1 |
< |
Updating Information for MidnightBSD users |
1 |
> |
Updating Information for MidnightBSD users. |
2 |
|
|
3 |
+ |
20120612: |
4 |
+ |
BIND security update related to CVE-2012-1667. |
5 |
+ |
|
6 |
+ |
Zero length resource records can cause BIND to crash resulting |
7 |
+ |
in a DOS attack or information disclosure. |
8 |
+ |
|
9 |
+ |
20120407: |
10 |
+ |
mksh R40f (fixes regression) |
11 |
+ |
|
12 |
+ |
20120328: |
13 |
+ |
mksh R40e |
14 |
+ |
|
15 |
+ |
Perl 5.14.2 |
16 |
+ |
|
17 |
+ |
20120229: |
18 |
+ |
cpucontrol(8) and cpuctl(4) added from FreeBSD 7-stable. |
19 |
+ |
|
20 |
+ |
20120209: |
21 |
+ |
mDNSResponder 333.10 imported |
22 |
+ |
|
23 |
+ |
20111227: |
24 |
+ |
import raid5 module for GEOM, graid5(8) |
25 |
+ |
|
26 |
+ |
This is experimental and known to use a lot of kernel |
27 |
+ |
memory. |
28 |
+ |
|
29 |
+ |
20111223: |
30 |
+ |
telnetd: fix a root exploit from a fixed buffer that was not checked |
31 |
+ |
|
32 |
+ |
pam: don't allow escape from policy path. Exploitable in KDE, etc. |
33 |
+ |
|
34 |
+ |
Fix pam_ssh module: |
35 |
+ |
|
36 |
+ |
If the pam_ssh module is enabled, attackers may be able to gain access |
37 |
+ |
to user accounts which have unencrypted SSH private keys. |
38 |
+ |
|
39 |
+ |
This has to due with the way that openssl works. It ignores unencrpted data. |
40 |
+ |
|
41 |
+ |
Fix security issue with chroot and ftpd. |
42 |
+ |
|
43 |
+ |
nsdispatch(3) doesn't know it's working in a chroot and some |
44 |
+ |
operations can cause files to get reloaded causing a security |
45 |
+ |
hole in things like ftpd. |
46 |
+ |
|
47 |
+ |
20111217: |
48 |
+ |
libdialog/dialog upgraded to an lgpl version. As it's not |
49 |
+ |
backwardly compatable, include the old libdialog as libodialog |
50 |
+ |
|
51 |
+ |
20111212: |
52 |
+ |
mksh r40d imported |
53 |
+ |
|
54 |
+ |
20111210: |
55 |
+ |
re(4) and rl(4) updated to support new chips. |
56 |
+ |
|
57 |
+ |
GEOM synced with FreeBSD 7-stable. |
58 |
+ |
|
59 |
+ |
MidnightBSD GPT partition types created in sys/gpt.h and |
60 |
+ |
setup in boot loader and GEOM. |
61 |
+ |
|
62 |
+ |
amdsbwd(4) (amd watchdog for south bridge) updated to support |
63 |
+ |
8xx series chipset. |
64 |
+ |
|
65 |
+ |
20111207: |
66 |
+ |
import bsd grep from FreeBSD/OpenBSD. |
67 |
+ |
|
68 |
+ |
MK_BSD_GREP controls which grep is installed |
69 |
+ |
as grep with the other as bsdgrep or gnugrep. |
70 |
+ |
|
71 |
+ |
20111122: |
72 |
+ |
mksh vR40c imported. |
73 |
+ |
|
74 |
+ |
20111117: |
75 |
+ |
BIND 9.6 ESV R5 P1 |
76 |
+ |
|
77 |
+ |
20111107: |
78 |
+ |
tzdata 2011n |
79 |
+ |
|
80 |
+ |
20111026: |
81 |
+ |
mDNSResponder v320 |
82 |
+ |
|
83 |
+ |
BIND 9.6 ESV R5 |
84 |
+ |
|
85 |
+ |
20111022: |
86 |
+ |
cflow 0.0.6 imported |
87 |
+ |
|
88 |
+ |
20111020: |
89 |
+ |
less v436 imported |
90 |
+ |
|
91 |
+ |
amdsbwd(4) AMD southbridge watchdog |
92 |
+ |
|
93 |
+ |
20111019: |
94 |
+ |
awk 20110810 imported |
95 |
+ |
|
96 |
+ |
et(4) Agere Gigabit Ethernet/Fast Ethernet driver added, but |
97 |
+ |
not included in GENERIC kernel. The kernel module needs |
98 |
+ |
testing before we can include it in GENERIC. |
99 |
+ |
|
100 |
+ |
intr_bind code ported to allow an IRQ to be bound to one |
101 |
+ |
specific CPU core. |
102 |
+ |
|
103 |
+ |
20111017: |
104 |
+ |
Time Zone Data v. 2011l (Released 10 October 2011) |
105 |
+ |
|
106 |
+ |
Updated list of countries (iso3166) to work with new timezone data. |
107 |
+ |
|
108 |
+ |
20111015: |
109 |
+ |
Introduce CPU Affinity in MidnightBSD. cpuset(1) can be used |
110 |
+ |
to control which core or group of cores can be used for a given |
111 |
+ |
process. Several new system calls were added to support this |
112 |
+ |
functionality in the running kernel and for 32bit binary |
113 |
+ |
compatibility on amd64. |
114 |
+ |
|
115 |
+ |
The scheduler default has been changed to ULE in i386 and |
116 |
+ |
amd64. Changes were made to both schedulers (4BSD AND ULE) |
117 |
+ |
for this feature. |
118 |
+ |
|
119 |
+ |
This work is based on Jeff Roberson's FreeBSD 7.1 patches. |
120 |
+ |
|
121 |
+ |
20111004: |
122 |
+ |
Fix a problem with unix socket handling caused by the recent |
123 |
+ |
patch to unix socket path handling. This allows network |
124 |
+ |
apps to work under the linuxolator again. |
125 |
+ |
|
126 |
+ |
20111001: |
127 |
+ |
Import libfetch & fetch(1) from FreeBSD 9. Passive FTP is |
128 |
+ |
now default and an environment variable must be set to use |
129 |
+ |
active. |
130 |
+ |
|
131 |
+ |
20110930: |
132 |
+ |
Introduce quirks handling for several umass devices including |
133 |
+ |
USB cameras. Add workaround for Cyberpower UPS devices. |
134 |
+ |
|
135 |
+ |
Bring in further bug fixes from FreeBSD and NetBSD for alc(4). |
136 |
+ |
Stale ip/tcp header pointers are no longer used, lockups fixed |
137 |
+ |
when network cable is unplugged on bootup, enable TX checksum |
138 |
+ |
offloading. |
139 |
+ |
|
140 |
+ |
Add a new man page for gcache(8), a useful geom class when |
141 |
+ |
working with large raid3 sets. |
142 |
+ |
|
143 |
+ |
Restore previous workaround for Cypress pata storage controller. |
144 |
+ |
|
145 |
+ |
20110929: |
146 |
+ |
Sync ath(4) with FreeBSD 7.3. |
147 |
+ |
|
148 |
+ |
The following modules are no longer available, and should be |
149 |
+ |
removed from loader.conf: |
150 |
+ |
ath_hal ath_rate_amrr ath_rate_onoe ath_rate_sample |
151 |
+ |
|
152 |
+ |
alc(4) would hibernate when a cable was unplugged and often |
153 |
+ |
required bring the interface down and up to "wake up" so that |
154 |
+ |
a connection could be established. Disable hibernation. |
155 |
+ |
|
156 |
+ |
20110928: |
157 |
+ |
Fix security issues with gzip and compress related to .Z |
158 |
+ |
files that are corrupted. |
159 |
+ |
|
160 |
+ |
Fix path validation with unix domain sockets. |
161 |
+ |
|
162 |
+ |
20110917: |
163 |
+ |
Remove dependance on mports perl for generating releases as |
164 |
+ |
it's in the base system. |
165 |
+ |
|
166 |
+ |
20110914: |
167 |
+ |
Import xz 5.0.3 with liblzma 5.0.3 |
168 |
+ |
|
169 |
+ |
20110813: |
170 |
+ |
synced the sparc64 GENERIC kernel configuration with amd64. |
171 |
+ |
|
172 |
+ |
20110806: |
173 |
+ |
sqlite 3.7.7.1 imported |
174 |
+ |
|
175 |
+ |
msearch(1), libmsearch and msearch.import added. msearch(1) provides |
176 |
+ |
a full text search command line tool. libmsearch can also be used |
177 |
+ |
to build a graphical based search in the future. You can enable |
178 |
+ |
index building for msearch in periodic.conf or manually run the |
179 |
+ |
/usr/libexec/msearch.index tool. Full text indexes take considerable |
180 |
+ |
space in /var. I'm using approximately 500MB currently. |
181 |
+ |
|
182 |
+ |
Fix a long standing bug with the periodic script to check package |
183 |
+ |
versions. This will be obsolete with mport though. |
184 |
+ |
|
185 |
+ |
20110710: |
186 |
+ |
kdb_enter_why added to MidnightBSD to allow the kernel debugger to |
187 |
+ |
know why it's in use and thus script can be run. |
188 |
+ |
|
189 |
+ |
Yet another problem with the perl manifest was fixed |
190 |
+ |
|
191 |
+ |
20110709: |
192 |
+ |
cpufreq(1) is a new utility to monitor CPU frequency which may change |
193 |
+ |
with use of powerd(8) and cpufreq(4). |
194 |
+ |
|
195 |
+ |
20110612: |
196 |
+ |
Update mksh to R40 |
197 |
+ |
|
198 |
+ |
Catch up ObsoleteFiles.inc to remove Perl 5.10.x. Good to run when |
199 |
+ |
updating current (cd /usr/src && make check-old) |
200 |
+ |
|
201 |
+ |
20110528: |
202 |
+ |
Fix CVE-2011-1910 in BIND 9.6.x. This affects caching resolvers. |
203 |
+ |
|
204 |
+ |
20110526: |
205 |
+ |
newfs: |
206 |
+ |
Raised the default blocksize for UFS/FFS filesystems from |
207 |
+ |
16K to 32K and the default fragment size from 2K to 4K. |
208 |
+ |
|
209 |
+ |
This should slightly imporve performance on "advanced format" |
210 |
+ |
hard drives such as the WD EARS drives. Drives of this type |
211 |
+ |
have emulation modes that slow down with lower sizes. Of course |
212 |
+ |
the drive must still be aligned properly when using fdisk. |
213 |
+ |
|
214 |
+ |
20110521: |
215 |
+ |
mport tool now has a deleteall command. This can be used to remove |
216 |
+ |
all packages from a system. |
217 |
+ |
|
218 |
+ |
A few bugs with the perl 5.14 import have been fixed. |
219 |
+ |
|
220 |
+ |
20110518: |
221 |
+ |
Perl 5.14.0 |
222 |
+ |
|
223 |
+ |
20110517: |
224 |
+ |
Sendmail 8.14.5 |
225 |
+ |
|
226 |
+ |
20110314: |
227 |
+ |
DRM/DRI code updated to support newer video cards. (FreeBSD 7.1) |
228 |
+ |
|
229 |
+ |
cdevpriv wrappers added |
230 |
+ |
|
231 |
+ |
nss_mdns hack introduced to work around linking problem. |
232 |
+ |
|
233 |
+ |
dnsextd fixed after update to mDNSResponder code. |
234 |
+ |
|
235 |
|
20110308: |
236 |
|
Introduce liblzma & xz 5.0.1 to the base system |
237 |
|
|
1203 |
|
this document. |
1204 |
|
|
1205 |
|
$FreeBSD: src/UPDATING,v 1.416.2.18 2006/02/22 11:51:57 yar Exp $ |
1206 |
< |
$MidnightBSD: src/UPDATING,v 1.119 2011/03/08 22:28:57 laffer1 Exp $ |
1206 |
> |
$MidnightBSD: src/UPDATING,v 1.160 2012/04/07 15:16:24 laffer1 Exp $ |