Annotation of www/plus20.html, Revision 1.4
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
2: <html>
3: <head>
4: <title>OpenBSD 2.0 changes</title>
5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
7: <meta name="description" content="the main OpenBSD page">
8: <meta name="keywords" content="openbsd,main">
9: <meta name="distribution" content="global">
10: <meta name="copyright" content="This document copyright 1996 by OpenBSD.">
11: </head>
12:
13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
14:
15: <img alt="[OpenBSD]" height=30 width=141 SRC="images/smalltitle.gif">
16: <p>
1.2 deraadt 17: <h2><font color=#e00000>Changes made between OpenBSD 2.0 and infinity...</font><hr></h2>
1.1 deraadt 18:
19: <p>
20: This is a partial list of the major machine independent changes
21: (ie. these are the changes people ask about most often). Port
22: specific changes have also been made, and are sometimes mentioned
23: in the pages for the specific <a href=plat.html>ports</a> if you
24: are interested in further port-specific details. Many ports
25: have had architecture-specific enhancements relative to NetBSD,
26: but when they do not they certainly have plenty of platform-independent
27: changes, starting with those listed below..
28:
29: <p>
30: Note: <font color=#e00000>Problems for which patches exist are marked in red</font>.
31:
32: <p>
33: <h3>
1.3 deraadt 34: <a href=plus20.html>For changes leading up to OpenBSD 2.0, click here</a>.<br>
35: <a href=plus21.html>For changes leading up to OpenBSD 2.1, click here</a>.<br>
36: <a href=plus22.html>For changes leading up to OpenBSD 2.2, click here</a>.<br>
37: <a href=plus23.html>For changes leading up to OpenBSD 2.3, click here</a>.<br>
38: <a href=plus24.html>For changes leading up to OpenBSD 2.4, click here</a>.<br>
39: <a href=plus25.html>For changes leading up to OpenBSD 2.5, click here</a>.<br>
40: <a href=plus26.html>For changes leading up to OpenBSD 2.6, click here</a>.<br>
1.1 deraadt 41: <a href=plus.html>For changes in OpenBSD-current, click here</a>.
42: <br>
43: </h3>
44:
45: <h3><font color=#0000e0>OpenBSD 2.0 released.</font></h3><p>
46: <ul>
47: <li>CTM is now a supported way of obtaining OpenBSD source code.
48: <li>Added sudo (which is maintained by one of our developers)
49: <li>Working Linux ext2fs.
50: <li>We have completed security reviews of almost all userland programs and libraries except for the gnu stuff (where, based on preliminary inspection there is poor handling of temp files).
51: <li>FreeBSD's adduser(8) command. Also an rmuser(8) command.
52: <li>A 7% reduction in size of static binaries.
53: <li>Compile time option to compile the source tree almost completely dynamic.
54: <li>Almost a hundred more security fixes, including /tmp races because of strncpy.
55: <li>Another kerberos security fix.
56: <li>deal with the SYN bomb problem (denial of service attack) as well known.
57: <li>less version 2.90
58: <li>mopd for networking booting Digital machines
59: <li>latest GNU groff, incorporated in a clean wrapperized form.
60: <li>secure multicast tools against possible security problems.
61: <li>sendmail gecos hole fixed (in a number of ways; other programs in the source tree were also vulnerable.)
62: <li>Nice sample files in /etc
63: <li>16 partitions working on sparc and i386 (yipee!)
64: <li>vim is replacing nvi, since nvi does not have a pure BSD license, and vim also works better.
65: <li>And of course... more security related bugfixes... (ie. dump, restore, mt).
1.4 ! rohee 66: <li>ftp command modified for easily scripted ftp & http downloads.
1.1 deraadt 67: <li>Complete in-tree development for MIPS/Alpha systems (ie. binutils).
68: <li>New routed from SGI.
69: <li>*Hobbit*'s netcat utility. The crackers use it, so should you.
70: <li>Say goodbye to dump, restore, and mt security holes: They are no longer setuid.
71: <li>DDB can now access symbol tables from LKM modules
72: <li>Some serial driver support for /dev/cuaXX devices to support transparent out+dial
73: <li>FreeBSD pipe() system call; quite a bit faster.
74: <li>libgnumalloc is gone; our malloc() is better.
75: <li>Kernel warns if /dev/console does not exist; nice warning for booting with an unpopulated /dev directory.
76: <li>cdio command for using CD audio.
77: <li>Even more security fixes.
78: <li>latest version of perl, and a lndir command.
79: <li>gcc 2.7.2.1 (to get closer to native alpha support ar gcc bugs).
80: <li>vim version 4.5
81: <li>a good start at NETIPX support
82: <li>improved locate command
83: <li>Fixed timeout support in RPC library, and also fixed it to support more than FD_SETSIZE file descriptors.
84: <li>rudimentary support for ISA Plug-and-Play cards
85: <li>`lsof'-style features in fstat.
86: <li>Numerous ftpd improvements and fixes, including multihomed and skey support.
87: <li>ncr53cXXX scsi scripts assembler
88: <li>arc4-based random support in kernel
89: <li>Kerberos is much more silent if not configured
90: <li>scsi subsystem security fix
91: <li>much newer join command (4.4lite2 with other fixes)
92: <li>RCS version 5.7
1.4 ! rohee 93: <li>added /etc/fbtab support to login & init.
1.1 deraadt 94: <li>partial protection against tcp SYN attacks.
1.4 ! rohee 95: <li>POSIX & C2 requirement; lose setuid/setgid bits if owner/group changed by chown(). This can be turned off with sysctl.
1.1 deraadt 96: <li>a real adduser program, which can even be used uninteractively.
97: <li>install now supports -C, -p, and -S flags.
98: <li>20 or so more security fixes
99: <li>at -f security fix.
100: <li>generic protection against the bind() takeover problem.
101: <li>new rdisc Router Discovery daemon
102: <li>Numerous FreeBSD userland fixes and improvements incorporated.
103: <li>FreeBSD malloc() that uses mmap() and is able to free unused memory.
104: <li>Fixed long-standing vm swap-leak.
105: <li>_POSIX_SAVED_IDS behaviour with permitted BSD extensions.
106: <li>Newest version of pppd.
107: <li>zlib (non-GPL'd gzip-compatible library)
108: <li>Numerous more security policy and implementation improvements (OpenBSD defaults to installing in a very secure mode)
109: <li>Significantly improved ftp daemon.
110: <li>Protection from the udp spamming and ftp bounce attacks.
111: <li>randomized port allocation in bind(), bindresvport(), and rresvport() -- security via unpredictability.
112: <li>The most secure rdist support anywhere.
113: <li>Fortran in the tree.
114: <li>terminfo database support.
115: <li>Working ATAPI audio support for multiple architectures.
116: <li>Linux ext2fs and BSD4.4 LFS support being worked on.
117: <li>Accepts FreeBSD MD5 passwords in password maps, soon will be able to generate them too
118: <li>Even more security fixes.
119: <li>using AT&T awk, gawk is toast
120: <li>pax as tar, gnutar is toast
121: <li>Boot kernels with "-c" to edit/enable/disable device configuration tables
1.4 ! rohee 122: <li>ATM support (support for one company's sparc & i386 cards available)
1.1 deraadt 123: <li>kernfs extensions
124: <li>select() that can handle any amount of file descriptors.
125: <li>new system calls: rfork(), minherit(), poll().
126: <li>/sbin/init now deals with non-existant ttys, no longer spins gettys madly.
127: <li>ncheck utility for ffs
128: <li>Numerous scsi fixes
129: <li>Some ddb improvements and extensions
130: <li>In-kernel update(8) with an adaptive algorithm
131: <li>/dev/*random -- a device driver providing some kinds of random data
132: <li>Solid YP master, server, and client capabilities.
133: <li>Kerberos and other crypto in the source tree that is exportable
134: <li>Numerous security related fixes
135: <li>new scsi, md5, pkg_* commands
136: <li>ATAPI support (should work on all ISA busses)
137: <li>Some LKM support in the tree.
138: <li>All the pieces needed for cross compilation are in the source tree.
139: <li>Verbatim integration of the GNU tools (using a wrapper Makefile)
140: <li>nlist() that understands ELF, ECOFF, and a.out, allowing non-a.out ports to use kvm utilies
141: <li>better ELF support
142: <li>ipfilter for filtering dangerous packets and Network Address Translation for IP masquerading.
143: <li>The FreeBSD ports subsystem was integrated and is usable by you!
144: <li>a termlib library which understands termcap.db, needed for new curses.
145: <li>New curses library, including libform, libpanel and libmenu.
146: <li>Many many NetBSD PR's fixed (which NetBSD has not yet fixed)
147: </ul>
148: <p>
149:
150: This list mentions mostly platform-independent changes. For a list of changes
151: made in a particular platform, please check the page for that platform. If you
152: find them not listed there, the changes are either (1) not being documented or
153: (2) are documented here.<br><br>
154:
155: <hr>
156: <p>
157: <h3>
1.3 deraadt 158: <a href=plus20.html>For changes leading up to OpenBSD 2.0, click here</a>.<br>
159: <a href=plus21.html>For changes leading up to OpenBSD 2.1, click here</a>.<br>
160: <a href=plus22.html>For changes leading up to OpenBSD 2.2, click here</a>.<br>
161: <a href=plus23.html>For changes leading up to OpenBSD 2.3, click here</a>.<br>
162: <a href=plus24.html>For changes leading up to OpenBSD 2.4, click here</a>.<br>
163: <a href=plus25.html>For changes leading up to OpenBSD 2.5, click here</a>.<br>
164: <a href=plus26.html>For changes leading up to OpenBSD 2.6, click here</a>.<br>
1.1 deraadt 165: <a href=plus.html>For changes in OpenBSD-current, click here</a>.
166: <br>
167: </h3>
168:
169: <hr>
170: <a href="index.html"><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
171: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
1.4 ! rohee 172: <br><small>$OpenBSD: plus20.html,v 1.3 1999/10/29 17:39:53 deraadt Exp $</small>
1.1 deraadt 173:
174: </body>
175: </html>
![[BACK]](/icons/back.gif){kind=icon}
Return to plus20.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www