Changes made between OpenBSD 3.4 and OpenBSD-current
This is a partial list of the major machine-independent changes
(i.e., these are the changes people ask about most often). Port
specific changes have also been made, and are sometimes mentioned
in the pages for the specific platforms.
Changes to the ports collection are documented
here.
Note: Problems for which patches exist are marked in red.
We are working on OpenBSD-current.
The following list sums up (almost) all the changes made up to October 16.
- strlcpy(3) -> memcpy(3) for non-string buffers in vi(1), along with some extra paranoia.
- Check for signals earlier in mountd(8), so they can be handled before we select(2) until a mount request comes in.
- New 'G' malloc.conf option to add a guard page after pagesize-or-larger chunks, and to return less-than-pagesize chunks in random order.
- Better SATA support in wdc(4).
- Fix faithd(8) args to poll(2).
- Fix a out-of-bounds read in libcurses.
- Have tip(1) return the terminal to a sensible state on fatal errors.
- Change malloc(3) so that it aborts the process on any error other than running out of memory. This is different to the 'A' malloc.conf switch that aborts on any error.
- More randomness for temporary directories created by ssh-agent(1) and sshd(8).
- Switch on the ssh(1) DNS fingerprint (sshfp) lookup code, previously not build by default. Still needs switched on in the config file.
- Make e.g. 'MAKEDEV tty08 - tty7f' work.
- Only endian-flip the fragment offset once on IPv6 input.
- Do a hardware receive checksum in sk(4) too, working around the fact that sometimes the hardware gets it wrong.
- On em(4) devices that support it, offload receive checksum calculation to the hardware. From FreeBSD.
- Update timezone files again, this time to tzcode2003d.
- Bring bge(4) and brgphy(4) more in line with updates in FreeBSD and NetBSD, both bug fixes and additional device support.
- Remember the filename given when using ^X^W in mg(1).
- Make shmat(2) under Linux compat work as expected.
- Fix a buffer overflow in timedc(8). Found by FreeBSD, fixed differently here.
- Add division and modulus operator '~' to dc(1).
- Remove GNU bc and dc from the tree.
- Merge in expat 1.95.6 from XFree86 4.3.99.14.
- Search for keys in the ssh(1) agent in reverse order to solve duplicate key problems (OpenSSH bug #684.)
- ssh(1) option ForwardX11 now has xauth(1) generate untrusted keys by default. Option ForwardX11Trusted restores the old behaviour.
- Change vnd(4) major/minor numbering to allow more devices. Requires a MAKEDEV.
- Do nfs-specific 'test -x' stuff in the right order in ksh(1) (PR#3465.)
- More work on vr(4).
- Have the linker generate a warning when using 43compat's getwd(3).
- Better calibration code for auich(4). From FreeBSD/NetBSD.
- Re-enable the random increment on the return value of uvm_map_hint() (called by uvm_map(9).)
- Install a sample config file for sensorsd(8).
- Prevent symlink races in systrace(1).
- Have GSSAPI default to off in the ssh(1) client as well as the server.
- Unbreak pf(4) on 64-bit architectures.
- Hack httpd(8) so digest authentication works with IE, Safari, etc. From FreeBSD.
- Fix potential signedness bug in fgets(3) (PR#1709.)
- Correct __bounded__ attributes for {MD4,MD5,RMD160,SHA1}DATA functions (PR#3505.)
- Allow newfs(8) to build small filesystems again by making sure ncyls >= 2.
- Plug a memory leak in netstat(1).
- Add nfs attribute cache tuning parameters to mount_nfs(8) (Inspired by PR#2567.)
- Kill a null deref in make(1).
- Allow a semicolon to terminate label strings in sed(1), so one-liners with labels can work.
- A few string and memory fixes in rup(1).
- Stability fixes for vr(4). From FreeBSD.
- Add arc4 support to the kernel, and have wi(4) use it instead of rolling its own.
- Unbreak sftp(1)'s handling of quotes in pathnames.
- More propolice fixes and improvements.
- Remove httpd(8) addon-breaking newsyslog.conf(5) sample lines.
- Install sensorsd(8) by default.
- Really really give xfs a poll(2) backend.
- Fix a badly broken gcc(1) optimisation when calculating structure offsets under certain conditions. See the commit log for details.
- Unbreak lge(4) compile.
- Update timezone info files to tzcode2003c.
- Stop em(4) stripping 802.1q headers from packets in a bridge(4).
- Add vlan(4) support to em(4).
- Avoid a division-by-zero panic when benchmarking the pchb(4) RNG device.
- A couple of read-from-device fixes to an(4). From FreeBSD.
- Remove non-free licensed xlock(1) bitmaps.
- Properly free resources when ffs_mountroot() fails.
- Stop isakmpd(8) crashing when the value for LIFE_DURATION is missing.
- Back out the new environment variable load in ld.so(1) due to sparc breakage.
- Unbreak the new xfs poll backend.
- Fix a long-standing memory leak in kernel libz (PR#2886.) From NetBSD.
- Print a more useful error message when a bad port number is given to whois(1).
- Fix broken time parsing in kadmin(8) (PR#3292.)
- Initialise environment variables in ld.so(1) before calling constructors and atexit(3) functions
- Have inetd(8) exit if no config file is found.
- In sendmail(8) submit.mc/cf, bind the msp to 127.0.0.1 instead of localhost just in case localhost doesn't resolve correctly.
- Teach netstat(1) how to deal with KAME embedded scope IDs for -f encap route dumps.
- Use arc4random(3) to generate cookies in the XSecurity extension.
- Fix a few off-by-ones in gethostbyname(3) and friends.
- Allow multiple RCPTs in spamd(8), and stop looping on invalid commands.
- Bring in a number of pipe(2) stability fixes from FreeBSD.
- Fix httpd(8)'s handling of SSLCertificateChainFile under the chroot.
- sshd(8) usage output now dumps the OpenSSL version too.
- Don't try to send incomplete IPv4 fragments in the ENOBUFS case. Note that this is a behaviour change from 4.4BSD and applies to output from bridge(4) and pf(4) as well as vanilla IP output.
- A couple of endianness fixes when setting the IPv4 output fragment offset.
- A couple of minor malloc(3) fixes related to recursive calls and debugging.
- Clean up IPv6 flowlabel handling.
- New IPv6 ID and flowlabel generation code using arc4random(9).
- Remove a bad m_cat(9) call when fragmenting outbound IPv6 packets.
- Add a missing initialisation in pflog(4) that allowed kernel stack garbage to leak into .pcap files.
- Have the libc stack protector code use the kernel __sysctl() call directly instead of using the libc sysctl(3) interface.
- Stop reading ~/.signature to pre-fill the Organisation: field in sendbug(1) (PR#3499.)
- Fixes to event(3) poll code.
- Have ftpd(8) listen on both IPv4 and IPv6 ports by default.
- Fix an out-of-bounds memory access in kernel compat_ibcs2(8) code.
- Add missing check for strdup(3) error in talk(1).
- Correct a couple of off-by-ones in banner(1) and ssl(3) (src/ssl/ssl_ciph.c.)
- Fix the code that grows ifindex2ifnet in sys/net/if.c.
- Add a stack of missing switch break statements needed after the _dl_errno changes to ld.so(1).
- Teach size(1) how to read ELF objects.
- POSIX and interoperability fixes for bc(1) and dc(1),
- SECURITY FIX: The use of certain ASN.1 encodings or malformed public keys may allow an attacker to mount a denial of service attack against applications linked with ssl(3). This does not affect OpenSSH.
A source code patch is available.
[Applied to stable]
- Properly free resources on fxp(4) attach failures.
- Some reliability fixes in ahc(4) and siop(4).
- Allow sensorsd(8) to daemon(3)ize itself.
- Fix an unchecked strdup(3) in getnetgrent(3).
- Fix several kernel networking off-by-ones w.r.t. PRC_NCMDS.
- Better error checking for new bc(1) and dc(1).
- Make new bc(1) compile on sparc64.
- Further realloc(3) cleanup.
- Fix bogus getutmp() error check in battlestar(6).
- Change the xfs backend from select to poll.
- Introduce 64-bit byteorder(3) macros.
- strdup -> strlcpy in apmd(8), and make sure the socket gets unlinked at exit.
- Better malloc(3), realloc(3) and strdup(3) error checks in config(8).
- Stop pflogd(8) shouting 'Reopened logfile' at syslog.
- Add a number of missing checks for strdup(3) failure.
- Add an sscanf(3) bounds check to the neighbour cache file code in ndp(8).
- Reorder the pf(4) statistics counter code and fix some miscount bugs.
- In isakmpd(8), don't listen on INADDR_ANY if the Listen-on option is specified.
- Fix an off-by-one and a bad string bounds length in atc(6).
- Don't set sshd(8)'s listen socket to non-blocking mode.
- Build the new BSD bc(1) and dc(1) in favour of the GNU versions.
- Drop authpf(8)'s 15-character username restriction, it's no longer necessary (PR#3491.)
- Allocate a buffer large enough to store a full IPX address in ipx_ntoa(3).
- Unbreak netstat(1) -i display columns for interfaces with no address.
- Stop spamd(8) dying unceremoniously on accept(2) failures.
- Make talk(1) retry if accept(2) returns ECONNABORTED (the same as it does for EINTR.)
- realloc(3) fixes in brconfig(8), dhclient(8), lpd(8), pppd(8) and rwhod(8).
- Add a 'recipe' datafile to fortune(6), starting with some barbecue recipes from the hackathon.
- Use arc4random(3) instead of srand(3) to generate a more random salt for htpasswd(1).
- Start removing unnecessary null checks before doing free(3) on a possibly null pointer.
- Fix scrambled display when resuming a suspended less(1) process.
- Use strlcpy(3) instead of bcopy(3) to avoid overflowing the nodename and netname in an(4).
- Fix a couple of off-by-ones in adventure(6).
- Fix an out-of-bounds write in the isakmpd(8) privsep monitor code.
- Make dlerror(3) clear _dl_errno as expected (PR#3441.)
- Correct a couple of off-by-ones in libc.
- Fix overflows in the X font server overflow fix. Sigh.
- Add a missing free in cvs(1).
- New, BSD-licensed version of bc(1).
- Fix an off-by-one in csh(1) (PR#3163.)
- More realloc(3) fixes.
- Fix a bad bounds check that could crash sort(1).
- More paranoid privsep parent/child communication in syslogd(8).
- SECURITY FIX: It is possible for a local user to cause a system panic by flooding it with spoofed ARP requests.
A source code patch is available.
[Applied to stable]
- A number of realloc(3) fixes (removing instances of the bad idiom described in the manpage) in several programs.
- New program sensorsd(8) to monitor hardware sensors as exposed by the hw.sensors sysctl. Not installed yet.
- Unbreak tftp(1) put command.
- Remove and re-add SHA2 support in isakmpd(8), minus OpenSSL EVP-related fd leaks.
- Fix some realloc bugs in pfctl(8) tables code.
- Initial HIFN 7955/7956 crypto accelerator support.
- Increase spamd(8) maximum connections from 200 to 800.
- Install a more complete set of sendmail(8) empty config files under /etc/mail.
- Throttle 'proc: table is full' messages to once every ten seconds. From NetBSD.
- Further improvements to ssh(1)'s fatal exit handling.
- Use the much simpler getifaddrs(3) instead of sysctl(3) in rtadvd(8).
- Use getaddrinfo(3) for name-to-address resolution in isakmpd(8).
- Replace kernel select(2) backends with poll(2) backends. This allows for more complete poll() functionality. From NetBSD.
- In mtrace(8) only do mask checks for AF_INET.
- Add poll(2) support for event(3).
- Fix a few suspect strlcpy(3) calls in ifconfig(8).
- Allow getopt_long(3) to accept an optional argument separated by whitespace, unlike GNU getopt_long.
- Stop tsort(1) reading past the end of its buffer.
- Plug a realloc memory leak in mg(1).
- Off-by-one fixes in nc(1), pmdb(1), ppp(8), libssl, libpthread and a few in the kernel.
- Sync up named(8) with BIND 9.2.2-P3, with support for new zone type 'delegation-only'.
- In the new dc(1), Make all registers contain zero initially for compatibility.
- Fix, clean up and simplify the installer's handling of yes/no responses from the user.
- Use poll(2) instead of select(2) in skey_authenticate(3).
- Plug a memory leak in rtadvd(8).
- Stop extraneous 'no disk label' warnings in the installer.
- Implement hardwareflow (hf) option for tip(1). Off by default.
- Fix an out-of-order free() in rpc(3).
- Don't leak memory if memory allocation fails in libc rpc(3) code.
- Change the ld(1) script to make contructors and destructors in dynamic binaries non-writable.
- Completely new BSD-licensed version of dc(1) using the OpenSSL bn(3) routines.
- Have scp(1) check for an error code in remote->remote mode.
- When chrooting httpd(8), use initgroups(3) so that supplementary group IDs are initialised as well.
- Temporarily disable soft interrupts support in usb(4) for stability reasons.
- Several abnormal exit handler fixes to ssh(1).
- Better disk device probe on i386.
- Correct the signal number validity check in csh(1)'s kill command.
- Make grep(1)'s binary file test work for gzipped files the same as for other files, testing against isspace(3) as well as isprint(3).
- Make sure whois(1) can't zap straight past the beginning of the buffer when removing spaces from line endings.
- Stop pfctl(8) checking for a netmask if the address type being examined is a table.
- Fix a subtle use-after-free in modload(8).
- Some int -> u_int paranoia in ssh(1).
- More ssh(1) buffer management fixes (CAN-2003-0682.)
- Further EDD detection improvements on i386.
- Properly flush the ssh(1) RSA1 public key from memory when its output file cannot be opened (OpenSSH PR#662.)
- Correct a double-free in the ssh(1) buffer management code (OpenSSH PR#660.)
- Fix the ssh(1) ConnectTimeout option (OpenSSH PR#656.)
- On i386, try harder to boot from removable media by allowing for their removal and insertion.
- Updated and better-commented openbsd-proto.mc for sendmail(8).
- Upgrade sendmail(8) to version 8.12.10. The address parsing security fix went into 3.4 and -stable, but not the full version update.
- 3.4 -> 3.4-current.
This list mentions mostly platform-independent changes. For a list of changes
made in a particular platform, please check the page for that platform. If you
find them not listed there, the changes are either (1) not being documented or
(2) are documented here.
www@openbsd.org
$OpenBSD: plus.html,v 1.891 2003/10/30 17:42:07 deraadt Exp $