libc and libc_r.
+
- Many fixes to signal and fd handing under threads.
+
- Fix pf(4) interface expansion.
+
+
- Better GRE output from tcpdump(8).
+
- New -U option to chroot(8) that sets the uid, gid and group vector from the password database.
+
- To a chorus of approval, add the 'set require-order [yes|no]' option to pf.conf(5).
+
+
- Remove a bogus test in dd(1) that stopped a perfectly legal seek on a character device.
+
- Merge OpenSSL 2.2.18, fixing a cross-site scripting bug and two off-by-ones.
+
- Add a missing break statement in systrace(1)'s arguments parsing code.
+
+
- Add getdents64() support under Linux emulation.
+
- Merge in Perl 5.8.0.
+
- Have pool elements' sizes rounded up to the alignment passed to pool_init(9) instead of relying on the architecture's ALIGNBYTES value.
+
- wi(4) can now do pointless-but-common WEP encryption in software for Prism and Symbol cards. Useful if your card doesn't do weak IV avoidance (or if you trust your BSD more than your hardware manufacturer,) and also serves as a framework for better wireless crypto protocols.
+
- The installer unpacks siteXX.{tgz,tar.gz} files last so that site-specific tarballs always overwrite standard files.
+
- Remove the error-prone and robustness-principle-defying 'flags X' (as opposed to 'flags X/Y') syntax from pf(4)
+
- Be a little less 32-bit-centric in libcrypto.
+
+
- Have route6d(8) and rtsold(8) use poll(2) instead of select(2) as well.
+
- Change atoi(3) to strtoul(3) in route6d(8).
+
+
- Change a number of header files so NULL is now defined as 0L instead of 0, and so is the same size as a pointer.
+
- Add to chroot(8) the ability to set the uid, gid and group vector after doing the chroot(2) call.
+
- Some additional paranoia added to authpf(8).
+
- Have pf(4) test rule labels as well when comparing rules.
+
- Fix a few instances where %ul was used instead of %lu.
+
+
- Use poll(2) instead of select(2) in ping6(8)
+
- More picky argument parsing in traceroute6(8) and ping6(8).
+
+
- A couple of tmpnam(3)s become mkstemp(3) in httpd(8).
+
- Lots of int -> u_long in traceroute6(8).
+
+
- Correct an off-by-one in wi(4).
+
- Fix a printf format string typo in pfctl(8).
+
- Make pfctl(8) apply the netmask to addresses right away, so bogus netmasks show up as munges network numbers in -v output.
+
+
- Correct a couple of typos in pf(4)'s ioctl() code.
+
- Fix a null deref in libc_r.
+
- Make sure the user process tally is right when kernel stack space can't be allocated for the new proc.
+
- Correctly count the total number of processes in the system.
+
- Fix a remotely exploitable buffer overflow in kadmind(8).
+ [Applied to stable]
+
+ - Add partial support for the 21145 chip to dc(4).
+
+
- Have xconsole(1) get a pseudoterminal using openpty(3) instead of going all #ifdef.
+
- More NULL -> (void *)NULL, this time in XFree, to make sure varargs sentinel is pointer-width.
+
+
- pax(1) now honours @LongLink, and has a new option to stop the next volume prompt.
+
- Improved media support and a boundary check fix for wi(4).
- Have route(8) correctly interpret -prefixlen 32 (or 128 for IPv6) network as a host route.
- Enable uvm_tree_sanity() check #ifdef DEBUG.
@@ -68,11 +131,11 @@
- For positively POSIX reasons, implement isfdtype(3).
- Bring pax(1)'s date handling code back into sync with that in date(1). Four digit years parse now.
- Start to break out machine-dependent parts of MAKEDEV(8) into separate files.
-
- Send ksh.kshrc label() and ilable() output to /dev/tty insted of stdout, so command output streams doesn't get messed up.
+
- Send ksh.kshrc label() and ilabel() output to /dev/tty insted of stdout, so command output streams doesn't get messed up.
- systrace(1) supports system call-granularity privilege elevation!
- Correct a typo in systrace(1) that was causing group predicates to be evaluated incorrectly.
- Range-check values given to atactl(8).
-
- Better mask comparision for pf(4) binat.
+
- Better mask comparison for pf(4) binat.
- Remove the setuid bit from login(1). If run with a non-root euid, it invokes su(1) with the new -L flag.
- Add '-L' flag to su(1) to make it work like login(1).
@@ -169,7 +232,7 @@
www@openbsd.org
-
$OpenBSD: plus.html,v 1.848 2002/10/18 21:19:55 deraadt Exp $
+
$OpenBSD: plus.html,v 1.849 2002/11/13 21:26:19 deraadt Exp $