Annotation of www/plus64.html, Revision 1.5
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2: <html>
3: <head>
4: <title>OpenBSD 6.4 Changelog</title>
1.4 pamela 5: <meta name="description" content="OpenBSD 6.4 changes">
1.1 deraadt 6: <meta name="copyright" content="This document copyright 1996-2016 by OpenBSD.">
7: <meta name="viewport" content="width=device-width, initial-scale=1">
8: <link rel="stylesheet" type="text/css" href="openbsd.css">
1.4 pamela 9: <link rel="canonical" href="https://www.openbsd.org/plus64.html">
1.1 deraadt 10: </head>
11:
12: <body bgcolor="#ffffff" text="#000000" link="#23238e">
13:
14: <h2>
15: <a href="index.html">
16: <font color="#0000ff"><i>Open</i></font><font color="#000084">BSD</font></a>
1.3 deraadt 17: <font color="#e00000">6.4 Changelog</font>
1.1 deraadt 18: </h2>
19: <hr>
20:
21: <p>
22: This selection is intended to include all important
23: and all user-visible changes.
24: For a complete record of all changes, please see the "source-changes"
25: mailing list, called "OpenBSD CVS"
26: in the <a href="mail.html#Archives">archives</a>,
27: or use <a href="anoncvs.html#CVS">CVS</a>.
28:
29: <p>
30: Note: <font color="#e00000">Problems for which patches exist are marked in red</font>.
31:
32: <p>
33: For changes in other releases, click below:<br>
34: <a href="plus20.html">2.0</a>,
35: <a href="plus21.html">2.1</a>,
36: <a href="plus22.html">2.2</a>,
37: <a href="plus23.html">2.3</a>,
38: <a href="plus24.html">2.4</a>,
39: <a href="plus25.html">2.5</a>,
40: <a href="plus26.html">2.6</a>,
41: <a href="plus27.html">2.7</a>,
42: <a href="plus28.html">2.8</a>,
43: <a href="plus29.html">2.9</a>,
44: <a href="plus30.html">3.0</a>,
45: <a href="plus31.html">3.1</a>,
46: <a href="plus32.html">3.2</a>,
47: <a href="plus33.html">3.3</a>,
48: <a href="plus34.html">3.4</a>,
49: <a href="plus35.html">3.5</a>,
50: <a href="plus36.html">3.6</a>,
51: <br>
52: <a href="plus37.html">3.7</a>,
53: <a href="plus38.html">3.8</a>,
54: <a href="plus39.html">3.9</a>,
55: <a href="plus40.html">4.0</a>,
56: <a href="plus41.html">4.1</a>,
57: <a href="plus42.html">4.2</a>,
58: <a href="plus43.html">4.3</a>,
59: <a href="plus44.html">4.4</a>,
60: <a href="plus45.html">4.5</a>,
61: <a href="plus46.html">4.6</a>,
62: <a href="plus47.html">4.7</a>,
63: <a href="plus48.html">4.8</a>,
64: <a href="plus49.html">4.9</a>,
65: <a href="plus50.html">5.0</a>,
66: <a href="plus51.html">5.1</a>,
67: <a href="plus52.html">5.2</a>,
68: <a href="plus53.html">5.3</a>,
69: <br>
70: <a href="plus54.html">5.4</a>,
71: <a href="plus55.html">5.5</a>,
72: <a href="plus56.html">5.6</a>,
73: <a href="plus57.html">5.7</a>,
74: <a href="plus58.html">5.8</a>,
75: <a href="plus59.html">5.9</a>,
76: <a href="plus60.html">6.0</a>,
77: <a href="plus61.html">6.1</a>,
78: <a href="plus62.html">6.2</a>,
79: <a href="plus63.html">6.3</a>,
1.5 ! pamela 80: <a href="plus65.html">6.5</a>,
1.1 deraadt 81: <a href="plus.html">-current</a>.
82: <br>
83:
84: <p>
85: <h3><font color="#0000e0">Changes made between OpenBSD 6.3 and 6.4</font></h3>
86: <p>
87:
88: <ul>
89: <li>Many changes not listed here.
90: <!-- 2018-04-16 -->
91: <li>Fix "heap full" errors in the amd64 boot loader when loading microcode.
92: <li>Add support in <a href="https://man.openbsd.org/com.4">com(4)</a> for Exar XR17V354 4-port devices.
93: <!-- 2018-04-15 -->
94: <li>Add TCP support to <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>. Apart from processing multiple requests in parallel, this implements RFC 3430.
95: <li>Make <a href="https://man.openbsd.org/relayd.8">relayd(8)</a> set destination host state to HOST_DOWN in case of TCP read timeout.
96: <li><font color="#e00000">6.1, 6.2 and 6.3 SECURITY FIX: Correct heap overflow bugs in <a href="https://man.openbsd.org/perl.1">perl(1)</a>.</font><br>A source code patch is available for <a href="errata61.html#p039_perl">6.1</a>, <a href="errata62.html#p011_perl">6.2</a> and <a href="errata63.html#p001_perl">6.3</a>.
97: <!-- 2018-04-14 -->
98: <li>Make ENGINE_finish() succeed on NULL in LibreSSL, simplifies caller code.
99: <li>Make <a href="https://man.openbsd.org/ksh.1">ksh(1)</a> count $SECONDS using monotonic clock.
100: <li>Fix for <a href="https://man.openbsd.org/mg.1">mg(1)</a> when trying to write backups in home dir when run under a different effective user.
101: <!-- 2018-04-13 -->
102: <li>Remove hfsc support from <a href="https://man.openbsd.org/pfctl.8">pfctl(8)</a>.
103: <li>Don't panic if ipmi_sendcmd() fails.
104: <li>Make <a href="https://man.openbsd.org/sshd.8">sshd(8)</a> more resilient against user enumeration timing attacks.
105: <li>Implemented MAP_STACK option for <a href="https://man.openbsd.org/mmap.2">mmap(2)</a>. At pagefaults and syscalls the kernel will check that the SP points to MAP_STACK memory.
106: <!-- 2018-04-12 -->
107: <li>Stop using the PID in <a href="https://man.openbsd.org/ping.8">ping(8)</a>.
108: <li>Make <a href="https://man.openbsd.org/httpd.8">httpd(8)</a> listen on all IPv4 and IPv6 addresses for "listen on *".
109: <li>More steps for i386 Meltdown fixes, will trigger some performance issues.
110: <li>Make <a href="https://man.openbsd.org/re.4">re(4)</a> handle newer devices with only 64bit BARs, and map 32bit BAR as a fallback.
111: <!-- 2018-04-11 -->
112: <li>Add mixer save/restore capability to the <a href="https://man.openbsd.org/audio.4">audio(4)</a> driver for use during suspend/resume.
113: <li>Add support in <a href="https://man.openbsd.org/umsm.4">umsm(4)</a> for Huawei k3772-based devices.
114: <li>Make <a href="https://man.openbsd.org/sasyncd.8">sasyncd(8)</a> schedule events against the monotonic clock so it fires punctually even if system clock is changed.
115: <li>Have <a href="https://man.openbsd.org/fstat.1">fstat(1)</a> print rtable for internet sockets unless it's the default.
116: <li>In <a href="https://man.openbsd.org/tmux.1">tmux(1)</a>, add x and X to choose-tree to kill an item.
117: <li>Make sure the kernel doesn't call logwakeup() while holding a mutex to prevent lock ordering issues.
118: <!-- 2018-04-10 -->
119: <li>Make <a href="https://man.openbsd.org/mandoc.1">mandoc(1)</a> define a previously undefined integer as being zero.
120: <li>Make <a href="https://man.openbsd.org/ksh.1">ksh(1)</a> support 64bit integer operations on 32bit arches too.
121: <li>Added <a href="https://man.openbsd.org/octcrypto.4">octcrypto(4)</a>, a driver for the octeon cryptographic unit, providing hardware-accelerated implementations for several encryption and authentication algorithms for <a href="https://man.openbsd.org/ipsec.4">ipsec(4)</a>. Disabled for now.
122: <!-- 2018-04-09 -->
123: <li>Make <a href="https://man.openbsd.org/smtpd.8">smtpd(8)</a> spfwalk check for legitimate IPv4 and IPv6 addresses before printing.
124: <li>Make headers, manpages and kernel prefer and recommend AF_UNIX name rather than AF_LOCAL.
125: <li>In kqueue, test for preexisting conditions when re-enabling events.
126: <li>Make <a href="https://man.openbsd.org/pcidump.8">pcidump(8)</a> print BARs for bridges as well.
127: <li>On amd64, add support for EFI Random Number Generator and use it to XOR random data into the kernel.
128: <li>Add a hook to the standalone boot code to use a firmware-supplied random function in addition of the machine dependent random function to insert entropy into the booted kernel.
129: <!-- 2018-04-08 -->
130: <li>IPv6 fix for <a href="https://man.openbsd.org/gif.4">gif(4)</a>.
131: <li>Attach the mbuf tag on output <a href="https://man.openbsd.org/gif.4">gif(4)</a> packets to suppress loops over the interface and avoid leak of the tag on every packet.
132: <li>For certain arm devices, if the PHY address isn't specified, only attach a single PHY. Makes Theobrama Systems RK3399-Q7 SoM network interfaces work.
133: <li>Make <a href="https://man.openbsd.org/shutdown.8">shutdown(8)</a> print deadline estimates in the local timezone.
134: <li>Enable <a href="https://man.openbsd.org/islrtc.4">islrtc(4)</a> on arm64 GENERIC and RAMDISK kernels.
135: <li>Added <a href="https://man.openbsd.org/islrtc.4">islrtc(4)</a>, a driver for the ISL208 real time clock.
136: <li>Work around libtool exec limitations.
137: <li>Correct libtls <a href="https://man.openbsd.org/tls_config_clear_keys.3">tls_config_clear_keys(3)</a> behaviour, leaving other configuration data intact.
138: <li>In libtls, switch to <a href="https://man.openbsd.org/OPENSSL_init_ssl.3">OPENSSL_init_ssl(3)</a> to prevent an openssl configuration file from being loaded behind our backs.
139: <li>Add support in <a href="https://man.openbsd.org/dwmmc.4">dwmmc(4)</a> for GPIO card detection.
140: <li>Increase <a href="https://man.openbsd.org/em.4">em(4)</a> delay after reset to 20ms and add a fix for i219 based devices.
141: <!-- 2018-04-17 -->
142: <li>In UEFI, respect the parts where mappings indicate they can be made non-readable, non-executable or read-only.
143: <li>Fixed <a href="https://man.openbsd.org/tmpfs.4">tmpfs(4)</a> to not attempt calling <a href="https://man.openbsd.org/copyin.9">copyin(9)</a> itself.
144: <li>Patch binutils 2.17 so it passes option -Wno-null-pointer-arithmetic when compiled with LLVM 6.0.0.
145: <li>Updated llvm to 6.0.0.
146: <li>Make <a href="https://man.openbsd.org/fstat.1">fstat(1)</a> print a p flag for file descriptors opened after <a href="https://man.openbsd.org/pledge.2">pledge(2)</a>.
147: <li>Better rounding to cylinder boundaries in <a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>.
148: <li>In <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>, allow "Sendenv -PATTERN" to clear environment previously labeled for sending.
149: <li>Fix file descriptor leak in <a href="https://man.openbsd.org/httpd.8">httpd(8)</a> after processing ranged requests.
150: <li>Use existing pf state to speed up UDP socket lookup.
151: <li>Fix memory leak in libcrypto if EVP_Digest() fails.
152: <!-- 2018-04-06 -->
153: <li>In libcrypto, tighten up various checks for X509_VERIFY_PARAM functions.
154: <li>In <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>, relax checking of authorized_keys environment="..." options to allow underscores in variable names
155: <li>Stop using a non-portable .R <a href="https://man.openbsd.org/man.7">man(7)</a> macro in <a href="https://man.openbsd.org/mandoc.1">mandoc(1)</a>.
156: <li>Update <a href="https://man.openbsd.org/mandoc.1">mandoc(1)</a> to use documented and portable character escape sequences for .Do/.Dq.
157: <!-- 2018-04-05 -->
158: <li>Import pcap_set_immediate_mode() from mainline libpcap which allows a libpcap-based program to process packets as soon as they arrive.
159: <li>Remove obsolete PF_TRANS_ALTQ from <a href="https://man.openbsd.org/pf.4">pf(4)</a>. Note the required steps in the <a href="https://www.openbsd.org/faq/current.html#r20180404">update guide</a> if updating from source.
160: <li>Update default IPQoS in <a href="https://man.openbsd.org/ssh.1">ssh(1)</a> and <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>.
161: <li>Libcrypto fixes in X509_NAME_add_entry().
162: <!-- 2018-04-04 -->
163: <li>Fix crash in <a href="https://man.openbsd.org/dig.1">dig(1)</a> when +trace option is enabled and a truncated reply forces fallback to TCP.
164: <!-- 2018-04-03 -->
165: <li>Deactivate WITNESS checks in <a href="https://man.openbsd.org/ddb.4">ddb(4)</a>, when db_active is set.
166: <li>On <a href="https://man.openbsd.org/vlan.4">vlan(4)</a> interfaces, use link0 to use llprio in transmitted packets.
167: <li>Imported regenerated moduli files for <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>.
168: <li>Tweak vlan printing in <a href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a> to properly decode priority field.
169: <li>OpenSSH 7.7 released.
170: <li>Enabled <a href="https://man.openbsd.org/mvrng.4">mvrng(4)</a> for arm64 GENERIC and RAMDISK kernels.
171: <li>Fix in <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> for aspath_verify() regarding 2-byte vs 4-byte AS path entries.
172: <li>Enabled <a href="https://man.openbsd.org/imxiomuxc.4">imxiomuxc(4)</a> on arm64 GENERIC and RAMDISK kernels.
173: <li>Unhook libXfont from xenocara builds, obsoleted by libXfont2.
174: <li>Enabled <a href="https://man.openbsd.org/dwpcie.4">dwpcie(4)</a>, <a href="https://man.openbsd.org/fec.4">fec(4)</a> and <a href="https://man.openbsd.org/imxccm.4">imxccm(4)</a> on arm64 GENERIC and RAMDISK kernels.
175: <li>Add minimal driver <a href="https://man.openbsd.org/dwpcie.4">dwpcie(4)</a> for the Synopsys Designware PCIe core.
176: <li>Added support for more Intel Apollo Lake devices found on some NUC and Celeron based systems.
177: <li>In <a href="https://man.openbsd.org/com.4">com(4)</a>, add support for register shift/IO-width to allow UARTs using 32-bit registers instead of 8-bit, found on some armv7, arm64 and amd64 SoCs.
178: <li>Add support for arbitrary-length integers in <a href="https://man.openbsd.org/test.1">test(1)</a>.
179: <!-- 2018-04-02 -->
180: <li>Fix binutils 2.17 to build without warnings on LLVM 6.0.0.
181: <li>Enabled <a href="https://man.openbsd.org/imxanatop.4">imxanatop(4)</a> on armv7 RAMDISK kernels.
182: <li>Fix for previously incorrect MII speed setting on armv7 <a href="https://man.openbsd.org/fec.4">fec(4)</a>.
183: <li>Fixes in <a href="https://man.openbsd.org/apply.1">apply(1)</a> for <a href="https://man.openbsd.org/realloc.3">realloc(3)</a> noticed when <a href="https://man.openbsd.org/malloc.conf.5">malloc.conf(5)</a> had the J option enabled.
184: <li>LibreSSL 2.7.2 released.
185: <li>Fixes for UFS2 with softdep enabled.
186: <!-- 2018-04-01 -->
187: <li>Implemented an EFI driver to allow PXE boot over EFIs Simple Network Protocol, allowing TFTP boot on U-Boot based armv7 and arm64 machines.
188: <li>Fix '-v' option to <a href="https://man.openbsd.org/procmap.1">procmap(1)</a> when using -a to help show holes in the process map.
189: <li>Enabled <a href="https://man.openbsd.org/mvtemp.4">mvtemp(4)</a> on arm64 GENERIC kernels.
190: <li>Added <a href="https://man.openbsd.org/mvtemp.4">mvtemp(4)</a> a driver for temperature sensors found on Marvell Armada SoCs.
191: <li>Fix mbuf reuse when sending ARP responses to prevent stale mbuf state affecting the ARP reply packet.
192: <li>Fix 64bit integer overflows in <a href="https://man.openbsd.org/expr.1">expr(1)</a>.
193: <li>Fix a hang in i386 vmware guests in /sbin/init.
194: <li>Recommit of the i386 Meltdown fix.
195: <li>Fix '-i' on <a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a> to discard previously defined values.
196: <!-- 2018-03-31 -->
197: <li>Enable <a href="https://man.openbsd.org/imxiic.4">imxiic(4)</a> and <a href="https://man.openbsd.org/imxanatop.4">imxanatop(4)</a> on arm64 GENERIC and RAMDISK kernels.
198: <li>Enable <a href="https://man.openbsd.org/imxgpc.4">imxgpc(4)</a>, <a href="https://man.openbsd.org/imxgpio.4">imxgpio(4)</a> and <a href="https://man.openbsd.org/imxesdhc.4">imxesdhc(4)</a> on GENERIC and RAMDISK kernels for the arm64 platform.
199: <li>Also move <a href="https://man.openbsd.org/imxgpc.4">imxgpc(4)</a>, <a href="https://man.openbsd.org/imxgpio.4">imxgpio(4)</a> and <a href="https://man.openbsd.org/imxesdhc.4">imxesdhc(4)</a> drivers so they can be shared between arm64 and armv7.
200: <li>Fix potential overflow in <a href="https://man.openbsd.org/cut.1">cut(1)</a> for 64bit systems.
201: <!-- 2018-03-30 -->
202: <li>Updated bdftopcf to version 1.1.
203: <li>Moved driver for <a href="https://man.openbsd.org/imxuart.4">imxuart(4)</a> so it can be shared by arm64 and armv7.
204: <li>Updated <a href="https://man.openbsd.org/xterm.1">xterm(1)</a> to version 331.
205: <li>Updated <a href="https://man.openbsd.org/unbound.8">unbound(8)</a> to 1.7.0.
206: <li>Enable <a href="https://man.openbsd.org/mvclock.4">mvclock(4)</a>, <a href="https://man.openbsd.org/mvicu.4">mvicu(4)</a>, <a href="https://man.openbsd.org/mvpinctrl.4">mvpinctrl(4)</a>, <a href="https://man.openbsd.org/mvgpio.4">mvgpio(4)</a> and <a href="https://man.openbsd.org/mvrtc.4">mvrtc(4)</a> on GENERIC and RAMDISK kernels for arm64 platforms.
207: <li>Added support for <a href="https://man.openbsd.org/mvrtc.4">mvrtc(4)</a>, a real time clock integrated on various Marvell Armada SoCs.
208: <li>Fixed some <a href="https://man.openbsd.org/setlocale.3">setlocale(3)</a> bugs.
209: <li>Add support in the flattened device tree code for legacy binding of Marvell devices for "usb-nop-xceiv" PHYs.
210: <li>Fix memory leak in sparc64 ofwboot when booting <a href="https://man.openbsd.org/softraid.4">softraid(4)</a> crypto devices.
211: <li>Prevent <a href="https://man.openbsd.org/tmux.1">tmux(1)</a> from crashing in certain cases with empty windows.
212: <!-- 2018-03-29 -->
213: <li>Fixed network locking in <a href="https://man.openbsd.org/pppx.4">pppx(4)</a>.
214: <li>Fix in libcrypto for CVS-2018-0739 regarding ASN.1 recursive definition depth.
215: <li>Remove RDTSCP from CPUID flags reported to <a href="https://man.openbsd.org/vmm.4">vmm(4)</a> guests.
216: <li>Fix remaining external file system locking so VOP_LOCKs are done in accordance with how WITNESS wants it.
217: <li>Fix memory leak in <a href="https://man.openbsd.org/pf.4">pf(4)</a> when adding same table twice.
218: <li>Check for possible NFS race after sleeping to prevent future lock ordering problem.
219: <li>Mark ext2fs inode recursive lock as RWL_IS_VNODE to help when WITNESS is enabled.
220: <li>Configure <a href="https://man.openbsd.org/dwxe.4">dwxe(4)</a> TX and RX chain delay based on device tree properties.
221: <!-- 2018-03-27 -->
222: <li>In the X.org DRM code, defer disabling the vblank IRQ until next interrupt.
223: <li>Updated time zone data to tzdata2018d.
224: <li>Added <a href="https://man.openbsd.org/acpicmos.4">acpicmos(4)</a>, a driver that implements SystemCMOS access support.
225: <li>SSLeay history from 0.4 to 0.8.1b added to SSL manpages.
226: <li>Make sure <a href="https://man.openbsd.org/nc.1">nc(1)</a> clears password buffers in non-terminating cases.
227: <li>Fix wrong execution and out of boundary writes in <a href="https://man.openbsd.org/apply.1">apply(1)</a>.
228: <li>Make sure programs violating a <a href="https://man.openbsd.org/pledge.2">pledge(2)</a> promise cannot block the final SIGABRT.
229: <li>Try harder to execute code protected by mutexes after entering <a href="https://man.openbsd.org/ddb.4">ddb(4)</a>.
230: <li>Exclude SIGKILL from <a href="https://man.openbsd.org/ptrace.2">ptrace(2)</a> interception to prevent deadlock when parent waits for the traced process.
231: <!-- 2018-03-26 -->
232: </ul>
233: <p>
234:
235: </body>
236: </html>