Annotation of www/plus35.html, Revision 1.49
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2: <html>
3: <head>
1.44 tj 4: <title>OpenBSD 3.5 Changelog</title>
1.1 deraadt 5: <meta name="description" content="OpenBSD 3.5 changes">
6: <meta name="copyright" content="This document copyright 1996-2004 by OpenBSD.">
1.42 deraadt 7: <meta name="viewport" content="width=device-width, initial-scale=1">
8: <link rel="stylesheet" type="text/css" href="openbsd.css">
1.46 tb 9: <link rel="canonical" href="https://www.openbsd.org/plus35.html">
1.1 deraadt 10: </head>
11:
12: <body bgcolor="#ffffff" text="#000000" link="#23238e">
13:
1.42 deraadt 14: <h2>
15: <a href="index.html">
16: <font color="#0000ff"><i>Open</i></font><font color="#000084">BSD</font></a>
1.44 tj 17: <font color="#e00000">3.5 Changelog</font>
18: </h2>
1.1 deraadt 19: <hr>
20:
21: <p>
22: This is a partial list of the major machine-independent changes
1.17 sobrado 23: (i.e., these are the changes people ask about most often). Machine
1.1 deraadt 24: specific changes have also been made, and are sometimes mentioned
25: in the pages for the specific <a href="plat.html">platforms</a>.
26:
27: <p>
28: Note: <font color="#e00000">Problems for which patches exist are marked in red</font>.
29:
30: <p>
31: For changes in other releases, click below:<br>
32: <a href="plus20.html">2.0</a>,
33: <a href="plus21.html">2.1</a>,
34: <a href="plus22.html">2.2</a>,
35: <a href="plus23.html">2.3</a>,
36: <a href="plus24.html">2.4</a>,
37: <a href="plus25.html">2.5</a>,
38: <a href="plus26.html">2.6</a>,
39: <a href="plus27.html">2.7</a>,
40: <a href="plus28.html">2.8</a>,
41: <a href="plus29.html">2.9</a>,
42: <a href="plus30.html">3.0</a>,
43: <a href="plus31.html">3.1</a>,
44: <a href="plus32.html">3.2</a>,
45: <a href="plus33.html">3.3</a>,
1.2 david 46: <a href="plus34.html">3.4</a>,
1.6 miod 47: <a href="plus36.html">3.6</a>,
1.31 deraadt 48: <a href="plus37.html">3.7</a>,
1.16 deraadt 49: <br>
1.8 deraadt 50: <a href="plus38.html">3.8</a>,
1.9 deraadt 51: <a href="plus39.html">3.9</a>,
1.10 deraadt 52: <a href="plus40.html">4.0</a>,
1.11 deraadt 53: <a href="plus41.html">4.1</a>,
1.14 deraadt 54: <a href="plus42.html">4.2</a>,
1.15 deraadt 55: <a href="plus43.html">4.3</a>,
1.16 deraadt 56: <a href="plus44.html">4.4</a>,
1.18 deraadt 57: <a href="plus45.html">4.5</a>,
1.19 deraadt 58: <a href="plus46.html">4.6</a>,
1.20 deraadt 59: <a href="plus47.html">4.7</a>,
1.21 deraadt 60: <a href="plus48.html">4.8</a>,
1.23 deraadt 61: <a href="plus49.html">4.9</a>,
1.26 nick 62: <a href="plus50.html">5.0</a>,
1.25 schwarze 63: <a href="plus51.html">5.1</a>,
1.26 nick 64: <a href="plus52.html">5.2</a>,
1.27 deraadt 65: <a href="plus53.html">5.3</a>,
1.28 deraadt 66: <a href="plus54.html">5.4</a>,
1.29 deraadt 67: <br>
1.31 deraadt 68: <a href="plus55.html">5.5</a>,
1.34 brett 69: <a href="plus56.html">5.6</a>,
1.35 deraadt 70: <a href="plus57.html">5.7</a>,
1.38 deraadt 71: <a href="plus58.html">5.8</a>,
1.39 deraadt 72: <a href="plus59.html">5.9</a>,
1.45 deraadt 73: <a href="plus60.html">6.0</a>,
1.49 ! deraadt 74: <a href="plus61.html">6.1</a>,
1.2 david 75: <a href="plus.html">current</a>.
1.1 deraadt 76: <br>
77:
78: <p>
1.32 deraadt 79: <h3><font color="#0000e0">Changes made between OpenBSD 3.4 and 3.5</font></h3>
1.1 deraadt 80: <p>
81:
82: <ul>
1.3 deraadt 83: <!-- ^ 20040330 -->
1.41 sthen 84: <li>Don't use <a href="http://man.openbsd.org/?query=select&sektion=2">FD_ZERO(2)</a> in <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>'s privsep monitor.
85: <li>When binding UDP server sockets in <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>, check the sockaddr buffer is large enough before copying.
1.3 deraadt 86: <!-- ^ 20030429 -->
1.41 sthen 87: <li>Add some extra sanity checks for incoming <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> packets.
1.3 deraadt 88: <li>Fix a kernel memory leak when deleting interface addresses (SIOCDIFADDR).
89: <!-- ^ 20040328 -->
1.41 sthen 90: <li>Add a missing <a href="http://man.openbsd.org/?query=spl&sektion=9">spl(9)</a> around if_down() in <a href="http://man.openbsd.org/?query=vlan&sektion=4">vlan(4)</a>.
1.3 deraadt 91: <!-- ^ 20040327 -->
1.41 sthen 92: <li>In <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a>, properly <a href="http://man.openbsd.org/?query=m_copyback&sektion=9">m_copyback(9)</a> the modified TCP sequence number after demodulation.<br>
1.4 deraadt 93: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 94: <li>Fix a use-after-free in <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a>.
95: <li>Raise <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> advskew to 240 while waiting for the <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> bulk update. This makes sure that other hosts can preempt a host that's booting up but hasn't got its network bearings yet.
1.3 deraadt 96: <!-- ^ 20040326 -->
97: <li>Fix a check-for-null-then-deref-anyway bug in icmp6.
1.41 sthen 98: <li>Fix a cut-and-pasto in <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a>'s stateful ICMP code.
99: <li>Unbreak the ICMP checksum when <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> sequence number modulation is used.<br>
1.4 deraadt 100: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.3 deraadt 101: <!-- ^ 20040325 -->
1.41 sthen 102: <li>Disable carp error logging (<a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> net.inet.carp.log) by default.
1.3 deraadt 103: <!-- ^ 20040324 -->
1.41 sthen 104: <li>Remove an unnecessary null termination in the <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> privsep monitor.
105: <li>Teach <a href="http://man.openbsd.org/?query=file&sektion=1">file(1)</a> about OpenBSD-amd64 binaries and coredumps.
106: <li>Add a small delay before the bulk update to stop <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> looping unnecessarily.
1.1 deraadt 107: <!-- ^ 20040323 -->
1.41 sthen 108: <li>Fix <a href="http://man.openbsd.org/?query=ssl&sektion=3">ssl(3)</a> rmd160 breakage on sparc64.
109: <li>Teach <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> how to display the new <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> bulk updates.
110: <li>Make <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> stop <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> preempting to become master until the bulk state table sync has completed.
111: <li>Support best-efforts bulk transfers of states when a <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> syncif is first configured. This allows pfsync+carp clusters to come up gracefully without killing active connections.
112: <li>Have <a href="http://man.openbsd.org/?query=rc&sektion=8">rc(8)</a> stop <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> interfaces on system shutdown.
113: <li>Add pass rules for the pfsync and carp protocols to the default <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> rulebase installed by /etc/<a href="http://man.openbsd.org/?query=rc&sektion=8">rc(8)</a>.
114: <li>Make sure <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> interfaces are initialised before <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> interfaces in /etc/<a href="http://man.openbsd.org/?query=netstart&sektion=8">netstart(8)</a>.
1.1 deraadt 115: <!-- ^ 20040322 -->
116: <!-- ^ 20040321 -->
1.41 sthen 117: <li>Unbreak routing change handling in <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a>.
1.1 deraadt 118: <li>Bump OpenSSH to version 3.8.1.
1.41 sthen 119: <li>Make <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a>'s '-s osfp' option work by spelling it less like OSPF.
120: <li>Update <a href="http://man.openbsd.org/?query=pf.os&sektion=5">pf.os(5)</a> to include OpenBSD 3.5, since that's where it's now at.
121: <li>Have <a href="http://man.openbsd.org/?query=tn3270&sektion=1">tn3270(1)</a> check errno instead of setting it.
122: <li>Fix yet another stray semicolon, this time in <a href="http://man.openbsd.org/?query=aac&sektion=4">aac(4)</a>.
123: <li>Implement firmware downloading for <a href="http://man.openbsd.org/?query=mpt&sektion=4">mpt(4)</a>.
1.1 deraadt 124: <!-- ^ 20040320 -->
1.41 sthen 125: <li>Make <a href="http://man.openbsd.org/?query=bge&sektion=4">bge(4)</a> work on 64-bit machines even if they're not alphas.
126: <li>Have privsep <a href="http://man.openbsd.org/?query=named&sektion=8">named(8)</a> pass SIGINT to the child process.
1.1 deraadt 127: <li>Upgrade Puffy to 3.5 and lock XF4 for release.
1.41 sthen 128: <li>Add final pieces of privilege separation for <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> and switch it on.
129: <li>Add <a href="http://man.openbsd.org/?query=pxeboot&sektion=8&arch=i386">pxeboot(8)</a> for i386 and amd64, derived from NetBSD.
130: <li>Fix another stray semicolon, in <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>'s ASN.1 printer this time.
131: <li>More <a href="http://man.openbsd.org/?query=mpt&sektion=4">mpt(4)</a> fixes, more to come.
1.1 deraadt 132: <!-- ^ 20040319 -->
1.41 sthen 133: <li>When initialising the new state in <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> DIOCADDSTATE, point to the default rule instead of NULL.
1.1 deraadt 134: <li>Merge parts of XFree86 4.4.0 Release not affected by the new license.
1.41 sthen 135: <li>Allow a <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> device's state to be set explicitly with <a href="http://man.openbsd.org/?query=ifconfig&sektion=8">ifconfig(8)</a>.
136: <li>Set permissions on the right files for the @owner, @group and @mode directives in <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> when -B is in effect.
137: <li>For <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> devices with Prism firmware version 1.6.3 or later, support an enhanced security mode for a hostap where the SSID can be hidden from snoopers.
138: <li>Speed up <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> session reestablishment.
139: <li>Fix timeout issues with <a href="http://man.openbsd.org/?query=eap&sektion=4">eap(4)</a> audio devices.
1.1 deraadt 140: <li>Stop the installer asking for the timezone when upgrading.
141: <!-- ^ 20040318 -->
142: <!-- Erratum 016 (libssl) applied to stable here, applied to -current 20040317 -->
143: <!-- Erratum 015 (isakmpd) applied to stable here, -current is 20040310 -->
1.41 sthen 144: <li>Fix <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a>'s logging when the blacklist limit is hit.
145: <li>Allow users with write access to <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>'s control socket to send queries.
146: <li>Fix an out-of-bounds read in <a href="http://man.openbsd.org/?query=ssl&sektion=3">ssl(3)</a> (CAN-2004-0112). This code isn't used in OpenBSD.
1.1 deraadt 147: <li>Always read at least DEV_BSIZE (512) bytes of the disklabel, some disks have smaller block sizes.
148: <li><font color="#e00000"><strong>RELIABILITY FIX: A missing check for a NULL-pointer dereference has been found in ssl(3).</strong></font> A remote attacker can use the bug to cause an OpenSSL application to crash; this may lead to a denial of service.<br>
149: <a href="errata34.html#openssl">A source code patch is available</a>.<br>
150: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 151: <li>Fix a minor memory leak in <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>.
1.1 deraadt 152: <li>Lots of pre-release documentation fixes and additions.
1.41 sthen 153: <li>If running at <a href="http://man.openbsd.org/?query=securelevel&sektion=7">securelevel(7)</a> 2, use the -x option to increase the chances of ntpd using slew mode, since stepping backwards is disabled at this level.
154: <li>Some <a href="http://man.openbsd.org/?query=mpt&sektion=4">mpt(4)</a> stability fixes.
1.1 deraadt 155: <!-- ^ 20040317 -->
1.41 sthen 156: <li>Don't signal <a href="http://man.openbsd.org/?query=mountd&sektion=8">mountd(8)</a> from <a href="http://man.openbsd.org/?query=mount&sektion=8">mount(8)</a> when all that's required is a listing of mounts (PR#3695).
157: <li>Create <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>'s control socket later in the startup.
158: <li>Remember to unlock USB <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> devices on errors.
159: <li>Since we've allocated a cache for <a href="http://man.openbsd.org/?query=pax&sektion=1">pax(1)</a>, let's go right ahead and use it.
1.1 deraadt 160: <li>Remove 'extern int errno' in favour of #include <errno.h> in a number of programs.
1.41 sthen 161: <li>Have <a href="http://man.openbsd.org/?query=diff&sektion=1">diff(1)</a> in directory mode skip over anything that's not a regular file or directory, for POSIX reasons.
1.1 deraadt 162: <!-- ^ 20040316 -->
1.41 sthen 163: <li>Yet another stray semicolon removed, <a href="http://man.openbsd.org/?query=pax&sektion=1">pax(1)</a> is the lucky program.
164: <li>Prevent blacklist connections we're tarpitting from maxing out <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a>'s available connections. Controllable with the new -B option.
165: <li>Have <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> hostap send an error response if a station sends a bogus challenge instead of just ignoring it.
166: <li>Make software WEP work on <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> devices. Only in BSS (station) and hostap modes for now.
167: <li>Fix another bug caused by a stray semicolon, this time in <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>.
168: <li><a href="http://man.openbsd.org/?query=daemon&sektion=3">daemon(3)</a>ise ifstated(8) earlier.
169: <li>Some logic fixes and additional error checks in USB <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a>.
170: <li>Have <a href="http://man.openbsd.org/?query=sensorsd&sektion=8">sensorsd(8)</a> deal gracefully with attempts to initialise unsupported sensor types.
1.1 deraadt 171: <li>Fix memory leak caused by a stray semicolon in arla.
1.41 sthen 172: <li><a href="http://man.openbsd.org/?query=panic&sektion=9">panic(9)</a> if an attempt is made to use the kernel arc4random generator too early.
173: <li>Fix occasional <a href="http://man.openbsd.org/?query=locate.updatedb&sektion=8">locate.updatedb(8)</a> failures due to a bug in <a href="http://man.openbsd.org/?query=sort&sektion=1">sort(1)</a>.
174: <li>Check <a href="http://man.openbsd.org/?query=chdir&sektion=2">chdir(2)</a> return code after <a href="http://man.openbsd.org/?query=chroot&sektion=2">chroot(2)</a> in <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> and <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>.
175: <li>Fix a memory leak and a missing break in <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> ioctl processing error paths.
176: <li>Clear struct sockaddr_un before use in <a href="http://man.openbsd.org/?query=syslogc&sektion=8">syslogc(8)</a>.
1.1 deraadt 177: <!-- ^ 20030315 -->
1.41 sthen 178: <li>In <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a>, only shrink the window once we're in the DATA mode. This way, greylisted connections don't get held up by the tiny window but spam bodies are still sent. Very. Slowly.
179: <li>Restore <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> bus scans to full speed by not checking LUNs that will be skipped anyway.
180: <li>Fix fd and another memory leak in <a href="http://man.openbsd.org/?query=routed&sektion=8">routed(8)</a>.
1.1 deraadt 181: <li>Make the sane_install() tests in the installer match more useful reality.
1.41 sthen 182: <li>Check the return code of <a href="http://man.openbsd.org/?query=chdir&sektion=2">chdir(2)</a> after the privsep <a href="http://man.openbsd.org/?query=chroot&sektion=2">chroot(2)</a> in <a href="http://man.openbsd.org/?query=pflogd&sektion=8">pflogd(8)</a>, <a href="http://man.openbsd.org/?query=syslogd&sektion=8">syslogd(8)</a> and <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>.
183: <li>Disable <a href="http://man.openbsd.org/?query=crypto&sektion=9">crypto(9)</a> MAC functions for now, no current hardware can use them.
184: <li>Some <a href="http://man.openbsd.org/?query=oosiop&sektion=4">oosiop(4)</a> cleanup based on <a href="http://man.openbsd.org/?query=osiop&sektion=4">osiop(4)</a>.
185: <li>In <a href="http://man.openbsd.org/?query=wskbd&sektion=4">wskbd(4)</a>, make the caps lock key do caps lock instead of shift lock (PR#2555).
1.1 deraadt 186: <!-- ^ 20040314 -->
1.41 sthen 187: <li>Make it easier to kill <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a> greylisted processes.
188: <li>Do <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> interface setup last in /etc/<a href="http://man.openbsd.org/?query=netstart&sektion=8">netstart(8)</a>, so that hopefully the syncif gets set up beforehand.
1.1 deraadt 189: <!-- ^ 20040313 -->
1.41 sthen 190: <li>Make <a href="http://man.openbsd.org/?query=bgpctl&sektion=8">bgpctl(8)</a>'s empty-as keyword work.
191: <li>Extra free-then-NULL paranoia in <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a>.
192: <li>Fix <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> software WEP on big-endian machines.
193: <li>Unbreak <a href="http://man.openbsd.org/?query=tail&sektion=1">tail(1)</a> -f mode for filesystems not blessed with <a href="http://man.openbsd.org/?query=kqueue&sektion=2">kqueue(2)</a> support.
194: <li>Implement privilege separation for <a href="http://man.openbsd.org/?query=named&sektion=8">named(8)</a>. And there was much rejoicing.
1.1 deraadt 195: <li>Plug a rtentry leak when TCP gives up on a cached route (in_pcb.c:in_losing()).
1.41 sthen 196: <li>Fix (guess what?) a memory leak in the <a href="http://man.openbsd.org/?query=yacc&sektion=1">yacc(1)</a> skeleton code.
197: <li>Check the payload size more carefully when printing IKE messages in <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>.
198: <li>Plug a memory leak in the error path of <a href="http://man.openbsd.org/?query=execve&sektion=2">execve(2)</a>.<br>
1.5 deraadt 199: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 200: <li>Preliminary port of the NetBSD <a href="http://man.openbsd.org/?query=oosiop&sektion=4">oosiop(4)</a> driver, supporting really old NCR SCSI chips on hppa machines.
1.1 deraadt 201: <!-- ^ 20040312 -->
1.41 sthen 202: <li>Unbreak <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a>'s handling of packages from stdin.
203: <li>Fix a bug in <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a> that stopped custom 450 messages being displayed.
204: <li>Some <a href="http://man.openbsd.org/?query=apm&sektion=4">apm(4)</a> fixes on i386.
205: <li>Sync the <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a> greylist database after each db operation, to minimise the likelihood of corruption.
206: <li>Add basic community support to <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
207: <li>Correct a missing <a href="http://man.openbsd.org/?query=malloc&sektion=3">malloc(3)</a> error check in <a href="http://man.openbsd.org/?query=bgpctl&sektion=8">bgpctl(8)</a>.
208: <li>Fix byte-ordering problems in <a href="http://man.openbsd.org/?query=routed&sektion=8">routed(8)</a> (PR#3704). Based on NetBSD.
1.1 deraadt 209: <!-- ^ 20040311 -->
210: <!-- I know the erratum says March 17, but this is when the -current patch goes in. -->
211: <li><font color="#e00000"><strong>RELIABILITY FIX: Defects in the payload validation and processing functions of isakmpd(8) have been discovered.</strong></font> An attacker could send malformed ISAKMP messages and cause isakmpd to crash or to loop endlessly.<br>
212: <a href="errata34.html#isakmpd2">A source code patch is available</a>.<br>
213: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 214: <li>Obey the user's 'boot reboot' command at the <a href="http://man.openbsd.org/?query=ddb&sektion=4">ddb(4)</a> prompt, even if the system is starting up.
215: <li>Some signedness paranoia when handling <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> sysctls.
216: <li>Fix missing checks for NULL returned from <a href="http://man.openbsd.org/?query=getpass&sektion=3">getpass(3)</a> in login_*(8).
217: <li>Make <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> work harder to clean up after itself on exit.
218: <li>More work on capability announcements in <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
219: <li>Fix an <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> crash when deleting an ESP SA with no authentication (PR#2429).
220: <li>Symlink-handling improvements in <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> etc.'s virtual filesystem code.
221: <li>Simplify the new <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> LUN scanning logic, and print better diagnostics.
222: <li>New -b option to <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a>, used to set the local bind address.
1.1 deraadt 223: <!-- ^ 20040310 -->
1.41 sthen 224: <li>Allow the <a href="http://man.openbsd.org/?query=wsdisplay&sektion=4">wsdisplay(4)</a> screen blanker to be turned off again (PR#3123).
1.1 deraadt 225: <li>3.5-beta -> 3.5.
1.41 sthen 226: <li>Increase the <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> X11 cookie lifetime from two to twenty minutes.
227: <li>Plug some memory leaks in error paths of <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>.
228: <li>Fix multicast for recent <a href="http://man.openbsd.org/?query=sk&sektion=4">sk(4)</a> chipsets. From FreeBSD lists.
1.1 deraadt 229: <li>Be more thorough when URL-encoding usernames and passwords in the installer.
230: <!-- ^ 20040309 -->
1.41 sthen 231: <li>Prevent the user specifying an interface name longer than IFNAMSIZ in <a href="http://man.openbsd.org/?query=ifconfig&sektion=8">ifconfig(8)</a>.
232: <li>Many, many more memory leak fixes in <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a>'s parser.
233: <li>Fix a few missing initialisations in <a href="http://man.openbsd.org/?query=ssh-keyscan&sektion=1">ssh-keyscan(1)</a>.
1.1 deraadt 234: <!-- ^ 20040308 -->
1.41 sthen 235: <li>Have <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a>'s dependency lookup check against local directory listings.
236: <li>New -A (pretend to be another architecture) and -P (limit distribution type) options to <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a>.
1.1 deraadt 237: <li>More memory leak fixes to ifstated(8)'s parser.
238: <li>Fix a null deref in ifstated(8).
1.41 sthen 239: <li>Have <a href="http://man.openbsd.org/?query=nc&sektion=1">nc(1)</a> print an error message if <a href="http://man.openbsd.org/?query=connect&sektion=2">connect(2)</a> fails.
1.1 deraadt 240: <!-- ^ 20030307 -->
1.41 sthen 241: <li>Plug well-hidden memory leaks in <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>, ifstated(8) and <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a>'s parsers.
242: <li>Signal-handling tweaks to <a href="http://man.openbsd.org/?query=syslogd&sektion=8">syslogd(8)</a>.
243: <li>Add <a href="http://man.openbsd.org/?query=mpt&sektion=4">mpt(4)</a>, a driver for LSI Fusion-MPT SCSI and Fibre Channel devices.
1.1 deraadt 244: <!-- ^ 20040306 -->
1.41 sthen 245: <li>Plumb <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> into /etc/<a href="http://man.openbsd.org/?query=rc&sektion=8">rc(8)</a> and /etc/<a href="http://man.openbsd.org/?query=rc.conf&sektion=8">rc.conf(8)</a>.
246: <li>More memory leak fixes in <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
247: <li>Just chdir("/") in <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a> instead of panicking if the initial <a href="http://man.openbsd.org/?query=getcwd&sektion=3">getcwd(3)</a> fails.
248: <li>Start work on capabilities announcement support in <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
249: <li>Since not rejecting optional attributes in BGP implies acceptance/support, make <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> reject attributes it doesn't support.
250: <li>Send outstanding notifications to a <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> peer returning to the IDLE state.
251: <li>Stop <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> sending duplicate route add/delete messages.
252: <li>New IdentitiesOnly option for <a href="http://man.openbsd.org/?query=ssh_config&sektion=5">ssh_config(5)</a>, useful when an agent has many keys.
253: <li>Don't leak memory in <a href="http://man.openbsd.org/?query=scandir&sektion=3">scandir(3)</a> (FreeBSD PR#7923, from 1998!)
254: <li>Fix a big greylist-related memory leak in <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a>.
1.1 deraadt 255: <!-- ^ 20040305 -->
1.41 sthen 256: <li>In <a href="http://man.openbsd.org/?query=kdump&sektion=1">kdump(1)</a>, fix an off-by-one and describe <a href="http://man.openbsd.org/?query=ptrace&sektion=2">ptrace(2)</a> calls better.
1.1 deraadt 257: <li>Allow -stable kernels to build without TCP_ECN.
1.41 sthen 258: <li>Fix a few small key handling bugs in <a href="http://man.openbsd.org/?query=svnd&sektion=4">svnd(4)</a>.
1.1 deraadt 259: <!-- ^ 20040304 -->
1.41 sthen 260: <li>Actually use the alternate RADIUS server in <a href="http://man.openbsd.org/?query=login_radius&sektion=8">login_radius(8)</a>.
261: <li>Make sure that <a href="http://man.openbsd.org/?query=svnd&sektion=4">svnd(4)</a> mounts can read their disklablel as svnd, not vnd.
262: <li>Extend <a href="http://man.openbsd.org/?query=md5&sektion=1">md5(1)</a>'s -c option so it can parse the output of GNU md5sum.
263: <li>Remove dynamic bufq support from <a href="http://man.openbsd.org/?query=wd&sektion=4">wd(4)</a> due to problems.
264: <li>Plug some memory leaks in <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
1.1 deraadt 265: <li>Stop libreadline segfaulting when writing an empty history list to a file (PR#3690).
1.41 sthen 266: <li>Fixes to <a href="http://man.openbsd.org/?query=sftp&sektion=1">sftp(1)</a>'s progress meter.
267: <li>Change <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a> child processes' proctitle to '[accepted]' after the, uh, <a href="http://man.openbsd.org/?query=accept&sektion=2">accept(2)</a> completes.
1.1 deraadt 268: <li>Repair procfs status output (PR#2102).
269: <li>Fix unintentional ordering dependency in kernel module loading and unloading (PR#2910).
1.41 sthen 270: <li>Allow forced <a href="http://man.openbsd.org/?query=unmount&sektion=2">unmount(2)</a>s of nullfs, procfs (both from PR#2394,) and umapfs.
1.1 deraadt 271: <li>Fix an off-by-one in procfs so that it can be successfully unmounted (PR#2327).
1.41 sthen 272: <li>Clean up <a href="http://man.openbsd.org/?query=badsect&sektion=8">badsect(8)</a>'s error reporting (PR#3679).
273: <li>Start <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a> later in /etc/<a href="http://man.openbsd.org/?query=rc&sektion=8">rc(8)</a>.
1.1 deraadt 274: <!-- ^ 20040303 -->
1.41 sthen 275: <li>Fix an <a href="http://man.openbsd.org/?query=mbuf&sektion=9">mbuf(9)</a> leak in <a href="http://man.openbsd.org/?query=tun&sektion=4">tun(4)</a> under failure conditions. From NetBSD.
276: <li>Count <a href="http://man.openbsd.org/?query=mixerctl&sektion=1">mixerctl(1)</a> devices starting at zero instead of stack garbage.
277: <li>Fix <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> reset problems with newer Prism firmware.
278: <li>Make hostap mode work for Prism <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> cards with newer firmware, and disable hostap mode for old firmware.
279: <li>Socket types and error checks cleanup in <a href="http://man.openbsd.org/?query=talk&sektion=1">talk(1)</a>.
280: <li>64-bit fixes to <a href="http://man.openbsd.org/?query=brconfig&sektion=8">brconfig(8)</a>.
281: <li>More features for <a href="http://man.openbsd.org/?query=bgpctl&sektion=8">bgpctl(8)</a>'s 'show rib' command.
282: <li>Fix a memory leak in <a href="http://man.openbsd.org/?query=dhcpd&sektion=8">dhcpd(8)</a>'s parser.
283: <li>Use <a href="http://man.openbsd.org/?query=daemon&sektion=3">daemon(3)</a> instead of DIY in new <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>.
284: <li>Start <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a> earlier in /etc/<a href="http://man.openbsd.org/?query=rc&sektion=8">rc(8)</a>.
285: <li>Generate new <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>'s transaction id (xid) using <a href="http://man.openbsd.org/?query=arc4random&sektion=3">arc4random(3)</a> instead of <a href="http://man.openbsd.org/?query=random&sektion=3">random(3)</a>.
286: <li>Have <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a> (old and new) exit cleanly if its interface goes away (PR#3648).
287: <li>New <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> net.inet.tcp.reasslimit, to control the size of the memory pool for TCP out-of-order segment reassembly that was introduced in the last erratum.
1.1 deraadt 288: <li><font color="#e00000"><strong>RELIABILITY FIX: OpenBSD's TCP/IP stack did not impose limits on how many out-of-order TCP segments are queued in the system. An attacker could send out-of-order TCP segments and trick the system into using all available memory buffers.</strong></font><br>
289: <a href="errata34.html#tcp">A source code patch is available</a>.<br>
290: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 291: <li>Strip out all the multiple-interfaces code from new <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>, it's not used any more.
1.1 deraadt 292: <li>Be sure to call fifofs' reclaim function from its host filesystems (ext2fs, ffs, nfs).<br>
293: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
294: <li>Give fifofs a real reclaim function to prevent memory leaks on rovocation, and fix a potential null deref.<br>
295: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
296: <li>Disable the COMPAT_25 compatibility option in GENERIC kernels.
297: <!-- ^ 20040302 -->
1.41 sthen 298: <li>Catch illegally large AS numbers in <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
299: <li>Rewrite of <a href="http://man.openbsd.org/?query=mount_portal&sektion=8">mount_portal(8)</a>, complete with IPv6 support.
300: <li>Cleanup and paranoia in <a href="http://man.openbsd.org/?query=spamdb&sektion=8">spamdb(8)</a>.
301: <li>Support 'tagged <name>' specifiers on <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> anchor rules.
302: <li>Better IPv4 address validation in <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a>.
303: <li>Process NOTE_TRUNCATE messages in <a href="http://man.openbsd.org/?query=tail&sektion=1">tail(1)</a> and unbreak file truncation handling in -f mode (PR#3689).
304: <li>Allow <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> to run in route-collector mode, i.e. disable the decision process.
1.1 deraadt 305: <li>Build libf2c for GCC3 architectures.
1.41 sthen 306: <li>New -d option for <a href="http://man.openbsd.org/?query=nc&sektion=1">nc(1)</a>, which disables reading from stdin (PR#3694).
1.1 deraadt 307: <!-- ^ 20040301 -->
1.41 sthen 308: <li>Fix a memory leak when the control socket detaches from <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
309: <li>Make <a href="http://man.openbsd.org/?query=bgpctl&sektion=8">bgpctl(8)</a>'s control socket nonblocking.
1.1 deraadt 310: <li>Import libf2c from GCC 3.3.2.
1.41 sthen 311: <li>Show the number of TCP connections drained (by new tcp_drain()) in <a href="http://man.openbsd.org/?query=netstat&sektion=1">netstat(1)</a> output.
312: <li>Don't <a href="http://man.openbsd.org/?query=stat&sektion=2">stat(2)</a> the <a href="http://man.openbsd.org/?query=compress&sektion=1">compress(1)</a> outfile when running in test mode.
1.1 deraadt 313: <li>Re-enable propolice if the X server is built without module support.
1.41 sthen 314: <li>Check the sign of values given to the hw.setperf <a href="http://man.openbsd.org/?query=sysctl&sektion=8">sysctl(8)</a>.
315: <li><a href="http://man.openbsd.org/?query=strtol&sektion=3">strtol(3)</a> and signedness cleanup in <a href="http://man.openbsd.org/?query=ping&sektion=8">ping(8)</a>.
1.1 deraadt 316: <!-- ^ 20040229 -->
1.41 sthen 317: <li>Sync the installer with the <a href="http://man.openbsd.org/?query=ftp&sektion=1">ftp(1)</a> fetch-mode fix.
318: <li>Open a new connection for each file pulled down by <a href="http://man.openbsd.org/?query=ftp&sektion=1">ftp(1)</a> in fetch mode. Fixes problems where 'CWD /' does unexpected things.
1.1 deraadt 319: <li>Fix the test that disallows interface unit numbers greater than INT_MAX (to avoid signedness confusion).
320: <li>Don't allow leading zeros in cloner interface names.
321: <li>Upgrade 3.4-stable to OpenSSH 3.8.
1.41 sthen 322: <li><a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a> greylist cleanup and fixes.
1.1 deraadt 323: <!-- ^ 20040228 -->
1.41 sthen 324: <li>In <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>, make the read buffer for <a href="http://man.openbsd.org/?query=moduli&sektion=5">moduli(5)</a> large enough for 8Kbit primes.
325: <li>Stop <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a> sending DH groups with a primitive generator of zero or one.
326: <li>Fix a race condition in <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> by disabling interrupts before sending an ACK. From NetBSD.
327: <li>Fix some over-zealous assert()ing in <a href="http://man.openbsd.org/?query=afsd&sektion=8">afsd(8)</a>.
328: <li>Add DH group 14 (modp2048) to <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>'s list of predefined quick mode suites.
1.1 deraadt 329: <li>3.4-current -> 3.5-beta.
1.41 sthen 330: <li>Remove a null deref and unbreak WSDISPLAY_USEFONT for <a href="http://man.openbsd.org/?query=vga&sektion=4">vga(4)</a>.
1.1 deraadt 331: <li>Fix an nfsv3-related panic that could occur when linking from a local fs into an NFS mount.<br>
332: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
333: <li>Add an implementation for the tcp_drain() function, similar to ip_drain().<br>
334: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 335: <li>Stop <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> '-s all' printing the entire OS fingerprint database and all the interfaces.
336: <li>Interoperability fixes for <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>, particularly when talking to a Cisco PIX.
1.1 deraadt 337: <!-- ^ 20040227 -->
1.41 sthen 338: <li>Don't use a regex when deleting a user from a group with <a href="http://man.openbsd.org/?query=userdel&sektion=8">userdel(8)</a>, since the username may contain regex special characters. Also, <a href="http://man.openbsd.org/?query=chmod&sektion=2">chmod(2)</a> the new group file before moving it into place instead of after.
339: <li>Fix IP data length calculation in <a href="http://man.openbsd.org/?query=mrinfo&sektion=8">mrinfo(8)</a> and <a href="http://man.openbsd.org/?query=mtrace&sektion=8">mtrace(8)</a>.
340: <li>Fix <a href="http://man.openbsd.org/?query=ifconfig&sektion=8">ifconfig(8)</a>'s matching of multi-digit interface names, e.g. stop vlan10 matching as vlan1.
1.1 deraadt 341: <li>Add __va_copy() in <stdarg.h>, following old ISO C89 behaviour. Used by GNU software.
1.41 sthen 342: <li>Support dumping of the <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> RIB via <a href="http://man.openbsd.org/?query=bgpctl&sektion=8">bgpctl(8)</a>.
343: <li>Have <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> check that the nexthop is a valid range (i.e. not a class D, class E or a loopback).
1.1 deraadt 344: <li>Better logging for ifstated(8), taken from bgpd.
1.41 sthen 345: <li>More enhancements to <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>'s filter language.
346: <li>Include tcps_rcvmemdrop in <a href="http://man.openbsd.org/?query=netstat&sektion=1">netstat(1)</a>'s TCP statistics output.
347: <li>Add '<a href="http://projects.puremagic.com/greylisting/">greylisting</a>' support to <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a>. Oh yes.
1.1 deraadt 348: <!-- ^ 20040226 -->
1.41 sthen 349: <li>Remove a sizeof(long)==4 assumption in <a href="http://man.openbsd.org/?query=ld.so&sektion=1">ld.so(1)</a> that could errnoeously zero four bytes of the next page.
350: <li>Add -B (destdir) support to <a href="http://man.openbsd.org/?query=pkg_delete&sektion=1">pkg_delete(1)</a>.
351: <li>New Loglevel and Logverbose options for <a href="http://man.openbsd.org/?query=isakmpd.conf&sektion=5">isakmpd.conf(5)</a>.
352: <li>Stop <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> clearing too much when -Fa is used and an anchor is given.
1.1 deraadt 353: <!-- ^ 20040225 -->
1.41 sthen 354: <li>Reorder code in <a href="http://man.openbsd.org/?query=dhcrelay&sektion=8">dhcrelay(8)</a> so that the server list is zero-filled before we add servers to it, not after.
355: <li>Allow tuning of <a href="http://man.openbsd.org/?query=bpf&sektion=4">bpf(4)</a> buffer sizes via <a href="http://man.openbsd.org/?query=sysctl&sektion=8">sysctl(8)</a> variables net.bpf.*.
1.1 deraadt 356: <li>Add /usr/local/share/fonts to /etc/fonts/fonts.conf, good for ports.
1.41 sthen 357: <li>Fix send_packet() return value checks in <a href="http://man.openbsd.org/?query=dhcrelay&sektion=8">dhcrelay(8)</a>.
358: <li>Don't allow 'max-src-nodes' in a <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> rule if 'source-track global' is in effect.
359: <li>Enhancements to <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>'s filter language.
360: <li>Stop new <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a> generating a pidfile.
361: <li>Use <a href="http://man.openbsd.org/?query=getopt&sektion=3">getopt(3)</a> instead of DIY in new <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>.
362: <li>Remove the interface discovery scan from new <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>, and so require an explicit interface name.
363: <li>Don't allow 'max-src-nodes' option anywhere other than in a 'source-track' <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> rule.
1.1 deraadt 364: <li>A number of fifofs fixes from FreeBSD.
365: <li>64 bit-specific binutils fixups. From binutils CVS.
366: <!-- ^ 20040224 -->
367: <li>New slinear16-to-alaw audio format converters. From NetBSD.
1.41 sthen 368: <li>Better <a href="http://man.openbsd.org/?query=pread&sektion=2">pread(2)</a> and <a href="http://man.openbsd.org/?query=pwrite&sektion=2">pwrite(2)</a> error checks in libkvm.
369: <li>Fix a potential null deref when looking for a free <a href="http://man.openbsd.org/?query=pty&sektion=4">pty(4)</a> device.
370: <li>A little bounds-check paranoia in <a href="http://man.openbsd.org/?query=procmap&sektion=1">procmap(1)</a>.
371: <li>Make <a href="http://man.openbsd.org/?query=malloc&sektion=3">malloc(3)</a> options work properly for programs that need <a href="http://man.openbsd.org/?query=ld.so&sektion=1">ld.so(1)</a>.
372: <li>Build and install <a href="http://man.openbsd.org/?query=procmap&sektion=1">procmap(1)</a> by default.
373: <li>Better heap discovery heuristic for <a href="http://man.openbsd.org/?query=procmap&sektion=1">procmap(1)</a>,
374: <li>Explicitly disallow backward jumps in <a href="http://man.openbsd.org/?query=bpf&sektion=4">bpf(4)</a> filter programs.
375: <li>More cleanup and dead code removal in the new <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>.
376: <li>Remove raw socket fallback code from new <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>, since OpenBSD always uses <a href="http://man.openbsd.org/?query=bpf&sektion=4">bpf(4)</a>.
1.1 deraadt 377: <li>Bump OpenSSH version to 3.8.
1.41 sthen 378: <li>Bignum fixes in <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>.
379: <li>Set <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a>'s listen socket to non-blocking mode again, reverting the change from 26 Sept 2003.
380: <li>Fix an <a href="http://man.openbsd.org/?query=objdump&sektion=1">objdump(1)</a> segfault on sparc64. From binutils CVS.
1.1 deraadt 381: <li>Fix an out-of-bounds read when comparing IPv6 prefixes if the prefix length is 128.
382: <!-- ^ 20030223 -->
383: <li>Add pthread_attr_[gs]etstack(3) and bump libpthread minor version. From FreeBSD libc_r.
1.41 sthen 384: <li>String cleaning in <a href="http://man.openbsd.org/?query=fvwm&sektion=1">fvwm(1)</a> and <a href="http://man.openbsd.org/?query=wm2&sektion=1">wm2(1)</a>.
1.1 deraadt 385: <li>Some cleanup of <pthread.h>. From FreeBSD's libc_r.
386: <!-- ^ 20040222 -->
387: <li>Fix a locking-related crash when using a portal filesystem.
1.41 sthen 388: <li>Have <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> make a distinction between an unreadable or non-package, and an inaccessible package file.
389: <li>Fix <a href="http://man.openbsd.org/?query=pciide&sektion=4">pciide(4)</a> timeouts at the end of each cdrecord burn.
1.1 deraadt 390: <li>Build sparc64 with gcc3. Gulp.
391: <li>Many USB device fixes from NetBSD.
1.41 sthen 392: <li>Fix a race in <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a>, now cdrecord can safely write at high speeds.
1.1 deraadt 393: <!-- ^ 20040221 -->
394: <li>Re-fix 'VT black text on black background' and other XFree86 bugs for ATI cards, lost in the recent merge.
1.41 sthen 395: <li>Teach <a href="http://man.openbsd.org/?query=passwd&sektion=1">passwd(1)</a> about the master.passwd.byname map so it can work in a secure (makedbm -s) environment.
396: <li>Uncomment and fix code for old <a href="http://man.openbsd.org/?query=tip&sektion=1">tip(1)</a> variables cdelay and ldelay.
397: <li>Have <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>'s pfsync output show the interface being cleared if available.
398: <li>Update <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> to cope with interface-specific state clearing with e.g. pfctl -i fxp0 -Fs'.
399: <li>Add PKG_DESTDIR (-B option) support to <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a>.
1.1 deraadt 400: <li>Improvements to the new auto-generated MAKEDEV(8) manual pages.
1.41 sthen 401: <li>Allow <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> etc. flavor names to contain dots and other special characters.
402: <li>Set files that <a href="http://man.openbsd.org/?query=ypbind&sektion=8">ypbind(8)</a> creates to mode 0644 with <a href="http://man.openbsd.org/?query=fchmod&sektion=2">fchmod(2)</a>, just in case they're created with a more restrictive <a href="http://man.openbsd.org/?query=umask&sektion=2">umask(2)</a>.
403: <li>New .Ex, .In and .Rv <a href="http://man.openbsd.org/?query=mdoc&sektion=7">mdoc(7)</a> macros.
404: <li>Fix some double-<a href="http://man.openbsd.org/?query=free&sektion=3">free(3)</a>s in <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>.
1.1 deraadt 405: <!-- ^ 20040220 -->
406: <li>Resurrect old-style fontconfig-config program, still needed by some ports.
1.41 sthen 407: <li>Make sure that the guard page is also marked as MALLOC_FREE by <a href="http://man.openbsd.org/?query=free&sektion=3">free(3)</a>, to cut down on bleating #ifdef MALLOC_EXTRA_SANITY.
408: <li>Basic filtering support for <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
409: <li>Add <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> -i support to -Fs, -ss, -sq and -w options.
410: <li>New smartreadlog command for <a href="http://man.openbsd.org/?query=atactl&sektion=8">atactl(8)</a> to, well, read SMART logs.
411: <li>Fix SMART log-related panics in <a href="http://man.openbsd.org/?query=wdc&sektion=4">wdc(4)</a>.
412: <li>Have <a href="http://man.openbsd.org/?query=mount&sektion=8">mount(8)</a> report the actual xfs device mounted, and not just 'arla.'
413: <li>In <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>, handle SIGINT the same as SIGTERM when running with -d, and dump logs to syslog at LOG_INFO without -d.
414: <li>Fix a memory leak in <a href="http://man.openbsd.org/?query=tftp&sektion=1">tftp(1)</a>.
415: <li>Bring <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> queue id semantics into line with tag assignment, and remove last vestiges of userland qid code.
1.1 deraadt 416: <!-- ^ 20040219 -->
1.41 sthen 417: <li>Stop <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a> modifying argv and optind while inside the <a href="http://man.openbsd.org/?query=getopt&sektion=3">getopt(3)</a> loop.
418: <li>In gcc3, add a few missing <a href="http://man.openbsd.org/?query=open&sektion=2">open(2)</a> third options when used with O_CREAT.
419: <li>Revoke <a href="http://man.openbsd.org/?query=procmap&sektion=1">procmap(1)</a>'s privileges immediately after <a href="http://man.openbsd.org/?query=kvm_openfiles&sektion=3">kvm_openfiles(3)</a>.
420: <li>Make sure doesn't call <a href="http://man.openbsd.org/?query=strtoul&sektion=3">strtoul(3)</a> on non-numbers.
421: <li>In <a href="http://man.openbsd.org/?query=procmap&sektion=1">procmap(1)</a>, print the names of missing symbols instead of '(null)'.
1.1 deraadt 422: <!-- ^ 20040218 -->
1.41 sthen 423: <li>Extra <a href="http://man.openbsd.org/?query=bzero&sektion=3">bzero(3)</a> paranoia for data coming out of the <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> xfer pool.
424: <li>Memory and string cleanup in <a href="http://man.openbsd.org/?query=procmap&sektion=1">procmap(1)</a>.
425: <li>Implement <a href="http://man.openbsd.org/?query=kevent&sektion=2">kevent(2)</a> and <a href="http://man.openbsd.org/?query=kqueue&sektion=2">kqueue(2)</a> under FreeBSD emulation, using the native calls.
426: <li>Fix mishandling of numeric options in <a href="http://man.openbsd.org/?query=sed&sektion=1">sed(1)</a> (PR#3677).
427: <li>Add -i option to <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a>, restricting operations to the given interface. Only -sI implemented for now.
1.1 deraadt 428: <li>sparc64 alignment fixes in gcc3 propolice.
429: <!-- ^ 20040217 -->
1.41 sthen 430: <li>const'ify some more <a href="http://man.openbsd.org/?query=pthreads&sektion=3">pthreads(3)</a> prototypes for POSIX reasons. From FreeBSD libc_r.
431: <li>In <a href="http://man.openbsd.org/?query=chmod&sektion=1">chmod(1)</a>, check that 'foo.bar' isn't an existing username before assuming it's old-style user.group and treating it like user:group.
432: <li>Don't allocate a cluster in tcp_output() when the whole header fits into an <a href="http://man.openbsd.org/?query=mbuf&sektion=9">mbuf(9)</a>.
433: <li>Add -4 and -6 IP transport selectors to <a href="http://man.openbsd.org/?query=rdate&sektion=8">rdate(8)</a>. Oh yes.
434: <li>Add an extra check for a null transport in <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> exchanges.
435: <li>Use off_t instead of long so that <a href="http://man.openbsd.org/?query=tail&sektion=1">tail(1)</a> can handle large offsets.
1.1 deraadt 436: <li>Remove more unnecessary checks for 8-bit values > 255, this time from libc/ethers.c.
1.41 sthen 437: <li>Add a missing <a href="http://man.openbsd.org/?query=realloc&sektion=3">realloc(3)</a> failure check in asn1_compile.
1.1 deraadt 438: <li>Generate the MAKEDEV(8) manpages automagically based on the same information as the MAKEDEV scripts themselves.
1.41 sthen 439: <li><a href="http://man.openbsd.org/?query=gcc&sektion=1">gcc(1)</a> propolice fixes on i386.
440: <li>First cut at <a href="http://man.openbsd.org/?query=procmap&sektion=1">procmap(1)</a> from NetBSD (where it's called pmap). Not yet built by default.
1.1 deraadt 441: <!-- ^ 20040216 -->
1.41 sthen 442: <li>New 'split' option in <a href="http://man.openbsd.org/?query=iostat&sektion=8">iostat(8)</a> for the newly-separated disk read/write stats.
1.1 deraadt 443: <li>Check for TDB entries marked as invalid when looking up tcpmd5 connections.
444: <li>Record separate disk statistics for read and write operations. Adapted from NetBSD.
1.41 sthen 445: <li>In ifstated(8), don't <a href="http://man.openbsd.org/?query=bcopy&sektion=3">bcopy(3)</a> around a structure containing TAILQ pointers.
1.1 deraadt 446: <li>Better SIGHUP handling in ifstated(8).
447: <!-- ^ 20040215 -->
448: <li>Refactor processor speed settings sysctl code (hw.cpuspeed, hw.setperf) for clarity.
1.41 sthen 449: <li>Fix broken <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> IKE output for certain vendors' phase 1 proposals.
1.1 deraadt 450: <!-- ^ 20040214 -->
1.41 sthen 451: <li>New driver, <a href="http://man.openbsd.org/?query=bce&sektion=4">bce(4)</a>, for Broadcom 4401 10/100Mbps Ethernet devices.
1.1 deraadt 452: <li>Drop the osigaltstack() compatibility system call.
453: <li>Import and merge XFree86-current of 2004/02/13, minus files with the new XFree86 License which contains text developed by The XFree86 Project, Inc (http://www.xfree86.org/) and its contributors.
1.41 sthen 454: <li>Make sure all <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> anchors get updated after an anchor is removed.
455: <li>Better signal handling and other cleanup in <a href="http://man.openbsd.org/?query=pflogd&sektion=8">pflogd(8)</a>.
456: <li>Print textual service and protocol names properly in <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> even when -n is specified.
457: <li>Some cleanup and an additional mode for <a href="http://man.openbsd.org/?query=acss&sektion=3">acss(3)</a>.
1.1 deraadt 458: <!-- ^ 20040213 -->
1.41 sthen 459: <li>Disallow <a href="http://man.openbsd.org/?query=em&sektion=4">em(4)</a> PHY resets when IP is enabled on an interface to prevent lockups when using GigE copper.
460: <li>Use a hash table instead of a linked list to speed up 802.1q tag -> <a href="http://man.openbsd.org/?query=vlan&sektion=4">vlan(4)</a> interface lookup.
461: <li>New -p flag for <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a>, allowing the device to be something other than /dev/pf.
1.1 deraadt 462: <li>Logging cleanup in ifstated(8).
463: <li>Revert some propolice breakage in gcc3.
464: <li>64-bit alignment fixes in ifstated(8).
465: <!-- ^ 20040212 -->
466: <li><font color="#e00000"><strong>RELIABILITY FIX: Several buffer overflows exist in the code parsing font.aliases files in XFree86.</strong></font> Thanks to ProPolice, these cannot be exploited to gain privileges, but they can cause the X server to abort.<br>
467: <a href="errata34.html#font">A source code patch is available</a>.<br>
468: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 469: <li>Add missing volatile to a signal handler flag in <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>.
1.1 deraadt 470: <li>in tcp_input(), stop an unsigned integer underflow from making the TCP MSS calculation return ridiculously large values when ifp==NULL.
1.41 sthen 471: <li>Reduce <a href="http://man.openbsd.org/?query=makewhatis&sektion=8">makewhatis(8)</a>'s newly-increased pickiness a little.
472: <li>Fix another bug that allows a <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> antispoof rule on an interface with no IP addresses to result in all other interfaces blocking all IP packets.
1.1 deraadt 473: <!-- ^ 20040211 -->
1.41 sthen 474: <li>Install <a href="http://man.openbsd.org/?query=bgpd.conf&sektion=5">bgpd.conf(5)</a> root:wheel, mode 0600 and make <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> insist it be so.
475: <li>Reduce the default number of <a href="http://man.openbsd.org/?query=pty&sektion=4">pty(4)</a> devices from 64 to 16, now that additional ptys will be created on demand.
476: <li>Fix an off-by-one when generating <a href="http://man.openbsd.org/?query=pty&sektion=4">pty(4)</a> device names (ptydevname()).
477: <li>Make <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>'s <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> output more consistent with other tcpdump output.
478: <li>Plug an <a href="http://man.openbsd.org/?query=mbuf&sektion=9">mbuf(9)</a> leak by making ip_fragment() free the mbuf on errors instead of expecting the caller to do it.<br>
1.1 deraadt 479: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
480: <li>Add a flag so that hardware sensors can be marked as invalid if, for example, they're disconnected.
1.41 sthen 481: <li>Make picky mode in <a href="http://man.openbsd.org/?query=makewhatis&sektion=8">makewhatis(8)</a> even pickier.
482: <li>Fix an off-by-one in <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a>'s interface management code.
483: <li>Have <a href="http://man.openbsd.org/?query=ndp&sektion=8">ndp(8)</a> flush stdout before sleeping in -A mode (KAME pr#584).
484: <li>In the new <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>, don't send pointless DHCPDISCOVER messages on interfaces that are known to have an inactive link status.
1.1 deraadt 485: <li>Allow for the presence of tcpmd5 signatures in the TCP MSS calculation.
1.41 sthen 486: <li>Have <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> display a filter uptime now that we keep track of when it was last enabled.
487: <li>Make <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> work on 64-bit alignment-sensitive architectures when IP options are present.
488: <li>Unbreak <a href="http://man.openbsd.org/?query=ypset&sektion=8">ypset(8)</a>'s -h option. From FreeBSD.
489: <li>Have <a href="http://man.openbsd.org/?query=sysctl&sektion=8">sysctl(8)</a> politely inform users that <a href="http://man.openbsd.org/?query=pstat&sektion=8">pstat(8)</a> with -t is the tool of choice for viewing terminal information.
490: <li>Support -$ option (disallow '$' in identifiers) and -notraditional in <a href="http://man.openbsd.org/?query=cpp&sektion=1">cpp(1)</a> for gcc2.
491: <li>New ptm device (see <a href="http://man.openbsd.org/?query=pty&sektion=4">pty(4)</a>) that allows non-privileged processes to allocate a properly-permissioned pty. No more setuid(root) <a href="http://man.openbsd.org/?query=xterm&sektion=1">xterm(1)</a>!
492: <li>Stop assuming that tty <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> variables are quads. Some are now ints.
493: <li>Dynamically allocate kernel memory for ttys, controlled via <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a>s kern.tty.{maxptys,nptys}. Adapted from NetBSD.
494: <li>Teach <a href="http://man.openbsd.org/?query=boot&sektion=8">boot(8)</a> how to load read-only data segments for ELF architecture kernels.
1.1 deraadt 495: <li>If the i386 bootloader fails, enable interrupts before halting so ctrl-alt-del will work.
496: <!-- ^ 20040210 -->
1.41 sthen 497: <li>Install the <em>edit</em> USD doc, reworked to be an <a href="http://man.openbsd.org/?query=ex&sektion=1">ex(1)</a> tutorial, under /usr/share/docs/usd/11.edit.
498: <li>In the XF4 Makefile, fix -o operator precedence for the <a href="http://man.openbsd.org/?query=find&sektion=1">find(1)</a> command when checking for incorrect file permissions.
499: <li>Add missing MLINKS and do some .Nm macro cleanup to help <a href="http://man.openbsd.org/?query=makewhatis&sektion=8">makewhatis(8)</a>.
500: <li>Don't flush <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> stats when using the -e or -d options to <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a>. Store the time at which the filter was last enabled.
501: <li>Unbreak the <a href="http://man.openbsd.org/?query=pf.conf&sektion=5">pf.conf(5)</a> 'set loginterface' command.
502: <li>Have <a href="http://man.openbsd.org/?query=lex&sektion=1">lex(1)</a> declare errno for c++ users too.
1.1 deraadt 503: <li>Allow libstdc++ to build on architectures with no shared libraries.
504: <!-- ^ 20040209 -->
1.41 sthen 505: <li>Fix a panic when cleaning up after an interface (e.g a PC Card <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a>) has gone away (PR#3649).
506: <li>Unstick the -a option from <a href="http://man.openbsd.org/?query=ps&sektion=1">ps(1)</a> (PR#3676).
507: <li>Sync the installer network startup with changes in <a href="http://man.openbsd.org/?query=netstart&sektion=8">netstart(8)</a>.
508: <li>Fix a memory allocation-related panic in <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> that can occur under very high loads.
1.1 deraadt 509: <li>Fix a buffer overflow in XFree font aliasing. From XFree86 CVS.<br>
510: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
511: <li>Don't fully unroll kernel rijndael code to save some space.
1.41 sthen 512: <li>Some fixes to <a href="http://man.openbsd.org/?query=ahc&sektion=4">ahc(4)</a>, mostly from FreeBSD.
1.1 deraadt 513: <!-- ^ 20040208 -->
1.41 sthen 514: <li>Additional sanity checks when probing <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> luns.
515: <li>Disable interrupts on a <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> controller for polled commands, fixing a long-standing hang at attach time on i386.
516: <li>Stop <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a> burping interface information to stderr.
1.1 deraadt 517: <!-- ^ 20040207 -->
1.41 sthen 518: <li>Have lib<a href="http://man.openbsd.org/?query=pcap&sektion=3">pcap(3)</a> use the kernel default buffer size instead of setting its own size.
519: <li>Bump the <a href="http://man.openbsd.org/?query=bpf&sektion=4">bpf(4)</a> maximum buffer size to 2MB, and the default size to 32KB, to allow for faster networks and larger frame sizes.
520: <li>Turn on <a href="http://man.openbsd.org/?query=ddb&sektion=4">ddb(4)</a> logging (<a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> ddb.log) by default.
521: <li>Allow <a href="http://man.openbsd.org/?query=bind&sektion=2">bind(2)</a> to work in an IPv6-only (no IPv4) configuration.
522: <li>First cut of a filtering language for <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
523: <li>Another pass at making <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>'s code readable.
1.1 deraadt 524: <!-- ^ 20040206 -->
1.41 sthen 525: <li>Fix a curiously familiar reference-counting bug in <a href="http://man.openbsd.org/?query=uvm&sektion=9">uvm(9)</a>.
526: <li><font color="#e00000"><strong>SECURITY FIX: A reference-counting bug exists in the <a href="http://man.openbsd.org/?query=shmat&sektion=2">shmat(2)</a> system call that could be used by an attacker to write to kernel memory under certain circumstances.</strong></font> Adapted from FreeBSD.<br>
1.1 deraadt 527: <a href="errata34.html#sysvshm">A source code patch is available</a>.<br>
528: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 529: <li>Fix a CVS merge error in <a href="http://man.openbsd.org/?query=xterm&sektion=1">xterm(1)</a>'s app-defaults file.
530: <li>Make <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> -vvsq loop again (PR#3675).
531: <li>Unbreak the <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> progress meter ETA for files larger than 4GB (OpenSSH bugzilla #791).
532: <li>Fix a memory leak in <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a> (PR#3668).
533: <li>If <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> is in privsep mode, pass the SIGALRM from LoginGraceTime expiry through to the child process.
1.1 deraadt 534: <li>Apply the same strict RFC 2460 interpretation used for the IPv6 MTU to the TCP MSS calculation.
535: <!-- ^ 20040205 -->
536: <li>New parser for ifstated(8), and more features. Still more to come.
1.41 sthen 537: <li>Fix <a href="http://man.openbsd.org/?query=grep&sektion=1">grep(1)</a>'s ^ and $ anchors that were broken by the recent -w fixes.
538: <li>For programs that don't support long options, stop <a href="http://man.openbsd.org/?query=getopt&sektion=3">getopt(3)</a> treating '--foo' the same way it treats '--', as per POSIX (PR#3666).<br>
1.1 deraadt 539: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 540: <li>Let <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> deal gracefully with 'modulate state' on rules with protos to which it might not apply in the same way as 'keep state', e.g. 'pass proto {tcp udp} modulate state' is now acceptable.
541: <li>Don't use a valid user id as a flag value in <a href="http://man.openbsd.org/?query=ps&sektion=1">ps(1)</a>.
1.1 deraadt 542: <li>Remove the earlier fix for the IPv6 MTU crash bug now that the full fix is in place.
543: <li><font color="#e00000"><strong>SECURITY FIX: An IPv6 MTU handling problem exists that could be used by an attacker to cause a denial of service attack against hosts with reachable IPv6 TCP ports.</strong></font> Fix this fully by applying a strict interpretation of RFC 2460 section 5, last paragraph.<br>
544: <a href="errata34.html#ip6">A source code patch is available</a>.<br>
545: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 546: <li>Memory alignment fixes in <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>.
547: <li>Huge amount of <a href="http://man.openbsd.org/?query=style&sektion=9">style(9)</a>, ANSI and other cleanup in <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>. More to come.
1.1 deraadt 548: <!-- ^ 20040204 -->
1.41 sthen 549: <li>Some std:: namespace and other C++ mode fixes for <a href="http://man.openbsd.org/?query=flex&sektion=1">flex(1)</a>. From NetBSD.
550: <li>Fix <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> macro expansion in tags (PR#3664).
551: <li>Unbreak and reapply the don't-use-<a href="http://man.openbsd.org/?query=inet_net_pton&sektion=3">inet_net_pton(3)</a>-without-a-slash fix (PR#3638).
552: <li>Teach lib<a href="http://man.openbsd.org/?query=crypto&sektion=3">crypto(3)</a> how to use the VIA C3 crypto functions for (seriously) accelerated aes-{128,192,256}-cbc.
1.1 deraadt 553: <!-- ^ 20040203 -->
1.41 sthen 554: <li>Do temp file cleanup for signals as well as exits in <a href="http://man.openbsd.org/?query=spell&sektion=1">spell(1)</a>.
555: <li>Sanity check memory allocation when attaching <a href="http://man.openbsd.org/?query=wd&sektion=4">wd(4)</a> devices.
556: <li>Have <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a> create a buffer list window when started with more than two files, just like emacs.
557: <li>Fix compile breakage in <a href="http://man.openbsd.org/?query=bridge&sektion=4">bridge(4)</a> and netinet6 when <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> isn't present.
558: <li>In <a href="http://man.openbsd.org/?query=ipsecadm&sektion=8">ipsecadm(8)</a> monitor mode, reorder <a href="http://man.openbsd.org/?query=memset&sektion=3">memset(3)</a> arguments so it works less like a nop.
559: <li>For safety, only do <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> interface lookups (pfi_index2kif()) if the filter is enabled.
560: <li>Remove the special-case LBL_ALIGN code in <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> and act as if we're always on a platform that requires aligned memory access.
561: <li>In <a href="http://man.openbsd.org/?query=leave&sektion=1">leave(1)</a>, don't allow alarms to be set in the past as this is unlikely to be useful. Also some cleanup based on NetBSD.
1.1 deraadt 562: <li>On i386, allow userland apps to use the VIA C3 crypto instructions if they're present.
563: <!-- ^ 20040202 -->
564: <li>Temporarily work around an MTU-related crash in IPv6 by simply enforcing a minimum link MTU of 296. Real fix to come.
1.41 sthen 565: <li>Add <a href="http://man.openbsd.org/?query=as&sektion=1">as(1)</a> support for the VIA C3 xmove-rng and xcrypt-{ecb,cbc,cfb,ofb} instructions.
566: <li>Allow '-' as a valid character in <a href="http://man.openbsd.org/?query=as&sektion=1">as(1)</a> mnemonics, as required by a few VIA C3 instructions.
567: <li>Add a 'paper.txt' <a href="http://man.openbsd.org/?query=make&sektion=1">make(1)</a> target to generate ASCII output for the documents under /usr/share/doc.
1.1 deraadt 568: <li>Sync i386 option USER_LDT code with NetBSD, fixing some ports panics.
569: <li>In libpthread, add a simple work-around for deadlocking on recursive readlocks on a rwlock while there are writers waiting (from FreeBSD PR#24641).
570: <li>Add ARM support and a new port for <a href="cats.html">cats</a> boards.
571: <!-- ^ 20040201 -->
572: <li>Rename TCP socket option from TCP_SIGNATURE_ENABLE to TCP_MD5SIG.
1.41 sthen 573: <li>Build <a href="http://man.openbsd.org/?query=protoize&sektion=1">protoize(1)</a> for gcc3.
1.1 deraadt 574: <li>Reverse the enable logic for TCP selective acks, so TCP_SACK_DISABLE becomes TCP_SACK_ENABLE.
1.41 sthen 575: <li>Really commit -L (localbase) support for <a href="http://man.openbsd.org/?query=pkg_create&sektion=1">pkg_create(1)</a>, as well as the related -S and -B options.
576: <li>Some types cleanup and better SIGCHLD handling in privsep <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>.
1.1 deraadt 577: <!-- ^ 20040131 -->
1.41 sthen 578: <li>Fix an old logic bug in <a href="http://man.openbsd.org/?query=nlist&sektion=3">nlist(3)</a> that caused lookups for names with a leading underscore to fail on ELF systems.
579: <li>Install <a href="http://man.openbsd.org/?query=ex&sektion=1">ex(1)</a> documentation in doc/usd/13.ex.
580: <li>Back out the <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> attach freeze fix for now.
581: <li>Sync <a href="http://man.openbsd.org/?query=named&sektion=8">named(8)</a>'s root.hint file after the IP address change of B.ROOT-SERVERS.NET.
582: <li>Stop <a href="http://man.openbsd.org/?query=systrace&sektion=1">systrace(1)</a> trying to normalize an empty filename.
583: <li>Enable tcpmd5 on <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>'s listen socket. For peers configured with md5sig, require <a href="http://man.openbsd.org/?query=accept&sektion=2">accept(2)</a>ed sockets to have signatures enabled.
584: <li>New TCP_SIGNATURE_ENABLE option to <a href="http://man.openbsd.org/?query=getsockopt&sektion=2">getsockopt(2)</a>, allowing a process to check the tcpmd5 status of an <a href="http://man.openbsd.org/?query=accept&sektion=2">accept(2)</a>ed socket.
585: <li>Support <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> version 2 password change. password-dead must be set to non-zero in <a href="http://man.openbsd.org/?query=login.conf&sektion=5">login.conf(5)</a> for this to work.
586: <li>New update-moduli target in /usr/src/etc/Makefile, for regenerating /etc/<a href="http://man.openbsd.org/?query=moduli&sektion=5">moduli(5)</a>.
1.1 deraadt 587: <!-- ^ 20040130 -->
1.41 sthen 588: <li>Format string fixes and other cleanup for <a href="http://man.openbsd.org/?query=fvwm&sektion=1">fvwm(1)</a> in the wake of -ansi removal.
589: <li>Remove -ansi from the list of <a href="http://man.openbsd.org/?query=gcc&sektion=1">gcc(1)</a> build options for XFree86.
1.1 deraadt 590: <li>On i386 systems with SSE2, halve the time taken to zero a page of memory. Based on FreeBSD.
1.41 sthen 591: <li>Switch the new <a href="http://man.openbsd.org/?query=sigaltstack&sektion=2">sigaltstack(2)</a> code back on again on alpha and sparc64.
592: <li>Make <a href="http://man.openbsd.org/?query=ddb&sektion=4">ddb(4)</a>'s ps /n command show the correct state for a process.
1.1 deraadt 593: <li>Reset the TCP keepalive timer to tcp.keepidle (normally four hours) after the three-way handshake completes. (syncache sets it to tcp.keepinittime, normally 150 seconds).
594: <li>Allow a single listen socket to be used for connections with and without tcpmd5.
1.41 sthen 595: <li>Avoid a long <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> freeze when attaching live scsibus* devices.
596: <li>Support RFC 3390 'Increasing TCP's initial window' extension, enabled using <a href="http://man.openbsd.org/?query=sysctl&sektion=8">sysctl(8)</a> net.inet.tcp.rfc3390.
1.1 deraadt 597: <li>When TCP is in the SYN_SENT state, don't increase cwnd by 1*MSS on receipt of the SYN/ACK.
598: <li>Note that 'pegasos' is not quite the same as 'pegosos'.
1.41 sthen 599: <li>Clean up the output from <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> with '-s all'.
1.1 deraadt 600: <li>Allow the arch-specific bootloaders to change the program name to something other than 'BOOT'.
601: <!-- ^ 20040129 -->
1.41 sthen 602: <li>Use a more reliable reference count when deciding whether or not to free a FIFO <a href="http://man.openbsd.org/?query=vnode&sektion=9">vnode(9)</a>. Adapted from FreeBSD.
603: <li>Allow Cisco/Juniper compatible (and keyspace-limiting) ASCII md5sig keys in <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
604: <li>Track the number of ftp or http connections to a host in <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a>. Limit to one connection for now.
605: <li>New -L option to set (<a href="http://man.openbsd.org/?query=pkg_create&sektion=1">pkg_create(1)</a>) or use (<a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a>) the package LOCALBASE. See <a href="http://man.openbsd.org/?query=bsd.port.mk&sektion=5">bsd.port.mk(5)</a> for details.
606: <li>Use <a href="http://man.openbsd.org/?query=_exit&sektion=2">_exit(2)</a> instead of <a href="http://man.openbsd.org/?query=abort&sektion=3">abort(3)</a> when <a href="http://man.openbsd.org/?query=xfs&sektion=1">xfs(1)</a> dies due to an error.
607: <li>Fix a potential double-free in <a href="http://man.openbsd.org/?query=m_split&sektion=9">m_split(9)</a> (PR#3651).
608: <li>Add privilege separation for <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>.
1.1 deraadt 609: <li>Move gcc2-specific files into the architecure-specific distribution setlists. Gulp.
1.41 sthen 610: <li>Don't dump core in <a href="http://man.openbsd.org/?query=patch&sektion=1">patch(1)</a> when the file can't be found but user says to patch anyway.
611: <li>Let <cdefs.h> compile on old <a href="http://man.openbsd.org/?query=gcc&sektion=1">gcc(1)</a> and even on non-gcc.
612: <li>Make <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> ignore extra (maskless) rtsock change messages sent by <a href="http://man.openbsd.org/?query=pppd&sektion=8">pppd(8)</a>.
1.1 deraadt 613: <li>Start work on the <a href="amd64.html">amd64</a> port. Based on work by NetBSD.
614: <!-- ^ 20040128 -->
1.41 sthen 615: <li>New mail-set-margin option for <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a> mail mode.
616: <li>Fix <a href="http://man.openbsd.org/?query=ipsecadm&sektion=8">ipsecadm(8)</a>'s use of <a href="http://man.openbsd.org/?query=getaddrinfo&sektion=3">getaddrinfo(3)</a>.
617: <li>In <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a>, exit instead of carrying on regardless when the pre-addition stage fails.
618: <li>Better pfkeyv2 interface when setting up tcpmd5 in <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>. More to do.
619: <li>Add support for -f (force) option to <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> and <a href="http://man.openbsd.org/?query=pkg_delete&sektion=1">pkg_delete(1)</a>.
620: <li>Allow <a href="http://man.openbsd.org/?query=skey&sektion=1">skey(1)</a>-format usernames (<em>user</em>:skey) in <a href="http://man.openbsd.org/?query=sftp&sektion=1">sftp(1)</a> (OpenSSH bugzilla #777).
1.1 deraadt 621: <li>In pf_test and pf_test6, immediately drop packets on any interface that doesn't have an associated pfi_kif structure.
622: <li>Hash tcpmd5 TDB lookups by source address instead of the spi
623: <li>Add missing case for TCP MD5 sigs in SADB_GETPROTO().
1.41 sthen 624: <li>Let <a href="http://man.openbsd.org/?query=ipsecadm&sektion=8">ipsecadm(8)</a> pass the spi for TCP signatures.
625: <li>Handle <a href="http://man.openbsd.org/?query=tftpd&sektion=8">tftpd(8)</a> tsize and timeout options. From FreeBSD, as was the RFC 2347 support.
626: <li>Add RFC 2347 "TFTP Option Extension" support to <a href="http://man.openbsd.org/?query=tftpd&sektion=8">tftpd(8)</a>. Try to ignore trailing garbage that Apple OpenFirmware can leave where an option should be.
627: <li>Make the package tools show <a href="http://man.openbsd.org/?query=strerror&sektion=3">strerror(3)</a> output when die()ing on filesystem errors.
628: <li>Allow <a href="http://man.openbsd.org/?query=pkg_delete&sektion=1">pkg_delete(1)</a> to handle removal of packages with bogus dependencies, as could be created by earlier versions of the new package tools.
1.1 deraadt 629: <!-- ^ 20040127 -->
1.41 sthen 630: <li>Major changes to <a href="http://man.openbsd.org/?query=biosboot&sektion=8&arch=i386">biosboot(8)</a> and <a href="http://man.openbsd.org/?query=installboot&sektion=8&arch=i386">installboot(8)</a>, supporting EDD (LBA) mode boots and a shift key-triggered CHS fallback mode. For an encore, remove the previous version's 64KB limit on the size of <a href="http://man.openbsd.org/?query=boot&sektion=8&arch=i386">boot(8)</a>.
631: <li>Make <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> print even an all-zeros netmask, unless the address is all-zeros too.
632: <li>Take an extra parameter to <a href="http://man.openbsd.org/?query=pthread_stackseg_np&sektion=3">pthread_stackseg_np(3)</a> to return stack info for any thread instead of just the current thread.
1.1 deraadt 633: <li>Only call destructors once on ELF architectures. Stops KDE apps moaning on shutdown.
1.41 sthen 634: <li>Since <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>, <a href="http://man.openbsd.org/?query=dhcpd&sektion=8">dhcpd(8)</a> and <a href="http://man.openbsd.org/?query=dhcrelay&sektion=8">dhcrelay(8)</a> are now using <a href="http://man.openbsd.org/?query=getifaddrs&sektion=3">getifaddrs(3)</a>, don't create the socket that used to be needed by SIOCGIFCONF.
635: <li>Have <a href="http://man.openbsd.org/?query=cardbus&sektion=4">cardbus(4)</a> dump some useful information for non PnP devices.
1.1 deraadt 636: <li>Enable TCP signatures in the GENERIC kernel.
1.41 sthen 637: <li>Initial TCP signature support for <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
638: <li>Add 802.11 datalink type support to the <a href="http://man.openbsd.org/?query=pcap&sektion=3">pcap(3)</a> library.
1.1 deraadt 639: <!-- ^ 20040126 -->
1.41 sthen 640: <li>Stop <a href="http://man.openbsd.org/?query=sd&sektion=4">sd(4)</a> blurting a bunch of Medium Not Present errors for 6-in-1 card readers.
641: <li>Fix case where <a href="http://man.openbsd.org/?query=grep&sektion=1">grep(1)</a> with the -w option could miss some lines.
642: <li>Separate <a href="http://man.openbsd.org/?query=ndp&sektion=8">ndp(8)</a> from <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> (gmt2local() was shared) before the latter begins mutation.
643: <li>Lock the <a href="http://man.openbsd.org/?query=vnode&sektion=9">vnode(9)</a> earlier in ffs_vget() to avoid unbalanced <a href="http://man.openbsd.org/?query=vrele&sektion=9">vrele(9)</a> calls.
644: <li>Have <a href="http://man.openbsd.org/?query=clri&sektion=8">clri(8)</a> use random generation numbers for the inodes it clears instead of just incrementing the old number.
645: <li>Back out the recent <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> addresses-without-slashes-are-hosts change for now.
646: <li>Add a few missing UNIX standards to the <a href="http://man.openbsd.org/?query=mdoc&sektion=7">mdoc(7)</a> St macro, and update some manpages to use them.
647: <li>In <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>, clear the non-blocking flag on the socket after connection when the ConnectTimeout option is in effect.
648: <li>Alignment fixes in <a href="http://man.openbsd.org/?query=ping6&sektion=8">ping6(8)</a> and <a href="http://man.openbsd.org/?query=traceroute6&sektion=8">traceroute6(8)</a>.
649: <li>Cleanup in <a href="http://man.openbsd.org/?query=traceroute6&sektion=8">traceroute6(8)</a>. Make sure the probe packets give very little away about the sending host.
650: <li>Some <a href="http://man.openbsd.org/?query=printf&sektion=3">*printf(3)</a> type fixes in <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a>, so very large disks don't appear to have <0 sectors.
651: <li>Allow <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> debugging to be limited to individual buses as well as specific targets and LUNs.
1.1 deraadt 652: <!-- ^ 20040125 -->
1.41 sthen 653: <li>Don't enable loud debugging for every <a href="http://man.openbsd.org/?query=ahc&sektion=4">ahc(4)</a> device by default.
654: <li>Install <a href="http://man.openbsd.org/?query=vi&sektion=1">vi(1)</a> tutorial docs.
1.1 deraadt 655: <!-- ^ 20040124 -->
1.41 sthen 656: <li>Add cradle mode support to <a href="http://man.openbsd.org/?query=xsystrace&sektion=1">xsystrace(1)</a>.
657: <li>Add an <a href="http://man.openbsd.org/?query=rc.conf&sektion=8">rc.conf(8)</a> switch for <a href="http://man.openbsd.org/?query=rpc.yppasswdd&sektion=8">rpc.yppasswdd(8)</a> and switch it off by default, instead of always running it if there's a YP directory in place.
1.1 deraadt 658: <li>New program, ifstated(8), which listens for interface state changes and runs commands when it sees them. Work in progress.
1.41 sthen 659: <li>Remove <a href="http://man.openbsd.org/?query=seteuid&sektion=2">seteuid(2)</a> and <a href="http://man.openbsd.org/?query=setuid&sektion=2">setuid(2)</a> calls from <a href="http://man.openbsd.org/?query=timedc&sektion=8">timedc(8)</a>.
660: <li>New 'cradle mode' for <a href="http://man.openbsd.org/?query=systrace&sektion=1">systrace(1)</a>.
661: <li>Add NTFS to the list of partition types that <a href="http://man.openbsd.org/?query=disklabel&sektion=8">disklabel(8)</a> has names for.
1.1 deraadt 662: <li>Now that our gcc3 has propolice, add USE_GCC3 switch (default is "No") to enable gcc3 build and install.
1.41 sthen 663: <li>Fix <a href="http://man.openbsd.org/?query=sftp&sektion=1">sftp(1)</a>'s display of long path names.
664: <li>Enable <a href="http://man.openbsd.org/?query=acss&sektion=3">acss(3)</a> support in <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>.
665: <li>Add <a href="http://man.openbsd.org/?query=acss&sektion=3">acss(3)</a> support to libcrypto, and bump the library minor version.
666: <li>Liberally sprinkle <a href="http://man.openbsd.org/?query=closefrom&sektion=2">closefrom(2)</a> where needed.
667: <li>Speed up <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> probing by not checking for impossible LUNs.
1.1 deraadt 668: <!-- ^ 20040123 -->
1.41 sthen 669: <li>Fix the @arch packing list command in <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> and <a href="http://man.openbsd.org/?query=pkg_create&sektion=1">pkg_create(1)</a>.
670: <li>Match <a href="http://man.openbsd.org/?query=compress&sektion=1">compress(1)</a> exit codes to GNU gzip, unbreaking <a href="http://man.openbsd.org/?query=perl&sektion=1">perl(1)</a>'s CPAN module.<br>
1.1 deraadt 671: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 672: <li>Stop <a href="http://man.openbsd.org/?query=mixerctl&sektion=1">mixerctl(1)</a> segfaulting on non-existent fields.
673: <li>Add a simple 802.3x printer to <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>.
674: <li>Allow <a href="http://man.openbsd.org/?query=ftp-proxy&sektion=8">ftp-proxy(8)</a> to set the outgoing address with the new -a option (PR#3538).
675: <li>In <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a>, only use <a href="http://man.openbsd.org/?query=inet_net_pton&sektion=3">inet_net_pton(3)</a> on addresses containing a '/', otherwise use <a href="http://man.openbsd.org/?query=inet_pton&sektion=3">inet_pton(3)</a> (PR#3638).
676: <li>New -S option to <a href="http://man.openbsd.org/?query=nc&sektion=1">nc(1)</a>, enabling the TCP MD5 signature option.
677: <li>Fix collapsing of multiple <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> update messages into one.
678: <li>Fix <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> state timeouts.
679: <li>As with <a href="http://man.openbsd.org/?query=sysctl&sektion=8">sysctl(8)</a>, remove the need for -w in <a href="http://man.openbsd.org/?query=mixerctl&sektion=1">mixerctl(1)</a>.
680: <li>Propolice fixes for <a href="http://man.openbsd.org/?query=gcc&sektion=1">gcc(1)</a>.
1.1 deraadt 681: <li>First propolice version of gcc3.
682: <!-- ^ 20040122 -->
1.41 sthen 683: <li>Add dynamic bufq support to <a href="http://man.openbsd.org/?query=wd&sektion=4">wd(4)</a>. Doesn't do very much for now.
1.1 deraadt 684: <li>In kernel main(), initialise timeouts much earlier.
1.41 sthen 685: <li>New <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a> configuration method, based around OpenBSD mirrors of common spammer lists.
686: <li>Cleanup and fix <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> pfsync protocol output.
687: <li>Initialise the <a href="http://man.openbsd.org/?query=sftp&sektion=1">sftp(1)</a> input file in main() rather than statically.
688: <li>Some <a href="http://man.openbsd.org/?query=strncpy&sektion=3">strncpy(3)</a> -> <a href="http://man.openbsd.org/?query=strlcpy&sektion=3">strlcpy(3)</a> in <a href="http://man.openbsd.org/?query=pcap&sektion=3">libpcap</a>
1.1 deraadt 689: <!-- ^ 20040121 -->
1.41 sthen 690: <li>Use <a href="http://man.openbsd.org/?query=_exit&sektion=2">_exit(2)</a> instead of <a href="http://man.openbsd.org/?query=exit&sektion=3">exit(3)</a> from <a href="http://man.openbsd.org/?query=abort&sektion=3">abort(3)</a> so stdio buffers don't get flushed twice.
1.1 deraadt 691: <li>Support Intel 852/855/865 AGP chipsets on i386. From NetBSD.
1.41 sthen 692: <li>Don't set a fake baud rate for <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> interfaces.
693: <li>Only read in as many digits as can legally fit into a field in <a href="http://man.openbsd.org/?query=strptime&sektion=3">strptime(3)</a>. From NetBSD.<br>
1.1 deraadt 694: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 695: <li>Add some delay when reading the address off <a href="http://man.openbsd.org/?query=fxp&sektion=4">fxp(4)</a> eeproms, otherwise the result may be garbage.
696: <li>Actually use the RPC program name cache in <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> since we've gone and allocated space for it.
1.1 deraadt 697: <li>Import some chunks of ffs2 support from FreeBSD.
1.41 sthen 698: <li>Have <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> ignore pfsync protocol packets if the interface is not running.
1.1 deraadt 699: <!-- ^ 20040120 -->
1.41 sthen 700: <li>Fix a few <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> memory leaks.
701: <li>Fix <a href="http://man.openbsd.org/?query=grep&sektion=1">grep(1)</a>'s -b option.
702: <li>Fix a missing <a href="http://man.openbsd.org/?query=malloc&sektion=3">malloc(3)</a> error check in <a href="http://man.openbsd.org/?query=syslogd&sektion=8">syslogd(8)</a>.
703: <li>New user _tcpdump for upcoming privsep of, uh, <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>.
704: <li>Avoid half-open deadlock in <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> (OpenSSH bugzilla #790).
705: <li>Some sane defaults for <a href="http://man.openbsd.org/?query=afsd.conf&sektion=5">afsd.conf(5)</a> and <a href="http://man.openbsd.org/?query=ThisCell&sektion=5">ThisCell(5)</a>.
706: <li>Update <a href="http://man.openbsd.org/?query=sendmail&sektion=8">sendmail(8)</a> to 8.12.11.
1.1 deraadt 707: <!-- ^ 20040119 -->
708: <li>Throw away #ifdef spaghetti from XFS filesystem code, and enable it in GENERIC.
1.41 sthen 709: <li>Remove a double htons() in <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a>.
1.1 deraadt 710: <li>Unbreak '*grep -w -l'.
1.41 sthen 711: <li>Fix a missing initialisation in <a href="http://man.openbsd.org/?query=grep&sektion=1">grep(1)</a>.
712: <li>Sync <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> DNS display with tcpdump.org to avoid problems with bogus DNS packets.
713: <li>Allow <a href="http://man.openbsd.org/?query=pflogd&sektion=8">pflogd(8)</a> to create (safely) its log file if none exists.
714: <li>Have <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> send RTM_IFINFO routing messages on interface state changes.
715: <li>Prep <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a> for surgery, under src/sbin/dhclient.
1.1 deraadt 716: <!-- ^ 20040118 -->
1.41 sthen 717: <li>Have <a href="http://man.openbsd.org/?query=rsh&sektion=1">rsh(1)</a> run <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> instead of <a href="http://man.openbsd.org/?query=rlogin&sektion=1">rlogin(1)</a> or <a href="http://man.openbsd.org/?query=telnet&sektion=1">telnet(1)</a> when run without a remote command.
1.1 deraadt 718: <li>Add a bunch of new DNS RR types to <arpa/nameser.h>.
1.41 sthen 719: <li>Remove Kerberos IV code from <a href="http://man.openbsd.org/?query=rsh&sektion=1">rsh(1)</a>.
720: <li>Major stability improvements to <a href="http://man.openbsd.org/?query=ahc&sektion=4">ahc(4)</a>.
1.1 deraadt 721: <!-- ^ 20040117 -->
1.41 sthen 722: <li>Fix a typo causing a null deref in <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> IPv6 tcp scrubbing.
723: <li>New -v option to <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> to log successful completion of Phase 1 and 2 exchanges.
724: <li>Sync <a href="http://man.openbsd.org/?query=mrouted&sektion=8">mrouted(8)</a> with changes to the raw sockets API affecting packet length.
1.1 deraadt 725: <li>Fix a string bug and a double free in the PEX font parser.
726: <!-- ^ 20030116 -->
727: <li>Import libobjc from GCC 3.3.2.
728: <li>Move libobjc out of the GCC directory and into src/gnu/lib/libobjc.
1.41 sthen 729: <li>In <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> check that an IKE header is long enough before trying to display it.
730: <li>Add a pthreads version of <a href="http://man.openbsd.org/?query=closefrom&sektion=2">closefrom(2)</a>.
731: <li>Remove autoconf stuff from the in-tree <a href="http://man.openbsd.org/?query=sudo&sektion=8">sudo(8)</a>.
732: <li>Fix an early-free bug in <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a> that was breaking compile-goto-error.
733: <li>Make <a href="http://man.openbsd.org/?query=pflogd&sektion=8">pflogd(8)</a> less likely to cause logfile corruption on unexpected shutdowns, and more able to detect and deal sensibly with corrupted files on startup.
734: <li>Synchronise <a href="http://man.openbsd.org/?query=pflogd&sektion=8">pflogd(8)</a> with the newly privilege-separated <a href="http://man.openbsd.org/?query=syslogd&sektion=8">syslogd(8)</a>.
735: <li>Unbreak <a href="http://man.openbsd.org/?query=awk&sektion=1">awk(1)</a>'s maketab.c after recent <a href="http://man.openbsd.org/?query=yacc&sektion=1">yacc(1)</a> header file generation changes.
736: <li>Temporarily work around alpha and sparc64 breakage caused by the recent <a href="http://man.openbsd.org/?query=sigaltstack&sektion=2">sigaltstack(2)</a> ABI change.
737: <li>Teach <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> about TCP signatures.
738: <li>Some <a href="http://man.openbsd.org/?query=printf&sektion=3">*printf(3)</a> type cleanup in <a href="http://man.openbsd.org/?query=httpd&sektion=8">httpd(8)</a>.
739: <li>Support RTM_IFANNOUNCE messages in <a href="http://man.openbsd.org/?query=route&sektion=8">route(8)</a>'s monitor command.
740: <li>Add TCP signature stats display to <a href="http://man.openbsd.org/?query=netstat&sektion=1">netstat(1)</a>.
741: <li>Add TCP MD5 signature support to <a href="http://man.openbsd.org/?query=ipsecadm&sektion=8">ipsecadm(8)</a>.
1.1 deraadt 742: <li>In syncache, defer updating the mss until the 3-way handshake is completed.
743: <!-- ^ 20040115 -->
1.41 sthen 744: <li>Use a <a href="http://man.openbsd.org/?query=pool&sektion=9">pool(9)</a> instead of <a href="http://man.openbsd.org/?query=malloc&sektion=9">malloc(9)</a> for file locking structures. From NetBSD.
1.1 deraadt 745: <li>Add syncache and IPv6 support to the resurrected TCP signature code.
1.41 sthen 746: <li>In <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a>, remove the predefined 'special' altq IDs, so all qids look alike.
1.1 deraadt 747: <li>Change the type of sigaltstack.ss_size from int to size_t. Rename old syscall to osigaltstack() for compatibility.
1.41 sthen 748: <li>Remove extra 'sleep 1' from <a href="http://man.openbsd.org/?query=netstart&sektion=8">netstart(8)</a> when doing IPv6 DAD.
749: <li>Preliminary <a href="http://man.openbsd.org/?query=gcc&sektion=1">gcc(1)</a> support for ARM.
750: <li>Have <a href="http://man.openbsd.org/?query=nm&sektion=1">nm(1)</a> fall back to using <a href="http://man.openbsd.org/?query=pread&sektion=2">pread(2)</a> if <a href="http://man.openbsd.org/?query=mmap&sektion=2">mmap(2)</a> fails, as it does for /dev/ksyms.
751: <li>Don't issue Test Unit Ready to <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> devices until we've checked that 'don't issue Test Unit Ready' quirk isn't needed.
752: <li>Revamp <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> LUN quirks handling.
1.1 deraadt 753: <!-- ^ 20040114 -->
1.41 sthen 754: <li>Use the right type when checking the magic number in <a href="http://man.openbsd.org/?query=savecore&sektion=8">savecore(8)</a>.
755: <li><a href="http://man.openbsd.org/?query=printf&sektion=3">printf(3)</a> integer type cleanup in <a href="http://man.openbsd.org/?query=netstat&sektion=1">netstat(1)</a>.
756: <li>Correct a use-after-free in <a href="http://man.openbsd.org/?query=cvs&sektion=1">cvs(1)</a>, fixing a coredump when the user hits ^C.
757: <li>Fix <a href="http://man.openbsd.org/?query=authpf&sektion=8">authpf(8)</a> ruleset names that contain the username (PR#3627).
758: <li>'=' != '==' in <a href="http://man.openbsd.org/?query=fsck&sektion=8">fsck(8)</a>.
1.1 deraadt 759: <li>Let <ctype.h> compile on non-gcc compilers.
760: <li>Reintroduce old TCP MD5 signature (RFC 2385) code from 4.5 years ago, hopefully with a reduced likelihood of kernel borkage.
1.41 sthen 761: <li>Improvements to <a href="http://man.openbsd.org/?query=sftp&sektion=1">sftp(1)</a> batch mode: Allow batchfile input from stdin, and remove stderr junk (OpenSSH bugzilla #754).
762: <li>Add IPv6 loopback routes and allow connection to the <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> shared IPv6 address from the MASTER host, like for IPv4.
763: <li>Fix a signed buffer length variable in <a href="http://man.openbsd.org/?query=syslogd&sektion=8">syslogd(8)</a>.
764: <li>Build local <a href="http://man.openbsd.org/?query=nm&sektion=1">nm(1)</a> and <a href="http://man.openbsd.org/?query=size&sektion=1">size(1)</a> instead of those from binutils.
765: <li>Allow <a href="http://man.openbsd.org/?query=ifconfig&sektion=8">ifconfig(8)</a> to show all interfaces of a given type by giving it a device without a unit number, e.g. 'ifconfig vlan'.
766: <li>Respect the quiet flag in <a href="http://man.openbsd.org/?query=newfs&sektion=8">newfs(8)</a> and don't spew cpg warnings.
1.1 deraadt 767: <!-- ^ 20040113 -->
1.41 sthen 768: <li>Change /dev/utty[0-9a-f] entries <a href="http://man.openbsd.org/?query=ucom&sektion=4">ucom(4)</a> to /dev/ttyU[0-9a-zA-Z]
769: <li>In <a href="http://man.openbsd.org/?query=syslogc&sektion=8">syslogc(8)</a>, don't re-terminate a string after <a href="http://man.openbsd.org/?query=strlcat&sektion=3">strlcat(3)</a>.
770: <li>Sync <a href="http://man.openbsd.org/?query=pf.os&sektion=5">pf.os(5)</a> with the current <a href="http://lcamtuf.coredump.cx/">p0f</a> development snapshot.
771: <li>A little string cleaning and extra error checking in <a href="http://man.openbsd.org/?query=swapctl&sektion=8">swapctl(8)</a>.
1.1 deraadt 772: <li>Make shared C++ binary linking consistent between GCC 2.95 and GCC 3.
1.41 sthen 773: <li>Stop g++(1) adding '-lm -lstdc++' when -shared is present, consistent with <a href="http://man.openbsd.org/?query=gcc&sektion=1">gcc(1)</a>.
774: <li>Use <a href="http://man.openbsd.org/?query=closefrom&sektion=2">closefrom(2)</a> instead of looping up to the fd rlimit in <a href="http://man.openbsd.org/?query=sudo&sektion=8">sudo(8)</a>. From sudo CVS.
775: <li>Fix up and install the <a href="http://man.openbsd.org/?query=vi&sektion=1">vi(1)</a> USD docs.
776: <li>New system call <a href="http://man.openbsd.org/?query=closefrom&sektion=2">closefrom(2)</a>, which closes all descriptors greater than or equal to the given fd. Bump libc and libpthread minor version.
777: <li>Have <a href="http://man.openbsd.org/?query=tun&sektion=4">tun(4)</a> use klist_invalidate() so ifconfig destroy can work with <a href="http://man.openbsd.org/?query=kqueue&sektion=2">kqueue(2)</a> enabled.
778: <li>Add klist_invalidate() function in <a href="http://man.openbsd.org/?query=kqueue&sektion=2">kqueue(2)</a> to clean up when the event source goes away.
779: <li>Replace some hairy string code with a single <a href="http://man.openbsd.org/?query=asprintf&sektion=3">asprintf(3)</a> in <a href="http://man.openbsd.org/?query=sup&sektion=1">sup(1)</a>.
1.1 deraadt 780: <!-- ^ 20040112 -->
1.41 sthen 781: <li>Remove some portable-only #ifdef code around <a href="http://man.openbsd.org/?query=openpty&sektion=3">openpty(3)</a> in <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>.
782: <li>In <a href="http://man.openbsd.org/?query=sysctl&sektion=8">sysctl(8)</a>, making an assignment by using '=' no longer requires a totally redundant -w option.
783: <li>Remove ugly spaces from <a href="http://man.openbsd.org/?query=sysctl&sektion=8">sysctl(8)</a> 'var=value' output.
784: <li>Sync the installer script with recent <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a> changes.
785: <li>Add IPv4 loopback routes much later in <a href="http://man.openbsd.org/?query=netstart&sektion=8">netstart(8)</a>.
786: <li>Make <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a> listen to the routing socket, and quit if anyone downs the interface or deletes an addresses. <!-- 'goto die' for exit on address addition is commented out -->
787: <li>Have <a href="http://man.openbsd.org/?query=dhclient-script&sektion=8">dhclient-script(8)</a> preserve a preexisting <a href="http://man.openbsd.org/?query=resolv.conf&sektion=5">resolv.conf(5)</a> and restore it when exiting.
1.1 deraadt 788: <li>Add a missing forward declaration of struct proc in <sys/rwlock.h>.
789: <!-- ^ 20040111 -->
1.41 sthen 790: <li>Remove code in <a href="http://man.openbsd.org/?query=auth_clean&sektion=3">auth_clean(3)</a> that cleared the options list, since <a href="http://man.openbsd.org/?query=login&sektion=1">login(1)</a> depends on it leaving them alone.
791: <li>Print only valid sense info in <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a>.
792: <li>Correctly a missing bonus points for completed rows bug in <a href="http://man.openbsd.org/?query=tetris&sektion=6">tetris(6)</a>.
1.1 deraadt 793: <!-- ^ 20040110 -->
1.41 sthen 794: <li>Stop <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> screwing up the terminal by printing non-printable timed protocol hostnames.
795: <li>Add a missing initialisation in <a href="http://man.openbsd.org/?query=kvm_open&sektion=3">kvm_open(3)</a>.
1.1 deraadt 796: <li>Reduce the TCP MSS lower bound to 256-(minimal TCP header size) = 216 bytes.
797: <li>Don't restrict RFC 2385 TCP signature keys to ASCII-only.
798: <li>Fix a memory leak when detaching an Ethernet interface.
1.41 sthen 799: <li>In <a href="http://man.openbsd.org/?query=netstart&sektion=8">netstart(8)</a> create all routes with the new improved -q option.
800: <li>Make <a href="http://man.openbsd.org/?query=route&sektion=8">route(8)</a>'s -q option really quiet.
1.1 deraadt 801: <li>Back out the storing of parent vnodes, due to exploding ports.
1.41 sthen 802: <li>Have <a href="http://man.openbsd.org/?query=sysctl&sektion=8">sysctl(8)</a> politely tell the user that the tool of choice for viewing a list of processes is <a href="http://man.openbsd.org/?query=ps&sektion=1">ps(1)</a>.
1.1 deraadt 803: <!-- ^ 20040109 -->
1.41 sthen 804: <li>Carefully work around time_t != long in <a href="http://man.openbsd.org/?query=gdb&sektion=1">gdb(1)</a>.
805: <li>Crucially, adjust <a href="http://man.openbsd.org/?query=worms&sektion=6">worms(6)</a>' delay based on the terminal speed.
806: <li>Types cleanup in <a href="http://man.openbsd.org/?query=jot&sektion=1">jot(1)</a>. Mostly from FreeBSD.
807: <li>Convert <a href="http://man.openbsd.org/?query=fstat&sektion=1">fstat(1)</a>, <a href="http://man.openbsd.org/?query=ps&sektion=1">ps(1)</a>, <a href="http://man.openbsd.org/?query=systat&sektion=1">systat(1)</a>, <a href="http://man.openbsd.org/?query=top&sektion=1">top(1)</a> and <a href="http://man.openbsd.org/?query=w&sektion=1">w(1)</a> to use the new <a href="http://man.openbsd.org/?query=kvm_getproc2&sektion=3">kvm_getproc2(3)</a> interface.
1.1 deraadt 808: <li>Make ELF architectures handle constructors and destructors the way the ELF spec says they should.
1.41 sthen 809: <li>Sync <a href="http://man.openbsd.org/?query=sensorsd&sektion=8">sensorsd(8)</a>'s notion of zero Kelvin with that in the kernel.
810: <li>Fix a typo in <a href="http://man.openbsd.org/?query=ndp&sektion=8">ndp(8)</a> affecting the -s (set entry) option.
1.1 deraadt 811: <!-- ^ 20040108 -->
1.41 sthen 812: <li>Fix a busted <a href="http://man.openbsd.org/?query=mkdtemp&sektion=3">mkdtemp(3)</a> return value check in binutils.
813: <li>Use proper uid_t and gid_t types in <a href="http://man.openbsd.org/?query=id&sektion=1">id(1)</a>.
814: <li>New -e option to <a href="http://man.openbsd.org/?query=systrace&sektion=1">systrace(1)</a>, which sends logs to stderr instead of syslog.
1.1 deraadt 815: <li>Promote dirhash to the GENERIC big time.
816: <li>Increase the TCP MSS lower bound from 64 to 256 bytes.
1.41 sthen 817: <li><a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a>ify dirhash, under vfs.ffs.dirhash_*.
818: <li>Plug an interface address memory leak in <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a>.
819: <li>Stop <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> returning EINVAL for KERN_PROC_KTHREAD.
820: <li>Logic fixes in <a href="http://man.openbsd.org/?query=diff3&sektion=1">diff3(1)</a> where one file has changes but the other does not.
821: <li>Some <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> probe cleanups and fixes, inspired by NetBSD.
822: <li>Implement the truly wonderful -p option for <a href="http://man.openbsd.org/?query=diff&sektion=1">diff(1)</a>.
823: <li>Fix an i386 crash in the <a href="http://man.openbsd.org/?query=ahc&sektion=4">ahc(4)</a> device probe (PR#3630).
824: <li>Add a field for the emulation type in the struct returned by the KERN_PROC2 <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a>.
825: <li>Switch <a href="http://man.openbsd.org/?query=pkill&sektion=1">pkill(1)</a> and <a href="http://man.openbsd.org/?query=pgrep&sektion=1">pgrep(1)</a> to <a href="http://man.openbsd.org/?query=kvm_getproc2&sektion=3">kvm_getproc2(3)</a>, and so enable the -s option to work.
826: <li>Add <a href="http://man.openbsd.org/?query=kvm_getproc2&sektion=3">kvm_get{argv,envv,proc}2(3)</a> using KERN_PROC2. Based on NetBSD.
827: <li>Implement the KERN_PROC2 <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a>, allowing <a href="http://man.openbsd.org/?query=ps&sektion=1">ps(1)</a> etc. to be independent of changes to process-related kernel structures. From NetBSD.
828: <li>On i386, sync <a href="http://man.openbsd.org/?query=fdisk&sektion=8&arch=i386">fdisk(8)</a>'s built-in MBR image with the recent changes.
1.1 deraadt 829: <li>Import generic IEEE 802.11 interface framework from NetBSD.
830: <!-- ^ 20040107 -->
1.41 sthen 831: <li>Have <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> do as non-pf udp_input() does, and drop UDP packets with destination port zero, or with zero or oversize payload.
832: <li>Import <a href="http://man.openbsd.org/?query=pkill&sektion=1">pkill(1)</a> and <a href="http://man.openbsd.org/?query=pgrep&sektion=1">pgrep(1)</a> from NetBSD. Selecting by session ID (-s option) doesn't work yet.
833: <li>Fix signal handling in the case of an error in <a href="http://man.openbsd.org/?query=inetd&sektion=8">inetd(8)</a>'s config file.
834: <li>Import SYN cache code to deflect SYN flood attacks, controlled with <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a>s net.inet.tcp.syncachelimit and net.inet.tcp.synbucketlimit. From NetBSD, based on <a href="http://www.kohala.com/start/borman.97jun06.txt">work</a> by David Borman.
835: <li>Unbreak ifconfig destroy on <a href="http://man.openbsd.org/?query=vlan&sektion=4">vlan(4)</a> interfaces when MROUTING is defined.
836: <li>In <a href="http://man.openbsd.org/?query=yacc&sektion=1">yacc(1)</a>, make sure extern YYSTYPE doesn't get #ifdef'd out when generating a .h file.
1.1 deraadt 837: <li>Keep track of parent vnodes on ufs filesystems, this will be needed soon.
838: <li>Add some rwlocks around kernel file descriptor code, avoiding some rare race conditions.
839: <!-- ^ 20040106 -->
1.41 sthen 840: <li>Don't allow a <a href="http://man.openbsd.org/?query=tun&sektion=4">tun(4)</a> cloner interface to be destroyed if there are any outstanding <a href="http://man.openbsd.org/?query=knote&sektion=9">knote(9)</a>s.
841: <li>Fix a few <a href="http://man.openbsd.org/?query=strlcpy&sektion=3">strlcpy(3)</a> off-by-ones in <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a>.
842: <li>New -F flag for <a href="http://man.openbsd.org/?query=rtsold&sektion=8">rtsold(8)</a>, which automagically sets the inet6 <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> values it needs. Useful for boot floppies.
843: <li>Support NOTE_EOF for <a href="http://man.openbsd.org/?query=kqueue&sektion=2">kqueue(2)</a> read events.
844: <li>Some string and memory leak cleanup in <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>. Still work in progress.
1.1 deraadt 845: <li>Merge in libstdc++ (gcc 3.3.2) for gcc3.
1.41 sthen 846: <li>Only prevent the removal of removable <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> devices.
847: <li>Merge <a href="http://man.openbsd.org/?query=nm&sektion=1">nm(1)</a> with <a href="http://man.openbsd.org/?query=size&sektion=1">size(1)</a> under src/usr.bin/nm.
848: <li>Teach <a href="http://man.openbsd.org/?query=nm&sektion=1">nm(1)</a> all about ELF.
849: <li>Really stop the compiler optimising away <a href="http://man.openbsd.org/?query=memset&sektion=3">memset(3)</a> calls used to zero sensitive data in <a href="http://man.openbsd.org/?query=sudo&sektion=8">sudo(8)</a>. From sudo CVS.
1.1 deraadt 850: <li>Major changes to the i386 master boot record, which now uses EDD if available to support booting from a partition more than 8GB from the start of the disk. The 8GB size limit is still in place.
851: <!-- ^ 20040105 -->
1.41 sthen 852: <li>Begin a cleanup of <a href="http://man.openbsd.org/?query=config&sektion=8">config(8)</a>.
853: <li>Don't ignore the '!' operator on the interface for <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> binat rules.
854: <li>Implement buffered logging in <a href="http://man.openbsd.org/?query=syslogd&sektion=8">syslogd(8)</a>. Logs may be stored in a ring buffer and extracted using a client such as the new <a href="http://man.openbsd.org/?query=syslogc&sektion=8">syslogc(8)</a>.
855: <li>Add option INET6, <a href="http://man.openbsd.org/?query=rtsol&sektion=8">rtsol(8)</a> and <a href="http://man.openbsd.org/?query=ping6&sektion=8">ping6(8)</a> onto boot floppies/CD images where it will fit.
1.1 deraadt 856: <!-- ^ 20040104 -->
1.41 sthen 857: <li>Work continues on <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
858: <li>Use <a href="http://man.openbsd.org/?query=fgets&sektion=3">fgets(3)</a> instead of <a href="http://man.openbsd.org/?query=fgetln&sektion=3">fgetln(3)</a> in <a href="http://man.openbsd.org/?query=user&sektion=8">user(8)</a>, killing a sparc64 bus error along the way.
859: <li><font color="#e00000"><strong>SECURITY FIX: Several message handling flaws in <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs.</strong></font><br>
1.1 deraadt 860: <a href="errata34.html#isamkpd">A source code patch is available</a>.<br>
861: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 862: <li>In <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> only allow an INITIAL-CONTACT when a main-mode SA is in place, and never delete SPIs based on it.<br>
1.1 deraadt 863: <li>gcc3 handles varargs differently, change the kernel sources to deal with it.
1.41 sthen 864: <li>Some <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a>-related fixes to <a href="http://man.openbsd.org/?query=select&sektion=2">select(2)</a> under pthreads. From FreeBSD.
865: <li>Fix <a href="http://man.openbsd.org/?query=objcopy&sektion=1">objcopy(1)</a>'s long options list, unbreaking <a href="http://man.openbsd.org/?query=strip&sektion=1">strip(1)</a>'s -s option and others (PR#3623).<br>
1.1 deraadt 866: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 867: <li>Don't create a pid file for <a href="http://man.openbsd.org/?query=rtsold&sektion=8">rtsold(8)</a>.
868: <li>If the <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> error code is unknown, at least show the code we didn't have a message for.
1.1 deraadt 869: <!-- ^ 20040103 -->
1.41 sthen 870: <li>Use a memory <a href="http://man.openbsd.org/?query=pool&sektion=9">pool(9)</a> instead of <a href="http://man.openbsd.org/?query=MALLOC&sektion=9">MALLOC(9)</a> for inet and inet6 PCBs. From NetBSD five years ago.
871: <li>Recognise and handle a few more <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> reset conditions.
1.47 tj 872: <li>Bring the <a href="http://man.openbsd.org/?query=scsi&sektion=4">scsi(4)</a> error description list up to date with SCSI-3.
1.41 sthen 873: <li>Add <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> control program <a href="http://man.openbsd.org/?query=bgpctl&sektion=8">bgpctl(8)</a>.
1.1 deraadt 874: <!-- ^ 20040102 -->
875: <li>For i386 only, incread SHMMAXPGS from 2048 to 8192.
876: <li>In the all-architectures kernel config, bump SHMMNI from 32 to 128, and SHMSEG from 8 to 128.
1.41 sthen 877: <li>If <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> fails in the postinstall script, record the package as a borked install instead of dying with a bunch of unregistered files all over the place.
878: <li>In libpthread, make <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a>, <a href="http://man.openbsd.org/?query=readv&sektion=2">readv(2)</a> and <a href="http://man.openbsd.org/?query=writev&sektion=2">writev(2)</a> cancellation points too.
1.1 deraadt 879: <!-- ^ 20040101 -->
1.41 sthen 880: <li>Undefer and handle pending signals in all code paths of <a href="http://man.openbsd.org/?query=pthread_join&sektion=3">pthread_join(3)</a>.
1.1 deraadt 881: <li>On i386, stop the FPU exception tests hanging amd64 and new Transmeta CPUs.
1.41 sthen 882: <li>Have <a href="http://man.openbsd.org/?query=xdm&sektion=1">xdm(1)</a>'s Xsession script reap the SSH agent on session shutdown even if the user has a ~/.xsession file.
883: <li>Make 'vi -r foo' work the way the <a href="http://man.openbsd.org/?query=vi&sektion=1">vi(1)</a> manpage says it should instead of dying.
1.48 tb 884: <li>Many improvements to network interface handling in <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a>. See the <a href="https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf.c#rev1.414">commit log</a> for details.
1.41 sthen 885: <li>Add <a href="http://man.openbsd.org/?query=svc_getreq_poll&sektion=3">svc_getreq_poll(3)</a> and switch libc RPC code to use its <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a> interface instead of <a href="http://man.openbsd.org/?query=select&sektion=2">select(2)</a>.
886: <li>Have <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> properly ignore an (unupported) SSH2 password change request and the suggested new password.
887: <li>Change <a href="http://man.openbsd.org/?query=wait4&sektion=2">wait4(2)</a>'s prototype to take a pid_t instead of an int for the first argument, like the manpage says.
1.1 deraadt 888: <!-- ^ 20031231 -->
1.41 sthen 889: <li>Define _FFR_DEAL_WITH_ERROR_SSL to stop SSL errors sending <a href="http://man.openbsd.org/?query=sendmail&sektion=8">sendmail(8)</a> into an endless loop.
890: <li>Don't do <a href="http://man.openbsd.org/?query=TAILQ_REMOVE&sektion=3">TAILQ_REMOVE(3)</a> while inside a TAILQ_FOREACH loop in <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a>.
1.1 deraadt 891: <!-- ^ 20031230 -->
1.41 sthen 892: <li>As system startup, run vi.recover after <a href="http://man.openbsd.org/?query=ldconfig&sektion=8">ldconfig(8)</a> so that <a href="http://man.openbsd.org/?query=perl&sektion=1">perl(1)</a> and the MTA can find their shared libraries.
893: <li>Convert <a href="http://man.openbsd.org/?query=syslogd&sektion=8">syslogd(8)</a> to use <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a> instead of <a href="http://man.openbsd.org/?query=select&sektion=2">select(2)</a> in its main event loop.
894: <li>Once <a href="http://man.openbsd.org/?query=grep&sektion=1">grep(1)</a> and friends have identified a file as binary, seek back to the beginning before continuing.
895: <li>Unbreak <a href="http://man.openbsd.org/?query=zgrep&sektion=1">zgrep(1)</a> when the uncompressed file begins with a newline.
896: <li>In <a href="http://man.openbsd.org/?query=disklabel&sektion=8">disklabel(8)</a> add new size unit types '%' and '&' to specify, respectively, percentage of disk size and percentage of remaining disk space.
897: <li>Allow a precision (-p option) of zero in <a href="http://man.openbsd.org/?query=jot&sektion=1">jot(1)</a>.
1.1 deraadt 898: <li>On i386, properly recognise SiS CPUs.
1.41 sthen 899: <li>Hack around a reentrancy bug in the <a href="http://man.openbsd.org/?query=cvs&sektion=1">cvs(1)</a> server's abnormal exit handler.
900: <li>Allocate what's required for an identifier in <a href="http://man.openbsd.org/?query=config&sektion=8">config(8)</a> instead of an arbitrary 500-byte buffer (PR#3614).
1.1 deraadt 901: <li>Stop libcurses++ fooling with libstdc++ internals so it compiles under gcc3.
902: <!-- ^ 20031229 -->
1.41 sthen 903: <li>Add -4 and -6 options to <a href="http://man.openbsd.org/?query=telnet&sektion=1">telnet(1)</a> for IPv4- and IPv6-only operation (PR#1974).
904: <li>Tag <a href="http://man.openbsd.org/?query=ahc&sektion=4">ahc(4)</a> I/O operations requeued as a result of aborts, timeouts etc. so that they're not treated as successfully completed operations.
905: <li>Update <a href="http://man.openbsd.org/?query=security&sektion=8">security(8)</a> after the recent <a href="http://man.openbsd.org/?query=join&sektion=1">join(1)</a> change prompted by PR#2208.
906: <li>Make <a href="http://man.openbsd.org/?query=join&sektion=1">join(1)</a> more POSIX for non-matching lines (PR#2208).
907: <li>Add dirhash feature from FreeBSD, which uses an in-memory hash table for lookups in large directories. Not enabled by default yet. See UFS_DIRHASH in <a href="http://man.openbsd.org/?query=options&sektion=4">options(4)</a>.
908: <li>Extend the <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> protocol to allow a peer to query for complete state information should it receive an update for a state it knows nothing about.
909: <li>Check for oversize allocations earlier in kernel <a href="http://man.openbsd.org/?query=malloc&sektion=9">malloc(9)</a>.
910: <li>Fix some peculiar macro token pasting in <a href="http://man.openbsd.org/?query=fvwm&sektion=1">fvwm(1)</a>.
1.1 deraadt 911: <li>Properly initialise the C++ constructor and destructor lists for ELF, killing a gcc3 warning in libstdc++.
1.41 sthen 912: <li>In <a href="http://man.openbsd.org/?query=huntd&sektion=6">huntd(6)</a>, stop doing <a href="http://man.openbsd.org/?query=va_end&sektion=3">va_end(3)</a> on the varargs format string.
1.1 deraadt 913: <!-- ^ 20031228 -->
1.41 sthen 914: <li>Add a missing zero-fill before contructing <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> output in <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>.
915: <li>Fix a couple of bugs with negative values in <a href="http://man.openbsd.org/?query=fmt_scaled&sektion=3">fmt_scaled(3)</a>, and don't print fractions of bytes.
1.1 deraadt 916: <!-- ^ 20031227 -->
1.41 sthen 917: <li>Overhaul <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>'s error handling and logging.
918: <li>Allow an 'arch' annotation to be stored within packages by <a href="http://man.openbsd.org/?query=pkg_create&sektion=1">pkg_create(1)</a>.
919: <li>Have <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> report on the amount of space used on each filesystem.
920: <li>In <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>, treat localhost network 127/8 as if it were a connected network and don't allow it to be deleted.
921: <li>Halve the amount of space allocated for AES in <a href="http://man.openbsd.org/?query=ipsec&sektion=4">ipsec(4)</a> by making the contexts encryption- or decryption-specific.
922: <li>Enable nexthop verification in <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
1.1 deraadt 923: <!-- ^ 20031226 -->
1.41 sthen 924: <li>On m68k, m88k, sparc, sparc64 and vax, fix a signed comparison bug in <a href="http://man.openbsd.org/?query=brk&sektion=2">brk(2)</a>.<br>
1.1 deraadt 925: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
926: <li>Update libiberty to that from binutils-2.14.
1.41 sthen 927: <li>Add passive mode (no TCP connection to the peer) to <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a>.
1.1 deraadt 928: <!-- ^ 20031225 -->
1.41 sthen 929: <li>Huge sync of <a href="http://man.openbsd.org/?query=ahc&sektion=4">ahc(4)</a> to NetBSD, which in turn is sync'd to FreeBSD. Many bugs fixed, several left to fix.
930: <li>Connect <a href="http://man.openbsd.org/?query=bgpd&sektion=8">bgpd(8)</a> to the build, along with an example <a href="http://man.openbsd.org/?query=bgpd.conf&sektion=5">bgpd.conf(5)</a> file. Lots of work still needed.
1.1 deraadt 931: <li>Let the pkg_* tools' new virtual filesystem to cope with mount points with no options, e.g. AFS.
1.41 sthen 932: <li>Enable hw.cpuspeed <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> on macppc.
1.1 deraadt 933: <!-- ^ 20031224 -->
1.41 sthen 934: <li>Add stubs for <a href="http://man.openbsd.org/?query=pthread_setconcurrency&sektion=3">pthread_[gs]etconcurrency(3)</a>. From FreeBSD.
935: <li>Fix a descriptor leak in libpthread when doing <a href="http://man.openbsd.org/?query=close&sektion=2">close(2)</a> on fds 0,1 or 2. Based on a fix in FreeBSD, but implemented differently.
936: <li>In libpthread, make <a href="http://man.openbsd.org/?query=accept&sektion=2">accept(2)</a>, <a href="http://man.openbsd.org/?query=connect&sektion=2">connect(2)</a>, <a href="http://man.openbsd.org/?query=recvfrom&sektion=2">recvfrom(2)</a>, <a href="http://man.openbsd.org/?query=recvmsg&sektion=2">recvmsg(2)</a>, <a href="http://man.openbsd.org/?query=sendmsg&sektion=2">sendmsg(2)</a> and <a href="http://man.openbsd.org/?query=sendto&sektion=2">sendto(2)</a> cancellation points as required by POSIX.1-2001. From FreeBSD.
937: <li>Deallocate <a href="http://man.openbsd.org/?query=xl&sektion=4">xl(4)</a> resources on attach failures.
938: <li>Enable bus mastering on <a href="http://man.openbsd.org/?query=fxp&sektion=4">fxp(4)</a>. Oh yes.
939: <li>New <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a> option KerberosGetAFSToken.
940: <li>Have <a href="http://man.openbsd.org/?query=ifconfig&sektion=8">ifconfig(8)</a> automagically create network pseudo-interfaces.
1.1 deraadt 941: <li>Mercifully, turn the non-monotonic time warning off #ifndef DEBUG.
1.41 sthen 942: <li>Initialise the <a href="http://man.openbsd.org/?query=url&sektion=4">url(4)</a> MAC address properly (PR#3612).
943: <li>When <a href="http://man.openbsd.org/?query=sudo&sektion=8">sudo(8)</a> is run with -k or -K only complain about missing usernames to stderr and don't log anything, since we may be running in a .logout script at shutdown and the YP etc. daemon may have gone away.
1.1 deraadt 944: <!-- ^ 20031223 -->
1.41 sthen 945: <li>Fix a remotely exploitable crasher in <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>'s l2tp parser (PR#3610).<br>
1.1 deraadt 946: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 947: <li>Properly clean up 3DES cipher contexts in <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>.
948: <li>Make sure a signal handler-modified variable in <a href="http://man.openbsd.org/?query=sensorsd&sektion=8">sensorsd(8)</a> is typed as volatile sig_atomic_t.
949: <li>In <a href="http://man.openbsd.org/?query=wsmoused&sektion=8&arch=i386">wsmoused(8)</a> (and bgpd) don't set up a handler for SIGKILL since that signal isn't passed to the process at all ever.
950: <li>Fix a pasto (from the recent source-tracking additions) in the implementation of <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> DIOCSTART.
1.1 deraadt 951: <li>Fix end-of-tape handling under pthreads. Fix from FreeBSD PR#56274, including the fix to the fix in FreeBSD PR#59291.
952: <!-- ^ 20031222 -->
1.41 sthen 953: <li>Use a virtual filesystem in <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> and <a href="http://man.openbsd.org/?query=pkg_delete&sektion=1">pkg_delete(1)</a> so they can test for available space and writeability before attempting to do the real operations.
1.1 deraadt 954: <li>Much work on the new bgpd.
1.41 sthen 955: <li>Remove the recursive format string option '%:' from kernel <a href="http://man.openbsd.org/?query=printf&sektion=9">printf(9)</a>.
1.1 deraadt 956: <li>Change in*_pcbnotify() to return the number of matches.
957: <li>Check for multicasts earlier when processing TCP input, to reduce the amount of redundant processing.
958: <!-- ^ 20031221 -->
1.41 sthen 959: <li>For <a href="http://man.openbsd.org/?query=semop&sektion=2">semop(2)</a> calls with a small number of operations, use the stack instead of <a href="http://man.openbsd.org/?query=malloc&sektion=9">malloc(9)</a>'d memory to reduce overhead. Adapted from FreeBSD.
960: <li>Fix some unbounded <a href="http://man.openbsd.org/?query=sscanf&sektion=3">sscanf(3)</a>s in the <a href="http://man.openbsd.org/?query=usbhid&sektion=3">usbhid(3)</a> library.
1.1 deraadt 961: <li>On i386, add a driver for the Pentium 4's thermal control circuit.
962: <!-- ^ 20031220 -->
1.41 sthen 963: <li>Stop <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> printing garbage <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> states when the snaplen is less than the sender's MTU.
964: <li>Have <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a> handle SIGINT in a rational way, and have <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a> pass SIGINT to dc to handle in a rational way.
965: <li>When updating process stats, check for non-monotonically-increasing time from <a href="http://man.openbsd.org/?query=microtime&sektion=9">microtime(9)</a>, deal with it by doing nothing instead of zeroing the counter, and complain #ifdef DIAGNOSTIC.
1.1 deraadt 966: <!-- ^ 20031219 -->
967: <li>Enhanced Intel SpeedStep support on i386.
1.41 sthen 968: <li>New <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> variables hw.cpuspeed and hw.setperf on i386, used to control LongRun.
969: <li>Only modulate the TCP timestamp (<a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> scrub reassemble tcp) if there's a valid timestamp to be modulated.
1.1 deraadt 970: <li>Allow ARP replies containing Ethernet multicast addresses, since some HA products want to do this.
1.41 sthen 971: <li>Show <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a> how to recognise IKE NAT-D and NAT-OA payloads.
972: <li>When <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> gives up on a message, show the exchange name in the log.
1.1 deraadt 973: <!-- ^ 20031218 -->
1.41 sthen 974: <li>Change <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> multicast group to 224.0.0.240, and IP protocol (pfsync in <a href="http://man.openbsd.org/?query=protocols&sektion=5">protocols(5)</a>) to 240.
1.1 deraadt 975: <li>New pseudo-user _bgpd with matching group.
1.41 sthen 976: <li>Begin spanning tree operation when a <a href="http://man.openbsd.org/?query=bridge&sektion=4">bridge(4)</a> interface comes up.
1.1 deraadt 977: <li>New BGP daemon, bgpd. Not complete, and not built by default yet.
1.41 sthen 978: <li>Do a real inverse-colour cursor for <a href="http://man.openbsd.org/?query=rasops&sektion=9">rasops(9)</a>-based consoles. Based on a similar change in NetBSD.
979: <li>New <a href="http://man.openbsd.org/?query=kqueue&sektion=2">kqueue(2)</a> filters NOTE_EOF and NOTE_TRUNCATE.
980: <li>Add <a href="http://man.openbsd.org/?query=ccd&sektion=4">ccd(4)</a> and a newly-shrunken version of <a href="http://man.openbsd.org/?query=ccdconfig&sektion=8">ccdconfig(8)</a> to the i386 CD ramdisk kernel.
1.1 deraadt 981: <!-- ^ 20031217 -->
982: <li>Update the kernel zlib to 1.2.1.
983: <li>Shrink even more the special gzip used for boot floppies. It now does decompress only and is directly compiled in.
984: <li>Update userland zlib to 1.2.1, with local fixes. New major version, libz.so.3.0.
1.41 sthen 985: <li>Don't let <a href="http://man.openbsd.org/?query=cvs&sektion=1">cvs(1)</a> pass null labels through to its diff command when <a href="http://man.openbsd.org/?query=stat&sektion=2">stat(2)</a> fails for an input file.
986: <li>When filtering on a <a href="http://man.openbsd.org/?query=bridge&sektion=4">bridge(4)</a>, compare the destination in the filter with the destination address of the packet, not the source address.
987: <li>New <a href="http://man.openbsd.org/?query=queue&sektion=3">queue(3)</a> macros SLIST_FOREACH_PREVPTR (from FreeBSD) and SLIST_REMOVE_NEXT.
1.1 deraadt 988: <li>Allow cloner interfaces to return an error from their destroy function.
1.41 sthen 989: <li>Much string cleaning and <a href="http://man.openbsd.org/?query=abort&sektion=3">abort(3)</a> -> <a href="http://man.openbsd.org/?query=exit&sektion=3">exit(3)</a> in the AFS library.
990: <li>Stop <a href="http://man.openbsd.org/?query=newsyslog&sektion=8">newsyslog(8)</a> segfaulting when given an empty command (PR#3578).
991: <li>Fix a couple of missing <a href="http://man.openbsd.org/?query=printf&sektion=3">printf(3)</a> args in <a href="http://man.openbsd.org/?query=monop&sektion=6">monop(6)</a> and <a href="http://man.openbsd.org/?query=mopd&sektion=8">mopd(8)</a>.
992: <li>New environment variable MANPAGER for <a href="http://man.openbsd.org/?query=man&sektion=1">man(1)</a> (PR#3563).
993: <li>Add app-layer keepalive option 'ServerAliveInterval' to <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>, analogous to ClientAliveInterval on the server.
994: <li>Don't do expensive <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> processing if noone is using it (i.e. no <a href="http://man.openbsd.org/?query=bpf&sektion=4">bpf(4)</a> listeners, and no network synchronisation).
1.1 deraadt 995: <li>Shorten or '#ifdef SMALL'-out some long message strings in the kernel.
996: <li>A round of boot floppy space-saving begins.
997: <!-- ^ 20031216 -->
1.41 sthen 998: <li>When calculating CPU time usage, check for a time-going-backwards bug in <a href="http://man.openbsd.org/?query=microtime&sektion=9">microtime(9)</a> found on some dual-clock systems.
1.1 deraadt 999: <li>Fix some fallout from the rlim_t change from signed to unsigned.
1.41 sthen 1000: <li>Add support for groups 14 through 18 (modp{2048,2072,4096,6144,8192} - see RFC 3526) to <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>.
1001: <li>Initial support for <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> state synchronisation over the network. See <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a>.
1002: <li>Make <a href="http://man.openbsd.org/?query=sh&sektion=1">sh(1)</a> and <a href="http://man.openbsd.org/?query=ksh&sektion=1">ksh(1)</a> functions work the way the manual page suggests with respect to non-exported environment variables (PR#2450).
1003: <li>Allow <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> to track stateful connections based on the source IP address. Especially useful for load balancing configurations.
1.1 deraadt 1004: <!-- ^ 20031215 -->
1.41 sthen 1005: <li>Add <a href="http://man.openbsd.org/?query=awk&sektion=1">awk(1)</a> USD paper in /usr/share/doc/usd/16.awk.
1006: <li>Don't assume that the IKE port is always 500 in <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> log output.
1.1 deraadt 1007: <li>Alignment fixes for kernel and libc RMD160 functions.
1008: <!-- ^ 20031214 -->
1.41 sthen 1009: <li>Initial support for ifconfig destroy in <a href="http://man.openbsd.org/?query=ppp&sektion=4">ppp(4)</a> and <a href="http://man.openbsd.org/?query=sl&sektion=4">sl(4)</a>
1.1 deraadt 1010: <!-- ^ 20031213 -->
1.41 sthen 1011: <li>Don't accept absolute pathnames for module names in <a href="http://man.openbsd.org/?query=cvs&sektion=1">cvs(1)</a>. From CVS 1.11.10.
1012: <li>Cleanup and POSIXness for <a href="http://man.openbsd.org/?query=join&sektion=1">join(1)</a>. From FreeBSD.
1.1 deraadt 1013: <!-- ^ 20031212 -->
1014: <li>More POSIX type definitions (rlim_t now unsigned, RLIM_SAVED_{CUR,MAX} defined, id_t defined).
1.41 sthen 1015: <li>Kill annoying <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> assertion failure messages, and correct the underlying problem with NAT and table stats (PR#3587).
1016: <li>Fix <a href="http://man.openbsd.org/?query=sis&sektion=4">sis(4)</a> short cable problems properly. From Linux and the datasheets, via FreeBSD.
1.1 deraadt 1017: <!-- ^ 20031211 -->
1.41 sthen 1018: <li>Also for <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a>, add pollfd_t (= struct pollfd) as in Solaris.
1019: <li>Add type nfds_t for <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a> as per POSIX.
1020: <li>Make <a href="http://man.openbsd.org/?query=pkg_delete&sektion=1">pkg_delete(1)</a> flag an attempt to delete a non-existent package as an error.
1021: <li>For IPv6 multicast sockets, validate the get/<a href="http://man.openbsd.org/?query=setsockopt&sektion=2">setsockopt(2)</a> argument more strictly to preventing a local user causing a kernel panic. From KAME.
1.1 deraadt 1022: <li>Big register declaration purge in sys/net*.
1023: <li>Better non-repetitive ID generation for IPv4, IPv6 and resolver query IDs.
1.41 sthen 1024: <li>Some improvements to <a href="http://man.openbsd.org/?query=authpf&sektion=8">authpf(8)</a>'s logging output.
1.1 deraadt 1025: <li>Fix up netinet and netinet6 interface lookup code after the introduction of clonable devices.
1026: <!-- ^ 20031210 -->
1.41 sthen 1027: <li>Clear the exit code when <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> with -N is terminated with SIGTERM.
1028: <li>Sync <a href="http://man.openbsd.org/?query=em&sektion=4">em(4)</a> with FreeBSD, enabling support for a few more models.
1029: <li>Fix some *printf(char *) silliness in <a href="http://man.openbsd.org/?query=identd&sektion=8">identd(8)</a>.
1030: <li>Rename the <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> option KeepAlive to TCPKeepAlive to help people who just won't read manual pages.
1031: <li>Better -n handling for <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> and <a href="http://man.openbsd.org/?query=pkg_delete&sektion=1">pkg_delete(1)</a> when dependencies are involved.
1032: <li>Make explicit the base package to which <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a>'s dependency resolution output applies.
1033: <li>Fix error-handling logic in <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> that affected the -n option.
1034: <li>In <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> and <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a>, don't modify argv when parsing the -o option (unbreaks HUP for sshd).
1035: <li>Make <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> option ClientKeepAlive work when the -N option (no login shell) is in effect.
1036: <li>Stop <a href="http://man.openbsd.org/?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>'s -T option from accepting primes with no known generator.
1037: <li>Add some PostScript docs for <a href="http://man.openbsd.org/?query=lex&sektion=1">lex(1)</a>.
1038: <li>Fix some missing <a href="http://man.openbsd.org/?query=printf&sektion=3">printf(3)</a> args in <a href="http://man.openbsd.org/?query=tn3270&sektion=1">tn3270(1)</a> and kernfs.
1039: <li>Some cleanup in <a href="http://man.openbsd.org/?query=compress&sektion=1">compress(1)</a>.
1040: <li>Allow more than one user at a time to use <a href="http://man.openbsd.org/?query=ftp&sektion=1">ftp(1)</a> in active mode (PR#3596).<br>
1.1 deraadt 1041: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1042: <li>Unbreak xfs symlinks (PR#3552).<br>
1043: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1044: <!-- ^ 20031209 -->
1.41 sthen 1045: <li>In <a href="http://man.openbsd.org/?query=patch&sektion=1">patch(1)</a>, get a private mapping from <a href="http://man.openbsd.org/?query=mmap&sektion=2">mmap(2)</a> instead of a default (file) mapping.
1046: <li>Fix a crash in <a href="http://man.openbsd.org/?query=troff&sektion=1">troff(1)</a>.
1.1 deraadt 1047: <li>Don't drop the newest TCP connection when doing SYN flood avoidance when we meant to drop the oldest.
1.41 sthen 1048: <li>Fix an endianness bug in <a href="http://man.openbsd.org/?query=gre&sektion=4">gre(4)</a> when sending to ip_output.<br>
1.1 deraadt 1049: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1050: <li>In <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a>, make IPv6 redirects to loopback work the same way as for IPv4 and not require an additional route-to line.
1051: <li>Fix a too-low <a href="http://man.openbsd.org/?query=spl&sektion=9">spl(9)</a> in the nfs client code.
1052: <li>New <a href="http://man.openbsd.org/?query=ifconfig&sektion=8">ifconfig(8)</a> option -C (and supporting <a href="http://man.openbsd.org/?query=ioctl&sektion=2">ioctl(2)</a> SIOCIFGCLONERS) that lists all cloning-capable devices.
1053: <li>New <a href="http://man.openbsd.org/?query=mbuf_tags&sektion=9">mbuf_tags(9)</a> type ...PF_TRANSLATE_LOCALHOST, used so that <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> redirection to localhost doesn't defeat the ability of programs like <a href="http://man.openbsd.org/?query=portmap&sektion=8">portmap(8)</a> to tell localhost connections from remote connections.
1.1 deraadt 1054: <!-- ^ 20031208 -->
1.41 sthen 1055: <li>Add ifconfig create support to <a href="http://man.openbsd.org/?query=ppp&sektion=4">ppp(4)</a> and <a href="http://man.openbsd.org/?query=sl&sektion=4">sl(4)</a>. No ifconfig destroy yet.
1056: <li>Fix <a href="http://man.openbsd.org/?query=regex&sektion=3">regex(3)</a> handling of non-ASCII characters (PR#3594). Fix from FreeBSD.
1.1 deraadt 1057: <!-- ^ 20031207 -->
1.41 sthen 1058: <li>Fix <a href="http://man.openbsd.org/?query=grep&sektion=1">grep(1)</a>'s handling of certain patterns containing multiple dots (PR#3597).
1059: <li>Make ifconfig destroy work on <a href="http://man.openbsd.org/?query=tun&sektion=4">tun(4)</a>.
1.1 deraadt 1060: <!-- ^ 20031206 -->
1.41 sthen 1061: <li>Fix an endianness bug that was causing <a href="http://man.openbsd.org/?query=wicontrol&sektion=8">wicontrol(8)</a> to crash.
1062: <li>Set <a href="http://man.openbsd.org/?query=madvise&sektion=2">madvise(2)</a> flag MADV_RANDOM for <a href="http://man.openbsd.org/?query=mfs&sektion=8">mfs(8)</a> filesystems.
1.1 deraadt 1063: <!-- ^ 20031205 -->
1.41 sthen 1064: <li>Validate the SPIs presented in DELETE messages when doing an <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> informational exchange.
1065: <li>Have the installer ask whether <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a> should be enabled at first boot. The default is to enable it.
1066: <li>Enable multicast reception for <a href="http://man.openbsd.org/?query=em&sektion=4">em(4)</a>.
1067: <li>Do a screen split when more than one file is opened on <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a>'s command line.
1068: <li>Unbreak <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a>'s META key support.
1.1 deraadt 1069: <!-- ^ 20031204 -->
1.41 sthen 1070: <li>Fix a sign comparison bug in <a href="http://man.openbsd.org/?query=semop&sektion=2">semop(2)</a>.
1071: <li>Add cloning support to <a href="http://man.openbsd.org/?query=bridge&sektion=4">bridge(4)</a>, <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a>, <a href="http://man.openbsd.org/?query=faith&sektion=4">faith(4)</a>, <a href="http://man.openbsd.org/?query=gif&sektion=4">gif(4)</a>, <a href="http://man.openbsd.org/?query=gre&sektion=4">gre(4)</a>, <a href="http://man.openbsd.org/?query=lo&sektion=4">lo(4)</a>, <a href="http://man.openbsd.org/?query=tun&sektion=4">tun(4)</a> and <a href="http://man.openbsd.org/?query=vlan&sektion=4">vlan(4)</a>.
1072: <li>Support for interface 'cloning,' accessed by <a href="http://man.openbsd.org/?query=ifconfig&sektion=8">ifconfig(8)</a> commands <em>create</em> and <em>destroy</em>. E.g. 'ifconfig vlan100 create'
1073: <li>Add a dmesg command to <a href="http://man.openbsd.org/?query=ddb&sektion=4">ddb(4)</a>.
1.1 deraadt 1074: <li>Don't allow too many network interfaces (>65535) to be attached.
1075: <li>Merge Perl 5.8.2.
1076: <!-- ^ 20031203 -->
1077: <li>Add an hppa target to gcc3.
1.41 sthen 1078: <li>Add support for UDP encapsulation of ESP in transport mode (see draft-ietf-ipsec-udp-encaps-XX.txt,) enabled via new <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> toggle net.inet.esp.udpencap.
1079: <li>Use a consistent, high listen backlog for <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a>, <a href="http://man.openbsd.org/?query=ssh-agent&sektion=1">ssh-agent(1)</a> and forwarding sockets.
1080: <li>Fix an off-by-one in <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>.
1081: <li>Cosmetic improvements to <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>'s progress meter.
1082: <li>Let <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a> compile programs with more than 10,000 lines.
1083: <li>Add support for long variable names to <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a>, another non-portable extension.
1084: <li>Add <a href="http://man.openbsd.org/?query=kqueue&sektion=2">kqueue(2)</a> support to <a href="http://man.openbsd.org/?query=tun&sektion=4">tun(4)</a>.
1085: <li>Use now instead of the epoch as the timebase for <a href="http://man.openbsd.org/?query=compat_linux&sektion=8">compat_linux(8)</a> function alarm().
1.1 deraadt 1086: <li>Avoid a null-deref in uvm_swap_markbad().
1087: <li>Check signedness before dereferencing in kernel descriptor management code.
1088: <!-- ^ 20031202 -->
1.41 sthen 1089: <li>Fix <a href="http://man.openbsd.org/?query=csh&sektion=1">csh(1)</a> variable substitution when shortening strings (PR#3591).
1090: <li>In <a href="http://man.openbsd.org/?query=aliases&sektion=5">aliases(5)</a>, direct mail for most fake users (e.g. _syslogd) to /dev/null instead of spamming root.
1.1 deraadt 1091: <li>Add an amd64 target to gcc3.
1.41 sthen 1092: <li>Add extended register support in <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a> (-x option,) ready for long variable names support coming to <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a> soon.
1093: <li>Cleanup of <a href="http://man.openbsd.org/?query=mopd&sektion=8">mopd(8)</a>.
1.1 deraadt 1094: <!-- ^ 20031201 -->
1095: <!-- ^ 20031130 -->
1096: <li>Add OpenBSD-specific options to gcc3.
1097: <li>Import (but do not yet enable) GCC 3.3.2, without the ADA frontend for space reasons.
1.41 sthen 1098: <li>New ':' (inclusive range) operator for <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a>, works anywhere in <a href="http://man.openbsd.org/?query=pf.conf&sektion=5">pf.conf(5)</a> that '><' (exclusive range) works.
1.1 deraadt 1099: <!-- ^ 20031129 -->
1.41 sthen 1100: <li>Fix the regex in <a href="http://man.openbsd.org/?query=security&sektion=8">security(8)</a> that tests for valid group names.
1101: <li>More fixes to <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> stats gathering.
1.1 deraadt 1102: <li>Fix NFS-over-TCP speed when OpenBSD is serving Linux clients (PR#3561).
1103: <!-- ^ 20031128 -->
1.41 sthen 1104: <li>Allow <a href="http://man.openbsd.org/?query=systrace&sektion=1">systrace(1)</a> to accept usernames ending in '$'.
1105: <li>Fix missing <a href="http://man.openbsd.org/?query=printf&sektion=3">printf(3)</a> arguments in <a href="http://man.openbsd.org/?query=eeprom&sektion=8&arch=sparc">eeprom(8)</a>, elf2aout and elf2ecoff.
1.1 deraadt 1106: <!-- ^ 20031127 -->
1.41 sthen 1107: <li>Discard the first 256 bytes of the <a href="http://man.openbsd.org/?query=arc4random&sektion=3">arc4random(3)</a> keystream as recommended by the "Weaknesses in the Key Scheduling Algorithm of RC4" <a href="http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps">paper</a>.
1108: <li>Fix a core dump in <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a> when reading uninitialised array locations.
1.1 deraadt 1109: <li>Some gcc3 compatibility cleanup.
1110: <!-- ^ 20031126 -->
1.41 sthen 1111: <li>Fix SIOCGIFHWADDR under <a href="http://man.openbsd.org/?query=compat_linux&sektion=8">compat_linux(8)</a>.
1.1 deraadt 1112: <li>Build more components of libiberty in preparation for gcc3.
1113: <li>Sync libiberty with the version from GCC 3.3.2.
1114: <li>Sync libedit with that of NetBSD on 8 Nov 2003.
1115: <!-- ^ 20031125 -->
1116: <li>Move libiberty into src/gnu/lib/libiberty, removing it from the egcs directory. The new library is a sync'd to "somewhere between binutils-2.10 and 2.11" with some local changes.
1.41 sthen 1117: <li>Avoid a double-free in <a href="http://man.openbsd.org/?query=pcap_setfilter&sektion=3">pcap_setfilter(3)</a>.
1.1 deraadt 1118: <li>Have the kernel's MD5 code use the per-architecture optimised bcopy() instead of its own implementation (PR#3549).
1.41 sthen 1119: <li>New meaning for the <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> -k option, it's now equivalent to GSSAPIDelegateCredentials=no.
1.1 deraadt 1120: <!-- ^ 20031124 -->
1.41 sthen 1121: <li>In <a href="http://man.openbsd.org/?query=ssh-keyscan&sektion=1">ssh-keyscan(1)</a>, use <a href="http://man.openbsd.org/?query=sysconf&sektion=3">sysconf(3)</a> to get the maximum fd limit instead of returning an arbitrary number.
1122: <li>Fix an out-of-bounds access typo in the implementation of <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> KERN_VNODE.
1123: <li>Another <a href="http://man.openbsd.org/?query=getpass&sektion=3">getpass(3)</a> return value check, this time in <a href="http://man.openbsd.org/?query=encrypt&sektion=1">encrypt(1)</a>.
1124: <li>Fix a sign overflow in <a href="http://man.openbsd.org/?query=compat_svr4&sektion=8">compat_svr4(8)</a> streams code.
1125: <li>Make usernames containing underscores work in <a href="http://man.openbsd.org/?query=systrace&sektion=1">systrace(1)</a>.
1.1 deraadt 1126: <!-- ^ 20031123 -->
1.41 sthen 1127: <li>While we're fixing <a href="http://man.openbsd.org/?query=diff&sektion=1">diff(1)</a> return values, fix that of the -q option which got broken when -i was fixed.
1128: <li>Stop the <a href="http://man.openbsd.org/?query=install&sektion=1">install(1)</a> madvise() change breaking 'make release'.
1129: <li>Stop <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> allowing an antispoof for an interface without an IP address, since that amounts to blocking all on every other interface. Bad.
1130: <li>Add a few more <a href="http://man.openbsd.org/?query=pkg_create&sektion=1">pkg_create(1)</a> packing list sanity checks.
1.1 deraadt 1131: <!-- ^ 20031122 -->
1.41 sthen 1132: <li>Also give <a href="http://man.openbsd.org/?query=cmp&sektion=1">cmp(1)</a> and <a href="http://man.openbsd.org/?query=patch&sektion=1">patch(1)</a> the <a href="http://man.openbsd.org/?query=madvise&sektion=2">madvise(2)</a> sequential treatment.
1133: <li>Speed up <a href="http://man.openbsd.org/?query=install&sektion=1">install(1)</a> by using <a href="http://man.openbsd.org/?query=madvise&sektion=2">madvise(2)</a> with the MADV_SEQUENTIAL flag.
1.1 deraadt 1134: <!-- erratum 3.4-httpd2 appeared 13 March 2004... -->
1.41 sthen 1135: <li><font color="#e00000"><strong>SECURITY FIX: Due to a bug in the parsing of Allow/Deny rules for <a href="http://man.openbsd.org/?query=httpd&sektion=8">httpd(8)</a>'s access module, using IP addresses without a netmask on big endian 64-bit platforms causes the rules to fail to match. This only affects sparc64.</strong></font><br>
1.1 deraadt 1136: <a href="errata34.html#httpd2">A source code patch is available</a>.<br>
1137: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1138: <li>New -o option to <a href="http://man.openbsd.org/?query=kvm_mkdb&sektion=8">kvm_mkdb(8)</a>, to put the database somewhere other than /var/db.
1139: <li>Fix return code from <a href="http://man.openbsd.org/?query=diff&sektion=1">diff(1)</a> when the -i option is in use.
1.1 deraadt 1140: <!-- ^ 20031121 -->
1.41 sthen 1141: <li>Build <a href="http://man.openbsd.org/?query=ftp&sektion=1">ftp(1)</a> statically linked, to help out when things go wrong.
1142: <li><font color="#e00000"><strong>RELIABILITY FIX: An improper bounds check makes it possible for a local user to cause a crash by passing the <a href="http://man.openbsd.org/?query=semctl&sektion=2">semctl(2)</a> and <a href="http://man.openbsd.org/?query=semop&sektion=2">semop(2)</a> functions certain arguments.</strong></font><br>
1.1 deraadt 1143: <a href="errata34.html#sem">A source code patch is available</a>.<br>
1144: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1145: <li><font color="#e00000"><strong>RELIABILITY FIX: It is possible for a local user to cause a crash via <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> with certain arguments.</strong></font><br>
1.1 deraadt 1146: <a href="errata34.html#uvm">A source code patch is available</a>.<br>
1147: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1148: <li>Add <a href="http://man.openbsd.org/?query=gcc&sektion=1">gcc(1)</a> flags -fnobuiltin-{log,print} for kernel builds on some architectures, the others to be done as test results are collected.
1149: <li>Re-enable build of <a href="http://man.openbsd.org/?query=named&sektion=8">named(8)</a>'s DNSSEC programs.
1.1 deraadt 1150: <!-- ^ 20031120 -->
1.41 sthen 1151: <li>More <a href="http://man.openbsd.org/?query=wdc&sektion=4">wdc(4)</a> probe fixes, sync'ing with NetBSD.
1152: <li>Fix <a href="http://man.openbsd.org/?query=timed&sektion=8">timed(8)</a> breakage caused by the change from <a href="http://man.openbsd.org/?query=select&sektion=2">select(2)</a> to <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a>.
1.1 deraadt 1153: <!-- ^ 20031119 -->
1.41 sthen 1154: <li>Add /etc/<a href="http://man.openbsd.org/?query=rc&sektion=8">rc(8)</a> startup for <a href="http://man.openbsd.org/?query=sensorsd&sektion=8">sensorsd(8)</a>.
1.1 deraadt 1155: <li>Merge in BIND v9.2.3.
1.41 sthen 1156: <li>In <a href="http://man.openbsd.org/?query=crypto&sektion=3">crypto(3)</a>, enable assembler BN functions on vax, and assembler for most things on i386.
1157: <li>Fix password blinding for non-existent users in <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a>.
1.1 deraadt 1158: <li>Add new lightweight kernel reader/writer lock code, not used for anything yet.
1.41 sthen 1159: <li>Performance improvements to <a href="http://man.openbsd.org/?query=pool&sektion=9">pool(9)</a>.
1160: <li>In <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a>, fix the test for a valid authentication context when processing -R port forwards.
1.1 deraadt 1161: <!-- ^ 20031118 -->
1.41 sthen 1162: <li>Fix unnecessary delays in <a href="http://man.openbsd.org/?query=wdc&sektion=4">wdc(4)</a>'s device probe. From NetBSD.
1.1 deraadt 1163: <li>Fix a missing initialisation in libkvm.
1.41 sthen 1164: <li>Don't expose the contents of <a href="http://man.openbsd.org/?query=named&sektion=8">named(8)</a>'s rndc.key file when diff'd by <a href="http://man.openbsd.org/?query=security&sektion=8">security(8)</a>.
1.1 deraadt 1165: <li>Merge in Apache 1.3.29 and mod_ssl 2.8.16.
1.41 sthen 1166: <li>Add a missing bounds check and fix an int overflow in <a href="http://man.openbsd.org/?query=compat_ibcs2&sektion=8">compat_ibcs2(8)</a> (not enabled by default).<br>
1.1 deraadt 1167: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1168: <li>Two more non-portable extensions to <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a>: Add new boolean operators, and allow relational operators to appear anywhere.
1169: <li>Add drop operator 'R' to <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>.
1170: <li>Replace <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> authentication mechanism 'gssapi' with 'gssapi-with-mic'.
1.1 deraadt 1171: <!-- ^ 20031117 -->
1.41 sthen 1172: <li><a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> stateful connections for generic protocols now work for IPv6 as well as IPv4.
1.1 deraadt 1173: <li>Pull in a patch from XFree86 4.3, preventing a crash on Riva128 cards.
1174: <li>Remove win32 support files from the BIND tree.
1175: <!-- ^ 20031116 -->
1.41 sthen 1176: <li>Set the atime, ctime and mtime of the kernfs boottime file to, uh, the boot time. Useful for <a href="http://man.openbsd.org/?query=find&sektion=1">find(1)</a>.
1177: <li>Fix <a href="http://man.openbsd.org/?query=savecore&sektion=8">savecore(8)</a> on big-endian 64-bit architectures.
1.1 deraadt 1178: <li>More fine-grained CPU type detection on i386.
1.41 sthen 1179: <li>Test for a NULL return from <a href="http://man.openbsd.org/?query=getpass&sektion=3">getpass(3)</a> in <a href="http://man.openbsd.org/?query=bdes&sektion=1">bdes(1)</a>, <a href="http://man.openbsd.org/?query=pppctl&sektion=8">pppctl(8)</a> and <a href="http://man.openbsd.org/?query=tn3270&sektion=1">tn3270(1)</a>.
1.1 deraadt 1180: <!-- ^ 20031115 -->
1.41 sthen 1181: <li>Fix bogus <a href="http://man.openbsd.org/?query=read&sektion=2">read(2)</a> error check in <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a> when writing a backup file.
1182: <li>Let <a href="http://man.openbsd.org/?query=compress&sektion=1">compress(1)</a> inflate multiple concatenated files just like GNU gzip.
1183: <li>Support in <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a> for boolean operations soon to appear in <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a>.
1184: <li>Allow the <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> debug level to be set from <a href="http://man.openbsd.org/?query=pf.conf&sektion=5">pf.conf(5)</a> with 'set debug'.
1185: <li>Some fixes in the <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> GSSAPI client code.
1186: <li>Don't include the KAME interface index (used for IPv6 link-local addresses) in the <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> HMAC value.
1.1 deraadt 1187: <!-- ^ 20031114 -->
1.41 sthen 1188: <li>Strip out some slightly pointless tests in <a href="http://man.openbsd.org/?query=wdc&sektion=4">wdc(4)</a> for an 8-bit value < <em>n</em>, where <em>n</em> > 255.
1189: <li>Fix a bug in <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a>'s print statement that left garbage on <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>'s stack.
1190: <li>Make <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a>'s exponentiation operator '^' right- instead of left-associative.
1.1 deraadt 1191: <!-- ^ 20031113 -->
1.41 sthen 1192: <li>Fix a potential DoS in <a href="http://man.openbsd.org/?query=ftpd&sektion=8">ftpd(8)</a> where an attacker could tie up the data port for long periods. From FreeBSD.<br>
1.1 deraadt 1193: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1194: <li>New behaviour for <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> option VerifyHostKeyDNS, allowing implicit trust for DNSSEC-verified SSHFP records.
1195: <li>Have <a href="http://man.openbsd.org/?query=scp&sektion=1">scp(1)</a> pass through the -q flag to its underlying <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> process, suppressing SSH2 banners.
1.1 deraadt 1196: <!-- ^ 20031112 -->
1197: <li>Merge in OpenSSL 0.9.7c.
1.41 sthen 1198: <li>Some nonportable syntactic sugar for <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a> and <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a>.
1199: <li><a href="http://man.openbsd.org/?query=free&sektion=9">free(9)</a>ing stack variables is a bad idea, don't do it in <a href="http://man.openbsd.org/?query=ubsa&sektion=4">ubsa(4)</a>.
1200: <li>Don't leak memory from <a href="http://man.openbsd.org/?query=ld.so&sektion=1">ld.so(1)</a> if the library name is invalid.
1201: <li>Better parsing of library version numbers in <a href="http://man.openbsd.org/?query=ld.so&sektion=1">ld.so(1)</a>, so 'libpython2.1.so.0.0' and 'libpython2.2.so.0.0' can coexist in peace.
1202: <li>New 'print' statement for <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a>, a non-portable extension.
1.1 deraadt 1203: <!-- ^ 20031111 -->
1.41 sthen 1204: <li>Fix <a href="http://man.openbsd.org/?query=ksh&sektion=1">ksh(1)</a>'s handling of redirection of a file to the same file, e.g. '2>&2'.
1205: <li>Add more privacy flags to <a href="http://man.openbsd.org/?query=sendmail&sektion=8">sendmail(8)</a> cf/openbsd-proto.mc, requiring HELO/EHLO and disabling EXPN/VRFY.
1.1 deraadt 1206: <li>Add a classic paper on password security in /usr/share/doc/smm/17.password.
1.41 sthen 1207: <li>Send <a href="http://man.openbsd.org/?query=diff&sektion=1">diff(1)</a> output 'no newline at end of file' to stderr instead of stdout, for compatibility.
1208: <li>Stop <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> considering as errors attempts to add an already-added package.
1.1 deraadt 1209: <!-- ^ 20031110 -->
1.41 sthen 1210: <li>Keep track of errors when adding multiple packages with <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a>, and set a useful error code on return.
1.1 deraadt 1211: <li>Remove the automatic setting of packing-list prefix from the first @cwd.
1.41 sthen 1212: <li>Restore printing of <a href="http://man.openbsd.org/?query=vlan&sektion=4">vlan(4)</a> information in <a href="http://man.openbsd.org/?query=ifconfig&sektion=8">ifconfig(8)</a>, accidentally broken when <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> was added.
1213: <li>Really fix <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a> insert-file.
1214: <li>Safer region handling in <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a>.
1215: <li>Restore the terminal correctly when aborting out of <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a>.
1216: <li>Undo the <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a> insert-file operation properly.
1.1 deraadt 1217: <!-- ^ 20031109 -->
1.41 sthen 1218: <li>Unbreak the anchor rule number returned by <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a>.
1.1 deraadt 1219: <li>Avoid a race condition when swapping in a process.
1220: <li>On i386, fix a crash that occurred with a large number (>1500) of processes (PR#3528).
1.41 sthen 1221: <li>New 'no sync' state option to prevent state transitions for a particular rule appearing on the <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> interface.
1.1 deraadt 1222: <!-- ^ 20031108 -->
1.41 sthen 1223: <li>Check that <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> packets are received on a carp-enabled interface.
1.1 deraadt 1224: <li>Fix setting of the interface index for IPv6 link-local multicast joins.
1.41 sthen 1225: <li>Stop <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> responding to ARPs when the interface is down.
1226: <li>Fix a buffer overflow in <a href="http://man.openbsd.org/?query=sed&sektion=1">sed(1)</a> when doing regex substitutions. From FreeBSD.
1.1 deraadt 1227: <!-- ^ 20031107 -->
1.41 sthen 1228: <li>Add non-portable extensions to <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>: '#' (comment), 'n' (print without newline) and 'a' (byte to char).
1229: <li>Better <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> dependency resolution.
1.1 deraadt 1230: <li>Don't call the post-install script of packages that didn't fully install, and allow such packages to be fully removed.
1.41 sthen 1231: <li>Let <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> install packages coming from stdin.
1232: <li><a href="http://man.openbsd.org/?query=pkg_delete&sektion=1">pkg_delete(1)</a> allows the path to an installed package on the command line, so e.g. 'pkg_delete /var/db/pkg/zsh-*' now works.
1.1 deraadt 1233: <li>The package tools now automatically use the target of the first @cwd in the packing list as the prefix.
1.41 sthen 1234: <li>Temporarily back out the recent reordering of interface capability tests and pf_test(). <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> rdr rules are now generating some bogus checksums.
1235: <li>In <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>, require encrypted messages as soon as we have the keystate for it, require DELETE payloads to be accompanied by HASHes, and add validation for HASH payloads without active exchanges.
1236: <li>Allow <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> tags to use the same macros as labels (see <a href="http://man.openbsd.org/?query=pf.conf&sektion=5">pf.conf(5)</a>).
1237: <li>Teach <a href="http://man.openbsd.org/?query=gdb&sektion=1">gdb(1)</a> about SIGINFO (PR#3173).
1238: <li>Add commented-out LoadModule config lines, along with a short description, for each <a href="http://man.openbsd.org/?query=httpd&sektion=8">httpd(8)</a> module in the standard build.
1239: <li>In <a href="http://man.openbsd.org/?query=newfs&sektion=8">newfs(8)</a> don't write the magic to the superblock until filesystem creation is completed.
1240: <li>Fix <a href="http://man.openbsd.org/?query=netstat&sektion=1">netstat(1)</a>'s display of IPv6 link-local multicast addresses.
1.1 deraadt 1241: <!-- ^ 20031106 -->
1.41 sthen 1242: <li>Redo the <a href="http://man.openbsd.org/?query=wdc&sektion=4">wdc(4)</a> drive reset changes, more cautious this time.
1243: <li>Make <a href="http://man.openbsd.org/?query=tcpdump&sektion=8">tcpdump(8)</a>'s -x flag work for <a href="http://man.openbsd.org/?query=pfsync&sektion=4">pfsync(4)</a> devices.
1.1 deraadt 1244: <!-- ^ 20031105 -->
1245: <li>Use hash tables where possible for listen socket lookup as well.
1.41 sthen 1246: <li>Add a route when we're the <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> master host, so the local machine can use the common address.
1247: <li>Have <a href="http://man.openbsd.org/?query=pkg_create&sektion=1">pkg_create(1)</a> spot duplicate packaging list entries and die noisily when it does so.
1248: <li>Stop <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> pretending that everything it sends to <a href="http://man.openbsd.org/?query=bpf&sektion=4">bpf(4)</a> comes from AF_INET6.
1249: <li>Add GNU-compatible 'r' operator (swaps the top two stack items) to <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>.
1250: <li>Kill an IPv4 pasto in <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> IPv6 support when setting the interface address.
1.1 deraadt 1251: <!-- ^ 20031104 -->
1252: <li><font color="#e00000"><strong>RELIABILITY FIX: It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.</strong></font><br>
1253: <a href="errata34.html#exec">A source code patch is available</a>.<br>
1254: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1255: <li>Make <a href="http://man.openbsd.org/?query=pkg_delete&sektion=1">pkg_delete(1)</a> handle dependencies properly when using package name stems.
1256: <li>Don't try to free a static string when checking <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> host keys.
1257: <li>In regular (non-<a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a>) IP output code, defer the interface tests for hardware IPsec and checksum capability until after pf_test(), since pf might drop the packet, or send it to a different interface.
1258: <li>Make <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a>-routed packets check the target interface for hardware IPsec and checksum capability.
1259: <li>Fix a memory leak when <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> fails to put the interface into promiscuous mode.
1260: <li>Add a missing check in IPv6 <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> for an interface on its way down.
1.1 deraadt 1261: <!-- ^ 20031103 -->
1.41 sthen 1262: <li>Preserve the debug flag when enabling <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a>.
1.1 deraadt 1263: <!-- ^ 20031102 -->
1.41 sthen 1264: <li>In <a href="http://man.openbsd.org/?query=top&sektion=1">top(1)</a>, check for signals at the right time and handle stdin failures better.
1.1 deraadt 1265: <!-- ^ 20031101 -->
1.41 sthen 1266: <li>Have <a href="http://man.openbsd.org/?query=patch&sektion=1">patch(1)</a> determine the filename in same manner as GNU patch.
1267: <li>New --posix option for <a href="http://man.openbsd.org/?query=patch&sektion=1">patch(1)</a> for, uh, strict POSIX conformance.
1268: <li>Set pkgpath in the correct order in <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> etc.
1269: <li>Re-add the SATA mode detection and reset-pause-IDENTIFY fixes to <a href="http://man.openbsd.org/?query=wdc&sektion=4">wdc(4)</a>. Drive reset fixes need further testing.
1270: <li>Allocate the right number of elements in <a href="http://man.openbsd.org/?query=hashinit&sektion=9">hashinit(9)</a> (PR#3537).
1271: <li>Look up the groupname (not the username) when getting the gid from a tarfile in <a href="http://man.openbsd.org/?query=pkg_add&sektion=1">pkg_add(1)</a> and friends. Also set file ownership before the mode.
1272: <li>Add IPv6 support to <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a>.
1.1 deraadt 1273: <li>Sync libedit to NetBSD as of 2003-10-01, with some local string cleaning and history bug fixes. There are some api changes as a result of this update.
1274: <li>New port, <a href="pegasos.html">OPENBSD/pegasos</a>.
1.41 sthen 1275: <li>Fix insufficient length check in <a href="http://man.openbsd.org/?query=route6d&sektion=8">route6d(8)</a> (KAME PR#507).
1.1 deraadt 1276: <!-- ^ 20031031 -->
1.41 sthen 1277: <li>Try to deal with <a href="http://man.openbsd.org/?query=strdup&sektion=3">strdup(3)</a> failures in <a href="http://man.openbsd.org/?query=init&sektion=8">init(8)</a>.
1.1 deraadt 1278: <li>More detective work from the spelling police, double-word branch.
1.41 sthen 1279: <li>Fix <a href="http://man.openbsd.org/?query=lc&sektion=4">lc(4)</a> multicast filter initialisation.
1.1 deraadt 1280: <!-- ^ 20031030 -->
1.41 sthen 1281: <li>Backout recent <a href="http://man.openbsd.org/?query=wdc&sektion=4">wdc(4)</a> reset, identify and mode detection changes, they are breaking things.
1282: <li>Fix <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> binat for incoming connections when a netblock (not just a single address) is used as the rule source (PR#3535).<br>
1.1 deraadt 1283: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1284: <li><font color="#e00000"><strong>RELIABILITY FIX: A user with write permission to httpd.conf or a .htaccess file can crash <a href="http://man.openbsd.org/?query=httpd&sektion=8">httpd(8)</a> or potentially run arbitrary code as the user</strong> www <strong> (although it is believed that ProPolice will prevent code execution).</strong></font><br>
1.1 deraadt 1285: <a href="errata34.html#httpd">A source code patch is available</a>.<br>
1286: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1287: <!-- ^ 20031029 -->
1.41 sthen 1288: <li>Do a better job of finding the proper partition in <a href="http://man.openbsd.org/?query=growfs&sektion=8">growfs(8)</a>.
1289: <li>Evaluate dependencies earlier in <a href="http://man.openbsd.org/?query=pkg_delete&sektion=1">pkg_delete(1)</a>, and if the check fails just give a list of the required removals and quit.
1290: <li>Don't die if getsockopt(..., TCP_NODELAY, ...) fails in <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>.
1.1 deraadt 1291: <!-- ^ 20031028 -->
1.41 sthen 1292: <li>In <a href="http://man.openbsd.org/?query=wdc&sektion=4">wdc(4)</a>, add a pause between a drive reset and an IDENTIFY command, to allow for units that are sick just after a reset.
1.1 deraadt 1293: <li>Don't do ATA mode detection for SATA drives, some drives really don't like it.
1.41 sthen 1294: <li>Set the skew properly when rescheduling <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> advertisements.
1295: <li>Fix an <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a> startup crash.
1296: <li>Don't schedule a <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> advertisement if the interface is on its way down and we run out of mbufs.
1297: <li>Really stop sending advertisements if the <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> interface is down.
1.1 deraadt 1298: <!-- ^ 20031027 -->
1.41 sthen 1299: <li>Set the maximum value for <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> kern.stackgap_random maximum to 256MB.
1300: <li>Remove artificial limit on the number of partitions that may be stretched by <a href="http://man.openbsd.org/?query=growfs&sektion=8">growfs(8)</a>.
1301: <li>Early support in <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> for PRISM 2.5/3 USB adapters. Very limited for now.
1302: <li>Make <a href="http://man.openbsd.org/?query=wdc&sektion=4">wdc(4)</a> reset code more like that in FreeBSD and NetBSD, fixing slave device detection when the master behaves strangely.
1.1 deraadt 1303: <!-- ^ 20031026 -->
1.41 sthen 1304: <li>Reorganise <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> state searches for a 30% memory saving.
1.1 deraadt 1305: <li>Don't leak mbufs on carp_output() failures.
1306: <li>Replace a linked list with a hash table for local IP port lookup, dramatically reducing the lookup time (in_pcblookup()) when there are many sockets.
1.41 sthen 1307: <li>Precompute as much of the <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> sha1 hash as possible.
1.1 deraadt 1308: <!-- ^ 20031025 -->
1.41 sthen 1309: <li>Prevent occasional <a href="http://man.openbsd.org/?query=syslogd&sektion=8">syslogd(8)</a> hangs on receipt of a SIGHUP with a modified syslog.conf file.
1.1 deraadt 1310: <li>Remove a few comparisons of an int to NULL.
1.41 sthen 1311: <li>Do <a href="http://man.openbsd.org/?query=initgroups&sektion=3">initgroups(3)</a> before chrooting <a href="http://man.openbsd.org/?query=httpd&sektion=8">httpd(8)</a> instead of after, since /etc/group may be of use.
1312: <li>Stop the new <a href="http://man.openbsd.org/?query=bpf&sektion=4">bpf(4)</a> write filter blocking everything when no filter is set, and so unbreak DHCP.
1.1 deraadt 1313: <!-- ^ 20031024 -->
1.41 sthen 1314: <li>Only try to remove a dependent package once in <a href="http://man.openbsd.org/?query=pkg_delete&sektion=1">pkg_delete(1)</a>.
1315: <li>In <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a>, stir in the full inner hash instead of just sizeof(pointer) bytes of it.
1.1 deraadt 1316: <li>Finally, stop the long long pause for i386 laptop users with disconnected floppy drives.
1.41 sthen 1317: <li>Make <a href="http://man.openbsd.org/?query=pkg_info&sektion=1">pkg_info(1)</a> do the right thing with multiple packages sharing a common stem, e.g. multiple responses for 'pkg_info autoconf'.
1318: <li>Allow <a href="http://man.openbsd.org/?query=pkg_delete&sektion=1">pkg_delete(1)</a> to work with package name stems. Oh yes.
1.1 deraadt 1319: <!-- ^ 20031023 -->
1.41 sthen 1320: <li>Another missing <a href="http://man.openbsd.org/?query=strdup&sektion=3">strdup(3)</a> error check, this time in <a href="http://man.openbsd.org/?query=tn3270&sektion=1">tn3270(1)</a>.
1321: <li>Reduce the amount of logging <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a> does by default. The new -v option does verbose logging.
1322: <li>Have privilege-separated <a href="http://man.openbsd.org/?query=syslogd&sektion=8">syslogd(8)</a> call setgroups when changing dropping privileges, in line with the same change in newly-separated <a href="http://man.openbsd.org/?query=pflogd&sektion=8">pflogd(8)</a>.
1.1 deraadt 1323: <li>Fix a panic when traversing a corrupt msdos filesystem. From NetBSD.<br>
1324: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1325: <li>Implement privilege separation in <a href="http://man.openbsd.org/?query=pflogd&sektion=8">pflogd(8)</a>. Requires creation of _pflogd user and group.
1326: <li>Add locking and write-filtering to <a href="http://man.openbsd.org/?query=bpf&sektion=4">bpf(4)</a>, so programs running as non-root can hold bpf descriptors without being able to write whatever they like at the link layer or issue dangerous <a href="http://man.openbsd.org/?query=ioctl&sektion=2">ioctl(2)</a>s.
1327: <li>Fix <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>'s J operator with the new extended comparisons.
1328: <li>Switch <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> from keyed sha1 to hmac-sha1.
1329: <li>Implement extended comparison operators in <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>, to allow for an if ... else construct in <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a>.
1330: <li>Make un-getting a character from a string work the same as from a file in <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>.
1331: <li>Fix a <a href="http://man.openbsd.org/?query=kqueue&sektion=2">kqueue(2)</a> file descriptor leak under libpthread.
1332: <li>In libpthread, don't bother resetting O_NONBLOCK on descriptors that are not flagged to survive the imminent <a href="http://man.openbsd.org/?query=execve&sektion=2">execve(2)</a>.
1.1 deraadt 1333: <!-- ^ 20031022 -->
1.41 sthen 1334: <li>Add missing <a href="http://man.openbsd.org/?query=strdup&sektion=3">strdup(3)</a> error check in <a href="http://man.openbsd.org/?query=tic&sektion=1">tic(1)</a>.
1335: <li>In <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a>, make undo work per-window instead of per-buffer.
1.1 deraadt 1336: <li>Fix late definition of enum XML_Status in <expat.h>. From expat CVS.
1337: <li>A huge number of comment spelling fixes all over the tree.
1.41 sthen 1338: <li>Make <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> choke on too-short GSSAPI OIDs.
1.1 deraadt 1339: <!-- ^ 20031021 -->
1340: <li>Switch over to the new package tools.
1.41 sthen 1341: <li>In <a href="http://man.openbsd.org/?query=netstart&sektion=8">netstart(8)</a>, don't try to initialise <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> interfaces until after physical interfaces are configured.
1342: <li>Fix an endianness bug in <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> sha1 code.
1343: <li><a href="http://man.openbsd.org/?query=realloc&sektion=3">realloc(3)</a> cleanup in <a href="http://man.openbsd.org/?query=ppp&sektion=8">ppp(8)</a>.
1344: <li>Stop all <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a> hosts advertising master status when preempt is disabled.
1345: <li>When doing <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a>, only give an error in <a href="http://man.openbsd.org/?query=ifconfig&sektion=8">ifconfig(8)</a> when the user tries to set both of advbase and advskew to zero.
1.1 deraadt 1346: <!-- ^ 20031020 -->
1.41 sthen 1347: <li>Correct a missing <a href="http://man.openbsd.org/?query=strdup&sektion=3">strdup(3)</a> return value check in <a href="http://man.openbsd.org/?query=nc&sektion=1">nc(1)</a>.
1348: <li>Fix numfds==0 case in pthreads-optimised <a href="http://man.openbsd.org/?query=select&sektion=2">select(2)</a>.
1349: <li>Add functions to find package name 'stems' (package names without the version number) and use them in the soon-to-be-enabled new <a href="http://man.openbsd.org/?query=pkg_info&sektion=1">pkg_info(1)</a>.
1350: <li>Add direct support in <a href="http://man.openbsd.org/?query=named&sektion=8">named(8)</a> for SSHFP resource records.
1.1 deraadt 1351: <!-- ^ 20031019 -->
1.41 sthen 1352: <li>Fix <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a>'s assignment operators (+=, -= etc.)
1353: <li>Add J(jump) and M(mark) operators in <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>, and use them to implement the continue statement in <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a>.
1354: <li>Fix out-of-bounds reads in <a href="http://man.openbsd.org/?query=make&sektion=1">make(1)</a>, libfreetype and <a href="http://man.openbsd.org/?query=xterm&sektion=1">xterm(1)</a>.
1.1 deraadt 1355: <!-- ^ 20031018 -->
1.41 sthen 1356: <li>Make the recent <a href="http://man.openbsd.org/?query=vnd&sektion=4">vnd(4)</a> numbering change work the way it should.
1357: <li>Enter <a href="http://man.openbsd.org/?query=carp&sektion=4">carp(4)</a>, OpenBSD's Common Address Redundancy Protocol for IP high availability and load balancing.
1358: <li>Unbreak <a href="http://man.openbsd.org/?query=httpd&sektion=8">httpd(8)</a> SHA1 code on 64-bit architectures.
1.1 deraadt 1359: <li>Make sure the inode generation number (obtained using arc4random()) is positive.
1.41 sthen 1360: <li><a href="http://man.openbsd.org/?query=pciide&sektion=4">pciide(4)</a> DMA reliability fixes. From NetBSD.
1.1 deraadt 1361: <!-- ^ 20031017 -->
1.41 sthen 1362: <li><a href="http://man.openbsd.org/?query=strlcpy&sektion=3">strlcpy(3)</a> -> <a href="http://man.openbsd.org/?query=memcpy&sektion=3">memcpy(3)</a> for non-string buffers in <a href="http://man.openbsd.org/?query=vi&sektion=1">vi(1)</a>, along with some extra paranoia.
1363: <li>Check for signals earlier in <a href="http://man.openbsd.org/?query=mountd&sektion=8">mountd(8)</a>, so they can be handled before we <a href="http://man.openbsd.org/?query=select&sektion=2">select(2)</a> until a mount request comes in.
1.1 deraadt 1364: <li>Import new package management tools under src/usr.sbin/pkg_add. Not built by default yet.
1365: <li>New 'G' malloc.conf option to add a guard page after pagesize-or-larger chunks, and to return less-than-pagesize chunks in random order.
1.41 sthen 1366: <li>Better SATA support in <a href="http://man.openbsd.org/?query=wdc&sektion=4">wdc(4)</a>.
1367: <li>Fix <a href="http://man.openbsd.org/?query=faithd&sektion=8">faithd(8)</a> args to <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a>.
1.1 deraadt 1368: <!-- ^ 20031016 -->
1369: <li>Fix an out-of-bounds read in libcurses.
1.41 sthen 1370: <li>Have <a href="http://man.openbsd.org/?query=tip&sektion=1">tip(1)</a> return the terminal to a sensible state on fatal errors.
1371: <li>Change <a href="http://man.openbsd.org/?query=malloc&sektion=3">malloc(3)</a> so that it aborts the process on any error other than running out of memory. This is different to the 'A' malloc.conf switch that aborts on any error.
1.1 deraadt 1372: <!-- ^ 20031015 -->
1.41 sthen 1373: <li>More randomness for temporary directories created by <a href="http://man.openbsd.org/?query=ssh-agent&sektion=1">ssh-agent(1)</a> and <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a>.
1374: <li>Switch on the <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> DNS fingerprint (sshfp) lookup code, previously not build by default. Still needs switched on in the config file.
1.1 deraadt 1375: <li>Make e.g. 'MAKEDEV tty08 - tty7f' work.
1376: <li>Only endian-flip the fragment offset once on IPv6 input.
1377: <!-- ^ 20031014 -->
1.41 sthen 1378: <li>Do a hardware receive checksum in <a href="http://man.openbsd.org/?query=sk&sektion=4">sk(4)</a> too, working around the fact that sometimes the hardware gets it wrong.
1379: <li>On <a href="http://man.openbsd.org/?query=em&sektion=4">em(4)</a> devices that support it, offload receive checksum calculation to the hardware. From FreeBSD.
1.1 deraadt 1380: <li>Update timezone files again, this time to tzcode2003d.
1.41 sthen 1381: <li>Bring <a href="http://man.openbsd.org/?query=bge&sektion=4">bge(4)</a> and <a href="http://man.openbsd.org/?query=brgphy&sektion=4">brgphy(4)</a> more in line with updates in FreeBSD and NetBSD, both bug fixes and additional device support.
1382: <li>Remember the filename given when using ^X^W in <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a>.
1383: <li>Make <a href="http://man.openbsd.org/?query=shmat&sektion=2">shmat(2)</a> under Linux compat work as expected.
1384: <li>Fix a buffer overflow in <a href="http://man.openbsd.org/?query=timedc&sektion=8">timedc(8)</a>. Found by FreeBSD, fixed differently here.
1.1 deraadt 1385: <!-- ^ 20031012 -->
1.41 sthen 1386: <li>Add division and modulus operator '~' to <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>.
1.1 deraadt 1387: <li>Remove GNU bc and dc from the tree.
1388: <li>Merge in expat 1.95.6 from XFree86 4.3.99.14.
1.41 sthen 1389: <li>Search for keys in the <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> agent in reverse order to solve duplicate key problems (OpenSSH bugzilla #684).
1390: <li><a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> option ForwardX11 now has <a href="http://man.openbsd.org/?query=xauth&sektion=1">xauth(1)</a> generate untrusted keys by default. Option ForwardX11Trusted restores the old behaviour.
1391: <li>Change <a href="http://man.openbsd.org/?query=vnd&sektion=4">vnd(4)</a> major/minor numbering to allow more devices. Requires a MAKEDEV.
1.1 deraadt 1392: <!-- ^ 20031011 -->
1.41 sthen 1393: <li>Do nfs-specific 'test -x' stuff in the right order in <a href="http://man.openbsd.org/?query=ksh&sektion=1">ksh(1)</a> (PR#3465).
1394: <li>More work on <a href="http://man.openbsd.org/?query=vr&sektion=4">vr(4)</a>.
1395: <li>Have the linker generate a warning when using 43compat's <a href="http://man.openbsd.org/?query=getwd&sektion=3">getwd(3)</a>.
1396: <li>Better calibration code for <a href="http://man.openbsd.org/?query=auich&sektion=4">auich(4)</a>. From FreeBSD/NetBSD.
1.1 deraadt 1397: <!-- ^ 20031010 -->
1398: <!-- ^ 20031009 -->
1.41 sthen 1399: <li>Re-enable the random increment on the return value of uvm_map_hint() (called by <a href="http://man.openbsd.org/?query=uvm_map&sektion=9">uvm_map(9)</a>).
1400: <li>Install a sample config file for <a href="http://man.openbsd.org/?query=sensorsd&sektion=8">sensorsd(8)</a>.
1401: <li>Prevent symlink races in <a href="http://man.openbsd.org/?query=systrace&sektion=1">systrace(1)</a>.
1402: <li>Have GSSAPI default to off in the <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> client as well as the server.
1403: <li>Unbreak <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> on 64-bit architectures.
1404: <li>Hack <a href="http://man.openbsd.org/?query=httpd&sektion=8">httpd(8)</a> so digest authentication works with IE, Safari, etc. From FreeBSD.
1405: <li>Fix potential signedness bug in <a href="http://man.openbsd.org/?query=fgets&sektion=3">fgets(3)</a> (PR#1709).
1.1 deraadt 1406: <!-- ^ 20031008 -->
1407: <li>Correct __bounded__ attributes for {MD4,MD5,RMD160,SHA1}DATA functions (PR#3505).
1.41 sthen 1408: <li>Allow <a href="http://man.openbsd.org/?query=newfs&sektion=8">newfs(8)</a> to build small filesystems again by making sure ncyls >= 2.<br>
1.1 deraadt 1409: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1410: <li>Plug a memory leak in <a href="http://man.openbsd.org/?query=netstat&sektion=1">netstat(1)</a>.
1411: <li>Add nfs attribute cache tuning parameters to <a href="http://man.openbsd.org/?query=mount_nfs&sektion=8">mount_nfs(8)</a> (Inspired by PR#2567).
1412: <li>Kill a null deref in <a href="http://man.openbsd.org/?query=make&sektion=1">make(1)</a>.
1413: <li>Allow a semicolon to terminate label strings in <a href="http://man.openbsd.org/?query=sed&sektion=1">sed(1)</a>, so one-liners with labels can work.
1414: <li>A few string and memory fixes in <a href="http://man.openbsd.org/?query=rup&sektion=1">rup(1)</a>.
1415: <li>Stability fixes for <a href="http://man.openbsd.org/?query=vr&sektion=4">vr(4)</a>. From FreeBSD.
1416: <li>Add arc4 support to the kernel, and have <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> use it instead of rolling its own.
1417: <li>Unbreak <a href="http://man.openbsd.org/?query=sftp&sektion=1">sftp(1)</a>'s handling of quotes in pathnames.
1.1 deraadt 1418: <li>More propolice fixes and improvements.
1419: <!-- ^ 20031007 -->
1.41 sthen 1420: <li>Remove <a href="http://man.openbsd.org/?query=httpd&sektion=8">httpd(8)</a> addon-breaking <a href="http://man.openbsd.org/?query=newsyslog.conf&sektion=5">newsyslog.conf(5)</a> sample lines.
1421: <li>Install <a href="http://man.openbsd.org/?query=sensorsd&sektion=8">sensorsd(8)</a> by default.
1422: <li>Really really give xfs a <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a> backend.
1.48 tb 1423: <li>Fix a badly broken <a href="http://man.openbsd.org/?query=gcc&sektion=1">gcc(1)</a> optimization when calculating structure offsets under certain conditions. See the <a href="https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu/egcs/gcc/combine.c#rev1.5">commit log</a> for details.
1.41 sthen 1424: <li>Unbreak <a href="http://man.openbsd.org/?query=lge&sektion=4">lge(4)</a> compile.
1.1 deraadt 1425: <li>Update timezone info files to tzcode2003c.
1426: <!-- ^ 20031006 -->
1.41 sthen 1427: <li>Stop <a href="http://man.openbsd.org/?query=em&sektion=4">em(4)</a> stripping 802.1q headers from packets in a <a href="http://man.openbsd.org/?query=bridge&sektion=4">bridge(4)</a>.
1428: <li>Add <a href="http://man.openbsd.org/?query=vlan&sektion=4">vlan(4)</a> support to <a href="http://man.openbsd.org/?query=em&sektion=4">em(4)</a>.
1429: <li>Avoid a division-by-zero panic when benchmarking the <a href="http://man.openbsd.org/?query=pchb&sektion=4">pchb(4)</a> RNG device.
1430: <li>A couple of read-from-device fixes to <a href="http://man.openbsd.org/?query=an&sektion=4">an(4)</a>. From FreeBSD.
1.1 deraadt 1431: <!-- ^ 20031005 -->
1.41 sthen 1432: <li>Remove non-free licensed <a href="http://man.openbsd.org/?query=xlock&sektion=1">xlock(1)</a> bitmaps.
1.1 deraadt 1433: <li>Properly free resources when ffs_mountroot() fails.
1.41 sthen 1434: <li>Stop <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> crashing when the value for LIFE_DURATION is missing.
1435: <li>Back out the new environment variable load in <a href="http://man.openbsd.org/?query=ld.so&sektion=1">ld.so(1)</a> due to sparc breakage.
1.1 deraadt 1436: <li>Unbreak the new xfs poll backend.
1437: <li>Fix a long-standing memory leak in kernel libz (PR#2886). From NetBSD.
1.41 sthen 1438: <li>Print a more useful error message when a bad port number is given to <a href="http://man.openbsd.org/?query=whois&sektion=1">whois(1)</a>.
1439: <li>Fix broken time parsing in <a href="http://man.openbsd.org/?query=kadmin&sektion=8">kadmin(8)</a> (PR#3292).
1.1 deraadt 1440: <!-- ^ 20031004 -->
1.41 sthen 1441: <li>Initialise environment variables in <a href="http://man.openbsd.org/?query=ld.so&sektion=1">ld.so(1)</a> before calling constructors and <a href="http://man.openbsd.org/?query=atexit&sektion=3">atexit(3)</a> functions
1442: <li>Have <a href="http://man.openbsd.org/?query=inetd&sektion=8">inetd(8)</a> exit if no config file is found.
1443: <li>In <a href="http://man.openbsd.org/?query=sendmail&sektion=8">sendmail(8)</a> submit.mc/cf, bind the msp to 127.0.0.1 instead of localhost just in case localhost doesn't resolve correctly.
1444: <li>Teach <a href="http://man.openbsd.org/?query=netstat&sektion=1">netstat(1)</a> how to deal with KAME embedded scope IDs for -f encap route dumps.
1445: <li>Use <a href="http://man.openbsd.org/?query=arc4random&sektion=3">arc4random(3)</a> to generate cookies in the XSecurity extension.
1446: <li>Fix a few off-by-ones in <a href="http://man.openbsd.org/?query=gethostbyname&sektion=3">gethostbyname(3)</a> and friends.
1447: <li>Allow multiple RCPTs in <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a>, and stop looping on invalid commands.
1448: <li>Bring in a number of <a href="http://man.openbsd.org/?query=pipe&sektion=2">pipe(2)</a> stability fixes from FreeBSD.
1.1 deraadt 1449: <!-- ^ 20031003 -->
1.41 sthen 1450: <li>Fix <a href="http://man.openbsd.org/?query=httpd&sektion=8">httpd(8)</a>'s handling of SSLCertificateChainFile under the chroot.
1451: <li><a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a> usage output now dumps the OpenSSL version too.
1452: <li>Don't try to send incomplete IPv4 fragments in the ENOBUFS case. Note that this is a behaviour change from 4.4BSD and applies to output from <a href="http://man.openbsd.org/?query=bridge&sektion=4">bridge(4)</a> and <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> as well as vanilla IP output.
1.1 deraadt 1453: <li>A couple of endianness fixes when setting the IPv4 output fragment offset.
1.41 sthen 1454: <li>A couple of minor <a href="http://man.openbsd.org/?query=malloc&sektion=3">malloc(3)</a> fixes related to recursive calls and debugging.
1.1 deraadt 1455: <!-- ^ 20031002 -->
1456: <li>Clean up IPv6 flowlabel handling.
1.41 sthen 1457: <li>New IPv6 ID and flowlabel generation code using <a href="http://man.openbsd.org/?query=arc4random&sektion=9">arc4random(9)</a>.
1458: <li>Remove a bad <a href="http://man.openbsd.org/?query=m_cat&sektion=9">m_cat(9)</a> call when fragmenting outbound IPv6 packets.
1459: <li>Add a missing initialisation in <a href="http://man.openbsd.org/?query=pflog&sektion=4">pflog(4)</a> that allowed kernel stack garbage to leak into .pcap files.
1460: <li>Have the libc stack protector code use the kernel __sysctl() call directly instead of using the libc <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> interface.
1461: <li>Stop reading ~/.signature to pre-fill the Organisation: field in <a href="http://man.openbsd.org/?query=sendbug&sektion=1">sendbug(1)</a> (PR#3499).
1462: <li>Fixes to <a href="http://man.openbsd.org/?query=event&sektion=3">event(3)</a> poll code.
1463: <li>Have <a href="http://man.openbsd.org/?query=ftpd&sektion=8">ftpd(8)</a> listen on both IPv4 and IPv6 ports by default.
1464: <li>Fix an out-of-bounds memory access in kernel <a href="http://man.openbsd.org/?query=compat_ibcs2&sektion=8">compat_ibcs2(8)</a> code.
1465: <li>Add missing check for <a href="http://man.openbsd.org/?query=strdup&sektion=3">strdup(3)</a> error in <a href="http://man.openbsd.org/?query=talk&sektion=1">talk(1)</a>.
1466: <li>Correct a couple of off-by-ones in <a href="http://man.openbsd.org/?query=banner&sektion=1">banner(1)</a> and <a href="http://man.openbsd.org/?query=ssl&sektion=3">ssl(3)</a> (src/ssl/ssl_ciph.c).
1.1 deraadt 1467: <li>Fix the code that grows ifindex2ifnet in sys/net/if.c.
1.41 sthen 1468: <li>Add a stack of missing switch break statements needed after the _dl_errno changes to <a href="http://man.openbsd.org/?query=ld.so&sektion=1">ld.so(1)</a>.
1.1 deraadt 1469: <!-- ^ 20031001 -->
1.41 sthen 1470: <li>Teach <a href="http://man.openbsd.org/?query=size&sektion=1">size(1)</a> how to read ELF objects.
1471: <li>POSIX and interoperability fixes for <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a> and <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>,
1472: <li><font color="#e00000"><strong>SECURITY FIX: The use of certain ASN.1 encodings or malformed public keys may allow an attacker to mount a denial of service attack against applications linked with <a href="http://man.openbsd.org/?query=ssl&sektion=3">ssl(3)</a>.</strong></font> This does not affect OpenSSH.<br>
1.1 deraadt 1473: <a href="errata34.html#asn1">A source code patch is available</a>.<br>
1474: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1475: <!-- ^ 20030930 -->
1.41 sthen 1476: <li>Properly free resources on <a href="http://man.openbsd.org/?query=fxp&sektion=4">fxp(4)</a> attach failures.
1477: <li>Some reliability fixes in <a href="http://man.openbsd.org/?query=ahc&sektion=4">ahc(4)</a> and <a href="http://man.openbsd.org/?query=siop&sektion=4">siop(4)</a>.
1478: <li>Allow <a href="http://man.openbsd.org/?query=sensorsd&sektion=8">sensorsd(8)</a> to <a href="http://man.openbsd.org/?query=daemon&sektion=3">daemon(3)</a>ize itself.
1479: <li>Fix an unchecked <a href="http://man.openbsd.org/?query=strdup&sektion=3">strdup(3)</a> in <a href="http://man.openbsd.org/?query=getnetgrent&sektion=3">getnetgrent(3)</a>.
1.1 deraadt 1480: <!-- ^ 20030929 -->
1481: <li>Fix several kernel networking off-by-ones w.r.t. PRC_NCMDS.
1.41 sthen 1482: <li>Better error checking for new <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a> and <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>.
1483: <li>Make new <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a> compile on sparc64.
1484: <li>PCI support for hppa through <a href="http://man.openbsd.org/?query=dino&sektion=4&arch=hppa">dino(4)</a> bridge driver.
1.1 deraadt 1485: <!-- ^ 20030928 -->
1486: <!-- ^ 20030927 -->
1.41 sthen 1487: <li>Further <a href="http://man.openbsd.org/?query=realloc&sektion=3">realloc(3)</a> cleanup.
1488: <li>Re-engineer the <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> ioctl interface to allow near-100% atomicity for 'pfctl -f /etc/pf.conf' commands.<br>
1.3 deraadt 1489: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1490: <li>Fix bogus getutmp() error check in <a href="http://man.openbsd.org/?query=battlestar&sektion=6">battlestar(6)</a>.
1.1 deraadt 1491: <li>Change the xfs backend from select to poll.
1.41 sthen 1492: <li>Introduce 64-bit <a href="http://man.openbsd.org/?query=byteorder&sektion=3">byteorder(3)</a> macros.
1493: <li>strdup -> strlcpy in <a href="http://man.openbsd.org/?query=apmd&sektion=8&arch=i386">apmd(8)</a>, and make sure the socket gets unlinked at exit.
1494: <li>Better <a href="http://man.openbsd.org/?query=malloc&sektion=3">malloc(3)</a>, <a href="http://man.openbsd.org/?query=realloc&sektion=3">realloc(3)</a> and <a href="http://man.openbsd.org/?query=strdup&sektion=3">strdup(3)</a> error checks in <a href="http://man.openbsd.org/?query=config&sektion=8">config(8)</a>.
1495: <li>Stop <a href="http://man.openbsd.org/?query=pflogd&sektion=8">pflogd(8)</a> shouting 'Reopened logfile' at syslog.
1496: <li>Add a number of missing checks for <a href="http://man.openbsd.org/?query=strdup&sektion=3">strdup(3)</a> failure.
1497: <li>Add an <a href="http://man.openbsd.org/?query=sscanf&sektion=3">sscanf(3)</a> bounds check to the neighbour cache file code in <a href="http://man.openbsd.org/?query=ndp&sektion=8">ndp(8)</a>.
1498: <li>Reorder the <a href="http://man.openbsd.org/?query=pf&sektion=4">pf(4)</a> statistics counter code and fix some miscount bugs.
1499: <li>In <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>, don't listen on INADDR_ANY if the Listen-on option is specified.
1500: <li>Fix an off-by-one and a bad string bounds length in <a href="http://man.openbsd.org/?query=atc&sektion=6">atc(6)</a>.
1501: <li>Don't set <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a>'s listen socket to non-blocking mode.
1502: <li>Build the new BSD <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a> and <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a> in favour of the GNU versions.
1503: <li>Drop <a href="http://man.openbsd.org/?query=authpf&sektion=8">authpf(8)</a>'s 15-character username restriction, it's no longer necessary (PR#3491).
1504: <li>Allocate a buffer large enough to store a full IPX address in <a href="http://man.openbsd.org/?query=ipx_ntoa&sektion=3">ipx_ntoa(3)</a>.
1505: <li>Unbreak <a href="http://man.openbsd.org/?query=netstat&sektion=1">netstat(1)</a> -i display columns for interfaces with no address.
1506: <li>Stop <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a> dying unceremoniously on <a href="http://man.openbsd.org/?query=accept&sektion=2">accept(2)</a> failures.
1507: <li>Make <a href="http://man.openbsd.org/?query=talk&sektion=1">talk(1)</a> retry if <a href="http://man.openbsd.org/?query=accept&sektion=2">accept(2)</a> returns ECONNABORTED (the same as it does for EINTR).
1508: <li><a href="http://man.openbsd.org/?query=realloc&sektion=3">realloc(3)</a> fixes in <a href="http://man.openbsd.org/?query=brconfig&sektion=8">brconfig(8)</a>, <a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a>, <a href="http://man.openbsd.org/?query=lpd&sektion=8">lpd(8)</a>, <a href="http://man.openbsd.org/?query=pppd&sektion=8">pppd(8)</a> and <a href="http://man.openbsd.org/?query=rwhod&sektion=8">rwhod(8)</a>.
1509: <li>Add a 'recipe' datafile to <a href="http://man.openbsd.org/?query=fortune&sektion=6">fortune(6)</a>, starting with some barbecue recipes from the hackathon.
1510: <li>Use <a href="http://man.openbsd.org/?query=arc4random&sektion=3">arc4random(3)</a> instead of <a href="http://man.openbsd.org/?query=srand&sektion=3">srand(3)</a> to generate a more random salt for <a href="http://man.openbsd.org/?query=htpasswd&sektion=1">htpasswd(1)</a>.
1511: <li>Start removing unnecessary null checks before doing <a href="http://man.openbsd.org/?query=free&sektion=3">free(3)</a> on a possibly null pointer.
1.1 deraadt 1512: <!-- ^ 20030926 -->
1.41 sthen 1513: <li>Fix scrambled display when resuming a suspended <a href="http://man.openbsd.org/?query=less&sektion=1">less(1)</a> process.
1514: <li>Use <a href="http://man.openbsd.org/?query=strlcpy&sektion=3">strlcpy(3)</a> instead of <a href="http://man.openbsd.org/?query=bcopy&sektion=3">bcopy(3)</a> to avoid overflowing the nodename and netname in <a href="http://man.openbsd.org/?query=an&sektion=4">an(4)</a>.
1515: <li>Fix a couple of off-by-ones in <a href="http://man.openbsd.org/?query=adventure&sektion=6">adventure(6)</a>.
1516: <li>Fix an out-of-bounds write in the <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> privsep monitor code.
1517: <li>Make <a href="http://man.openbsd.org/?query=dlerror&sektion=3">dlerror(3)</a> clear _dl_errno as expected (PR#3441).
1.1 deraadt 1518: <li>Correct a couple of off-by-ones in libc.
1519: <li>Fix overflows in the X font server overflow fix. Sigh.
1.41 sthen 1520: <li>Add a missing free in <a href="http://man.openbsd.org/?query=cvs&sektion=1">cvs(1)</a>.
1521: <li>New, BSD-licensed version of <a href="http://man.openbsd.org/?query=bc&sektion=1">bc(1)</a>.
1522: <li>Fix an off-by-one in <a href="http://man.openbsd.org/?query=csh&sektion=1">csh(1)</a> (PR#3163).
1523: <li>More <a href="http://man.openbsd.org/?query=realloc&sektion=3">realloc(3)</a> fixes.
1524: <li>Fix a bad bounds check that could crash <a href="http://man.openbsd.org/?query=sort&sektion=1">sort(1)</a>.
1.1 deraadt 1525: <!-- ^ 20030925 -->
1.41 sthen 1526: <li>More paranoid privsep parent/child communication in <a href="http://man.openbsd.org/?query=syslogd&sektion=8">syslogd(8)</a>.
1.1 deraadt 1527: <li><font color="#e00000"><strong>SECURITY FIX: It is possible for a local user to cause a system panic by flooding it with spoofed ARP requests.</strong></font><br>
1528: <a href="errata34.html#arp">A source code patch is available</a>.<br>
1529: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1530: <li>A number of <a href="http://man.openbsd.org/?query=realloc&sektion=3">realloc(3)</a> fixes (removing instances of the bad idiom described in the manpage) in several programs.
1531: <li>New program <a href="http://man.openbsd.org/?query=sensorsd&sektion=8">sensorsd(8)</a> to monitor hardware sensors as exposed by the hw.sensors sysctl. Not installed yet.
1532: <li>Unbreak <a href="http://man.openbsd.org/?query=tftp&sektion=1">tftp(1)</a> put command.
1533: <li>Remove and re-add SHA2 support in <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>, minus OpenSSL EVP-related fd leaks.
1534: <li>Fix some realloc bugs in <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> tables code.
1.1 deraadt 1535: <li>Initial HIFN 7955/7956 crypto accelerator support.
1.41 sthen 1536: <li>Increase <a href="http://man.openbsd.org/?query=spamd&sektion=8">spamd(8)</a> maximum connections from 200 to 800.
1.1 deraadt 1537: <!-- ^ 20030924 -->
1.41 sthen 1538: <li>Install a more complete set of <a href="http://man.openbsd.org/?query=sendmail&sektion=8">sendmail(8)</a> empty config files under /etc/mail.
1.1 deraadt 1539: <li>Throttle 'proc: table is full' messages to once every ten seconds. From NetBSD.
1.41 sthen 1540: <li>Further improvements to <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>'s fatal exit handling.
1541: <li>Use the much simpler <a href="http://man.openbsd.org/?query=getifaddrs&sektion=3">getifaddrs(3)</a> instead of <a href="http://man.openbsd.org/?query=sysctl&sektion=3">sysctl(3)</a> in <a href="http://man.openbsd.org/?query=rtadvd&sektion=8">rtadvd(8)</a>.
1542: <li>Use <a href="http://man.openbsd.org/?query=getaddrinfo&sektion=3">getaddrinfo(3)</a> for name-to-address resolution in <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>.
1543: <li>Replace kernel <a href="http://man.openbsd.org/?query=select&sektion=2">select(2)</a> backends with <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a> backends. This allows for more complete poll() functionality. From NetBSD.
1544: <li>In <a href="http://man.openbsd.org/?query=mtrace&sektion=8">mtrace(8)</a> only do mask checks for AF_INET.
1545: <li>Add <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a> support for <a href="http://man.openbsd.org/?query=event&sektion=3">event(3)</a>.
1546: <li>Fix a few suspect <a href="http://man.openbsd.org/?query=strlcpy&sektion=3">strlcpy(3)</a> calls in <a href="http://man.openbsd.org/?query=ifconfig&sektion=8">ifconfig(8)</a>.
1.1 deraadt 1547: <!-- ^ 20030923 -->
1.41 sthen 1548: <li>Allow <a href="http://man.openbsd.org/?query=getopt_long&sektion=3">getopt_long(3)</a> to accept an optional argument separated by whitespace, unlike GNU getopt_long.
1549: <li>Stop <a href="http://man.openbsd.org/?query=tsort&sektion=1">tsort(1)</a> reading past the end of its buffer.
1550: <li>Plug a realloc memory leak in <a href="http://man.openbsd.org/?query=mg&sektion=1">mg(1)</a>.
1551: <li>Off-by-one fixes in <a href="http://man.openbsd.org/?query=nc&sektion=1">nc(1)</a>, <a href="http://man.openbsd.org/?query=pmdb&sektion=1">pmdb(1)</a>, <a href="http://man.openbsd.org/?query=ppp&sektion=8">ppp(8)</a>, libssl, libpthread and a few in the kernel.
1552: <li>Sync up <a href="http://man.openbsd.org/?query=named&sektion=8">named(8)</a> with BIND 9.2.2-P3, with support for new zone type 'delegation-only'.
1553: <li>In the new <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a>, make all registers contain zero initially for compatibility.
1.1 deraadt 1554: <li>Fix, clean up and simplify the installer's handling of yes/no responses from the user.
1.41 sthen 1555: <li>Use <a href="http://man.openbsd.org/?query=poll&sektion=2">poll(2)</a> instead of <a href="http://man.openbsd.org/?query=select&sektion=2">select(2)</a> in <a href="http://man.openbsd.org/?query=skey_authenticate&sektion=3">skey_authenticate(3)</a>.
1556: <li>Plug a memory leak in <a href="http://man.openbsd.org/?query=rtadvd&sektion=8">rtadvd(8)</a>.
1.1 deraadt 1557: <li>Stop extraneous 'no disk label' warnings in the installer.
1558: <!-- ^ 20030921 -->
1.41 sthen 1559: <li>Implement hardwareflow (hf) option for <a href="http://man.openbsd.org/?query=tip&sektion=1">tip(1)</a>. Off by default.
1560: <li>Fix an out-of-order free() in <a href="http://man.openbsd.org/?query=rpc&sektion=3">rpc(3)</a>.
1561: <li>Don't leak memory if memory allocation fails in libc <a href="http://man.openbsd.org/?query=rpc&sektion=3">rpc(3)</a> code.
1.1 deraadt 1562: <!-- ^ 20030920 -->
1.41 sthen 1563: <li>Change the <a href="http://man.openbsd.org/?query=ld&sektion=1">ld(1)</a> script to make contructors and destructors in dynamic binaries non-writable.
1564: <li>Completely new BSD-licensed version of <a href="http://man.openbsd.org/?query=dc&sektion=1">dc(1)</a> using the OpenSSL <a href="http://man.openbsd.org/?query=bn&sektion=3">bn(3)</a> routines.
1565: <li>Have <a href="http://man.openbsd.org/?query=scp&sektion=1">scp(1)</a> check for an error code in remote->remote mode.
1566: <li>When chrooting <a href="http://man.openbsd.org/?query=httpd&sektion=8">httpd(8)</a>, use <a href="http://man.openbsd.org/?query=initgroups&sektion=3">initgroups(3)</a> so that supplementary group IDs are initialised as well.
1567: <li>Temporarily disable soft interrupts support in <a href="http://man.openbsd.org/?query=usb&sektion=4">usb(4)</a> for stability reasons.<br>
1.1 deraadt 1568: <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a>
1.41 sthen 1569: <li>Several abnormal exit handler fixes to <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>.
1.1 deraadt 1570: <li>Better disk device probe on i386.
1.41 sthen 1571: <li>Correct the signal number validity check in <a href="http://man.openbsd.org/?query=csh&sektion=1">csh(1)</a>'s kill command.
1.1 deraadt 1572: <!-- ^ 20030919 -->
1.41 sthen 1573: <li>Make <a href="http://man.openbsd.org/?query=grep&sektion=1">grep(1)</a>'s binary file test work for gzipped files the same as for other files, testing against <a href="http://man.openbsd.org/?query=isspace&sektion=3">isspace(3)</a> as well as <a href="http://man.openbsd.org/?query=isprint&sektion=3">isprint(3)</a>.
1574: <li>Make sure <a href="http://man.openbsd.org/?query=whois&sektion=1">whois(1)</a> can't zap straight past the beginning of the buffer when removing spaces from line endings.
1575: <li>Stop <a href="http://man.openbsd.org/?query=pfctl&sektion=8">pfctl(8)</a> checking for a netmask if the address type being examined is a table.
1576: <li>Fix a subtle use-after-free in <a href="http://man.openbsd.org/?query=modload&sektion=8">modload(8)</a>.
1577: <li>Some int -> u_int paranoia in <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a>.
1578: <li>More <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> buffer management fixes (CAN-2003-0682).
1.1 deraadt 1579: <li>Further EDD detection improvements on i386.
1.41 sthen 1580: <li>Properly flush the <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> RSA1 public key from memory when its output file cannot be opened (OpenSSH bugzilla #662).
1581: <li>Correct a double-free in the <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> buffer management code (OpenSSH PR#660).
1582: <li>Fix the <a href="http://man.openbsd.org/?query=ssh&sektion=1">ssh(1)</a> ConnectTimeout option (OpenSSH PR#656).
1.1 deraadt 1583: <li>On i386, try harder to boot from removable media by allowing for their removal and insertion.
1584: <!-- ^ 20030918 -->
1.41 sthen 1585: <li>Updated and better-commented openbsd-proto.mc for <a href="http://man.openbsd.org/?query=sendmail&sektion=8">sendmail(8)</a>.
1586: <li>Upgrade <a href="http://man.openbsd.org/?query=sendmail&sektion=8">sendmail(8)</a> to version 8.12.10. The address parsing security fix went into 3.4 and -stable, but not the full version update.
1.1 deraadt 1587: <!-- ^ 20030917 -->
1588: <!-- ^ 20030916 -->
1589: <li>3.4 -> 3.4-current.
1590: <!-- ^ 20030915 -->
1591: </ul>
1592: <p>
1593:
1594: This list mentions mostly platform-independent changes. For a list of changes
1595: made in a particular platform, please check the page for that platform. If you
1596: find them not listed there, the changes are either (1) not being documented or
1597: (2) are documented here.<br><br>
1598:
1599: </body>
1600: </html>