===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus70.html,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- www/plus70.html 2021/09/23 18:46:46 1.2
+++ www/plus70.html 2021/09/26 18:47:05 1.3
@@ -94,6 +94,64 @@
+
+- Released OpenSSH 8.8.
+
- Corrected sshd(8) initialization of supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand helper program (not enabled by default) as a different user.
+
+
+
+
- Updated timezone information to remove DST for Samoa.
+
- Avoided a potential overread in x509_constraints_parse_mailbox().
+
- Fixed a memory leak in rpki-client(8).
+
+
- Adjusted bgpctl(8) RIB_GENERIC_ADDPATH MRT message handling to work with other MRT implementations.
+
- Added a workaround to amdgpu(4) for machines where the framebuffer size reported by the hardware is incorrect.
+
- Prevented ucc(4) keyboards from changing the wsmux(4) keyboard layout.
+
+
- Moved objcopy to base set to allow KARL to work on all installs.
+
- Fixed pchgpio(4) issues with dead touchpads after resume.
+
- Moved to OpenBGPD 7.2(8).
+
- Prevented strlcpy(3) from reading too much in btrace(8).
+
+
- Allowed xenodm(1) login when ~./Xauthority does not exist.
+
- Fixed disklabel(8) generation on sparc64.
+
- Silently ignored invalid requests to change the encoding of a ucc(4) keyboard.
+
- Changed dhcpleased(8) client identifier transmission to match other dhcp client implementations.
+
+
- Fixed the ssh(1) "Allocated port" debug message for unix sockets.
+
- Switched scp(1) back to using the original scp/rcp protocol by default for release.
+
- Unlocked the top part of the VM fault handler on i386.
+
+
- In pchgpio(4), worked around a BIOS bug on Lenovo Thinkpads based on Intel's Tiger Lake platform to properly restore the GPIO pin used for the touchpad interrupt upon resume.
+
- Zeroed out potential passwords when freeing memory or handling parsing errors in iked(8).
+
+
- Fixed acme-client(1) SAN generation for CSRs.
+
+
- Implemented flushing for TLSv1.3 handshakes.
+
- Made scp(1) SFTP mode (including error logging) more scp-like.
+
- Prevented a crash on strict alignment architectures of tcpdump(8) WireGuard printer.
+
+
- Set the rpki-client(8) x509 validation depth limit to 12 or double the current depth.
+
- Simplified dhcpleasectl(8) and added syntax to match dhclient(8) (interface), allowing one to be aliased to the other.
+
- Allowed CanonicalPermittedCNAMEs=none in ssh_config(5).
+
+
- Made pmap_extract() mpsafe on hppa and amd64.
+
- Limited rpki-client(8) to 300 deltas to sync an RRDP repository rather than fetching a snapshot.
+
- Put back the mux_ctx memleak fix for SSH_CHANNEL_MUX_CLIENT in ssh(1).
+
- Enabled cy(4) on amd64.
+
- Retried broadcast with dhcpleased(8) when the dhcp server is unreachable via unicast UDP.
+
+
- Added a theoretical limit of 512 to the number of allocated vcpus in vmm(4).
+
- Introduced /etc/bsd.re-config(5), which can be used to configure the kernel using config(8), allowing use of KARL while making changes to the GENERIC kernel.
+
- Checked the installer's /tmp/i/hostname.* files for a configured IP address so that configurations without a broadcast address are detected as well.
+
+
- Defaulted to using named curve parameter encoding in libcrypto.
+
+
- Identified TPM2.0 devices and performed the 2.0-specific "suspend" command, allowing the lenovo xlr9 and xlnano using the latest BIOS (which added S3) to resume.
+
- Stopped setting the highspeed bit on bcm2835-sdhci sdhc(4) controllers, fixing bwfm(4) wifi on the Raspberry Pi 3 Model B+.
+
- Zeroed out iwx(4) Tx descriptors of frames which are done to prevent the device from writing to the former DMA address of a buffer which has been taken off the Tx ring.
+
- Fixed a bug in iwx(4) Tx done interrupt processing which could cause fatal firmware errors under load and memory corruption.
+
- Stopped ignoring SIGINT in sftp(1) while waiting for input if editline(3) is not used.
- Imported Mesa 21.1.8.