version 1.3, 2015/08/09 00:39:22 |
version 1.4, 2015/08/09 17:53:34 |
|
|
</ul> |
</ul> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/sshd.8">sshd(8)</a>, add getpid to sandbox (bz#2419). |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/sshd.8">sshd(8)</a>, add getpid to sandbox (bz#2419). |
<li>Get jumbo frames working in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/oce.4">oce(4)</a>. |
<li>Get jumbo frames working in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/oce.4">oce(4)</a>. |
<li>Allow to re-plug USB3 devices on the root hub withtout going through a suspend/resume cycle (or rebooting) with Intel ICH7 xHCI. |
<li>Allow to re-plug USB3 devices on the root hub without going through a suspend/resume cycle (or rebooting) with Intel ICH7 xHCI. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ps.1">ps(1)</a>, remove the calculation that includes the process lifetime and just use the p_pctcpu value as %cpu time. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ps.1">ps(1)</a>, remove the calculation that includes the process lifetime and just use the p_pctcpu value as %cpu time. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/cwm.1">cwm(1)</a>, show an empty "ssh to" menu if the known_hosts file is missing. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/cwm.1">cwm(1)</a>, show an empty "ssh to" menu if the known_hosts file is missing. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/syslogd.8">syslogd(8)</a>, add the possiblity to store all syslog messages received from a specific host into a single log file. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/syslogd.8">syslogd(8)</a>, add the possibility to store all syslog messages received from a specific host into a single log file. |
<li>Never cache a RTF_GATEWAY route as next hop for a gateway route. This prevents rtentry loops when rt→rt_gwroute points to rt leading to an infamous "rtentry leak" panic. |
<li>Never cache an RTF_GATEWAY route as next hop for a gateway route. This prevents rtentry loops when rt→rt_gwroute points to rt leading to an infamous "rtentry leak" panic. |
<!-- 2015-06-28 --> |
<!-- 2015-06-28 --> |
<li>Enable <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/armv7/vexpress.4">vexpress(4)</a> on armv7. |
<li>Enable <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/armv7/vexpress.4">vexpress(4)</a> on armv7. |
<li>Implement membar_* for armv7 with the dmb instruction. |
<li>Implement membar_* for armv7 with the dmb instruction. |
|
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/npppd.8">npppd(8)</a>, properly handle zero-length 1701/udp and GRE packets. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/npppd.8">npppd(8)</a>, properly handle zero-length 1701/udp and GRE packets. |
<!-- 2015-06-22 --> |
<!-- 2015-06-22 --> |
<li>In ssh, don't count successful partial authentication as failures in monitor. This may have caused the monitor to refuse multiple authentications that would otherwise have successfully completed. |
<li>In ssh, don't count successful partial authentication as failures in monitor. This may have caused the monitor to refuse multiple authentications that would otherwise have successfully completed. |
<li>On amd64 and i386, make it possible to create write combing mappings through /dev/mem. |
<li>On amd64 and i386, make it possible to create write combining mappings through /dev/mem. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/pf.4">pf(4)</a>, increment rule counters only after successful state insertion. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/pf.4">pf(4)</a>, increment rule counters only after successful state insertion. |
<li>In ssh, don't call setgroups if we have zero groups; there's no guarantee that it won't try to deref the pointer. |
<li>In ssh, don't call setgroups if we have zero groups; there's no guarantee that it won't try to deref the pointer. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/httpd.8">httpd(8)</a>, URL-encode $SERVER_NAME and $REMOTE_USER before using them in the Location header. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/httpd.8">httpd(8)</a>, URL-encode $SERVER_NAME and $REMOTE_USER before using them in the Location header. |
|
|
<li>On vax, make kernel text read-only and unreadable from userland. |
<li>On vax, make kernel text read-only and unreadable from userland. |
<li>Add four new sensors to <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/upd.4">upd(4)</a>. |
<li>Add four new sensors to <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/upd.4">upd(4)</a>. |
<!-- 2015-06-16 --> |
<!-- 2015-06-16 --> |
<li>On mips64, let alloc_contiguous_pages() round the allocation size to a page boundary, not to an u area boundary. |
<li>On mips64, let alloc_contiguous_pages() round the allocation size to a page boundary, not to a u-area boundary. |
<li>On sgi, clear the PIC `write request' memory at initialization time. There is apparently a risk of spurious parity errors if we don't. |
<li>On sgi, clear the PIC `write request' memory at initialization time. There is apparently a risk of spurious parity errors if we don't. |
<li>Store a unique ID, an interface index, rather than a pointer to the receiving interface in the packet header of every mbuf. This will simplify garbage collection of mbufs and limit problems with dangling ifp pointers. |
<li>Store a unique ID, an interface index, rather than a pointer to the receiving interface in the packet header of every mbuf. This will simplify garbage collection of mbufs and limit problems with dangling ifp pointers. |
<!-- 2015-06-15 --> |
<!-- 2015-06-15 --> |
|
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/from.1">from(1)</a>, treat a missing mail spool the same as a zero-length mail spool unless the -f option was specified. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/from.1">from(1)</a>, treat a missing mail spool the same as a zero-length mail spool unless the -f option was specified. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/pf.4">pf(4)</a>, avoid division by 0 and using a 0 upper bound for <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/arc4random_uniform.3">arc4random_uniform(3)</a>. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/pf.4">pf(4)</a>, avoid division by 0 and using a 0 upper bound for <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/arc4random_uniform.3">arc4random_uniform(3)</a>. |
<li>Fix audio interrupts on U4 systems. |
<li>Fix audio interrupts on U4 systems. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/arp.8">arp(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ndp.8">ndp(8)</a>, dont 'assume that the sockaddr_dl will be in the gateway sa. This fixes a regression introduced with the support of multiple connected routes. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/arp.8">arp(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ndp.8">ndp(8)</a>, don't assume that the sockaddr_dl will be in the gateway sa. This fixes a regression introduced with the support of multiple connected routes. |
<!-- 2015-06-02 --> |
<!-- 2015-06-02 --> |
<li>Rework the ppp handling in the tty layer so it has its own private pool to allocate packet memory out of. This fixes a long standing issue in ppp on a tty/serial line where it allocates mbufs at IPL_SOFTTTY, which is above the IPL_NET the mbuf layer protects itself at. |
<li>Rework the ppp handling in the tty layer so it has its own private pool to allocate packet memory out of. This fixes a long standing issue in ppp on a tty/serial line where it allocates mbufs at IPL_SOFTTTY, which is above the IPL_NET the mbuf layer protects itself at. |
<li>Fix a memory leak in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/sensorsd.8">sensorsd(8)</a>. |
<li>Fix a memory leak in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/sensorsd.8">sensorsd(8)</a>. |
|
|
<li>Enable secureplt by default on alpha. |
<li>Enable secureplt by default on alpha. |
<li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/gcc.1">gcc(1) to produce more precise relocation information on alpha. This will be necessary to enable secureplt by default. |
<li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/gcc.1">gcc(1) to produce more precise relocation information on alpha. This will be necessary to enable secureplt by default. |
<li>Switch m88k ports to binutils 2.17. |
<li>Switch m88k ports to binutils 2.17. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/relayd.8">relayd8</a>, fix a memory leak in an error path. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/relayd.8">relayd(8)</a>, fix a memory leak in an error path. |
<!-- 2015-05-31 --> |
<!-- 2015-05-31 --> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/mandoc.1">mandoc(1)</a>, implement the <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man7/roff.7">roff(7)</a> "r" conditional. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/mandoc.1">mandoc(1)</a>, implement the <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man7/roff.7">roff(7)</a> "r" conditional. |
<!-- 2015-05-30 --> |
<!-- 2015-05-30 --> |
|
|
<li>Switch amd64, hppa, mips64, mips64le and powerpc to binutils 2.17. |
<li>Switch amd64, hppa, mips64, mips64le and powerpc to binutils 2.17. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ssh-keygen.1">ssh-keygen(1)</a>, support -lF hostname to find search known_hosts and print key hashes. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ssh-keygen.1">ssh-keygen(1)</a>, support -lF hostname to find search known_hosts and print key hashes. |
<li>Correctly state the link state to INVALID when creating a carp interface. |
<li>Correctly state the link state to INVALID when creating a carp interface. |
<li>Fix an unintialized variable in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/ix.4">ix(4)</a>. |
<li>Fix an uninitialized variable in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/ix.4">ix(4)</a>. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/sshd_config.5">sshd_config(5)</a>: |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/sshd_config.5">sshd_config(5)</a>: |
<ul> |
<ul> |
<li>Support arguments to AuthorizedKeysCommand. |
<li>Support arguments to AuthorizedKeysCommand. |
|
|
<li>Remove <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/hotplug.4">hotplug(4)</a> support from <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ntpd.8">ntpd(8)</a>. |
<li>Remove <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/hotplug.4">hotplug(4)</a> support from <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ntpd.8">ntpd(8)</a>. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/httpd.8">httpd(8)</a>, correctly print the filesize in the Content-Length header for files larger than 2 GB on 32-bit architectures. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/httpd.8">httpd(8)</a>, correctly print the filesize in the Content-Length header for files larger than 2 GB on 32-bit architectures. |
<!-- 2015-05-19 --> |
<!-- 2015-05-19 --> |
<li>FIx installing sets from CD-ROM if more than one CD-ROM drive is present. |
<li>Fix installing sets from CD-ROM if more than one CD-ROM drive is present. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/chroot.8">chroot(8)</a>, when a user is specified via the -u flag, use setusercontext() to setup (most of) the execution environment. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/chroot.8">chroot(8)</a>, when a user is specified via the -u flag, use setusercontext() to setup (most of) the execution environment. |
<li>Add the -c flag to <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/id.1">id(1)</a> to display the user's login class. |
<li>Add the -c flag to <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/id.1">id(1)</a> to display the user's login class. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/icmp.4">icmp(4)</a>, do not leak a rtentry if it is unusable. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/icmp.4">icmp(4)</a>, do not leak a rtentry if it is unusable. |
|
|
<li>Fix two use-after-free cases in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/relayd.8">relayd(8)</a>. |
<li>Fix two use-after-free cases in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/relayd.8">relayd(8)</a>. |
<li>Change <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/spamd.8">spamd(8)</a> to use divert-to instead of rdr-to. |
<li>Change <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/spamd.8">spamd(8)</a> to use divert-to instead of rdr-to. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dhclient.8">dhclient(8)</a>, stop rejecting leases with a subnet that overlaps a subnet already present. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dhclient.8">dhclient(8)</a>, stop rejecting leases with a subnet that overlaps a subnet already present. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ntpd.8">ntpd(8)</a>, scale the error margin with the number of resolved NTP peers. This way, a very small number of outliers in a NTP pool cannot immediately trigger new connections to the contraint servers. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ntpd.8">ntpd(8)</a>, scale the error margin with the number of resolved NTP peers. This way, a very small number of outliers in an NTP pool cannot immediately trigger new connections to the contraint servers. |
<li>Enable <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ntpd.8">ntpd(8)</a> by default at install time. |
<li>Enable <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ntpd.8">ntpd(8)</a> by default at install time. |
<li>Export the rdomain to userland through struct if_data. |
<li>Export the rdomain to userland through struct if_data. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/cu.1">cu(1)</a>, add the -d flag and the dc capability to open devices non-blocking. This is useful for the few drivers that do not support cua* so tty* must be used. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/cu.1">cu(1)</a>, add the -d flag and the dc capability to open devices non-blocking. This is useful for the few drivers that do not support cua* so tty* must be used. |
|
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/nptd.8">ntpd(8)</a>, if the constraint resolves to multiple IP addresses, try each of them one by one. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/nptd.8">ntpd(8)</a>, if the constraint resolves to multiple IP addresses, try each of them one by one. |
<!-- 2015-05-16 --> |
<!-- 2015-05-16 --> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/axe.4">axe(4)</a>, read ethernet address from EEPROM on AX88772B. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/axe.4">axe(4)</a>, read ethernet address from EEPROM on AX88772B. |
<li>Add a F_ISATTY option to fcntl(), so that isatty() can use this rather than than the bloated ioctl() interface. |
<li>Add an F_ISATTY option to fcntl(), so that isatty() can use this rather than the bloated ioctl() interface. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/aucat.1">aucat(1)</a>, prevent periodic glitches occurring under certain circumstances. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/aucat.1">aucat(1)</a>, prevent periodic glitches occurring under certain circumstances. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/audioctl.1">audioctl(1)</a>, display simply "play" when play mode is set. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/audioctl.1">audioctl(1)</a>, display simply "play" when play mode is set. |
<!-- 2015-05-15 --> |
<!-- 2015-05-15 --> |
<li>Make it possible to use the same network on multiple interfaces at the same time. |
<li>Make it possible to use the same network on multiple interfaces at the same time. |
<li>Give <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/carp.4">carp(4)</a> interfaces their own low priority. |
<li>Give <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/carp.4">carp(4)</a> interfaces their own low priority. |
<li>Introduce if_output(), a function do to the last steps before enqueuing a packet on the sending queue of an interface. |
<li>Introduce if_output(), a function to do the last steps before enqueuing a packet on the sending queue of an interface. |
<li>Remove the "Use DUIDs rather than device names in fstab?" question from the installer and use DUIDs unconditionally. |
<li>Remove the "Use DUIDs rather than device names in fstab?" question from the installer and use DUIDs unconditionally. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>, don't log credentials upon AUTH LOGIN authentication failures. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>, don't log credentials upon AUTH LOGIN authentication failures. |
<!-- 2015-05-14 --> |
<!-- 2015-05-14 --> |
|
|
<li>Use a salted hash of the lock passphrase instead of plain text and do constant-time comparisons of it. |
<li>Use a salted hash of the lock passphrase instead of plain text and do constant-time comparisons of it. |
<li>Add a 0.1s incrementing delay for each failed unlock attempt up to 10s. |
<li>Add a 0.1s incrementing delay for each failed unlock attempt up to 10s. |
</ul> |
</ul> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/upd.4">upd(4)</a>, make the "Battery Present" sensor a depency of all the battery-related sensors only if it is present. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/upd.4">upd(4)</a>, make the "Battery Present" sensor a dependency of all the battery-related sensors only if it is present. |
<li>Update to font-util 1.3.1. |
<li>Update to font-util 1.3.1. |
<li>Extend <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/autoinstall.8">autoinstall(8)</a> to allow for <em>hostname</em>-<em>mode</em>.conf response files and to put response files in a subdir of the webserver's document root. |
<li>Extend <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/autoinstall.8">autoinstall(8)</a> to allow for <em>hostname</em>-<em>mode</em>.conf response files and to put response files in a subdir of the webserver's document root. |
<!-- 2015-05-13 --> |
<!-- 2015-05-13 --> |
|
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>, avoid multiple "From " and "Return-Path" headers. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>, avoid multiple "From " and "Return-Path" headers. |
<!-- 2015-05-12 --> |
<!-- 2015-05-12 --> |
<li>Translate the fec parameters from the novena dtb to set a different clock skew to the same micrel phy used on sabre lite. This change resolves the stability problems with imxenet on novena. |
<li>Translate the fec parameters from the novena dtb to set a different clock skew to the same micrel phy used on sabre lite. This change resolves the stability problems with imxenet on novena. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, to replace c0-*, add a high watermark to the pty event, and also backoff when the any of the ttys the pane is going to write to has buffered enough data. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, to replace c0-*, add a high watermark to the pty event, and also backoff when any of the ttys the pane is going to write to has buffered enough data. |
<li>Revert r1.3 of src/gnu/usr.bin/binutils-2.17/bfd/elflink.c. It introduces bogus failures when inter-library dependencies are present. |
<li>Revert r1.3 of src/gnu/usr.bin/binutils-2.17/bfd/elflink.c. It introduces bogus failures when inter-library dependencies are present. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/em.4">em(4)</a>, make sure the rx ring lwm is set to at least 4. As far as we know, all hardware variants need at least 4 descriptors on the rx ring to be able to receive packets. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/em.4">em(4)</a>, make sure the rx ring lwm is set to at least 4. As far as we know, all hardware variants need at least 4 descriptors on the rx ring to be able to receive packets. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>: |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>: |
|
|
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: malformed binaries could trigger kernel panics or view kernel memory</font><br>A source code patch exists for <a href="errata56.html#023_elf">5.6</a> and <a href="errata57.html#006_elf">5.7</a>. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: malformed binaries could trigger kernel panics or view kernel memory</font><br>A source code patch exists for <a href="errata56.html#023_elf">5.6</a> and <a href="errata57.html#006_elf">5.7</a>. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: multiple issues in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/cpio.1">cpio(1)</a>/<a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/pax.1">pax(1)</a>/<a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tar.1">tar(1)</a>.</font><br>A source code patch exists for <a href="errata56.html#024_tar">5.6</a> and <a href="errata57.html#007_tar">5.7</a>. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: multiple issues in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/cpio.1">cpio(1)</a>/<a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/pax.1">pax(1)</a>/<a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tar.1">tar(1)</a>.</font><br>A source code patch exists for <a href="errata56.html#024_tar">5.6</a> and <a href="errata57.html#007_tar">5.7</a>. |
<li>Don't add a separate .got.plt section as it would result in a partially writable GOT. <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ld.so.1">ld.so(1)</a> will properly write-protect the single .got. |
<li>Don't add a separate .got.plt section as it would result in a partially writable GOT. <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ld.so.1">ld.so(1)</a> will properly write-protect the single .got. |
<li>Prevent a user after free in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/tun.4">tun(4)</a>. |
<li>Prevent a use after free in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/tun.4">tun(4)</a>. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/ix.4">ix(4)</a>, set the correct media type for 1000baseLX SFPs. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/ix.4">ix(4)</a>, set the correct media type for 1000baseLX SFPs. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/grep.1">grep(1)</a>, warn when the user specifies -R but no files, like GNU grep. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/grep.1">grep(1)</a>, warn when the user specifies -R but no files, like GNU grep. |
<li>Allow use of 1Gb 1000baseLX SFPs in 82599 <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/ix.4">ix(4)</a> SFP+ port. |
<li>Allow use of 1Gb 1000baseLX SFPs in 82599 <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/ix.4">ix(4)</a> SFP+ port. |
<li>Optimise sensor I/O in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/upd.4">upd(4)</a>. |
<li>Optimise sensor I/O in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/upd.4">upd(4)</a>. |
<li>Indroduce fd_getfile_mode() and use it were fd_getfile() is directly followed by a mode check. |
<li>Introduce fd_getfile_mode() and use it where fd_getfile() is directly followed by a mode check. |
<!-- 2015-04-29 --> |
<!-- 2015-04-29 --> |
<li>Fix two assertion failures in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/mandoc.1">mandoc(1)</a>. |
<li>Fix two assertion failures in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/mandoc.1">mandoc(1)</a>. |
<li>Add the tmux and tmux-256color entries to <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/termcap.5">termcap(5)</a> and terminfo. This can be used inside tmux for correct italics support. |
<li>Add the tmux and tmux-256color entries to <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/termcap.5">termcap(5)</a> and terminfo. This can be used inside tmux for correct italics support. |
|
|
<li>Use a <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/systrace.4">systrace(4)</a> sandbox with a short whitelist of allowed syscalls for the file(1) child process. |
<li>Use a <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/systrace.4">systrace(4)</a> sandbox with a short whitelist of allowed syscalls for the file(1) child process. |
</ul> |
</ul> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/upd.4">upd(4)</a>, parse the HID descriptor multiple times to find sensors. This avoid lookups in the hot path for sensors that depend on the value of others. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/upd.4">upd(4)</a>, parse the HID descriptor multiple times to find sensors. This avoid lookups in the hot path for sensors that depend on the value of others. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, if the requested pane is already active, do not unzoom the window (or doanything else). This prevents mouse clicking when zoomed causing unzoom. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, if the requested pane is already active, do not unzoom the window (or do anything else). This prevents mouse clicking when zoomed causing unzoom. |
<li>Correctly write the 64bits of the HID 1, 4 and 5 registers on powerpc. |
<li>Correctly write the 64bits of the HID 1, 4 and 5 registers on powerpc. |
<!-- 2015-04-26 --> |
<!-- 2015-04-26 --> |
<li>Allow "sshd -f none" to skip reading the config file, much like"ssh -F none" does. |
<li>Allow "sshd -f none" to skip reading the config file, much like "ssh -F none" does. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/file.1">file(1)</a>, don't support -s on FIFOs. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/file.1">file(1)</a>, don't support -s on FIFOs. |
<li>Let <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bgpd.8">bgpd(8)</a> check the length of the control socket path to make sure it fits -- just like <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bgpctl.8">bgpctl(8)</a> does. |
<li>Let <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bgpd.8">bgpd(8)</a> check the length of the control socket path to make sure it fits -- just like <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bgpctl.8">bgpctl(8)</a> does. |
<li>Fix a typo in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/sndiod.8">sndiod(8)</a>: the buffer size should be 7680 rather than 7860. |
<li>Fix a typo in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/sndiod.8">sndiod(8)</a>: the buffer size should be 7680 rather than 7860. |
|
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/file.1">file(1)</a>, fail if a \ appears at EOL of a <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/magic.5">magic(5)</a> file rather than continuing off the end of the buffer. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/file.1">file(1)</a>, fail if a \ appears at EOL of a <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/magic.5">magic(5)</a> file rather than continuing off the end of the buffer. |
<li>In LibreSSL, don't ignore the reference count in X509_STORE_free. |
<li>In LibreSSL, don't ignore the reference count in X509_STORE_free. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, explicitly cancel mouse "button" mode. This happens implicitly with some of the other things we send with xterm, but not with urxvt. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, explicitly cancel mouse "button" mode. This happens implicitly with some of the other things we send with xterm, but not with urxvt. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/m4.1">m4(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/make.1">make(1)</a>, adda check for overflow while doubling. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/m4.1">m4(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/make.1">make(1)</a>, add a check for overflow while doubling. |
<li>In LibreSSL, check for invalid leading zeros in CBS_get_asn1_uint64. |
<li>In LibreSSL, check for invalid leading zeros in CBS_get_asn1_uint64. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bgpd.8">bgpd(8)</a>, allow rules that match directly on the peer AS. Also adjust the IRR ruleset output to include the declared peer AS instead of hoping they listed their neighbor IP address. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bgpd.8">bgpd(8)</a>, allow rules that match directly on the peer AS. Also adjust the IRR ruleset output to include the declared peer AS instead of hoping they listed their neighbor IP address. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/httpd.8">httpd(8)</a>, prepend files or directories containing ":" with "./" in directory indexes as per RFC 3986. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/httpd.8">httpd(8)</a>, prepend files or directories containing ":" with "./" in directory indexes as per RFC 3986. |
|
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, add support for multiple key tables to commands to be bound to sequences of keys. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, add support for multiple key tables to commands to be bound to sequences of keys. |
<li>In the installer, fix asking for list of http servers via "?". This should fix scanning for wireless networks too. |
<li>In the installer, fix asking for list of http servers via "?". This should fix scanning for wireless networks too. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/mandoc.1">mandoc(1)</a>, avoid out-of-bounds read access. This sometimes prevented proper warnings about text nodes preceding the first section header. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/mandoc.1">mandoc(1)</a>, avoid out-of-bounds read access. This sometimes prevented proper warnings about text nodes preceding the first section header. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, make jump-to-backward/jump-to-forward repeatable withjump-reverse/jump-again. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, make jump-to-backward/jump-to-forward repeatable with jump-reverse/jump-again. |
<li>Remove a typo introduced in r1.185 of src/sys/net/route.c. Because of this typo, a local route was <em>always</em> created. |
<li>Remove a typo introduced in r1.185 of src/sys/net/route.c. Because of this typo, a local route was <em>always</em> created. |
<li>Do not treat loopback interfaces as p2p interfaces and create only one route to ::1. |
<li>Do not treat loopback interfaces as p2p interfaces and create only one route to ::1. |
<li>Always call <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man9/rt_ifa_dellocal.9">rt_ifa_dellocal(9)</a> when removing an IPv6 address. |
<li>Always call <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man9/rt_ifa_dellocal.9">rt_ifa_dellocal(9)</a> when removing an IPv6 address. |
|
|
<li>Remove emulation of OSS audio ioctls from Linux emulation. |
<li>Remove emulation of OSS audio ioctls from Linux emulation. |
<li>Implement binary code patching on i386. |
<li>Implement binary code patching on i386. |
<!-- 2015-04-18 --> |
<!-- 2015-04-18 --> |
<li>Enable th REG_READ ioctl. |
<li>Enable the REG_READ ioctl. |
<li>Don't lock the file for "vi -R" or "view". |
<li>Don't lock the file for "vi -R" or "view". |
<li>Work around what appear to be CPUID lies about the monitor-line size. This makes the mwait-based idle loop actually work. |
<li>Work around what appear to be CPUID lies about the monitor-line size. This makes the mwait-based idle loop actually work. |
<li>Convert many atoi() calls to strtonum() in userland, adding range checks and failure handling along the way. |
<li>Convert many atoi() calls to strtonum() in userland, adding range checks and failure handling along the way. |
|
|
<li>The RTL8411 is supported by <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/rtsx.4">rtsx(4)</a>. |
<li>The RTL8411 is supported by <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/rtsx.4">rtsx(4)</a>. |
<li>Rewrite the <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/sh.1">sh(1)</a> manual page and confine it to document features supported by POSIX-compliant shells. |
<li>Rewrite the <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/sh.1">sh(1)</a> manual page and confine it to document features supported by POSIX-compliant shells. |
<!-- 2015-03-13 --> |
<!-- 2015-03-13 --> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ospfd.8">ospfd(8)</a>, wen removing interfaces in the RDE, also remove all the RDE neighbors that are part of that interface. This prevents use-after-free situations. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ospfd.8">ospfd(8)</a>, when removing interfaces in the RDE, also remove all the RDE neighbors that are part of that interface. This prevents use-after-free situations. |
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/wi.4">wi(4)</a> on PCMCIA work on luna88k. |
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/wi.4">wi(4)</a> on PCMCIA work on luna88k. |
<!-- 2015-03-12 --> |
<!-- 2015-03-12 --> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/makewhatis.8">makewhatis(8)</a>, fix hardlink detection on platforms having padding in struct inodev, typically 64-bit platforms. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/makewhatis.8">makewhatis(8)</a>, fix hardlink detection on platforms having padding in struct inodev, typically 64-bit platforms. |
|
|
<li>Remove setgid kmem support from <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/systat.1">systat(1)</a>. As a result, the netstat view of systat is slightly different. |
<li>Remove setgid kmem support from <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/systat.1">systat(1)</a>. As a result, the netstat view of systat is slightly different. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-5.6/man8/ping.8">ping(8)</a>, bump the size of the time types on the wire to 64 bit. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-5.6/man8/ping.8">ping(8)</a>, bump the size of the time types on the wire to 64 bit. |
<li>Remove <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-5.6/man1/tcopy.1">tcopy(1)</a>. |
<li>Remove <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-5.6/man1/tcopy.1">tcopy(1)</a>. |
<li>Remove setgid kmem support from <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/eeprom.8">eeprom(8)</a>. As a result, groot privileges are generally needed to run this. |
<li>Remove setgid kmem support from <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/eeprom.8">eeprom(8)</a>. As a result, root privileges are generally needed to run this. |
<li>Remove setgid kmem support from <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/pstat.8">pstat(8)</a>. As a result, root privileges are needed to use the -d and -v options. |
<li>Remove setgid kmem support from <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/pstat.8">pstat(8)</a>. As a result, root privileges are needed to use the -d and -v options. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/man.1">man(1)</a>, when interpreting the -O argument as a macro name fails, fall back to showing Nd rather than not showing anything. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/man.1">man(1)</a>, when interpreting the -O argument as a macro name fails, fall back to showing Nd rather than not showing anything. |
<li>The 3160 should work with <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/iwm.4">iwm(4)</a>. |
<li>The 3160 should work with <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/iwm.4">iwm(4)</a>. |