===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.906
retrieving revision 1.907
diff -u -r1.906 -r1.907
--- www/plus.html 2004/02/28 02:29:56 1.906
+++ www/plus.html 2004/03/21 17:57:47 1.907
@@ -53,10 +53,161 @@
We are working on OpenBSD-current.
-The following list sums up (almost) all the changes made up to February 21.
+The following list sums up (almost) all the changes made up to March 7.
+
+- Have pkg_add(1)'s dependency lookup check against local directory listings.
+
- New -A (pretend to be another architecture) and -P (limit distribution type) options to pkg_add(1).
+
- More memory leak fixes to ifstated(8)'s parser.
+
- Fix a null deref in ifstated(8).
+
- Have nc(1) print an error message if connect(2) fails.
+
- Plug well-hidden memory leaks in bgpd(8), ifstated(8) and pfctl(8)'s parsers.
+
- Signal-handling tweaks to syslogd(8).
+
- Add lpt(4), a driver for LSI Fusion-MPT SCSI and Fibre Channel devices.
+
+
- Plumb bgpd(8) into /etc/rc(8) and /etc/rc.conf(8).
+
- More memory leak fixes in bgpd(8).
+
- Just chdir("/") in mg(1) instead of panicking if the initial getcwd(3) fails.
+
- Start work on capabilities announcement support in bgpd(8).
+
- Since not rejecting optional attributes in BGP implies acceptance/support, make bgpd(8) reject attributes it doesn't support.
+
- Send outstanding notifications to a bgpd(8) peer returning to the IDLE state.
+
- Stop carp(4) sending duplicate route add/delete messages.
+
- New IdentitiesOnly option for ssh_config(5), useful when an agent has many keys.
+
- Don't leak memory in scandir(3) (FreeBSD PR#7923, from 1998!)
+
- Fix a big greylist-related memory leak in spamd(8).
+
+
- In kdump(1), fix an off-by-one and describe ptrace(2) calls better.
+
- Allow -stable kernels to build without TCP_ECN.
+
- Fix a few small key handling bugs in svnd(4).
+
+
- Actually use the alternate RADIUS server in login_radius(8).
+
- Make sure that svnd(4) mounts can read their disklablel as svnd, not vnd.
+
- Extend md5(1)'s -c option so it can parse the output of GNU md5sum.
+
- Remove dynamic bufq support from wd(4) due to problems.
+
- Plug some memory leaks in bgpd(8).
+
- Stop libreadline segfaulting when writing an empty history list to a file (PR#3690.)
+
- Fixes to sftp(1)'s progress meter.
+
- Change sshd(8) child processes' proctitle to '[accepted]' after the, uh, accept(2) completes.
+
- Repair procfs status output (PR#2102.)
+
- Fix unintentional ordering dependency in kernel module loading and unloading (PR#2910.)
+
- Allow forced unmount(2)s of nullfs, procfs (both from PR#2394,) and umapfs.
+
- Fix an off-by-one in procfs so that it can be successfully unmounted (PR#2327.)
+
- Clean up badsect(8)'s error reporting (PR#3679.)
+
- Start spamd(8) later in /etc/rc(8).
+
+
- Fix an mbuf(9) leak in tun(4) under failure conditions. From NetBSD.
+
- Count mixerctl(1) devices starting at zero instead of stack garbage.
+
- Fix wi(4) reset problems with newer Prism firmware.
+
- Make hostap mode work for Prism wi(4) cards with newer firmware, and disable hostap mode for old firmware.
+
- Socket types and error checks cleanup in talk(1).
+
- 64-bit fixes to brconfig(8).
+
- More features for bgpctl(8)'s 'show rib' command.
+
- Fix a memory leak in dhcpd(8)'s parser.
+
- Use daemon(3) instead of DIY in new dhclient(8).
+
- Start sshd(8) earlier in /etc/rc(8).
+
- Generate new dhclient(8)'s transaction id (xid) using arc4random(3) instead of random(3).
+
- Have dhclient(8) (old and new) exit cleanly if its interface goes away (PR#3648.)
+
- New sysctl(3) net.inet.tcp.reasslimit, to control the size of the memory pool for TCP out-of-order segment reassembly that was introduced in the last erratum.
+
- RELIABILITY FIX: OpenBSD's TCP/IP stack did not impose limits on how many out-of-order TCP segments are queued in the system. An attacker could send out-of-order TCP segments and trick the system into using all available memory buffers.
+ A source code patch is available.
+ [Applied to stable]
+ - Strip out all the multiple-interfaces code from new dhclient(8), it's not used any more.
+
- Be sure to call fifofs' reclaim function from its host filesystems (ext2fs, ffs, nfs.)
+ [Applied to stable]
+ - Give fifofs a real reclaim function to prevent memory leaks on rovocation, and fix a potential null deref.
+ [Applied to stable]
+ - Disable the COMPAT_25 compatibility option in GENERIC kernels.
+
+
- Catch illegally large AS numbers in bgpd(8).
+
- Rewrite of mount_portal(8), complete with IPv6 support.
+
- Cleanup and paranoia in spamdb(8).
+
- Support 'tagged <name>' specifiers on pf(4) anchor rules.
+
- Better IPv4 address validation in spamd(8).
+
- Process NOTE_TRUNCATE messages in tail(1) and unbreak file truncation handling (PR#3689.)
+
- Allow bgpd(8) to run in route-collector mode, i.e. disable the decision process.
+
- Build libf2c for GCC3 architectures.
+
- New -d option for nc(1), which disables reading from stdin (PR#3694.)
+
+
- Fix a memory leak when the control socket detaches from bgpd(8).
+
- Make bgpctl(8)'s control socket nonblocking.
+
- Import libf2c from GCC 3.3.2.
+
- Show the number of TCP connections drained (by new tcp_drain()) in netstat(1) output.
+
- Don't stat(2) the compress(1) outfile when running in test mode.
+
- Re-enable propolice if the X server is built without module support.
+
- Check the sign of values given to the hw.setperf sysctl(8).
+
- strtol(3) and signedness cleanup in ping(8).
+
+
- Sync the installer with the ftp(1) fetch-mode fix.
+
- Open a new connection for each file pulled down by ftp(1) in fetch mode. Fixes problems where 'CWD /' does unexpected things.
+
- Fix the test that disallows interface unit numbers greater than INT_MAX (to avoid signedness confusion.)
+
- Don't allow leading zeros in cloner interface names.
+
- Upgrade 3.4-stable to OpenSSH 3.8.
+
- spamd(8) greylist cleanup and fixes.
+
+
- In ssh(1), make the read buffer for moduli(5) large enough for 8Kbit primes.
+
- Stop sshd(8) sending DH groups with a primitive generator of zero or one.
+
- Fix a race condition in wi(4) by disabling interrupts before sending an ACK. From NetBSD.
+
- Fix some over-zealous assert()ing in afsd(8).
+
- Add DH group 14 (modp2048) to isakmpd(8)'s list of predefined quick mode suites.
+
- 3.4-current -> 3.5-beta.
+
- Remove a null deref and unbreak WSDISPLAY_USEFONT for vga(4).
+
- Fix an nfsv3-related panic that could occur when linking from a local fs into an NFS mount.
+ [Applied to stable]
+ - Add an implementation for the tcp_drain() function, similar to ip_drain().
+ [Applied to stable]
+ - Stop pfctl(8) '-s all' printing the entire OS fingerprint database and all the interfaces.
+
- Interoperability fixes for isakmpd(8), particularly when talking to a Cisco PIX.
+
+
- Don't use a regex when deleting a user from a group with userdel(8), since the username may contain regex special characters. Also, chmod(2) the new group file before moving it into place instead of after.
+
- Fix IP data length calculation in mrinfo(8) and mtrace(8).
+
- Fix ifconfig(8)'s matching of multi-digit interface names, e.g. stop vlan10 matching as vlan1.
+
- Add __va_copy() in <stdarg.h>, following old ISO C89 behaviour. Used by GNU software.
+
- Support dumping of the bgpd(8) RIB via bgpctl(8).
+
- Have bgpd(8) check that the nexthop is a valid range (i.e. not a class D, class E or a loopback.)
+
- Better logging for ifstated(8), taken from bgpd.
+
- More enhancements to bgpd(8)'s filter language.
+
- Include tcps_rcvmemdrop in netstat(1)'s TCP statistics output.
+
- Add 'greylisting' support to spamd(8). Oh yes.
+
+
- Remove a sizeof(long)==4 assumption in ld.so(1) that could errnoeously zero four bytes of the next page.
+
- Add -B (destdir) support to pkg_delete(1).
+
- New Loglevel and Logverbose options for isakmpd.conf(5).
+
- Stop pfctl(8) clearing too much when -Fa is used and an anchor is given.
+
+
- Reorder code in dhcrelay(8) so that the server list is zero-filled before we add servers to it, not after.
+
- Allow tuning of bpf(4) buffer sizes via sysctl(8) variables net.bpf.*.
+
- Add /usr/local/share/fonts to /etc/fonts/fonts.conf, good for ports.
+
- Fix send_packet() return value checks in dhcrelay(8).
+
- Don't allow 'max-src-nodes' in a pf(4) rule if 'source-track global' is in effect.
+
- Enhancements to bgpd(8)'s filter language.
+
- Stop new dhclient(8) generating a pidfile.
+
- Use getopt(3) instead of DIY in new dhclient(8).
+
- Remove the interface discovery scan from new dhclient(8), and so require an explicit interface name.
+
- Don't allow 'max-src-nodes' option anywhere other than in a 'source-track' pf(4) rule.
+
- A number of fifofs fixes from FreeBSD.
+
- 64 bit-specific binutils fixups. From binutils CVS.
+
+
- New slinear16-to-alaw audio format converters. From NetBSD.
+
- Better pread(2) and pwrite(2) error checks in libkvm.
+
- Fix a potential null deref when looking for a free pty(4) device.
+
- A little bounds-check paranoia in procmap(1).
+
- Make malloc(3) options work properly for programs that need ld.so(1).
+
- Build and install procmap(1) by default.
+
- Better heap discovery heuristic for procmap(1),
+
- Explicitly disallow backward jumps in bpf(4) filter programs.
+
- More cleanup and dead code removal in the new dhclient(8).
+
- Remove raw socket fallback code from new dhclient(8), since OpenBSD always uses bpf(4).
+
- Bump OpenSSH version to 3.8.
+
- Bignum fixes in ssh(1).
+
- Set sshd(8)'s listen socket to non-blocking mode again, reverting the change from 26 Sept 2003.
+
- Fix an objdump(1) segfault on sparc64. From binutils CVS.
+
- Fix an out-of-bounds read when comparing IPv6 prefixes if the prefix length is 128.
+
+
- Add pthread_attr_[gs]etstack(3) and bump libpthread minor version. From FreeBSD libc_r.
+
- String cleaning in fvwm(1) and wm2(1).
+
- Some cleanup of <pthread.h>. From FreeBSD's libc_r.
- Fix a locking-related crash when using a portal filesystem.
- Have pkg_add(1) make a distinction between an unreadable or non-package, and an inaccessible package file.
@@ -149,7 +300,8 @@
- Reduce the default number of pty(4) devices from 64 to 16, now that additional ptys will be created on demand.
- Fix an off-by-one when generating pty(4) device names (ptydevname().)
- Make tcpdump(8)'s pfsync(4) output more consistent with other tcpdump output.
-
- Plug an mbuf(9) leak by making ip_fragment() free the mbuf on errors instead of expecting the caller to do it.
+
- Plug an mbuf(9) leak by making ip_fragment() free the mbuf on errors instead of expecting the caller to do it.
+ [Applied to stable]
- Add a flag so that hardware sensors can be marked as invalid if, for example, they're disconnected.
- Make picky mode in makewhatis(8) even pickier.
- Fix an off-by-one in pf(4)'s interface management code.
@@ -353,6 +505,7 @@
- Propolice fixes for gcc(1).
- First propolice version of gcc3.
+
- Add dynamic bufq support to wd(4). Doesn't do very much for now.
- In kernel main(), initialise timeouts much earlier.
- New spamd(8) configuration method, based around OpenBSD mirrors of common spammer lists.
- Cleanup and fix tcpdump(8) pfsync protocol output.
@@ -820,7 +973,7 @@
- More wdc(4) probe fixes, sync'ing with NetBSD.
- Fix timed(8) breakage caused by the change from select(2) to poll(2).
-
- Add rc(8) startup for sensorsd(8).
+
- Add /etc/rc(8) startup for sensorsd(8).
- Merge in BIND v9.2.3.
- In crypto(3), enable assembler BN functions on vax, and assembler for most things on i386.
- Fix password blinding for non-existent users in sshd(8).
@@ -1288,7 +1441,7 @@
www@openbsd.org
-
$OpenBSD: plus.html,v 1.906 2004/02/28 02:29:56 mickey Exp $
+
$OpenBSD: plus.html,v 1.907 2004/03/21 17:57:47 deraadt Exp $