===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus30.html,v
retrieving revision 1.2
retrieving revision 1.3
diff -c -r1.2 -r1.3
*** www/plus30.html 2001/10/28 22:36:23 1.2
--- www/plus30.html 2001/10/29 18:37:32 1.3
***************
*** 99,105 ****
In pf(4), don't ignore the inner protocol of ip(4) icmp(4) packets, thus unbreaking traceroute(8), etc.
Support insecure1 and insecure2 options in resolv.conf(5).
SECURITY FIX: be careful with long commandline options in uuxqt and run uucp as non-root in daily.
! A source code patch is available.
[Applied to stable]
Replace ru_SU with ru_RU in vi(1).
Import sendmail(8) 8.12.0, requiring a new smmsp user and group.
--- 99,105 ----
In pf(4), don't ignore the inner protocol of ip(4) icmp(4) packets, thus unbreaking traceroute(8), etc.
Support insecure1 and insecure2 options in resolv.conf(5).
SECURITY FIX: be careful with long commandline options in uuxqt and run uucp as non-root in daily.
! A source code patch is available.
[Applied to stable]
Replace ru_SU with ru_RU in vi(1).
Import sendmail(8) 8.12.0, requiring a new smmsp user and group.
***************
*** 123,129 ****
Inherit vlan(4) baudrate from parent.
Various lpd(8) improvements and fixes.
SECURITY FIX: fix buffer overflow reading queue file in lpd.
! A source code patch is available.
[Applied to stable]
Plug memory leak in scp(1) and rcp(1).
Avoid segfault in dhclient(8) when the server specifies its name.
--- 123,129 ----
Inherit vlan(4) baudrate from parent.
Various lpd(8) improvements and fixes.
SECURITY FIX: fix buffer overflow reading queue file in lpd.
! A source code patch is available.
[Applied to stable]
Plug memory leak in scp(1) and rcp(1).
Avoid segfault in dhclient(8) when the server specifies its name.
***************
*** 139,145 ****
Correct the setup of the initial tcp(4) state window in pf(4).
Import pflogd(8), logging daemon that writes pf(4) logs in tcpdump(8) binary format.
SECURITY FIX: fix out of bounds handling in sendmail debug handling
! A source code patch is available.
[Applied to stable]
Repair ppp(8)'s iface-alias option.
Fix rule flushing code in bridge(4) devices.
--- 139,145 ----
Correct the setup of the initial tcp(4) state window in pf(4).
Import pflogd(8), logging daemon that writes pf(4) logs in tcpdump(8) binary format.
SECURITY FIX: fix out of bounds handling in sendmail debug handling
! A source code patch is available.
[Applied to stable]
Repair ppp(8)'s iface-alias option.
Fix rule flushing code in bridge(4) devices.
***************
*** 205,211 ****
In top(1), abort if stdout(4) ever produces EOF; prevents spinning output if controlling tty disappears.
Implement startup and shutdown hooks via dohooks(9) and family.
SECURITY FIX: check filehandle size copied from userland
! A source code patch is available.
[Applied to stable]
Nuke edlabel.
Add support for disabling swap devices via swapctl(8)'s -d option.
--- 205,211 ----
In top(1), abort if stdout(4) ever produces EOF; prevents spinning output if controlling tty disappears.
Implement startup and shutdown hooks via dohooks(9) and family.
SECURITY FIX: check filehandle size copied from userland
! A source code patch is available.
[Applied to stable]
Nuke edlabel.
Add support for disabling swap devices via swapctl(8)'s -d option.
***************
*** 312,318 ****
RELIABILITY FIX: link XF86Setup
against the right version of libXxf86vm.a.
Fix the
problem of corrupted XF86Config file produced by XF86Setup.
! A source code patch is available.
[Applied to stable]
Avoid a pidfile/sigterm race in sshd(8).
Merge the system's crypto.h into crptodev.h, avoiding name conflicts with OpenSSL.
--- 312,318 ----
RELIABILITY FIX: link XF86Setup
against the right version of libXxf86vm.a.
Fix the
problem of corrupted XF86Config file produced by XF86Setup.
! A source code patch is available.
[Applied to stable]
Avoid a pidfile/sigterm race in sshd(8).
Merge the system's crypto.h into crptodev.h, avoiding name conflicts with OpenSSL.
***************
*** 353,359 ****
Improve powerpc's awacs driver; many interrupt fixes.
Allow the use of ^T in passphrases read by readpassphrase(3).
SECURITY FIX: avoid race in execve(2) when checking flags for ptrace(2).
! A source code patch is available.
[Applied to stable]
Update if_lastchange when IFF_UP is changed instead of on every packet transmission and receipt.
VM renovations on mvme88k.
--- 353,359 ----
Improve powerpc's awacs driver; many interrupt fixes.
Allow the use of ^T in passphrases read by readpassphrase(3).
SECURITY FIX: avoid race in execve(2) when checking flags for ptrace(2).
! A source code patch is available.
[Applied to stable]
Update if_lastchange when IFF_UP is changed instead of on every packet transmission and receipt.
VM renovations on mvme88k.
***************
*** 371,377 ****
Palm support in libsectok.
Rewrite ldd(1).
RELIABILITY FIX: use correct db(3) pointers in pwd_mkdb(8), and don't star out empty passwords
! A source code patch is available.
[Applied to stable]
Assorted ppp(8) alterations.
Correct initialization of the policy_id field for SA structures in isakmpd(8).
--- 371,377 ----
Palm support in libsectok.
Rewrite ldd(1).
RELIABILITY FIX: use correct db(3) pointers in pwd_mkdb(8), and don't star out empty passwords
! A source code patch is available.
[Applied to stable]
Assorted ppp(8) alterations.
Correct initialization of the policy_id field for SA structures in isakmpd(8).
***************
*** 380,386 ****
Allow the number of gre(4) devices to be changed in boot_config(8).
rc(8) no longer starts netatalk -- if installed -- by default.
RELIABILITY FIX: compute length correctly on certificates in isakmpd(8).
! A source code patch is available.
[Applied to stable]
Ensure kqueue(2) works on ext2fs(8).
More pipe fiddling.
--- 380,386 ----
Allow the number of gre(4) devices to be changed in boot_config(8).
rc(8) no longer starts netatalk -- if installed -- by default.
RELIABILITY FIX: compute length correctly on certificates in isakmpd(8).
! A source code patch is available.
[Applied to stable]
Ensure kqueue(2) works on ext2fs(8).
More pipe fiddling.
***************
*** 401,407 ****
Some ld.so(1) renovations.
Repair kqueue(2) related panic.
SECURITY FIX: verify location when using fts(3) to pop up directories.
! A source code patch is available.
[Applied to stable]
Update root device selection routines for sun3.
Miscellaneous fxp(4) improvements.
--- 401,407 ----
Some ld.so(1) renovations.
Repair kqueue(2) related panic.
SECURITY FIX: verify location when using fts(3) to pop up directories.
! A source code patch is available.
[Applied to stable]
Update root device selection routines for sun3.
Miscellaneous fxp(4) improvements.
***************
*** 409,415 ****
Remove pcvt(4) from the tree.
Add BSD authentication support to userland programs; authorization defaults in login.conf(5).
SECURITY FIX: Update to sendmail(8) 8.11.4 which addresses signal race conditions.
! A source code patch is available.
[Applied to stable]
Hardware clock support on powerpc.
Fix directory state tracking in fsck(8).
--- 409,415 ----
Remove pcvt(4) from the tree.
Add BSD authentication support to userland programs; authorization defaults in login.conf(5).
SECURITY FIX: Update to sendmail(8) 8.11.4 which addresses signal race conditions.
! A source code patch is available.
[Applied to stable]
Hardware clock support on powerpc.
Fix directory state tracking in fsck(8).
***************
*** 599,605 ****
www@openbsd.org
!
$OpenBSD: plus30.html,v 1.2 2001/10/28 22:36:23 deraadt Exp $