===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.880
retrieving revision 1.881
diff -u -r1.880 -r1.881
--- www/plus.html 2003/06/12 20:54:58 1.880
+++ www/plus.html 2003/07/28 15:15:55 1.881
@@ -52,10 +52,160 @@
We are working on OpenBSD-current.
-The following list sums up (almost) all the changes made up to June 7.
+The following list sums up (almost) all the changes made up to June 24.
+
+- Add i386 a.out emulation for dynamic binaries.
+
- Fix grep(1)'s -w option.
+
- Make grep(1)'s -E, -F and -G options override the program name, and mutually exclusive.
+
- Make fgrep functionality of grep(1) work.
+
- Unbreak POSIX:: functions under Perl 5.8.0.
+
- Make pf(4)'s route-to option work for IPv6 link-local addresses.
+
- Reintroduce some routing socket code (lost in a previous update) that could cause less-specific routes to be updated by mistake.
+
- Lots of int -> u_int in ssh(1).
+
- IPv6 neighbour discovery updates from KAME.
+
+
- Avoid using regexes completely for simple string searches in grep(1).
+
- Improve the compress(1)-based zmore(1) script and install instead of the GNU gzip version.
+
- Teach kdump(1) about many more dev/, net*/ and crypto/ ioctls.
+
- Remove the unnecessary (and broken) printf builtin from csh(1).
+
- Don't use getopt(3) in printf(1) since this causes formats beginning with a hyphen to be interpreted as flags.
+
- Add a simple zmore(1) script using compress(1).
+
- Add pcmcia(4) and wi(4) support for sparc.
+
- Install a host route for a point-to-point interface even if a connected net route via a broadcast interface exists (NetBSD PR 21903.)
+
- Check for nfds<0 in poll(2).
+
- Better temp file handling in XFree's gccmakedep(1).
+
- Temporarily work around a tables-related use-after-free in pf(4).
+
- Improve grep(1)'s detection of binary files, and add/fix a number of compatibility options.
+
- Improvements to the installer's handling of network settings when upgrading.
+
+
- Remove ypserv(8) files without copyright information.
+
- Install freegrep as {e,f,z,ze,zf}grep as well as grep(1).
+
- Upgrade (non-GNU) grep(1) to freegrep 0.16.
+
- Remove GNU grep and (most of) GNU gzip from the tree. BSD-licensed alternatives do the same jobs.
+
- Reenable the ld.so(1) library load order randomiser, with fixes.
+
+
- Make user filename selection in the installer more robust.
+
- fflush(3) stdout when doing continuous queue monitoring with pfctl(8).
+
- Add fine-grained counters for pf(4) state entries, allowing for traffic reporting via pfsync(4).
+
- Add per-process exec/fork/exit hooks, use them the fix up brk(2) under Linux emulation, and so fix Java.
+
+
- Add MSS support to pf(4)'s synproxy.
+
- Initialise properly before calling getusershell(3) in su(1).
+
- More helpful pf(4) BAD ICMP debug message.
+
- Make isakmpd(8) print some log messages when giving up on a response to the last message.
+
+
+
- Use _PW_NAME_LEN instead of a hard-coded 8 char username limit in top(1).
+
- Remove roll-your-own string functions from top(1).
+
- Have comsat(8) use fseeko(3) instead of fseek().
+
- rpcgen(1) now generates much prettier ANSI C code.
+
- Back out the recent xdm(1) '-nolisten tcp' change.
+
- Plug some memory leaks in popa3d(8) and systrace(1).
+
- Strip the newline from user input when requesting a continuation filename in restore(8) (PR#3324.)
+
+
- Fix a bug that condemned fortune(6) to be always inoffensive.
+
- Have bpf(4) return ENOBUFS on malloc(9) failure instead of causing a panic (PR#2235,PR#2236,PR#2640.)
+
- Make m4(1)'s handling of builtin and user macros more consistent, and allow pushdef to work for builtins.
+
- xdm(1) now passes '-nolisten tcp' to Xserver(1) by default for local display :0.
+
- Re-enable UDMA mode 5 for HPT370A pciide(4) devices, now that timing and interrupt problems are fixed.
+
- Fix a sizeof oops that broke less(1)'s -N option.
+
- hme(4) now advertises its VLAN capability.
+
- Properly display no-route addresses when expanding label macros in pfctl(8).
+
- Back out the recent ssh(1) smartcard key fix, it violates PKCS#1.
+
- When the expansion of the $srcaddr or $dstaddr label macro is a table, have pfctl(8) print the table name instead of garbage.
+
- Unbreak vmstat(8) on diskless machines (PR#3322.)
+
- Relax rtadvd.conf(5) syntax, removing the need for the addrs option.
+
+
- Use getifaddrs(3) in amd(8), fixing the 'wire' location selector.
+
- Return the correct error message if the user tries to kill a non-existent process from top(1).
+
+
- Add a few missing dead-key composition entries (PR#3295, with an entry for cedilla as well as for double-quote.)
+
- Avoid a null deref in cnkqfilter() (/dev/console kqueue(2) crash, PR#3317.)
+
- Fix a logic bug in mtree(8) that was making -U return an error just like -u.
+
- Make ssh-add(1) redisplay the key comment when prompting after a bad passphrase.
+
- Fix "bad decrypted len" errors in ssh(1) when using smartcard-stored public keys (OpenSSH bug 592.)
+
- Updates for systrace(1), support freeing of old policies and escaping of special characters.
+
- Better byte-swapping behaviour in dc(4), fixing mac address reads on big-endian architectures.
+
- Make dhclient-script(8) fix up resolv.conf(5)'s permissions.
+
+
- Stop isakmpd(8) losing ID information when rekeying.
+
+
- Add new '-c class' option to encrypt(1), which will use the login class to select the password cipher.
+
- Fix kqueue(2) on ptys (PR#3209.)
+
- In user(8), only check login class validity when the login class is set.
+
- Fix some sizeof oopses in top(1).
+
- Allocate cleared memory for isakmpd(8) payload buffers.
+
- Fix pf(4) TCP state checks when using a combination of asymmetric window scaling and SACK.
+ [Applied to stable]
+
+ - Add __LP64__ and _LP64 cpp(1) predefined macros for alpha and sparc.
+
- Sync em(4) with FreeBSD updates and enable on sparc64.
+
- Add -0 (zero) flag to pax(1) allowing the filename separator to be a NUL instead of a newline (PR#3310.)
+
- In xargs(1), don't close the descriptor we just created with dup2(2).
+
- security(8) allows dots in usernames consistent with user(8) changes.
+
- pfctl(8)'s show anchor command now respects the 'quiet' flag.
+
- Make dhclient-script(8) respect symlinks.
+
- Remove obsolete Rijndael code from libcrypto.
+
- Support more Intel Fast Ethernet and Gigabit Ethernet cards.
+
- Use real varargs in top(1) instead of hacking it.
+
+
- ssh(1) and ssh-agent(1) now use the key label from a PKCS#12 cert if one is available, instead of just showing 'smartcard key.'
+
- Stop security(8) complaining about usernames ending in '$'.
+
- Speed up m4(1) traced macros, helps with recent GNU autoconf.
+
- Make queues work on tun(4) interfaces. Not recommended (should assign to tun, then queue on physical interface) but sometimes necessary, e.g. for pppoe(8).
+
- In pfctl(8) don't apply a netmask to an interface name.
+ [Applied to stable]
+ - Allow the kernel to compile with NFS but without FIFO.
+
- POSIXify xargs(1), mostly from FreeBSD.
+
+
- Much ansification and de-registering.
+
- Add NAT-T dump support to tcpdump(8).
+
- Make ssh-agent(1) lifetime and confirmation features work with smartcard keys.
+
- Build bs(6) and hunt(6) again now that they have good licenses.
+
- Add option MFS to the kernel on several architectures, to fix upgrade breakage.
+
- Some RFC3542 Advanced Sockets API for IPv6 updates.
+
- Add an ARM target for gcc(1).
+
+
- De-uglify dhclient-script(8), and (mostly) fix resolv.conf(5) update problems.
+
- Allow zero intervals in newsyslog(8) config files.
+
- Fix a missing initialisation in pf_test() and avoid random state table additions.
+
- Add login class support (-class option) to adduser(8).
+
- rmail(8) now tells sendmail to deliver in the foreground.
+
- Make rmail(8) pass the -G flag to sendmail(8) as expected.
+
- Install rcs2log(1) properly (PR#3298.)
+
- In user(8) check that a login class exists before using it (PR#2699.)
+
- user(8) changes from NetBSD:
+
+ - useradd(8) and usermod(8) now check that the encrypted password length is correct.
+
- Log user and group modifications via syslog.
+
- Pickier command line option checks.
+
- When deleting a user including the profile, remove all references to that user from /etc/group.
+
- Checks that a group is in the local files (not from YP) before attempting to modify it.
+
+ - Don't allow /dev/crypto to be opened at all if the kernel is compiled without the CRYPTO option.
+ [Applied to stable]
+ - Make mount(2) return EROFS instead of EPERM when trying to mount a dirty filesystem.
+
- Make isakmpd(8) more robust when faced with unknown ID types.
+ [Applied to stable]
+ - Change the timer pthread uses, allowing threaded apps to be profiled.
+
+
- Allow newsyslog(8) to detect negative numbers in pid files.
+
- Stop sudo(8) busy-waiting when waiting for sendmail(8) to do its work.
+
- Better CDDB input checking for cdio(1).
+
- Make the byte order more uniform in the pf(4) nat code.
+
- Back out tcp_trace IPv6 changes and fix PR#3283.
+
- Stability fixes for siop(4) when under heavy load.
+ [Applied to stable]
+
+ - Allow user(8)'s -e and -f to accept both month-day-year and seconds-since-epoch times. From NetBSD.
+
- Detect oversized usernames in pwd_mkdb(8).
+
- Check for oversize group names to user(8) and fail the command.
+
- Fix an off-by-one in user(8).
+
- m4(1)'s patsubst command now accepts null patterns. This appears to fix GNU Autoconf 2.57.
+
- A pf(4) table on an anchor rule creates a real anchor, so pfctl(8) works the way one expects.
- Stop pfctl(8) (with the -ss option) printing IPv4 address/netmask pairs as a.b.c.d/128.
- Have identd(8) run by default as user _identd if possible, and fall back to user nobody if that fails.
@@ -86,7 +236,8 @@
- In pfctl(8) process 'show' options before options that change the rulebase.
- Huge license cleanup all over the tree.
-
- Fix random lockups of cac(4) devices.
+
- Fix random lockups of cac(4) devices.
+ [Applied to stable]
- Deprecate the dangerous VerifyReverseMapping sshd(8) option, and replace with new UseDNS option (enabled by default.)
- Install OpenSSL include files in /usr/include/openssl instead of ../ssl.
- Remove the advertising clause from many license statements.
@@ -109,7 +260,8 @@
- Add LD_NORANDOM to the list of environment variables that get zapped when running setuid/setgid.
- Load dynamic libraries in random order, to reduce the probability of an attacker guessing the address of the loaded code. Define LD_NORANDOM to disable.
-
- Make dhclient(8) more robust by accept non-DHCPNAK messages with yiaddr=0.0.0.0, as sent by some common DHCP servers that ignore the RFC.
+
- Make dhclient(8) more robust by accept non-DHCPNAK messages with yiaddr=0.0.0.0, as sent by some common DHCP servers that ignore the RFC.
+ [Applied to stable]
- Reorder the sections in many manpages.
- Use sete[ug]id(2) as well as set[ug]id() in ssh(1) when doing privsep and when permanently setting the [ug]id.
- When setting the tcp6 mss, fetch the link mtu using IN6_LINKMTU() (which takes neighbour discovery mtu settings into account) instead of always using the interface mtu.
@@ -650,7 +802,7 @@
www@openbsd.org
-
$OpenBSD: plus.html,v 1.880 2003/06/12 20:54:58 deraadt Exp $
+
$OpenBSD: plus.html,v 1.881 2003/07/28 15:15:55 deraadt Exp $