File: [local] / www / plus24.html (download) (as text)
Revision 1.78, Sun Mar 10 18:46:16 2024 UTC (2 months ago) by tj
Branch: MAIN
CVS Tags: HEAD
Changes since 1.77: +1 -0 lines
reroll plus pages for 7.5
|
<!doctype html>
<html lang=en id=plus>
<meta charset=utf-8>
<title>OpenBSD 2.4 Changelog</title>
<meta name="description" content="OpenBSD 2.4 changes">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="openbsd.css">
<link rel="canonical" href="https://www.openbsd.org/plus24.html">
<style>
strong {
color: var(--red);
}
h3 {
color: var(--blue);
}
p strong {
font-weight: normal;
}
code {
font-family: serif;
font-weight: bolder;
}
</style>
<h2 id=OpenBSD>
<a href="index.html">
<i>Open</i><b>BSD</b></a>
2.4 Changelog
</h2>
<hr>
<p>
This is a partial list of the major machine independent changes
(i.e., these are the changes people ask about most often). Machine
specific changes have also been made, and are sometimes mentioned
in the pages for the specific <a href=plat.html>platforms</a> if you
are interested in further port-specific details. Many ports
have had architecture-specific enhancements relative to NetBSD,
but when they do not they certainly have plenty of platform-independent
changes, starting with those listed below..
<p>
Note: <strong>Problems for which patches exist are marked in red</strong>.
<p>
For changes in other releases, click below:<br>
<a href="plus20.html">2.0</a>,
<a href="plus21.html">2.1</a>,
<a href="plus22.html">2.2</a>,
<a href="plus23.html">2.3</a>,
<a href="plus25.html">2.5</a>,
<a href="plus26.html">2.6</a>,
<a href="plus27.html">2.7</a>,
<a href="plus28.html">2.8</a>,
<a href="plus29.html">2.9</a>,
<a href="plus30.html">3.0</a>,
<a href="plus31.html">3.1</a>,
<a href="plus32.html">3.2</a>,
<a href="plus33.html">3.3</a>,
<a href="plus34.html">3.4</a>,
<a href="plus35.html">3.5</a>,
<a href="plus36.html">3.6</a>,
<a href="plus37.html">3.7</a>,
<br>
<a href="plus38.html">3.8</a>,
<a href="plus39.html">3.9</a>,
<a href="plus40.html">4.0</a>,
<a href="plus41.html">4.1</a>,
<a href="plus42.html">4.2</a>,
<a href="plus43.html">4.3</a>,
<a href="plus44.html">4.4</a>,
<a href="plus45.html">4.5</a>,
<a href="plus46.html">4.6</a>,
<a href="plus47.html">4.7</a>,
<a href="plus48.html">4.8</a>,
<a href="plus49.html">4.9</a>,
<a href="plus50.html">5.0</a>,
<a href="plus51.html">5.1</a>,
<a href="plus52.html">5.2</a>,
<a href="plus53.html">5.3</a>,
<a href="plus54.html">5.4</a>,
<br>
<a href="plus55.html">5.5</a>,
<a href="plus56.html">5.6</a>,
<a href="plus57.html">5.7</a>,
<a href="plus58.html">5.8</a>,
<a href="plus59.html">5.9</a>,
<a href="plus60.html">6.0</a>,
<a href="plus61.html">6.1</a>,
<a href="plus62.html">6.2</a>,
<a href="plus63.html">6.3</a>,
<a href="plus64.html">6.4</a>,
<a href="plus65.html">6.5</a>,
<a href="plus66.html">6.6</a>,
<a href="plus67.html">6.7</a>,
<a href="plus68.html">6.8</a>,
<a href="plus69.html">6.9</a>,
<a href="plus70.html">7.0</a>,
<a href="plus71.html">7.1</a>,
<br>
<a href="plus72.html">7.2</a>,
<a href="plus73.html">7.3</a>,
<a href="plus74.html">7.4</a>,
<a href="plus75.html">7.5</a>,
<a href="plus.html">current</a>.
<br>
<p>
<h3>Changes made between OpenBSD 2.3 and 2.4</h3>
<p>
<ul>
<li>Fix a bug in the midway ATM driver.
<li>Update numerous documents for the 2.4 release.
<li>Fix another off-by-one error in pax(1).
<li>Addition of driver for sbus 'qe' 4-port 10mbit ethernet card.
<li>Split X shareable files into a separate tar file.
<li>Make tset(1) work with libcurses (before it was libocurses only).
<li>Fix an ipsec panic bug.
<li>/etc/rc startup code for afsd.
<li>In default sendmail config, enforce valid Message-Id to help stop spammers.
<li>Fix a rounding up problem in disklabel(8).
<li>apache 1.3.3
<li>Make clustering work fast even beyond 2GB into a file.
<li>Fix a few ipnat bugs.
<li>Support bt878 and bt879 in the bktr(4) driver.
<li>Driver for the Compaq Thunderlan ethernet cards, called tl(4).
<li>Fix null-function running in ksh.
<li>Support the SMC EtherEZ PNP card.
<li>Support 3c905B-FX cards (fast fiber ethernet).
<li>Support Lite-On PNIC tulip clone chips in the de(4) driver.
<li>Fix SIOCGIFCONF code in ipnat(8).
<li>Import SSLeay-0.9.0b <b>minus the patented algorithms (IDEA and RSA)</b>. The DSA certificate handling and other cryptography still remains.
<li>Increase datasize in savecore(8) (as was done in fsck(8) a long time ago).
<li>Fix a readlink(2) bug in ls(1).
<li>Add new DIOCGPDINFO ioctl for disklabel(8)'s new <code>-p</code> option.
<li>Fix a mathematical formula in photurisd(8).
<li>apache 1.3.2
<li>Fix other spoofed labels to contain more real information.
<li>In i386 wd(4) driver, set d_type properly in spoofed labels.
<li>Import learn(1) -- but still disabled.
<li>Add <code>file://</code> support to ftp(1).
<li><strong>The sparc hme(4) and le(4) drivers had bugs in the 2.4 release. <a href="errata24.html#hme">Patches are available</a>.</strong>
<li>Fix media negotiation in the SS5/10 le(4) driver.
<li>Fix mail(1) to deal with the changed lockspool(1) protocol.
<li>In lockspool(1), permit root to lock other spools.
<li>Add the <a href="http://www.advansys.com">AdvanSys</a> narrow PCI SCSI driver, adv(4).
<li>Correct vfs_refcount handling.
<li>In cp(1), for <code>-p</code> flag also preserve the sticky bit.
<li>In tar(1), fix storage of paths that are exactly 100 characters long.
<li>Add smc91cxx ISA support.
<li>Fix more setmode(3) memory leaks.
<li>Continue integration of AFS.
<li>In i386 bootblocks, clear NT bit in bootblocks whenever switching into prot mode.
<li>Undo gzip nlist(3) support for the 2.4 release, will go back in afterwards.
<li>Add optional support for alternate pid files in newsyslog(8).
<li>Repair the license for boggle(6).
<li>Repair a memory leak in mtree(1).
<li>Fix a writer lock miscount in execve(2)...
<li>Workaround a bug in newer versions of the xl(4) cards.
<li>Repair the license for file(1).
<li>Make tcpdump(8) understand SACK (RFC 2018).
<li>Fix a bug in sed(1).
<li>Media support in the fxp(4) driver.
<li>Replace ed(4) driver with the ne(4), ec(4), and we(4) drivers.
<li>In ftp(1), make the progress meter support ttys that do not have the width set.
<li>Support uids > 32000 in adduser(8).
<li>Make sparc and alpha floppies do dhclient, too.
<li>Fix a few tiny sysctl related changes in route(1).
<li>Add support for SMC EtherPower II 10/100 ethernet cards; tx(4) driver.
<li>Tons more man page cleanups...
<li>More games fixes...
<li>Add a <code>-1</code> option to dhclient: if the dhclient request fails, dhclient should exit.
<li>In top(1), fix pid sorting on the alpha.
<li>Make tar(1) print verbose output to stdout, not stderr.
<li>Repair some badly written short write() handling in ftp(1).
<li>In newsyslog.conf, rotate authlog and secure entries after 1 week.
<li>Kill COMPAT_09 and COMPAT_10 options.
<li>Provide a way for ftp(1) to show a progress meter, but create no other noise.
<li>Media support for ep(4) driver.
<li>Move ifaliases setup upwards in /etc/rc; now named(8) can use ifaliases.
<li>In /etc/rc.conf, add a nice toggle for ntpd(8).
<li>Finish media support on sparc le(4) driver.
<li>buf oflows in restore(8).
<li>Support media directives in dhcp-based /etc/hostname.* files.
<li>Make the xfs system call always exist.
<li>i386 option NO_APMPRINT for quieter apm driver.
<li>Move dhclient-script to /sbin where it belongs.
<li>Fix a panic in SOCK_RAW.
<li>ncurses 4.2-980912.
<li>Quite a number of install script improvements.
<li>if_media support in lance driver.
<li>With the -h option, add token reporting support to identd.
<li>HP ScanJet IIp support.
<li>Print OpenBSD copyright at boot-time.
<li>Create the first version of the 2.4 install floppy, which includes dhclient on it.
<li>ipf 3.2.9.
<li>sudo 1.5.6.
<li>Handle early-interrupting wdc drives which voilate the MMC2 specifications.
<li>Fix recvfrom() MSG_PEEK to work with length 0, again.
<li>Free AFS client integrated into the source tree.
<li>Significant man page cleanups.
<li>Add help(1), which is basically "man man".
<li>in fdisk(8), for large disks, clamp CHS values to 0xffffff and then encode data in the LBA fields.
<li>Neomagic support in X11.
<li>libcurses version 20.3.
<li>Restore chat -s and -S flags, they were lost.
<li>Fix curses library to use all the possible ways of getting it's termcap definition.
<li>More games fixes.
<li>A new and improved more capable pcmcia code-base.
<li>Support intel 82365SL pcmcia chipset.
<li>Add aic6360 pcmcia support.
<li>new sm driver -- SMC 91cxx ethernet chip support. Common pcmcia chip.
<li>Fix error handling in bootblock filesystem detection code.
<li>Fix a recently introduced bug in nslookup(1).
<li>Fix mips constructor init/fini operation in ld.so.
<li>Fix a signal race in mail(1).
<li>Nice way of handling dhcp at boot-time.
<li>Fix a bug in RMD160.
<li>Make xl(4) driver work on the alpha.
<li>Make the pci de(4) driver finally work fully on big-endian machines.
<li>Fix a hanging-race in mail(1).
<li>zlib 1.1.3
<li>Fixes to the pkg_install tools.
<li>For i386 pcvt, better keyboard timing code.
<li>Teach fstat(1) AFS.
<li>Add command-line selection of dates other than now to pom(6).
<li>More man page repairs.
<li>Add support for nlist(3) of a gzip'd kernel, only used by savecore(8).
<li>Fix some mis-aligned faults in ppp(8).
<li>Fix a gcc 2.8.1 bug which caused code to be mis-optimized.
<li>if_media support in OpenBSD. Some drivers support it, others do not yet.
<li>Buffer mishandling fixes in nslookup(1) and dig(1).
<li>Make a few programs (time, mkdep, lorder) kill themselves with the signal they trapped, rather than provide an exit code.
<li>Continuing work at integrating the <a href="http://www.stacken.kth.se/projekt/arla">ARLA free-AFS</a> source code directly into OpenBSD.
<li>More games fixes.
<li>Teach libpcap that DLT_LOOP devices have a network byte order header.
<li>Return ENXIO for /dev/mem minor devices which do not exist.
<li>uuencode/uudecode get a new -p option.
<li>ppp version 2.0 (MPP)
<li>Make blowfish character interfaces work on unaligned-access-faulting hardware.
<li>Another fix for i386 ptdi panic, in procfs.
<li>Handle the MediaGXm processor.
<li>Buckets of scanf-style overflows in nslookup(1) and dig(1).
<li>Change protocol argument of pmap_set() to be u_int.
<li>Newer version of Kirk's softdep code.
<li>Fix fxp(4) for the alpha.
<li>In the libc/db sub-library, sanitize memory that is being sent out to db files.
<li>Fix a dlopen() bug in ld.so.
<li>Numerous man page cleanups.
<li>Add big-endian 21040 support to the de(4) driver, so that powerpc can use it.
<li>Fix a premature free() bug in libpcap.
<li>Install dhclient-script(8).
<li>In ttyname(), reinitialize the tty buffer with the "/dev/" prefix each time.
<li>More fixes to rpc.pcnfsd(8).
<li>Fix a crash in csh(1).
<li>Sparc qec/be 100mbit ethernet driver.
<li>Support \e in printf built into csh, and document it too.
<li>Significant progress in the powerpc port.
<li>Fix a panic bug in the routing socket.
<li>Better media support in fxp(4) driver.
<li>In kvm_open(3), try /dev/ksyms before /bsd.
<li>Add /dev/ksyms support the kernel. This emulates a fake a.out which has the kernel's ddb symbol table attached to it.
<li>Change savecore(8) so that it tries /dev/ksyms before /bsd.
<li>cvs version 1.10
<li>More improvements to all the games.
<li>Fix new blowfish functions to work on big-endian unaligned-access-faulting architectures.
<li>Fix a malloc race in all filesystems.
<li>More rpc.pcnfsd(8) changes. Again -- do not use rpc.pcnfsd.
<li>Correct readlink(8) in adosfs.
<li>Newer code for the fxp driver.
<li>Change nlist(3) and kvm_mkdb(8) to work with the upcoming /dev/ksyms.
<li>Fix an encryption-related bug in telnetd.
<li>Support <code>-o</code> in top(1).
<li>Add <code>-q</code> flag to mtree(1).
<li>In cfmakeraw(3), also clear IMAXBEL.
<li>realloc fixes to X11.
<li>ecoff support in nlist(3).
<li>In the nfs code, repair non-ANSI code that got incorrectly optimized on some of our architectures.
<li>Many more realloc fixes.
<li>More buf oflows in rpc.pcnfsd(8). Noone should use this code.
<li>Fixes to numerous games.
<li>Fix some important kvm_mkdb(8) bugs.
<li>Add apm and dhcp starting chunks to /etc/rc and /etc/rc.conf.
<li>For the i386, save more battery power by halting the CPU during the APM loop. This affects a part of the pctr driver...
<li>In xterm(1), support VSTATUS.
<li>Add *_ptob() and *_ptob() functions to architectures missing those.
<li>Some updates to talk(1).
<li>Add ISC dhcp to the source tree. This urgently needs a security audit.
<li>Fix df -P for zero-sized filesystems (ie. amd(8)).
<li>Fix FFS data-buffer leaking on segfaults during write.
<li>Make i386 registers get saved correctly in a crash dump.
<li>In /etc/security, do not include fifo's in setuid check.
<li>Fix g++/FlexLexer.h support in lex(1).
<li>Numerous more realloc fixes.
<li>Separate mail.local(8) into two programs: new one is lockspool(8). mail.local is no longer setuid. Ensure that your /etc/sendmail.cf Mlocal line contains an 'S' at the end of the F= field, or local mail delivery will fail.
<li>Add openbsd.m4 OSTYPE to the sendmail cf directories.
<li>Fix numerous incorrect uses of realloc() in the system libraries.
<li>One final fix for the chroot code in named(8).
<li>update to sendmail 8.9.1a.
<li>Fix fdformat(8) exit code.
<li>Fix an incorrect detection problem in aha.c.
<li>buf oflow fix to new rdist (no security effects).
<li>Fix strtod(3) so that it is valid actual C code (ie. and doesn't generate bad code when optimized).
<li>In hexdump(1), detect a format string of all spaces as bad.
<li>Prototype poll().
<li>In gprof, permit <code>$</code> in symbol names.
<li>Fix coredump in find when doing <code>find . !</code>
<li>Add ECB and CBC encryption for octet streams to blowfish.
<li>Fix base64 encoding in bcrypt(3).
<li>Fix scon(1) to permit -d and -c to work together.
<li>In i386 vt console driver, wait for ACK back from keyboard when setting typematic rate.
<li>update to zlib 1.1.3.
<li>Fix atime and mtime commands in fsdb.
<li>Don't wrap 80 characters in <code>rup -d</code>.
<li>Add russian message catalog.
<li>Protect against SIGPIPE in fdisk(1).
<li>Fix interrupt disabling in pms(4) driver.
<li>Remove kill(-1, 0) code from reboot(8) which does not work exactly as intended.
<li>Correct exit code of ls(1).
<li>For dump, further improve the semantics for "filesystem not in fstab".
<li>More work on big-endian support in the ncr(4) and de(4) drivers.
<li>Support mem-mapped com ports on powerpc.
<li>Support gdb, ptrace, and /proc on the powerpc.
<li>Do not use libiberty version of vasprintf, since it is quite busted.
<li>Make the powerpc install floppy work once more.
<li>Support PAGER environment variable inside disklabel 'M' command.
<li>Repair umapfs.
<li>Repair portalfs.
<li>Repair some kvm man pages glitches.
<li>Genericize some internal vop functions to fix some NULLFS problems.
<li>At attach time, print a single line for the geometry in wd(4).
<li>For sendmsg() and recvmsg(), return EMSGSIZE not EINVAL for msg_iovlen <= 0.
<li>Add the IOV_MAX define as required by XPG.
<li>Fix a few more <code>resid</code> issues in the kernel.
<li>Hack SIOCGIFCONF so that ifc_len=0 is a length inquiry, as in Linux.
<li>Install perl .ph pages in the right directory.
<li>In ftpd(8) manpage, fix the definitions of the high ports since the kernel definitions were changed.
<li>Fix an argument parsing bug in chat(8).
<li>Fix isapnp ym(4) audio driver.
<li>Update to ncurses-4.2-980801.
<li>Use SO_REUSEADDR in lpd(8) in case it is restarted by hand.
<li>Crank tun(4) MTU to 16K.
<li><strong>Set the close-on-exec flag in two descriptors owned by chpass(8). This fixes a security problem. <a href="errata23.html#chpass">A patch which solves the problem is available</a></strong>.
<li>Improve ipsecadm(8).
<li>Fix some ipsec bugs related to IP-in-IP.
<li>Fix some disklabel(8) bugs.
<li>Fix some lint(1) bugs.
<li>Make dump(8) work against filesystems not listed in fstab(5).
<li>Rename libtelnet functions getent and getstr to avoid curses conflicts.
<li>Disable all ISA PNP devices before doing the ISA scan. This works around BIOS's which pre-map ISA PNP devices into known locations.
<li>Correct panics and EINVAL returning cases in iovec using code. <a href="errata23.html#resid">A patch for this problem exists.</a>
<li>Fix battery remaining support in i386 apm.
<li>Add i386 apm(4) manpage.
<li>Fix mkstemp() calling code in libc/db/hash.
<li>update to ncurses-4.2-980725.
<li>Use a single-char buffer in snprintf() for the size==0 case.
<li>Fix some problems in <code>disklabel -E</code>.
<li>Fix bugs in pom(6), atc(6), quiz(6), hack(6), adventure(6).
<li>Add tic, captoinfo, and infotocap from ncurses-4.2-980718.
<li>Place a timezone file in the named chroot jail.
<li>ncurses-4.2-980718 with our termlib library integrated. The separate termlib library no longer exists (although for a time libtermlib is a link to libcurses).
<li>New libform, libmenu, and libpanel from ncurses-4.2-980718.
<li>Change latencies permitted for certain scsi tape commands.
<li>Make <code>mt status</code> show more information on scsi tape drives.
<li>bt848 driver for the i386.
<li>Fix <code>MKD</code> command in ftpd to properly show the path created.
<li>Build mpool(3) manpage.
<li>Support 8.4GB+ IDE drives.
<li>Fix a serious TZ calculation error in the CD9660 filesystem which caused CD filesystem timestamps to be completely wrong.
<li>Document LD_PRELOAD in ld.so(1) manpage.
<li>Sparc cua support in the <code>zs</code> driver.
<li>Add CAST encryption to libc.
<li>More verbosity changes to apmd(8).
<li>Make /var/backups mode 700.
<li>Fix a crash in asa(1).
<li>Fix usage messages in sort(1).
<li>Fix sparc installer to deal with a dirty dmesg buffer.
<li>Make SEM_R and SEM_A accessible to userland in sys/sem.h.
<li>Do not permit uppercase login names in adduser(8); that's a bad default.
<li>Fix a bug in less that prevented keypad keys from working on some terminals.
<li>In the man(1) manpage, document -k and -f.
<li>Rename curs_terminfo(3) man page to terminfo(3).
<li>Make the ramdisk driver not force single-user if it is the root device.
<li>Quieten the i386 apm driver.
<li>Fix /tmp race in a man page example. (Sigh.)
<li>isa_intr_establish() will never panic. It can return NULL for failure.
<li>Split sparc <code>hme</code> driver into chip and board specific; <code>be</code> driver should not be far away now.
<li>rpc.yppasswd(8) has no log file; fix docs.
<li>Update to Lite2 getenv(), which returns NULL for getenv(NULL).
<li>Fix a problem with the PCI ncr(4) driver if many scsi devices were in use.
<li>Improve db cache sizing heuristic in pwd_mkdb(8).
<li><strong>Close a file descriptor leak in inetd(8). <a href="errata23.html#inetd">A patch which solves the problem is available</a></strong>.
<li>Fix dump(8) to return exit code 1 for startup failures, as documented.
<li>Improve performance of getpwent(3) in a YP environment.
<li>Improve performance of pwd_mkdb(8).
<li>More buffer overflow fixes in libpcap and such.
<li>Fix "mount /mnt /mnt" so that it does not panic the machine.
<li>cvs 1.9.28.
<li>Fix locking code in unionfs. This fixes a serious problem in unionfs. <a href="errata23.html#unionfs">A patch is available</a>.
<li>In ftpd, handle non-existent users as login now does -- sleep a while.
<li>In the S3 audio driver, map additional registers at open() time instead of attach() time.
<li>Use SEEK_SET and friends instead of L_SET and such, throughout the tree.
<li>In the scsi cd driver, permit CDs to have up to 99 tracks in their TOC.
<li>For the pmax, get the <code>ld.script</code> file from the right place when building kernels.
<li>For the i386, fix a timing problem that affected keyboard controllers on PII/400 and such machines.
<li>Fix a failure printing message in passwd(8).
<li>Sendmail 8.9.1.
<li>Disable debugging code in crontab(1).
<li>In reboot(8), put more effort into killing processes before taking the machine down.
<li>Fix some problems in sparc national keyboard handling.
<li>Add a no-escape mode to tip which disables the ~ escape.
<li>Fix the <code>bhlcr</code> shift values in the pci code.
<li>Run kernel ppp code at splimp more often.
<li>When pppd(8) is doing connects, cause kernel ppp code to drop packets so that mbuf starvation doesn't happen.
<li>Cleanup more cosmetic uglies in the cd/acd disklabel spoofing code.
<li>Do various cleanups of the various boot(8) pages.
<li>In traceroute(1), change default TTL to be 64.
<li>Fix makewhatis(8) to handle long NAME sections with multiple hyphens.
<li>Provide TMP_MAX in <limits.h>, per XPG.
<li>In /etc/security, improve the checks for "." in paths.
<li>Ensure the acd drivers always return TOC contents in big-endian format.
<li>Keep the "login myname" hack from clearing ut_host in utmp.
<li>sparc <code>hme</code> 100Mbit ethernet driver.
<li>Avoid buffer overflows in quota(1).
<li>Do not call syslog(3) with "\n" at the end of the string.
<li>Permit long names for months in at(1).
<li>Fix various places where hostname buffers were not MAXHOSTNAMELEN long.
<li>In rexecd(8), open stderr port after authentication has happened.
<li>In cdio(1), permit playing CDs with over 100 tracks.
<li>Fix i386 support for PCI mode 1.
<li>A fix for the <code>play</code> command in cdio(1).
<li>On the i386, if securelevels are in use, do not permit <code>PSL_IOPL</code> modification (well... except if the aperture driver is enabled).
<li>Cleanup many gethostname(3) calls in the tree, which passed short buffers, long buffers, mangled buffers, etc.
<li>Fix scorefile handling in robots(6).
<li>In install scripts, treat sets selection of "all" just like "*".
<li>In tcpdump(1), length check bp_file in bootp packets.
<li>For the setuid /dev/null thing in execve(), open fd 1 and 2 as writeable.
<li>In most setgid kmem utilities, revoke privs completely after calling kvm_openfiles(3) (this does not look like any gain in security, however).
<li>Fix a vfork()-style bug in vacation(1).
<li>Fix an off_t bug in quot(1).
<li>In talkd(8), force NUL termination of strings received from client.
<li>New S3 SonicVibes driver.
<li>Make "ndc start" use rc.conf.
<li>Fix ethernet/FDDI IPX support for big-endian machines.
<li>Remove kpasswdd(8) -- use kadmind(8) instead.
<li>KTH Kerberos 0.9.9
<li>Remove mk_cmds(1), e2fsprogs, and libss -- no longer used.
<li>Change gethostname(3) and getdomainname(3) to handle small buffers correctly.
<li>Fix chrtoblk() for out-of-range device numbers.
<li>If strftime(3) runs into the end of the buffer, terminate it nicely anyways.
<li>Support wdc on isapnp.
<li>Profiling support for powerpc.
<li>Enable variable number of rounds for encrypted crypt, as BSDI does. This can now be controlled in /etc/passwd.conf.
<li>Further reduce reliance on DNS in /etc/netstart.
<li>Emulate Linux mremap().
<li>On the i386, add a nop in the 2nd instruction slot because this fools some BIOSs that do virus checking. Pretty clever of them, eh.
<li>On the i386, Fix assembly of the cmov* instructions.
<li>Fix "cp b/ a" for the case when "a" is a directory.
<li>Fix a buggy endian conversion which caused multicast vif statistics to be incorrect.
<li>Add MI mtio(4) manpage.
<li>Using username hashing and a host secret file, improve quality of users' spoofed skey challenges.
<li>Fix a free-before-use bug in fts(3).
<li>Fix <code>fxp</code> driver so that it works on buggy cards.
<li>In make(1), fix bug for targets that began with "." and underwent suffix conversion.
<li>Fix "mv b/ a" for the case when "a" is a directory.
<li><strong>Ensure setuid and setgid processes are not started with fd slots 0, 1, or 2 empty. The previous behaviour has security consequences. <a href="errata23.html#fdalloc">A patch which solves the problem is available</a></strong>.
<li>In man(1), when a man page cannot be found in a specified section, indicate which section the failure happened in.
<li>Add new strlcpy(3) and strlcat(3) interfaces for simple bounded string copies.
<li>Add new mkstemps(3) interface which is basically mkstemp(3) but with suffix support.
<li><strong>Fix LED update lockup bugs in the i386 console driver (pcvt). <a href="errata23.html#pcvt">A patch is available which fixes this problem</a></strong>.
<li>Further improvements to photurisd(8).
<li>Fix kvm_read(3) return values.
<li>Overflow fix in ksh(1).
<li>Add isa_intr_check() to lots of isa architectures. Fixes PMS irq 12 bug.
<li>gnu bc 1.05a.
<li>In ppp(8), numerous 64 bit fixes. Requires testing on alpha, please.
<li>On the powerpc, run ofw drivers under better interrupt masks.
<li>In sudo(8), require a password before telling the user whether or not the command exists.
<li>Fix a panic in ipnat(4).
<li>Remove most recent procfs patches relating to securelevels.
<li>Disallow TCP connect() to multicast addresses.
<li>update to rdist 6.1.4 (plus our many patches).
<li>In pcap(3), permit single-character hostnames.
<li>Convert all DLT_LOOP interfaces to have a network byte order u_int32_t header containing the protocol.
<li><strong>Fix a buffer overflow bug in the resolver. The previous behaviour has security consequences. <a href="errata23.html#resolver">A patch which solves the problem is available</a></strong>.
<li>Fix select() on bpf descriptors.
<li>Update the rc(8) manpage, and companion pages.
<li>Fix at(1) to handle "now" as a valid time.
<li>No luns on RICOH scanners.
<li>Add CISCO netflow protocol to tcpdump(8).
<li>Upgraded sh/ksh to pdksh-5.2.13.
<li>In pstat(1) and top(1), handle the case of no swap partition.
<li>Disable SORT_RESPONSE in named(8).
<li>Support ISOFS in fstat(1).
<li>Correct numerous uses of snprintf(3) throughout the source tree.
<li>In xargs(1), use sysconf(3) to get ARG_MAX
<li>Fix transarc AFS string-to-key functionality again.
<li>Correct status bargraph in fdformat(8).
<li>Fix vm bargraph in systat(8).
<li>Fix some signal bugs in mail(1).
<li>Properly truncate files in mail(1).
<li>Change <sys/ipc.h> to use uid_t, gid_t, and mode_t for types. Provide emulation system calls for the old ushort-based structures.
<li>Fix an mbuf chain corruption bug that affected large amounts of data flowing through ipsec(4).
<li>Fix spelling and grammar in numerous man pages.
<li>Fix a minor bug in mail(1).
<li>Fix a bug in atalk(4).
<li>In tcpdump(8), support <code>DLT_ENC</code> packets.
<li>Make decoded IPSEC(4) packets available to bpf(4) via enc0, using linktype <code>DLT_ENC</code>.
<li>Fix a minor bug in pwd_mkdb(8).
<li>Make the 4th argument of semctl(2) optional.
<li>Add new <code>TCPCTL_IDENT</code> sysctl for identd(8) to use, instead of kmem snooping. Significant performance improvement too.
<li>Add DLT_LOOP to bpf; to handle 4-byte proto headers on some interfaces.
<li>In the kill(2) patch, also permit SIGUSR1 and SIGUSR2.
<li>buf oflow fix in libc/rpc.
<li>In ftpd(8), also permit ftpchroot users to be multihomed.
<li>Various fixes to ftp(1).
<li>Make getty(8) default to 8 bit mode.
<li>Autodetect ATAPI cdrom drives that do not support ATAPI_READ_CD_CAPACITY.
<li>The following patch was deleted later, ignore it: <strong>If a process is being ptraced, do not permit execution of an immutable binary, also, if a process is running an immutable binary, do not permit ptrace. This can be a security issue. <a href="errata23.html#ptrace">A patch is available which fixes this problem</a></strong>.
<li><strong>Various fixes to the i386 pctr(4) driver -- previously any user could crash most non-Intel processors. <a href="errata23.html#pctr">Fixes for 2.2 and 2.3 are detailed here</a></strong>.
<li>Various new smtpd(8) fixes.
<li>Change all modifications of struct sigaction's sa_mask field to use sigsetops(3).
<li>Teach adduser(8) about the /sbin/nologin shell.
<li>Ensoniq AudioPCI driver.
<li>isapnp joystick driver (not tested).
<li>Move named into a chroot space by default.
<li>Fix the RMD160 code once again.
<li>Fix a possible panic due to ktrace(2).
<li>New fixes to the bpp support in the sparc magma driver.
<li>Fix root password setting code in install script.
<li>terminfo/termcap 10.2.3
<li>Fix xdm(1) to close an excess file descriptor it left around.
<li>Permit kill(2) to send signal 0 to processes that are setuid, as long as the existing uid check succeeds.
<li>Change uudecode(1) to accept spaces in the filename.
<li>Move temporary file used by chfn(1) to /var/tmp.
<li>Add support for pcvt to kbd(1).
<li>in chfn(1), unlink the temp file after finished using it.
<li>Fix /tmp use in yacc.
<li>On the i386, grow i386 kernel malloc area by 2MB.
<li>In chfn(1), permit gecos sub-fields to be empty.
<li>Fix sysctl net.inet.icmp.bmcastecho.
<li>Fix an nfs crash.
<li>Tweak IPSEC so that it supports VPNs trivially. A new vpn(8) manpage describes how to use this.
<li>Integrate rt(8) and rtdelete(8) directly into ipsecadm(8).
<li>Make named(8) run in a chroot space.
<li>Integrate XFree86 3.3.2 patch 2.
<li>Fix multi-address support in telnet(1).
<li>Made i386 pctr driver compatible with all CPU vendors.
<li>Added "feature bits" display to i386 CPU detection, and added more AMD and Cyrix processor models.
<li>Modified named to stash its argument vector in pid file like sendmail does and modified ndc to use it. This means "ndc restart" will now restart named with the correct arguments.
<li>bind 4.9.7, with the <code>-u</code>, <code>-g</code> and <code>-t</code> options from 8.1.2.
<li>Handle constant numeric U and LL extensions.
<li>Stop info gathering in uucpd(8).
<li>Various TCP RPC fixes to deal with data streams that could cause lockups inside the library.
<li>Add sparc magma serial device driver.
<li>Install sendmail configuration goo in /usr/share/sendmail.
<li>Fix two cases of incorrect timeout handling in the RPC library.
<li>Add the required setsockopt(2) interface for IPSEC, update photurisd(8) to accept notify messages from the kernel.
<li>Fix numerous uses of MAXHOSTNAMELEN+1 instead of MAXHOSTNAMELEN, and also do the same for other similar cpp variables.
<li>Fix numerous source tree uses of readlink() with an incorrect length parameter.
<li>Install gdb(1) info pages.
<li>New distribution install notes that use m4 instead of cpp for formatting.
<li>In gdb, do not use 4.3 compatibility tty ioctl() calls.
<li><strong>Constrain how kill(2) operates against target processes that are running setuid. The previous unrestricted behaviour may have had security consequences. <a href="errata23.html#kill">The 4th revision of a patch which solves the problem is available</a></strong>.
<li>Fix a free() related bug in csh(1).
<li>Fix a memory trashing bug in the IPSEC SPI chain delete function.
<li>Fix acct(2) to work with append-only files.
<li>Fix buffer overflows in getNAME(1).
<li>In mount_nfs(8), contact the portmapper about the correct protocol (tcp or udp).
<li>Correct 64 bit timeval storage in ping(8) packets; also put the time in network byte order.
<li>Start cron at the end of /etc/rc to avoid some security issues.
<li>Compile the system with <code>-O2</code> instead of <code>-O</code>.
<li>Fix a bunch of scanf related buffer overflows.
<li>Improve XR16C850 support.
<li>Fix less <code>-d</code> option.
<li>Fix i386 divide overflows traps which were possible in the NTP code.
<li>Remove some more incorrect uses of long in kerberos code.
<li>Add a man page for ndbm(3).
<li>As described a few lines above, support even more commands in make(1).
<li>Make the csh(1) command <code>kill</code> more standards compliant.
<li>Improve documentation about how to properly enable YP client databases.
<li>Emulate <code>umask</code> and <code>exit</code> script commands inside make(1) directly, to get closer to the expected behaviour. Later on we may want to emulate more commands, like gnumake does...
<li>Make perl(1) support calls to lockf(3) now that we have it.
<li>Disable dynamic loading in the mips version of perl(1).
<li>Make size(1) work on files created via <code>ld -Z</code>.
<li><strong>A possible new security problem exists if you rely on securelevels and immutable or append-only files or character devices. The fix does not permit mmap'ing of immutable or append-only files which are otherwise writeable, as the VM system will bypass the meaning of the file flags when writes happen to the file. <a href="errata23.html#immutable">A patch exists which solves the problem</a></strong>.
<li>Niklas is taking a shot at making our cross compiler toolset sufficient for a full cross compile of the vax port.
<li>Fix a file parsing overflow in kdb_util(8).
<li>Make config(8) store the first free unit number in its tables so that pcmcia device re-insertion can come back to the same unit number.
<li><code>const</code> the parameters to a few more system calls.
<li>Fix 'z' command in mail(1).
<li>Fix short read() and write() operation in the RFC1413 handling code in httpd(1).
<li>Fix some bad uses of sscanf problems in the source tree.
<li>Fix i386 copyoutstr().
<li>Support 16 partitions in the pmax port.
<li>Correct handling of escaped % correctly in crontab lines.
<li>Make the AD1848 and Yamaha OPL3-SA3 sound drivers work.
<li>pppd 2.3.5
<li>Fix localtime(3) support inside perl(1).
<li>Fix a number of disklabel issues in the hp300 and pmax ports.
<li>Enable <code>#pragma pack</code> and <code>#pragma weak</code> support in gcc.
<li>Fix at least one remotely activated buffer overflow in lynx(1).
<li>Add information about more deviant scsi devices.
<li><strong>A security issue exists in 2.2 and 2.3. A lacking test for invalid padding length in IPSEC packets can cause a remote attack possibility if IPSEC is in use. <a href="errata23.html#ipsec">A patch exists which solves the problem</a>. <a href="errata22.html#ipsec">(A similar patch exists for OpenBSD 2.2)</a></strong>.
<li>Fix a select(3) bug in syslogd(8).
<li>In the hp300 port, use actual code to determine how fast the 68040 CPU is running.
<li>Add libossaudio(3) to the source tree.
<li>In mail(1), do not attempt to remove a mail spool since directory write permission may not exist. Instead, simply truncate it.
<li><strong>xterm(1) and libXaw contain security issues due to buffer mismanagement. <a href="errata23.html#xterm-xaw">A patch exists which solves the problem</a>. <a href="errata22.html#xterm-xaw">(A similar patch which solves the problem for OpenBSD 2.2 also exists)</a></strong>.
<li>Permit relative adjustments in mixerctl(1) using +/- prefixes.
<li>msdosfs in FAT32 mode would hang during a write.
<li>Fix ZIP drive use on the hp300.
<li>Fix a timeout bug in ping(8). (What a troublesome program it is...)
<li>Use inet_ntoa() in a diagnostic in rwhod(8).
<li>Our c++ compiler is called c++, not g++.
<li>Fix iommu flushing on the sparc Microsparc-1 based machines.
<li>Make 'y' command in sed(1) 8-bit clean.
<li>Make ctype macros dealing with unsigned characters properly index into their respective tables.
<li>For 3c9xx drivers, fix a bug where bpf attach caused a change to 10Mb mode.
<li>Fix a bug in h2ph(1).
<li>talk(1) cannot distinguish the host a reply comes from. If it is suspicious, it now prints that hostname in the connection banner.
<li>In oldrdist(8), avoid attempting to create hardlinks between devices.
<li>Permit socketpair(2) to accept <code>PF_LOCAL</code>.
<li>Add audioctl(1) and mixerctl(1).
<li>Merge OSS-like audio code into i386, sparc, amiga, and other architectures.
<li>Teach dump(8) that ENOSPC on remote or local media means end of tape.
<li>Change ld(1) to accept the first matching shared library it finds.
<li>Fix a coredumping problem in oldrdist(1).
<li>Delete old gdb; we use modern binutils everywhere now.
<li>Make ps(1) look at the kernel physmem variable instead of the far uglier thing it did before this change.
<li>Correct utimes(2) emulation in Linux compat.
<li>64 bit cleanups to the uucp subsystem.
<li>Fix a very strange bug in backgammon by using -ltermlib instead of -ltermcap.
<li>Make hp300 use new m68k kcore format.
<li>Completely rewritten fmt(1) with more features.
<li>Run rc.shutdown even if -h or -r was not specified.
<li>Fix the i386 versions of libm's scalb*() functions.
<li>Make strptime(3) handling of month and weekday names case insensitive.
<li>Change 3rd parameter to be size_t as required by XPG.
<li>Let fdisk(8) and disklabel(8) compile if NOMAN= is defined.
<li>Handle truncated reads in dumpfs(8).
<li>Add <code>/var/run/rarpd.pid</code> and syslogging support to rarpd(8).
<li>Fix gcc on the m68k to correctly invalidate cached condition codes when only a-registers are involved.
<li>Fix relative tags in vi(1).
<li>Use mkdtemp(3) in pkg_add(8) and friends.
<li>Add <code>dev</code> command to cdio(1) so that user can change device.
<li>Change tset(1) and /root/.cshrc behaviour so that ^C at the prompt does not result in noglob remaining set.
<li>Improve numerous manpages.
<li>Make last(1) report on the year.
<li>Set <code>d_bbsize</code> and <code>d_sbsize</code> to defaults in the disk drivers.
<li>Do not do gethostbyname(3) on "*" in pppd(8).
<li>Ignore SIGPIPE in reboot(8).
</ul>
![[BACK]](/icons/back.gif){kind=icon}
Return to plus24.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www