===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus60.html,v
retrieving revision 1.4
retrieving revision 1.5
diff -c -r1.4 -r1.5
*** www/plus60.html 2016/08/15 02:22:11 1.4
--- www/plus60.html 2016/09/03 11:22:01 1.5
***************
*** 97,103 ****
5.8 and 5.9 RELIABILITY FIX: When signaling an error to an HTTP relay client, the connection can be terminated prematurely, leading to a crash.
A source code patch exists which remedies this problem for 5.8 and 5.9.
In the installer, back out the automatic pkg.conf(5) installpath changes.
! In dhclient(8), back out the change that narrowed the BPF read filter rules so only packets sent to the interface's LLADDR pass. Some DHCP servers sned frames to the ethernet broadcast address.
In imxuart(4/armv7), re-create the i.MX6 console with the correct minor number on attach.
Disable POOL_DEBUG.
In newfs(8), scale the default "density" value so that on 4K disks the same number of inodes are creates as on DEV_BSIZE devices.
--- 97,103 ----
5.8 and 5.9 RELIABILITY FIX: When signaling an error to an HTTP relay client, the connection can be terminated prematurely, leading to a crash.
A source code patch exists which remedies this problem for 5.8 and 5.9.
In the installer, back out the automatic pkg.conf(5) installpath changes.
! In dhclient(8), back out the change that narrowed the BPF read filter rules so only packets sent to the interface's LLADDR pass. Some DHCP servers send frames to the ethernet broadcast address.
In imxuart(4/armv7), re-create the i.MX6 console with the correct minor number on attach.
Disable POOL_DEBUG.
In newfs(8), scale the default "density" value so that on 4K disks the same number of inodes are creates as on DEV_BSIZE devices.
***************
*** 270,276 ****
In ssh(1), explicitly check for 100% completion in the progress meter. This avoids a potential floating point rounding error which could cause the progress meter to report 99% on completion.
In vi(1), if /tmp/vi.recover doesn't exist, don't create it. Warn once that it doesn't exist, afterwards fail silently.
! In smtpd(8), explicitely enclose SMTP transactions between BEGIN and COMMIT/ROLLBACK filter events.
In ioapic(4/amd64), don't write to the read-only RIRR bit in the IOAPIC redirection register. This may subsequently block interrupt delivery.
In nc(1), add the -M and -m options to specify the outgoing and incoming minimum TTL.
--- 270,276 ----
In ssh(1), explicitly check for 100% completion in the progress meter. This avoids a potential floating point rounding error which could cause the progress meter to report 99% on completion.
In vi(1), if /tmp/vi.recover doesn't exist, don't create it. Warn once that it doesn't exist, afterwards fail silently.
! In smtpd(8), explicitly enclose SMTP transactions between BEGIN and COMMIT/ROLLBACK filter events.
In ioapic(4/amd64), don't write to the read-only RIRR bit in the IOAPIC redirection register. This may subsequently block interrupt delivery.
In nc(1), add the -M and -m options to specify the outgoing and incoming minimum TTL.
***************
*** 357,363 ****
In libcrypto, disable DSA_FLAG_NO_EXP_CONSTTIME, always enable constant-time behavior.
! In openssl(1), fix a bug loading the default certificate path locations. The files would only be loaded if the CAfile or CApath locations were succesfully loaded first.
In ld(1), make creation of text-relocations a fatal error by default, with -znotext to permit it and -ztext to reenable the default of forbidding it.
In bgpd(8), show the "nexthop 1.2.3.4 now valid: via 192.168.0.1" message only in debug mode.
Add ds1307(4), an I2C driver for the Maxim DS1307 Real Time Clock chip.
--- 357,363 ----
In libcrypto, disable DSA_FLAG_NO_EXP_CONSTTIME, always enable constant-time behavior.
! In openssl(1), fix a bug loading the default certificate path locations. The files would only be loaded if the CAfile or CApath locations were successfully loaded first.
In ld(1), make creation of text-relocations a fatal error by default, with -znotext to permit it and -ztext to reenable the default of forbidding it.
In bgpd(8), show the "nexthop 1.2.3.4 now valid: via 192.168.0.1" message only in debug mode.
Add ds1307(4), an I2C driver for the Maxim DS1307 Real Time Clock chip.
***************
*** 468,474 ****
Remove octhci(4). It has been superseded by dwctwo(4).
Do the full W^X check on hppa and mips64.
! On armv7, use FDT to find the console to initialise.
Attach acpitoshiba(4) on Libretto, Dynabook and SPA40 laptops.
Enforce W^X and map W|X segments without X permission initially. The dynamic linker will make these read-only and add back X permission after relocation processing.
In ld.so(1), some ELF ABIs still require a PLT that is both writable and executable. To avoid W^X violations, initially map such segments as writable and non-executable, and change the mapping to non-writable and executable after initial relocation processing.
--- 468,474 ----
Remove octhci(4). It has been superseded by dwctwo(4).
Do the full W^X check on hppa and mips64.
! On armv7, use FDT to find the console to initialize.
Attach acpitoshiba(4) on Libretto, Dynabook and SPA40 laptops.
Enforce W^X and map W|X segments without X permission initially. The dynamic linker will make these read-only and add back X permission after relocation processing.
In ld.so(1), some ELF ABIs still require a PLT that is both writable and executable. To avoid W^X violations, initially map such segments as writable and non-executable, and change the mapping to non-writable and executable after initial relocation processing.
***************
*** 764,770 ****
Fix several bugs due to uninitialized struct nameidata's.
In softraid(4), panic when attempting to execute a scsi command with no discipline defined.
Fix a bug causing gzip(1) to think the resulting file was got larger during compression.
! In daily(8), no langer call mailq(8).
In sysmerge(8), in interactive mode, check syntax of several important files after merging to give some protection against bad merges.
Don't allow the routing table of a bound socket to be changed. This is not intended and will behave unexpectedly if the address is already used in another domain.
In tmux(1), fix keys parsing again to correctly accept Unicode when not prefixed with Escape.
--- 764,770 ----
Fix several bugs due to uninitialized struct nameidata's.
In softraid(4), panic when attempting to execute a scsi command with no discipline defined.
Fix a bug causing gzip(1) to think the resulting file was got larger during compression.
! In daily(8), no longer call mailq(8).
In sysmerge(8), in interactive mode, check syntax of several important files after merging to give some protection against bad merges.
Don't allow the routing table of a bound socket to be changed. This is not intended and will behave unexpectedly if the address is already used in another domain.
In tmux(1), fix keys parsing again to correctly accept Unicode when not prefixed with Escape.