www/plus59.html - diff

Return to plus59.html CVS log

Up to [local] / www

Diff for /www/plus59.html between version 1.28 and 1.29

version 1.28, 2019/04/08 16:14:55

version 1.29, 2019/05/27 22:55:25

Line 1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<!doctype html>

<html>

<head>

<title>OpenBSD 5.9 Changelog</title>

</head>

<style>

strong {

color: var(--red);

font-weight: normal;

}

h3 {

color: var(--blue);

}

</style>

<h2>

OpenBSD</a>

OpenBSD</a>

5.9 Changelog

5.9 Changelog

</h2>

<hr>

Line 27

Line 33

or use <a href="anoncvs.html#CVS">CVS</a>.

Note: Problems for which patches exist are marked in red.

Note: Problems for which patches exist are marked in red.

For changes in other releases, click below:

Line 82

Line 88

<h3>Changes made between OpenBSD 5.8 and 5.9</h3>

<h3>Changes made between OpenBSD 5.8 and 5.9</h3>

<ul>

Line 406

Line 412

<li>Prevent a NULL dereference when detaching a USB device with <a href="https://man.openbsd.org/OpenBSD-current/man4/ugen.4">ugen(4)</a> disabled or if allocating memory during the attachment process failed.

<li>On octeon, add support for a variety of USB devices.

<li>In ssh, remove roaming support altogether.

<li>5.7 and 5.8 SECURITY FIX: experimental roaming code in the ssh client could be tricked by a hostile sshd server, potentially leaking key material (CVE-2016-0777 and CVE-0216-0778). A source code patch and workaround is available for <a href="errata57.html#022_sshd">5.7</a> and <a href="errata58.html#010_sshd">5.8</a>.

<li>5.7 and 5.8 SECURITY FIX: experimental roaming code in the ssh client could be tricked by a hostile sshd server, potentially leaking key material (CVE-2016-0777 and CVE-0216-0778). A source code patch and workaround is available for <a href="errata57.html#022_sshd">5.7</a> and <a href="errata58.html#010_sshd">5.8</a>.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/ssh.1">ssh(1)</a>, disable experimental client-side roaming support.

<li>Grab the kernel lock before delivering a message to the routing socket when an ARP resolution has been done. This should fix the "receive 1" panic.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/pfctl.8">pfctl(8)</a>, print an error message when detecting multiple root queues on a single interface.

Line 735

Line 741

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man4/amd64/vmm.4">vmm(4)</a>, restore VMM mode after resume from suspend/hibernate.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/vmd.8">vmd(8)</a>, terminate all running VMs on startup: it is not possible to pick up state of "zombie" VMs yet.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/as.1">as(1)</a>, implement the .inst assembler directive for arm.

<il>Ensure the same CPU numbering is used for the kern.cptime2 sysctl as for kern.proc. This fixes an issue in <a href="https://man.openbsd.org/OpenBSD-current/man1/top.1">top(1)</a> where a CPU would seem to be idle even though a thread was reported to be running on it.

<li>Ensure the same CPU numbering is used for the kern.cptime2 sysctl as for kern.proc. This fixes an issue in <a href="https://man.openbsd.org/OpenBSD-current/man1/top.1">top(1)</a> where a CPU would seem to be idle even though a thread was reported to be running on it.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/ssh.1">ssh(1)</a>, prefer rsa-sha2-512 over -256 for hostkeys.

<li>Update termtypes.master to upstream terminfo-20151128.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/rc.conf.8">rc.conf(8)</a>, merge "multicast_router" and "multicast_host" into a single "multicast" configuration variable.

Line 751

Line 757

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/vmctl.8">vmctl(8)</a>, add -c to the "start" subcommand to automatically connect to the VM console after startup.

<li>Add a few kernel lock improvements in the network stack.

<li>5.7 and 5.8 RELIABILITY FIX: a NULL pointer deference could be triggered by a crafted certificate sent to services configured to verify client certificates on TLS/SSL connections. A source code patch is available for <a href="errata57.html#021_clientcert">5.7</a> and <a href="errata58.html#009_clientcert">5.8</a>.

<li>5.7 and 5.8 RELIABILITY FIX: a NULL pointer deference could be triggered by a crafted certificate sent to services configured to verify client certificates on TLS/SSL connections. A source code patch is available for <a href="errata57.html#021_clientcert">5.7</a> and <a href="errata58.html#009_clientcert">5.8</a>.

<li>Add a fix for OpenSSL CVE-2015-3195 and one for OpenSSL CVE-2015-3195.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/vmctl.8">vmctl(8)</a>, re-add the "load" and "reload" commands.

<li>Re-enable acceleration on Broadwell.

Line 1039

Line 1045

<li>Exclude the hidden <a href="https://man.openbsd.org/OpenBSD-current/man3/atexit.3">atexit(3)</a> and <a href="https://man.openbsd.org/OpenBSD-current/man3/pthread_atfork.3">pthread_atfork(3)</a> stubs from static links that don't use them.

<li>Split the intra-thread functionality from <a href="https://man.openbsd.org/OpenBSD-current/man2/kill.2">kill(2)</a> into its own system call <a href="https://man.openbsd.org/OpenBSD-current/man2/thrkill.2">thrkill(2)</a>. This eliminates the need for locking in <a href="https://man.openbsd.org/OpenBSD-current/man3/pthread_kill.3">pthread_kill(3)</a> and simplifies <a href="https://man.openbsd.org/OpenBSD-current/man3/pthread_cancel.3">pthread_cancel(3)</a>.

</ul>

<li>5.7 and 5.8 RELIABILITY FIX: insufficient validation of RSN element group cipher values in 802.11 beacons and probe responses could result in system panics. A source code patch is available for <a href="errata57.html#020_rsn">5.7</a> and <a href="errata58.html#008_rsn">5.8</a>.

<li>5.7 and 5.8 RELIABILITY FIX: insufficient validation of RSN element group cipher values in 802.11 beacons and probe responses could result in system panics. A source code patch is available for <a href="errata57.html#020_rsn">5.7</a> and <a href="errata58.html#008_rsn">5.8</a>.

<li>Use <a href="https://man.openbsd.org/OpenBSD-current/man2/pledge.2">pledge(2)</a> in <a href="https://man.openbsd.org/OpenBSD-current/man1/less.1">less(1)</a> and <a href="https://man.openbsd.org/OpenBSD-current/man1/nohup.1">nohup(1)</a>.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/less.1">less(1)</a>, do not save history in secure mode.

<li>Use the correct <a href="https://man.openbsd.org/OpenBSD-current/man4/rdomain.4">rdomain(4)</a> when sending <a href="https://man.openbsd.org/OpenBSD-current/man4/gre.4">gre(4)</a> keepalive packets.

Line 1306

Line 1312

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/mailq.8">smtpctl(8)</a>, allow "all" as an argument for the "resume envelope", "pause envelope" and "remove" subcommands.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/tcpdump.8">tcpdump(8)</a>, fix a crash that occurs when printing the filename in a malformed NFS request packet.

<li>5.6, 5.7 and 5.8 RELIABILITY FIX: the OBJ_obj2txt function in libcrypto contains a one byte buffer overrun and memory leak. A source code patch is available for <a href="errata56.html#033_obj2txt">5.6</a>, <a href="errata57.html#019_obj2txt">5.7</a>, <a href="errata58.html#007_obj2txt">5.8</a>.

<li>5.6, 5.7 and 5.8 RELIABILITY FIX: the OBJ_obj2txt function in libcrypto contains a one byte buffer overrun and memory leak. A source code patch is available for <a href="errata56.html#033_obj2txt">5.6</a>, <a href="errata57.html#019_obj2txt">5.7</a>, <a href="errata58.html#007_obj2txt">5.8</a>.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/tar.1">tar(1)</a>, use a strict $PATH to run the (de)compressors.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man5/newsyslog.conf.5">newsyslog.conf(5)</a>, allow the wheel group to read /var/log/maillog.

<li>RELEASE CD ISSUE: the "src.tar.gz" file on the source tree was created on the wrong day and does not match the 5.8 release builds. A replacement file is available for <a href="errata58.html#006_src">5.8</a>.

<li>RELEASE CD ISSUE: the "src.tar.gz" file on the source tree was created on the wrong day and does not match the 5.8 release builds. A replacement file is available for <a href="errata58.html#006_src">5.8</a>.

<li>5.6, 5.7 and 5.8 RELIABILITY FIX: a problem with timer kevents could result in a kernel hang (local denial of service). A source code patch is available for <a href="errata56.html#032_kevent">5.6</a>, <a href="errata57.html#018_kevent">5.7</a> and <a href="errata58.html#005_kevent">5.8</a>.

<li>5.6, 5.7 and 5.8 RELIABILITY FIX: a problem with timer kevents could result in a kernel hang (local denial of service). A source code patch is available for <a href="errata56.html#032_kevent">5.6</a>, <a href="errata57.html#018_kevent">5.7</a> and <a href="errata58.html#005_kevent">5.8</a>.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/ping6.8">ping6(8)</a>, use <a href="https://man.openbsd.org/OpenBSD-current/man8/ping.8">ping(8)</a>-like semantics for -I.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/sort.1">sort(1)</a>, copy permissions and ownership when -o will override an input file.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/fsck_ext2fs.8">fsck_ext2fs(8)</a>, <a href="https://man.openbsd.org/OpenBSD-current/man8/fsck_ffs.8">fsck_ffs(8)</a> and <a href="https://man.openbsd.org/OpenBSD-current/man8/fsck_msdos.8">fsck_msdos(8)</a>, only accept one filesystem/device as argument for checking.

Line 1406

Line 1412

<li>Use <a href="https://man.openbsd.org/OpenBSD-5.8/man2/tame.2">tame(2)</a>.

</ul>

<li>On octeon, fix a memory leak in an error code path.

<li>Use <a href="https://man.openbsd.org/OpenBSD-5.8/man2/tame.2">tame(2)</a> in <a href="https://man.openbsd.org/OpenBSD-current/man1/cat.1">cat(1)</a>, <a href="https://man.openbsd.org/OpenBSD-current/man1/echo.1">echo(1)</a>, <a href="https://man.openbsd.org/OpenBSD-current/man1/[.1">test(1)</a>, <a href="https://man.openbsd.org/OpenBSD-current/man1/uname.1">uname(1)</a> and <a href="https://man.openbsd.org/OpenBSD-current/man1/wc.1">wc(1)</a>.

<li>Use <a href="https://man.openbsd.org/OpenBSD-5.8/man2/tame.2">tame(2)</a> in <a href="https://man.openbsd.org/OpenBSD-current/man1/cat.1">cat(1)</a>, <a href="https://man.openbsd.org/OpenBSD-current/man1/echo.1">echo(1)</a>, <a href="https://man.openbsd.org/OpenBSD-current/man1/%5b.1">test(1)</a>, <a href="https://man.openbsd.org/OpenBSD-current/man1/uname.1">uname(1)</a> and <a href="https://man.openbsd.org/OpenBSD-current/man1/wc.1">wc(1)</a>.

<li>Add IPv6 transport for <a href="https://man.openbsd.org/OpenBSD-current/man4/pflow.4">pflow(4)</a> data.

<li>When multiple <a href="https://man.openbsd.org/OpenBSD-current/man4/vxlan.4">vxlan(4)</a> interfaces are configured with same VNI, select the interface whose tunnel destination corresponded to the incoming packets' source address.

<li>In libssl, fix reference counting and memory leak in error path in an error path.

Line 1425

Line 1431

<li>Add ktracing of argv and envp to <a href="https://man.openbsd.org/OpenBSD-current/man2/execve.2">execve(2)</a>, with envp not traced by default.

<li>Add <a href="https://man.openbsd.org/OpenBSD-current/man8/eigrpd.8">eigrpd(8)</a> (and <a href="https://man.openbsd.org/OpenBSD-current/man8/eigrpctl.8">eigrpctl(8)</a>), an Enhanced Interior Gateway Routing Protocol daemon.

<li>5.6, 5.7 and 5.8 SECURITY FIX: multiple reliability and security issues in <a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>. A source code patch is available for <a href="errata56.html#031_smtpd">5.6</a>, <a href="errata57.html#017_smtpd">5.7</a> and <a href="errata58.html#004_smtpd">5.8</a>.

<li>5.6, 5.7 and 5.8 SECURITY FIX: multiple reliability and security issues in <a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>. A source code patch is available for <a href="errata56.html#031_smtpd">5.6</a>, <a href="errata57.html#017_smtpd">5.7</a> and <a href="errata58.html#004_smtpd">5.8</a>.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>:

<ul>

<li>Do not allow connection IDs to wrap and collide with another active connection ID. This allows a local user to force the daemon to exit.

Line 1461

Line 1467

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/mg.1">mg(1)</a>, fix the location of the cursor when opening a directory using filevisit, findvisitalt and poptofile.

<li>Add support for the Huawei K4511 3G to <a href="https://man.openbsd.org/OpenBSD-current/man4/umsm.4">umsm(4)</a>.

<li>5.7 and 5.8 SECURITY FIX: an incorrect operation in uvm could result in system panic. A source code patch is available for <a href="errata57.html#016_uvm">5.7</a> and <a href="errata58.html#003_uvm">5.8</a>.

<li>5.7 and 5.8 SECURITY FIX: an incorrect operation in uvm could result in system panic. A source code patch is available for <a href="errata57.html#016_uvm">5.7</a> and <a href="errata58.html#003_uvm">5.8</a>.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man2/mmap.2">mmap(2)</a>, remove the no longer needed kernel lock in the fixed case.

<li>Add the UVM_FLAG_UNMAP flag to indicate to <a href="https://man.openbsd.org/OpenBSD-current/man9/UVM_MAPFLAG.9">uvm_map(9)</a> that it should unmap to make space.

<li>5.7 RELIABILITY FIX: various problems were identified in relayd. A source code patch is available for <a href="errata57.html#015_relayd">5.7</a>.

<li>5.7 RELIABILITY FIX: various problems were identified in relayd. A source code patch is available for <a href="errata57.html#015_relayd">5.7</a>.

<li>Fix a panic in <a href="https://man.openbsd.org/OpenBSD-current/man4/inteldrm.4">inteldrm(4)</a>.

<li>In <a href="https://man.openbsd.org/OpenBSD-5.8/man2/tame.2">tame(2)</a>, make using the "/" path work.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/mg.1">mg(1)</a>, make dired mode treat a double "/" in a path like fundamental mode.

Line 1800

Line 1806

<li>On sparc64, add support for switching CPUs in <a href="https://man.openbsd.org/OpenBSD-current/man4/ddb.4">ddb(4)</a>.

<li>On sh, use <a href="https://man.openbsd.org/OpenBSD-current/man2/kbind.2">kbind(2)</a> for lazy binding GOT/PLT updates.

<li>Make <a href="https://man.openbsd.org/OpenBSD-current/man1/gdb.1">gdb(1)</a> work again on mips64 PIE binaries by making sure a reasonable 64-bit ABI is selected for 64-bit ELF files instead of a 32-bit ABI.

<li>5.8 SECURITY FIX: LibreSSL 2.2.2 incorrectly handles ClientHello messages that do not include TLS extensions, resulting in such handshakes being aborted. A source code patch is available for <a href="errata58.html#002_sslhello">5.8</a>.

<li>5.8 SECURITY FIX: LibreSSL 2.2.2 incorrectly handles ClientHello messages that do not include TLS extensions, resulting in such handshakes being aborted. A source code patch is available for <a href="errata58.html#002_sslhello">5.8</a>.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/amd64/apmd.8">apmd(8)</a>, log battery changes every 10%, not every 21%.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man4/envy.4">envy(4)</a>, disable interrupts while the midi uart is not in use. This avoids generating unused interrupts when a chatty peripheral is connected but not used.

<li>In binutils 2.17, add support for Irix-style "64-bit" archives.

Line 1826

Line 1832

<li>On hppa, use <a href="https://man.openbsd.org/OpenBSD-current/man2/kbind.2">kbind(2)</a> for lazy binding GOT/PLT updates.

<li>Add more overflow checks to libexpat.

<li>5.8 SECURITY FIX: in <a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a>, inverted logic made PermitRootLogin "prohibit-password" unsafe. A source code patch is available for <a href="errata58.html#001_sshd">5.8</a>.

<li>5.8 SECURITY FIX: in <a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a>, inverted logic made PermitRootLogin "prohibit-password" unsafe. A source code patch is available for <a href="errata58.html#001_sshd">5.8</a>.

<li>Let MBR have priority over GPT.

<li>Fix an alignment issue in <a href="https://man.openbsd.org/OpenBSD-current/man4/bridge.4">bridge(4)</a>.

Line 1943

Line 1949

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/whois.1">whois(1)</a>, fix whois server detection for new TLDs.

<li>Accept NULL pointers in <a href="https://man.openbsd.org/OpenBSD-current/man9/rtfree.9">rtfree(9)</a>. This will simplify upcoming conversions of rt_refcnt-- to rtfree(9).

<li>5.6 and 5.7 SECURITY FIX: a change to <a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a> resulted in incorrect permissions being applied to pseudo terminal devices, allowing local users to write to (but not read from) them. A source code patch is available for <a href="errata57.html#014_sshd">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: a change to <a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a> resulted in incorrect permissions being applied to pseudo terminal devices, allowing local users to write to (but not read from) them. A source code patch is available for <a href="errata57.html#014_sshd">5.7</a>.

<li>No longer hold the kernel lock when calling bpf.

<li>Make bpf_mtap MP-safe by using <a href="https://man.openbsd.org/OpenBSD-current/man9/srp_enter.9">srp</a>.

<li>Avoid a TOCTOU problem in if_input in the bpf handling.

Line 1992

Line 1998

<li>Improve <a href="https://man.openbsd.org/OpenBSD-current/man1/openssl.1">openssl(1)</a> s_client -starttls xmpp support.

</ul>

</body>

</html>