Add a command to ddb that reports out the extent tables.
Add a clarifying statement to all the Kerberos code that explains how it came to be that this code was released from the USA's crypto stranglehold.
In the RPC code, ensure that __svc_fdsetsize is always manipulated as a bitcount.
***************
*** 189,195 ****
CVS version 1.9.24
For OLF/ELF binaries, remember the OS tag in execve(), so that emulation code can reference it later.
Make the kernel compile properly (with full warnings) under gcc 2.8.
!
Do not permit a read+write mmap() operation on a read-only file descriptor open on a device. This is a security problem in OpenBSD 2.2, and is described and fixed with a patch.
Rename /etc/nat.rules to /etc/ipnat.rules.
Add kerberos kauthd(8).
On the i386, move XFree86 aperture driver into the kernel. The new sysctl(8) variable machdep.allowaperture decides if this driver is active or not. (This variable can only be modified at high securelevel).
--- 190,196 ----
CVS version 1.9.24
For OLF/ELF binaries, remember the OS tag in execve(), so that emulation code can reference it later.
Make the kernel compile properly (with full warnings) under gcc 2.8.
!
Do not permit a read+write mmap() operation on a read-only file descriptor open on a device. This is a security problem in OpenBSD 2.2, and is described and fixed with a patch.
Rename /etc/nat.rules to /etc/ipnat.rules.
Add kerberos kauthd(8).
On the i386, move XFree86 aperture driver into the kernel. The new sysctl(8) variable machdep.allowaperture decides if this driver is active or not. (This variable can only be modified at high securelevel).
***************
*** 197,219 ****
Pull in all the NetBSD changes to the old version of gas over the last year or so.
Fix two bugs in adduser(8).
Change chflags(2) and fchflags(2) to take a u_int for the second parameter.
!
New quirk for another Archive VIPER scsi tape drive.
Fix another signal handler bug in mail(1).
!
The mac68k 2.2 CD release had a few problems. These problems have been resolved in the FTP release. For more details...
Make lpd(8) use keepalives so that it can detect dead network printers.
Support the WINBOND pci ethernet cards.
Fixed "%c" in strftime(3).
Various fixes to some of the games, ie. rain, worms, wump.
If link0 is set on a loopback interface (ie. lo1) make the address/netmask sets on it make supernets instead of subnets.
Place separate so_ruid and so_euid fields in struct socket, so that in_pcb.c can still do its job, but also so that identd(8) can be fast and return the proper uid.
!
In compress(1), if the st_flags is 0, do not attempt a chflags(2) call.
!
Make ruserok() significantly more paranoid when parsing the .rhosts file. This along with another issue is a security problem in OpenBSD 2.2, and is described and fixed with a patch.
raise IPPORT_USERRESERVED significantly. Random port numbers will now look much more random than they did before.
New -a logdev argument for syslogd(8), useful for setting up additional /dev/log devices in various chroot spaces.
Permit restore(8) to work on a filesystem that has a basic blocksize smaller than the blocksize of the filesystem that was dumped.
--- 198,220 ----
Pull in all the NetBSD changes to the old version of gas over the last year or so.
Fix two bugs in adduser(8).
Change chflags(2) and fchflags(2) to take a u_int for the second parameter.
!
New quirk for another Archive VIPER scsi tape drive.
Fix another signal handler bug in mail(1).
!
The mac68k 2.2 CD release had a few problems. These problems have been resolved in the FTP release. For more details...
Make lpd(8) use keepalives so that it can detect dead network printers.
Support the WINBOND pci ethernet cards.
Fixed "%c" in strftime(3).
Various fixes to some of the games, ie. rain, worms, wump.
If link0 is set on a loopback interface (ie. lo1) make the address/netmask sets on it make supernets instead of subnets.
Place separate so_ruid and so_euid fields in struct socket, so that in_pcb.c can still do its job, but also so that identd(8) can be fast and return the proper uid.
!
In compress(1), if the st_flags is 0, do not attempt a chflags(2) call.
!
Make ruserok() significantly more paranoid when parsing the .rhosts file. This along with another issue is a security problem in OpenBSD 2.2, and is described and fixed with a patch.
raise IPPORT_USERRESERVED significantly. Random port numbers will now look much more random than they did before.
New -a logdev argument for syslogd(8), useful for setting up additional /dev/log devices in various chroot spaces.
Permit restore(8) to work on a filesystem that has a basic blocksize smaller than the blocksize of the filesystem that was dumped.
***************
*** 226,243 ****
Emulate that disgusting linux connect() braindamage even better.
Fix some bugs in vacation(1).
Fix /etc/yp/domainname support in ypbind(8).
!
In the 2.2 release, the sparc scsi driver caused problems for the Sun 4/300 machines. Patches are now available.
Add FS_CCD partition type so that the ccd driver can ensure it has the right components.
Add /etc/sysctl.conf which specifies sysctl variables to change at boottime.
Fix a free page count bug in the vm system.
Create two new sysctl options: ddb.panic decides whether the kernel should enter ddb when it panics, and ddb.console controls if it is possible to enter ddb from the console via a hot-key.
Add scan_ffs(8), a very useful tool for reconstructing disks.
Add strptime(3).
!
Buffer overflow fix in the MIPS ld.so. Replacement binaries for the pmax and arc platforms are available.
Avoid DNS lookup timing effects in ping -R.
Fix the __{CTOR,DTOR}_LIST__ declarations in c++rt0.c
!
Two bugs existed in the 2.2 pmax release which all users should be aware of. Patches are now available.
!
Be more careful about sourcerouted packets, including never forwarding them. This is a security problem in OpenBSD 2.2, and is described and fixed with a patch.
Teach the kernel about newer PCI device types.
Workaround a race condition in syslogd's handling of SIGHUP.
Some man page fixes so that man -k is happier.
--- 227,244 ----
Emulate that disgusting linux connect() braindamage even better.
Fix some bugs in vacation(1).
Fix /etc/yp/domainname support in ypbind(8).
!
In the 2.2 release, the sparc scsi driver caused problems for the Sun 4/300 machines. Patches are now available.
Add FS_CCD partition type so that the ccd driver can ensure it has the right components.
Add /etc/sysctl.conf which specifies sysctl variables to change at boottime.
Fix a free page count bug in the vm system.
Create two new sysctl options: ddb.panic decides whether the kernel should enter ddb when it panics, and ddb.console controls if it is possible to enter ddb from the console via a hot-key.
Add scan_ffs(8), a very useful tool for reconstructing disks.
Add strptime(3).
!
Buffer overflow fix in the MIPS ld.so. Replacement binaries for the pmax and arc platforms are available.
Avoid DNS lookup timing effects in ping -R.
Fix the __{CTOR,DTOR}_LIST__ declarations in c++rt0.c
!
Two bugs existed in the 2.2 pmax release which all users should be aware of. Patches are now available.
!
Be more careful about sourcerouted packets, including never forwarding them. This is a security problem in OpenBSD 2.2, and is described and fixed with a patch.
Teach the kernel about newer PCI device types.
Workaround a race condition in syslogd's handling of SIGHUP.
Some man page fixes so that man -k is happier.
***************
*** 320,329 ****
Make route(8) non-setuid.
In ftpd, default to RFC non-conforming behaviour for the PORT command, but provide a runtime switch for those who like holes.
Addition of Obtuse smtpd(8) and smtpfwd(8) v2.0.
!
![[OpenBSD]](images/smalltitle.gif){kind=small}
! www@openbsd.org
! 