OpenBSD
-current Changelog
This selection is intended to include all important
and all user-visible changes.
For a complete record of all changes, please see the "source-changes"
mailing list, called "OpenBSD CVS"
in the archives,
or use CVS.
Note: Problems for which patches exist are marked in red.
For changes in other releases, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9.
Changes made between OpenBSD 5.9 and -current
- In npppd(8), transition to "Req-Sent" had been missing when RTA in "Opened". This caused a timer event leak.
- Update to tzdata2016b from ftp.iana.org.
- Allocate amap slots for a virtual memory range reserved with sbrk(2) lazily. This avoids wasting kernel memory if the user process does not make use of the allocated memory.
- For amaps with only a few slots, allocate the slots via pool(9). This saves some memory and reduces kmem pressure.
- 5.9 RELIABILITY FIX: Incorrect path processing in pledge_namei() could result in unexpectedprogram termination of pledge(2)'d programs.
A source code patch is available for 5.9.
- 5.7, 5.8 and 5.9 SECURITY FIX: Insufficient checks in IPv6 socket binding and UDP IPv6 option processing allow a local user to send UDP packets with a source (IPv6 address + port) already reserved by another user.
A source code patch is available for 5.7, 5.8 and 5.9.
- In puc(4), add support for the Exar XR17V354 device.
- Remove the legacy uiomovei(3) function. It has been replaced by uiomove(9).
- In ssh(1), unbreak authentication using lone certificate keys in ssh-agent (bz#2550).
- In acpicpu(4), correct the value of SRT_ENDTAG: it was documented incorrectly in early ACPI specs.
- In libfontconfig, enable atomics operations on mips64 and mips64el.
- In vmm(4), introduce memory ranges to support VMs with 4G or more of RAM.
- In ichiic(4), ignore the SMBALERT# interrupt. This fixes booting the GENERIC kernel on ADI RCC-VE with buggy BIOS versions, rendering the internal eMMC flash unusable.
- In kdump(1), recognize ipmi, vscsi, pvbus, udl, fuse, trunk, pipex and memrange ioctl(2) requests.
- In sd(4), avoid a kernel panic when unplugging an USB umass stick because of a use after free.
- Avoid corrupt mount points without a valid device when unmounting.
- 5.7, 5.8 and 5.9 SECURITY FIX: Lack of credential sanitization allows injection of commands to xauth(1).
A source code patch is available for 5.7, 5.8 and 5.9.
- In ssh(1), sanitise characters destined for xauth(1).
- In isakmpd(8), don't retransmit responses for unauthenticated messages.
- Remove support for vax.
- In fdisk(8) and pdisk(8), accept only a character special device as disk.
- Rework how mpw(4) interacts with vlan(4). This will allow vlan(4) to become MP-safe.
- In xterm(1), use UTF-8 mode by default.
- In httpd(8), set the content charset for auto index generated pages.
- Make "cp -i" behave as "mv -i" or "rm -i", independently of whether stdin is a tty or not.
- Do not remove RTF_STATIC L2 entries from the routing table. Static entries might not have a cloning route to re-create them and hence be gone when their timer expires.
- In kdump(1), improve display of unknown and KTR_START records.
- Avoid refetching blocks already in the buffer cache. This significantly improves read operations on MSDOSFS.
- Update to xrandr 1.5.0.
- Update to libXrandr 1.5.0.
- In ksh(1), make "set +o" conform with POSIX.
- Tweak uvm assertions to avoid locking in some cases.
- In file(1), sync "archive" magic from file 5.25.
- In ntpd(8) constraints, avoid using %Z specification of strptime(3) which disagress with RFC7231 and can give surprising results on other operating systems.
- In tmux(1), improve UTF-8 locale checking.
- Update to unbound 1.5.8.
- In ksh(1), fix POSIX-compliant behavior of "set -u" regarding "$*" and "$@" specials.
- Almost completely rewrite mknod(8) in order to allow a speedup of MAKEDEV(8).
- In tmux(1), avoid accessing a NULL pointer.
- In vmd(8), set root device to sd0a, instead of wd0a.
- In ksh(1):
- Don't parse (...|...) patterns in variable substitution inside double quotes. This fixes a POSIX compatibility issue.
- Remove the mknod builtin.
- In ssh(1), fix ClientAliveInterval when a time-based RekeyLimit is set (bz#2252).
- In tmux(1):
- Avoid mixing up RGB colours with aixterm colours.
- Make the show-* and set-* commands handle a missing target.
- On amd64 and i386, unwind the trapframe correctly when a breakpoint is set on "syscall". This prevents a fault in ddb(4) on amd64.
- Remove the machdep.userldt sysctl(8).
- In ieee80211(9), restore an assignment of device current mode. This fixes iwi(4) fatal firmware errors.
- Bump link_maxhdr (the space reserved before an ip packet payload for link headers) from 16 to 64.
- In scp(1), improve accuracy of reported transfer speeds.
- In sftp(1) and scp(1), improve precision of the progress meter.
- In tmux(1), improve wcwidth(1) and mbtowc(1) error handling.
- Remove Linux emulation support.
- In libssl, add bounds checking for read_ledword().
- In libssl, add bounds checking for BN_hex2bn(3) and BN_dec2bn(3).
- In acpi(4), add more Windows versions for _OSI checks.
- In cpsw(4), detect and only enable the port that is actually used. This avoids device timeouts. Also enable interrupt pacing to limit interrupts at 2K/s.
- Set the IFF_MULTICAST flag on tun(4) interfaces so IPv6 addresses can be assigned.
- In diff(1), rectify line numbers for "s/.//" commands in ed-style diffs.
- In libedit, fix a segfault and functional error in c_gets().
- In libssl, remove support for ancient, broken DSA implementations.
- Fix a bug when IPsec UDP encapsulation is used for IPv6.
- In gcc(1), fix an Internal Compiler Error on alpha when using __sync builtins.
- In fnmatch(3), fix negation of POSIX character classes.
- Prevent a memory leak in vnet(4/sparc64).
- Valdate fs_maxsymlinklen in the superblock of ffs and ext2fs filesystems to avoid use of bogus data.
- On alpha and sh, now that time_t is 64-bit, no longer ignore the hardware clock when it reports a year after 2037.