Annotation of www/plus23.html, Revision 1.71
1.71 ! bentley 1: <!doctype html>
! 2: <html lang=en id=plus>
! 3: <meta charset=utf-8>
1.62 tj 4: <title>OpenBSD 2.3 Changelog</title>
1.47 schwarze 5: <meta name="description" content="OpenBSD 2.3 changes">
1.61 deraadt 6: <meta name="viewport" content="width=device-width, initial-scale=1">
7: <link rel="stylesheet" type="text/css" href="openbsd.css">
1.64 tb 8: <link rel="canonical" href="https://www.openbsd.org/plus23.html">
1.71 ! bentley 9: <style>
! 10: strong {
! 11: color: var(--red);
! 12: }
1.1 deraadt 13:
1.71 ! bentley 14: h3 {
! 15: color: var(--blue);
! 16: }
1.1 deraadt 17:
1.71 ! bentley 18: p strong {
! 19: font-weight: normal;
! 20: }
! 21:
! 22: code {
! 23: font-family: serif;
! 24: font-weight: bolder;
! 25: }
! 26: </style>
! 27:
! 28: <h2 id=OpenBSD>
1.61 deraadt 29: <a href="index.html">
1.71 ! bentley 30: <i>Open</i><b>BSD</b></a>
! 31: 2.3 Changelog
1.62 tj 32: </h2>
1.23 naddy 33: <hr>
1.1 deraadt 34:
35: <p>
36: This is a partial list of the major machine independent changes
1.40 sobrado 37: (i.e., these are the changes people ask about most often). Machine
1.1 deraadt 38: specific changes have also been made, and are sometimes mentioned
1.40 sobrado 39: in the pages for the specific <a href=plat.html>platforms</a> if you
1.1 deraadt 40: are interested in further port-specific details. Many ports
41: have had architecture-specific enhancements relative to NetBSD,
42: but when they do not they certainly have plenty of platform-independent
43: changes, starting with those listed below..
44:
45: <p>
1.71 ! bentley 46: Note: <strong>Problems for which patches exist are marked in red</strong>.
1.1 deraadt 47:
48: <p>
1.21 deraadt 49: For changes in other releases, click below:<br>
50: <a href="plus20.html">2.0</a>,
51: <a href="plus21.html">2.1</a>,
52: <a href="plus22.html">2.2</a>,
53: <a href="plus24.html">2.4</a>,
54: <a href="plus25.html">2.5</a>,
55: <a href="plus26.html">2.6</a>,
56: <a href="plus27.html">2.7</a>,
57: <a href="plus28.html">2.8</a>,
58: <a href="plus29.html">2.9</a>,
59: <a href="plus30.html">3.0</a>,
60: <a href="plus31.html">3.1</a>,
61: <a href="plus32.html">3.2</a>,
1.24 deraadt 62: <a href="plus33.html">3.3</a>,
1.26 david 63: <a href="plus34.html">3.4</a>,
1.29 deraadt 64: <a href="plus35.html">3.5</a>,
1.30 miod 65: <a href="plus36.html">3.6</a>,
1.53 deraadt 66: <a href="plus37.html">3.7</a>,
1.39 deraadt 67: <br>
1.32 deraadt 68: <a href="plus38.html">3.8</a>,
1.33 deraadt 69: <a href="plus39.html">3.9</a>,
1.34 deraadt 70: <a href="plus40.html">4.0</a>,
1.35 deraadt 71: <a href="plus41.html">4.1</a>,
1.36 deraadt 72: <a href="plus42.html">4.2</a>,
1.38 deraadt 73: <a href="plus43.html">4.3</a>,
1.39 deraadt 74: <a href="plus44.html">4.4</a>,
1.41 deraadt 75: <a href="plus45.html">4.5</a>,
1.42 deraadt 76: <a href="plus46.html">4.6</a>,
1.43 deraadt 77: <a href="plus47.html">4.7</a>,
1.44 deraadt 78: <a href="plus48.html">4.8</a>,
1.45 deraadt 79: <a href="plus49.html">4.9</a>,
1.46 nick 80: <a href="plus50.html">5.0</a>,
1.47 schwarze 81: <a href="plus51.html">5.1</a>,
1.48 nick 82: <a href="plus52.html">5.2</a>,
1.49 deraadt 83: <a href="plus53.html">5.3</a>,
1.50 deraadt 84: <a href="plus54.html">5.4</a>,
1.51 deraadt 85: <br>
1.53 deraadt 86: <a href="plus55.html">5.5</a>,
1.55 brett 87: <a href="plus56.html">5.6</a>,
1.56 deraadt 88: <a href="plus57.html">5.7</a>,
1.59 deraadt 89: <a href="plus58.html">5.8</a>,
1.60 deraadt 90: <a href="plus59.html">5.9</a>,
1.63 deraadt 91: <a href="plus60.html">6.0</a>,
1.66 deraadt 92: <a href="plus61.html">6.1</a>,
1.67 deraadt 93: <a href="plus62.html">6.2</a>,
1.68 deraadt 94: <a href="plus63.html">6.3</a>,
1.69 deraadt 95: <a href="plus64.html">6.4</a>,
1.70 pamela 96: <a href="plus65.html">6.5</a>,
1.21 deraadt 97: <a href="plus.html">current</a>.
1.1 deraadt 98: <br>
99:
1.54 deraadt 100: <p>
1.71 ! bentley 101: <h3>Changes made between OpenBSD 2.2 and 2.3</h3>
1.54 deraadt 102: <p>
1.1 deraadt 103:
104: <ul>
1.71 ! bentley 105: <li><strong>A security problem due to buffer mismanagement exists in lprm(1). <a href="errata22.html#rmjob">A patch exists</a></strong>.
! 106: <li><strong>A security problem due to a buffer overflow exists in uucpd(8) (which is not enabled by default in our releases). <a href="errata22.html#uucpd">A patch exists</a></strong>.
1.1 deraadt 107: <li>On the i386, fix installboot(8) so it works reliably on various filesystem layouts that did not work before.
108: <li>Support lots of file descriptors in named(8), for when many virtual interfaces exist.
109: <li>Fix installboot(8) on the sparc Sun4 models.
1.71 ! bentley 110: <li>In disklabel(8)'s <code>-E</code> mode, set the bootblock sizes so that the hp300 install does not freak out.
1.1 deraadt 111: <li>In mktemp(3), repair a bug in the filename incrementing loop.
112: <li>Various other install script fixes.
113: <li>Fix /etc/fbtab handling in init(8).
114: <li>Make disklabel(8) mentions IDE (which is an alias for ESDI).
115: <li>For the i386, have the install procedure ask if the xf86 driver should be enabled by default.
1.8 rohee 116: <li>Make install procedure prompt & set the initial root password.
1.1 deraadt 117: <li>When root logs in for the first time, let him find that he has an interesting piece of mail about how the system works.
118: <li>Fix ipsec encap notifies.
1.25 deraadt 119: <li>Configure xdm(1) and the fwvm window manager sensibly enough for default users to not feel utterly lost.
1.71 ! bentley 120: <li>Fix 'u'ndo support in disklabel(8)'s <code>-E</code> mode, and also add a new 'r' command.
1.1 deraadt 121: <li>Repair the pkg_add(1) sufficiently for the 2.3 release...
122: <li>Fix a race condition in unmount(2).
123: <li>Add support for the XR16850 serial chip (128 byte fifos).
124: <li>mkisofs 1.11.2
125: <li>Disable console ddb by default. sysctl can re-enable it.
126: <li>Fix backtraces in gdb on m68k platforms.
127: <li>Support 3c905B (well, actually, our support falls over. We need a card to do further work).
128: <li>Modify i386 PS/2 driver to be read/write; this permits new XFree86 source to put mice into advanced modes of operation.
129: <li>Remove KTH Kerberos "eavesdropping" message from telnet(1) and telnetd(8).
1.71 ! bentley 130: <li>Fix bug oflow in ping(8) <code>-R</code> option.
! 131: <li>In tar(1), only preserve the uid/gid if the <code>-p</code> flag is given.
1.1 deraadt 132: <li>sudo version 1.5.5
133: <li>Do not prepend /usr/local/bin to the PATH in zdiff(1), zforce(1), zgrep(1), zmore(1), znew(1), or rcsfreeze(1).
134: <li>Fix DNS fake-iquery bug.
1.71 ! bentley 135: <li>In the <code>le</code> ethernet driver, if the detected ethernet address is ff:ff:ff:ff:ff ... fail.
1.1 deraadt 136: <li>Fixes for various (minor) Y2K problems.
137: <li>Switch a.out ports in the tree (sparc, m68k, i386) to use the newer version of gdb that is part of the binutils tree.
138: <li>Significantly improve the system install scripts.
139: <li>Add disklabel spoofing to the hp300 port.
140: <li>Add xlockmore(1) to the X11 tree.
1.71 ! bentley 141: <li>Fix <code>ru_majflt</code> counting in the VM system.
1.1 deraadt 142: <li>Add AFS token fetching capability to various parts of the source tree.
143: <li>In login(1), handle cleanup of environment variables correctly.
144: <li>In ftp(1), for HTTP requests pass the hostname so that virtual hosts work.
1.71 ! bentley 145: <li>In utimes(2) and futimes(2), handle <code>tv_sec</code> values of -1 more carefully, as they are really illegal cases.
! 146: <li>Import <code>kx</code> into our X11 source tree.
! 147: <li>Add a <code>SIOCGIFDATA</code> ifreq-style ioctl which will get the ifdata informational structure attached to each interface.
1.1 deraadt 148: <li>Add httpd(8) to the OpenBSD tree. It is apache 1.2.6.
1.71 ! bentley 149: <li>Import <code>xpm</code> into our X11 source tree.
1.1 deraadt 150: <li>Support QLogic PCI scsi controllers (at least on the i386).
1.4 deraadt 151: <li>Fix rmd160(3) (and also the IPSEC algorithm) to properly handle data beyond its block boundary.
1.71 ! bentley 152: <li>Emulate SunOS <code>otimes(2)</code> system call so that Netscape doesn't explode.
1.1 deraadt 153: <li>Fix rarpd(8) interaction with routed(8); too much routing information would pile up un-read on the AF_ROUTE socket and rarpd(8) would get too grumpy.
154: <li>Remove libtelnet.so.* from the distribution. People compiling kerberos into their system were generating significantly different shared libraries; thus it is wrong to make this a shared library.
1.16 jsyn 155: <li>Make edquota(8) handle numeric names as uids only after checking that an account named so does not exist.
1.1 deraadt 156: <li>Add UID_MAX and GID_MAX to <machine/limits.h> on each architecture.
157: <li>Fix ch(4) operation on ncr(4) scsi controllers.
1.37 tobias 158: <li>On the sparc, switch to an alternate font if the console is < 800*600 resolution.
1.1 deraadt 159: <li>Add ISAPNP driver for the 3c509 cards.
1.71 ! bentley 160: <li>Change <code>SIOCGIFNETMASK</code>, <code>SIOCGIFDSTADDR</code>, and <code>SIOCGIFBRDADDR</code> to return information for named/addressed mappings rather than simply named mappings, so that these calls can work on interface aliases.
1.1 deraadt 161: <li>Add (complete?) support for KerberosIV to our X11R6.
162: <li>In mktemp(1), document why this should be used for temporary filename generation.
163: <li>In telnet(1), fix connecting to IP addresses; this was recently broken by the new KTH kerberos telnet integration.
1.71 ! bentley 164: <li>Make <code>-R path</code> work a well as <code>-Rpath</code> in cc(1).
! 165: <li>In the ksh(1) manpage, clarify the behaviour of the <code>CDPATH</code> variable.
1.1 deraadt 166: <li>Add support for more PCI NE2000 cards.
1.71 ! bentley 167: <li>Make <code>%Y</code> override an earlier <code>%y</code> in strptime(3).
! 168: <li>Add support for <code>atalk</code> to ifconfig(8).
1.1 deraadt 169: <li>Make the functions described in ethers(3) more careful.
170: <li>Fix support for VFS loadable kernel modules.
171: <li>In get*ent() family of routines in libc, use fgetln(3) instead of fgets(3) so that parsing of overly long lines is more correct.
172: <li>Add options(4). This manpage describes what all the kernel options do. If you spot an error in it, notify us immediately.
1.71 ! bentley 173: <li>In strptime(3), make <code>%C</code> influence <code>%y</code> regardless of ordering.
! 174: <li>Fix a NULL deference bug in make(1) when using the <code>-j</code> flag.
! 175: <li>Fix <code>%m</code>, <code>%I</code>, <code>%S</code>, <code>%y</code>, <code>%C</code>, and <code>%j</code> conversions in strptime(3).
1.9 wvdputte 176: <li>Merge Kirk McKusick's <a href="faq/faq14.html#14.5">soft update</a> code. This code is still experimental and under a non-commercial license. It will be included in the next release as an optional compile flag; we cannot ship it enabled by default.
1.1 deraadt 177: <li>Flesh out the man pages and explain the security problems behind mktemp(3) and other similar functions, plus explain how to handle these problems better.
178: <li>Fully working KerberosIV encryption in telnet(1) and telnetd(8).
179: <li>Fixes to a few more games.
180: <li>CVS version 1.9.26
181: <li>Fix mktemp(3) problems in two more YP tools.
182: <li>Fix an interaction bug in inetd(8) due to SIGPIPE blocking; caused a bad effect in rlogind(8) or other inetd(8) children.
1.71 ! bentley 183: <li>Configure cc(1) to pass the <code>-R</code> flag on to ld(1).
1.1 deraadt 184: <li>Add lynx 2.8 to the system.
185: <li>Add support for 82553 and 82555B PHY in the fxp driver.
186: <li>Fix tmpfile(3) to fchown() the file after unlink() (taking umask() into consideration, too). This is required by standards.
187: <li>Fix vnd and ccd drivers to work properly with soft updates.
188: <li>Fix a crash case in compress(1).
1.71 ! bentley 189: <li>Add <code>-s</code> and <code>-c</code> options to last(1).
! 190: <li>Add support for <code>-s section</code> and <code>-S subsection</code> to man(1).
1.1 deraadt 191: <li>Change the configuration of man(1) so that man4 is read much later; this makes it easier to see pages in man8 with similar names.
192: <li>Fix KerberosIV password changing.
193: <li>On the sparc, support 128KB lebuffer devices.
194: <li>On the sparc, print hotfix information at the right place in the dmesg log.
195: <li>Fix passwd(1) so that YP passwords do not get edited in the local password file.
196: <li>Significant efforts made at fleshing out the device driver man page tree better.
197: <li>Upgrade to gcc 2.8.1
198: <li>Rename 2.2 to 2.3 tree-wide, for the upcoming release.
199: <li>Improve IPSEC performance.
200: <li>Add many new machine-dependent man4 man pages.
201: <li>XFree86 3.3.2 is now in our X11 source tree.
202: <li>Add another missing ntohl() in ipnat(8).
203: <li>Use a p_os field to sub-divide operating system emulation capabilities (like for SVR4 binaries).
204: <li>Spend almost a week finding and fixing minor goobers discovered by gcc 2.8 throughout the source tree.
205: <li>Fix syslog(3) sockaddr initialization.
1.71 ! bentley 206: <li>Add support for <code>TIOCM*</code> family of ioctl(2) values to the sparc serial driver.
! 207: <li>New photurisd(8) that complies with <code>draft-simpson-photuris-18.txt</code>.
1.1 deraadt 208: <li>Fix a race bug in mkstemp(3) itself that would make mkstemp(3) have occasionally fail strangely.
209: <li>Fix a few more mktemp(3) problems in f77 libraries, and other assorted GNU software.
210: <li>Upgrade to gcc 2.8.0
211: <li>Upgrade to libg++ 2.8.0
212: <li>Make ping(8) work with very large packet sizes on all types of interfaces.
1.71 ! bentley 213: <li>Correct behaviour <code>-x</code> and <code>-p</code> flags in tar(1) to be traditional.
1.1 deraadt 214: <li>Remove one of the two copies of math.h in the source tree.
215: <li>Improve blowfish performance by a factor of 2, and hence increase the rounds by 1 in passwd.conf.
216: <li>Handle unknown hostnames in mountd(8) better.
217: <li>Inside the kernel, change struct file's members f_count and f_msgcount to longs, and then add checking for overflows as well.
218: <li>Add XDM-AUTHORIZATION to X11.
219: <li>In old gas, move to late resolution of symbols because gcc 2.8 will require this.
220: <li>Fix a configuration file parsing bug in ipf(8).
221: <li>In libpcap and tcpdump, use our system ethers(5) parsing routines.
1.71 ! bentley 222: <li>Make <code>netstat -r</code> report better information about non-standard netmasks.
1.1 deraadt 223: <li>Fix some bugs in the 3c[59]xx device driver.
1.71 ! bentley 224: <li><strong>The 3rd revision of the patch for the mmap() security problem is available, and <a href="errata22.html#mmap">has been placed on top of the 2nd revision</a></strong>.
1.1 deraadt 225: <li>Add a command to ddb that reports out the extent tables.
226: <li>Add a clarifying statement to all the Kerberos code that explains how it came to be that this code was released from the USA's crypto stranglehold.
227: <li>In the RPC code, ensure that __svc_fdsetsize is always manipulated as a bitcount.
228: <li>Clarify crypt(3) manpage as to how many characters each transform actually considers in its calculation.
229: <li>Do not permit TCP connections to any of the broadcast addresses.
230: <li>Do not let a user set their password to "s/key".
231: <li>Permit the disabling of skey system-wide.
232: <li>Convert the xdr(3) and rpc(3) manpages to mandoc format.
233: <li>In mail.local(8), document how to use quotas on a mail spool.
1.71 ! bentley 234: <li>Add <code>-p</code> option to uname(1), to display detailed CPU information.
1.1 deraadt 235: <li>Support for the ST16650 32-byte FIFO uart.
236: <li>Do not copy from off the end of an nfs boot mbuf.
237: <li>Some more repair in the games.
1.71 ! bentley 238: <li>Support <code>-rpath dir</code>, <code>-shared</code>, <code>-soname</code>, <code>--whole-archive</code>, and <code>--no-whole-archive</code> in the old ld used on many of our platforms.
1.1 deraadt 239: <li>CVS version 1.9.24
240: <li>For OLF/ELF binaries, remember the OS tag in execve(), so that emulation code can reference it later.
241: <li>Make the kernel compile properly (with full warnings) under gcc 2.8.
1.71 ! bentley 242: <li><strong>Do not permit a read+write mmap() operation on a read-only file descriptor open on a device. This is a security problem in OpenBSD 2.2, and is <a href="errata22.html#mmap"> described and fixed with a patch</a></strong>.
1.1 deraadt 243: <li>Rename /etc/nat.rules to /etc/ipnat.rules.
244: <li>Add kerberos kauthd(8).
1.71 ! bentley 245: <li>On the i386, move XFree86 aperture driver into the kernel. The new sysctl(8) variable <code>machdep.allowaperture</code> decides if this driver is active or not. (This variable can only be modified at high securelevel).
! 246: <li>Remove the ftp(1) 'stdout redirection' hack and replace it with a <code>-o filename</code> option (which also understands a filename of "-" to mean stdout).
1.1 deraadt 247: <li>Pull in all the NetBSD changes to the old version of gas over the last year or so.
248: <li>Fix two bugs in adduser(8).
249: <li>Change chflags(2) and fchflags(2) to take a u_int for the second parameter.
1.65 tb 250: <li><a href="https://www.openbsd.org/art/.small/openbsdpower.gif.gif">New fancy OpenBSD logo for your use</a>.
1.71 ! bentley 251: <li>Add XPG4 <code>-r</code> option to du(1).
! 252: <li>Support <code>-[width]</code> option in fmt(1).
1.1 deraadt 253: <li>New quirk for another Archive VIPER scsi tape drive.
254: <li>Fix another signal handler bug in mail(1).
1.71 ! bentley 255: <li><strong>The mac68k 2.2 CD release had a few problems. These problems have been resolved in the FTP release. <a href="errata22.html#mac68k">For more details...</a></strong>
1.1 deraadt 256: <li>Make lpd(8) use keepalives so that it can detect dead network printers.
257: <li>Support the WINBOND pci ethernet cards.
258: <li>Fixed "%c" in strftime(3).
259: <li>Various fixes to some of the games, ie. rain, worms, wump.
1.71 ! bentley 260: <li>If <code>link0</code> is set on a loopback interface (ie. lo1) make the address/netmask sets on it make supernets instead of subnets.
1.4 deraadt 261: <li>Place separate so_ruid and so_euid fields in struct socket, so that in_pcb.c can still do its job, but also so that identd(8) can be fast and return the proper uid.
1.71 ! bentley 262: <li><strong>In the sparc 2.2 release, the SS4/SS5 kernel was not very reliable. <a href="errata22.html#sparciommu">A simple reliability patch is now available</a>.</strong>
1.1 deraadt 263: <li>Fix a map corruption bug in ypxfr(8).
264: <li>Make stty(1) recognize STRIPDISC.
265: <li>In compress(1), if the st_flags is 0, do not attempt a chflags(2) call.
1.71 ! bentley 266: <li><strong>Make ruserok() significantly more paranoid when parsing the .rhosts file. This along with another issue is a security problem in OpenBSD 2.2, and is <a href="errata22.html#ruserok"> described and fixed with a patch</a></strong>.
1.1 deraadt 267: <li>raise IPPORT_USERRESERVED significantly. Random port numbers will now look much more random than they did before.
1.71 ! bentley 268: <li>New <code>-a logdev</code> argument for syslogd(8), useful for setting up additional /dev/log devices in various chroot spaces.
1.1 deraadt 269: <li>Permit restore(8) to work on a filesystem that has a basic blocksize smaller than the blocksize of the filesystem that was dumped.
1.71 ! bentley 270: <li>Make MIPS ldconfig emulate the <code>-m</code> flag better.
1.1 deraadt 271: <li>The web pages now have a new section on <a href=security.html> security advisories</a>.
272: <li>New compat_ibcs2(8) manpage.
273: <li>Fix rarpd(8) to work properly in the presence of massive routing traffic.
274: <li>A start at full lint library support.
275: <li>smtpd(8) integration spiffied up. Everything you need is now in the system.
276: <li>Emulate that disgusting linux connect() braindamage even better.
277: <li>Fix some bugs in vacation(1).
278: <li>Fix /etc/yp/domainname support in ypbind(8).
1.71 ! bentley 279: <li><strong>In the 2.2 release, the sparc scsi driver caused problems for the Sun 4/300 machines. <a href="errata22.html#sparc">Patches are now available</a></strong>.
! 280: <li>Add <code>FS_CCD</code> partition type so that the ccd driver can ensure it has the right components.
! 281: <li>Add <code>/etc/sysctl.conf</code> which specifies sysctl variables to change at boottime.
1.1 deraadt 282: <li>Fix a free page count bug in the vm system.
1.71 ! bentley 283: <li>Create two new sysctl options: <code>ddb.panic</code> decides whether the kernel should enter ddb when it panics, and <code>ddb.console</code> controls if it is possible to enter ddb from the console via a hot-key.
1.1 deraadt 284: <li>Add scan_ffs(8), a very useful tool for reconstructing disks.
285: <li>Add strptime(3).
1.71 ! bentley 286: <li><strong>Buffer overflow fix in the MIPS ld.so. Replacement binaries for the <a href="errata22.html#pmax">pmax</a> and <a href="errata22.html#arc">arc</a> platforms are available</strong>.
1.1 deraadt 287: <li>Avoid DNS lookup timing effects in ping -R.
288: <li>Fix the __{CTOR,DTOR}_LIST__ declarations in c++rt0.c
1.71 ! bentley 289: <li><strong>Two bugs existed in the 2.2 pmax release which all users should be aware of. <a href="errata22.html#pmax">Patches are now available</a></strong>.
! 290: <li><strong>Be more careful about sourcerouted packets, including never forwarding them. This is a security problem in OpenBSD 2.2, and is <a href="errata22.html#sourceroute"> described and fixed with a patch</a></strong>.
1.1 deraadt 291: <li>Teach the kernel about newer PCI device types.
292: <li>Workaround a race condition in syslogd's handling of SIGHUP.
1.71 ! bentley 293: <li>Some man page fixes so that <code>man -k</code> is happier.
1.1 deraadt 294: <li>Low-memory bug fix in setenv(3).
295: <li>Self-extending kernel maps in the vm subsystem.
296: <li>In rc.local, bail on starting cfsd(8) if mountd(8) is not running.
297: <li>Require commands started from in /etc/rc to be executable -- not just readable.
298: <li>Glob extensions for XPG4.
299: <li>Cleanups in wump(6).
300: <li>Check both old and new shells in rpc.yppasswdd(8).
1.71 ! bentley 301: <li>Add <code>-a</code> flag to which(1).
1.1 deraadt 302: <li>On binutils platforms, make ldd(1) work on static executables.
1.71 ! bentley 303: <li>IPF 3.2.3. When you upgrade to this version, you <em>must</em> also upgrade the userland utilities (ipf, ipnat, etc.). You also need to get the latest MAKEDEV and run "sh MAKEDEV ipl" in /dev to create new device entries.
1.1 deraadt 304: <li>Fix a race in mkdir(1).
1.16 jsyn 305: <li>More cdrom ioctls in Linux emulation.
1.1 deraadt 306: <li>Fix select(2) use in sudo(8) so that it can handle large fd_set sizes.
307: <li>In termcap databases, map the keyboard backspace key to DEL instead of BS as that is how it really is.
308: <li>Fix argument handling in expand(1).
309: <li>If tar(1) extracts as root, preserve uid/gid as is traditional.
310: <li>Repaired the expansion of the kernel panic string.
311: <li>Much more complete KerberosIV documentation.
312: <li>Start at bus_dma support.
313: <li>Properly error out if yp_match() or yp_first() is asked to lookup long keys.
314: <li>Groff 1.11a
315: <li>Properly ignore whitespace between a conversion and %n in *scanf(3).
316: <li>Import of tzcode1998b and tzdata1998b.
317: <li>Use new ypwhich(1) flag in ypinit(8) script to get maps from the real master server.
1.71 ! bentley 318: <li>Support <code>-h host</code> flag to ypwhich(1).
1.1 deraadt 319: <li>pppd 2.3.3
320: <li>Handle unparseable ulimit specifications as an error, not as the value 0.
321: <li>ncurses 4.1-980103
322: <li>In w(1), handle processes that set argv[0] to NULL, by printing p_pcomm.
323: <li>Make pkg_install(1) feed a -p option to tar.
324: <li>sudo version 1.5.4.
325: <li>Merge some slight standardization fixes for *printf(3) from FreeBSD (some unlikely cases get handled better).
326: <li>Bring gethostent() back to life, even though it is a bad interface.
327: <li>In disklabel(8), make IDE drive type handling more obvious and intuitive.
328: <li>Support all kinds of keyboards in pcvt, like pccons does.
329: <li>Support for FAT32 partitions.
330: <li>For scsi tape drives, be silent in the presence of ILI errors.
331: <li>Fix a vnode creation race.
332: <li>Fix a output error in finger(1).
1.28 deraadt 333: <li>Do not permit dumping corefiles over symbolic links. (We have wanted this changed for a long time, but it required Lite2 vfs.)
1.1 deraadt 334: <li>Permit extra / terminators in some path-based system calls.
1.15 pvalchev 335: <li>Fix some problems regarding transfer of secure yp maps.
1.1 deraadt 336: <li>New rc.conf(7) manpage.
337: <li>Make sure it is clear that so_linger is in seconds.
338: <li>Add sysctl net.inet.icmp.bmcastecho to block the smurf problem.
339: <li>Some fixes to fdisk(8) and disklabel(8).
340: <li>Workaround a problem that happens if a TCP socket is shutdown(2)'d more than once.
341: <li>Some more manpage cleanups.
342: <li>Some slight changes to the PCI device subsystem to make it probe devices nicer (mostly dmesg printing).
343: <li>Make md5(1), rmd160(1), and sha1(1) use getopt().
344: <li>Make {f,}chflags(.., -1) return error EINVAL.
345: <li>Make mmap() return void * instead of caddr_t, and add the MAP_FAILED define required by new standards.
346: <li>Fix some gzip buf oflows.
347: <li>Correct an splx botch in the tunnel driver.
348: <li>Add sysctl ddb.panic_ddb; indicates whether to drop into ddb on a panic.
349: <li>Swap quit and exit commands in fdisk.
350: <li>Correct exit code of nohup(1).
1.11 deraadt 351: <li>lockf() implementation.
1.1 deraadt 352: <li>Handle DST changeovers automatically in cron.
353: <li>IBCS2 emulation also requires fcntl() F_FREESP support.
354: <li>The new KTH KerberosIV integration (and security audit) is almost complete.
355: <li>If mountd(8) discovers getfh(2) not supported, it now aborts nicely.
356: <li>Support fcntl() GETLK,SETLK,UNLK variants in SunOS emulation.
357: <li>Fix a bug in make(1) regarding SYSV style : substitution on null variables.
358: <li>Check the values of the ftp PORT command even more carefully.
359: <li>Fail better for over-long usernames.
360: <li>Change ftp(1) so that tries to use passive mode, and falls back to active mode. Provide environment variables to fall back. This is incredibly cool.
361: <li>Provide workaround for the Cyrix 6x86 COMA bug. (A workaround for 2.2 is not available).
362: <li>Implement fcntl() of F_FREESP in SVR4 emulation. Does this belong in ibcs2 also?
363: <li>Fix Linux accept/recvmsg if kernel is compiled with other compat options.
364: <li>In numerous programs, avoid fd_set overflows.
365: <li>Fix MAKEDEV script regarding /dev/fd/* for some architectures.
366: <li>Fix a kernel bug related to "route change ...".
367: <li>Support IP_HDRINCL in Linux emulation.
368: <li>Update the pkg_* tools a bit.
369: <li>Honour TMPDIR in the locate(8) tools.
370: <li>Make route(8) non-setuid.
371: <li>In ftpd, default to RFC non-conforming behaviour for the PORT command, but provide a runtime switch for those who like holes.
372: <li>Addition of Obtuse smtpd(8) and smtpfwd(8) v2.0.
1.71 ! bentley 373: <li><strong>Due to timing constraints, mac68k X11 binaries did not make it onto the 2.2 CDROM. <a href="errata22.html#mac68k">But it is now available for ftp</a></strong>.
1.1 deraadt 374: <li>Do not clear the setuid/setgid file mode bits for a call to {,f,l}chmod(-1, -1).
375: <li>Enable new FreeBSD ppp(8) daemon. There are now two ppp daemons in the source tree, they have quite different feature sets.
1.71 ! bentley 376: <li><strong>Fixed a panic problem in the i386 apm driver. <a href="errata22.html#i386">A patch is available for 2.2</a></strong>.
1.1 deraadt 377: <li>Repair a number of retry operation problems in the wdc driver that mostly affected sleeping laptops.
378: <li>Handle the controlling tty ioctl in linux emulation.
379: <li>Handle SIOCGIFMETRIC and SIOCGIFMTU in linux emulation.
380: <li>Handle nanosleep() in linux emulation.
1.8 rohee 381: <li>Use recursive vnode locks to solve a page-in panic reported by chuck & chuck.
1.1 deraadt 382: <li>Handle SIOCGIFHWADDR ioctl in linux emulation.
383: <li>Handle the cdrom ejecting ioctl in linux emulation.
384: <li>Correct an XPG violation in stdlib.h.
385: <li>Fix a problem in -current regarding open() of O_TRUNC and O_SHLOCK.
386: <li>Fix numerous problems with new KTH kerberos.
1.71 ! bentley 387: <li><strong>A workaround for the Intel P5 F00F lockup problem. <a href="errata22.html#i386">A patch is available for 2.2</a></strong>.
1.1 deraadt 388: <li>Fix minor numbers for /dev/ch* in the MAKEDEV scripts.
1.71 ! bentley 389: <li>Add a <code>kern.nosuidcoredump</code> sysctl.
1.1 deraadt 390: <li>Enhance the performance of pwd_mkdb(8) by expanding the db(3) cache based on input filesize.
1.71 ! bentley 391: <li>Use <code>cp -R</code> instead of <code>cp -r</code> for local copies in rcp(1).
1.1 deraadt 392: <li>Flesh out scsi(8) a tiny bit more.
393: <li>In linux compat, handle the CDROM ioctl() calls.
394: <li>Indicate connect direction for tcp sockets in fstat(1).
395: <li>Fix scsi CDIOCREADSUBCHANNEL.
1.37 tobias 396: <li>Prevent ipf/ipnnat configuration changes when securelevel > 1.
1.1 deraadt 397: <li>Fix an overflow in top(1).
398: <li>Fix a deadlock on cd9660.
399: <li>Update to ncurses-4.1-971129
1.71 ! bentley 400: <li><strong>On the i386, handle the nasty problem with distinguishing SVR4 and Linux binaries. <a href="errata22.html#i386">A patch is available for 2.2</a></strong>.
1.1 deraadt 401: <li>Newer ncr device driver.
402: <li>Fix SunOS emulation of TIOCGPGRP.
403: <li>Add some more XPG4.2 *_t types.
404: <li>Import perl 5.004_04.
405: <li>Add hosts.equiv(3) and .rhosts(3) man page.
406: <li>Add asprintf(3) and vasprintf(3).
407: <li>Fix /etc/rc scripts to require IPF if NAT is requested.
408: <li>Moving towards KTH kerberos 4-0.9.7.
1.71 ! bentley 409: <li>Fix <code>-amin</code> option in find(1).
1.1 deraadt 410: <li>Fix arp(8) ethernet address parsing for the illegal cases.
411: <li>Massive performance optimization of the ccd device (RAID-like striping disk driver).
412: <li>Work around stupid linux emulation behaviour involving non-blocking connect(2).
413: <li>Update to ncurses 4.1.
414: <li>Fix a mget prompting error in ftp(1).
1.71 ! bentley 415: <li>add <code>-t</code> option to disklabel(8).
1.1 deraadt 416: <li>Some man page cleanups.
417: <li>Fix a memory leak in the kernel process group manipulation code.
418: <li>Import of FreeBSD's ppp(8) program.
419: <li>Update sudo(8).
420: <li>Fixed bug in 'systat vm' output.
421: <li>Fix the internals of open(2) when O_TRUNC and either O_SHLOCK or O_EXLOCK are set. (That was a nasty kernel bug).
422: <li>Clean /var earlier in the /etc/rc script.
1.71 ! bentley 423: <li><strong>make readlink(1) terminate its buffer correctly. <a href="errata22.html#all">This affects CDROM builds so a patch is available for 2.2</a></strong>.
1.1 deraadt 424: <li>Make fstat(2) on AF_UNIX socket return proper st_[acm]time field values.
425: <li>Implement FIONBIO in ibcs2 emulation code.
426: <li>Consider only the 0177777 bits of the umask(2) value, as documented.
427: <li>Added mode rangecheck in chmod(2) and fchmod(2).
428: <li>Fix some Y2K problems in the nroff tmac macros.
429: <li>Minor logging feature changes in fingerd(8).
430: <li>in chat(8), replace Mini Getopt from hell with real getopt().
1.71 ! bentley 431: <li>Add <code>SHUT_RD</code>, <code>SHUT_WR</code>, and <code>SHUT_RDWR</code> values for shutdown(2) as specified by XPG4.2.
! 432: <li>Make the <code>-Ss</code> flag in rpcgen(1) work right.
1.1 deraadt 433: <li>Range-check the "how" argument for shutdown(2).
434: <li>Change various system calls to take void * instead of caddr_t.
435: <li>Fix a line continuation bug in sed(1).
1.71 ! bentley 436: <li>Add inetd(8) <code>-R rate</code> flag, and crank default rate to 256.
1.1 deraadt 437: <li>Clear CLOCAL mode in pppd if modem is set but modem_chat is not.
438: <li>Make the if_de driver support more cards.
439: <li>Make msync(2) POSIX compliant.
440: <li>Fix a ONLCR + FLUSHO situation in tty.c
441: <li>Support -mmin, -amin, and -cmin in find(1).
442: <li>Support an "object" keyword in config(8).
443: <li>Make "expr a : /" work.
444: <li>Make dumpfs(8) report if soft updates are requested by the superblock.
445: <li>Add getsid(2) system call as mandated by XPG4.2.
446: <li>Some minor fixes for the libc/db/btree code.
447: <li>Flesh out compat_freebsd a fair bit more.
448: <li>Some compat_svr4 fixes.
449: <li>Update getNAME(8) and fix makewhatis(8) to use it more optimally.
450: <li>Fix EXTPROC in pty code.
451: <li>Correct TCP's handling of RST.
452: <li>Add more things to afterboot(8).
1.71 ! bentley 453: <li>Fix tty suspend during <code>sh -c "less file"</code>.
1.1 deraadt 454: <li>double MAX_KMAPENT and MAX_KMAP
455: <li>sendmail 8.8.8
456: <li>add uu_lock(), uu_unlock() and uu_lockerr() to libutil.
457: <li>Start named(8) earlier in /etc/rc.
458: <li>Support execution sections in syslog.conf.
459: <li>4.4BSD lite2 vfs integration.
460: <li>usleep(3) returns int, and add useconds_t type as required by XPG4.2
461: <li>Fixed ps(1) LIM and STAT columns.
462: <li>makewhatis(8) manpage added.
463: <li>Fix rpc.rquotad support if the quotas file resides on another filesystem.
464: <li>Truncate large uid and gid values in ranlib(1), in the same way as this is handled in ar(1).
465: <li>Document how crypt(3) handles blowfish and MD5 passwords.
466: <li>Fix some memory leaks in the RPC code.
467: <li>Fix an as(1) parsing bug relating to the .ascii directive.
468: <li>Handle C++ and other languages in yacc(1) far better.
469: <li>Be more careful with getpwent() information inside rcp(1).
470: <li>Replace kernel printf with Torek's libc printf.
471: <li>Make disklabel -E deal with multiple partitions which overlap.
1.16 jsyn 472: <li>If a non-existent user logs in and asks for s/key authentication, fake a proper s/key prompt.
1.1 deraadt 473: <li>SIGWINCH handling in systat(1).
474: <li>Add blowfish and cast encryption to IPSEC.
475: <li>In tftpd(8), permit syslog() to work when running chroot(2)'d.
476: <li>a buffer underrun in ctags(1).
477: <li>Make kdump(1) handle the newer emulations.
478: <li>Add svr4 jioctl() compat interface.
479: </ul>