| 1 |
< |
Updating Information for MidnightBSD users |
| 1 |
> |
Updating Information for MidnightBSD users. |
| 2 |
|
|
| 3 |
+ |
20120612: |
| 4 |
+ |
BIND security update related to CVE-2012-1667. |
| 5 |
+ |
|
| 6 |
+ |
Zero length resource records can cause BIND to crash resulting |
| 7 |
+ |
in a DOS attack or information disclosure. |
| 8 |
+ |
|
| 9 |
+ |
20120407: |
| 10 |
+ |
mksh R40f (fixes regression) |
| 11 |
+ |
|
| 12 |
+ |
20120328: |
| 13 |
+ |
mksh R40e |
| 14 |
+ |
|
| 15 |
+ |
Perl 5.14.2 |
| 16 |
+ |
|
| 17 |
+ |
20120229: |
| 18 |
+ |
cpucontrol(8) and cpuctl(4) added from FreeBSD 7-stable. |
| 19 |
+ |
|
| 20 |
+ |
20120209: |
| 21 |
+ |
mDNSResponder 333.10 imported |
| 22 |
+ |
|
| 23 |
+ |
20111227: |
| 24 |
+ |
import raid5 module for GEOM, graid5(8) |
| 25 |
+ |
|
| 26 |
+ |
This is experimental and known to use a lot of kernel |
| 27 |
+ |
memory. |
| 28 |
+ |
|
| 29 |
+ |
20111223: |
| 30 |
+ |
telnetd: fix a root exploit from a fixed buffer that was not checked |
| 31 |
+ |
|
| 32 |
+ |
pam: don't allow escape from policy path. Exploitable in KDE, etc. |
| 33 |
+ |
|
| 34 |
+ |
Fix pam_ssh module: |
| 35 |
+ |
|
| 36 |
+ |
If the pam_ssh module is enabled, attackers may be able to gain access |
| 37 |
+ |
to user accounts which have unencrypted SSH private keys. |
| 38 |
+ |
|
| 39 |
+ |
This has to due with the way that openssl works. It ignores unencrpted data. |
| 40 |
+ |
|
| 41 |
+ |
Fix security issue with chroot and ftpd. |
| 42 |
+ |
|
| 43 |
+ |
nsdispatch(3) doesn't know it's working in a chroot and some |
| 44 |
+ |
operations can cause files to get reloaded causing a security |
| 45 |
+ |
hole in things like ftpd. |
| 46 |
+ |
|
| 47 |
+ |
20111217: |
| 48 |
+ |
libdialog/dialog upgraded to an lgpl version. As it's not |
| 49 |
+ |
backwardly compatable, include the old libdialog as libodialog |
| 50 |
+ |
|
| 51 |
+ |
20111212: |
| 52 |
+ |
mksh r40d imported |
| 53 |
+ |
|
| 54 |
+ |
20111210: |
| 55 |
+ |
re(4) and rl(4) updated to support new chips. |
| 56 |
+ |
|
| 57 |
+ |
GEOM synced with FreeBSD 7-stable. |
| 58 |
+ |
|
| 59 |
+ |
MidnightBSD GPT partition types created in sys/gpt.h and |
| 60 |
+ |
setup in boot loader and GEOM. |
| 61 |
+ |
|
| 62 |
+ |
amdsbwd(4) (amd watchdog for south bridge) updated to support |
| 63 |
+ |
8xx series chipset. |
| 64 |
+ |
|
| 65 |
+ |
20111207: |
| 66 |
+ |
import bsd grep from FreeBSD/OpenBSD. |
| 67 |
+ |
|
| 68 |
+ |
MK_BSD_GREP controls which grep is installed |
| 69 |
+ |
as grep with the other as bsdgrep or gnugrep. |
| 70 |
+ |
|
| 71 |
+ |
20111122: |
| 72 |
+ |
mksh vR40c imported. |
| 73 |
+ |
|
| 74 |
+ |
20111117: |
| 75 |
+ |
BIND 9.6 ESV R5 P1 |
| 76 |
+ |
|
| 77 |
+ |
20111107: |
| 78 |
+ |
tzdata 2011n |
| 79 |
+ |
|
| 80 |
+ |
20111026: |
| 81 |
+ |
mDNSResponder v320 |
| 82 |
+ |
|
| 83 |
+ |
BIND 9.6 ESV R5 |
| 84 |
+ |
|
| 85 |
+ |
20111022: |
| 86 |
+ |
cflow 0.0.6 imported |
| 87 |
+ |
|
| 88 |
+ |
20111020: |
| 89 |
+ |
less v436 imported |
| 90 |
+ |
|
| 91 |
+ |
amdsbwd(4) AMD southbridge watchdog |
| 92 |
+ |
|
| 93 |
+ |
20111019: |
| 94 |
+ |
awk 20110810 imported |
| 95 |
+ |
|
| 96 |
+ |
et(4) Agere Gigabit Ethernet/Fast Ethernet driver added, but |
| 97 |
+ |
not included in GENERIC kernel. The kernel module needs |
| 98 |
+ |
testing before we can include it in GENERIC. |
| 99 |
+ |
|
| 100 |
+ |
intr_bind code ported to allow an IRQ to be bound to one |
| 101 |
+ |
specific CPU core. |
| 102 |
+ |
|
| 103 |
+ |
20111017: |
| 104 |
+ |
Time Zone Data v. 2011l (Released 10 October 2011) |
| 105 |
+ |
|
| 106 |
+ |
Updated list of countries (iso3166) to work with new timezone data. |
| 107 |
+ |
|
| 108 |
+ |
20111015: |
| 109 |
+ |
Introduce CPU Affinity in MidnightBSD. cpuset(1) can be used |
| 110 |
+ |
to control which core or group of cores can be used for a given |
| 111 |
+ |
process. Several new system calls were added to support this |
| 112 |
+ |
functionality in the running kernel and for 32bit binary |
| 113 |
+ |
compatibility on amd64. |
| 114 |
+ |
|
| 115 |
+ |
The scheduler default has been changed to ULE in i386 and |
| 116 |
+ |
amd64. Changes were made to both schedulers (4BSD AND ULE) |
| 117 |
+ |
for this feature. |
| 118 |
+ |
|
| 119 |
+ |
This work is based on Jeff Roberson's FreeBSD 7.1 patches. |
| 120 |
+ |
|
| 121 |
+ |
20111004: |
| 122 |
+ |
Fix a problem with unix socket handling caused by the recent |
| 123 |
+ |
patch to unix socket path handling. This allows network |
| 124 |
+ |
apps to work under the linuxolator again. |
| 125 |
+ |
|
| 126 |
+ |
20111001: |
| 127 |
+ |
Import libfetch & fetch(1) from FreeBSD 9. Passive FTP is |
| 128 |
+ |
now default and an environment variable must be set to use |
| 129 |
+ |
active. |
| 130 |
+ |
|
| 131 |
+ |
20110930: |
| 132 |
+ |
Introduce quirks handling for several umass devices including |
| 133 |
+ |
USB cameras. Add workaround for Cyberpower UPS devices. |
| 134 |
+ |
|
| 135 |
+ |
Bring in further bug fixes from FreeBSD and NetBSD for alc(4). |
| 136 |
+ |
Stale ip/tcp header pointers are no longer used, lockups fixed |
| 137 |
+ |
when network cable is unplugged on bootup, enable TX checksum |
| 138 |
+ |
offloading. |
| 139 |
+ |
|
| 140 |
+ |
Add a new man page for gcache(8), a useful geom class when |
| 141 |
+ |
working with large raid3 sets. |
| 142 |
+ |
|
| 143 |
+ |
Restore previous workaround for Cypress pata storage controller. |
| 144 |
+ |
|
| 145 |
+ |
20110929: |
| 146 |
+ |
Sync ath(4) with FreeBSD 7.3. |
| 147 |
+ |
|
| 148 |
+ |
The following modules are no longer available, and should be |
| 149 |
+ |
removed from loader.conf: |
| 150 |
+ |
ath_hal ath_rate_amrr ath_rate_onoe ath_rate_sample |
| 151 |
+ |
|
| 152 |
+ |
alc(4) would hibernate when a cable was unplugged and often |
| 153 |
+ |
required bring the interface down and up to "wake up" so that |
| 154 |
+ |
a connection could be established. Disable hibernation. |
| 155 |
+ |
|
| 156 |
+ |
20110928: |
| 157 |
+ |
Fix security issues with gzip and compress related to .Z |
| 158 |
+ |
files that are corrupted. |
| 159 |
+ |
|
| 160 |
+ |
Fix path validation with unix domain sockets. |
| 161 |
+ |
|
| 162 |
+ |
20110917: |
| 163 |
+ |
Remove dependance on mports perl for generating releases as |
| 164 |
+ |
it's in the base system. |
| 165 |
+ |
|
| 166 |
+ |
20110914: |
| 167 |
+ |
Import xz 5.0.3 with liblzma 5.0.3 |
| 168 |
+ |
|
| 169 |
+ |
20110813: |
| 170 |
+ |
synced the sparc64 GENERIC kernel configuration with amd64. |
| 171 |
+ |
|
| 172 |
+ |
20110806: |
| 173 |
+ |
sqlite 3.7.7.1 imported |
| 174 |
+ |
|
| 175 |
+ |
msearch(1), libmsearch and msearch.import added. msearch(1) provides |
| 176 |
+ |
a full text search command line tool. libmsearch can also be used |
| 177 |
+ |
to build a graphical based search in the future. You can enable |
| 178 |
+ |
index building for msearch in periodic.conf or manually run the |
| 179 |
+ |
/usr/libexec/msearch.index tool. Full text indexes take considerable |
| 180 |
+ |
space in /var. I'm using approximately 500MB currently. |
| 181 |
+ |
|
| 182 |
+ |
Fix a long standing bug with the periodic script to check package |
| 183 |
+ |
versions. This will be obsolete with mport though. |
| 184 |
+ |
|
| 185 |
+ |
20110710: |
| 186 |
+ |
kdb_enter_why added to MidnightBSD to allow the kernel debugger to |
| 187 |
+ |
know why it's in use and thus script can be run. |
| 188 |
+ |
|
| 189 |
+ |
Yet another problem with the perl manifest was fixed |
| 190 |
+ |
|
| 191 |
+ |
20110709: |
| 192 |
+ |
cpufreq(1) is a new utility to monitor CPU frequency which may change |
| 193 |
+ |
with use of powerd(8) and cpufreq(4). |
| 194 |
+ |
|
| 195 |
+ |
20110612: |
| 196 |
+ |
Update mksh to R40 |
| 197 |
+ |
|
| 198 |
+ |
Catch up ObsoleteFiles.inc to remove Perl 5.10.x. Good to run when |
| 199 |
+ |
updating current (cd /usr/src && make check-old) |
| 200 |
+ |
|
| 201 |
+ |
20110528: |
| 202 |
+ |
Fix CVE-2011-1910 in BIND 9.6.x. This affects caching resolvers. |
| 203 |
+ |
|
| 204 |
+ |
20110526: |
| 205 |
+ |
newfs: |
| 206 |
+ |
Raised the default blocksize for UFS/FFS filesystems from |
| 207 |
+ |
16K to 32K and the default fragment size from 2K to 4K. |
| 208 |
+ |
|
| 209 |
+ |
This should slightly imporve performance on "advanced format" |
| 210 |
+ |
hard drives such as the WD EARS drives. Drives of this type |
| 211 |
+ |
have emulation modes that slow down with lower sizes. Of course |
| 212 |
+ |
the drive must still be aligned properly when using fdisk. |
| 213 |
+ |
|
| 214 |
+ |
20110521: |
| 215 |
+ |
mport tool now has a deleteall command. This can be used to remove |
| 216 |
+ |
all packages from a system. |
| 217 |
+ |
|
| 218 |
+ |
A few bugs with the perl 5.14 import have been fixed. |
| 219 |
+ |
|
| 220 |
+ |
20110518: |
| 221 |
+ |
Perl 5.14.0 |
| 222 |
+ |
|
| 223 |
+ |
20110517: |
| 224 |
+ |
Sendmail 8.14.5 |
| 225 |
+ |
|
| 226 |
+ |
20110314: |
| 227 |
+ |
DRM/DRI code updated to support newer video cards. (FreeBSD 7.1) |
| 228 |
+ |
|
| 229 |
+ |
cdevpriv wrappers added |
| 230 |
+ |
|
| 231 |
+ |
nss_mdns hack introduced to work around linking problem. |
| 232 |
+ |
|
| 233 |
+ |
dnsextd fixed after update to mDNSResponder code. |
| 234 |
+ |
|
| 235 |
|
20110308: |
| 236 |
|
Introduce liblzma & xz 5.0.1 to the base system |
| 237 |
|
|
| 1203 |
|
this document. |
| 1204 |
|
|
| 1205 |
|
$FreeBSD: src/UPDATING,v 1.416.2.18 2006/02/22 11:51:57 yar Exp $ |
| 1206 |
< |
$MidnightBSD: src/UPDATING,v 1.119 2011/03/08 22:28:57 laffer1 Exp $ |
| 1206 |
> |
$MidnightBSD: src/UPDATING,v 1.160 2012/04/07 15:16:24 laffer1 Exp $ |
