version 1.3, 2016/03/01 15:04:53 |
version 1.4, 2016/03/01 22:10:17 |
|
|
<p> |
<p> |
|
|
<ul> |
<ul> |
|
<!-- 2015-11-15 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/sshd.8">sshd(8)</a>, add a new authorized_keys option "restrict" that includes all current and future key restrictions. Also add permissive versions of the existing restrictions. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/ssh_config.5">ssh_config(5)</a>, add the AddKeysToAgent option. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/intel.4">intel(4)</a>, partly disable acceleration on Broadwell. This avoids use of the render ring which gets stuck after resume. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man9/ieee80211.9">ieee80211(9)</a>: |
|
<ul> |
|
<li>Add 11n HT support. |
|
<li>Expose 11n mode to the ifmedia layer and introduce the concept of MCS. Make sure 11n features are enabled only if media type is autoselect or 11n. |
|
<li>Add support for 11n mode to the rate adaptation (AMRR) code. |
|
</ul> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/Xorg.1">Xorg(1)</a>, remove the -configure option. It has been broken for a long time. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2">pledge(2)</a> in |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/locate.1">locate(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/clear.1">tput(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/reset.1">tset(1)</a>, and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/user.8">user(8)</a>. |
|
<!-- 2015-11-14 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/rdistd.1">rdistd(1)</a>, support hardlinked symlinks. |
|
<li>In the binutils tools: |
|
<ul> |
|
<li>Don't try to preserve setuid bits. |
|
<li>Always strip off setuid/setgid bits when creating copies of files. |
|
</ul> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man9/ieee80211.9">ieee80211(9)</a>, fix CCMP (WPA2) in preparation for 11n. |
|
<li>Remove libocurses. It is no longer used. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/mandoc.1">mandoc(1)</a>, fix a bug where hitting Ctrl-Backslash (= SIGQUIT) in the <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/less.1">less(1)</a> process spawned by <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/man.1">man(1)</a> causes <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/man.1">man(1)</a> to die uncleanly leaving behind its temp files, and kill <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/less.1">less(1)</a> uncleanly leaving the terminal in the wrong state. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2">pledge(2)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ar.1">ar(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/info.1">info(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/infokey.1">infokey(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/install-info.1">install-info(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ldconfig.8">ldconfig(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ldd.1">ldd(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/makeinfo.1">makeinfo(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/objcopy.1">objcopy(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/texindex.1">texindex(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ex.1">vi(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/xconsole.1">xconsole(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ypldap.8">ypldap(8)</a>. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/rs.1">rs(1)</a>, fix a bug with -z where every column was at least as wide as the previous one. |
|
<li>Update to xkeyboard-config 2.16. |
|
<!-- 2015-11-13 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/telnet.1">telnet(1)</a>: |
|
<ul> |
|
<li>Remove S/Key support. |
|
<li>Remove support for !shell. |
|
<li>Remove the tracefile command. |
|
<li>Remove the debug command. |
|
<li>Set <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/rdomain.4">rtable(4)</a> on the whole process, not only in the socket. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2">pledge(2)</a>. |
|
</ul> |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2">pledge(2)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/as.1">as(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fdisk.8">fdisk(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/c++.1">gcc(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ld.1">ld(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/nm.1">nm(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/rarpd.8">rarpd(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tcpbench.1">tcpbench(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/tftp-proxy.8">tftp-proxy(8)</a>. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man9/crypto.9">crypto(9)</a>: |
|
<ul> |
|
<li>Remove unused non-HMAC versions of MD5 and SHA1. |
|
<li>Remove unused ARC4. |
|
</ul> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a> add the window_visible_layout format. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/file.1">file(1)</a>, with -L, make links actually be followed. |
|
<li>Add <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/amd64/vmm.4">vmm(4)</a>. It is disabled by default. |
|
<li>In ssh, send SSH2_MSG_UNIMPLEMENTED replies to unexpected messages during KEX (bz#2949). |
|
<!-- 2015-11-12 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/sshd_config.5">sshd_config(5)</a>, support "none" as an argument for ForceCommand and ChrootDirectory (bz#2486). |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ssh-keygen.1">ssh-keygen(1)</a>, for -L, support multiple certificates (one per line) and reading from standard input. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/nc.1">nc(1)</a>, with -V, set <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/rdomain.4">rtable(4)</a> on the whole process, not only in the socket. |
|
<li>Revert sys/dev/pci/if_bge.c r1.372. It causes regressions on some models. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dhclient.8">dhclient(8)</a>, when link loss is reported, cancel any active timeout and wait for link to return. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2">pledge(2)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/cwm.1">cwm(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fingerd.8">fingerd(8)</a>. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fdisk.8">fdisk(8)</a>: |
|
<ul> |
|
<li>Avoid problems with pathological input during edit operations by never attempting to use data past the end of the input. |
|
<li>Refresh the in-kernel copy of the disklabel from the disk <em>after</em> writing the new GPT. |
|
<li>Let "reinit mbr" zero existing MBR and GPT partition information before constructing default MBR. |
|
</ul> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/cron.8">cron(8)</a>, move the socket to /var/run/cron.sock. |
|
<!-- 2015-11-11 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>: |
|
<ul> |
|
<li>Remove the mouse-utf8 option. Instead, always turn on UTF-8 mouse if the client says it supports UTF-8. |
|
<li>Support UTF-8 key bindings. |
|
<li>Remove the mouse_utf8_flag. |
|
<li>Remove the utf8 and status-utf8 options. Make tmux only a UTF-8 terminal. |
|
</ul> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fdisk.8">fdisk(8)</a>, display the full disk size when editing GPT, not the truncated MBR size. Display the "disk too large" message only when no GPT is found. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2">pledge(2)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/mg.1">mg(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/spamdb.8">spamdb(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/xclock.1">xclock(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/Xserver.1">Xserver(1)</a>. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/mg.1">mg(1)</a>, clear the mini buffer once a question has been displayed. |
|
<!-- 2015-11-10 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/ehci.4">ehci(4)</a>, mark the interrupt handler IPL_MPSAFE. |
|
<li>Add /dev/vmm. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/bge.4">bge(4)</a>, unbreak the BCM5704 A3 found on some Xserve G5 (RackMac3,1). |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fdisk.8">fdisk(8)</a>, make GPT on large disks work. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/rs.1">rs(1)</a>: |
|
<ul> |
|
<li>With -H, do not overrun a static buffer on files longer than 4 kB. |
|
<li>With -K, do not print bogus blank lines in case of premature EOF. |
|
</ul> |
|
<li>Reduce the memory overhead of our ART routing table from 80M to 70M compared to the existing radix-tree when loading ~550K IPv4 routes. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/mount_mfs.8">newfs(8)</a>, remove TMPDIR support. |
|
<!-- 2015-11-09 --> |
|
<li>Install ikeca.cnf by default as <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ikectl.8">ikectl(8)</a> now requires CA-specific sections not present in the general <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/openssl.1">openssl(1)</a> cnf files. |
|
<li>In libc: |
|
<ul> |
|
<li>Exclude the hidden <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/atexit.3">atexit(3)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/pthread_atfork.3">pthread_atfork(3)</a> stubs from static links that don't use them. |
|
<li>Split the intra-thread functionality from <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/kill.2">kill(2)</a> into its own system call <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/thrkill.2">thrkill(2)</a>. This eliminates the need for locking in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/pthread_kill.3">pthread_kill(3)</a> and simplifies <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/pthread_cancel.3">pthread_cancel(3)</a>. |
|
</ul> |
|
<li><font color="#e00000">5.7 and 5.8 RELIABILITY FIX: insufficient validation of RSN element group cipher values in 802.11 beacons and probe responses could result in system panics.</font><br>A source code patch is available for <a href="errata57.html#020_rsn">5.7</a> and <a href="errata58.html#008_rsn">5.8</a>. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2">pledge(2)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/less.1">less(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/nohup.1">nohup(1)</a>. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/less.1">less(1)</a>, do not save history in secure mode. |
|
<li>Use the correct <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/rdomain.4">rdomain(4)</a> when sending <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/gre.4">gre(4)</a> keepalive packets. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/ehci.4">ehci(4)</a>, fix a NULL dereference in case a Root Port Hub interrupt is handled before the soft-interrupt has been established. |
|
<!-- 2015-11-08 --> |
|
<li>In efiboot, avoid a crash when attempting to calculate the header checksum. |
|
<li>Make HFSC work on <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/age.4">age(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/vr.4">vr(4)</a>. |
|
<li>Add the _vmd user and group for the forthcoming <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/vmd.8">vmd(8)</a> daemon. |
|
<li>Revert gnu/usr.bin/gcc/gcc/cp/g++spec.c r1.2 and r.13 in order to go back to the default upstream behaviour when linking a shared library with c++. It is no longer necessary to behave the same as g++ 2.95. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ssh-keyscan.1">ssh-keyscan(1)</a>, add -c to allow fetching certificates instead of plain keys. |
|
<li>In ncr53c9x, when issuing a non-dma command, set a length variable to 0 upfront to avoid problems on command completition interrupt. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ssh.1">ssh(1)</a>, fix an OOB read in the packet code. |
|
<li>Fix possible system panics due insufficient validation of RSN element group cipher values in 802.11 stack. |
|
<li>Fix a use-after-free in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/fvwm.1">fwvm(1)</a>. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/sdmmc.4">sdmmc(4)</a>, always claim to support sector mode for eMMC. This allows BeagleBone Black boards with Micron eMMC to work. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/less.1">less(1)</a>, remove LESSGLOBALTAGS support. |
|
<!-- 2015-11-07 --> |
|
<li>In efiboot, make "machine disk" show EFI info instead of BIOS info. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/restore.8">restore(8)</a>, make hardlinks of symlinks work. |
|
<li>In efiboot, disable red-zone since EFI is running with a different ABI. This may fix an issue when loading a compressed kernel on MacBooks. |
|
<li>Update to xserver 1.17.4. |
|
<li>Use input handlers for <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/bridge.4">bridge(4)</a>. This allows more flexible configurations with <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/svlan.4">vlan(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/bridge.4">bridge(4)</a> on top of the same physical interface. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2">pledge(2)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/xterm.1">xterm(1)</a>. |
|
<!-- 2015-11-06 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/cabs.3">hypotf(3)</a>, fix wrong magic numbers in scaling causing incorrect results for large and small values. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/getty.8">getty(8)</a>, remove ppplogin support. |
|
<li>Radically improve the performance of <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bgpd.8">bgpd(8)</a> filters. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/less.1">less(1)</a>: |
|
<ul> |
|
<li>Remove support for "!" to run a shell command. |
|
<li>Remove LESSCHARDEF support. |
|
<li>Remove unused charsets and LESSCHARSET support. |
|
</ul> |
|
<li>Make HFSC work on <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/de.4">de(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/sparc/ie.4">ie(4/sparc)</a>. |
|
<!-- 2015-11-05 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ld.so.1">ld.so(1)</a>, fix unloading of load groups when the last reference was not on the load_object but rather some descendent. |
|
<li>On i386, fix a regression by reading/writing to CR4 register only if the processor has this capability. |
|
<li>Stop creating the directory /usr/share/nls. If the user does not specify a NLS path, fail early in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/catopen.3">catopen(3)</a>. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/res_init.3">res_init(3)</a>, restrict the number, size and address family of nameservers. This fixes a crash in sendmail. Only programs that use the bind resolver internals directly are affected. |
|
<li>Replace <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/less.1">less(1)</a> with the cleaned-up fork of less 458 maintained by Garrett D'Amore. |
|
<li>Update to unbound 1.5.6. |
|
<li>Update to nsd 4.1.6. |
|
<li>In the loongson installer, ensure that the partition containing the boot blocks is recognized on the eBenton EBT700. |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2">pledge(2)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/httpd.8">httpd(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ikectl.8">ikectl(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/slowcgi.8">slowcgi(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/wall.1">wall(1)</a>. |
|
<li>For USB mice with wheels, check for the W direction at AC Pan input. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/pkg_add.8">pkg_add(8)</a>, tweak dependencies handling. This might fix some infrequent bugs. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/tcpdump.8">tcpdump(8)</a>, fix a segmentation fault by capping the GRE packet len to tcpdump's snap len. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>, pass through right click if mouse is on. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/smtpctl.8">smtpctl(8)</a>, implement the "uncorrupt" subcommand. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>, correctly handle messages that consist solely of headers and do not end with an empty line. |
|
<!-- 2015-11-04 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/km.4">km(4)</a>, match the temperature sensor in GX-412TC SOC. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ipsecctl.8">ipsecctl(8)</a>, decode Chacha20-Poly1305 when dumping SAs. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/iked.8">iked(8)</a>, support Chacha20-Poly1305 for Child SAs. |
|
<!-- 2015-11-03 --> |
|
<li>Fix a potential use-after-free in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/pf.4">pf(4)</a>. |
|
<li>Disable TCP/UDP TX hardware checksumming if an IPv4 packet contains IP options or if an IPv6 packet contains header extensions. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/rtadvd.8">rtadvd(8)</a>, recognize <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/carp.4">carp(4)</a> interfaces in order to send the src lladdr option. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fdisk.8">fdisk(8)</a>, don't allow the user to enter GPT partition names too large to fit in the GPT partition structure. Also avoid running off the end of the name buffer. |
|
<li>Prevent a panic caused by an infinite recursion in the network stack. |
|
<li>In efiboot, use "Loaded Image Protocol" instead of "Loaded Device Path Protocol" to find the boot device since the MacBook does not support the latter protocol. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/snmpd.8">snmpd(8)</a>, don't lose the ARP entries when updating an interface. |
|
<!-- 2015-11-02 --> |
|
<li>Add Chacha20-Poly1305 to the OpenBSD Cryptographic Framework and enable it in the software crypto driver and the IPsec/ESP and PF_KEY frameworks. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/whois.1">whois(1)</a>, add -I to use whois.iana.org (root zone database). |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/tcpdump.8">tcpdump(8)</a>, print RDNSS nameserver addresses and option names for some other known options that are not otherwise decoded yet (DNSSL, route information). |
|
<li>In libssl, add <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/EVP_AEAD_CTX_init.3">EVP_aead_chacha20_poly1305_ietf(3)</a>, a ChaCha20 with a Poly1305 authenticator for IETF protocols. |
|
<li>Remove ARP load-balacing in order to simplify making ARP MP-safe. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/xhci.4">xhci(4)</a>, mark the interrupt handler as IPL_MPSAFE since it only schedules a soft-interrupt. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ikectl.8">ikectl(8)</a>: |
|
<ul> |
|
<li>Accept an "ocsp" option when creating certificates to set the extended key usage for OCSP signing. |
|
<li>Let <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/openssl.1">openssl(1)</a> add valid signed certs to the index file which is required to use the builtin openssl OCSP server. |
|
<li>Switch from SHA-1 to SHA-256. |
|
</ul> |
|
<li>Introduce <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man9/MBUF_LIST_FIRST.9">ml_purge(9)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man9/MBUF_QUEUE_INITIALIZER.9">mq_purge(9)</a> to free all mbufs on an mbuf list or queue. |
|
<!-- 2015-11-01 --> |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/intel.4">intel(4)</a>, fix rendering problems on Broadwell GT3 (Iris 6100/Iris Pro 6200). |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/re.4">re(4)</a>, expand the rx and tx rings so that deviced needing more packets per interrupt can use them. |
|
<li>Rework the <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/netstart.8">netstart(8)</a> script. |
|
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/inteldrm.4">inteldrm(4)</a>: |
|
<ul> |
|
<li>Prevent the desktop "Iris Pro Graphics 6200" from being misidentified as ULT. |
|
<li>Make the mobile "Iris Graphics 6100" be correctly identified as being a ULT part. |
|
</ul> |
|
<li>Use <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2">pledge(2)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bgpctl.8">bgpctl(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ldapctl.8">ldapctl(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ldapd.8">ldapd(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/m4.1">m4(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/skeyaudit.1">skeyaudit(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/skeyinfo.1">skeyinfo(1)</a>. |
<!-- 2015-10-31 --> |
<!-- 2015-10-31 --> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ntpd.8">ntpd(8)</a>, revert some parts introduced with the original server rtable support, so servers with numeric IP addresses won't be skipped. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ntpd.8">ntpd(8)</a>, revert some parts introduced with the original server rtable support, so servers with numeric IP addresses won't be skipped. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/mg.1">mg(1)</a>, mark *Completions* buffer as read-only. |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/mg.1">mg(1)</a>, mark *Completions* buffer as read-only. |