===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus71.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -c -r1.1 -r1.2
*** www/plus71.html 2022/03/26 00:58:58 1.1
--- www/plus71.html 2022/03/28 03:24:39 1.2
***************
*** 94,102 ****
Changes made between OpenBSD 7.0 and 7.1
Moved to rpki-client(8) 7.6.
! Made fdisk(1) -A preserve BIOS boot partition.
Used installboot(8) in riscv64 install.md.
Added a key in tmux(1) copy mode to toggle the position indicator.
--- 94,309 ----
Changes made between OpenBSD 7.0 and 7.1
+
+
+ - Implemented most of CMS related checks in rpki-client(8) required by RFC 6488 section 3.
+
- Added fix in zlib for CLEAR_HASH macro.
+
- Added OSC 7 capability to tmux(1) for setting titles.
+
+
- Fixed a small ntpd(8) leak.
+
- Rate limit rad(8) router advertisements according to RFC 4861.
+
- Fixed iwm(4) 802.11ac throughput at a distance.
+
+
+
- Made sure nothing can map address zero on RISC-V.
+
+
- Fixed crash in slaacd(8) when receiving a negative length field for DNS labels.
+
- Added code to update hw.power whenever AC state changes on resume.
+
- Added support for XBox One game controller on usb.
+
+
- Fix IP output routines on raw sockets so route sourceaddr can take effect using sendto(2) or similar.
+
- Avoid calling setrtable(2) unless "rtable" is set explicitly in login.conf.
+
- Prevent panic in softraid(4) while rebooting if softraid has been disabled.
+
- Prevent announcing VHT capabilities on iwm(4) and iwx(4) for 2GHz bands during scans.
+
- Fixed argument list leak in scp(1).
+
+
- Enabled interrupt moderation on aq(4), aiming at around 20k per second.
+
- When choosing networks during SSID selection, give a higher score to 11ac and 11n access points, prioritizing 11ac.
+
- Fixed attach of multiple iwm(4) or iwx(4) interfaces in the same machine.
+
- Add initial 802.11ac support to iwm(4).
+
- Added 802.11ac/VHT TX rate adaptation support to the wifi stack.
+
+
+
- Made sure sshd(8) does not try to resolve ListenAddress when re-execing.
+
- Fixed ssh-keygen(1) SEGV when using -Y check-novalidate.
+
- New logic for pkg_add(1) to avoid excessive moving of files during updates when possible.
+
- Avoid legacy CSS2 syntax and use CSS3 two-value syntax in mandoc(1).
+
- Updated time zone database to tzdata2022a.
+
- Made tcpdump(8) show 802.11ac VHT capability and operation IEs in -v mode.
+
- Add tmux(1) option to control if it scrolls into history on clear.
+
+
- Make sure iked(8) vroute messages are correctly aligned, fixes autoconfiguration of addresses on octeon.
+
- Added an option in tmux(1) to set the character for unused areas of the terminal.
+
- Updated nsd(8) to version 4.4.0.
+
+
- Bumped LibreSSL to 3.5.2.
+
- Fixed reading motherboard time on Apple machines with old SMC firmware.
+
- Make su(1) honor the login class routing table when doing a full login with su -l.
+
- Fixed infinite loop in libcrypto for certain elliptic curve public key operations.
+
- Enabled IP header checksum offloading in ix(4).
+
- Changed the way $macros are expanded in bgpd.conf(5).
+
- Fix TX rate used by rtwn(4) and urtwn(4) for RTS frames.
+
+
- Fixed sndiod(8) crash.
+
- Enabled checksum offloads on aq(4).
+
- Added -k flag to gzip(1) and gunzip(1) to retain (de)compressed file.
+
- Made sure armv7,arm64 and risc-v FDT bootloader code does not write beyond the FDT data structure.
+
- Added 802.11ac support on iwx(4).
+
- Added initial 802.11ac (VHT) support to the wifi stack.
+
- Improved TX performance on urtwn(4) RTL8192EU devices.
+
- Improved message fragment retransmissions for iked(8).
+
+
- Fix crash in IPSec while doing parallel IP forwarding.
+
- Add missing error check for x509 constraints code in libcrypto.
+
- Enable vlan promisc, header stripping and vlan RX/TX offload on aq(4).
+
+
- Let unwind(8) probe for DNS64 presence with an absolute name, so asr doesn't add search domains and retry.
+
+
- Made fdisk(8) preserve the EFI System partition when auto-allocating space on GPT disks with magic Apple partitions.
+
- Fixed receive filter handling in aq(4).
+
- Fixed masked signal traps while in a debugger.
+
- Fixed overflow protection code in rpki-client(8).
+
+
- Enabled PL011 UART FIFO support in pluart(4).
+
- Fixed RISC-V lld link code when dealing with object files created with "ld -b".
+
- Added kernel interfaces for atomic load and store functions for int and long to be used in reference counted struct members.
+
- Prevented an assert in uvm_page.c when freeing an anon after swapping out its memory.
+
- Added mtw(4) to fw_update(8).
+
+
- Prevented aq(4) nics from writing to mbufs taken off the ring when the interface was taken down.
+
+
- Updated libexpat to 2.4.7.
+
- Improved roaming stability on iwn(4), particularly with wpa_supplicant.
+
+
+
- Switched aucat(1) internal sample representation and default file encoding to 24-bit.
+
- Switched sndiod(8) internal sample representation to 24-bit fixed point.
+
- Renamed net80211 ioctl(2) struct ieee80211_channel to struct ieee80211_chaninfo.
+
- Updated to xf86-video-amdgpu 22.0.0.
+
- Prevented a possible deadlock in cad(4).
+
+
- Made the arm64 ramdisk installer fetch bwfm(4) firmware from the EFI System Partition on Apple Silicon devices for use during installation and addition to the newly installed system.
+
+
+
- Added support for the BCM4387 to bwfm(4).
+
+
- Improved handling of static compressed gzip files in httpd(8).
+
+
- Added openvpn ports (udp/1194 & tcp/1194) to /etc/services.
+
- Added an ofw interface to write to an nvmem cell.
+
- Added RTC support to aplsmc(4).
+
- Added nvmem support to aplpmu(4) and made it available on Apple SPMI PMUs.
+
+
- Added pax(1) support for mtime/atime/ctime extended headers in !SMALL builds.
+
- Ensured apldart(4) keeps the DART enabled in front of the display controller to preserve its access to the framebuffer and continued display.
+
- Added handling for vmd(8) hitting resource limits when starting a vm and added memory error messages for the user.
+
- Modified aplintc(4) to support a newer interrupt controller, making OpenBSD run on M1 Pro/Max machines.
+
+
- Added rtable capability to login.conf(5).
+
- Provided a login class for vmd(8).
+
+
- Added mbuf tags to prevent output loops in etherip(4).
+
- Fixed backtraces on i386 and armv7.
+
- Added a gzip-static option to httpd.conf(5), allowing delivery of precompressed files with content-encoding gzip.
+
+
- Added a malloc(3) cache of regions between 128k and 2M to accommodate programs allocating and deallocating regions of these sizes quickly.
+
- Fixed setusercontext(3) error when /etc/login.conf is not present.
+
+
- Protected pfsync(4) tdb flags and lists with a mutex to prevent crashes involving pfsync, IPsec and parallel forwarding.
+
- Enabled cduart(4) on arm64.
+
+
- Released LibreSSL 3.5.0.
+
- Fixed kernel stack alignment on riscv64.
+
- Unlocked getsockname(2).
+
+
- Updated Mesa to 21.3.7.
+
- Updated to unbound(8) 1.15.0.
+
- Made it possible to bind and connect to non-default ports in bgpd.conf(5).
+
- Randomized the password used in fakepw in ssh(1).
+
- Released OpenSSH 8.9.
+
+
- Extended and reordered the process accounting information structure acct(5). Flag Day for the acct(2) file format.
+
- Added seq(1), a command to print sequences of numbers.
+
- Added new _MAXCOMLEN (a proper string expanded to 24 bytes including the NUL) to syslimits, allowing replacement of the MAXCOMLEN symbol from sys/param.h in userland.
+
- Updated libexpat to 2.4.6.
+
- Stopped hiding the mtu on "bridge" interfaces which do handle l3 traffic in ifconfig(8).
+
- Improved stack unwinding on riscv64 in ddb(4).
+
- Made audio(4) event filters MP-safe.
+
+
- In rpc.rusersd(8) unveil(2) "/dev" read-only instead of using chroot(2).
+
- Updated to libX11 1.7.3.1.
+
+
- Capped the daemon login class datasize at either 1G or 4G depending on the architecture and set the bgpd class datasize to either 16G or 1G.
+
- Made ping(8) print out the source address and sequence number when the signature on an icmp echo reply doesn't match.
+
- Made fw_update(8) use the /snapshots directory only on -current.
+
- Fixed vi(1) recovery mode.
+
- Added aplcpu(4), a driver to control the CPU performance levels on Apple SoCs.
+
- Prevented a potential crash when slaacd(8) receives more than 7 nameservers.
+
- Updated xorg-server to 21.1.3, leaving in place an earlier change to compute the screen resolution from dimensions returned by the screen, reverted by upstream.
+
- Moved to OpenBSD 7.1-beta.
+
+
- Enabled subpixel rendering in FreeType.
+
- Used installboot(8) in install.md for armv7.
+
+
- Made apmd(8) replace /etc/random.seed for hibernate-resumes.
+
- Enabled TLS verify by default for outbound "smtps://" and "smtp+tls://", restoring documented smtpd(8) behavior.
+
- Introduced mpfgpio(4), a driver for the PolarFire SoC MSS GPIO controller.
+
+
- If S4 is not available, use S5 for the ACPI-transitions in hibernate support.
+
- Corrected architecture checking to prevent partial building of binutils-2.17 on unsupported systems.
+
+
- Introduced mpfiic(4), a driver for the PolarFire SoC MSS I2C controller.
+
+
- Correlated uaudio(4) and ucc(4) devices attacked over USB in order to adjust the volume of the correct attached audio device rather than the first one attached.
+
- Fixed suspend/resume issues with com(4) at acpi(4).
+
- Ensured the pf(4) "set prio" values are checked consistently.
+
- Prevented reopening of tun(4)/tap(4) interfaces which are being destroyed.
+
- Rewrote vxlan(4) to operate independently of bridge(4), create and bind udp sockets and prevent loops.
+
+
- Prevented tweaks to tun(4) if_flags when the NET_LOCK isn't held.
+
- Used fdisk(8) -b to create the desired 1MB MSDOS boot partition for macppc rather than relying on /usr/mdec/mbr.
+
+
- Added support to explicitly power on some PCIe devices on the M1 and M1 Pro/Max through a GPIO controlled by the SMC.
+
- Added basic GPIO support to aplsmc(4).
+
- Improved tracking of mbuf memory usage in the whole system.
+
+
+
+
- Made rcctl(8) look for the login class in both login.conf and login.conf.d/${class}.
+
- Enabled receive checksum offloading on ixl(4).
+
- Stopped smtpd(8) from verifying the cert or CA for a relay using opportunistic TLS.
+
- Updated Devel::PPPort to 3.6.4.
+
- Unveil(2) _PATH_LOGIN_CONF_D.
+
- Introduced support for storing capability databases in /etc/login.conf.d, allowing easy addition of custom login classes from packages.
+
- Switched to using fdisk(8) -b to create boot partitions on multiple architectures.
+
+
- Stopped unregistering firmware with fw_update(8) when the SHA256.sig cannot be fetched.
+
- Enabled acpibat(4) use with the Surface Go 3.
+
- Fixed getcap(1) -f option when passed multiple files.
+
- Enabled more flexible device matching for I2C devices.
+
- Increased armv7 ramdisk size.
+
+
- Added a CRL check for manifests to rpki-client(8).
+
- Re-enabled ixl(4) IPv4, TCP4/6 and UDP4/6 checksum offloading.
+
- Switched ssh(1) hpdelim interface to accept only ":" as a delimiter.
+
- Enabled hardware vlan tagging for ixl(4).
+
- Implemented the poll(2) system call on top of the kqueue(2) subsystem, obsoleting the old, non-MP-safe poll backend.
+
- Plugged a leak in libtls CRL handling.
+
+
- Reworked ix(4) checksum/vlan offloading and enabled it for IPv6.
+
- Added ps(1) status flag "c" to indicate a process is chrooted.
+
- Allowed ddb(4) trace through interrupt on macppc.
+
- Released rpki-client(8) 7.6.
+
+
- Allowed riscv64 installation on a disk with a GPT.
+
- Enabled support for displaying an estimated battery recharge time in apm(8) and apmd(8).
+
+
- Grew the dmesg(8) buffer on i386 from 4 to 8 pages.
+
+
- Enforced RFC 6384 certificate policy for RPKI in rpki-client(8).
- Moved to rpki-client(8) 7.6.
!
- Made fdisk(8) -A preserve BIOS boot partition.
- Used installboot(8) in riscv64 install.md.
- Added a key in tmux(1) copy mode to toggle the position indicator.
***************
*** 142,148 ****
- Improved how quirks are handled on sdhc(4)-compatible drivers.
- Introduced cdsdhc(4), a driver for the Cadence SD/SDIO/eMMC host controller.
!
- Made transferring multiple files in scp(1) mode create the destination if it doesn't already exist.
- Updated libexpat to 2.4.3.
- Allowed more memory ranges in hibernate.
--- 349,355 ----
- Improved how quirks are handled on sdhc(4)-compatible drivers.
- Introduced cdsdhc(4), a driver for the Cadence SD/SDIO/eMMC host controller.
!
- Made transferring multiple files in scp(1) mode create the destination if it doesn't already exist.
- Updated libexpat to 2.4.3.
- Allowed more memory ranges in hibernate.
***************
*** 158,164 ****
- Implemented powerdown in arm64.
- Improved performance of rev(1).
!
- Set cpuspeed to 0 in apm(1) when hw.cpuspeed cannot be retrieved.
- Fixed sdhc(4) for Jasper Lake eMMC.
- Added Synopsys Designware UART support to com(4).
--- 365,371 ----
- Implemented powerdown in arm64.
- Improved performance of rev(1).
!
- Set cpuspeed to 0 in apm(8) when hw.cpuspeed cannot be retrieved.
- Fixed sdhc(4) for Jasper Lake eMMC.
- Added Synopsys Designware UART support to com(4).
***************
*** 186,192 ****
- Added a basic printer for EAPOL packets to tcpdump(8).
- Changed ssh-keygen(1) to allow selection of hash algorithm at sshsig signing time.
!
- Fixed an ssh-keygen(1) NULL dereference when using find-principals and matching an allowed_signers line that contains a namespace restriction but no restriction specified on command line.
- Introduced mpfclock(4), a driver for the PolarFire SoC MSS clock controller.
- Fixed hibernate setups where a removed umass(4) device results in a renumbered softraid(4) device.
- Restricted the pci(4) ioctl interface to devices detected by hthe kernel, preventing Xorg PCI probes from breaking the WiFi chip on M1 macs.
--- 393,399 ----
- Added a basic printer for EAPOL packets to tcpdump(8).
- Changed ssh-keygen(1) to allow selection of hash algorithm at sshsig signing time.
!
- Fixed an ssh-keygen(1) NULL dereference when using find-principals and matching an allowed_signers line that contains a namespace restriction but no restriction specified on command line.
- Introduced mpfclock(4), a driver for the PolarFire SoC MSS clock controller.
- Fixed hibernate setups where a removed umass(4) device results in a renumbered softraid(4) device.
- Restricted the pci(4) ioctl interface to devices detected by hthe kernel, preventing Xorg PCI probes from breaking the WiFi chip on M1 macs.
***************
*** 204,210 ****
- Prevented a potential race when assigning new wskbd(4) keymap.
!
- Fixed veb(4) vport handling to prevent improper drop of packets leaving a vport interface.
- Unlocked the bottom part of the uvm fault handler.
- Added the chip ids used on Apple M1 Pro/Max and Apple T2 Macs to bwfm(4).
--- 411,417 ----
- Prevented a potential race when assigning new wskbd(4) keymap.
!
- Fixed veb(4) vport handling to prevent improper drop of packets leaving a vport interface.
- Unlocked the bottom part of the uvm fault handler.
- Added the chip ids used on Apple M1 Pro/Max and Apple T2 Macs to bwfm(4).