===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.863
retrieving revision 1.864
diff -u -r1.863 -r1.864
--- www/plus.html 2003/03/06 16:27:10 1.863
+++ www/plus.html 2003/03/12 00:02:06 1.864
@@ -51,19 +51,130 @@
We are working on OpenBSD-current.
-The following list sums up (almost) all the changes made up to February 19.
+The following list sums up (almost) all the changes made up to March 5.
-- SECURITY FIX: February 25, 2003: httpd(8) leaks file inode numbers via ETag header as well as child PIDs in multipart MIME boundary generation. This could lead, for example, to NFS exploitation because it uses inode numbers as part of the file handle.
- A source code patch is available.
+
+ - In the installer, delete the FTP password when no sets are found, so it doesn't get displayed in the URL.
+
- Add a boot image ISO for alpha.
+
- New images; the last X update before the release.
+
- Fix a number of memory leaks in ssh(1) and its related programs.
+
- Add a monolithic openssl(1) manpage, covering all the tool commands.
+
- Media handling fixes to hme(4).
+
- Set the right address family for IPv6 addresses in a pf(4) table.
+
- Update named(8) to BIND 9.2.2-release.
+
+
- Only have /etc/rc generate the rndc(8) key if named(8) is to be started.
+
- named(8) always does setuid(named) and chroots to /var/named, so remove the variables for those actions from /etc/rc.
+
- Turn off the stack protector when building lkm(4)s.
+
- Don't install mrinfo(8) and mtrace(8) setuid root.
+
- Recreate the rndc(8) key if /etc/rndc.key and /var/named/etc/rndc.key are not identical, or if either is absent.
+
- 3.3-beta -> 3.3
+
- Fix user and group keywords with IPv6 pf(4) rules.
+
- Create a baby ISO for i386, with just the CD boot image on it.
+
+
- Move the spamd(8) configuration channel from the spamd listener port the the next port up.
+
- Add to file(1) support for additional image formats and a first pass at reading jpeg size.
+
- strncpy->strlcpy in libc resolver code.
+
- Upgrade file(1) to 3.41, to fix a buffer overflow. Get improved 64-bit ELF support as well.
+
- In the libc stack smash handler, straight away block all signal handlers from running.
+
- More fixes and improvements to isp(4).
+
- Sendmail updated to 8.2.12.
+
- SECURITY FIX: A buffer overflow in the envelope comments processing in sendmail(8) may allow an attacker to gain root privileges.
+ A source code patch is available.
[Applied to stable]
+ - Fix some nits in m_pulldown(9).
+
- Return a meaningful partition size from rd(4).
+
+
- Fix pfctl(8) display of altq bandwidth figures.
+
- Fix a missing configuration message validity check in spamd(8).
+
- Remove spamd-setup.sh script.
+
- Add a configuration channel in spamd(8) so spamd-setup.pl can talk to it.
+
- New spamd-setup.pl script to set up spamd(8), with support for multiple blacklists configured via spamd.conf(5).
+
- Add perl module Net::Netmask for new spamd(8) setup perl script.
+
- Remove the redundant 'control' keyword from altq CBQ.
+
- Tag no-payload tcp ACK packets for priority queuing, see /usr/share/pf/ackpri for more information and an example.
+
- Guarantee that two pf(4) queues with the same name on different interfaces have the same internal queue id.
+
+
- Prevent gem(4) removing DMA mappings that are still in use, which causes faults on sparc64.
+
- Stop the installer mistakenly deleting a default route that an FTP install may need to use.
+
+
- Add a bootable CD iso image for sparc64.
+
- Fix a few bad printf format specifiers in pflogd(8).
+
- Disable GNU mmalloc on all architectures.
+
- Update all disktab(5) files to show support for 16 partitions, and fix a few other glitches.
+
- Finally, mrouted(8) and fellows have proper licensing and are now built by default.
+
- Make sure the error value is set properly on SA expiry for AH and ESP.
+
- Fix a Kerberos (IV and V) resolver overflow found by propolice.
+
- Make libc random(3) and related functions use u_int32_t internally instead of long.
+
- Update the isp(4) firmware images.
+
- Increase the ata IDENTIFY command timeout from one to three seconds.
+
- Use a bss copy of basename(argv[0]) for __progname, so even when there is real stack carnage a propolice stack-smash report has the right program name.
+
- Add a missing splsoftnet() in pf(4) tables code.
+
+
- Add WANT_LIBMILTER, WANT_SASL and WANT_LDAP mk.conf hooks for sendmail(8).
+
- Add -trace-ctors-dtors option to gcc(1)'s collect2. See gcc-local(1).
+
- Make rndc(8) die properly on errors.
+
- In libz, check snprintf(3) return value to detect truncation.
+ [Applied to stable]
+ - Stop syslog(3) always logging to the console when LOG_CONS is enabled.
+
- Have updatedb(8) use /var/tmp instead of /tmp, and include ext2fs volumes in the database.
+
- Handle invalid step sizes properly in cron(8).
+
- Add IPv6 packet classification support for pf(4) queues.
+
- Fix pf(4) tables' IPv6 support.
+
+
- Correctly set the priority queue when expanding pf(4) rules.
+
- Some cleanup in ti(4).
+
- Make libz use snprintf(3) instead of sprintf(), since we're at it.
+ [Applied to stable]
+ - Fix a bug in bind's isc_print_vsnprintf(), even though it's not used in OpenBSD.
+
- Have named(8) listen on IPv6 interfaces by default.
+
- More gcc(1) stack protector fixes.
+
+
- Add 'show' and 'monitor' commands to ipsecadm(8).
+
- Update xterm(1) to fix CAN-2003-0063 and CAN-2003-0071.
+
- Fix pf(4) binat rule matching.
+
- Clean up pfctl(8) binat rule parsing.
+
- More bounds check fixes, in Linux compat and gdt(4).
+
+
- Correct two off-by-ones in ami(4).
+
- Fix a bad bounds check in midi(4).
+
- Revert to the old pf(4) macro redefinition code, to stop a bad next pointer causing an endless loop.
+
- Fix a crasher in the pfkeyv2 debugging code.
+
- Add LZS compression support to hifn(4). Only usable by IPComp for now.
+
+
- Set the portal filesystem file change time properly.
+
- Remove tcfs due to licensing problems.
+
- Fix a bogus vmstat(8) warning message.
+
- Make libz use vsnprintf(3) instead of vsprintf().
+ [Applied to stable]
+
+ - Add privilege separation to the old X servers too.
+
+
- In the X server, open the keyboard and framebuffer drivers using privsep.
+
- Plug a couple of mbuf leaks on errors in bridge(4).
+
- Pull in from FreeBSD a better environment variable parser for cron(8).
+
- Repair httpd(8) restarts, broken by the ETag inode leak fix. (The etags-state file wasn't readable after dropping privileges.)
+
- Don't try to allocate < 0 bytes of memory in libcrypto.
+ [Applied to stable]
+ - Re-enable 'set loginterface none' option in pfctl(8).
+
- Fix a bad sizeof in ssh(1) auth_krb4.
+
- Send BIND 4 to the attic. named(8) is now BIND 9.
+
- Still more fixes to the gcc(1) stack protector.
+
+
- Have tcpdump(8) check AH and ESP packets are of valid length before dumping their contents.
+
- Teach tcpdump(8) to print IPComp packets.
+
- Fix a crasher in systrace(1) by reparing some locking code in the kernel, and removing a null deref in userland.
+
- Sync cron(8) with ISC cron -current, keeping the OpenBSD-specific at(1) integration.
+
- Make xconsole(1) run as user _x11 instead of root (like the X server,) and use privilege separation for the parts that need root.
+
- Add an empty cron.deny file, since POSIX requires that in the absence of cron.allow and cron.deny files, only root may run crontab(1).
- Fix a null deref triggered by ipcomp(4).
- pfctl(8) rejects non-existent interfaces in rules using dynamic interface syntax.
- Move /var/at files into /var/cron since at(1) is now a part of cron(8).
- Fix support for pf(4) syntax (if)/24 (dynamic interface name translation with a network prefix.)
-
- SECURITY FIX: February 22, 2003: In ssl(8) an information leak can occur via timing by performing a MAC computation even if incorrect block cipher padding has been found, this is a countermeasure. Also, check for negative sizes in memory allocation routines.
+ - SECURITY FIX: In ssl(8) an information leak can occur via timing by performing a MAC computation even if incorrect block cipher padding has been found, this is a countermeasure. Also, check for negative sizes in memory allocation routines.
A source code patch is available.
[Applied to stable]
- Add a counter for netstat(1) showing how often ipcomp(4) was skipped because the packet size was below the compression threshold.
@@ -86,7 +197,6 @@
- Improve default route setup in the installer.
- Fix ssh(1) forced commands with 'PermitRootLogin forced-commands-only' set.
-
- Similar to the recent pid leak fix, stop httpd(8) leaking inode numbers. More details in the checkin comment.
- Some RFC-compliance fixes to the httpd(8) multipart MIME pid leak fix.
- Clean up pf(4) macro parsing.
@@ -95,7 +205,9 @@
- Add support framework for LZS compression to crypto(9) and ipsec(4).
- More write protection paranoia in ld.so(1).
- Make bsd.rd an install/upgrade target.
-
- Stop httpd(8) leaking child process IDs in multipart MIME boundary separators. (See the checkin comment for an example.)
+
- SECURITY FIX: httpd(8) leaks file inode numbers via ETag header as well as child PIDs in multipart MIME boundary generation. This could lead, for example, to NFS exploitation because it uses inode numbers as part of the file handle.
+ A source code patch is available.
+ [Applied to stable]
- Increase the size of the rates buffer in wi(4) hostap so 802.11g stations can associate.
- When outputting raw IP and generating the header manually, make sure the packet is large enough for a full IP header.
@@ -110,7 +222,9 @@
- Have spamd(8) use tables instead of regular rules on an anchor.
- Improvements to ATAPI PIO mode selection.
- Fix an mbuf leak in wi(4).
-
- Really fix an lprm(1) buffer overflow.
+
- SECURITY FIX: A fix for an lprm(1) bug made in 1996 contains an error that could lead to privilege escalation. For OpenBSD 3.2 the impact is limited since lprm(1) is setuid daemon, not setuid root.
+ A source code patch is available.
+ [Applied to stable]
- Finish nForce support in pciide(4).
- When pfctl(8) complains about an illegal netmask, have it show the offending article.
@@ -263,7 +377,7 @@
- Copy the thread sources (including CVS history) from lib/libc_r to lib/pthread, and move libc_r into the Attic.
- Make pfctl(8) show more information with -vvs[rn] for rules containing tables.
-
- SECURITY FIX: January 20, 2003: A double free in cvs(1) could allow an attacker to execute code with the privileges of the user running cvs. This is only an issue when the cvs command is being run on a user's behalf as a different user. This means that, in most cases, the issue only exists for cvs configurations that use the pserver client/server connection method.
+ - SECURITY FIX: A double free in cvs(1) could allow an attacker to execute code with the privileges of the user running cvs. This is only an issue when the cvs command is being run on a user's behalf as a different user. This means that, in most cases, the issue only exists for cvs configurations that use the pserver client/server connection method.
A source code patch is available.
[Applied to stable]
- Add an invalid ioctl sanity check to gif(4).
@@ -581,6 +695,8 @@
- Implement legacy functions ecvt(3), fcvt(3) and gcvt(3) for standards compliance.
- Add propolice stack attack protection into gcc(1).
- Updated unifdef(1).
+
- Make a copy of the return value of basename() before recording it in the bfd, fixes the "NEEDED crtend.o" problem that many ports had to work around.
+ [Applied to stable]
- Don't have the X server drop privileges if started by root and from a non-standard config path.
- Tweaks and fixes to pf(4)'s ioctl code.
@@ -912,7 +1028,7 @@
www@openbsd.org
-
$OpenBSD: plus.html,v 1.863 2003/03/06 16:27:10 naddy Exp $
+
$OpenBSD: plus.html,v 1.864 2003/03/12 00:02:06 deraadt Exp $