OpenBSD 3.2 released (November 1, 2002)
This is a partial list of the major machine-independent changes
(i.e., these are the changes people ask about most often). Machine
specific changes have also been made, and are sometimes mentioned
in the pages for the specific platforms.
Changes to the ports collection are documented
here.
Note: Problems for which patches exist are marked in red.
For changes in other releases, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
current.
Changes made between OpenBSD 3.1 and 3.2
- Release branch created.
- Cool new xdm(1) images for 3.2.
- SECURITY FIX: Incorrect argument checking in the setitimer(2) system call may allow an attacker to write to kernel memory.
A source code patch is available.
[Applied to stable]
- Retrofit the SIGUSR1->SIGUSR2 console switching change to the old X server.
- Fix a couple of crashers in kevent(2).
- OpenBSD 3.2-beta -> 3.2, OpenSSH -> 3.5.
- Try to initialise AGP GART in the privileged startup portion of the X server.
- Plug a memory leak in url(4).
- login_radius returns, complete with fixed license.
- Still more cleanup and output trimming in the installer script.
- xf86cfg(1) now runs the server with '-nolisten tcp'.
- xdm(1) now drops privileges to run as user _x11 after starting as root.
- daddr -> saddr in pf(4) binat code. Oops.
[Applied to stable]
- Add a wildcard client string match against "probe-*" for SSH probes to use.
- Disable login_radius, pesky licensing problems again.
[Applied to stable]
- sppp(4) and lmc(4) are back, with better licenses.
- ssh(1) can now do privsep and krb4 together.
- Remove RC5 and MDC2 from libcrypto.
- Have the installer set the nosuid flag for mount points that shouldn't contain setuid programs.
- Fix a sizeof bug in bridge(4) spanning tree protocol support.
- New driver em(4), supporting Intel Gigibit Ethernet adapters and replacing gx(4)
- Some memory allocation and other tweaks to talkd(8).
- Better handling of IPv6 deprecated addresses.
- Fix the padding length for an IPv6 PADN option before a jumbo payload option.
- Allow SSL session IDs of any length up to 32, removing the non-standard 16-char minimum imposed before.
- Add a /dev/X0 entry for xdm(1), allowing the mouse to work with the upcoming xdm privilege drop. One for the Upgrading Mini-faq.
- Properly dump radix tree nodes in netstat(1).
- Template policy support for systrace(1).
- sppp(4), lmc(4) and cz(4) drivers removed from release kernels due to license problems.
- A bunch of gcc3 tweaks.
- Don't build Kerberos ticket forwarding programs kf(1) and kfd(8) because of security issues. (Will come back when Heimdal 0.5 gets merged, after 3.2 release.)
- Add support for ELF sections loaded relative to a base section.
- Make pfctl(8)'s antispoof command also block incoming packets with the source set to one of the host's IP addresses.
- Make the VT switching code use SIGUSR2 instead of SIGUSR1. The latter is also used by the X server to synchronise with xinit.
- Have newsyslog(8) handle with more grace situations where some archived logfiles have been uncompressed in-place.
- Continue to reduce the amount of output the installer generates, so we won't need a magnifier to read the installation instructions in the CD gatefold.
- Add TBI (Ten-Bit Interface) mode support for fibre-based nge(4) cards, as well as some other bug fixes.
- Make newsyslog(8) actually run the command it's asked to run. Also, add new interpretation of a null command.
- Fix newsyslog(8)'s handling of empty lines.
- Remove the obsolete access.conf and srm.conf files from httpd(8).
- Make sure ssh(1) ProxyCommand programs get killed on exit (portable OpenSSH bug #223).
- Fix a potential FREE() of an uninitialised pointer in the kernel (sys/exec_script.c)
- Rewrite tcpdump(8)'s GRE decoder.
- Fix signal trampoline problems with non-exec stack.
- Remove EGP decode support from tcpdump(8) due to a duff license and apathy.
- So farewell, then, trsp(8).
- Allow newsyslog(8) to rotate only specific logfiles.
- Make RAND_poll use arc4random(3) instead of /dev/arandom, so it works in under a chroot.
- New -a flag to newsyslog(8) allows a directory to be specified for archived logs.
- Set the close-on-exec flag for file descriptors created by kvm_open(3).
- Fix DMA-related panics in the twe(4) driver.
- In ssh(1), try harder to create the X11 forwarding listener socket.
- Fix a potential buffer overrun in setlocale(3) (NetBSD-SA2002-012).
- Don't chdir to / when systrace(1) goes daemon.
- Add __syslog__ string formatting attribute to gcc(1).
- Periodically save changes to systrace(1) policies.
- Various fixes to newsyslog(8).
- Re-sync the siop(4) driver with NetBSD.
- Signal fixes in libevent.
- Merge in Sendmail 8.12.6.
- Give stdio's __cleanup handlers the same mprotect() treatment as atexit(3) now receives.
- Further tweaks to handling of address families in NAT rules. Try to infer the AF from the rule, if that fails then require the user to specify it.
- Various fixes to cy(4).
- Merge in OpenSSL-0.9.7-stable-SNAP-20020911, bump libcrypto minor version.
- Stop newsyslog(8) rotating logfiles that only contain logfile rotation messages.
- License fixes to pppd(8), nearly there now.
- Add -H option to identd(8) which hides info for non-existent users as well as existing ones. Useful when NATing.
- Remove the need for /dev/null and /etc/localtime in named(8)'s chroot jail.
- Add 'antispoof' keyword to pfctl(8). Oh yes.
- Improvements to pfctl(8)'s netmask handling.
- Add a missing pointer initialisation in in6_ifdetach().
- Make the sftp(1) client's ls command useful, with globbing and short/long listings.
- Fix initialisation of Broadcom 582x chips by ubsec(4).
- Various signedness fixes.
- Versioning info moves to 3.2-beta.
- Have ssh-agent(1) check the peer using getpeereid(2).
- pmap_{copy,zero}_page API changes.
- Merge in OpenSSL 0.9.7beta3.
- amd(8) now creates a socket listening on 127.0.0.1 as well as one on *, and only responds to amq requests on the former.
- Add support for the Silicon Image 680 ATA133 chip to the pciide(4) driver.
- sshd(8) now supports Kerberos authentication in PrivSep mode.
- pf(4)'s parser takes more care parsing address families in NAT rules.
- Add leap second support to rdate(8) running in RFC868 mode (it already supports this in NTP mode with the -N option).
- Correct altq(9)'s representation of positive infinity.
- Signal handler fixes in bootpd(8), rtadvd(8) and rtsold(8).
- faithd(8) dies on FD_SET overruns.
- Fix a couple of off-by-ones in mopd(8).
- Make fsck(8) work properly with long block device filenames (handle MAXPATHLEN chars instead of 32).
- Don't build the somewhat less than ubiquitous photurisd(8) by default any more.
- Lots and lots of ANSIfication.
- Lots of int -> socklen_t.
- Some signedness fixes to arp(8).
- Repair a missing msglog() arg in routed(8).
- Fix ahc(4)'s interrupt sharing.
- libusbhid(3) now available in the shared variety.
- Don't allow data to be appended to the receive buffer of a socket that's been shut down (see NetBSD PR#18185).
- Merge in OpenSSL 0.9.7beta1. To be continued.
- isakmpd(8) interoperability fixes for FreeS/WAN and SSH Sentinel.
- Make rwalld(8) revoke its group privileges as well as user privs.
- Don't install safe_finger any more.
- Add support for the SCSI Reduced Block Command Set (RBC).
- Bump sshd(8)'s LoginGraceTime from one minute to two.
- Various compatibility fixes and additions to ubsec(4).
- ifconfig(8) can now set whether or not use of IPv6 deprecated addresses are allowed.
- _x11 user and group added for xdm(1) to use.
- Pull in XFree86's fix for a serious Xlib security bug (which didn't affect OpenBSD).
- Fix parsing of NAT port ranges.
- Check the interface specified with route-to/dup-to/fastroute actually exists. If it does, null terminate its name before moving on.
- Fix an uninitialised pointer bug in ld.so(1).
- The X server now tries to open the aperture driver before trying /dev/mem. Re-enable early privilege drop on i386.
- traceroute(8) now warns if DNS returns multiple addresses, like traceroute6.
- Add support for the Promise Ultra133 TX2 EIDE controller.
- Fix an mbuf leak in wi(4).
- Reenable the atexit(3) handler improvements backed out on 31 July.
- Add -I option to traceroute6(8) to get ICMP probes instead of UDP.
- Further reduce the amount of time ssh(1) runs as root when installed setuid.
- Fudge isakmpd(8) so it only honours the requirement to check against a CRL if there is a CRL loaded...
- Update the rt(4) Radiotrack driver, add isapnp support.
- Some casts to make 64-bit kernel work with varargs calls.
- Fixes to gem(4).
- Properly limit EDNS0 size to 0xffff.
- Fix a signedness problem in SSH so that RSA_public_decrypt(3) errors can be detected.
- Make X's module loader set PROT_EXEC using mprotect(2) on malloc'd pages containing code (needed since the heap is now mapped without PROT_EXEC).
- DNS responses from getaddrinfo(3), gethostby*() and getnetby*() now get a 64K receive buffer.
[Applied to stable]
- traceroute6(8) warns if DNS returns multiple IP addresses for the target.
- Do a yyrestart() after a longjmp in pcap(3).
- Fix a dangling pointer bug in sbcompress().
- Make the X server option NoSilkenMouse work again.
- Make portmap(8) detect failure of svc_register and die nicely.
- X aperture driver for Alpha, works like i386.
- Skeleton ld.so(1) support for ELF in i386. Not enabled, nor is it promised anytime soon.
- ld.so(1) warns about symbol size mismatches.
- inet_ntop(3) handles snprintf errors properly.
- Map the heap non-executable.
- Change the way FREF() and FRELE() are called w.r.t. getvnode() and getsock().
- Fix a locking problem that can occur when an executable tries to exec(3) itself.
- Avoid a potential int overflow in comsat(8)
- Make the resolver ignore DNS AAAA replies containing IPv4-mapped addresses.
- Bump the listen() backlog from 5 to 128 (!) in ssh-agent(1).
- sshd(8)'s default LoginGraceTime reduced from 600 to 60 seconds.
- wscons(4) now attaches to each wsdisplay device by default.
- Fixes to strip(1). -x now works.
- net.inet6.ip6_use_deprecated is on by default again...
- Fix some (but not all) signal races in fsck_ffs(8).
- New -n option to ftpd(8) that disallows anonymous access even if the ftp user exists.
- Perform /tmp/.{X11,ICE}-unix fixups before the system goes multiuser.
- Fix sysctl copyout(9)s in IPv6 neigbour discovery.
- Audit and cleanup of inet_net_ntop(3), inet_neta() and inet_ntop(3).
- TCP now tries to act appropriately w.r.t. net.inet6.ip6_use_deprecated.
- Use of IPv6 deprecated addresses switched off by default. (See RFC2462 and sysctl(8) variable net.inet6.ip6_use_deprecated.)
- Fixes to the isp(4) SCSI driver.
- Correct two sizeof bugs in crypto(9).
- Allow a raw IP socket to see a gre(4) packets for tunnels we haven't configured.
- Add some more cross-compilation targets in /usr/src/Makefile.
- Backfit Perl 5.80's File::Glob implementation (based on OpenBSD's code) to our perl(1).
- Fix a null pointer dereference in pfctl(8).
- Using the state table instead of a special-purpose list, allow pf(4) NAT to use the same proxy port for multiple external peers.
- Make ssh-agent(1) setgid(_sshagnt). setuid/setgid processes can't be ptrace(2)ed.
- SPARC consoles now use wscons(4).
- traceroute(8) now displays '!X' when packets come back as ICMP administratively prohibited by filter.
- Have rsh(1) die on fd_set overruns.
- In a number of places, switch the calloc(3) round the right way.
- Switch SPARC to ELF.
- Fix an XFree runtime loader problem seen on Alpha, PowerPC, SPARC and SPARC64.
- SECURITY FIX: An insufficient boundary check in the select(2) and poll(2) system calls allows an attacker to overwrite kernel memory and execute arbitrary code in kernel context.
A source code patch is available.
[Applied to stable]
- raid(4) no longer gets loud at boot time unless option RAIDDEBUG is used.
- Sink a few bugs in bs(6).
- Fix raw socket translation for Linux compatibility mode.
- Properly clear the argument list in pmdb.
- Die on fd_set overrun in mtrace(8), map-mbone(8) and mrouted(8) (not built by default).
- When emulating Linux, don't have accept()ed sockets inherit flags from the listen socket.
[Applied to 3.1-stable]
- Fix snprintf length in syslogd(8).
- Correct a sizeof bug in photurisd(8).
- Tweak IFF_PROMISC handling in wi(4) to avoid some unnecessary initialisations.
- Fix a potential off-by-one in ld.so(1) that could cause mmap breakage on some architectures.
- Make insertion of data into socket buffers run in constant time, a huge win especially with large buffers.
- Relax slightly the conditions under which a TCP SYN packet will trigger the sequence number modulator. Handy for systems with ECN stacks.
- Fix a number of && -> & bit-test typos in OpenSSH (v1 RSA key use,) routed(8), pic(1), fvwm(1) and a few in the kernel.
- Add a couple of missing open(2) mode args in afsd(8) and msgs(1).
- Improve TX interrupt handing in be(4/SPARC,4/SPARC64).
- Fixes to mrinfo(8) (this isn't built by default).
- Improve systrace(1)'s handling of interrupted system calls.
- Fix a free-in-caught-alloc-failure-block (!) in ohci(4).
- Rewrite the CRL support in isakmpd(8). Check for OpenSSL >= 0.9.7, the earliest supported version for now.
- Retrofit the new early privilege revocation code to the old X servers.
- xlock(1) defaults to blank mode (rather than random mode). Also remove bomb mode altogether, to the annoyance of noone.
- Several fixes to the hme(4/SPARC, 4/SPARC64) driver.
- Restore struct link_map ABI compatibility between ld.so and gdb, broken by the split of link.h into separate MI, ELF and a.out files.
- Move AGP chipset support out of machine-independent section (AGP support is per-arch).
- REVISED SECURITY FIX for the OpenSSL ASN.1 buffer overflows, see the erratum.
[Applied to stable]
- Fix auth_call(3)'s error logging.
- cron(8) cross-checks the crontab filename against the system username.
- netstat(1) drops its privileges earlier.
- systrace(1) can log matching rules to syslog.
- write(1) drops privileges after opening the tty.
- Refactor vmstat(8) slightly so kvm(3) is only ever opened once (it could be opened a second time by dkstats.c before).
- Open the kvm(3) library earlier in fstat(1) and systat(1), and so drop privs earlier.
- Test for a previously unchecked malloc() return value in the RPC library, and die unceremoniously on failure.
- Catch file read errors in rdate(8)'s leapsecond handler.
- Cleanup of amd(8).
- Remove Kerberos support from the default login.conf (and its hardwired defaults for when login.conf is absent). See the log for why.
- No more RPC by default. Expect a lot of 'NFS is broken' email to misc@ when 3.2 is released.
- Rework some aspects of crontab(1)'s file checks.
- Provide our own RSA_verify(3) implementation for OpenSSH.
- Add the _sshagnt group for use by ssh-agent(1).
- Correct a pointer comparison typo in libssl's ASN.1 parser library.
- Check for correct return value of inet_aton(3) in isakmpd(8).
- Add some overflow checks similar to the calloc(3) patch to ssh(1).
- isakmpd(8) support for certificate revocation lists.
- Prevent integer overflow in i386 USER_LDT code.
- Fix NFS's handling of zero-length RPC fragments.
- systrace(1) handles unlinking of a symlink correctly.
- Limit file size to 2^31 * PAGE_SIZE in FFS code.
- u_short -> u_int16_t in mtrouted(8).
- REVISED SECURITY FIX for the xdr_array(3) buffer overflow, see the erratum.
[Applied to stable]
- Spot zero-length keys or values in ypmatch_add(), and exit early.
- Broken by the removal of atexit(3), chpass(1) now cleans up after itself properly again.
- Use fork(2) instead of vfork(2) in make(1). Fixes hppa breakage.
- Back out the new atexit(3) handler changes which appear to break Perl somehow. Bugger.
- Get calloc(3) semantics right, while still not allowing the size_t overflow.
[Applied to stable]
- Fix httpd(8) compilation without mod_ssl.
- On i386, allow mprotect(2) to alter the execution protection of the stack.
- Fix some more potential null pointer dereferences, this time in pfkey and netiso.
- Plug a kqueue(2) file descriptor leak in the X server.
- Have libc opendir(3) and scandir(3) check for size_t overflows like the new calloc().
- Like in libc, fix the calloc() implementation in named(8) (only used by a feature disabled in OpenBSD).
- Lots of work on the sparc and sparc64 console drivers.
- Kernel IPsec was only doing ESP integrity checks on NICs that had already done so in hardware...
- Fix a typo that caused a potential null pointer dereference in kernel NFS.
- New 'PermitUserEnvironment' option for SSH. Off by default.
- Add 'with or without modification' clause to gprof(1) licensing.
- Sync with OpenSSL 0.9.6e-0.9.7 CHANGES file.
- SECURITY FIX: Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the ssl(8) library, as in the ASN.1 parser code in the crypto(3) library, all of them being potentially remotely exploitable.
A source code patch is available.
[Applied to stable]
- In pf(4), allow TCP flags to be specified in all rules that include TCP (before the rules had to be exclusively TCP).
- Fix a buffer overflow in backgammon(6), and replace its gameplay algorithm.
- Kill a kernel tty memory leak.
[Applied to stable]
- Super-cautious strcpy()->strlcpy() in exec*(3).
- Return failure if the parameters given to calloc(3) would cause an overflow of size_t.
[Applied to stable]
- Don't enable so many authentication methods by default in login.conf(5).
- SECURITY FIX: A buffer overflow can occur in the xdr_array(3) RPC code, leading to possible remote crash.
A source code patch is available.
[Applied to stable]
- Privilege drop in new X servers is disabled for now on x86 due to a problem with xf86OpenConsole().
- Support DMA for two more ServerWorks pciide(4) devices.
- SECURITY FIX: A race condition exists in the pppd(8) daemon which may cause it to alter the file permissions of an arbitrary file.
A source code patch is available.
[Applied to stable]
- mprotect(2) function pointers stored by atexit(3) to stop bad guys tweaking the exit handlers.
- "undrugs" gpr(4).
- Fix two off-by-one bugs in ext2fs.
- Add ld.so support for sparc.
- Lookup of ip6.arpa, then ip6.int for IPv6 reverse resolution. See RFC3152 for why.
- Small fix for GCC 3.1.1 in IPv4 checksum code.
- Apply the 'broken PCI burst-write' workaround to all hifn(4) 7811-based devices.
- Show uftdi(4) how to use hardware and software flow control.
- Fix a potential access-after-free() in kue(4).
- /tmp/.X11-unix and /tmp/.ICE-unix are created in rc, owned by root, removing the need for root privs later on.
- Again, this time in ld(1), map BSS non-executable.
- Rearrange the new XFree86 server so all tasks for which root privs are needed get done early in osinit(). Of course, revoke root right afterwards.
- Add Dell-specific PERC (right) product IDs so that aac(4) configures Dell PowerEdge 2650 RAID.
- Add leapsecond support to rdate(8)'s NTP client.
- The install/upgrade scripts no longer automatically mount NFS filesystems.
- Kernel a.out code now allocates (mostly) non-executable BSS.
- Miscellaneous fixes to several games.
- Lots of work on the sparc64 creator(4/sparc64) framebuffer driver.
- In pf(4) the order of the log and quick keywords is now irrelevant.
- Allow X servers to be built without DGA.
- At securelevel 2, stop an attacker from setting the clock forwards to within a year of the time it wraps around to zero.
- Allow altq(9) to work on pre-Pentium x86 machines that lack pentium_mhz stuff.
- Add a distrib note that due to major changes to the port, the sparc installer won't allow upgrades to 3.2
- Only include a single wscons(4) font when building with option SMALL_KERNEL.
- Add a few more RFC2142-suggested mailbox aliases.
- Improve mg(1)'s filename handling.
- More hifn(4) fixes.
- Fix comparison bug in IPv6 multicast routing MTU check.
- Correct bad sizeof() in kernel NFS code.
- Checks for snprintf(3) return values < 0.
- Improve systrace(1)'s uid/gid tracking.
- Fix the csh(1) large directory fix.
- In ssh(1), help avoid a potential man-in-the-middle attack by showing all known host keys for a host when we're warning about an unknown host key.
- Fix a TAILQ null deref in pmdb.
- Make the second parameter to r?index()/strr?chr() an int instead of a char.
- Stick a thread mutex around name lookups in getaddrinfo(3).
- Fix a systrace(1) double free().
- CardBus support for macppc.
- Fix dc(4) cardbus reads.
- Remove a signedness bug in sshd(8)'s handling of utmp_len (-u option).
- Fix some bugs in pool(9).
- More additions to GNU as(1), this time to make Ogle compile.
- Fix graceful restarts of chroot'ed httpd(8).
- Have SSH fall back to the standard path if setusercontext() can't set it.
- Add a sequence number to kernel messages for systrace(1).
- Teach pmdb about corefiles.
- Map stack pages non-executable.
- noct(4) now works around NSP2000 PCI bridge brokenness. Fix a similar problem in hifn(4).
- Drop the requirement for commas in many pf(4) lists, useful when used in conjunction with the new variable concat feature.
- Implement string concatenation for variable declarations in pf(4).
- Big change to the way signal trampolines are stored and called.
- Add milter build support to sendmail(8), see the Makefile.
- Make sudo(8) and inetd(8) die if setusercontext() fails.
- Fix a disk masher bug in siop(4), a little too late for some.
- Don't install mk-amd-map(8) any more, we don't use it. And it's broken.
- Merge Apache 1.3.26 and mod_ssl 2.8.10.
- Have SSH remove fatal cleanups after calling fork().
- /etc/systrace directory added along with policies for named(8) and lpd(8).
- Make OpenSSL use /bin/sh instead of $SHELL when running scripts. Not everyone uses a Bourne-like shell.
- String handling and other fixes to rogue(6).
- Fix pax(1) -s replacement string truncation.
- Fix a deref after free() in the kernel's routing socket code.
- Add 'fdcache' to Apache, part of the work to make graceful restart work properly under the chroot().
- The search for a shorter rulebase continues, pf(4) now recognises 'self' as an address, meaning all IPv4 and IPv6 addresses on all interfaces.
- Fix wayward string termination in rbootd(8).
- Fix a DIAGNOSTIC bug in ffs_softupdates(4), and also make panic() calls show the right type.
- Some mbuf Fixes to the hifn(4) driver, more fixes to come.
- Add DES and 3DES to noct(4) as well.
- Fix some broken memset() and lseek() calls.
- Work around some limitations of noct(4) hardware. Add MD5 and SHA1 support.
- Small additions to as(1) to make gnupg compile.
- Add some new users (names beginning with underscore) to replace user nobody for portmap, rstatd, identd, rusersd and fingerd.
- Fix csh(1) directory completion SIGSEGV with large directories.
- Make atrun(8) part of cron(8), removing the need for the atrun cronjob.
- More pf(4): accept !<interface> syntax. Oh yes.
- top(1) now has a BSD license.
- pf(4) parser spots more silly combinations (return-rst on non-TCP rules, keep-state on block rules).
- Fix a double free in BSD authentication.
- Make ftpd(8) always use high port numbers for passive data connections (no more -h option).
- Add SIGALRM to the list of signals that can be sent (after uid/euid checks) to set[ug]id child processes.
- Enable list expansion for pf(4) NAT rules, broken since the pf.conf/nat.conf merge.
- The XFree86 3.3.x servers that are left now revoke their root privileges right after getting I/O access.
- Now that xterm(1) drops its root privileges, install it setgid(utmp) for utmp updates. Revoke setgid too if not needed.
- Fix at least one tcpdump(8) buffer overflow.
[Applied to stable]
- Teach MMX (not SSE) to as(1).
- Add radio(4) device attachment for bktr(4) and fms(4).
- Have pcibios(4) detect and ignore a too-short PCI IRQ routing table header.
- Changes to ld.so(1): Search order now always looks like a.out, destructors are called on dlclose(), move some libc-like functions into private namespace.
- Add support for AGP GART on some i386 AGP chipsets (see vga(4) and options(4)).
- Remove '\\' -> '\' translation in crontabs to keep the shell happy.
- Make xterm(1) revoke its root privileges.
- Remove a race and some other bugs from the mountpoint locking code.
- Add some flags to dohooks(8) and fix a time-honoured memory leak in hook_disestablish(9).
- New, hard-won firmware image for the txp(4) driver.
- Remove the www group's privileges to the mod_ssl mutex semaphore.
- Really remove SuperProbe from X.
- Create a skeleton UserDir tree under /var/www/users.
- Have Apache initialise OpenSSL (opening /dev/crypto) before chroot. No more /var/www/dev/crypto.
- Basic IPv6 fragment support (no normalisation yet) in pf(4).
- Correct a memcpy error in the kernel and ssh's Rijndael code.
- Make systrace(1) filename intercepts work with chroot().
- Try to make resetting of USB ports work better.
- Add fchmod translation support to systrace(1).
- Stop systrace(1) closing the std file descriptors when going daemon.
- Fix ni6_nametodns() pointer bug in icmp6; NetBSD PR17540.
- Add support in uftdi(4) for FT8U232AM-based USB serial adapters, likewise add more devices to uplcom(4).
- Fix miniroot typo that was breaking FTP installs.
- Fix sed(1)'s r command (PR2755).
- Add a daemon mode to systrace(1).
- udbsr(4) driver for D-Link radio cards added.
- Add a timeout value to USB I/O calls, rather than having a systemwide timeout.
- Make httpd(8) chroot() and drop root privileges by default. A lot module chroot fixes to come.
- Add syscall aliasing to systrace(1) (e.g. stat/fstat/readlink/access/... become 'fsread').
- Some fixes to umidi(4) and uscanner(4).
- Add SMC 2206 support to aue(4).
- Fix a potential off-by-five error in systrace(1).
- pf(4) now accepts an interface in most of the places it can take an IP address, and picks up all the IPv4 and IPv6 addresses on that interface.
- Don't try to load a 32-bit quart into a 16-bit pint register in xl(4).
- Always load ELF binaries to the address at which they were linked.
- Rig opendir(3)'s sort so it can't fail due to lack of memory.
- Compatibility fixes for the ubsec(4) 582x series.
- Some updates to cron(8).
- Grab a security fix to bcopy/memcpy from FreeBSD. See their cvsweb entry for bcopy.S.
- Work around tl(4)'s broken multicast filter.
- Remove ab(1) from the Apache installation.
- Remove NTP support from the kernel.
- Don't attempt to resubmit a structure we just freed in ipsec(4) / ipcomp(4).
- Small fixes to IP-in-IP encapsulation code.
- Add Security Mode options to atactl(8).
- Support a few more HPT pciide(4) cards.
- Make NEED_VERSION obsolete in bsd.port.mk(5).
- Fill IPv6 null pointer dereference in cvs(1) pserver.
- Remove some old upgrade hacks from the installer script.
- pf(4) chokes on invalid '! <interface>' syntax, instead of just ignoring the '!'.
- Fix pf(4) interface stats, and allow the loginterface feature to be disabled.
- Make signal handler flags in isakmpd(8) of type volatile sig_atomic_t.
- Fix a few GCC 3.1 moans in isakmpd(8).
- Un-bloating of ahc(4).
- Cleanup of rpcgen(1).
- RELIABILITY FIX: Don't assume we have an active exchange during payload validation, otherwise isakmpd(8) can be made to crash.
A source code patch exists to remedy the problem.
[Applied to stable]
- ep(4) on isapnp(4) now works on alpha.
- Improve the way the installer's fileset selection UI works.
- Fix a potential buffer overflow in xsystrace.
- Add a note to the unwary in distrib/notes about the danger of skipping several versions when upgrading.
- Don't have ssh(1) allocate memory for stuff we don't need, just to discard it straight away.
- Set IP_PORTRANGE_HIGH for active mode data channel of ftp(1).
- Add some more usb(4) product IDs.
- Fix an off-by-one error in rmt(8) and improve string handling in general.
- Normalise nc(1)'s EOF handling.
- Plug a few ssh(1) memory leaks.
- Tweak the tga(4/ALPHA) driver.
- Fix several missing or broken malloc(3) and realloc(3) failure checks.
- In rcs(1), actually exit(3) after spotting that LocalId is too long.
- Lots of ANSIfication of function declarations and prototypes.
- Fix bug causing 'SPL NOT LOWERED' errors from the ami(4) RAID controller.
- Give ssh-keysign(8) its setuid(root) toys back, but only work at all if HostbasedAuthentication is globally disabled.
- Use RSA_blinding_on(3) to ward off a Kocher timing attack on ssh-keysign(8).
- Fix signal(3) race in ping(8).
- Remove adv(4) from the i386 RAMDISK kernel until new ahc(4) un-bloats itself.
- Catch a null pointer dereference when fetching the routing table via sysctl(3).
- Make sis(4) compile and work on alpha.
- Return correct result sizes from ubsec(4).
- bridge(4) will now compile with ipsec(4) but no pf(4).
- Cleanup of ftpd(8).
- Fix PIO writes code in wdc(4), broken since OpenBSD 2.5!
- Remove unnecessary longjmp(3) from login(1).
- Pages allocated with debug_malloc() aren't ever executed, so don't use VM_PROT_ALL.
- Finally fix bridge(4) address cache bug.
- Properly handle endpoint differences of opinion on ssh(1) Compression options
- Fix the wsdisplay(4) blanker after the X server has been running.
- Make the installer deal correctly with passwords starting with '-X ' for some X, instead of misinterpreting them as options to encrypt(1).
- Fix some compatibility quirks in ppp(8).
- Add a pushback buffer to pfctl(8)'s parser.
- Remove setuid(root) from ssh-keysign(8), disabling it for now.
- Have named(8) call tzset(3) so /etc/localtime isn't needed after the chroot(2).
- More fixes to the new ahc(4) driver.
- Add AlphaServer 800 and 1000 support.
- Enable lc(4) devices in alpha GENERIC kernel.
- Fix isapnp(4) panics on alpha.
- Make xf86config give the option of configuring a mouse wheel.
- Gracefully handle i386_iopl(2) failure in the X server when trying to give up privileges.
- Add wscons(4) files to fbtab(5) on i386.
- Add kqueue(2) support to syslog(3).
- Evolve strtou?q() into strtou?ll(). Use weak aliases if available (wrappers otherwise) to fake strtou?q().
- Run rpc.rstatd(8) and rpc.rusersd(8) as root from inetd(8) again, but go to nobody's jail at startup.
- Lots more bounds-checking all over the place.
- Recognise a few more fxp(4) devices.
- Correct misleading cgetclose() entry in getcap(3) manpage.
- Try again with the new ahc(4) driver.
- Cleanups of chpass(1) and passwd(1).
- SECURITY FIX: The kernel would let any user ktrace(2) set[ug]id processes.
A source code patch is available.
[Applied to stable]
- newsyslog(8) now doesn't follow symbolic links by default, fixing PR1913.
- Change web site banner to "One remote hole in the default install, in nearly 6 years!" That's still an awesome record.
- More audit of OpenSSH.
- OpenSSH 3.4 was released, and there was much rejoicing.
- SECURITY FIX: All versions of OpenSSH's sshd(8) between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. The problem is fixed in OpenSSH 3.4.
A source code patch is available.
[Applied to stable]
- Add a number of resource limits to ssh(1).
- Increase i386 kvm size to 768M.
- The list of great Theo quotes for mg(1) continues to grow.
- SECURITY FIX: A potential buffer overflow in the DNS resolver has been found.
A source code patch is available.
[Applied to stable]
- Merge in Sendmail 8.12.5.
- Start work on IP-over-FireWire and IP-over-SCSI.
- Move a bunch of pfctl(8) options into pf.conf(5).
- c2k2-inspired changes to the installer.
- Skip routing table lookup when {broad,multi}casting and the outgoing interface is set using setsockopt(2). Removes the need for a 224/4 route.
- Make X use /dev/wsmouse instead of /dev/wsmouse0 by default.
- Add some m68k opcode aliases for GNU as(1) from recent binutils.
- Fix the FTP relay in faithd(8).
- Fix wi(4) reassociation after an AP reboot.
- SECURITY FIX: A buffer overflow can
occur in the .htaccess parsing code in the mod_ssl httpd(8) module, leading to possible remote crash or exploit (PR2767.)
A source code patch is available.
[Applied to stable]
- Lots of uid_t and gid_t signedness fixes.
- sshd(8) no longer calls setsid() when run from inetd(8).
- Make cvs(1) pserver talk IPv6.
- Increment boot(8) version to help debug the new memory probe and other fixes.
- Make wi(4) less twitchy on quick inserts/ejects.
- String handling and bounds checking fixes to login_fbtab(3).
- Bump OpenSSH to version 3.3.
[Applied to stable]
- Start adding kqueue(2) support to noct(4).
- System call argument rewriting framework for systrace(4).
- Enable wi(4) on sparc64, after a lot of groundwork.
- Fix some endianness nits in wi(4).
- Remove ifmcstat(8), the same information is available from netstat(1).
- More improvements to 4GB memory probing on i386.
- ssh(1) and sshd(8) options are now documented in their own sshd?_config(5) manpage.
- Add option for smooth scrolling to talk(1).
- Support a few more wireless cards in wi(4).
- Build wicontrol(8) on sparc64 as well.
- String handling cleanups in comsat(8).
- Support magma(4/SPARC), magma(4/SPARC64) serial/parallel boards.
- Support stp(4) sbus-PCMCIA bridge based on STP4020 chipset. (The nell driver on Solaris.)
- Cleanup of timed(8).
- Removing its setgid(kmem) was not enough, remove trsp(8) altogether.
- Make yacc(1) errors look like C compiler errors, so parser utilities such as error(1) can deal with it.
- Add kqueue(2) support to random(9).
- Kill file descriptor leak in dhcpd(8).
- Fix lots of format strings in the dhcp(8) programs.
- ps(1) shows flag 'x' for systrace(4)'d processes.
- Lots of work on the gpr(4) driver.
- Fix uftdi(4).
- Make systat(1) revoke its setgid(kmem) privileges.
- Remove old pccons driver from i386, also the associated XSERVER option from the kernel.
- Fix ftpd(8)'s SIGALRM handler.
- SECURITY FIX: A buffer overflow can
occur during the interpretation of chunked encoding in httpd(8), leading to possible remote crash.
A source code patch is available.
[Applied to stable]
- Add the punctuation-challenged Nike psa[play^120 USB widget.
- Remove setgid(kmem) from the enormously useful trsp(8).
- Add UK keyboard map to macppc (with '#' on Option-3) and also option CAPS_IS_CONTROL.
- Increase xl(4) timeout to squash 'command never completed!' warnings.
- Add kqueue(2) support to audio(4).
- Import event(3), an API on top of select(2) or kqueue(2).
- Enable DMA on xl(4).
- Allow transparent (statically keyed) ipsec(4) processing on a bridge(4).
- Help ppp(8) to cope with yet more Microsoft PPP attributes.
- Extend ssh-agent(1) key lifetime constraints more flexible (i.e. more than just key lifetime).
- Teach ECN attributes to isakmpd(8).
- Add eui64 option to ifconfig(8) for configuring the IPv6 interface index.
- Add a sysctl(3) to get the CPU type on sparc and sparc64.
- Throw away the first 256 words of arc4 output in random(9).
- Gratuitous pid_t cleanup in /usr/bin.
- Grab multicast vlan(4) code from NetBSD.
- Add some inlined hash functions for the kernel, in <sys/hash.h>.
- Cleanup work on conditional evaluation in make(1).
- isakmpd(8) accepts IPComp flows.
- Drop pf(4) scrub(fragcache) syntax in favour of the fragment ... option in scrub rules.
- Teach tcpdump(8) about ipcomp(4).
- Show sparc64's X server which device it wants to mmap().
- Add ioctl to wscons(4) allowing sparc64 (other architectures later) to find out which PCI device it's using.
- Enable userland crypto(4) support for DSA. Maybe logging in using ssh2 on a 486 needn't take 20 seconds after all.
- Kernel changes and sysctl(3) switch for hardware asymmetric crypto(4) in userland.
- Add initial Ultra Port Architecture (upa(4/SPARC64)) support. Attach creator(4) and schizo(4) using it.
- Import new vax boot code from NetBSD.
- Add umct(4) USB serial driver and .umidi(4) USB MIDI driver. Not tested, not in GENERIC.
- Add IPL_STATCLOCK and add lots of splassert()s.
- ssh(1) spends less time with euid==0 even if it is installed setuid(root).
- Much cleanup in distrib/miniroot.
- Make pfctl(8) -s state print UDP and 'other' states nicely.
- New scrub(fragcache) ... syntax for pf(4).
- pf(4) NAT proxy port ranges can be specified per-rule.
- Don't panic(9) if pf(4) tries to insert a duplicate key.
- pf(4) NAT and filter rules now all go in the one file (normally pf.conf(5)). New pfctl(8) file syntax. Oh yes.
- Clean up semantics of gre(4) a bit.
- ifconfig(8) prints the Ethernet address. Yippee!
- route(8) now accepts DNS names (and naturally enough treats them as host routes).
- Stop isakmpd(8) using the same range for SPIs and CPIs.
- Ports can now be specified in pf(4) NAT rules.
- Allow systrace(4) to attach to a running process.
- Add ioctl systrace(4) to retrieve the current emulation of a process.
- Remove dlopen(3) stuff from isakmpd(8).
- Fix BPF code for a gif(4) tunnel, and add some more sanity checks.
- Default RhostsAuthentication and RhostsRSAAuthentication to 'no' now that ssh(1) is now longer setuid(root) by default.
- ssh-add(1) key lifetimes can now be specified in nice readable form, e.g. '-t 1h'.
- Define __weak_alias() for mvme88k.
- Merge GNU TeXinfo 4.2.
- Prevent mbuf(9) leakage from bridge(4).
- New bad144(8).
- user(8) now checks the username length against MaxUserNameLen.
- Add bio(4) device, so userland can talk to devices that don't have nodes in /dev.
- Remove KerberosIV startup code from rc(8) files.
- Make pf(4) NAT rules work more like normal filter rules.
- Add SIO*PHYADDR to gif(4) so ifconfig(8) can set the outer address.
- Make published arp(8) entries work again (PR2635).
- Make dhcp(8) build faster (PR2715).
- Start converting netstat(1) and systat(1) to sysctl(3) instead of kvm.
- Set FDDI link MTU the same as IPv4 MTU, fixes PR2714.
- Allow numeric group IDs in systrace(1).
- Changes to initialisation and media config of ep(4).
- Add list support for pf(4) rdr rules.
- Fix a number of bad strlcpy(3) calls.
- Fix PR2704 resuming eso(4) after standby.
- Change a lot of index(3) calls to strchr(3).
- Change "'cuz" to "because." Strewth!
- Add another mbuf(9) flag M_AUTH_AH, changing the meaning of M_AUTH.
- Remove a bunch of '\n's from syslog(3) and err(3) calls.
- Make isakmpd(8) IKECFG support work for both SET/ACK and REQ/REPLY modes.
- Fixes for OpenSSL when talking to hardware crypto(4).
- Stop ftp(1) and ftpd(8) spilling the IPv6 scope ID onto the wire.
- The hardware is willing, and now xl(4) is able to offload TCP, UDP and IP checksumming to it.
- Support setting MTU on sk(4).
- Add KERN_{NFILES,TTYCOUNT,NUMVNODES,MBSTAT} sysctl(3) entries.
- For a bridge(4), handle IPv4 frag-needed-but-DF-set just like on a regular interface.
- Pull in some pciide(4) fixes from NetBSD.
- Remove (arguably) unnecessary setgid(operator) from df(1).
- Remove setuid(kmem) from ps(1) and w(1) now kvm can use sysctl for some stuff. We don't need no proc filesystem...
- Make the kvm(3) library try to use the shiny new sysctls to fetch process arguments and environment.
- Add flag to stop kwm_open(3) opening any files, though limiting kvm functionality.
- Add sysctl(3) to retrieve process arguments and environment.
- Tweak kernel memory allocation on i386 to work better on 4GB machines.
- Work started on schizo(4/SPARC64) PCI controller. Who said that?
- Install script now puts FQDN in /etc/myname.
- Make more use of splsoftnet() (instead of splnet()) in IPv6 code.
- lo0 now only gets ::1 when it's brought up.
- Merge kth-krb 1.1.1.
- Enable weak aliases in libc for powerpc, sparc and alpha (already enabled on i386).
- Add new splusb() to prevent USB initialisation lossage.
- Improve SMART support in atactl(8).
- Silently ignore deprecated options to ssh(1) since they may be passed in for a remote scp command.
- Remove FallbackToRsh from scp(1) as well.
- pf(4) NAT rules now do macro expansion as well.
- Add Makefile-like (var += ...) macro concatenation to pfctl(8), then remove it again.
- Add per-rule state timeouts to pf(4).
- Fix well-hidden little bug in crypto(3) to unbork sparc64 SSL/TLS negotiation.
- On alpha, don't allow kernel symbols to be paged out.
- Deprecate FallbackToRsh and UseRsh options in ssh(1).
- ssh-keysign(8) now insists on 20-byte session IDs.
- Remove suspect DIAGNOSTIC block from softdep kernel code.
- Make wsdisplay(4) screen blanker play nice with the X server.
- lpr(1) and friends go from setuid(root) to setgid(daemon). Connections can come from unprivileged ports for now.
- Add Realtek 8129/8139 cardbus device support to rl(4).
- Switch macppc to use gem instead of gm.
- Multicast fixes and Gigabit Ethernet support for gem(4).
- Rule label length increased from 32 to 64 characters.
- Allow modification of TTL with pf(4) return-rst.
- Timeout handling improvements to ohci(4).
- Make netstat(1) print RIP6 statistics.
- Allow a per-rule limit to the number of state table entries a pf.conf(5) rule can create.
- Switch pf(4) from AVL to red-black trees.
- Add Gemplus GPR400 PCMCIA smartcard reader.
- Don't propose IDEA when negotiating SSL connections.
- $srcaddr, $srcport, $dstaddr, $dstport, $proto and $nr (rule number) can now be used in pfctl(8) rule labels.
- Make a kernel TCP RST and a pf(4) return-rst look the same, to frustrate the nmap crowd.
- Some systrace(4) filter list optimizations.
- Remove IPv4 mapped address support from TCP input code, and remove is_ipv6().
- Add net.inet6.ip6.v6only sysctl(8) flag.
- Add ikecfg as a valid flag in isakmpd.conf(5). Start coding SET/ACK mode support.
- inetd(8) no longer accepts UDP packets if the source is a broadcast address.
- Start work on KDrive (TinyX) low-footprint X server support.
- Add a missing bzero() in sys/netinet/tcp_input.c to fix link-local TCP.
- Add flow type to ipsec(4) and isakmpd(8).
- Fix isakmpd(8) crasher PR2729.
- Deprecate SIO.*IFPREFIX_IN6 ioctls.
- Merge arla release 0.35.7.
- Merge OpenSSL 0.9.7-stable-20020605.
- TCP wrappers and pfctl(8) accept scoped IPv6 addresses.
- Remove [gs]etprogname() from KerberosIV
- Fix ipsec(4) crash described in PR2721.
- Disable XF86_SVGA drivers in old XFree that are as good or better in XFree86 4.2.0, as defined in their status page.
- bpf(4) support for kqueue(2)
- In isakmpd(8), add netmask, subnet and DHCP server request support to IKECFG.
- Fix bktr(4) stereo.
- Support the RNG of AMD-768 southbridge (device amdpm(4)).
- Fix DMA handing of hme(4) (SPARC and SPARC64).
- Pull in libcsu change from NetBSD to allow dlopen(3) to be used much earlier.
- Add -t key lifetime option to ssh-add(1).
- Use IPv4/IPv6 addresses in /etc/inetd.conf instead of 'localhost' to avoid DNS lookups.
- Add predicate suffixes to systrace(1).
- Add -x and -X options to respectively lock and unlock ssh-agent(1).
- Compatibility tweaks to getpid(), getuid() and getgid() under Linux emulation.
- Start work on new debugger, pmdb.
- Additional check (#ifdef DIAGNOSTIC) for duplicate uvm(9) map entries.
- If syslog(3) fails with ENOBUFS when sending to /dev/log, it now waits a millisecond and retries.
- syslogd(8) doubles the socket receive buffer size.
- Automatic policy generation for systrace(4).
- lynx(1) now defaults to passive FTP.
- Remove [gs]etprogname() from KerberosV.
- New -a <bind_address> option to ssh-agent(1) so user can specify the agent's UNIX domain socket.
- Make tbrconfig(8) statically linked.
- Remove assumptions about MTU values for certain media types.
- Use the same byte-order kung fu as the kernel in atactl(8).
- Don't automagically set -prefixlen 128 on IPv6 host route.
- rasops instead of rcons for vgafb(4/SPARC64).
- Add xsystrace(1) [no manpage yet] UI for systrace(4).
- Add sbus bwtwo(4) mono framebuffer support (untested).
- PrivSep'd ssh monitor processes check each authentication method is enabled before use.
- systrace(1) userland import.
- Use arc4random(3) for rtadvd(8).
- Make nice(3) standards compliant.
- More wi(4) tweaks for Symbol cards.
- Recognise VIA VT8233 PCI-ISA bridge.
- Fix sparc64 64-bit relocation masks in ld.so(1).
- Merge in Sendmail 8.12.4.
- Detect stereo radio reception in fms(4).
- Compatibility tweaks to creator(4/SPARC64).
- Replace mr(4) radio driver with new gtp(4) driver, which is better tested.
- 'pfctl -s all' now prints labels as well.
- Add volatile to sig_atomic_t. Stand well back.
- Use rasops instead of rcons in cgthree(4/SPARC) and cgsix(4/SPARC).
- Simplify IPv6 link MTU code.
- Implement PMAP_CANFAIL flag for m68k pmap.
- Enable console blanking on cgthree(4/SPARC).
- Make sure some struct sockaddr are cleared before use.
- Start work on NetOctave NSP2000 (hardware crypto) driver noct(4). Just the RNG for now.
- Apply BSD Airtools 0.2 patches.
- Teach ECN flags to pf(4).
- Dump mkisofs(8) in favor of mkhybrid(8).
- Avoid fd_set overruns in rtsold(8), route6d(8) and rtadvd(8).
- Clue in inetd(8) to IPv6 FTP bounce attacks.
- Fix /etc/ptmp deletion bug that occurred if rmuser(8) was aborted.
- IBSS mode for Symbol cards (firmware >= 2.5) using the wi(4) driver.
- Add leading-zero padding to RSA signatures in ssh.
- Tweak altq(9) options(4) so the kernel compiles on i[34]86.
- Add support in the fxp(4) driver for more Intel PRO/100 VM cards.
- For those that do metric but refuse to work in meters and kilograms, kayser conversion has been added to units(1). Wow.
- Fix signal races in ping(8).
- Now that the Dungeon Master dm(1) has gone into well-earned retirement, make those games that need to save high scores, etc. run setgid games.
- Per-socket ipsec(4) policies and options!
- Stop a potential ipsec(4) DoS where an attacker could falsely advance the replay counter and so force valid traffic to be discarded.
- Add German keyboard map for Apple laptops.
- On ELF platforms, allow gcc(1) to link Fortran code with other languages.
- Make sure every PCI interrupt is recorded, so ISA doesn't step on one of them later.
- Better radio(4) devices attachment.
- Fix VIA8233 support in auvia(4).
- Make nc(1) timeouts behave more like netcat.
- Make sure user's shell is /usr/sbin/authpf before running authpf(8) to prevent $SSH_CLIENT shenanigans.
- In ssh, use OpenSSL's AES implementation instead of our own.
- Add -[46] options to ftp(1).
- Warn to syslog if IPv6 neighbor discovery tries to set the link MTU too small.
- Make tip(1) query the driver with the user's baud rate setting rather than only accepting a compiled-in list.
- Cleanup and small fixes to skeyaudit(1).
- Fixes to fms(4).
- Various fixes and enhancements to mg(1).
- sshd(8) no longer starts in privilege-separated mode unless the PrivSep user sshd and chroot(2) dir /var/empty are both present.
- Fix potential time overflow in dd(1).
- Make bridge(4) refragment IP packets that are too large for the outgoing interface.
- Remove libdl, support is in libc since a long time already.
- Recognise Nokia C110 and C111 PC cards as wi(4) devices.
- Really sanitize ld.so(1)'s environment as promised in the manpage when running set[ug]id, and test for set[ug]id earlier.
- Don't allow mktemp(3) to back up past the beginning of its input buffer.
- Use the correct string buffer size for printing port numbers in pfctl(8).
- Remove arc4random_8().
- struct ifnet now has an array of pointers to data for each address family. Move per-interface IPv6 state and neighbor discovery stuff here.
- netstat(1) cleanup.
- ping6(8) and traceroute6(8) updates from KAME.
- unsigned -> unsigned int cleanup.
- Repair machdep.chipset sysctl on alpha.
- Audit pid_t type usage.
- Audit incorrect signal(2) usage.
- Fix big snprintf(3)
parameter typo in strftime(3).
- Don't use execlp(3) when invoking ssh-keysign(8).
- Fix kill(2) parameter brainfade in amd(8) and KerberosIV's rlogin.
- vax: Add board type for VXT2000+.
- More IANA interface type values, including IFT_BRIDGE.
- Split XFree86 bsd_video.c into architecture-specific files.
- Add sysctl(8) toggle net.inet.icmp.tstamprepl (default: 1) for ICMP timestamp replies.
- Even more steps toward the death of unsafe string functions.
- In XFree86 build, honour COPTS variable when building third-party apps.
- Add LIBS option for crunchgen so custom libraries can be added to boot images.
- Run rpc.rstatd(8) and rpc.rusersd(8) as user nobody (boo!) from inetd(8).
- From ld.so(1), remove tests that have no license, and for the same reason replace parts of ld(1) and ldconfig(8).
- Remove unnecessary instruction cache flushes on sparc64.
- Many cleanups in ld.so(1).
- Support mixed IPv4/IPv6 address lists in pfctl(8).
- Add ssh-keysign(8).
- Remove obsolete dm(8).
- Fix disklabel(8)
warnings on CD-ROM
(cd(4))
with no data track.
- Allow incoming ssh(1) connections in the temporary pf(4) ruleset installed by /etc/rc, just in case the real rulebase fails to load later on.
- Hunt for biodone() calls not made at splbio() spl(9), and fix them.
- Improve cd9660(8) filesystem read-ahead performance.
- Support software brightness and backlight control on various macppc models.
- Allow wsconsctl(8) to control brightness and backlight on displays which
support this.
- New libc IEEE floating-point code and libm routines for hppa.
- splassert (spl(9)) on i386.
- More steps toward the death of unsafe string functions.
- splassert (spl(9)) on sparc64.
- Add a creator(4) driver for sparc64 Creator and Creator3D cards.
- Jumbo lpr(1) changes including IPv6 support, new features, and bugfixes.
- Still more hppa memory management and low-level code fixes.
- Simple pmap optimization on macppc.
- Did we mention the cleaning of the installation scripts, adding functionality yet reducing size?
- Allow ddb(4) to do a stack trace into the kernel message buffer.
- isp(4) fixes.
- SECURITY FIX: Fix incorrect ACL check when using BSD authentication in sshd(8).
A source code patch is available.
[Applied to stable]
- Fix a memory leak in mg(1).
- New systrace facility.
- Better Cyrix CPU support.
- ECN support.
- Support SNTP in rdate(8).
- Fix infinite SIGFPE loop situations on vax.
- Remove unnecessary setuid bit from binaries that either do not need it or
whose functionality requiring root privileges should only be invoked by root
anyways, or which can be changed into a setgid bit for a specific group.
- Switch skey(1) management to per-user directories instead of a flat file and drop setuid bit on related tools.
- Lots of ppp(8) goodies.
- New splassert (see spl(9)) debug functionality on sparc.
- Enable Altivec instructions in macppc kernels.
- Support more Hifn cards (7814, 7851, 7854) via the nofn(4) driver.
- OpenSSL 0.9.7.
- Completely rework at(1) and related binaries, and make them POSIX-compliant.
- More use of hardware crypto cards functionality via ubsec(4).
- More hppa memory management fixes.
- binutils 2.11.2.
- Add per-gid filtering to pf(4).
- Switch at(1) to be setgid crontab as well.
- Handle host names resolving in several addresses in pfctl(8).
- Fix compilation warnings for various userland programs.
- Add a new user, crontab, and change cron(8) from being setuid root to being setgid crontab.
- Add per-uid filtering to pf(4).
- More usb(4) support updates.
- More ubsec(4)
hackery to get it to do more crypto operations, and hack
hifn(4)
and
lofn(4)
to work with this.
- Your average extensive cleaning of the installation scripts, adding functionality yet reducing size.
- Fix adb(4) french keyboard layout on macppc.
- Switch ELF platforms to the native gprof(1).
- Obtain a better licence for the hppa spmath routines.
- Add an url(4) driver for Realtek RTL8150L-based USB cards.
- mvme88k pmap bugfixes.
- Various usb(4) driver updates.
- Remove rlogin(1),
rlogind(8) and
rexecd(8).
- Fix several wrong computations in newfs(8).
- Workaround ghost pcibus detection in pchb(4).
- Add a tuner driver for the fms(4) radio cards.
- Allow userland to know which pf(4) rule created a specific state.
- Prevent a 3.0 wsmoused(8) binary from panic'ing the kernel.
- Enable privsep by default in sshd(8).
- Fix find(1)'s -anewer and -cnewer options behaviour.
- Sprinkle ptrdiff_t and size_t types instead of int all over the tree.
- Support LBA48 addressing in wdc(4).
- Bring back TURBOchannel alpha hardware support.
- Fix a slightly incorrect behaviour of the device cloning in UKC (boot_config(8)).
- SECURITY FIX: cause the exec(3) to fail if we are unable to allocate resources when dup-ing /dev/null(4) to fd(4)'s 0-2 for setuid programs.
A source code patch is available.
[Applied to stable]
- Extended Attributes code updates.
- Improve PS/2 mouse port detection in pckbc(4).
- Better hifn(4) initialisation and memory usage.
- Extensive cleaning of the installation scripts, adding functionality yet reducing size. No, you're not having a deja vu.
- Fix ethernet interrupt level on sparc, and rework the sparc interrupt framework.
- Better color depth detection in Xwsfb.
- 64-bit fixes in vmstat(8).
- Improve dma processing in bge(4).
- RELIABILITY FIX: constrain readdirplus request count in the nfs(8) filesystem.
[Applied to stable]
- Switch macppc console from the rcons engine to the rasops engine.
- Extensive cleaning of the installation scripts, adding functionality yet reducing size. Yes, once again.
- Add IEEE754 floating point completion code on alpha.
- Improve dma processing in gx(4).
- Build the XFree86 GLX extension on sparc64.
- Hunt for outdated prototypes for character devices entry points and fix them.
- Switch mvme88k to the new MAKEDEV(8) generation framework.
- Implement the -s option in m4(1), for it to be POSIX-compliant.
- Kill all mvme68k kernel compilation warnings.
- Assorted mac68k code cleanups.
- Shared key support in hostap mode in wi(4).
- Make Xwsfb support tga(4) cards on alpha.
- Fix a lock leak in ami(4).
- SECURITY FIX: update sudo(8) to sudo 1.6.6.
A source code patch is available.
[Applied to stable]
- RELIABILITY FIX: avoid buffer overrun on PASV from a malicious server in ftp(1).
[Applied to stable]
- Add a Soundforte radio driver, sfr(4).
- Add dynamic interface -> address translation in pf(4).
- Add kernel hooks on ethernet interfaces, triggered by address changes.
- Extended Attributes code updates.
- Enable the Freetype library on sparc64.
- Add queuing in the kernel crypto framework.
- Make the system includes C++ friendly.
- Allow explicit filtering of non-reassembled fragments in pf(4).
- Support more hardware and fix stability issues in the mac68k sn(4) network driver.
- Improved Lithuanian keyboard map for wscons(4).
- SECURITY FIX: fix a buffer overflow in AFS/Kerberos token handling in sshd(8), and send a complete ticket.
A source code patch is available.
[Applied to stable]
- Fix a memory leak in mg(1).
- Assorted hppa memory management fixes.
- Allow fractional delays in top(1).
- Enable upgrade functionality again on alpha installation media.
- Extensive cleaning of the installation scripts, adding functionality yet reducing size.
- Make cvs(1) create the .cvspass file on a login operation if it does not exist, rather than failing.
- Extend mac68k disklabels to 16 partitions, like all the other platforms.
- Add cddb support to cdio(1).
- Support more network cards with the dc(4) driver.
- Improve sparc pmap behaviour in some low memory conditions.
- sendmail 8.13.
- Switch mvme68k to the new MAKEDEV(8) generation framework.
- Improve the library logic in ld(1) to increase speed and decrease memory usage on a.out platforms.
- New mvme68k installation media.
- Change fpu probe routine on mac68k.
- Fix an obscure bug in sed(1).
- Support more wireless cards with the wi(4) driver, and fix a few issues within.
- Fix 64-bit issues in pfctl(8).
- Remove the wx(4) driver,
which had been deprecated in favor of the gx(4) driver.
This list mentions mostly platform-independent changes. For a list of changes
made in a particular platform, please check the page for that platform. If you
find them not listed there, the changes are either (1) not being documented or
(2) are documented here.