Annotation of www/plus.html, Revision 1.1501
1.1440 bentley 1: <!doctype html>
2: <html lang=en id=plus>
3: <meta charset=utf-8>
1.1384 tj 4: <title>OpenBSD -current Changelog</title>
1.1045 david 5: <meta name="description" content="OpenBSD -current changes">
1.1383 deraadt 6: <meta name="viewport" content="width=device-width, initial-scale=1">
7: <link rel="stylesheet" type="text/css" href="openbsd.css">
1.1400 tb 8: <link rel="canonical" href="https://www.openbsd.org/plus.html">
1.1440 bentley 9: <style>
10: strong {
11: color: var(--red);
12: font-weight: normal;
13: }
14:
15: h3 {
16: color: var(--blue);
17: }
18: </style>
1.14 deraadt 19:
1.1440 bentley 20: <h2 id=OpenBSD>
1.1383 deraadt 21: <a href="index.html">
1.1440 bentley 22: <i>Open</i><b>BSD</b></a>
23: -current Changelog
1.1384 tj 24: </h2>
1.863 naddy 25: <hr>
1.14 deraadt 26:
27: <p>
1.1216 schwarze 28: This selection is intended to include all important
29: and all user-visible changes.
30: For a complete record of all changes, please see the "source-changes"
31: mailing list, called "OpenBSD CVS"
1.1494 tj 32: in the <a href="https://marc.info/?l=openbsd-cvs">archives</a>,
1.1216 schwarze 33: or use <a href="anoncvs.html#CVS">CVS</a>.
34:
35: <p>
1.846 deraadt 36: For changes in other releases, click below:<br>
37: <a href="plus20.html">2.0</a>,
38: <a href="plus21.html">2.1</a>,
39: <a href="plus22.html">2.2</a>,
40: <a href="plus23.html">2.3</a>,
41: <a href="plus24.html">2.4</a>,
42: <a href="plus25.html">2.5</a>,
43: <a href="plus26.html">2.6</a>,
44: <a href="plus27.html">2.7</a>,
45: <a href="plus28.html">2.8</a>,
46: <a href="plus29.html">2.9</a>,
47: <a href="plus30.html">3.0</a>,
48: <a href="plus31.html">3.1</a>,
1.868 deraadt 49: <a href="plus32.html">3.2</a>,
1.889 david 50: <a href="plus33.html">3.3</a>,
1.916 david 51: <a href="plus34.html">3.4</a>,
1.935 miod 52: <a href="plus35.html">3.5</a>,
1.941 deraadt 53: <a href="plus36.html">3.6</a>,
1.1118 deraadt 54: <br>
1.963 deraadt 55: <a href="plus37.html">3.7</a>,
1.999 deraadt 56: <a href="plus38.html">3.8</a>,
1.1028 deraadt 57: <a href="plus39.html">3.9</a>,
1.1044 deraadt 58: <a href="plus40.html">4.0</a>,
1.1069 deraadt 59: <a href="plus41.html">4.1</a>,
1.1097 deraadt 60: <a href="plus42.html">4.2</a>,
1.1118 deraadt 61: <a href="plus43.html">4.3</a>,
1.1140 deraadt 62: <a href="plus44.html">4.4</a>,
1.1152 deraadt 63: <a href="plus45.html">4.5</a>,
1.1163 deraadt 64: <a href="plus46.html">4.6</a>,
1.1177 deraadt 65: <a href="plus47.html">4.7</a>,
1.1194 deraadt 66: <a href="plus48.html">4.8</a>,
1.1198 nick 67: <a href="plus49.html">4.9</a>,
1.1212 schwarze 68: <a href="plus50.html">5.0</a>,
1.1242 lum 69: <a href="plus51.html">5.1</a>,
1.1276 deraadt 70: <a href="plus52.html">5.2</a>,
1.1300 brett 71: <a href="plus53.html">5.3</a>,
1.1330 deraadt 72: <br>
73: <a href="plus54.html">5.4</a>,
1.1352 brett 74: <a href="plus55.html">5.5</a>,
1.1365 deraadt 75: <a href="plus56.html">5.6</a>,
1.1372 deraadt 76: <a href="plus57.html">5.7</a>,
1.1382 deraadt 77: <a href="plus58.html">5.8</a>,
1.1392 deraadt 78: <a href="plus59.html">5.9</a>,
1.1401 deraadt 79: <a href="plus60.html">6.0</a>,
1.1403 deraadt 80: <a href="plus61.html">6.1</a>,
81: <a href="plus62.html">6.2</a>,
1.1406 deraadt 82: <a href="plus63.html">6.3</a>,
1.1435 pamela 83: <a href="plus64.html">6.4</a>,
1.1457 pamela 84: <a href="plus65.html">6.5</a>,
1.1473 deraadt 85: <a href="plus66.html">6.6</a>,
1.1483 deraadt 86: <a href="plus67.html">6.7</a>,
1.1493 pamela 87: <a href="plus68.html">6.8</a>,
1.1499 deraadt 88: <a href="plus69.html">6.9</a>,
89: <a href="plus70.html">7.0</a>.
1.422 deraadt 90: <br>
1.186 deraadt 91:
92: <p>
1.1499 deraadt 93: <h3>Changes made between OpenBSD 7.0 and -current</h3>
1.847 deraadt 94: <p>
1.1316 brett 95:
1.422 deraadt 96: <ul>
1.1501 ! pamela 97: <!-- 2021/10/27 -->
! 98: <li>When downloading resident keys from a FIDO token, made <a href="https://man.openbsd.org/ssh.1">ssh(1)</a> pass back the user ID that was used when the key was created and append it to the filename the key was written to (if not the default).
! 99: <!-- 2021/10/26 -->
! 100: <li>Unlocked the <a href="https://man.openbsd.org/kevent.2">kevent(2)</a> system call.
! 101: <li>Updated to libfido2 1.8.0.
! 102: <li>Made <a href="https://man.openbsd.org/iked.conf.5">iked.conf(5)</a> proto config option accept a list to allow specifying multiple protocols for a single policy.
! 103: <li>Improved unhibernate performance by skipping attach of irrelevant devices.
! 104: <li>Enabled <a href="https://man.openbsd.org/vmx.4">vmx(4)</a> on arm64.
! 105: <li>Cleaned up irrelevant uses of 3rd mode_t parameter for <a href="https://man.openbsd.org/open.2">open(2)</a>/<a href="https://man.openbsd.org/openat.2">openat(2)</a>, unused when not creating files.
! 106: <li>Ensured armv7 and arm64 efiboot allocate fresh memory for the device tree with at least one page of free space to extend into. This fixes booting on VMWare Fusion.
! 107: <li>Added rejection of malformed Subject Alternative Names at certificate creation time to LibreSSL.
! 108: <!-- 2021/10/25 -->
! 109: <li>Added a way to force a color to RGB in <a href="https://man.openbsd.org/tmux.1">tmux(1)</a> and a format to display it.
! 110: <li>Fixed <a href="https://man.openbsd.org/pfctl.8">pfctl(8)</a> $nr incorrect macro expansion.
! 111: <li>Fixed <a href="https://man.openbsd.org/vi.1">vi(1)</a> use after free with unsaved buffer.
! 112: <li>Added -s and -S to <a href="https://man.openbsd.org/tmux.1">tmux(1)</a> display-popup to set popup and border style.
! 113: <li>Fixed application-set fg and bg in <a href="https://man.openbsd.org/tmux.1">tmux(1)</a> panes.
! 114: <!-- 2021/10/24 -->
! 115: <li>Added <a href="https://man.openbsd.org/httpd.8">httpd(8)</a> custom error page facility.
! 116: <li>Added mount -ur/uw support to tmpfs.
! 117: <li>Unlocked top part of UVM fault hander on mips64.
! 118: <li>Used <a href="https://man.openbsd.org/unveil.2">unveil(2)</a> for the possible <a href="https://man.openbsd.org/btrace.8">btrace(8)</a> script file, <a href="https://man.openbsd.org/dt.4">dt(4)</a> and <a href="https://man.openbsd.org/ksyms.4">ksyms(4)</a> nodes.
! 119: <li>Used <a href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a> "join" command by default in <a href="https://man.openbsd.org/hostname.if.5">hostname.if(5)</a> files, replacing the old "nwid".
! 120: <li>Switched <a href="https://man.openbsd.org/nsd.8">nsd(8)</a> to enable default DNS cookies on, matching behavior as released in OpenBSD 7.0.
! 121: <li>Updated to <a href="https://man.openbsd.org/nsd.8">nsd(8)</a> 4.3.8.
! 122: <li>Implemented <a href="https://man.openbsd.org/poll.2">poll(2)</a>, <a href="https://man.openbsd.org/select.2">select(2)</a>, <a href="https://man.openbsd.org/ppoll.2">ppoll(2)</a> and <a href="https://man.openbsd.org/pselect.2">pselect(2)</a> on top of kqueue.
! 123: <li>Stopped prompting whether to fall back to HTTP in the installer, making the fallback automatic.
! 124: <li>Fixed a panic by prohibiting renames of tmpfs mount-points.
! 125: <li>Set klist lock for sockets to make socket event filters MP-safe.
! 126: <li>Made pipe event filters MP-safe.
! 127: <!-- 2021/10/23 -->
! 128: <li>In <a href="https://man.openbsd.org/httpd.8">httpd(8)</a>, stopped sending content alongside responses to HEAD requests.
! 129: <li>Stopped duplicating "Connection: close" headers in <a href="https://man.openbsd.org/relayd.8">relayd(8)</a>, only adding it if it's not a websocket response.
! 130: <li>Provided common <a href="https://man.openbsd.org/btrace.8">btrace(8)</a> scripts kprofile.bt (to save kernel stackframes and produce flamegraphs) and runqlat.bt (to measure the latency of the scheduler runqueues).
! 131: <li>Added call to <a href="https://man.openbsd.org/unveil.2">unveil(2)</a> to restrict <a href="https://man.openbsd.org/stty.1">stty(1)</a> -f filesystem access.
! 132: <li>Added support for tpm2 CRB interface to <a href="https://man.openbsd.org/tpm.4">tpm(4)</a>, fixing recent S4 regressions on the Surface Go 2 caused by a firmware change.
! 133: <li>Retired asynchronous crypto API.
! 134: <li>Added new OpenSSL api SSL_write_ex, SSL_read_ex and SSL_peek_ex.
! 135: <li>Annotated an <a href="https://man.openbsd.org/httpd.8">httpd(8)</a> 413 error with "request body too large" in the error log.
! 136: <li>Fixed double free after allocation failure in <a href="https://man.openbsd.org/bpf.4">bpf(4)</a>.
! 137: <li>Provided a way to determine our maximum legacy version for TLS in libssl, unbreaking RSA KEX for the TLS client when the non-version specific method is used with TLSv1.0 or TLSv1.1.
! 138: <li>Called <a href="https://man.openbsd.org/pledge.2">pledge(2)</a> later to prevent it from killing various games using ncurses when both stdout and stderr are redirected to a non-tty.
! 139: <li>Removed unusable <a href="https://man.openbsd.org/route.8">route(8)</a> -T and exec support from ramdisk.
! 140: <li>Reinstated the fips mode test functions to libcrypto.
! 141: <li>Added <a href="https://man.openbsd.org/rcctl.8">rcctl(8)</a> "ls rogue" to show daemons which are running but not set as "enabled" in <a href="https://man.openbsd.org/rc.conf.local.8">rc.conf.local(8)</a>.
! 142: <li>Fixed a potential buffer overflow in <a href="https://man.openbsd.org/openssl.1">openssl(1)</a> certhash.
! 143: <!-- 2021/10/22 -->
! 144: <li>Renamed Pacific/Enderbury timezone to Pacific/Kanton.
! 145: <li>Fixed an interrupt storm on <a href="https://man.openbsd.org/dwge.4">dwge(4)</a> variants which support Energy Efficient Ethernet when connected to a switch which does so as well.
! 146: <li>Ensured enabled resolvers are honored by <a href="https://man.openbsd.org/unwind.8">unwind(8)</a> to keep unused forwarders disabled properly.
! 147: <li>Implemented <a href="https://man.openbsd.org/rsync.1">rsync(1)</a> --compare-dest, allowing specification of additional directories to check for files to be available.
! 148: <li>Prevented <a href="https://man.openbsd.org/ssh.1">ssh(1)</a> memory leak if getaddrinfo returns no addresses.
! 149: <li>Added protocol version checking to <a href="https://man.openbsd.org/httpd.8">httpd(8)</a>.
! 150: <!-- 2021/10/21 -->
! 151: <li>Ensured use of the correct encoding in xenocara when /etc/kbdtype is present with an attached <a href="https://man.openbsd.org/ucc.4">ucc(4)</a> keyboard.
! 152: <li>Removed hifn(4), safe(4) and ubsec(4) crypto drivers.
! 153: <li>Removed <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> "disk" editing command.
! 154: <li>Fixed <a href="https://man.openbsd.org/httpd.8">httpd(8)</a> to respond with 400 Bad Request when a client sends header lines without a colon.
! 155: <li>Bumped to LibreSSL 3.5.0.
! 156: <li>Added -T to set a popup title in <a href="https://man.openbsd.org/tmux.1">tmux(1)</a>.
! 157: <!-- 2021/10/20 -->
! 158: <li>Stopped ignoring <a href="https://man.openbsd.org/carp.4">carp(4)</a> interfaces in <a href="https://man.openbsd.org/dhcpleased.8">dhcpleased(8)</a>.
! 159: <!-- 2021/10/19 -->
! 160: <!-- 2021/10/18 -->
! 161: <li>Removed an unused decoding of c/h/s from the MBR read from disk by <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a>.
! 162: <!-- 2021/10/17 -->
! 163: <li>Updated to <a href="https://man.openbsd.org/xterm.1">xterm(1)</a> 369.
! 164: <!-- 2021/10/16 -->
! 165: <li>Corrected installer to use "inet autoconf" properly for <a href="https://man.openbsd.org/hostname.if.5">hostname.if(5)</a> files.
! 166: <!-- 2021/10/15 -->
! 167: <li>Returned to use of the SFTP protocol for <a href="https://man.openbsd.org/scp.1">scp(1)</a>.
! 168: <li>Added initial 40MHz support to the <a href="https://man.openbsd.org/iwx.4">iwx(4)</a> driver.
! 169: <li>Fixed a problem with repeat in <a href="https://man.openbsd.org/tmux.1">tmux(1)</a> copy mode.
! 170: <!-- 2021/10/14 -->
! 171: <li>Released <a href="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.1-relnotes.txt">LibreSSL 3.4.1</a>.
! 172: <li>Replaced <a href="https://man.openbsd.org/lrint.3">lrint(3)</a>, <a href="https://man.openbsd.org/lrintf.3">lrintf(3)</a>, <a href="https://man.openbsd.org/llrint.3">llrint(3)</a> and <a href="https://man.openbsd.org/llrintf.3">llrintf(3)</a> implementations from NetBSD with the existing FreeBSD implementations we were already using for <a href="https://man.openbsd.org/lrintl.3">lrintl(3)</a> and <a href="https://man.openbsd.org/llrintl.3">llrintl(3)</a>.
! 173: <li>Fixed a <a href="https://man.openbsd.org/tmux.1">tmux(1)</a> redraw problem on automargin terminals.
! 174: <!-- 2021/10/13 -->
! 175: <li>Modified <a href="https://man.openbsd.org/syslog.conf.5">syslog.conf(5)</a> examples to use TLS rather than the plaintext protocols.
! 176: <li>Fixed file descriptor leak of /dev/tty on <a href="https://man.openbsd.org/doas.1">doas(1)</a> auth failure.
! 177: <li>Added <a href="https://man.openbsd.org/realpath.1">realpath(1)</a>, a wrapper for <a href="https://man.openbsd.org/realpath.3">realpath(3)</a> for use in ports.
1.1500 pamela 178: <!-- 2021/10/12 -->
1.1501 ! pamela 179: <li>Enabled enforcing of RLIMIT_MEMLOCK on powerpc64.
1.1500 pamela 180: <li>Reverted to use <a href="https://man.openbsd.org/iwm.4">iwm(4)</a> firmware v17 on Intel AC 7265, fixing instability issues on X1 Carbon gen3.
181: <li>Cached the old BSSID when roaming with <a href="https://man.openbsd.org/iwx.4">iwx(4)</a>.
182: <li>Explicitly stopped <a href="https://man.openbsd.org/iwx.4">iwx(4)</a> Rx block ack when roaming between access points.
183: <!-- 2021/10/11 -->
184: <li>Added support for 802.11n 40MHz channels to the <a href="https://man.openbsd.org/iwm.4">iwm(4)</a> driver.
185: <li>Added monitoring of 20/40MHz channel width changes in beacons sent by our access point, notifying drivers when the channel width has changed.
186: <!-- 2021/10/10 -->
187: <li>Added support for 40MHz channels to net80211 RA.
188: <li>Fixed establishing legacy INTx interrupts on machines without a (usable) MSI interrupt controller.
189: <!-- 2021/10/09 -->
190: <li>Merged bugfixes from upstream into <a href="https://man.openbsd.org/less.1">less(1)</a> including fixes for the prompt hiding feature (CTRL-P) and an integer overflow.
191: <!-- 2021/10/08 -->
192: <!-- 2021/10/07 -->
193: <li>Cached the old BSSID when roaming with <a href="https://man.openbsd.org/iwm.4">iwm(4)</a> so firmware commands can continue using it while roaming to a new AP.
194: <!-- 2021/10/06 -->
195: <li>Stopped <a href="https://man.openbsd.org/pkg_add.1">pkg_add(1)</a> from communicating warnings starting with "XXX" which appeared to indicate errors.
196: <li>Ensured <a href="https://man.openbsd.org/iwm.4">iwm(4)</a> uses only the HT (high throughput) frame format for data frames.
197: <li>Allowed AUTH->AUTH state transitions in the <a href="https://man.openbsd.org/iwm.4">iwm(4)</a> and <a href="https://man.openbsd.org/iwx.4">iwx(4)</a> drivers again, needed if the access point uses band-steering.
198: <li>Removed the <a href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a> autoconfprivacy deprecation warning.
199: <!-- 2021/10/05 -->
200: <li>Retired the Loongson platform.
201: <li>Fixed <a href="https://man.openbsd.org/iwm.4">iwm(4)</a> performance drop after roaming between APs in 11n mode.
202: <!-- 2021/10/04 -->
203: <li>Applied a workaround in <a href="https://man.openbsd.org/mvkpcie.4">mvkpcie(4)</a> to fix an external abort under load with <a href="https://man.openbsd.org/athn.4">athn(4)</a>.
204: <!-- 2021/10/03 -->
205: <li>Added relicensed wireless firmwares from Realtek for <a href="https://man.openbsd.org/rsu.4">rsu(4)</a>, <a href="https://man.openbsd.org/rtwn.4">rtwn(4)</a> and <a href="https://man.openbsd.org/urtwn.4">urtwn(4)</a> devices, allowing these devices to work without requiring a separate firmware download.
206: <li>Added a workaround for buggy <a href="https://man.openbsd.org/athn.4">athn(4)</a> devices to prevent filling up the node cache when used in hostap mode.
207: <!-- 2021/10/02 -->
208: <li>Made redistributable firmwares available across all architectures.
209: <li>Fixed memory leak in <a href="https://man.openbsd.org/fuse.4">fuse(4)</a> when calling <a href="https://man.openbsd.org/namei.9">namei(9)</a>.
210: <li>Fixed a panic when <a href="https://man.openbsd.org/iwx.4">iwx(4)</a> cannot find firmware at boot time.
211: <!-- 2021/10/01 -->
212: <li>Released LibreSSL <a href="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.3.5-relnotes.txt">3.3.5</a> and <a href="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.7-relnotes.txt">3.2.7</a>.
213: <!-- 2021/09/30 -->
214: <li>Enabled X509_V_FLAG_TRUSTED_FIRST by default in the legacy verifier.
215: <li>Deleted expired DST Root CA X3.
216: <li>Prevented <a href="https://man.openbsd.org/iwm.4">iwm(4)</a> and <a href="https://man.openbsd.org/iwx.4">iwx(4)</a> attempts to transition toward the same state where this would result in a redundant or illegal state transition and a potential hang.
217: <!-- 2021/09/29 -->
218: <li>Removed the constraint that <a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> -b specified block count or block size must be greater than 63.
219: <li>Added support to <a href="https://man.openbsd.org/pchgpio.4">pchgpio(4)</a> for Cannon Lake H and Tiger Lake H platforms.
220: <!-- 2021/09/28 -->
221: <!-- 2021/09/27 -->
222: <li>Fixed a crash in <a href="https://man.openbsd.org/tmux.1">tmux(1)</a> when a session with multiple clients is destroyed but tmux does not close completely due to other sessions.
223: <!-- 2021/09/26 -->
224: <!-- 2021/09/25 -->
225: <li>Introduced <a href="https://man.openbsd.org/gpiocharger.4">gpiocharger(4)</a>, a driver providing support for battery chargers connected to GPIO pins, such as those found on the Pinebook Pro.
226: <li>Introduced <a href="https://man.openbsd.org/gpioleds.4">gpioleds(4)</a> for arm64, a driver providing support for LEDs connected to GPIO pins, such as those found on the Pinebook Pro.
227: <!-- 2021/09/24 -->
228: <li>Reset the Tx timer upon validation of a BA notification sent by <a href="https://man.openbsd.org/iwx.4">iwx(4)</a> and <a href="https://man.openbsd.org/iwm.4">iwm(4)</a> firmware.
229: <!-- 2021/09/23 -->
230: <li>Added support to <a href="https://man.openbsd.org/umb.4">umb(4)</a> for SIMCom SIM7600.
231: <li>Released <a href="https://man.openbsd.org/rpki-client.8">rpki-client</a> 7.3.
232: <li>Removed wpath from <a href="https://man.openbsd.org/less.1">less(1)</a> secure mode pledge.
233: <li>Added <a href="https://man.openbsd.org/iwx.4">iwx(4)</a> Tx aggregation support.
234: <li>Added an ADDBA_OFFLOAD capability for wifi devices to manage Tx block ack sessions entirely in firmware.
235: <li>Released <a href="https://man.openbsd.org/bgpd.8">OpenBGPD</a> 7.2.
236: <!-- 2021/09/22 -->
237: <li>Cleared length of keys in <a href="https://man.openbsd.org/vnconfig.8">vnconfig(8)</a> alongside keys themselves.
1.1164 deraadt 238: </ul>