=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus30.html,v retrieving revision 1.2 retrieving revision 1.3 diff -c -r1.2 -r1.3 *** www/plus30.html 2001/10/28 22:36:23 1.2 --- www/plus30.html 2001/10/29 18:37:32 1.3 *************** *** 99,105 ****

In pf(4), don't ignore the inner protocol of ip(4) icmp(4) packets, thus unbreaking traceroute(8), etc.

Support insecure1 and insecure2 options in resolv.conf(5).

SECURITY FIX: be careful with long commandline options in uuxqt and run uucp as non-root in daily.
! A source code patch is available.
[Applied to stable]

Replace ru_SU with ru_RU in vi(1).

Import sendmail(8) 8.12.0, requiring a new smmsp user and group. --- 99,105 ----

In pf(4), don't ignore the inner protocol of ip(4) icmp(4) packets, thus unbreaking traceroute(8), etc.

Support insecure1 and insecure2 options in resolv.conf(5).

SECURITY FIX: be careful with long commandline options in uuxqt and run uucp as non-root in daily.
! A source code patch is available.
[Applied to stable]

Replace ru_SU with ru_RU in vi(1).

Import sendmail(8) 8.12.0, requiring a new smmsp user and group. *************** *** 123,129 ****

Inherit vlan(4) baudrate from parent.

Various lpd(8) improvements and fixes.

SECURITY FIX: fix buffer overflow reading queue file in lpd.
! A source code patch is available.
[Applied to stable]

Plug memory leak in scp(1) and rcp(1).

Avoid segfault in dhclient(8) when the server specifies its name. --- 123,129 ----

Inherit vlan(4) baudrate from parent.

Various lpd(8) improvements and fixes.

SECURITY FIX: fix buffer overflow reading queue file in lpd.
! A source code patch is available.
[Applied to stable]

Plug memory leak in scp(1) and rcp(1).

Avoid segfault in dhclient(8) when the server specifies its name. *************** *** 139,145 ****

Correct the setup of the initial tcp(4) state window in pf(4).

Import pflogd(8), logging daemon that writes pf(4) logs in tcpdump(8) binary format.

SECURITY FIX: fix out of bounds handling in sendmail debug handling
! A source code patch is available.
[Applied to stable]

Repair ppp(8)'s iface-alias option.

Fix rule flushing code in bridge(4) devices. --- 139,145 ----

Correct the setup of the initial tcp(4) state window in pf(4).

Import pflogd(8), logging daemon that writes pf(4) logs in tcpdump(8) binary format.

SECURITY FIX: fix out of bounds handling in sendmail debug handling
! A source code patch is available.
[Applied to stable]

Repair ppp(8)'s iface-alias option.

Fix rule flushing code in bridge(4) devices. *************** *** 205,211 ****

In top(1), abort if stdout(4) ever produces EOF; prevents spinning output if controlling tty disappears.

Implement startup and shutdown hooks via dohooks(9) and family.

SECURITY FIX: check filehandle size copied from userland
! A source code patch is available.
[Applied to stable]

Nuke edlabel.

Add support for disabling swap devices via swapctl(8)'s -d option. --- 205,211 ----

In top(1), abort if stdout(4) ever produces EOF; prevents spinning output if controlling tty disappears.

Implement startup and shutdown hooks via dohooks(9) and family.

SECURITY FIX: check filehandle size copied from userland
! A source code patch is available.
[Applied to stable]

Nuke edlabel.

Add support for disabling swap devices via swapctl(8)'s -d option. *************** *** 312,318 ****

RELIABILITY FIX: link XF86Setup against the right version of libXxf86vm.a.
Fix the problem of corrupted XF86Config file produced by XF86Setup.
! A source code patch is available.
[Applied to stable]

Avoid a pidfile/sigterm race in sshd(8).

Merge the system's crypto.h into crptodev.h, avoiding name conflicts with OpenSSL. --- 312,318 ----

Avoid a pidfile/sigterm race in sshd(8).

Merge the system's crypto.h into crptodev.h, avoiding name conflicts with OpenSSL. *************** *** 353,359 ****

Improve powerpc's awacs driver; many interrupt fixes.

Allow the use of ^T in passphrases read by readpassphrase(3).

SECURITY FIX: avoid race in execve(2) when checking flags for ptrace(2).
! A source code patch is available.
[Applied to stable]

Update if_lastchange when IFF_UP is changed instead of on every packet transmission and receipt.

VM renovations on mvme88k. --- 353,359 ----

Improve powerpc's awacs driver; many interrupt fixes.

Allow the use of ^T in passphrases read by readpassphrase(3).

SECURITY FIX: avoid race in execve(2) when checking flags for ptrace(2).
! A source code patch is available.
[Applied to stable]

Update if_lastchange when IFF_UP is changed instead of on every packet transmission and receipt.

VM renovations on mvme88k. *************** *** 371,377 ****

Palm support in libsectok.

Rewrite ldd(1).

RELIABILITY FIX: use correct db(3) pointers in pwd_mkdb(8), and don't star out empty passwords
! A source code patch is available.
[Applied to stable]

Assorted ppp(8) alterations.

Correct initialization of the policy_id field for SA structures in isakmpd(8). --- 371,377 ----

Palm support in libsectok.

Rewrite ldd(1).

RELIABILITY FIX: use correct db(3) pointers in pwd_mkdb(8), and don't star out empty passwords
! A source code patch is available.
[Applied to stable]

Assorted ppp(8) alterations.

Correct initialization of the policy_id field for SA structures in isakmpd(8). *************** *** 380,386 ****

Allow the number of gre(4) devices to be changed in boot_config(8).

rc(8) no longer starts netatalk -- if installed -- by default.

RELIABILITY FIX: compute length correctly on certificates in isakmpd(8).
! A source code patch is available.
[Applied to stable]

Ensure kqueue(2) works on ext2fs(8).

More pipe fiddling. --- 380,386 ----

Allow the number of gre(4) devices to be changed in boot_config(8).

rc(8) no longer starts netatalk -- if installed -- by default.

RELIABILITY FIX: compute length correctly on certificates in isakmpd(8).
! A source code patch is available.
[Applied to stable]

Ensure kqueue(2) works on ext2fs(8).

More pipe fiddling. *************** *** 401,407 ****

Some ld.so(1) renovations.

Repair kqueue(2) related panic.

SECURITY FIX: verify location when using fts(3) to pop up directories.
! A source code patch is available.
[Applied to stable]

Update root device selection routines for sun3.

Miscellaneous fxp(4) improvements. --- 401,407 ----

Some ld.so(1) renovations.

Repair kqueue(2) related panic.

SECURITY FIX: verify location when using fts(3) to pop up directories.
! A source code patch is available.
[Applied to stable]

Update root device selection routines for sun3.

Miscellaneous fxp(4) improvements. *************** *** 409,415 ****

Remove pcvt(4) from the tree.

Add BSD authentication support to userland programs; authorization defaults in login.conf(5).

SECURITY FIX: Update to sendmail(8) 8.11.4 which addresses signal race conditions.
! A source code patch is available.
[Applied to stable]

Hardware clock support on powerpc.

Fix directory state tracking in fsck(8). --- 409,415 ----

Remove pcvt(4) from the tree.

Add BSD authentication support to userland programs; authorization defaults in login.conf(5).

SECURITY FIX: Update to sendmail(8) 8.11.4 which addresses signal race conditions.
! A source code patch is available.
[Applied to stable]

Hardware clock support on powerpc.

Fix directory state tracking in fsck(8). *************** *** 599,605 ****

www@openbsd.org !
$OpenBSD: plus30.html,v 1.2 2001/10/28 22:36:23 deraadt Exp $ --- 599,605 ----

www@openbsd.org !
$OpenBSD: plus30.html,v 1.3 2001/10/29 18:37:32 jufi Exp $