version 1.6, 2015/09/01 22:29:36 |
version 1.7, 2015/09/02 20:30:03 |
|
|
<p> |
<p> |
|
|
<ul> |
<ul> |
|
<!-- 2015-08-06 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/sshd_config.5">sshd_config(5)</a>, add prohibit-password as a synonymn for without-password. Harden the option by allowing pubkey, hostbased, and GSSAPI authentication only. |
|
<li>In the installer, change the ssh root login question to use the "pubkeys-only" answer instead of "without-password". |
|
<!-- 2015-08-05 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/em.4">em(4)</a>, fix i217 PHY initialization. This fixes a problem where the receipt of packets would stop until the laptop battery is removed. |
|
<!-- 2015-08-04 --> |
|
<li>Skip C2 and C3 states from the FADT if the cpu doesn't have ARAT. |
|
<li>Do not save and restore a read-only capability register in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/acpihpet.4">acpihpet(4)</a>. |
|
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/clct.4">clct(4)</a> which was stuttering to the point of being useless. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/identd.8">identd(8)</a>, don't die on socket operation errors. |
|
<!-- 2015-08-03 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/acpicpu.4">acpicpu(4)</a>, provide the fallback C1-via-halt even when _CST can't be evaluated. This fixes systems that only provide _CST for a subset of the CPUs. |
|
<li>Fix incorrect register offsets in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/acpihpet.4">acpihpet(4)</a>. |
|
<li>In binutils 2.17, work around a NULL dereference when a plt entry is not found. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/netstat.1">netstat(1)</a>, show TCP states that were hidden after netstat's conversion from kvm to sysctl. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/rarpd.8">rarpd(8)</a>, fix a a regression introduced with the support of multiple connected routes. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/pf.4">pf(4)</a>, avoid a panic triggered for a reply-to rule. |
|
<li>On mips64, avoid a potential deadlock by enabling IPIs before calling refreshcreds() in trap(). |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/httpd.8">httpd(8)</a>, fix a problem caused by r1.70 of server.c by re-enabling the buffer event only if it was disabled previously. |
|
<li>Enable the xdm installer question on macppc. |
|
<!-- 2015-08-02 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/radiusd.8">radiusd(8)</a>: |
|
<ul> |
|
<li>Allow to start without -d. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/syslog.3">syslog(3)</a> instead of stderr. |
|
<li>Fix radiusd_module to stop when the daemon stops. |
|
<li>Fire pending events when the module starts. |
|
<li>Check the received packet length properly. |
|
</ul> |
|
<!-- 2015-08-01 --> |
|
<li>Fix a potential out-of-bounds read in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/fnmatch.3">fnmatch(3)</a>. |
<!-- 2015-07-30 --> |
<!-- 2015-07-30 --> |
<li>On armv7, make use of u-boot 2015.07's unified wandboard config to provide a miniroot to cover all current wandboard variations. |
<li>On armv7, make use of u-boot 2015.07's unified wandboard config to provide a miniroot to cover all current wandboard variations. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: the patch utility could become desyncronized processing ed(1)-style diffs.</font><br>A source code patch exists for <a href="errata56.html#030_patch">5.6</a> and <a href="errata57.html#013_execve">5.7</a>. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: the patch utility could become desyncronized processing ed(1)-style diffs.</font><br>A source code patch exists for <a href="errata56.html#030_patch">5.6</a> and <a href="errata57.html#013_execve">5.7</a>. |
|
|
<li>On amd64, prevent possible interrupt recursion before unwinding the stack. |
<li>On amd64, prevent possible interrupt recursion before unwinding the stack. |
<li>In ssh, re-enable ed25519-certs if compiled without OpenSSL. |
<li>In ssh, re-enable ed25519-certs if compiled without OpenSSL. |
<!-- 2015-07-08 --> |
<!-- 2015-07-08 --> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fdisk.8">fdisk(8)</a>, dDo not attempt to read a disk sector worth of data from the file containing the MBR template. This allows fdisk(8) to work on 4096-byte disks again. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fdisk.8">fdisk(8)</a>, do not attempt to read a disk sector worth of data from the file containing the MBR template. This allows fdisk(8) to work on 4096-byte disks again. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/file.1">file(1)</a>, properly handle files >= 4 GB on 32-bit architectures. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/file.1">file(1)</a>, properly handle files >= 4 GB on 32-bit architectures. |
<li>Switch "openssl dhparam" default from 512 to 2048 bits. |
<li>Switch "openssl dhparam" default from 512 to 2048 bits. |
<li>Fix a use-after-free in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/et.4">et(4)</a>. |
<li>Fix a use-after-free in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/et.4">et(4)</a>. |
|
|
<li>Let <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/vi.1">vi(1)</a> use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/resizeterm.3">resizeterm(3)</a> instead of reinitializing curses on window resizes, which was leaking massive amounts of memory. |
<li>Let <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/vi.1">vi(1)</a> use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/resizeterm.3">resizeterm(3)</a> instead of reinitializing curses on window resizes, which was leaking massive amounts of memory. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, add a -x flag to copy-selection, append-selection and start-named-buffer to prevent it exiting copy mode after copying. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, add a -x flag to copy-selection, append-selection and start-named-buffer to prevent it exiting copy mode after copying. |
<li>Replace the use of ifqueues for most input queues serviced by netisr with niqueues. |
<li>Replace the use of ifqueues for most input queues serviced by netisr with niqueues. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/ehci.4">ehci(4)</a>, implement full-speed isochronous transfers support with opportunistic micro-frames scheduling. More work is required to properly budget and schedule micro-frames, most of it at the HUB level. But this let people use USB1.1 uaudio(4) devices on ehci(4)-only systems. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/ehci.4">ehci(4)</a>, implement full-speed isochronous transfers support with opportunistic micro-frames scheduling. More work is required to properly budget and schedule micro-frames, most of it at the HUB level. But this lets people use USB1.1 uaudio(4) devices on ehci(4)-only systems. |
<li>Add support for CRC-enabled elantech v3 touchpads to <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/pms.4">pms(4)</a>. |
<li>Add support for CRC-enabled elantech v3 touchpads to <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/pms.4">pms(4)</a>. |
<!-- 2015-04-09 --> |
<!-- 2015-04-09 --> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ssh.1">ssh(1)</a>, don't send hostkey advertisments (hostkeys-00@openssh.com) to current versions of Tera Term as they can't handle them. Newer versions should be OK. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ssh.1">ssh(1)</a>, don't send hostkey advertisments (hostkeys-00@openssh.com) to current versions of Tera Term as they can't handle them. Newer versions should be OK. |