ViewVC Help

View File | Revision Log | Show Annotations | Revision Graph | Download File | Root Listing

root/midnightbsd-cvs/src/UPDATING

Comparing src/UPDATING (file contents):
Revision 1.14 by laffer1, Wed Mar 14 03:37:31 2007 UTC vs.
Revision 1.94.2.8 by laffer1, Thu Feb 3 14:39:07 2011 UTC

#	Line 1 | Line 1
1		Updating Information for MidnightBSD users
2
3	<	Items affecting the mports and packages system can be found in
4	<	/usr/mports/UPDATING.
3	>	20110203:
4	>	Fix the sqlite3.pc file so that it reports the proper version of sqlite3.  This shouldn't
5	>	cause any functional changes with mports or the release.
6
7	+	20110128:
8	+	MidnightBSD 0.3-RELEASE
9	+
10	+	20110124:
11	+	pkg_add migrated to release pkg path.
12	+
13	+	20110123:
14	+	Fix a bug in netwait that prints error messages when booting up. netwait is a
15	+	rc.conf(5) var that allows you to wait for network link to come up on a specific
16	+	interface and/or ip address before booting the system.
17	+
18	+	20101130:
19	+	A double free exists in the SSL client ECDH handling code, when
20	+	processing specially crafted public keys with invalid prime
21	+	numbers. [CVE-2010-2939]
22	+
23	+	20101110:
24	+	Fix a security issue with pseudofs which could result in running code in kernel
25	+	context or a kernel panic depending on system configuration.  This affects file
26	+	systems such as procfs for instance.
27	+
28	+	20101008:
29	+	A bug in glob(3) results in uncontrolled memory usage causing a possible
30	+	DOS attach in sftpd and ftpd.  Rework the glob logic, fix the man page
31	+	and enable the fix in sftp.c and sftp-glob.c
32	+
33	+	20100920:
34	+	Security update for bzip2 integer overflow
35	+
36	+	20100906:
37	+	Remove xz from the base system.  This will be developed in current.
38	+
39	+	RELENG_0_3 created.
40	+
41	+	20100902:
42	+	Fix a security issue with libutil that allows users to bypass cpu limits in
43	+	login.conf in some cases.  This combined with OpenSSH for example can allow
44	+	the user to get more resources than they're allowed.
45	+
46	+	20100822:
47	+	Import Apple's mDNSResponder (mdnsd).
48	+
49	+	20100814:
50	+	libdispatch added to MidnightBSD.  This provides functionality found in
51	+	Mac OS X's GCD.  We do not have blocks support yet.  As this code is
52	+	licensed under Apache 2, we create a new MK_APACHE option so that
53	+	it's not required for all users to run code under a license they
54	+	may not like.
55	+
56	+	20100713:
57	+	mbuf readonly fix related to sendfile(2) data corruption.
58	+
59	+	20100704:
60	+	brainfuck(1) imported from MirBSD.
61	+
62	+	20100505:
63	+	zlib 1.2.5
64	+
65	+	20100430:
66	+	Sudo 1.7.2p6 imported
67	+
68	+	20100321:
69	+	Update zlib to 1.2.4
70	+
71	+	20100319:
72	+	Removed i586 from default i386 generic kernel.
73	+
74	+	20100317:
75	+	Update to tzdata2010e (time zones).  This includes changes in
76	+	Mexico.
77	+
78	+	Add support for several newer sound cards via hda including
79	+	ATI and Realtek chipsets.
80	+
81	+	20100313:
82	+	CPU detection has been changed.  VIA Padlock detection added.
83	+
84	+	20100312:
85	+	Fix a number of bugs and compiler warnings in libmport. Handle
86	+	plus signs in paths for mport.check-fake
87	+
88	+	20100311:
89	+	mksh R39c
90	+
91	+	20100309:
92	+	Sudo 1.7.2p5
93	+
94	+	sqlite3 3.6.23
95	+
96	+	mksh R39b
97	+
98	+	libffi (ffi) 3.0.9
99	+
100	+	20100206:
101	+	WITHOUT_LIB32 is no longer needed on AMD64.  GCC was fixed to
102	+	properly pass arguments to ld.
103	+
104	+	re(4) and rl(4) have been updated to support several new
105	+	realtek chipsets.  Performance has been improved on re(4).
106	+
107	+	20100204:
108	+	Fix a bug cropping up on AMD64 MidnightBSD with sftp
109	+	segfaulting.
110	+
111	+	20100116:
112	+	Import ash changes from FreeBSD (bin/sh) 8-Stable.
113	+
114	+	BIND 9.6.1-P2
115	+
116	+	20100110:
117	+	Import Sendmail 8.14.4. Fix for SSL vulnerability.
118	+
119	+	posix_spawn(3) added to MidnightBSD libc.  Users may need to build and
120	+	install libc before doing a full buildworld when upating from 0.2 or
121	+	older current systems.
122	+
123	+	kqueue(2) was modified to support portions of libdispatch functionality.
124	+
125	+	20100106:
126	+	Bind security update.  Fix a bug with DNSSEC that causes negative
127	+	cache entries and thus a possible DNS cache poisoning attack.
128	+
129	+	Fix a bug in ZFS that can reset permissions on system crashes.
130	+
131	+	20091228:
132	+	amdtemp(4) was added.  It allows one to monitor to the temperature
133	+	of an AMD CPU such as a Phenom.
134	+
135	+	20091205:
136	+	OpenSSL security fix
137	+
138	+	The SSL version 3 and TLS protocols support session renegotiation without
139	+	cryptographically tying the new session parameters to the old parameters.
140	+
141	+	20091128:
142	+	OpenBSD sensors framework imported including sensorsd(8)
143	+
144	+	20091126:
145	+	OpenNTPD 4.4 import
146	+
147	+	Update OpenSSH to 5.3p1
148	+
149	+	mksh R39
150	+
151	+	20091124:
152	+	cpdup updated from DragonFly to 1.15
153	+
154	+	tzdata2009s updated with latest timezone data for November 2009.
155	+
156	+	20091010:
157	+	amd64 users should use WITHOUT_LIB32=yes in /etc/make.conf for now
158	+	to test current.
159	+
160	+	Revert unicode filename fixes from ntfs code.  This was causing chaos
161	+	on amd64 systems.
162	+
163	+	20091006:
164	+	Update timezone data with tzdata2009n with the Pakistan and
165	+	Argentina changes.
166	+
167	+	Sync several userland utilities with versions from FreeBSD 7.0 in
168	+	sbin and usr.sbin.
169	+
170	+	20090919:
171	+	Update timezone data with tzdate2009m from September 2009.
172	+
173	+	20090729:
174	+	Patch for Bind 9 security vulnerability. a dynmaic update packet
175	+	can trigger an assertion and cause named to exit
176	+
177	+	20090606:
178	+	Remove PCC from the base system.  This compiler will not work
179	+	as a system compiler for us as we've got some userland investment
180	+	in C++ code and may have Objective-C in the future.  We're stuck
181	+	with a solution that supports these three languages at a minimum.
182	+
183	+	I had wanted to keep it as an optional compiler because it is
184	+	fast, however too many users want to try to use it for the base
185	+	system which makes no sense.
186	+
187	+	A hack was added for Cypress based usb hard drive enclosures to
188	+	the kernel.  This should cut down on commands it claims to support
189	+	but does not (at the cam layer).  Found while testing ZFS on
190	+	an external device.
191	+
192	+	20090520:
193	+	The powerd daemon no longer starts automatically to improve
194	+	compatibility with many systems.  However, there is a new
195	+	installer option in the startup section to enable it. This
196	+	makes it easier to enable for users that have working systems. I                thought it was only a problem on older hardware, but it freaks
197	+	out my new Phenom too.
198	+
199	+	20090502:
200	+	OpenSSH 5.2p1 import
201	+
202	+	ale(4) connected to the build. (kernel module only)
203	+
204	+	20090501:
205	+	Imported makefs utility from NetBSD/FreeBSD
206	+
207	+	20090422:
208	+	OpenSSL security update
209	+
210	+	The function ASN1_STRING_print_ex does not properly validate the lengths
211	+	of BMPString or UniversalString objects before attempting to print them.
212	+
213	+	20090415:
214	+	Created a Symbol.map for libc/ohash symbols
215	+
216	+	Updated several usr/bin usr/sbin utilities.
217	+
218	+	Corrected a bug with Makefile.inc1 causing the bootstrap
219	+	tools to fail.
220	+
221	+	20090405:
222	+	xorg 7.4 wants to configure its input devices via hald which does not
223	+	yet work with USB. If the keyboard/mouse does not work in xorg then
224	+	add
225	+	Option "AllowEmptyInput" "off"
226	+	to your ServerLayout section.  This will cause X to use the configured
227	+	kbd and mouse sections from your xorg.conf
228	+
229	+	20090403:
230	+	mksh was disconnected a few day ago do to bugs with
231	+	buildworld and mports.  Now, connect it back
232	+	for use as /bin/sh with a conditional called
233	+	MK_ASH.  By default, ash is the standard /bin/sh
234	+	but we may change this later.  This will allow further
235	+	testing by users and developers of mksh without
236	+	causing an unpleasant default experience.  In the
237	+	long run, we need to fix mksh compatibility.
238	+
239	+	20090328:
240	+	Bring in mksh R37 from CVS. The dot.mkshrc files for root
241	+	and skel were changed.  mksh(1) now replaces ash aka sh(1)
242	+	as the default /bin/sh.  Please report bugs with
243	+	ports, etc. The ash code will remain in the repo for awhile
244	+	as I decide if we'll add something like MK_SHELL_ASH as
245	+	an optional build parameter.
246	+
247	+	ahd was disconnected from the lint environment until
248	+	the compiler bug is sorted (by updating gcc?)
249	+
250	+	Remove freebsd-tips from fortune files and change the
251	+	default for login and profile.
252	+
253	+	20090327:
254	+	Update libarchive to 2.5.5, tar, and add bsdcpio.
255	+
256	+	Also previously, ctriv has been connecting Perl 5.10
257	+	to the build (part of os).  This will have an impact
258	+	on mports.
259	+
260	+	20090325:
261	+	Update Bind to 9.4.3-P1
262	+
263	+	Update mksh to R36b
264	+
265	+	Update tcpdump to 3.9.8, fix libpcap to work with current.
266	+
267	+	Update pnpinfo, sync with FreeBSD.
268	+
269	+	20090115:
270	+	Fix a problem with DNSSEC and BIND.
271	+
272	+	20090110:
273	+	For applications using OpenSSL for SSL connections, an invalid SSL
274	+	certificate may be interpreted as valid.  This could for example be
275	+	used by an attacker to perform a man-in-the-middle attack.
276	+
277	+	Other applications which use the OpenSSL EVP API may similarly be
278	+	affected.
279	+
280	+	Stop cross site request forgery attacks in lukemftpd
281	+
282	+	20090104:
283	+	Import GNU libreadline 5.2
284	+
285	+	20090101:
286	+	Update time zone data to 2008i.
287	+
288	+	20081231:
289	+	Correct a problem where bluetooth and netgraph sockets are not
290	+	properly initialized.
291	+
292	+	Happy 2009.
293	+
294	+	20081206:
295	+	Due to the massive change in the underlying system under way,
296	+	we're naming the next release 1.0.  The sys/sys/param.h was
297	+	changed accordingly.  ipfilter and ncurses were corrected
298	+	using __MidnightBSD__ tests in the code.
299	+
300	+	The GENERIC kernel config was caught up on i386 today.  Consider
301	+	i386 still broken, but amd64 is running again.
302	+
303	+	mdoc.local was updated with the new MidnightBSD version info.
304	+
305	+	batt(1) was rewritten in C.  It now supports several flags and
306	+	runs about 8 times faster on my laptop.  The default output
307	+	shows the number of minutes of battery life remaining and the
308	+	percentage.  You can use -u to display the number of batteries or
309	+	-c to get script friendly output.  Consult the man page for more.
310	+
311	+	20081204:
312	+	Work has completed on importing ZFS, jemalloc, several
313	+	new devices, SCTP, updated pf, a new tempfs, linuxolator 2.6 kernel
314	+	support, improved locking for file desc., audit (openbsm),
315	+	openssl .98e, nfe, imporved intel high def audio, midi, updated
316	+	intel gigabit (em), support for several wifi cards (intel), ...
317	+
318	+	Renamed 0.3-CURRENT officially. Switched to using MidnightBSD version
319	+	data from param.h instead of the FreeBSD version.  This means
320	+	testing is now possible in the ports tree for the version
321	+	and that any ports or code relying on the FreeBSD version from
322	+	sys/sys/param.h will need to be fixed.
323	+
324	+	20080905:
325	+	update nve(4) to support new hardware.
326	+
327	+	20080801:
328	+	Import OpenBSM 1.0
329	+
330	+	Modify src/release to create 3 isos instead of 2 for packages.
331	+
332	+	etc/rc.d/firstboot now enables kdm, gnustep + slim and bsdstats.
333	+
334	+	Many ia64, alpha, powerpc items were removed.
335	+
336	+	The recent diffutils 2.8.7 import was fixed.
337	+
338	+	20080703:
339	+	pcc was not installed properly when setting DESTDIR for live cds,
340	+	or posibly jails.
341	+
342	+	20080627:
343	+	Add firmware(9), WEP, CCMP, TKIP to GENERIC.
344	+
345	+	Add glabel to GENERIC.
346	+
347	+	Intel ICH8 mobile chipset used on some iMacs included with ata.
348	+
349	+	pcc connected to the build on i386. (alternative compiler)
350	+
351	+	ath added to GENERIC.  (Atheros wireless NICs) on amd64/i386
352	+
353	+	20080528:
354	+	Sendmail 8.14.3
355	+
356	+	20080516:
357	+	ssh-vulnkey allows you to look for vulnerable ssh keys that
358	+	were generated on Debian and Ubuntu hosts over the last
359	+	few years.  sshd can block offending keys with a configuration
360	+	option.
361	+
362	+	The elf note on binaries is now set to MidnightBSD.
363	+
364	+	20080514:
365	+	Fixed a number of problems with pcc.  It is not yet connected
366	+	to the build, but usable on i386 hosts.  You may use it
367	+	by make; make install in /usr/src/usr.bin/pcc.  It will
368	+	install in /usr/local as some of the files conflict with
369	+	GCC versions. __MidnightBSD__ is defined in PCC as well.
370	+
371	+	System headers were fixed to allow pcc to compile many binaries
372	+	on MidnightBSD.  bin/cp will work now for instance.
373	+
374	+	20080430:
375	+	__MidnightBSD__ is now defined via gcc.  This can be tested
376	+	to determine we're running on MidnightBSD in the preprocessor.
377	+
378	+	20080429:
379	+	Import bind 9.4.2 with threading
380	+
381	+	libpthread (KSE) and libthr are built earlier
382	+
383	+	pcvt(4) removed!
384	+
385	+	Alias added for core2 cpus.
386	+
387	+	Alpha and PC98 only utilities removed from usr/sbin
388	+
389	+	syslogd, adduser, rmuser, mergemaster and mailwrapper have been
390	+	improved.  See the man pages for info.
391	+
392	+	periodic scripts will not send emails with empty message bodies.
393	+	See mailwrapper fix.
394	+
395	+	20080410:
396	+	Sync cpdup with DragonFly.  Add parallel transaction support and
397	+	-l flag to line-buffer stdout and stderr.
398	+
399	+	20080406:
400	+	Import bzip2 1.05
401	+	Import OpenSSH 4.9p1
402	+
403	+	20080322:
404	+	The default umask was changed to 022.
405	+
406	+	/usr/X11R6 paths were removed from several config files.
407	+
408	+	.mkshrc files are now installed for root.
409	+
410	+	20080316:
411	+	FIx a problem with gif0 tunnels and neighbors with IPV6.
412	+
413	+	20080312:
414	+	Add lndir from X.org.  This aides in the porting of MirPorts.
415	+
416	+	New OS versions were added to the mapage code (groff)
417	+
418	+	20080310:
419	+	Correct a buffer overflow in ppp.
420	+
421	+	20080308:
422	+	Remove /usr/X11R6 from manpath config.
423	+
424	+	20080307:
425	+	Atheros driver no longer has several options set
426	+	which corrects building in tinderbox on all three platforms.
427	+
428	+	Added a new macro to sx.h which returns true if the current
429	+	thread holds an exclusive lock on a specifix sx.
430	+
431	+	Removed OS/2's HPFS file system.   It's not maintained and
432	+	I don't know anyone using OS/2 or ecomstation these days.
433	+	My copy is in the closet collecting dust.
434	+
435	+	20080306:
436	+	Synced tinderbox with FreeBSD.  Modified it for MidnightBSD.
437	+	Developers can now use it to check src builds.
438	+
439	+	20080303:
440	+	Add mksh to /etc/shells, made some adjustments to options
441	+	for mksh builds per suggestion upstream.
442	+
443	+	USB HID table updated with modern hardware list.
444	+
445	+	Updated BSD family true (we're not in there yet)
446	+
447	+	iso3166 file updated and import of tzdata2007k for
448	+	new time zones.
449	+
450	+	Updated mksh to latest version R33.
451	+
452	+	20080228:
453	+	Remplaced the random IP id generation code with a new
454	+	version by Amit Klein.
455	+
456	+	20080221:
457	+	Sendfile write only permissions fix.
458	+
459	+	Removed some HPFS and PC98 code.
460	+
461	+	iso639 file sycned with DragonFly.
462	+
463	+	20080128:
464	+	Changed NTP configuration so that ips aren't cached
465	+	so multiple servers are used.
466	+
467	+	Fix an issue with fork() in libpthread.
468	+
469	+	20080121:
470	+	Add virtualization detection to set the HZ rate
471	+	according to a VM present.  VMWare and Parallels
472	+	should work better like this.
473	+
474	+	Change to full x11 install in sysinstall.  Add
475	+	xorg 7 support.
476	+
477	+	20080115:
478	+	Fix the handling of PTY's.  CVE-2008-0216
479	+
480	+	20080105:
481	+	mport delete code added, USE_MPORT_TOOLS knob aded.
482	+
483	+	20080101:
484	+	Happy New Year
485	+
486	+	20071123:
487	+	Update sendmail to 8.14.2
488	+
489	+	20071120:
490	+	Update system compiler to gcc 3.4.6.
491	+
492	+	20071023:
493	+	Updated mksh to R31d.
494	+
495	+	20070911:
496	+	Updated mksh to version R31b.
497	+
498	+	Fixed stderr output in libpthread.  Previously it was
499	+	written to stdout.
500	+
501	+	20070831:
502	+	Added dot.mkshrc file to support the recent change to
503	+	mksh from OpenBSD's ksh derived from pdksh.
504	+
505	+	Added new firewall configuration.  ipfw is enabled by default
506	+	with a "desktop" configuration.  Consult /etc/rc.firewall
507	+	or ipfw show to see the ruleset used.  You can disable
508	+	ipfw by setting firewall_enable="NO" in /etc/rc.conf This
509	+	change only effects IPv4.  IPv6 does not have a firewall
510	+	enabled by default.
511	+
512	+	20070814:
513	+	Removed GNU tar source.  We've been using BSD tar
514	+	for awhile.
515	+
516	+	20070806:
517	+	Finished removing umapfs and autofs from the tree.
518	+
519	+	20070804:
520	+	BIND and Tcpdump have been patched for recent vulnerabilities.
521	+
522	+	We switched to BSD cpio (pax).
523	+
524	+	20070719:
525	+	Imported cpdup from DragonFly as /bin/cpdup
526	+
527	+	20070716:
528	+	Update GNU cpio to 2.8.
529	+
530	+	20070410:
531	+	cvs was updated to 1.12.13.  cvsbug was removed.
532	+	cvs now behaves similarly to DragonFly's cvs with
533	+	most of their local changes.
534	+
535	+	20070409:
536	+	RELENG_0_1 was created. More aggresive changes will
537	+	continue here.
538	+
539	+	20070406:
540	+	Back out propolice.  propolice caused several problems
541	+	with our threading libraries libthr and libpthread.
542	+	curthread was often NULL after the patch and many
543	+	multithreaded applications would crash.  We plan to
544	+	work on either bringing in gcc 4.1 or developing a new
545	+	patch which also corrects our threading issues later.
546	+
547	+	It is more important to have a stable system for our
548	+	mport work and other projects at this time.
549	+
550	+	This is not a clean removal.  It is recommended that you
551	+	have a recently SNAP CD handy.  You can either reinstall
552	+	or perform a make buildworld and make buildkernel and
553	+	make installkernel.  Reboot on the cd and copy the contents
554	+	of /bin, /sbin, /lib, /libexec, and /usr/bin, /usr/sbin,
555	+	/usr/lib, and /usr/libexec to the respective directories on
556	+	your disk.  Then you should be able to boot into single user
557	+	mode and run make installworld.  You will need to run
558	+	chflags noschg on some of the files if you can't overwrite
559	+	them.
560	+
561	+	You will get __guard missing errors since we had to remove
562	+	this from libc.
563	+
564	+	You will need to rebuild any ports built while propolice was
565	+	installed.
566	+
567	+	20070401:
568	+	Importing propolice into MidnightBSD. Propolice is going to
569	+	provide us with much greater security and stability in the
570	+	long run. If upgrading from a pre-propolice system, please
571	+	follow the these instructions:
572	+
573	+	cd /usr/src/lib/libc && make obj && make && make install
574	+	cd /usr/src/gnu/usr.bin/cc && make obj && make && make install
575	+	cd /usr/src/lib/libpthread && make obj && make && make install
576	+	cd /usr/src/lib/libthr && make obj && make && make install
577	+	buildworld and kernel
578	+
579	+	It is adviced that any mports which were installed and/or built
580	+	prior to the propolice update also be updated. If any errors
581	+	or issue are encounted, please contact security@midnightbsd.org
582	+	and we will be sure to investigate and come up with an expeditious
583	+	fix.
584	+
585	+	20070314:
586	+	Remove send-pr from src.
587	+
588	+	Switch to NetBSD's gzip.
589	+
590	+	Bump MBSD minor revision.
591	+
592		20070313:
593		Imported OpenSSH 4.6p1.
594
#	Line 326 | Line 912 | Contact Warner Losh if you have any questions about yo
912		this document.
913
914		$FreeBSD: src/UPDATING,v 1.416.2.18 2006/02/22 11:51:57 yar Exp $
915	<	$MidnightBSD: src/UPDATING,v 1.13 2007/03/13 00:19:32 laffer1 Exp $
915	>	$MidnightBSD: src/UPDATING,v 1.94.2.7 2011/01/28 15:04:53 laffer1 Exp $

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines
>	Changed lines