===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus31.html,v
retrieving revision 1.58
retrieving revision 1.59
diff -u -r1.58 -r1.59
--- www/plus31.html 2019/04/08 16:14:54 1.58
+++ www/plus31.html 2019/05/27 22:55:22 1.59
@@ -1,20 +1,33 @@
-
-
-
+
+
+
OpenBSD 3.1 Changelog
-
-
+
+
+
-OpenBSD
-3.1 Changelog
+OpenBSD
+3.1 Changelog
@@ -25,7 +38,7 @@
in the pages for the specific platforms.
-Note: Problems for which patches exist are marked in red.
+Note: Problems for which patches exist are marked in red.
For changes in other releases, click below:
@@ -80,305 +93,301 @@
-
Changes made between OpenBSD 3.0 and 3.1
+Changes made between OpenBSD 3.0 and 3.1
-- Fix xim problems with zh_CN locale in xf86(4).
-
- Enable Apache httpd(8) modules on ELF-based architectures.
-
- Disallow ftpd(8) logins to accounts lacking passwords.
-
- Log control signals on the IDE bus in wdc(4), obtainable through atactl(8).
-
- Move xautolock(l) into the ports(7) system.
-
- Import pmdb(1).
+
- Fix xim problems with zh_CN locale in xf86(4).
+
- Enable Apache httpd(8) modules on ELF-based architectures.
+
- Disallow ftpd(8) logins to accounts lacking passwords.
+
- Log control signals on the IDE bus in wdc(4), obtainable through atactl(8).
+
- Move xautolock(l) into the ports(7) system.
+
- Import pmdb(1).
- Improve ALTIVEC support in OpenBSD/macppc and powerpc.
-
- Begin to split authorization in sshd(8).
+
- Begin to split authorization in sshd(8).
- Protect against overflows and null dereferences in OpenBSD/i386 CPU probing.
-
- Morph ptrace(2) into one of the kernel config(8) options(4).
-
- Repair some of the problems in the new ahc(4) driver.
-
- Prefer the MAC address found in the local-mac-address property of hme(4), falling back on myetheraddr().
+
- Morph ptrace(2) into one of the kernel config(8) options(4).
+
- Repair some of the problems in the new ahc(4) driver.
+
- Prefer the MAC address found in the local-mac-address property of hme(4), falling back on myetheraddr().
- Rewrite the powerpc pmap handling.
-
- Realize that suffixes given to gzip(1) may be longer than 3 characters and account for this in buffer sanity checks.
-
- Permit user and group names to start with a numeral in identd(8).
-
- Enable altq(9) support in more drivers.
+
- Realize that suffixes given to gzip(1) may be longer than 3 characters and account for this in buffer sanity checks.
+
- Permit user and group names to start with a numeral in identd(8).
+
- Enable altq(9) support in more drivers.
- Update to zlib 1.1.4, fixing a security hole.
-
- Support reverse lookups when displaying states in pfctl(8).
-
- Add the PT_IO API for reading and writing traced processes memory with ptrace(2).
-
- Don't listen(2) on a port nc(1) really doesn't have.
-
- Ensure tcp(4) code doesn't operate on freed memory.
-
- Schedule tcp(4) timers with timeout(9) instead of tcp_slowtimo.
-
- Phase in use of red-black tree(3) algorithms for uvm(9).
-
- Implement a shutdown hook for raid(4) devices, allowing safe use of swap.
-
- Export sha1(3) and md5(3) interfaces through crypto(4).
-
- General crypto(4) and openssl(1) related work.
-
- Recognize a preserve flag in mtree(8) to disable attribute modification.
-
- Repair an off by one error in sshd(8).
-
- Differentiate a closing connection from a bad greeting during read of the protocol version string in ssh(1).
+
- Support reverse lookups when displaying states in pfctl(8).
+
- Add the PT_IO API for reading and writing traced processes memory with ptrace(2).
+
- Don't listen(2) on a port nc(1) really doesn't have.
+
- Ensure tcp(4) code doesn't operate on freed memory.
+
- Schedule tcp(4) timers with timeout(9) instead of tcp_slowtimo.
+
- Phase in use of red-black tree(3) algorithms for uvm(9).
+
- Implement a shutdown hook for raid(4) devices, allowing safe use of swap.
+
- Export sha1(3) and md5(3) interfaces through crypto(4).
+
- General crypto(4) and openssl(1) related work.
+
- Recognize a preserve flag in mtree(8) to disable attribute modification.
+
- Repair an off by one error in sshd(8).
+
- Differentiate a closing connection from a bad greeting during read of the protocol version string in ssh(1).
- Many improvements and cleanups to the trap handling in the installation system.
- Implement machine specific commands to the bootblocks on OpenBSD/hppa.
-
- Provide a toggle for immediate ack behaviour on tcp(4) TH_PUSH segments.
-
- Use timeout(9) instead of tcp_fasttimo for delayed acks in the tcp(4) subsystem.
-
- Vanquish a race condition in pciide(4) interrupt sharing.
-
- Avoid rejecting valid leases in dhclient(8).
-
- Add SOCKS4 support to nc(1).
-
- Import the 4.4BSD deroff(1) and spell(1) programs.
-
- Enhance the handling of quirky scsi(4) devices.
-
- Improve debugability of unloaded pf(4) rules by printing meaningful rule numbers.
-
- Safen SPLAY_MIN and SPLAY_MAX on an empty tree(3).
-
- Support an optional pool(9) memory hard limit in pf(4).
-
- Guard against pool_sethardlimit() decreasing the limit below the current size of the pool(9).
-
- Disable Nagle in ssh(1) port forwarding.
-
- Implement the splay and red-black tree(3) algorithms.
-
- nwkey and powersave support in ifconfig(8).
-
- Deal with groups in adduser(8) more thoroughly.
+
- Provide a toggle for immediate ack behaviour on tcp(4) TH_PUSH segments.
+
- Use timeout(9) instead of tcp_fasttimo for delayed acks in the tcp(4) subsystem.
+
- Vanquish a race condition in pciide(4) interrupt sharing.
+
- Avoid rejecting valid leases in dhclient(8).
+
- Add SOCKS4 support to nc(1).
+
- Import the 4.4BSD deroff(1) and spell(1) programs.
+
- Enhance the handling of quirky scsi(4) devices.
+
- Improve debugability of unloaded pf(4) rules by printing meaningful rule numbers.
+
- Safen SPLAY_MIN and SPLAY_MAX on an empty tree(3).
+
- Support an optional pool(9) memory hard limit in pf(4).
+
- Guard against pool_sethardlimit() decreasing the limit below the current size of the pool(9).
+
- Disable Nagle in ssh(1) port forwarding.
+
- Implement the splay and red-black tree(3) algorithms.
+
- nwkey and powersave support in ifconfig(8).
+
- Deal with groups in adduser(8) more thoroughly.
- Optimize OpenBSD/vax sources with -O2.
- Support an aperture driver on OpenBSD/macppc.
-
- Add a sysctl(3) interface kern.usercrypto that allows userland programs to utilize hardware crypto(4) devices.
-
- Send kind regards to the pool(9) option POOL_EXPOSE, as it's no longer with us.
-
- Add extattr(9) (Extended Attribute) support.
-
- Include a siginfo_t structure with ktrace(2) containing the fault address among other useful information.
+
- Add a sysctl(3) interface kern.usercrypto that allows userland programs to utilize hardware crypto(4) devices.
+
- Send kind regards to the pool(9) option POOL_EXPOSE, as it's no longer with us.
+
- Add extattr(9) (Extended Attribute) support.
+
- Include a siginfo_t structure with ktrace(2) containing the fault address among other useful information.
- Clean up and debug the iommu driver.
- Remove flawed assumptions about memory layout in the stack sharing code in FORK_VMNOSTACK.
-
- Account for process signal masks when dealing with signals in pthreads(3).
-
- Reorder the network components initialization in netstart(8).
-
- Fix some signal races in rbootd(8).
-
- Improve mg(1) in many ways, including lots of buffer cleanups and undo support.
-
- Enable beeper(4) on OpenBSD/sparc64 when pckbd(4) is enabled.
-
- Silence the raid(4) subsystem a bit.
-
- Include support for generic 802.11 ioctl(2) calls in the wi(4) driver.
-
- Repair a fcntl(2) F_GETOWN issue on LP64 BE architectures.
-
- Install "right" zoneinfo timezone(3) files in addition to the "posix" ones.
+
- Account for process signal masks when dealing with signals in pthreads(3).
+
- Reorder the network components initialization in netstart(8).
+
- Fix some signal races in rbootd(8).
+
- Improve mg(1) in many ways, including lots of buffer cleanups and undo support.
+
- Enable beeper(4) on OpenBSD/sparc64 when pckbd(4) is enabled.
+
- Silence the raid(4) subsystem a bit.
+
- Include support for generic 802.11 ioctl(2) calls in the wi(4) driver.
+
- Repair a fcntl(2) F_GETOWN issue on LP64 BE architectures.
+
- Install "right" zoneinfo timezone(3) files in addition to the "posix" ones.
- Remove xebec code.
-
- Enable echo(1) in adduser(8) signal(3) handlers.
-
- Don't require -n in conjunction with -x in xargs(1).
-
- Use mktemp(1) in security(8).
-
- Switch ssh(1) cipher operations to use the openssl(1) EVP API.
+
- Enable echo(1) in adduser(8) signal(3) handlers.
+
- Don't require -n in conjunction with -x in xargs(1).
+
- Use mktemp(1) in security(8).
+
- Switch ssh(1) cipher operations to use the openssl(1) EVP API.
- Allocate some in-kernel memory from a kmem_map-backed pool to avoid deadlocks and MAX_KMAPENT panics.
-
- Avoid a possible panic on reboot(8) with mfs(8) file systems.
-
- New trm(4) driver.
-
- Remove a permissions loosening chmod(2) in pkg_install.
-
- open(2) the console with O_NONBLOCK in syslog(3) to avoid blocking on a locked console.
-
- Provide config(8) accessible hooks for modifying the NMBCLUSTERS, BUFCACHEPERCENT, and NKMEMPAGES options(4).
-
- Calculate ip(4) checksums and copy back modified headers before logging a packet in pf(4) to ensure the integrity of logging.
-
- Enable vnode(9) caching in the kernfs(8) code.
-
- Support for nc(1) connecting to and listening on an AF_UNIX socket(2).
-
- Treat the pound symbol (#) as an escaped character during vi/emacs filename completion in ksh(1).
-
- New port of the ahc(4) driver.
-
- Remove the getpw(3), vlimit(3), and vtimes(3) functions.
+
- Avoid a possible panic on reboot(8) with mfs(8) file systems.
+
- New trm(4) driver.
+
- Remove a permissions loosening chmod(2) in pkg_install.
+
- open(2) the console with O_NONBLOCK in syslog(3) to avoid blocking on a locked console.
+
- Provide config(8) accessible hooks for modifying the NMBCLUSTERS, BUFCACHEPERCENT, and NKMEMPAGES options(4).
+
- Calculate ip(4) checksums and copy back modified headers before logging a packet in pf(4) to ensure the integrity of logging.
+
- Enable vnode(9) caching in the kernfs(8) code.
+
- Support for nc(1) connecting to and listening on an AF_UNIX socket(2).
+
- Treat the pound symbol (#) as an escaped character during vi/emacs filename completion in ksh(1).
+
- New port of the ahc(4) driver.
+
- Remove the getpw(3), vlimit(3), and vtimes(3) functions.
- Simplify PID selection algorithm.
-
- Immunize nanosleep(2) against system time changes.
-
- Minimize time spent doing time management in pf(4).
-
- New tvtohz(9) function.
-
- Add skip steps for rule action and direction in pf(4), considerably hastening rule set evaluation.
-
- altq(9) fixes and improvements through a sync with KAME.
-
- Implement multiple overlapping read/write requests in sftp(1) file transfers.
-
- Update to apache httpd(8) 1.3.23 with mod_ssl 2.8.6.
-
- Relocate ssh(1) configuration files to /etc/ssh.
+
- Immunize nanosleep(2) against system time changes.
+
- Minimize time spent doing time management in pf(4).
+
- New tvtohz(9) function.
+
- Add skip steps for rule action and direction in pf(4), considerably hastening rule set evaluation.
+
- altq(9) fixes and improvements through a sync with KAME.
+
- Implement multiple overlapping read/write requests in sftp(1) file transfers.
+
- Update to apache httpd(8) 1.3.23 with mod_ssl 2.8.6.
+
- Relocate ssh(1) configuration files to /etc/ssh.
- Remove dangerous agressiveness in NFS optimizations with symbolic links.
-
- Improve the sis(4) driver a bit.
+
- Improve the sis(4) driver a bit.
- Update to heimdal-0.4e.
- Fix a possible FIN retransmission mishap.
-
- Account for temporary references to a struct file to avoid races in shared fd(4) situations.
-
- Allow specification of the copy buffer length in ssh(1) via -B.
-
- Some ssh(1) channels cleanup.
+
- Account for temporary references to a struct file to avoid races in shared fd(4) situations.
+
- Allow specification of the copy buffer length in ssh(1) via -B.
+
- Some ssh(1) channels cleanup.
- A potpourri of multi-faceted hppa improvements.
-
- Double check the byte ordering in mpool(3).
+
- Double check the byte ordering in mpool(3).
- Introduce many new and fruitful regression tests.
- Add a driver to get a performance counters on sparc64.
-
- Make ddb(4) understand "boot reboot" and "boot poweroff".
-
- Include a bha(4) driver.
-
- Improve support for header byte swapping in tcpdump(8).
-
- Use "aes" in place of "rijndael" in ssh(1).
-
- Mark execing processes with a flag to indicate to ptrace(2) and similar not to fiddle.
-
- Handle DMA errors and big-endian systems in the ubsec(4) driver.
+
- Make ddb(4) understand "boot reboot" and "boot poweroff".
+
- Include a bha(4) driver.
+
- Improve support for header byte swapping in tcpdump(8).
+
- Use "aes" in place of "rijndael" in ssh(1).
+
- Mark execing processes with a flag to indicate to ptrace(2) and similar not to fiddle.
+
- Handle DMA errors and big-endian systems in the ubsec(4) driver.
- Upgrade to XFree86 4.2.0
-- Plug memory leaks in zlib, ftpd(8), and the login_getcap(3) family.
-
- Support disklabel(8) style size/offset values (ala "300k", "500M", "2G") in fdisk(8).
+
- Plug memory leaks in zlib, ftpd(8), and the login_getcap(3) family.
+
- Support disklabel(8) style size/offset values (ala "300k", "500M", "2G") in fdisk(8).
- Enable the serial console driver and keyboards found on some sparc64 systems.
-
- Use more pool(9) based allocations throughout the system.
+
- Use more pool(9) based allocations throughout the system.
- Update to sendmail-8.12.2.
-
- Add magma(4) and spif(4) support to sparc64.
-
- Don't let wdc(4) try UDMA modes if the controller doesn't support them.
-
- Pay attention to direction with the fastroute and route-to options in pf(4).
-
- Implement net.inet.icmp.rediraccept and net.inet.icmp.redirtimeout via sysctl(8), configuring an icmp(4) redirect ignore and timeout.
-
- Use and support the UNIMPLEMENTED message in the ssh(1) protocol.
-
- Prevent file descriptor close mistakes in faithd(8), route6d(8), rtadvd(8), and rtsold(8).
-
- Remove requirement for reserved ports in the NFS server by using the vfs.nfs.norsvport sysctl(8).
+
- Add magma(4) and spif(4) support to sparc64.
+
- Don't let wdc(4) try UDMA modes if the controller doesn't support them.
+
- Pay attention to direction with the fastroute and route-to options in pf(4).
+
- Implement net.inet.icmp.rediraccept and net.inet.icmp.redirtimeout via sysctl(8), configuring an icmp(4) redirect ignore and timeout.
+
- Use and support the UNIMPLEMENTED message in the ssh(1) protocol.
+
- Prevent file descriptor close mistakes in faithd(8), route6d(8), rtadvd(8), and rtsold(8).
+
- Remove requirement for reserved ports in the NFS server by using the vfs.nfs.norsvport sysctl(8).
- Handle playback interrupts nicely in the cs4321 driver.
-
- Correctly differentiate between reading and writing operations on a number of devices, including radio(4)
-
- Allow port 0 to be used in pf(4) rules.
-
- Improve tty(4) resizing support in mg(1).
-
- In mixerctl(1), only open the mixer with RDWR when really needed.
-
- Enforce sane port ranges in the pfctl(8) rule parsing logic.
-
- Obey POSIX and don't update the modification time of the file if a write(2) is done with a length of zero bytes.
-
- Allow pf(4) rules to be identified by arbitrary labels.
-
- Support the HiFn 7811 in the hifn(4) driver.
-
- Add ELF support to modload(8), among other improvements.
-
- Support flags for savecore(8) in rc(8).
-
- Recognize a "no" keyword in the nat/rdr/binat syntax of nat.conf(5) to avoid translation.
-
- Allow a cvs(1) tagname to be expanded during checkout, export, and
+
- Correctly differentiate between reading and writing operations on a number of devices, including radio(4)
+
- Allow port 0 to be used in pf(4) rules.
+
- Improve tty(4) resizing support in mg(1).
+
- In mixerctl(1), only open the mixer with RDWR when really needed.
+
- Enforce sane port ranges in the pfctl(8) rule parsing logic.
+
- Obey POSIX and don't update the modification time of the file if a write(2) is done with a length of zero bytes.
+
- Allow pf(4) rules to be identified by arbitrary labels.
+
- Support the HiFn 7811 in the hifn(4) driver.
+
- Add ELF support to modload(8), among other improvements.
+
- Support flags for savecore(8) in rc(8).
+
- Recognize a "no" keyword in the nat/rdr/binat syntax of nat.conf(5) to avoid translation.
+
- Allow a cvs(1) tagname to be expanded during checkout, export, and
update to be specified on the command line.
-
- Repair behaviour of ip(4) over ip6(4) tunneling when using gif(4).
-
- Clean up the lkm(4) subsystem.
-
- Consistently use SIG_DFL instead of SIG_IGN to disable a SIGCHLD signal(3) handler.
-
- Do not allow root to login(1) via an insecure tty even if the auth method does not use plaintext passwords.
-
- Don't let root change its password via login_chpass(8) and
-login_lchpass(8).
-
- Add usbtablet(4), input support in XF4 for usb(3) devices.
-
- Avoid hanging x11 channels in ssh(1) with rejected cookies.
-
- ssh(1) protocol 2 HostKey default becomes /etc/ssh_host_rsa_key and /etc/ssh_host_dsa_key.
-
- Enable usb(3) devices for sparc64.
-
- Add a new m4(1) based makedev(8) generation system.
-
- Have fdisk(8) remove references to the NT serial number when writing to the MBR.
+
- Repair behaviour of ip(4) over ip6(4) tunneling when using gif(4).
+
- Clean up the lkm(4) subsystem.
+
- Consistently use SIG_DFL instead of SIG_IGN to disable a SIGCHLD signal(3) handler.
+
- Do not allow root to login(1) via an insecure tty even if the auth method does not use plaintext passwords.
+
- Don't let root change its password via login_chpass(8) and
+login_lchpass(8).
+
- Add usbtablet(4), input support in XF4 for usb(3) devices.
+
- Avoid hanging x11 channels in ssh(1) with rejected cookies.
+
- ssh(1) protocol 2 HostKey default becomes /etc/ssh_host_rsa_key and /etc/ssh_host_dsa_key.
+
- Enable usb(3) devices for sparc64.
+
- Add a new m4(1) based makedev(8) generation system.
+
- Have fdisk(8) remove references to the NT serial number when writing to the MBR.
- Handle truncation to the middle of a file hole in FFS.
-
- Update sudo(8) to 1.6.4.
-
- Add more commands to ddb(4).
+
- Update sudo(8) to 1.6.4.
+
- Add more commands to ddb(4).
- Fix PT_{READ,WRITE}_{I,D} on sparc64.
- Migrate regression tests to a new, unified framework.
-
- Ensure correct alignment in some bridge(4) code.
-
- Many pthreads(3) fixes: only poll file descriptors when needed
+
- Ensure correct alignment in some bridge(4) code.
+
- Many pthreads(3) fixes: only poll file descriptors when needed
use scheduling ticks for better timing, and avoid a polling related overflow.
-
- Only require write permission in pf(4) and pfctl(8) when modifying.
-
- Various od(1) and hexdump(1) fixes and POSIXification.
-
- Rename libusb to libusbhid(3).
+
- Only require write permission in pf(4) and pfctl(8) when modifying.
+
- Various od(1) and hexdump(1) fixes and POSIXification.
+
- Rename libusb to libusbhid(3).
- Enable RAIDFrame auto-configuration.
-
- Ignore the RSH environment variable in rdist(1) if it is empty.
-
- Correctly retain yp(8) bindings in ypbind(8) when using more than two domains.
-
- Plug a memory leak in the EPRT command of ftpd(8).
-
- Repair hex mode output in skey(1).
-
- Default to using the non-blocking behaviour on new accept(2) sockets.
-
- Repair tty(1) related panics caused by the session pointer code.
-
- Have ssh(1) and family exit on openssl(1) allocation failures.
-
- Only require the -t option when using ssh-keygen(1) to generate keys.
-
- Don't examine the tcp(4) header of non-tcp packets in PPP.
+
- Ignore the RSH environment variable in rdist(1) if it is empty.
+
- Correctly retain yp(8) bindings in ypbind(8) when using more than two domains.
+
- Plug a memory leak in the EPRT command of ftpd(8).
+
- Repair hex mode output in skey(1).
+
- Default to using the non-blocking behaviour on new accept(2) sockets.
+
- Repair tty(1) related panics caused by the session pointer code.
+
- Have ssh(1) and family exit on openssl(1) allocation failures.
+
- Only require the -t option when using ssh-keygen(1) to generate keys.
+
- Don't examine the tcp(4) header of non-tcp packets in PPP.
- Strengthen permissions on ppp.conf.sample.
- Use constant bitmasks as opposed to bitfields in the mmu segment and page table structure for mvme88k.
-
- Correctly print the payload string of tcp(4) RST segments when tcpdump(8) is verbose.
-
- Implement a scalable timeout(9) mechanism with constant-time add and delete.
+
- Correctly print the payload string of tcp(4) RST segments when tcpdump(8) is verbose.
+
- Implement a scalable timeout(9) mechanism with constant-time add and delete.
- Let mvme68k systems lacking a configured pcc device compile.
-
- Don't default to generate rsa1 keys in ssh-keygen(1), and try all standard key files when invoked without arguments.
-
- Have crontab(1) send SIGUSR1 to cron(8) when a crontab file has changed, making changes take effect sooner.
-
- Send failing packet sequence number when sshd(8) is responding with an SSH_MSG_UNIMPLEMENTED.
+
- Don't default to generate rsa1 keys in ssh-keygen(1), and try all standard key files when invoked without arguments.
+
- Have crontab(1) send SIGUSR1 to cron(8) when a crontab file has changed, making changes take effect sooner.
+
- Send failing packet sequence number when sshd(8) is responding with an SSH_MSG_UNIMPLEMENTED.
- Ensure that user and system times increase monotonically.
-
- Add powerhook support to yds(4) to handle apm(8) resumes correctly.
-
- Repair memory leak in pcap(3) associated with compiled bpf(4) programs.
+
- Add powerhook support to yds(4) to handle apm(8) resumes correctly.
+
- Repair memory leak in pcap(3) associated with compiled bpf(4) programs.
- Support span ports so that one can snoop a bridge from another interface/machine/network.
-
- Disestablish the xl(4) powerhook on detach.
-
- Add a -u flag to fdisk(8) which updates the MBR code but leaves the partition table intact.
-
- Big isp(4) overhaul.
-
- Improve signal handling in cron(8) so that processes run by cron(8) can't zombify until cron(8) wakes up.
-
- Add a pf(4) DIOCADDSTATE ioctl(2) that adds state entries.
-
- Support primitive stateful pf(4) filtering for other non-TCP/UDP/ICMP protocols.
-
- Fix icmp6(4) MIB counter.
-
- Better signal handling in login_skey(8) to avoid a possible race condition.
-
- Update signal handlers in passwd(1) to complement new catching getpass(3) call.
-
- Allow vnd(4) to create things larger than 2G.
+
- Disestablish the xl(4) powerhook on detach.
+
- Add a -u flag to fdisk(8) which updates the MBR code but leaves the partition table intact.
+
- Big isp(4) overhaul.
+
- Improve signal handling in cron(8) so that processes run by cron(8) can't zombify until cron(8) wakes up.
+
- Add a pf(4) DIOCADDSTATE ioctl(2) that adds state entries.
+
- Support primitive stateful pf(4) filtering for other non-TCP/UDP/ICMP protocols.
+
- Fix icmp6(4) MIB counter.
+
- Better signal handling in login_skey(8) to avoid a possible race condition.
+
- Update signal handlers in passwd(1) to complement new catching getpass(3) call.
+
- Allow vnd(4) to create things larger than 2G.
- Perform a sanity check on the inner IP header of IP-in-IP encapsulated packets.
-
- Support -o for sshd(8), like ssh(1).
-
- Catch -- don't block -- SIGINT and SIGTSTP in readpassphrase(3) and getpass(3).
+
- Support -o for sshd(8), like ssh(1).
+
- Catch -- don't block -- SIGINT and SIGTSTP in readpassphrase(3) and getpass(3).
- Enable rootdev auto-configuration by device drivers during boot and add support for raid devices.
-
- Parse hex numbers in pf(4) correctly.
-
- Curtail the use of regex(3) in ssh(1).
+
- Parse hex numbers in pf(4) correctly.
+
- Curtail the use of regex(3) in ssh(1).
- Make NKMEMPAGES dynamic based on memory size, deprecating NKMEMCLUSTERS in favour of NKMEMPAGES, NKMEMPAGES_MIN, and NKMEMPAGES_MAX.
-
- Forbid the coupling of different address families in pf(4) nat, binat, and rdr rules.
-
- Release the right descriptors when pipe(2) fails.
-
- Use pidfile(3) throughout the tree instead of hand-rolled imitations.
-
- Don't let sshd(8) pass user-defined variables to login(1).
+
- Forbid the coupling of different address families in pf(4) nat, binat, and rdr rules.
+
- Release the right descriptors when pipe(2) fails.
+
- Use pidfile(3) throughout the tree instead of hand-rolled imitations.
+
- Don't let sshd(8) pass user-defined variables to login(1).
- Nuke smartkey(1).
-
- Remove pipe based interface to photurisd(8), leaving only PF_KEY.
-
- Issue a "failed" message instead of a 2nd challenge if sshd(8) sees the same key in authorized_keys twice.
-
- Let the sshd(8) fake X11 server listen on localhost by default.
-
- Use ip6(4) in sendmail(1) when possible.
-
- Fix an alignment bug on alpha by using getifaddrs(3) instead of various ioctl(2) calls in named(8).
-
- Conform to historic behaviour in fmt(1); don't format lines that start with a dot.
-
- Avoid a "thundering herd" problem in accept(2), and fix an infinite loop on 64-bit systems.
-
- Use pool(9) for socket allocations.
-
- Correctly signal an error condition in newsyslog(8) so we don't send a signal to PID 0.
+
- Remove pipe based interface to photurisd(8), leaving only PF_KEY.
+
- Issue a "failed" message instead of a 2nd challenge if sshd(8) sees the same key in authorized_keys twice.
+
- Let the sshd(8) fake X11 server listen on localhost by default.
+
- Use ip6(4) in sendmail(1) when possible.
+
- Fix an alignment bug on alpha by using getifaddrs(3) instead of various ioctl(2) calls in named(8).
+
- Conform to historic behaviour in fmt(1); don't format lines that start with a dot.
+
- Avoid a "thundering herd" problem in accept(2), and fix an infinite loop on 64-bit systems.
+
- Use pool(9) for socket allocations.
+
- Correctly signal an error condition in newsyslog(8) so we don't send a signal to PID 0.
- Repair an error in uipc_socket that could make a transient error permanent.
- Perform a pf_route() before logging in case the logging created a bogus rule, avoiding a panic.
-
- Have socket connection queues use a tailq queue(3).
-
- Add fastroute option to pf(4).
-
- Support pasting characters with codes above 127 using the mouse via wscons(4).
-
- Handle PID files terminated with newlines correctly in newsyslog(8).
-
- Among other improvements, don't leak memory in ppp(8).
+
- Have socket connection queues use a tailq queue(3).
+
- Add fastroute option to pf(4).
+
- Support pasting characters with codes above 127 using the mouse via wscons(4).
+
- Handle PID files terminated with newlines correctly in newsyslog(8).
+
- Among other improvements, don't leak memory in ppp(8).
- During installation, preserve blank space in responses.
- Centralize the mount list, unifying locking, and add vfs_isbusy to help verify that a mount point is locked.
-
- Strengthen the mbuf traversal code in pf(4), avoiding potential crashes on ip6(4) packets with options.
-
- Make dummies for aclocal and the auto* family in cvs(1), hopefully mitigating upgrade hassles.
-
- Don't allow the pf(4) CHANGEBINAT ioctl(2) when securelevel > 1.
+
- Strengthen the mbuf traversal code in pf(4), avoiding potential crashes on ip6(4) packets with options.
+
- Make dummies for aclocal and the auto* family in cvs(1), hopefully mitigating upgrade hassles.
+
- Don't allow the pf(4) CHANGEBINAT ioctl(2) when securelevel > 1.
- Include stub dl* function definitions in libc on ELF, making libdl unneeded.
- Enhance network handling during installations.
-
- Block signals in find(1) when running fts_read().
-
- Move NFS creds out of the standard buf structure and into the nfs node, and use pool(9) for NFS node allocation.
-
- Fix the password length check in user(8).
-
- Use lockmgr in procfs (mount_procfs(8)) instead of a home-made version.
+
- Block signals in find(1) when running fts_read().
+
- Move NFS creds out of the standard buf structure and into the nfs node, and use pool(9) for NFS node allocation.
+
- Fix the password length check in user(8).
+
- Use lockmgr in procfs (mount_procfs(8)) instead of a home-made version.
- Correctly mark items on the syncer worklist with VBIOONSYNCLIST, ensuring items not on the list don't have this mark.
- Convert to using the vn_marktext() function instead of VTEXT to mark a vnode as executing a text image.
-
- Enable the NI_WITHSCOPEID getnameinfo(3) flag by default.
-
- sendmail(8) should listen on port 587 for ip(6), like ip4(6).
-
- Add sanity to the apmd(8) battery alert when the battery is charging.
-
- Let chdir(2) errors in rwhod(8) be seen.
-
- SECURITY FIX: update ssh to OpenSSH-3.0.1.
+ - Enable the NI_WITHSCOPEID getnameinfo(3) flag by default.
+
- sendmail(8) should listen on port 587 for ip(6), like ip4(6).
+
- Add sanity to the apmd(8) battery alert when the battery is charging.
+
- Let chdir(2) errors in rwhod(8) be seen.
+
- SECURITY FIX: update ssh to OpenSSH-3.0.1.
A source code patch is available.
- [Applied to stable]
- - Repair ipx frame-type handling in ifconfig(8).
-
- SECURITY FIX: don't let pf wander off the end of ipv6 icmp packets.
+ [Applied to stable]
+ - Repair ipx frame-type handling in ifconfig(8).
+
- SECURITY FIX: don't let pf wander off the end of ipv6 icmp packets.
A source code patch is available.
- [Applied to stable]
- - Fix a recursive mutex problem in pthreads(3).
-
- RELIABILITY FIX: quiet bogus interrupt messages on sparc64 pciide cdroms.
+ [Applied to stable]
+ - Fix a recursive mutex problem in pthreads(3).
+
- RELIABILITY FIX: quiet bogus interrupt messages on sparc64 pciide cdroms.
A source code patch is available.
- [Applied to stable]
- - Support the "S" command in interactive mode in top(1) to toggle display of system processes.
+ [Applied to stable]
+
- Support the "S" command in interactive mode in top(1) to toggle display of system processes.
- Prepare for UBC by adding a daemon that processes async I/O and repairing some other things.
-
- Don't memset(3) too much memory in ssh(1) or sshd(8).
-
- Be much more sure that software cannot be used in crypto(9) stuff.
-
- Fix behaviour of system(3) in phtreads(3) so it doesn't hang forever.
-
- Use select(2) instead of unsafe SIGIO method for handling wscons(4) events in X11.
-
- Increase buffer sizes in tcpd(8) and ssh(1) so they can hold a full hostname.
-
- Add uscanner(4) device node to i386 and macppc.
-
- SECURITY FIX: be more careful with file permissions in vi.recover
+ - Don't memset(3) too much memory in ssh(1) or sshd(8).
+
- Be much more sure that software cannot be used in crypto(9) stuff.
+
- Fix behaviour of system(3) in phtreads(3) so it doesn't hang forever.
+
- Use select(2) instead of unsafe SIGIO method for handling wscons(4) events in X11.
+
- Increase buffer sizes in tcpd(8) and ssh(1) so they can hold a full hostname.
+
- Add uscanner(4) device node to i386 and macppc.
+
- SECURITY FIX: be more careful with file permissions in vi.recover
A source code patch is available.
- [Applied to stable]
- - RELIABILITY FIX: provide illegal instruction trap handling for Altivec instructions on macppc.
+ [Applied to stable]
+ - RELIABILITY FIX: provide illegal instruction trap handling for Altivec instructions on macppc.
A source code patch is available.
- [Applied to stable]
+ [Applied to stable]
- Take advantage of the bus_dmamap_sync API.
-
- RELIABILITY FIX: finally address the PCI abort problem on hifn7751.
+ - RELIABILITY FIX: finally address the PCI abort problem on hifn7751.
A source code patch is available.
- [Applied to stable]
+ [Applied to stable]
- Move accounting disk space watcher into a kernel thread, fixing accounting on NFS.
- Fix many signal handlers throughout the tree.
-
- Avoid overruning mbuf length in ip6(4) handling.
-
- Big rusers(1) update, including protocol version 3 support, avoidance of duplicate issues on multihomed machines, and timeout tweaking.
-
- Support mmap(2) past 4GB offsets.
-
- Repair creation of the hosts(5) file during installation.
-
- Size mprotect(2) allocations from malloc(3) to 0 bytes, resulting in a fault on access.
-
- Handle autorepeat delays better in wskbd(4).
-
- Send the User-Agent header when using ftp(1) to WWW servers and proxies.
-
- Overhaul some fd(4) handling within the kernel.
-
- Ensure isakmpd(8) dies promptly on reciept of the SIGTERM signal(3).
-
- Fix a problem with bsd_auth(3) and passwords containing colons.
-
- Make -h and -L in pax(4) and tar(1) follow symlinks on extraction of directories.
-
- Support ddb(4) entry with usb keyboards using uskbd(4).
+
- Avoid overruning mbuf length in ip6(4) handling.
+
- Big rusers(1) update, including protocol version 3 support, avoidance of duplicate issues on multihomed machines, and timeout tweaking.
+
- Support mmap(2) past 4GB offsets.
+
- Repair creation of the hosts(5) file during installation.
+
- Size mprotect(2) allocations from malloc(3) to 0 bytes, resulting in a fault on access.
+
- Handle autorepeat delays better in wskbd(4).
+
- Send the User-Agent header when using ftp(1) to WWW servers and proxies.
+
- Overhaul some fd(4) handling within the kernel.
+
- Ensure isakmpd(8) dies promptly on reciept of the SIGTERM signal(3).
+
- Fix a problem with bsd_auth(3) and passwords containing colons.
+
- Make -h and -L in pax(4) and tar(1) follow symlinks on extraction of directories.
+
- Support ddb(4) entry with usb keyboards using uskbd(4).
- Enhance handling of console keyboard attaches and deattaches.
-
- Allow the SCSI cd(4) driver to eject empty drives.
-
- Repair backgrounding (~&) in ssh(1) for v1 and add support for v2.
-
- Spiff up the isp(4) driver; protect against deranged fabric name servers and correctly handle the ISP_QUEUES_FULL status.
-
- Cleanup wx(4), getting rid of a bogus pullup on small mbufs and setting a txint delay.
-
- Polish wsconsctl(8): better usage output, print nice output when changing display.* settings, and prefer warn(3) over err(3).
-
- Handle standard file handles better in cron(8), and change an unsafe vfork(2) call to fork(2).
+
- Allow the SCSI cd(4) driver to eject empty drives.
+
- Repair backgrounding (~&) in ssh(1) for v1 and add support for v2.
+
- Spiff up the isp(4) driver; protect against deranged fabric name servers and correctly handle the ISP_QUEUES_FULL status.
+
- Cleanup wx(4), getting rid of a bogus pullup on small mbufs and setting a txint delay.
+
- Polish wsconsctl(8): better usage output, print nice output when changing display.* settings, and prefer warn(3) over err(3).
+
- Handle standard file handles better in cron(8), and change an unsafe vfork(2) call to fork(2).
- Import xc-mit to build XhpBSD for hp300.
-
- Don't let tcpdump(8) segfault on some radius traffic.
-
- Fix some bugs in ppp(8), including a PASV bug, a set reconnect bug, and allowing for looser MRU handling.
-
- Use a more specific error message when pfctl(8) is given a bad interface name.
-
- Correct printing of RDR rules in pfctl(8) when using ! with destination rules.
-
- Reset state counter when clearing states in pf(4).
-
- Ignore SIGPIPE early in ssh(1), allowing operation to continue even if the agent dies.
-
- Implement syslog_r(3).
-
- Support the Creative Labs SB Live! sound card with emu(4).
+
- Don't let tcpdump(8) segfault on some radius traffic.
+
- Fix some bugs in ppp(8), including a PASV bug, a set reconnect bug, and allowing for looser MRU handling.
+
- Use a more specific error message when pfctl(8) is given a bad interface name.
+
- Correct printing of RDR rules in pfctl(8) when using ! with destination rules.
+
- Reset state counter when clearing states in pf(4).
+
- Ignore SIGPIPE early in ssh(1), allowing operation to continue even if the agent dies.
+
- Implement syslog_r(3).
+
- Support the Creative Labs SB Live! sound card with emu(4).
- Repair __PSEUDO_NOERROR on hppa.
-
-
-
-