OpenBSD -current changelog
This selection is intended to include all important
and all user-visible changes.
For a complete record of all changes, please see the "source-changes"
mailing list, called "OpenBSD CVS"
in the archives,
or use CVS.
Note: Problems for which patches exist are marked in red.
For changes in other releases, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5.
Changes made between OpenBSD 5.5 and -current
- Fixed ssl(8) resource descriptor leaks (CID: 966576 & 966577).
- Allow tty(4) to handle threaded processes correctly with kerninfo status requests (a.k.a. ^T).
- Fixed azalia(4) format mistakes when AZALIA_DEBUG is defined.
- Pass DVACT_QUIESCE to usb(4) to stop "new" uhub(4) device reattaching at every resume.
- Fixed off-by-one in index validation before accessing arrays in ssl(8) ssl_cipher_get_evp().
- In ssl(3), enabled three brainpool elliptic curves for TLS (per RFC 7027).
- Made fsck_ext2fs(8) and fsck_ffs(8) output verbiage more consistent.
- Added support for newer run(4) hardware.
- Made fsck_ext2fs(8) initialise newent.e2d_type to EXT2_FT_UNKNOWN (a.k.a. 0).
- Reverted pax(1) ar_io.c r1.45 to stop showing archives written with a non-standard blocksize as truncated reads.
- Stopped tcpdump(8) "weird flag" warning for DNS NOTIFY messages which should have "AA" set.
- Permit less(1) searches to work past/across NUL bytes.
- Made the pax(1) signal handler safe.
- Expose bif_capacity in acpibat(4), to report the design capacity of the battery.
- Clean up after the snmpd(8) traphandler children, to avoid leaving zombie processes.
- Marked ssl(8) malloc(3) wrapper functions as deprecated.
- Fixed smtpd(8) crash when running the pki lookup code.
- On sgi, converted the PS/2 keyboard layouts to sgi serial keyboard layouts.
- Let sgi keyboard(7) work in polling mode; fixed "international" ("GERlessthan") key.
- Made qle(4) less likely to get stuck looping when the firmware behaves inconsistently.
- Fixed file size reported by lpq(1) -l by giving stat(2) privileges on the spool file.
- Fixed fdisk(8) -u on sparc64.
- Fixed ipsec(4) route addition, broken since the removal of the link-layer addresses from the per-ifp list.
- Made xhci(4) handle the stall condition like the bable condition.
- pax(1) now exits with non-zero status if a read is truncated.
- Added support for -o XXX or -oXXX options, and -o max_read=XXX to fuse(4).
- When sending icmp(4) messages, assign the queue ID to the correct packet header.
- Fixed eui64 address generation, broken upon removal of the link-layer address from the per-ifp list.
- No more (obsolete) 5- and 6-byte or surrogate pair code point encodings in ssl(8) UTF8_{getc,putc}.
- Upon HTTPS ftp(1) redirects, don't reinitialise ssl(8), and reuse SSL_CTX.
- Plugged memory leak in rcs(1).
- More consistency in fuse(4) error handling.
- Made fuse(4) use realpath for more reliable mount(8) operations.
- On armv7, loongson and socppc use autoconf(9) to track usb(4) host controller's children.
- Stopped dhclient(8) trying to update file when none has been specified by -L flag.
- Added H_SAVE_FP operation to editline(3), to save history to an open file pointer.
- Fixed uhci(4). Unbreaks the build when DIAGNOSTIC is not defined.
- Updated run(4) firmware to version 0.33.
- Made mkuboot(8) correctly handle files smaller than an elf(5) header.
- In ssl(3) ssl3_send_certificate_request(), properly adjust for payload size.
- Upon error, made sure ssl(3) ssl3_setup_buffers() frees pqueue before returning.
- Fixed tail packet check in pms(4) elantech v3 touchpad code.
- Stopped dhclient(8) adding a lease to the leases TAILQ more than once. Avoids infinite loop.
- Updated to libXfont 1.4.8.
- Check ssl(3) bio_err initialisation succeeds before using it.
- Updated to fontconfig 2.11.1.
- Updated to xf86-input-synaptics 1.8.0.
- Fixed kernel build when ehci(4) uses EHCI_DEBUG.
- Switched ssl(8) RSA key generation default to 2048 bits (matching ssh(1)).
- Made qla(4) less likely to get stuck looping when the firmware behaves inconsistently.
- Change interrupt handler's return value to 0 when nothing is processed on pcexmem(4/luna88k).
- When pfctl(8) is parsing a numerical value for the TOS bits, ensure it is in a valid range.
- Fixed mountd(8): when a host in a netgroup is unresolvable, don't ignore entire netgroup.
- Sped up signify(1) -C.
- Made df(1) do calculations of available space the same way as ffs_statfs() does.
- Improved logging messages and style for snmpd(8).
- Don't put a link-layer address on the per-ifp lists or RB-Tree. Improves address lookups.
- Fixed memory leaks in ssl(3) asn1 upon failure.
- Replaced ssl(3) ASN1_GENERALIZEDTIME_adj(), ASN1_UTCTIME_adj() and ASN1_TIME_to_generalizedtime() with wrappers.
- Added a ChaCha20-Poly1305 AEAD EVP implementation to ssl(3) libcrypto.
- Added an AEAD EVP interface to ssl(3) libcrypto, along with AES-GCM AEAD implementations.
- Made signify(1) -C mode work again.
- rtadvd(8) now ignores route info messages on the listening side.
- Stopped flushing streams on abort(3), which was unsafe.
- Removed arch-specific lo(4) MTU and set to 32768 everywhere.
- Made signify(1) recode base64 hashes if necessary; spell out base64 in error messages.
- Better use of realloc(3), to speed up signify(1) checksum verification.
- Added poly1305 to ssl(3), utilising Andrew Moon's public domain implementation.
- tmux(1) no longer allows multiple buffers with the same name.
- 5.4, 5.5 and -current SECURITY FIX: integer, memory and buffer overflows in libXfont (CVE-2014-0209; CVE-2014-0210 and CVE-2014-0211).
- Fixed regression in r1.285 of sys/net/if.c (TAILQ corruption where rdomain was not switched).
- In iked(8), pass SA initiator (not the exchange initiator) to sa_address().
- The resolver now skips incomplete entries in /etc/hosts and /etc/networks (rather than crash).
- Pass multi-argument tmux(1) commands directly to execvp(3). Helps avoid quoting problems.
- Added a copy mode key binding to copy to a named tmux(1) buffer.
- Added tmux(1) support for named buffers.
- Fixed multiple bugs in ncheck_ffs(8) handling of indirect blocks.
- Updated drm(4) to libdrm 2.4.54.
- Fixed ntpd(8) format strings involving time_t arguments. Fixes ntpd(8) -d on sparc.
- Moved GTT management for Sandy Bridge into inteldrm(4).
- Removed AES_bi_ige_encrypt() from ssl(3).
- Removed md5crypt from crypt(3).
- Moved the ohash functions into libutil.
- Stopped dhclient(8) exiting when sent RTM_NEWADDR or RTM_DELADDR routing messages lacking appropriate address info.
- Altered usbhidctl(1) and usbhidaction(1) parsers to keep in sync with the kernel HID parser.
- Fixed possible smtpd(8) double free when tls is required but not advertised by the server.
- Updated the HID parser to properly parse modern input device descriptors.
- Added router alert option (RAO) in IGMP packets (per RFC2236), needed by some L3 switches.
- More intelligent parsing of WEP keys by ifconfig(8).
- Make sure uhub(4) root hub is re-attached before interrupts get enabled. Unbreaks resume.
- Stop ignoring "lease" statements in dhclient.conf(5).
- Reworked/restored dhclient(8) recorded lease handling.
- Fixed the installer's configuration of a static IPv6 default gateway.
- Various format string fixes on mips64 and octeon.
- Fixed recently-occurring ssl(8) breakage in smtpd(8).
- On i386/amd64, disable speedstep instead of panicking if high and low speeds are the same.
- Allow nginx(8) to chroot(8) to a directory other than /var/www.
- Many string format fixes on sparc64.
- Losing TCP connection no longer results in an unrecoverable stop in iscsid(8).
- Stopped cribbage(6) ignoring words which followed two or more blank characters.
- Print interface name with queues in systat(1) q.
- Updated to: xterm(1) version 304; libXi 1.7.2 and xf86-input-synaptics 1.7.5.
- Fixed fsck_ffs(8) -b to work with the superblock locations on 4096-byte sector disks.
- Use the highest possible priority for any route(4) to local addresses.
- Stopped cribbage(6) choking on one-letter card names which followed three-letter card names.
- Fixed potential uvm(9) integer overflows.
- Made relayd(8) fail when encountering unsupported combinations.
- Only attach pcexmem(4/luna88k) and pcexio(4/luna88k) on luna88k2 (not luna88k).
- Brought back restricted sockets to snmpd(8), inadvertently removed in recent update.
- Made zmore(1) call more(1) and zless(1) call less(1).
- Repaired the termination condition of a write(2) loop in vipw(8).
- In ssl(8) ec_asn1.c, don't free memory unless we allocated it (RT#3338).
- Improved code to clear all bignums from bn_lib.c in ssl(8).
- In ssl(8) BN_clear_free(), don't cleanse the data if the static data flag is set.
- Render roff(7) escape sequences in man page descriptions prior to insertion into mandoc.db(5).
- Fixed two memory leaks in makewhatis(8) -n.
- Fixed segfault in makewhatis(8) -Q if the next .SH after .SH NAME does not have any arguments.
- Backed out the previous ICMP simplifying diff from dhcpd(8), which caused livelocks.
- Try postponed requests first, so iked(8) does in-order processing.
- Made iked(8) authentication work with X509 certificates not containing a subject-altname.
- Removed the undocumented and ineffective ln(1) -F option.
- Removed sysctl(8) {nd6_,}useloopback options.
- Fixed recently broken ext2fs atime and mtime.
- Introduced gcc(1) -fstack-shuffle, which randomises local stack variables.
- Make sure ssl(8) PKCS7_get_octet_string() return values are checked for NULL (PR#3339).
- Enabled brswphy(4/octeon).
- Allow iked(8) to initiate a create-child-SA and process requests for the peer simultaneously.
- Explicitly zero ibufs before releasing memory. Ensures iked(8) crypto parameters are cleaned.
- Fixed memory leaks in the relayd(8) and smtpd(8) ssl(8) code.
- Re-queue pfkey events while iked(8) is busy initiating child-SAs.
- In iked(8), initiate ike SA rekeying ("ikesalifetime" keyword).
- Fixed iked(8) memleak when SA lookup fails while forwarding encrypted ip6(4) packets.
- Plugged two ucom(4) xfer leaks and a buffer leak.
- Encrypt some iked(8) notify payloads.
- Initial iked(8) support for PFS.
- Cleanse old ssl(8) memory when expanding a bignum; clear all bignums when freed.
- Updated xkeyboard-config to version 2.11.
- Workaround overoptimistic fdisk(8) alignment expectation on dos_partition fields.
- Enhanced reading of saved ascii labels when using disklabel(8) -R.
- Stopped iked(8) leaking on pid mismatch.
- Validate the attribute length in iked(8).
- Removed SRP and Kerberos support from ssl(8).
- On sparc, enabled ssl(8) assembler code for DES.
- On vax, enabled the ssl(8) assembler code for BN.
- In relayd(8) and smtpd(8), fixed SSL/TLS and a possible fatalx() on machines without a default RSA engine.
- Added sysctl(8) kern.nosuidcoredump=3, to dump core(5) into the /var/crash/progname/ directory.
- Enabled ssl(8) assembler code for AES, DES, GCM, SHA1, SHA256 and SHA512 on sparc64.
- Enabled ssl(8) assembler code for AES, BN, GCM128, SHA1, SHA256 and SHA512 on arm.
- Updated to: xauth(1) version 1.0.9; xbacklight(1) version 1.2.1; xrandr(1) version 1.4.2 and xinput(1) version 1.6.1.
- Updated to libFS 1.0.6.
- Unbroke ssh(1) compression.
- Switched to generating bcrypt(3) 2b hashes by default.
- Added checks for invalid base64 encoded data in ssl(8) padding. Fixes a crash (RT#2608).
- Provide extended-precision math constants (required by POSIX).
- Stopped citrus UTF-8 parser rejecting 0xFFFE and 0xFFFF (they do not render strings invalid).
- drm(4) i915 fixes: workaround inverted brightness for Acer Aspire 5336; fixed gen4 composite s-video tv-out.
- Updated Xserver(1) to version 1.15.1.
- On hppa, fixed ssl(8) assembler version of SHA512 to output correct results.
- Make acpiprt(4) correctly handle interrupts with non-standard polarity.
- In acpi(4), made acpi_mutex_acquire/release actually grab the global lock when called.
- Fixed occasional disklabel(8) crashes when altering mount points.
- Reverted __bounded code in ssh(1).
- Oh hppa, use assembly code for AES, BN (Montgomery), SHA1, SHA256 and SHA512 in ssl(8).
- Stopped ssl(8) perl(1) scripts outputting SOM-specific directives.
- Removed unreferenced OPENSSL_instrument_bus and OPENSSL_instrument_bus2 routines from ssl(8).
- Extended fread(3) and fwrite(3) to check for integer overflows.
- Moved smtpd(8) RSA key handling from "lka" to a new dedicated "ca" process.
- 5.4 and 5.5 RELIABILITY FIX: Stop attacker's ability to trigger an ssl(8) alert, which could cause a null pointer dereference.
A source code patch is available for 5.4 and 5.5.
- Fixed gcc(1) on i386, to detect overflows and properly align arrays > 16 bytes.
- Added ChaCha cypher to ssl(8), and provided it with an EVP implementation.
- Added Brainpool and ANSSI FRP256v1 elliptic curves to ssl(8) (RT#2239).
- Corrected isakmpd(8) test when passing data to a keynote.
- Improved malloc(3)'s ability to pick a free chunk at random.
- uvm(9) now correctly flush discarded pages even if the number of hash buckets doesn't change.
- When openssl(1) isn't available, ssh(1) now uses local fallback implementation of AES for UMAC.
- Preserve the intended chronological order of leases in dhclient.leases(5) files.
- Fixed growfs(8) on 4K-sector disks.
- First pass at removing win64 support from the assembly-generating perl(1) scripts in ssl(8).
- Stopped smtpd(8) trying to create folders that already exist when using maildir.
- Improved imsg handling with many concurrent connections in smtpd(8).
- New buffer API, to eventually make ssh(1) usable as a standalone library.
- Improved enforcing of proper alignment of stack variables on sparc.
- smtpd(8) RSA private key privsep will now only load keys after forking the separated process.
- Stopped sftp(1) attempting to append a nul quote character to filenames (bz#2238).
- Implemented RSA privilege separation for smtpd(8). Prevents possible private key leakage.
- Made compiling ssh(8) and sshd(8) against ssl(8) optional.
- When smtpd(8) fails to relay via TLS (and smtpd.conf(5) doesn't require security), try plain; also downgrade if a TLS error happens during the session.
- Constrain bytes read/written to positive values in ssl(8) s3_pkt.c code.
- Re-added local aesctr implementation to ssh(1).
- Moved traceroute6(8) to the attic, fully merged into traceroute(8).
- Removed large memory leak from usb(4).
- Deleted SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS from nginx(8) to keep attack mitigations enabled.
- Stopped ssh(1) sending success/failure replies when channels have sent a close already (bz#1818).
- Removed less(1) support for the obsolete (non-POSIX) "more -d" prompt.
- Made sure the iked(8) state machine only advances if the AUTH payload has been verified.
- Use explicit_bzero(3) instead of memset(3) to clear out sensitive smtpd(8) data.
- Implemented AI_ADDRCONFIG in getaddrinfo(3), as per RFC 3493.
- Removed more WIN32, WIN64 and MINGW32 tentacles from ssl(8).
- Use the correct algorithm mask in ssl(8) t1_enc.c.
- In ssl(8), stopped SSL_OP_ALL disabling attack mitigations against CBC modes.
- Let nm(1) -w correctly return 0 for valid archives.
- Stopped ping(8) and ping6(8) sleeping after poll(2) returns an error.
- Added fuse(4) support for 255 character file names.
- m4(1) now checks for integer overflows in custom allocs.
- Added support to snmpd(8) for exporting ARP table via "ipNetToMediaTable" OID.
- Fixed a loop so that waiting for wds(4/i386) hardware actually happens.
- Improved error handling when using dbopen(3) in mandoc(1).
- Fixed library search order in libtool(1).
- Updated to xproto 7.0.26.
- On i386, installboot(8) no longer overwrites disklabel and nearby blocks on 4k-sector disk drives.
- Stopped bluetooth(4) HID device grabbing the console.
- Re-added "_ppp" user and "_ppp" group, to be solely used by npppd(8) going forward.
- Stopped ssl(8) using random stack memory as addresses of strings.
- Removed support for building openssl(1) on 16-bit Windows.
- Filter excess data from autoinstall output, to avoid filling the ramdisk.
- Made more(1) POSIX compliant with respect to the -e option.
- Merged less(1) version 458, including local changes.
- Reduced the verbosity of makewhatis(8) -t.
- Do not re-probe pms(4) unnecessarily. Fixes 12 seconds Xorg(1) delay on some laptops.
- Stopped iked(8) and mpii(4) accessing pointers prior to a null check.
- Allow snmpd.conf(5) to set user-defined actions on receipt of snmp traps.
- Removed kinit(1).
- Fixed sudo(8) when checking command line environment variables against the blacklist (CVE 2014-0106).
- Fixed copied text in the snmpd(8) error string.
- Stopped ssl(8) do_ssl3_write() being called recursively; don't release buffer meant for use.
- Audited malloc(3)/calloc(3)/realloc(3) usage in mandoc(1) to be safe from overflows.
- Fixes in ssl(8) kssl.c to prevent double frees and removed a use-after-free.
- Fixed leak in ssl(8) BIO_accept which could have caused the caller to crash.
- Audited strlcpy(3)/strlcat(3) usage in mandoc(1).
- Removed "Z" option from malloc.conf(5); by default always junk small chunks now.
- In unbound(8), use arc4random(9) as PRNG backend, instead of the libcrypto RAND.
- disklabel(8) now fills all required fields after clearing. Avoids consistency check failures.
- Improved malloc(3) hash functions that compute the same on big-endian and little-endian archs.
- Removed OPENSSL_indirect_call() from ssl(8) for reduced attack surface.
- Fixed a missing splbio(9) in sys/ufs/ffs/ffs_softdep.c which caused crashes.
- Remove useless RX checksum offloading support from gem(4) and hme(4).
- Removed Apache from base (replaced by nginx(8)).
- On bge(4) when VLAN_HWTAGGING is disabled, stopped tagging the packet twice.
- Prepend ether_vlan_header rather than regular ethernet header for more efficient vlan tagging.
- Kerberos disabled and removed from base, possibly to be moved to ports(7) later.
- Support the CA key for ssl(8) inspection in the relayd(8) CA process.
- Avoid a loop during autoinstall when the path in the responsefile does not exist.
- Made iscsictl(8) print bytes read and written in human-readable form.
- Allow the installer to configure dhcp for an interface without an active network connection.
- Bind iscsid(8) to localAddr if it is specified.
- Print the target and initiator name in iscsictl(8) show command.
- Verify permissions are correct on the ssh(1) id_ed25519 file.
- Fixed msdosfs to cope with 64-bit time_t. Set unrepresentable dates to 1/1/1980.
- Made dhclient(8) delete discarded offered leases from the correct TAILQ. Avoids infinite loop.
- Implemented sftp(1) upload resume support.
- Reverted r1.101 of traceroute(8), which broke source port selection.
- Added mallocarray(3) function (like calloc(3) but without the cleared-memory guarantee).
- Backed out parts of sys/nfs/nfs_serv.c r1.47, which computed wrong block sizes.
- Added pkg_add(1) support for reading/writing long paths and linkpaths as extended headers.
- Allow iscsid(8) to send data immediately for write commands, for 20% performance boost.
- Stopped disklabel(8) leaking mountpoint info. Fixes mysterious crashes.
- 5.5 RELIABILITY FIX: Disable the ssh(1) curve25519-sha256@libssh.org KEX method when the other party's connection will fail.
- Prevent lpd(8) from looking into hosts.equiv(5). Access control is now done only using hosts.lpd.
- Introduced basic stats for the iscsid(8) vscsi(4) layer; added iscsictl(8) controls.
- In mandoc(1) debug messages, truncate strings of excessive lengths.
- dhclient(8) -L now preserves the fd being monitored after new leases, lease renewals and cable unplugs.
- Fixed unchecked snprintf(3) in mandoc(1) page header printing.
- In mandoc(1), made sure static buffers for snprintf(3) are large enough.
- Removed more unused ssl(8) tools and docs.
- Moved iscsid(8) session params initialisation to session start, so config parameters stick.
- iscsid(8) now does proper LoginOperational negotiation.
- Added relayd(8) check for strlcpy(3) overflow when expanding HTTP input value.
- snmpd(8) and relayd(8) will now fail if strlcpy(3) overflows the socket path.
- When installing OpenBSD, ensure that the hostname information is in the dhclient(8) lease db.
- Reimplemented arrays in relayd(8) used to set up process-to-process imsg communication.
- Use calloc(3) instead of malloc(3) + memset(3) across ssl(8), to avoid integer overflows.
- Rearranged qle(4) update processing loop to attach and detach targets last; handle fabric port login errors better.
- Fixed leak in the snmpd(8) and relayd(8) agentx error paths.
- Added support for SSHFP DNS records for ED25519 key types to ssh(1).
- In ssl(8) ts_rsp_verify.c, reset imprint to NULL to avoid double free.
- Added a canonical 6.6+ curve25519 fake version to ssh(1), to be recommended with openssh-6.7.
- Use get/put_u32 to load values and unbreak ssh(1) on strict-alignment architectures.
- Removed checksum offloading from sk(4), faulty on this hardware.
- Added strlcpy(3) check. Stops smtpd(8) fatal at startup if truncation occurred with filters enabled.
- Added missing strlcpy(3) check when parsing the "backup hostname" section in smtpd.conf(5).
- Removed "disable pmtud" and "increased window size" options from sysctl.conf(5) to discourage their use.
- Removed rsh(1). Deprecated in favor of ssh(1).
- Fixed display of destination IP when host is an IP address in traceroute(8).
- Added checks to strlcpy(3) when smtpd(8) is copying envelope "destination" buffer to the mda delivery buffer.
- If user+tag@ exceeds SMTPD_MAXPATHLEN smtpd(8) now fails instead of creating a ".truncated" tag dir.
- Removed obsolete altq bandwidth shaping from pf(4).
- Allow mandoc(1) to properly handle symlinks .
- Disable the ssh(1) curve25519-sha256@libssh.org KEX method when the other party's connection will fail.
- In mandoc(1) update mode, when opening the database fails, just rebuild it from scratch.
- Removed RAND_seed(3) calls in iked(8), ikectl(8), relayd(8) and snmpd(8).
- For wscons(4) WSDISPLAY_COMPAT_USL protocol, send the synchronizing signals to the process, not just the thread.
- Updated unifdef(1) to version 2.10.
- Raised nginx(8) file limits, but lower number of connections (leaving files to spare for other programs).
- Removed bdes(1), so as to not encourage its use.
- Removed dead KAME code that dealt with IPv4-mapped IPv6 addresses; added check for IPv4-mapped IPv6 destination addresses for non-connected sockets.
- Use arc4random_buf(3) instead of harmful RAND_xxx in kerberos(8).
- Sync traceroute6(8) to tracroute(8): don't print source IP if "-s" is not given.
- In relayd(8), fixed ssl(8) client-only mode when no RSA private key is needed.
- Neuter the -legacy_renegotiation option to the openssl(1) "openssl s_{client,server}"; added support for "-starttls lmtp" to openssl s_client.
- When parsing a new cert into memory occupied by a previously verified cert, ssl(8) will no longer bypass verification checks.
- Introduced privsep for relayd(8) private keys.
- Use asprintf(3) for generating path. Eliminates many unsafe uses of strlcpy(3) and strlcat(3) in ssl(8).
- If nfs rpc requests on a stream socket are already being processed, don't panic, just return.
- Cleanup of relayd(8) code tracking of socketpair between different privsep processes.
- Have each thread keeps its own reference to the process's ucreds. Avoids possible use-after-free.
- Allow printf(1) to handle passing zero as a fieldwidth or precision variable.
- Switched to the new makewhatis(8)/apropos(1)/whatis(1) (described in apropos(1)).
- Added support for smtpd(8) mailaddr lookup in the table_db.
- Reworked qle(4) command polling loop to handle multiple responses in one interrupt, like qla(4).
- Fully kill ssl(8) FIPS API.
- Added some UTF-8 utility functions to tmux(1), to stop splitting UTF-8 characters improperly.
- Ensure parent thread is blocked until any others are detached before letting it exit. Avoids panic.
- Only scroll by one line at a time in tmux(1) choose mode (as lists are generally short).
- Fixed dhclient(8) DHCPDISCOVERY and DHCPDECLINE (as INADDR_ANY != INADDR_BROADCAST).
- Changed ssl(8) library to use intrinsic memory allocation functions instead of OPENSSL_foo wrappers.
- Set tmux(1) PATH explicitly, either from the client or session environment.
- Don't limit the tmux(1) DCS buffer to 256 bytes, expand it as needed.
- No longer allow ssl(8) to feed RSA private key information to the random subsystem as entropy.
- openssl(1) PR#3309: when looking for an extension, properly search all extensions.
- Removed the monitor-content option from tmux(1).
- Fixed ssl(8) to call the correct decrypt function in aes_cbc_cipher().
- Execute the active path checks when mpath(4) asks for it (rather than on attach).
- Skip leading zero bytes in ssh(1) buffer_put_bignum2_from_string() function.
- Add ufs2 support in libsa/ufs2.c. One step closer being able to boot from ffs2 filesystems.
- Cleaned up dangerous strncpy(3) use in ssl(8).
- Added missing parens so that rshd(8) errorhost gets properly initialised.
- Gave mlinks and keys tables a sqlite3(1) pageid index. Speeds basic apropos(1) searches by 30%.
- Make dhclient(8) -q even quieter.
- Removed programs from ssl(8) code which don't work with current openssl(1) releases.
- Fixed ssl(8) bugs listed at http://www.viva64.com/en/b/0250/.
- ssl(8) now ignores setting which allowed the connection to negotiate insecurely.
- Zero-pad ssl(8) "usec" format to handle values less than 100,000 correctly.
- Killed bogus "send an SSLv3/TLS hello in SSLv2 format" code from the ssl(8) client.
- Stubbed some functions in ssl(8) mem_dbg.c, to avoid all possibility of using them.
- Always return 1 in the ssl(8) arc4random(9) backend. Unbreaks lynx(1) and git.
- Added generic driver for "NEC PC-9801 extension board slot" on luna88k.
- Made directory ordering in our libtool stable.
- Closed memory leaks in snmpctl(8) client code.
- Removed md2, seed and jpake cyphers from ssl(8).
- Removed approx 30 unused makefiles and more vestiges of ssl2 support from ssl(8).
- In ssh(8) EC_POINT_invert(), check the correct function pointer before attempting to invoke it (openssl(1) RT #2569).
- RotIBM stream cipher (ebcdic), FIPS mode support and GOST engine removed from ssl(8).
- Replaced ssl(8) PRNG with arc4random_buf(), keeping existing RAND interfaces unchanged.
- Added -s (two-byte signed decimal display) to od(1), as mandated by POSIX.
- ssl(8) fixes: corrected cases where code occurred directly after goto/break/return; removed pentium specific benchmark code; removed more vms and windows specific code.
- Unbroke xcb-util-cursor.
- Made smtpd(8) reply with correct imsg when using non-system authentication.
- Stopped mandoc(1) crashing when processing macros in .Sh header lines, or having .Sm off or .Bk -words open.
- Stopped leaking socketpair file descriptors if tmux(1) fork(2) fails.
- Fixed potential race in UFS where an allocated inode could fail to get added.
- Removed o_dir.c from openssl(1) now that OPENSSL_DIR_XXX has been removed from the build.
- Removed nonstandard and unsafe DES support from ed(1).
- Switched pkg_mklocatedb(1) to using common SetList code, renaming -x into -X.
- Updated xcb-utils to 0.3.9.
- Allow slowcgi(8) QUERY_STRING to be longer than 127 bytes.
- Update libxcb to version 1.10.
- Made OPENSSL_NO_HEARTBLEED the default and only option in ssl(8) code.
- Adapted snmpctl(8), relayd(8) and snmpd(8) to use AgentX protocol to send traps.
- Confirm passwords when signify(1) is generating keys.
- Fixed SQL_STEP failures for man(7) pages lacking descriptions.
- Better mandoc(1) error reporting in case of SQL errors: mention dir and file.
- Major ssl(8) cleanup to remove: MacOS, Netware, OS/2, VMS and Windows build machinery and shared libraries; openssl(1) engines and code that were not properly licensed; vms support; various horrible socket syscall wrappers; insecure use of time as a random seed in the TLS engine.
- In qla(4) debug output, print loop ids as decimals and port ids as 24bit hex.
- Update to xtrans 1.3.4.
- Updated to xextproto 7.3.0.
- Added presentproto 1.0.
- Bring back r1.16 of protector.c in gcc(1) version 2.95. Fixes code generation of usr.sbin/dhcpd/memory.c!new_address_range() on vax.
- 5.3, 5.4, 5.5 and -current SECURITY FIX: Fixed openssl(1) read buffer to stop an attacker injecting data from one connection into another.
A source code patch is available for 5.3, 5.4 and 5.5.
- Made sure cu(1) -l overrides HOST.
- Avoid sshd(8) crash at exit, by checking that pmonitor!=NULL before dereferencing (bz#2225).
- Fixed more(1) to use basic regular expressions (unlike less(1)).
- Clamp offsets to the available memory space. Fixes tmux(1) crash.
- Further apropos(1) speed optimisation, with mmap(3) MAP_ANON SQLITE_CONFIG_PAGECACHE.
- Updated to libdrm 2.4.53
- Disabled Segglemann's RFC520 heartbeat from ssl(8).
- Don't release the ssl(8) read buffer if we're not done reading from it; disabled buf freelists.
- Added validation routines to iked(8): overall header structure is checked for sanity before copying the header; avoid overflow by passing down the number of remaining bytes.
- Notify userland when an arp(4) entry is removed.
- Fixed fd leaks in mg(1) error paths.
- Retired rtinit() and switched to using rt_ifa_add(9) and rt_ifa_del(9) to manage connected routes to prefixes/hosts.
- Revived fix for perl(1) RT bug 116441 (null dereference affecting mod_perl).
- Split manual names out of the common "keys" table into their own "names" table. Reduces standard apropos(1) search times 70% for the full /usr/share/man database.
- Moved descriptions from mandoc(1) keys table to mpages table: reduces typical apropos(1) search times by about 40%; reduces database size.
- In less(1) "more" mode, made command specified by -p option apply to every edited file, as per POSIX.
- Reverted r1.93 of mg(1) file.c, which broke permission checks.
- 5.5 SECURITY FIX: Make ftp(1) client check the server hostname, to avoid false validation when connecting to an https website.
A source code patch is available for 5.5.
- Updated to xf86-video-ati 7.3.0.
- Made smtpd(8) display correct imsg when profiling is on and if the type was changed.
- Zapped the smtpd(8) mfa process. Content filtering will be done at session level.
- Removed CA certificates from ssl(8) which are not listed in Mozilla's certdata.txt.
- Use root CAs in ssl(8) used by TeleSec (Deutsche Telekom AG): Baltimore CyberTrust Root, Deutsche Telekom Root CA, T-TeleSec GlobalRoot Class 2 and T-TeleSec GlobalRoot Class 3.
- If TLS validation is on, make ftp(1) fetch TLS certificate and check the server hostname against the subjectAltName and/or CommonName.
- Build libgcc without SSP. Unbreaks landisk bootblocks.
- Updated to xorg-macros 1.19.0.
- Ensure that we free buffers written out by the page daemon rather than caching them.
- Fixed error in bcrypt_pbkdf(3) stride calculations.
- Added error detection mechanism to detect when sudo(8) configuration is incorrect for building ports.
- Zero-fill smtpd(8) mta static buffer before use in DSN code.
- Added term_flushln() flag to control indentation of continuation lines in TERMP_NOBREAK mode. Reduces groff-mandoc differences in base by more than 15%.
- Added rgephy(4) for axe(4) and axen(4) on hppa and zaurus.
- Fully implemented roff(7) \B (validate numerical expression) and partially implemented \w (measure text width) escape sequence.
- 5.3, 5.4, 5.5 and -current SECURITY FIX: Fixed openssl(1) CVE-2014-0160 "heartbleed" vulnerability.
A source code patch is available for 5.3, 5.4 and 5.5.
- Added MSI support for xhci(4).
- Enable upd(4) on archs where uhidev(4) is present.
- Do not attach when no upd(4) sensors can be allocated; made device querying smarter.
- Added roff(7) support for indirect references to user-defined strings.
- Made iscsid(8) listen to the control socket, so the connect() call from iscsictl(8) will not fail.
- In udp_output(), use the correct source address in case of an unbound socket.
- Accept arbitrary argument delimiters for various roff(7) escape sequences.
- Increased MSGBUFSIZE on macppc.
- Exit on error or HUP when poll()ing the keyboard. Otherwise, top(1) may spin when its tty goes away.
- Added implementation of roff(7) numerical expressions.
- Retired kernel support for SO_DONTROUTE, this time without breaking localhost connections.
- Updated termtypes.master to upstream terminfo-20140329.src.
- When qla(4) is iterating through fabric ports, start at our own port ID, to simplify tracking.
- Added axen(4) wherever axe(4) is found.
- qla(4) ISP2322 chips need a different firmware image to other 2300s, don't load firmware for them.
- Removed (expensive) temporary connect in udp_output(). Also fixes possible memory leak.
- Added missing addressing modes for the fucomip instruction on i386. Unbreaks webkit port.
- Fixed smtpd(8) when writing multi-line "To" and "Cc" headers.
- Implemented the roff(7) .rr (remove register) request.
- Fixed uvm(9) logic error (and prevented theoretical infinite loop) in uvm_pmr_rootupdate().
- mandoc(1) bugfix: make sure all variables are properly initialised when rendering .ll (line length) requests.
- Added the -t ktrace(1) option to ltrace(1). Allows triggering library function call trace and other kernel events trace simultaneously.
- Fixed smtpd(8) header parsing issue in enqueuer, which was stripping the "From:" header in some cases.
- Made mandoc(1) warn about missing mlinks when the -p (picky) option is given, and not overridden by: -Q, -d, -u, or -t.
- Merged the mda, mta and smtp smtpd(8) processes into a single unprivileged process.
- Start the smtpd(8) purge task after events are set, so we don't miss a SIGCHLD.
- Reworked qla(4) command polling loop so it can handle multiple responses in a single interrupt. Allows talking to Hitachi disk arrays.
- Fixed pppx kernel panic when using npppd(8) with multiple pppx devices.
- When the -n or -t flag is given to makewhatis(8), write names and descriptions to stdout (format similar to apropos(1)).
- Instead of silently doing nothing, made mandoc(1) warn and return non-zero when the manpath is empty.
- Added a uvm_yield function to uvm(9) and use it to prevent the reaper from hogging the cpu.
- Reworked wait/kernel lock heuristics to give interrupts on other CPUs to a chance to run, for reduced latency.
- When mg(1) discovers a directory is non-existent, offer a "y" option to make the directory.
- Renamed the makewhatis(8) -W option to -p. Matches flag introduced in OpenBSD 2.7.
- Proper validation and computation of bsize now occurs in the disklabel(8) expert mode.
- Renamed -v option of mandocdb(8) to -D, to avoid a clash with the -v option of makewhatis(8).
- Reduced the tmux(4) mouse wheel scroll size to 3; allow shift to reduce it to 1; allow meta and ctrl to multiply by 3; support wheel in "choose" mode.
- Fixed npppctl(8) calculation of response message size.
- Added the "#" character as a comment character in the mg(1) startup file.
- Support UTF-8 with tmux(4) choose-buffer; made buffer_sample bigger to let it trim at window right edge.
- Enabled hds(4) on hppa.
- Enabled mpath(4) on macppc.
- When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any certificate keys to plain keys and attempt SSHFP resolution. Prevents server from forcing a new-hostkey dialog.
- Include fingerprint of key not found by ssh-keysign(8); use arc4random_buf() instead of loop+arc4random().
- In four byte UTF-8 sequences, make sure tmux(1) only uses three bits of the first byte.
- Stopped tmux(1) crashing when a zero-length argument is passed to setb.
- Made tmux(1) message-limit a server option.
- Stopped tmux(1) segfaulting when the parent of the layout cell is NULL.
- Added setb -a to tmux(1) append; added a copy mode append command.
- Made session_attached a count; added session_many_attached flag to tmux(1).
- Added start-of-list, end-of-list, top-line and bottom-line in tmux(1) choice mode.
- Stopped tmux(1) writing into the buffer if there are no arguments.
- Changed secondary device attributes response to "\033[>84;0;0c" which is unique for tmux(1).
- Made bus_dmamap_load(9) and bus_dmamap_unload(9) mpsafe on alpha.
- Restored behaviour of ls(1) -f implying -a (lost in commit made in 1989). Conforms to IEEE 1003.1-2008 ("POSIX.1").
- On loongson, mips and octeon, stopped whole L1 cache being flushed unnecessarily.
- Again allow more than one level of directories to be created via mg(1) make-directory.
- Force detach of all usb(4) devices by disconnecting root hubs before suspending machine. Avoids races.
- libtool(1) now properly add -rpath to the linker when linking libraries. Matches GNU libtool.
- Increased Xtranssock.c send buffer for UNIX sockets. Makes Firefox usable again when viewing large images.
- If HOST or the host argument starts with a "/", cu(1) will now treat it as a device name.
- Fixed REMOTE on cu(1) to work like tip(1); added support for HOST.
- Added SNI support to ftp(1).
- Allow roff(7) to support relative arguments to .ll (increase or decrease line length).
- Repaired boot.net operation on (at least) sparc SS5 PROM v2.21
- Implement the roff(7) .ll (line length) request.
- 5.5 RELIABILITY FIX: Memory corruption occurring during icmp(4) reflection handling (ICMP reflection is disabled by default).
A source code patch is available for 5.5.
- Recognise so-called "EFI-like" interface provided by newer PMON firmware on Loongson 2Gq and Loongson 3A.
- Bugfix and security update to nginx(8) version 1.4.7 (note: CVE-2014-0133 does not affect OpenBSD).
- Speed-up overlapping copy operations in gio(4/sgi) by attempting to perform them in larger chunks whenever possible.
- Removed pflowproto 9 (unfixable post-2038). Better option is pflowproto 10.
- Allow leading and trailing vertical lines in mandoc(1), format them in the same way as groff; do not require whitespace before vertical lines in layout specifications.
- Properly initialise malloc(3)ed memory in mandoc(1), to fix crashes when using apropos(1).
- Made sure the command TRB is reset if a command is submitted when the usb(4) hardware is already gone.
- Reverted "retire kernel support for SO_DONTROUTE" diff, which caused problems in localhost connections.
- On loongson, made sure the HIBERNATE pages get reserved regardless of the memory layout.
- Program the colormap correctly on grtwo(4/sgi); added a simple screen burner accessop.
- When enforcing TOS (Traffic Class), made pf(4) preserve the ECN bits (as with IPv4 packets).
- Adjusted (commented-out) nginx.conf(5) sample blocks for PHP and SSL configurations.
- Made mg(1) C-t (transpose two chars) behave like emacs.
- Ended experimental machine-independent login.conf(5) template support.
- Made cu(1) handle REMOTE in the environment as either a separate remote(5) file or a host.
- Added cu(1) support for retrieving the line and speed from the /etc/remote "dv" and "br" capabilities like tip(1).
- Fixed handling of the kill(1) "-1" option from a thread other than the original thread.
- Permit generating of NAMI and CSW records inside ktrace(2).
- Ignore the -b option if cksum(1) is called as-is (e.g. "cksum -b /bsd"), to match man page.
- Removed file2c(1). hexdump(1) works as well for most use cases.
- usb(4) root hubs can now happily be detached and reattached.
- When smtpd(8) is locally enqueuing messages without specifying a domain, update headers to show the local domain.
- Strengthened ssh(1): removed weaker pre-SHA2 hashes, broken cipher (arcfour), and the broken mode (CBC) from the default configuration.
- skey(1) bugfixes: default algorithm switched back to md5; do not let skey_set_algorithm() cause a segfault if an unsupported algorithm is specified.
- Added acpithinkpad(4) support for aux button strip on newer thinkpads missing regular F1-F12 keys.
- dd(1) now supports g for gigabytes.
- Reworked the way sysmerge(8) fetches and verifies sets, to simplify the process.
- Merged perl(1) version 5.18.2 (including local patches).
- Stopped calling smtpd(8) purge_task every 10 secs (only needed once at startup).
- Removed "-r" option from ping(8), traceroute6(8) and traceroute(8).
- Enabled SQLITE_ENABLE_FTS3_PARENTHESIS in sqlite3(1).
- Removed the MD4 functions (highly susceptible to collision attacks).
- Skip leading escape sequences in mandoc(1) man_deroff(), for better indexing.
- Gave powerpc PIE.
- Initialise additional BATs (IBAT4-IBAT7 and DBAT4-IBAT7) on socppc. Stops memory corruption on devices with rb600.
- Fix uhidev_detach() when detaching a device which did not claim all reported IDs.
- Reverted audio key handling.
- Make sure sysmerge(8) adds missing users/groups before running the target; otherwise mtree(8) can fail.
- Let mg(1) users input a tag to find, even if no default tag is defined.
- Disabled smtpd(8) imsg buffers profiling code, to stop processes waking up each second.
- npppd(8) tunnels can now have multiple listen addresses.
- Reimplemented control part of npppd(8) with imsg; added "monitor" command for npppctl(8) to monitor PPP session start/stop events.
- Fixed npppd(8) bug which caused segfaults when npppd.conf(5) had "username-suffix" and "strip-atmark-realm" as yes.
- Made npppd(8) keep listening on 1723/tcp when accept() is failed.
- Removed tape as a method for fetching install sets.
- Attempt to workaround the R4000 end-of-page errata on sgi and mips64, triggered by TLB misses when the code flow crosses a page boundary.
- Disabled MS-CHAPv1 (RFC 2433) support in pppd(8).
- Fixed sysmerge(8) regression when not using a full path to sets; make it use ftp(1) -D.
- Installed /var/unbound/db directory for DNSSEC root key; added (commented-out) options for DNSSEC to unbound.conf(5).
- Removed insecure MD4 checksum algorithm from cksum(1).
- Removed ftp method for obtaining installation sets when running the installer.
- Enabled upd(4) on amd64, sparc64 and macppc archs for testing.
- Sync timestamp changes for inodes of special files to disk as late as possible to avoid useless disk i/o.
- Include support in pstat(8) -v to display the IN_LAZYMOD flag.
- On sgi machines, fixed clipping bounds in "fill" and "blt" graphics operations; added colormap support.
- Removed timeout logic from the polling loop in qlw(4). Stops devices timing out before attaching.
- Retired the rarely used hp300, mvme68k and mvme88k ports.
- Allow checking mandoc(1) databases are up to date even when you don't have write permissions.
- Notify userland (via the routing socket) when ARP resolution completes.
- Put the AF_ROUTE socket that arp(8) operates on into the appropriate rdomain. Stops "arp -V 1 -d 10.0.0.1" hanging forever.
- Made bgpctl(8) correctly parse attribute length form imsg.
- Exit from traceroute6(8) if there is at least one unreachable and sum of unreachables and timeouts are >= number of probes.
- Unbroke sndiod(1) monitoring mode, which was shifted in time by 1 block.
- Userland ppp(9) removed.
- In apropos(1) output, sort names and avoid multiple section numbers.
- In slowcgi(8), use SCRIPT_FILENAME (can be an absolute filesystem path). Fallback to SCRIPT_NAME if this is not present.
- Reimplemented htpasswd(1) from scratch.
- Don't use volume keys when in raw-mode. Stops simultaneous volume changes by X(7) and ukbd(4).
- Enable qlw(4) at sbus(4) on sparc64.
- Enabled unbound(8) in base.
- Updated to xcb-proto version 1.10.
- Updated to libdrm 2.4.52.
- Removed the unused userland agp(4) interface.
- Reverted to the freetype2.pc we had before to bring back local changes.
- More informative smtpd(8) log message on unknown SNI.
- Provide an MI api for byteswapping loads and stores, especially beneficial for sparc64 and powerpc.
- Updated to freetype-2.5.3. Fixes vulnerability in the CFF driver (CVE-2014-2240).
- Enabled qla(4) and qle(4) in ramdisks (except on sgi).
- smtpd(8) now prints the correct user name if SMTPD_QUEUE_USER is missing.
- Use ticket locks (not spinlocks) on i386/amd64/sparc64. Provides fairer access to the kernel lock.
- Added a few more instruction patterns to binutils that are needed by gcc(1) version 4.8.
- In mandoc(1) -Tutf8 mode, count hyphens against the output line length even when they are breakable.
- Stopped the smtpd(8) enqueue utility adding a User-Agent header to emails.
- Block userland from entering drm(4) code during suspend/resume. Fixes inteldrm(4) bugs.
- Unhooked httpd(8) from build: use of nginx(8) is encouraged now.
- No more spray(8) in base.
- Fixed buffer overflows in icmp(4) redirect handling (introduced in rev 1.106).
- Switched over from sendmail(8) to smtpd(8) by default.
- Fixed iked(8) config-address w/o pool.
- Unbroke nc(1) "-6 -l" and apply correct fix for previous commit.
- Removed rmail(8).
- Made ssh(1) scan for ed25519 keys by default.
- For isakmpd(8) CA generation, set the correct certificate extensions so more SSL implementations will trust this as a CA cert. Matches ssl(8).
- Bugfix update to nginx(8) version 1.4.6.
- When pf(4) is translating packets from one address family to another, pass the TOS/Traffic Class field of the original packet.
- When pf(4) is setting packet description, also retrieve the Traffic Class field of IPv6 packets.
- Fixed the cnmac(4/octeon) mediastatus when the interface is not configured.
- Optimisation of opendir(3), rewinddir(3) and related functions. 2000x speedup of seekdir(3) in some tests.
- Fixed acpi(4) on amd64, to avoid reboot and stack corruption problems when resuming.
- Reworked per-cpu cache information, to avoid using hardcoding data based on processor type on mips, octeon, and sgi.
- In re(4), fixed operation and made reception of packets work on the 8168G controllers.
- Made mandoc(1) user-defined macros wrapping ".TP" work correctly; preserve line breaks contained in user-defined macros called in ".nf" mode.
- Enable DMA bursting and tagged queueing in qlw(4); enable qlw(4) on alpha/amd64/i386/macppc/sgi/sparc64; only attempt to load firmware if we actually have some.
- Initial xhci(4) implementation: USB 3.0 umass(4) devices get reasonable read/write speed.
- Improved roff(7)'s .if/.ie condition handling.
- Fixed env(1) diagnostic messages to stderr, so failure of env(1) and failure of the specified utility can be distinguished.
- Allow signify(1) to read input messages on a pipe.
- Added usbd_get_hub_descriptor(), to clean up uhub(4) and deal with hub device descriptors in high speed devices.
- With md5(1) -C, exit with exit status of 1 if any of the files specified do not exist.
- mandoc(1) bugfixes related to the closing of conditional blocks: handle more than one `\}' on macro lines; do not treat `\}' as a macro invocation after a dot at the beginning of a line; do not complain about characters following `\}'.
- Makes the "cleartoggle" function in HC drivers optional (upcoming xhci(4) driver doesn't use it).
- Allow signify(1) to accept a password on stdin, as long as it is not a tty(4).
- On qlw(4), set the correct clock rate for ISP1020/1020A.
- When running sysmerge(8), always print the key signify(1) is using.
- Fix the return values of getpwnam_r(3), getpwuid_r(3), getgrnam_r(3), and getgrgid_r(3) to agree with POSIX.
- Altered qlw(4) so it can compile on sparc64 too.
- In -Tutf8 mode, make mandoc_char(7) named accent character escape sequences render as non-combining accents (lets mandoc behave like groff); made \' and \` equivalent to \(aa and \(ga, respectively.
- Introduced qlw(4), a new driver for QLogic ISP SCSI HBAs (currently only supports the pci(4) variants).
- Raised the delay before initialising sdmmc(4). Lets the reader on X220 work reliably.
- Fixed: sndiod(1) read/write position tracking; incorrect delta propagated after xruns in play-only and rec-only modes; crashes seen after a few days of continuous playback.
- Fixed incorrect position reporting with sndiod(1) when using tiny block sizes on busy machines.
- Made sndiod(1) check that the socket is writable before attempting to write data packets.
- On armv7, removed TIMEZONE and DST options from GENERIC-* kernels; added option USBVERBOSE to all kernels.