OpenBSD 6.5 Changelog

This selection is intended to include all important and all user-visible changes. For a complete record of all changes, please see the "source-changes" mailing list, called "OpenBSD CVS" in the archives, or use CVS.

For changes in other releases, click below:
2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, 3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6,
3.7, 3.8, 3.9, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 4.6, 4.7, 4.8, 4.9, 5.0, 5.1, 5.2, 5.3,
5.4, 5.5, 5.6, 5.7, 5.8, 5.9, 6.0, 6.1, 6.2, 6.3, 6.4, 6.6, 6.7, 6.8, 6.9, 7.0, 7.1,
7.2, 7.3, 7.4, 7.5, 7.6, current.

Changes made between OpenBSD 6.4 and 6.5

Added support for X722 to ixl(4).
Added wavelength, printing alarm low/high thresholds and a flag for warning/alarm indications when printing transceiver information in ifconfig(8).
Added support for fetching and parsing SFF module information and diagnostics to ifconfig(8). This supports ix(4) and some ixl(4) devices with up to date firmware.
Implemented support for SIOCGIFSFFPAGE in ixl(4) to allow userland reads of sfp/qsfp module information.
Added handling for missed service errors specific to isochronous transfers in xhci(4) to ensure transfer completion. This fixes crashes and deadlocks in upper layers.
Fixed URE_WDT6_SET_MODE register definition, allowing ure(4) detection after boot.
Began adding support to detect /bsd.upgrade kernel and boot from that if present rather than the default /bsd. This is intended to allow for unattended upgrades in future releases.
Made azalia(4) initialize Dolby Atmos codecs in the resume path, allowing stereo sound to persist across suspend/resume cycles.
Adjusted the logic for setting timeout to 0 in bgpd(8) to add an rpending flag set only when reading the session buffer was exited early because MSG_PROCESS_LIMIT was hit.
Changed to a stricter comparison when checking keyboard variants in wscons(4) to fix an issue where kbd(8) layouts with particular bitmasks were wrongly detected as French.
Added '-Dsnapshot' as a synonym for -Dsnap in pkg_add(1).
Switched to using rdsetroot(8).
Corrected printing of tcp(4) flag names to console in debug mode.
Loosened a kernel check in response to routing message address bits being set without corresponding socket addresses. This was keeping broken ports from working, so this change will act as a temporary workaround until bugs can be found and corrected.
Fixed hack(6) to write savegames and score files to the current directory instead of /var.
Altered audio(4) to try and start playback automatically as soon as there is enough data. Useful to quickly test and debug low level drivers with simple shell commands.
Added support to tcpdump(8) for printing cdp over both gre(4) and ppp(4).
Changed ospfd(8) to set the link ID of the type 3 link to the subnet's IP address, per RFC 2328.
Implemented legacy fallback for the TLS 1.3 client in ssl(3).
Provided ssl(3) chain/cert chain APIs, allowing chains to be managed on a per-certificate basis.
Improved support for tipmic(4) power management ICs on the ASUS E200HA.
Fixed a potential null-pointer dereference in acpi(4).
Added support to update over wireless with bwfm(4) network devices to arm64 bsd.rd.
Added support to rsync(1) for use of the -x option, which prevents crossing of file system boundaries. This behavior matches GPL rsync.
Added an argument in tmux(1) copy commands to set the prefix for the buffer name, allowing the buffers for different sessions to be named separately.
Fixed a bug by beginning to store and restore cursor across reflow in tmux(1) by working out a position based on unwrapped lines rather than a grid offset.
Stopped loading /etc/tmux.conf if given -f in tmux(1).
Edited bpf(4) to reject negative and too large timeouts passed to BIOCSRTIMEOUT. Negative timeouts could lead to a panic.
Moved to OpenSSH 8.0.
In ksh(1), bound ^L (ctrl-l) to clear the screen rather than redrawing.
Fixed a segmentation fault in dhclient(8) due to an uninitialized string.
Fixed a bug in radiusd(8) where the radius module doesn't work when the size of the radius message changes.
Corrected access to doorbell, fixing ring 2 test failure in radeondrm(4) on carrizo-l/mullins. This applies only to gfx7/sea islands hardware.
Disabled MSI for AMD Summit Ridge/Raven Ridge HD Audio in azalia(4) as a workaround for a bug where audio playback stops after varying amounts of time.
Restricted which filesystems are available for swap in vfs(9), ruling out obvious misconfigurations.
Introduced new variable NOLIBSTATIC= to prevent installation of a static library when it isn't built or is unwanted.
Fixed ddb(4) not to write its history out of the region.
Switched to the group number assigned in RFC8031 for curve25519 in iked(8), rather than a private-use group number.
Started deleting contents of /var/syspatch when upgrade completes. syspatch(8) did this when installing the first syspatch of a new release, and this will do it sooner.
Moved to 6.5 release. 'pkg_add -u -Dsnap' will now be needed until release.
Added a config option to specify the preference of name servers to unwind(8).
Stopped detaching non-removable sdhc devices during resume, allowing hibernation with the root filesystem on internal emmc.
Added printing of some msi and msi-x details to pcidump(8).
Changed 'vmctl status id' to report the VM's general state based on whether the host process is running. This makes vmctl(8) reliably report 'STATE: RUNNING' or 'STATE: STOPPED.'
Added human-readable parsing and display of RFC1035 data in the domain-search option of dhclient(8). It is now possible to append and prepend domains to the list provided by the server.
Fixed a crash in tmux(1) when scrolled lines became larger than the total lines.
Fixed the openssl(1) enc -iter flag, which uses the pbkdf2 key derivation function.
Ensured that vmm(4) flushes stale TLB entries when uvm(9) removes entries from a guest VM's EPT upon teardown or in low memory situations.
Enabled RF_KILL interrupts on resume for iwm(4).
Modified radiusd(8) to continue updating the authenticator and message authenticator, and to correctly display message-authenticator.
Made 'secret' a required configuration for both client and radiusd(8) module.
Fixed iwm(4) interrupt handler to set RUNNING flag when RF switch is enabled.
Added retguard macros to kernel setjmp()/longjmp() on amd64.
Improved support within imxgpc(4) for i.MX8MQ devices.
Stopped incorrectly advertising MCE/MCA support in vmm(4). This fixes a Linux guest VM boot problem on Ryzen machines. Stopped advertising support for SSBD and related speculative exec control features on AMD.
Modified the ddb(4) reboot command to skip anything which might cause an additional panic.
Changed rebound(8) to issue a warning and carry on in cases where inet6(4) is not available.
Implemented "Authentication Domain Names" configuration in unwind(8) per RFC 8310 section 7.1 for DoT servers.
Stopped using a prefetchable mapping for the registers for ixl(4) devices to prevent geneRation of pcie errors, then reenabled the full pre-reset code path.
Grew the minimum size of /usr to 1300M when using the disklabel(8) auto partitioner, as the bare minimum size of /usr for all amd64 install sets is 920M.
Fixed a memory leak in radiusd(8).
Changed the way bgpd(8) peers are reloaded by moving the struct peer into bgpd_config. Now parent and session engines are merging the lists.
Modified the autopartitioner in disklabel(8) to grow minimum size for /usr to 1300M, allowing space for the current amd64 minimum sets size of 920M used, additional space for upgrades and relinking of libraries and kernels.
Fixed output accounting when bridge(4) is down.
Restored -t behavior to route(8).
Corrected LED GPIO pin for AR9287-based usb devices.
Added the ability to openrsync(1) to combine rsync:// and -e by splitting rsync_socket() into rsync_connect to establish a TCP connection to the remote daemon, and rsync_socket() to run the actual protocol.
Fixed a memory leak in radiusd(8).
Added leaf function optimization for retguard which keeps the retguard cookie on register instead of storing it in frame.
Modified several daemons to avoid calling dup2(oldd, newd) when oldd == newd, preventing the descriptor from keeping CLOEXEC flag and being closed unexpectedly by exec().
Set -E disklabel(8) editing prompt to always display the disk device whose label is being edited and change '>' to '#' when in expert mode.
Adjusted unwind(8) to use getaddrinfo_async(3) when resolving captive portal hosts, rather than resolving internally.
Added retguard macros to setjmp(3)/longjmp(3) on amd64.
Restricted the number of allowed wsmux(4) devices to prevent malloc from panicking when the device minor is sufficiently large.
Modified pfctl(8) to fail on invalid netmasks when filling tables, preventing CIDR networks with more than one "/" from being loaded into tables.
Updated nsd(8) to 4.1.27.
Began to use stricter validation checks for A-MPDUs in the net80211 input path, requiring RUN state to accept A-MPDUs and refusing them from unassociating cients in hostap mode.
Corrected AR9287 USB device EEPROM read offset.
Adjusted midi(4)-related flow control messages to be sent only once half the client buffer space has been consumed, avoiding sending unneeded messages on the network.
Set aucat(1) to wait until server disconnect to close the socket, preventing loss of the last bytes.
Added support for Exar XR21V1410 USB serial adapters and added the uxrcom(4) driver to allow disabling of hardware flow control.
Added wsconsctl(8) support for display of fontwidth and fontheight values.
Fixed stop-selection in tmux(1).
Merged unbound(8) 1.9.1.
Fixed interaction between ClientAliveInterval and RekeyLimit that could cause an ssh(1) connection to close incorrectly.
Added pci(4) power-down support for AR8152 ethernet controllers.
In vmm(4), use sgdt/sidt to reset the GDT/IDT limits after exiting the guest VM on VMX, preventing a default limit set too high on exit.
Modified adjtime(2) to se EINVAL if delta overflows 64 bits of microseconds to be consistent with practices elsewhere.
Introduced a new rwlock, tc_lock, which allows adjfreq(2) and the kern.timecounter.hardware sysctl(2) to read/write the active timecounter pointer and the .tc_adj_freq member of the active timecounter safely. This prevents torn read/writes when dropping KERNEL_LOCK and ensures the active timecounter doesn't change during an adjfreq(2) call.
Fixed ssh(1) authentication failures when 'AuthenticationMethods any' in a Match block overrides a more restrictive global default.
Created a warning-no-op for openrsync(1) indicating that -z support is not yet written.
ospfd(8) now aborts reloading if the router-id changes.
Fixed issues with pctr(4) and suspend. cpu(4) callback will now restore the pctr(4) settings after suspend/hibernate.
Modified ssl(8) to defer signal algorithm selection until the certificate is known and it is time for signature generation.
Added a chain member to CERT_PKEY and provided functions for manipulating it.
Increased the default RSA key size to 3072 bits in ssh(1). This provides security equivalent to 128 bits, which is the smallest symmetric cipher enabled by default.
Added the syspatch(8) signify key for OpenBSD 6.6.
Switched to precision scrolling in wstpad in wscons(4).
Adjusted unwind(8) to check resolvers based on change of state rather than at regular intervals. Resolvers are now rechecked when no longer behind a captive portal.
Added a fix to azalia(4) for the right-side speaker on the Dolby Atmos system of the Huawei Matebook 1, allowing it to play in stereo.
Fixed route origin validation in bgpd(8).
Modified signify(1) such that -n will zero the gzip timestamp.
Used the debugger mutex for 'ddb_mp_mutex' to prevent a race condition that could leave it locked if one CPU incremented 'db_active' while another was in the critical section.
Added a simple spinning mutex for ddb(4) which spins even if 'db_active' or 'panicstr' has been set and disables IPIs in the critical section.
Moved adjtimedelta into the timehands and adopted the lockless read protocol used for system boot time and uptime to ensure safe read/writes for adjtime(2) callers.
Corrected DMA channel number selection on the AR816x family of controllers in alc(4).
Added support for Meinberg DCF600USB devices to umbg(4).
Prevented render nodes from being flagged as primary nodes by drm(4).
Added support for QCA AR816x/AR817x for alc(4).
Added -E option to specify an alternative escape character in cu(1).
Fixed rc.d(8) to correctly run an rdomain 0 rc.d daemon in rdomain 0 rather the current routing table when started from a non-default rdomain(4) shell.
Modified ixl(4) devices to run event callbacks directly in the atq processing, preventing multiple link state events from firing with the same callback and causing an infinite loop.
Corrected IPv6 parsing in sasyncd(8).
Changed the parsing of dhclient.conf(5) 'prepend' statements to 'supersede' and 'append' to 'default' when the option data cannot be prepended or appended to. A parsing warning will be issued to allow users to adjust their configuration files.
Began to ensure that outer ICMP packet destination IP and inner protocol packet source IP addresses match in ICMP and ICMP6 packets with pf(4), to prevent passage of nonsensical packets.
Switched to xorgproto.
Updated to xserver 1.19.7.
Added a cursor_character format to tmux(1).
Corrected a bug in mandoc(4) where an empty final line of input could lead to a buffer overflow.
Merged Mesa 18.3.5.
Addressed an issue with uaudio(4) where a busy system could cause audio playback to cease when a status of USBD_IOERROR led to erroring out early in uaudio_pdata_intr().
Extended the #[] style syntax to allow status lines in tmux(1) to extend up to five lines in height, configurable with a single option. Added the 'align' option for alignment within the status lline array, entries in tree mode and pane status lines; 'list' for the window list and 'range' to configure ranges of text for mouse bindings.
Edited vmctl(8) to allow an existing VM to be started by referencing its ID.
Added kubsan(4), an undefined behavior sanitizer for the kernel, which will print findings about undefined behavior at runtime to the system console. This is limited to architectures using clang(1) as their default compiler and is not enabled by default.
Made changes to rasops(9) to correct font filtering. Invoking the -l option of wsfontload(8) will now allow display of all currently loaded fonts.
Added format variables for default tmux(1) variables in various modes. Added a -a display-message flag to list variables with values.
Fixed tmux(1) to forcibly kill the previous job before starting new.
Installed rsync as openrsync(1).
Added support for configuring BIOCSFILDROP with tcpdump(8). This allows tcpdump to be used as a makeshift firewall.
Added the SM4 block cipher from the Chinese standard GB/T 32907-2016 to LibreSSL.
Fixed multiple buffer over-reads in ctfdump(1).
Changed dwiic(4) to fetch timing parameters from ACPI and have it attach on Intel 300 series devices.
Improved and enabled isochronous transfers in xhci(4). This allows laptop cameras on many newer laptops to work properly.
Fixed rad(8) to only accept one ICMPv6 and one route socket. This fixed a scenario where the ICMPv6 socket was also used as the route socket for a short while.
Changed slaacd(8) and rad(8) to refuse a control socket if it already has one.
Fixed ieee80211(9) autojoin for WEP networks by actually saving the WEP auth key.
Fixed display glitches in efifb(4).
Added a -v flag to tmux(1) to aid with debugging formats such as the status line format.
Changed printing of bgpd(8) configuration to show options set to non-default values.
Added a fallback of direct serial hardware access to uefiboot(8) for those UEFI machines that have serial ports but whose firmware does not have the serial io protocol.
Added acpicmos(4) to RAMDISK_CD for amd64.
Made searching for uppercase characters in less(1) use mbtowc(3) rather than the buggy and outdated step_char() and correctly use iswupper(3) rather than isupper(3), further improving UTF-8 support.
Fixed the balancing of octciu(4) work queue interrupts.
Backported support for probing ARMv8 hardware acceleration capabilities on armv7 in preparation for adding support for the probing code for arm64.
Improved speed of C++ unwinding by implementing a red-black tree based cache in libunwind.
Made rad(8) imsg(3) handling more paranoid.
Fixed resizing of tmux(1) control clients.
Cleaned up less(1) UTF-8 handling in backc() and do_append().
Modified tmux(1) to allow multiple modes to be open in a pane.
Changed tset(1) and ttys(5) to use hardware tabs as the default since almost all terminals now support them.
Added a new driver for USB Audio Class v2.0 devices to uaudio(4). The new driver maps audio blocks to USB transfers allowing precise synchronization and better reliability. This replaces the current one for USB Audio Class v1.0 devices.
Added copy_output() and underrun() methods to audio(4) to support drivers using bounce buffers (e.g. uaudio(4)).
Fixed delayed completions for isochronous transfers using uhci(4).
Added support for origin mode to tmux(1).
Separated fields output by pcidump(8) with commas since some fields are strings now.
Made slaacd(8) imsg(3) more paranoid for everything but the control socket.
Made vmd(8) to wait for the controlling end of a pty to become writeable before waiting for read events. This fixed an issue where a recent kqueue pty change caused vmd to hammer the log.
Added amdgpu to the list of possible driver firmware for fw_update(1).
Taught pcidump(8) about pci class and subclass names.
Moved adjtimedelta from kern_time.c to kern_tc.c in preparation for upcoming MP-safety changes to the timecounting layer.
Deleted unnecessary calls to setlocale(3) from touch(1), uuencode(1), uudecode(1), and spell(1). Also made usage() static and return from main() rather than exit(3).
Switched to the use of safe memory reclamation (SMR) in octcrypto(4/octeon) to reduce the need for atomic operations.
Made it possible to build xterm(1) with OPT_TRACE.
Changed acme-client(1) to use temporary strings for calls to basename(3) to make the code more portable, as basename can change the contents of its argument on other platforms.
Fixed 'announce inet none' for bgpd(8). It had cleared more than just the AFI/SAFI pairs where the AFI is inet.
Updated xf86-video-ati to 19.0.0. This fixes an Xorg segfault.
Made xterm(1) stop using its broken, hand-rolled wcwidth implementation in preference over the system wcwidth(3).
Fixed dirname(3) usage in acme-client(1) to be more portable.
Fixed a use-after-free in OpenSSH's pkcs#11 code.
Changed acpithinkpad(4) to default to the ACPI method and fallback to the CMOS method if the ACPI method fails. This makes screen backlight changes work for the x260. Unmasked the microphone mute event which is needed on the x260.
Updated Spleen kernel fonts to the latest released version.
Updated the error message that disklabel(8) displays for the interactive 'n' command to show that -F or -f is required.
Fixed booting on 486s without cpuid by returning early in microcode loading if cpuid is not available.
Improved cleanup of the configuration on shutdown of bgpd(8). This helps to detect memory leaks.
Improved portability of OpenSSH by moving checks for lists of users or groups into their own functions.
Modified sshd(8) to reset last-seen time when sending a keepalive. This prevents premature termination of a connection when ClientAliveCount=1.
Fixed parsing of rules using "once" in pfctl(8). 'match one' and 'anchor "a" once' had been erroneously allowed.
Unmasked keyboard brightness and screen brightness events in acpithinkpad(4). This keeps wscons(4) keyboard.backlight in sync and allows reaction to screen brightness keys. On newer ThinkPads, made thinkpad_brightness{up,down} use the ACPI method for adjusting screen brightness. This fixes screen brightness on the x270, x280, t470s, t470p, x1c6 and potentially additional models.
Modified ixl(4) to ignore rx interrupts before the interface is running. This prevents a crash in cases where the PXE rom has left rx interrupts pending.
Changed Mesa build to include LLVM support on amd64 and i386 now that libelf and a shared libLLVM are included in base. This will allow building of the radeonsi Mesa driver, adding accelerated support for radeon parts built on the Graphics Core Next (GCN) architecture.
Increased UFS dirhash memory slightly to increase directory performance now that very tiny machines are less common.
The install*.fs and install*.iso files increased in size due to clang library changes.
Built and installed llvm includes, llvm-config and a shared libLLVM, required to build the radeonsi Mesa driver.
Applied a background initialization progress fix from mfii(4) to mfi(4).
Combined queue drops with errors as fails when showing interface stats in netstat(1). To view queue drops or errors alone, use -d or -e respectively.
Exposed interface queue drops in the interface view of sysstat(1). Queue drops and errors may be viewed with the use of 'd' and 'e' respectively, or as a combined statistic, using 'f'.
Added support for RFC 6455 Websockets connection upgrade to relayd(8).
Modified pppx(4) to allow IPv6 to flow through.
Changed mandoc(1) #include sys/termios.h to #include termios.h to match that of other userland programs and improve portability to other systems.
Simplified xftcolor config for cwm(1).
Changed man(1) error message in cases where the manual page is not found and the architecture is unknown. It will now note the unknown architecture rather than the name of the manual page.
Finished removal of improper detection of input line breaks in mandoc(1), instead using the NODE_LINE flag.
Fixed an i386 segfault in ipsecctl(8) with the -ss option by adding padding to the struct sadb_x_counter to comply with alignment constraints documented in RFC 2367 (2.2).
Fixed a hang that could happen when more than one writer awaited a read-locked rwlock(9) by waking all waiters upon unlock.
Introduced handling of malloc(3) failure in nm(1) to prevent crashing with NULL pointer access.
Corrected an error where processing manual pages continued incrementing suffix numbering globally. The HTML formatter state is now reset after processing in mandoc(1).
Updated to libfontenc 1.1.4.
Removed use of unveil(2) from the unwind(8) main process to allow configuration reloading.
Increased the character limit for vm names to 64 for vmm(4).
Set a limit on the number of allowed stacked wsmux devices in wscons(4) to prevent exhaustion of the kernel stack.
Added a timeout to refill the rx ring when empty for em(4).
Fixed a crash where ld(1) would assume input files are ELF objects and try to free uninitialized memory.
Tied group number and name together during configuration in cwm(1).
Began UTF-8 cleanup of store_char() within less(1).
Increased accessibility for mandoc(1) through the addition of HTML sectioning elements.
Fixed bgpd(8) leak of non-dynamic objects on configuration reload when adding an already-present network to the list of announcements.
Improved handling of HT protection for 'mode 11n' hostap and switched to use of CTS-to-self frames rather than RTS/CTS for HT protection. Corrected ieee80211(9) misclassification of certain devices as 11a/g which led to unnecessary use of HT protection.
Corrected ieee80211(9) to pick up the AP's 11g ERP protection setting properly in 11n client mode.
Updated athn(4) to explicitly configure timing of control frames. The chip is updated with values for SIFS interval and ACK/RTS/CTS timeout with configuration changes, like ath9k in Linux.
Fixed two race conditions in sshd(8) relating to SIGHUP by extending messaging to communicate that it is safe for parent processes to restart.
Ensured expected behavior when setting PKCS11Provider=none in ssh(1).
Added new mmap(2) flag MAP_CONCEAL. Memory under MAP_CONCEAL is not written to the disk in the event of a core dump.
Ensured actions will not be carried out in cwm(1) using the last group when the requested one is not found.
Fixed bug where IPv6 fragments with malformed extension headers could be erroneously passed by or cause a panic in pf(4).
Set TLS handshakes to automatically complete as part of read/write calls to prevent attempts to read data that does not exist.
Added mpip(4), an IP tunnel interface for "IP Layer 2" over MPLS pseudowires. This can be used to quickly set up an IP tunnel over an MPLS fabric without the need to configure bgpd(8) and mpe(4) interfaces.
Modified iwm(4) to use CTS-to-self for HT protection if requested by the AP, rather than always using RTS.
Disabled RTS threshold by default for ieee80211(9). This has been replaced by a heuristic in 11n and is not clearly preferable in many situations. RTS will continue to be used for certain drivers and when 11g protection is enabled by the AP when 11b clients are around.
Implemented support for dynamic RTS threshold in MiRA, improving throughput and latency on 11n networks.
Fixed cases where iwn(4) scan misreported the channel of wifi networks.
Moved to 6.5 Beta.
Corrected return values for non-fatal TLS alerts to prevent attempted use of non-existent record data following user cancellation.
Improved handling of TLS errors in nc(1) to prevent silent failures.
Introduced safe memory reclamation (SMR), a mechanism for reclaiming shared objects that readers can access without locking. This provides a basis for read-copy-update operations. SMR-protected objects are not destroyed while readers are using them, and a callback may be scheduled with the use of smr_call(9) as an alternative to waiting.
Increased the built-in certificate validity for simple configurations in ikectl(8) from 365 to 4500 days, preventing the need to install new CA certificates on all client machines. Default validity for server certificates remains at 1 year.
Added bgpd(8) support for '*', local-as and neighbor-as for ext-community matching. If local-as/neighbor-as is used as an expansion of AS number then bgpd will default to the 4-byte AS type to encode the community.
Re-enabled interrupts on resume with RF switch disabled on iwn(4) devices.
Prevented packet loss due to rxr overfilling the ring buffer on ix(4) devices.
Implemented support for pwe3 ioctls.
Improved ixl(4) support to avoid a deadlock in ixl_down when calling ifq_barrier.
Added a configtest flag (-n) to cwm(1).
Corrected ssl(3) handling of oversize record layer writes.
Introduced 'group-close-[n]' action to cwm(1) to close all windows within a specified group.
Corrected ssl(3) build error on luna88k with gcc(1).
Added support for yv12 encoding to video(1).
Added Dynastream ANTUSB-2 to uscom(4) devices.
Removed -S from install commands across the tree.
Updated xterm to version 344.
Reworked iwm(4) Tx rate selection to increase Tx throughput, especially on clean channels.
Removed 11n support from AMRR in ieee80211(9).
Replaced several hand-rolled functions with wcwidth(3) in less(1) in an ongoing effort to improve unicode support.
Restored dhclient(8) behavior of clearing existing addresses when setting a new address.
Fixed a regression introduced in OpenSSH 7.9 where the client reused the server's algorithm lists for KEX, ciphers and MACs. Removed the diffie-hellman-group-exchange-sha1 KEX method.
Added support for recognition of the following arm CPUs: Cortex A76AE, Cortex Deimos, Neoverse E1 and Neoverse N1.
Updated the en_US.UTF-8 locale(1) to Unicode 10.
Improved the clang(1) X86FixupGadgets pass to further reduce ROP gadgets produced during compilation. Added a command line switch to disable this functionality.
Fixed strptime(3) to consume one leading space with %e iff given, allowing data from strftime(3) to round trip safely.
Changed ssdfb(4) to allow usage of mmap(2) so the framebuffer can be used outside of the kernel. Also allowed brightness levels to be changed.
Fixed an issue with xhci(4) transfers that could cause an "invalid CSW" error.
Changed rsync(1) --delete behavior to better interoperate with GPL rsync.
Implemented --numeric-ids in rsync(1).
Updated Xau(3) to 1.0.9.
Added TLSv1.3 alert handling to ssl(3).
Fixed an endless loop in sysctl(8) when sysctl(2) fails to retrieve sensor data.
Changed aucat(1) to use reallocarray(3) in place of potentially problematic usage of malloc(3).
Added Cortex A76 to the list of arm64 CPUs not affected by spectre variant 2 branch injection attacks.
Removed atomic_* operations in the tx start and completion paths of ix(4).
Addressed inconsistent behavior when ksh(1) evaluates arithmetical expressions.
Fixed tcp-md5 issues in bgpd(8) by making sure to set the sockaddr length field on the pfkey socket.
Repaired a regression in stmpd(8) 'hostnames' mapping to select hostname based on the IP address of a listener.
Prevented a panic in timeout_add(9) by rejecting negative input to spkr(4).
Adjusted vmm(4) to allow preservation and restoration of guest debug registers.
Completed various adjustments to allow for future support of flow-aware transport of pseudowires (RFC 6391).
Changed ether_output to use a routes gateway address (if available) for AF_MPLS frames.
Simplified NFS checking in rc(8) reorder_libs().
Added support for setting custom FastCGI parameters in httpd(8).
Adjusted ifconfig(8) to display whether bwfm(4) firmware is using 802.11AC.
Updated Mesa to 18.3.4. (Removed -fno-tree-pre from CFLAGS on sparc64 after the changes to login.conf removed the need to limit memory usage at build time).
Synchronized staff datasize-cur in login.conf(5) for hppa and sparc64 with the defaults for other architectures.
Implemented fixes for bgpctl(8) large community parsing.
Changed llvm PowerPC code generation to avoid generating unaligned floating point load and store instructions.
Fixed a race condition in wscons(4) involving the wsevsrc_* functions.
Made several improvements to the portability of bgpd code.
Added a vnode(9) error flag to prevent fsync(2) from reporting successful syncing when a past write failure has led to a buffer discard in vfs(9).
Added rsync(1) support for --port=PORT and ":port" in the rsync:// URL. Unlike in the original rsync, service names are supported.
Corrected usb(4) to publish a new attached device only once it is fully initialized, preventing a race condition.
Converted openssl(1) pkeyutl to the newer style of option handling.
Adjusted unwind(8) to restart the DoT resolver alongside the other resolvers when log verbosity changes.
Improved time interpretation for at(1) by assuming that a time that is already past refers to the next day.
Implemented the conv=fsync feature in dd(1) (mirroring GNU dd), performing an fsync(2) after the final write to output.
Added chown pledge(2) to rsync(1), allowing root to gift files to other uids.
Adjusted rsync(1) to set access time information with sub-second resolution.
Changed vmm(4) to allow guests to see PA bits in CPUID, removing an unintentional guest memory size limit of 64GB.
Fixed a case where ddb(4) would modify two variables instead of one on 64-bit architectures.
Relaxed userland stack pointer checking to allow PROT_NONE permissions on a page in addition to MAP_STACK.
Added support for -o, -D and -a in rsync(1).
Changed dpath pledge(2) to allow mkfifoat(2) and mknodat(2).
Allowed configuration of the rdomain for mpe(4) and mpw(4) interfaces.
Removed casts to (unsigned) to avoid range reduction bugs from parse.y based parsers.
Updated perl(1) to 5.28.1.
Added support for server and client finished messages in ssl(3) TLSv1.3 client implementation.
Added a new futex(2)-based rwlock(9) implementation. The existing rwlock implementation will be used for architectures lacking atomic primitives.
Changed socket(2) options to allow calling of SO_PEERCRED on sockets created with socketpair(2).
Adapted rsync(1) to use md4 from crypto(3).
Integrated group ID send/receive and remapping into rsync(1).
Added -g option and associated getpw pledge to rsync(1).
Simplified imsg communications and improved privilege separation of dhclient(8). resolv.conf.tail(5) will now be read (allowing additional details to be supplied) with each proposal.
Implemented support for -e and --rsh=name options in rsync(1).
Added long-opts aliases for single-letter options present in rsync(1). Added missing -no-OPT long options.
Adjusted bgpctl(8) show requests to handle the case where no neighbors are defined in bgpd(8).
Implemented handling of Certificate and CertificateVerify messages in TLSv1.3.
Began explicitly supporting VPNs in bgpd(8), redefining and changing the syntax of bgpd.conf(5). IMPORTANT NOTE: If MPLS VPNs are used, configuration will need to be adjusted.
Moved the on-disk trust anchor for unwind(8) to /var/db/unwind.key, as it doesn't need to be in a directory writable by group _unwind. Additionally, began tracking it in changelist(5).
Imported Kristaps' openrsync into the tree and began adjustment to match style(9) guidelines.
Removed the implicit RTF_MPATH flag that rt_ifa_add() set on new routes.
Simplified check for whether /usr/share is on an NFS filesystem in reorder_kernel.sh.
Corrected PPC target in llvm to reflect that a long double is the same as a double on OpenBSD/powerpc.
Set pkcs11.so to initialize pkcs11 interaction to allow it to ask for the smartcard's PIN during ssh-keygen(1) with -D.
Adjusted pfctl(8) parser to insist anchor names must not be empty.
Further simplifed trust anchor handling in unwind(8), allowing removal of wpath and cpath pledges from the parent process.
Set logging of X.509 peers' certificate subject names during tls client authentication in httpd(8).
Added Allwinner V3s support.
Adjusted scp(1) to accept shell-style brace alternations (e.g. "{foo,bar}") when verifying that filenames sent by the server match client requests.
Changed ssh(1) to log when a connection is dropped for attempting to run a command when ForceCommand=internal-sftp is in effect.
Updated to xf86-video-apm 1.3.0, xf86-video-s3virge 1.11.0, xf86-video-chips 1.3.0, xf86-video-i128 1.4.0, xf86-video-neomagic 1.3.0 and xf86-video-i740 1.4.0.
Fixed ipv4 checksum calculation for mpls_input.c that was being performed in memory half the necessary size.
Fixed a race condition for install(1). This patch makes the -S option a no-op, its functionality becoming the default behavior.
Fixed stack info leak in execve(2).
Made clear in the documentation that httpd(8) supports fastcgi over TCP.
Imported unbound(8) 1.9.0 and updated unwind's copy of libunbound.
Removed rpath from the pledge in cut(1) when only stdin is used.
Rewrote trust anchor handling in unwind(8) to stop using libunbound's auto trust anchor feature, allowing tightening of the resolver process pledges.
Implemented processing of EncryptedExtensions in the ssl(3) TLSv1.3 client.
Added lock stack trace saving for witness(4). This setting is not enabled by default.
Adjusted bwfm(4) to correct possible memory leaks by changing it to consistently use m_freem(9) and adding an assert to identify overruns of the task ring queue.
Reworked fec(4) handling of descriptors and buffers. Added recovery in the case of a full transmission queue.
Improved handling of roff identifiers that end with a tab character in mandoc(1).
Fixed a possible memory leak in tcp_usrreq().
Replaced overlapping memcpy(3) with memmove(3) in getpathname() for fsck_ffs(8) and fsck_ext2fs(8).
Added display of rcpt address for RCPT errors in smtpd(8).
Added -b to display-panes like run-shell in tmux(1).
Fixed addend handling for relaxing R-PPC-PLTREL24 relocations in ld.bfd(1), making -Wl and -relax work well enough to link base clang on macppc.
Fixed a potential out-of-bounds read when regcomp(3) is passed a bad expression.
Adjusted ps(1) to work in single user mode where /var/run is unavailable or in cases where /dev does not exist.
Added an example unwind.conf(5). (Note that unwind(8) works without a config file in many cases).
Converted openssl(1) pkey to the newer style of option handling.
Added handling of Cisco's Encapsulated Remote Switch Port Analyzer (ERSPAN) protocol to tcpdump(8).
Fixed printing of major and minor from dev_t in various parts of the tree.
Fixed NULL-deference crash in ssh(1) in the PKCS#11 code.
Fixed a potential mbuf double free in the out-of-band soreceive() path.
Added support for defining variables through the environment in pkg-config(1).
Implemented as-override in bgpd(8), a feature where the neighbor AS is replaced by the local AS in AS paths.
Added --validate flag to pkg-config(1) and updated version to 0.29.0.
Added a pthread_get_name_np(3) to match pthread_set_name_np(3) in pthreads(3).
Fixed an undefined case when neither -msave-args or -mno-save-args are specified in LLVM.
Imported libc++, libc++abi and libunwind version 7.0.1.
Adjusted members of glob_t to match POSIX in glob(3). IMPORTANT NOTE: This required a libc major version bump.
Implementing parsing and processing of TLSv1.3 ServerHello messages in ssl(4).
Fixed a panic caused by bwfm(4) by handling control messages that exceed MLEN.
Applied a fix to update the caller-supplied pointer in semundo_adjust() to prevent a potential use-after-free panic.
Allowed tun(4) access to AF_MPLS packets from userland.
Converted openssl(1) rsautl to the newer style of option handling.
Improved support for Marvell wi-fi microcontroller SoCs with the creation of the mvgicp(4) driver.
Fixed exception handling issues with clang++(1) on platforms not using ld.lld(1) as the default linker.
Added captive portal detection for unwind(8).
Enabled -msave-args when building an amd64 kernel with clang(1).
Increased datasize in login.conf(5) for sparc64 to accommodate Mesa.
Adjusted pfctl(8) to show the routing address selected by "route-to" when "pfctl -s states" is used.
Improved stack trace saving on amd64 and i386.
Added retries to acme-client(1) when not all challenges are validated.
Fixed wscons(4) to remove a potential use-after-free panic involving wskbclose().
Fixed ixl(4) calculation of physical function ID, improving the function of the second port on dual port cards.
Added libelf to allow future use by Mesa.
Applied connection timeouts from an initial ssh(1) attempt to subsequent attempts.
Fixed lost interrupts in fec(4) which could lead to full TX queues.
Incremented efiboot version to 0.14. This is the first version to support softraid(4).
Added kernel locking for clocks in clock_gettime.
Adjusted pf.conf(5) to allow non-numerical port specifications in line with other rules and added an error message regarding ranges without start values.
Fixed compilation of amd64 kernel when optimization is disabled.
Improved mandoc(1) tbl(7) centering in mdoc(7) documents.
Implemented booting from softraid on arm64.
Modified unwind(8) to grant non-privileged users access to status information. Use of reload and logging commands requires root.
Enabled unused IQ/ADC calibration code in the athn(4) driver. Completed and enabled noisefloor calibration code.
Adjusted tc_setclock not to rewind the system uptime during resume/unhibernate.
Corrected handling of TLS sigalgs extensions for TLSv1.0/TLSv1.1 for ssl(3).
Modified bwfm(4) to query firmware for RSSI levels and current transmit rate on behalf of ifconfig(1).
Implemented -msave-args in clang(1)/llvm.
Updated compiler-rt to 7.0.1.
Enabled CRYPTO for arm64 RAMDISK to allow use of softraid(4) crypto during installation.
Fixed a bug in calendar(1) that led to duplicate display of events when -B was used.
Improved imsg processing in unwind(8) to be more paranoid, excepting the control socket (so users can't bring down unwind).
Adjusted pckbc(4) to discard unwanted mouse events from the keyboard input channel while on the console.
Modified mail.lmtp(8) to strip carriage returns from lmtp responses.
Added a dedicated sysctl(2) node for witness(4).
Imported Mesa 18.3.2.
Modified rtwn(4) to accept control frames in monitor mode.
Made -N and -r mutually exclusive in pfctl(8), allowing either disabling DNS or enabling additional reverse lookups, not both.
Enabled ixl(4) on sparc64.
Implemented -a ("archive" mode, synonymous with -RpP) for cp(1).
Adjusted fstat(1) to filter multiple pids and multiple users at the same time.
Switched i386 to use lld as the default linker.
Stopped accounting/updating priorities for idle threads, fixing an accounting bug where top(1) would report high CPU usage for idle threads of secondary CPUs right after booting.
Implemented the ability to break into ddb(4) using imxuart(4).
Modified ld.lld(1) to produce binaries compatible with the W^X implementation on i386.
Unveiled _PATH_DEVDB in su(1) and wall(1) due to the use of ttyname(3).
Added domain-s (DNS over TLS) to services(5).
Imported LLVM 7.0.1 release.
Implemented DNS over TLS (DoT) in unwind(8).
Added a kernel fix for a potential panic when a negative value is used to index an array, validating in wscons(4) the user-supplied device index given to WSMXUIO_ADD_DEVICE.
Adjusted mpe(4) mpls rtable behaviour to match mpw(4), removing a special case in mpls_input. Reworked mpe_input to patch ipv4 checksum and handle ipv6.
Added 'uselease' statement to dhclient(8) to replace 'append,' 'default,' 'ignore,' 'prepend' and 'supersede' actions on lease-provided values.
Improved support for nmea(4) devices, providing altitude and ground speed values as sensors.
Added an scp(1) client check for whether filenames sent during remote -> local directory copies satisfy the user-specified wildcard, and a -T flag to disable this functionality in case of this check rejecting wanted files.
Made ssh-keyscan(1) return a non-zero exit status if it finds no keys.
Added a delay to fix pms(4) touchpad driver issue on ThinkPad X1 Gen6.
Tagged the start of witness(4) output with prefix "witness:" to allow easier data extraction.
Changed an abort(3) call to an _exit(2) in crypto(3) to guarantee termination of the running program without potentially leaving key material in core files.
Fixed a double free in ldap(1).
Eliminated a bug wherein the ttl 0 could be incorrectly decremented to ttl 255 for incoming mpls packets.
Fixed microsecond output of timestamp deltas (-tttt) for tcpdump(8).
Enabled ccp(4) on arm64 and armv7 ramdisks.
Set ssh(1) to accept the host key fingerprint as a synonym for "yes" when accepting an unknown host key, allowing pasting of fingerprints obtained through other means to have the client perform the comparison for you.
Forced progressmeter to update at the beginning and end of a transfer, fixing a bug where it wouldn't display on quick scp(1)/sftp(1) transfers.
Fixed a crash on long lines when switching to another file in vi(1).
Increased default datasize on arm64 to 768M to prepare for building clang 7.
Removed SHA224 and GOST-based signature algorithms from use in TLS 1.2.
Set route(8) to display the same flags in RTM_IFINFO messages as ifconfig(8).
Reworked mpw(4) to be an actual ethernet interface.
Removed support for obsolete "host/port" syntax in ssh(1). This is no longer commonly used and may be confused with CIDR notation.
Changed bridge(4) to only copy packets for span ports if the bridge is up.
Imported unwind(8), a hybrid validating stub and recursive resolver. It actively observes the local net to decide how best to resolve names.
Moved 802.11n rateset definitions out of MiRA to make them available to net80211 and drivers in general. Added short guard interval support.
Added the apm(4) subsystem to arm64.
Taught ldpd(8) to ask if a potential pseudowire interface is pwe3-capable.
Changed scp(1)/sftp(1) to sanitize scp filenames via snmprintf.
Allowed auto-incrementing of certificate serial number for certificates signed in a single command line for ssh-keygen(1).
Reworked how tcp(4) md5 signatures are configured in ldpd(8). Now configuration is allowed against a prefix in addition to a neighbour.
Added a specific panic to stop the kernel booting in case of an RPC error during NFS boot of a diskless(8) host.
Pledged video(1) in response to the newly-added promise.
Reordered PCI device assignment in vmd(8) to fix Linux network interface numbering. Previously, changing assigned disks would change the interface name under some Linux distributions. IMPORTANT NOTE - if you have existing Linux guest VMs, you'll need to modify your configuration files on a one-time basis.
Increased maximum MTU of bnxt(4) to match the linux driver.
Provided SSL_get_client_ciphers() and SSL_get1_supported_ciphers() (part of the OpenSSL 1.1 API).
Added support to crypto(3) for xchacha20 and xchacha20-poly1305, extending the nonce range and allowing use of random nonces.
Modified syspatch not to return an error if a rollback is attempted when no patches have been installed.
Syspatch(8) now warns the user to reboot after installation of a new kernel and identifies the location of errata on the local machine.
Removed undocumented 24 hour limits for timeouts from select(2), pselect(2), poll(2) and ppoll(2).
Added a -J option as a shortcut for -o Proxyjump= to scp(1) and sftp(1) to match ssh(1)'s interface.
Switched sntrup implementation source from supercop to libpqcrypto in ssh(1).
Added the ability to parse epoch seconds to strptime(3). Added a -f pformat flag to parse the given time with strptime to date(1).
Fixed problem where unveil(2) system call can leak memory.
Added video promise to pledge(2), allowing ioctls on video(4) devices selected from video(1) and firefox wbrtc implementation.
Introduced a dedicated entry point data structure for file locks.
Provided the initial TLSv1.3 client implementation in LibreSSL.
Introduced -v flags for ssh-add and ssh-pkcs11-helper in ssh(1).
Improved logging to record actual time values and specify whether a TLS certificate is not yet valid or expired when using ntpd(8) constraints.
Factored out several functions duplicated between client and server for ssh(1).
Removed obsolete SSH v.1 functions in ssh(1).
Enables manual validity checking for constraints in the X.509 certificate in ntpd(8). This should prevent failure of automatic validity checking based on incorrect system time, allowing use of the HTTP header's report of server time.
AMD64 machines will now support 2TB of physical memory, extendable in the future.
Improved handling of CPUID[1].ECX[OSXSAVE] bit.
Adjusted bgpd(8) to use Adj-RIB-Out to push UPDATE messages to peers, improving memory usage.
Made handling of MSR_SMBASE and MSR_SMM_MONITOR_CTL more correct in vmm(4). These will now generate general protection fault as per spec.
Adjusted mac filters to allow viewing vlan traffic and arp requests on vlans in ixl(4).
Added refresh for arp(8) entries that are about to expire.
Added support in bgpd(8) and bgpctl(8) for group descriptions in control messages that accept a neighbor description.
Added support for ECDSA keys in PKCS#11 tokens.
Added a -T option to test whether ssh(1) keys in an agent are usable.
Imported xorgproto 2018.4.
Added support for a new kcov(4) trace mode called KCOV_MODE_TRACE_CMP to trace comparison instructions and switch statements, usable during fuzzing to generate even more coverage.
Set the shell to strip quotation marks from daemon_flags when starting a daemon with rc.d(8), making the details in pexp match what appears in the process list.
Restored correct display of treasure when snake runs over the money in snake(6). Adjusted cursor location during space warp and display of the pinball bonus.
Changed imsg header definitions to use standard types.
Fixed BN_is_prime_* calls in libcrypto(3), openssl(1), ssh(1) and sshd(8).
Handled link state change interrupts in ixl(4).
Serialized tc_windup() calls and modified some timehands.
Committed refactored ssh(1) packet parsing API.
Changes to dhclient(8) now handle changes to SSID or LLADDR by retrieving a new lease. This mproves performance when join connects to new networks.
Improved join error handling inifconfig(8).
Added a pwraction sysctl(8) that allows conversion of a power button into a sleep button if desired.
Set an ssh(1) password prompt to begin with a carriage return to obscure portions of a password entered too early.
Enabled myx(4) on the large ramdisk for amd64.
Finished randomizing remaining layers of pmap_kernel.
Enabled ixl(4) on amd64.
Added a TLS record handling implementation.
Moved boottime into the timehands.
Added a partial port of EC_KEY_METHOD from OpenSSL 1.1 to libcrypto. Added various apis from OpenSSL 1.1 to LibreSSL.
Set removal of a currently active network from the join list to disconnect as well.
Added "join any" option to allow users to automatically connect via join() to any open wifi network. Known networks are preferred.
Increased the socket buffer size for sendsyslog(2) to 1 MB for fewer messages dropped by syslogd(8).
Updated to libpixman 0.36.0 in xenocara.
Added protective check for negative length integers in nfs clients and servers, as well as negative length NFS strings.
Reconnected bfd(4) to the build after updating for sounlock() api change.
Set dhclient(8) to ignore HUP signals. Starting a new dhclient will handle this use case by killing and executing a new copy.
Began validating relative timeout before sleeping for futex(2).
Began validating inputs to adjtime(2), settimeofday(2) and clock_settime(2).
Changed the default digest type to sha256 for openssl(1). Added support for pbkdf2 with OpenSSL-compatible flags.
Removed vmm(4) and disabled vmd(8) and vmctl(8) for i386 host systems.
Renamed TLS extension-handling functions to better fit TLSv1.3.
Enabled use of a 64-bit register when required for inline assembly on sparc64, correcting sparc64 kernels compiled with clang(1).
Continued work to prepare the network stack for fine-grained locking.
Added support for the SSD1306 OLED display.
Modified signify(1) and doas(1) to prevent passwords from being retained in memory when errors are encountered.
Prevented users from specifying multiple join or nwid arguments in one ifconfig(8) call.
Fixed crash conditions in unveil(2), along with some cases where unveil would return ENOENT instead of EACCESS.
Enabled bwfm(4) in RAMDISK_CD for amd64, allowing use during installs.
Laid groundwork for TLSv1.3.
Added a -h flag to sftp(1) chown(8), chgrp(1), and chmod(1) commands to request they not follow symlinks.
Added support for a "lsetstat@openssh.com" extension. This replicates the functionality of the existing SSH2_FXP_SETSTAT operation but does not follow symlinks.
Updated to exit syspatch(8) correctly after updating itself. Improvement to readability of patches to install on first boot.
For external LSAs the type (1 or 2) is encoded in the metric field. Fixed a problem where ospfd(8) and ospf6d(8) overwrite this information when "depend on" is used and the specified interface is down.
Added Allwinner H3/H5 ohci(4) clocks.
Repaired inter-word spacing of postscript and pdf outputting by mandoc(1).
Corrected setting of default colours in tmux(1).
"No data" frames will no longer be processed in ieee80211_input(9) before decryption and incorrectly counted as decryption failures.
Characters that will not be copied are no longer highlightable in tmux(1).
Allowed programs to set the Checking Disabled flag on DNS requests.
Prevented ntpd(8) from starting when an instance is already running.
Added support for building sparc64 kernels with clang(1).
Fixed mailq(8) output for smtpctl(8).
Code review and clean up of locate(1).
Fixed minor issues in ksh(1).
Modified ttyflags(8) to improve memory usage.
Cleanup and improvement of dhclient(8).
Redundant debug message removed for iwn(4).
Added support for gpio(4) bus and improved card detection on Octeon systems.
Fixed an off-by-one error in pfkeyv2_sysctl_policydumper().
Improved support for Broadcom trackpad mouse ubcmtp(4) by validating interfaces and claiming them during *attach().
Validated interfaces for if_ral passed to *match().
Improved syslog(3) to support program names including "." and "_".
Updated xf86-video-ati to 18.1.0.
Set clang(1) to disable the correct performance options based on architecture. Clang now checks CPU architecture and not system architecture when setting protection flags.
Enabled uhci(4) USB support for ARMv7.
Fixed pfctl(8) to exit immediately when -i interface is given with -F all to prevent invalid usage from flushing anything.
Modified pfctl(8) to warn about table namespace collisions across all anchors and during -n test runs as well.
Antiquated mincore(2) will not be needed and was removed, eliminating an interface that exposed physical machine information unnecessarily.
Bug fixes for otus(4) devices based on the Atheros AR9001U chipset.
Changed mandoc(1) html output to display tooltips using css exclusively.
Clarified in documentation that OpenBSD ignores the LC_NUMERIC category as a safety practice, and outlined best practices for portable programs.
Addition of the imxsrc(4) i.MX system reset controller driver, used to assert the reset pins for the PCIe controller, etc.
Bug fixes in pfctl(8).
Added abcrtc(4) Abracon AB1805 real-time clock driver.
Eliminated alloca(3) call from vioqcow2.c and replaced with malloc(3) to prevent known-location object placement by an attacker.
Implemented Event()/Signal()/Wait() AML operations for acpi(4).
Improved the "not my pool" searching loop in malloc(3) and made the number of pools variable. Optimization of multi-threaded case by adjusting default number of pools to 8.
Hacking on virtio(4), including defines, bug fixing and pci device list.
kern_time.c will not allow cancellation of ongoing adjtime(2) until after full permission checks.
Adjusted nc(1) to use memset(3) instead of bzero(3) for portability and POSIX compliance.
Pledge(2) and unveil(2) unbound-anchor(8).
Improved portability of mandoc(1) to other operating systems. Improved html and css used for html generation.
Prevented radeondrm(4) from using aperture memory to overlap the framebuffer.
Improved ddb(4) readability by printing right-aligned hex values.
Fix for rcs(1) to allow correct lock resolution before expansion of keywords, so expansion can happen with the correct values and files don't show up as modified.
Added the ability for arm64 efiboot to boot from partitions other than "a".
Spleen font enabled in wsfont, along with font selection logic to allow selecting larger fonts when available at runtime in rasops(9).
Implemented an if_enqueue handler for vlan(4), bypassing the ifq handling for a performance improvement in particular configurations.
Disabled ret-protector and retpoline protections in the clang(1) compiler to regain build performance.
Adjusted httpd(8) to start when TLS is configured but keys and certificates are not yet present.
Fixed snmpd(8) child processes so they properly detach from the terminal.
Moved /etc/acme-client.conf to /etc/examples/acme-client.conf.
Changed ksh(1) to skip most of the mail check if MAIL is not set.
Made ntpd(8) log DNS failures, even if they are only temporary.
Made the output of usbdevs(8) fit in 80 characters when a serial number is printed.
Added inteldrm for fw_update(1).
Made mdoc(7) represent .Pp, .sp, and some SYNOPSIS and .Rs features with the HTML p element.
Added a pledge(2) to the parent process of file(1).
Added the ability to exit grdc(6) by pressing "q".
Cleaned up and corrected various output quirks in mandoc(1).
Simplified the code in dhclient(8) that processes bpf(4) captures.
Corrected HTML output errors emitted by mandoc(1) for man(7) .RS blocks.
Corrected accounting of the memory allocated when creating a set in bgpd(8).
Updated xf86-video-mga to version 2.0.0 and xf86-video-mach64 to 0.9.6.
Fixed the incorrect assumption there was no such thing as an "mda session" in smtpd(8) so the session id is logged properly.
Introduced an smtpd 'timeout' reporting event to smtpd(8) to notify filters that a timeout occurred during the smtp session.
Added support for ohci(4), as found on the pine64 and enable it for RAMDISK as well.
Stopped tail(1) from reopening the file when it is stdin.
Made the kernel build without INET6 again.
Fixed a memory leak of ciphercontext when rekeying in ssh(1).
Added a simplebus print function so unconfigured devices appear in the dmesg(8) of arm64 systems.
Increased MAXTSIZ to 256MB because large binaries have grown even larger when compiled with retpoline.
Made smtpd(8) stop stripping the escaping of dots when sending to filters to prevent truncated mail.
Added SNMPv3 support to tcpdump(8). The "-vv" option can be used to retrieve the asn1 dumps.
Added a timeout to refill the mbufs if dwxe(4) runs out of mbufs for the RX ring.
Fixed pfctl(8) to print usage and exit in cases where only one of "-t table" or "-T command" is present.
Changed ospf6d(8) to detect and remove routes with priority RTP_OSPF that were inserted by another program into the kernel routing table.
Added support for the Abracon AB1805 Real-Time Clock and similar variants with abcrtc(4).
Made ospfd(8) send a router LSA update when an interface has been removed.
Added the configuration option "fib-priority" to ripd(8) which allows setting a custom priority for routes ripd inserts into the kernel routing table.
Changed nanosleep(2) to loop tsleep(9) to ensure coverage of the full timeout range. While here, remove the hundred million second upper bound.
Fixed user(8) to experience a fatal error should a bad uid range be specified on the command line.
Changed uudecode(1) to print the offending ASCII code when an invalid character is found in the encoded stream.
Numerous cleanups and code refactoring in mandoc(1).
Turned -mretpoline on by default for clang(1) on amd64. Explicitly turn it back off for SMALL_KERNEL kernel builds.
Added support for IPv6 VPN routes to bgpd(8).
Added the configuration option "fib-priority" to ospf6d(8) which allows setting a custom priority for routes ospf6d inserts into the kernel routing table.
Added the ability to pass sdmmc(4) the maximum segment size that a SD/MMC host controller can handle for DMA transfers.
Added the configuration option "fib-priority" to ospfd(8) which allows setting a custom priority for routes ospfd inserts into the kernel routing table.
Fixed mbuf related crashes in switch(4).
Made bgpd(8) check to see if a control socket or address is in use before using it. If it is in use then abort startup or let a reload fail. Stopped sockets from being unlinked during a normal shutdown.
Changed vmd(8) so that when netbooting a vm using the "-B net" option vmd sets the hostname in the DHCP lease to the name of the vm. This makes for easier use of dedicated autoinstall response files for different vms.
Converted arithmetic(6) to use unsigned variables to avoid overflows.
Changed nc(1) to check for a range of ports only if the first argument is a digit. This removed the potential for confusing port ranges with hyphenated port names.
Added use of speed estimates to improve wscons(4) gesture detection.
Added a terminate imsg to stop long running commands in cases where bgpctl(8) exits before bgpd(8) finishes the work.
Added the new matching criteria "from rdns" to smtpd.conf(5) to allow matching of sessions based on the reverse DNS of the client.
Added Backbone Provider Edge interfaces (bpe(4)).
Fixed a bug in wump(6) that caused nonsensical movement of the Wumpus.
Taught tcpdump(8) that LLDP has its own group address.
Folded ext-communities into filter_community so bgpd(8) can match multiple ext-communities at the same time. Adjusted bgpctl(8) to reflect this.
Fixed detection of MELTDOWN-proof Intel CPUs.
Added the ability to use a DUID to specify the root disk for octeon systems.
Modified the "-l" option of netstat(1) to show only the UDP sockets that can receive packets from any other host. (Sockets that are in a state similar to TCP sockets in the LISTEN state.)
Fixed tmux(1) parsing of empty colon-separated fields.
Changed wsmux(4) to return an error for ioctl(2) commands that are inappropriate when there are no child devices attached.
Made the freelist "best fit" code a little smarter so it will not use a block if half or more of the block would be wasted. This causes more effective re-use of blocks.
Made several improvements to mandoc(1) escape sequence handling and manual font selection.
Changed mg(1) to allow all non-ephemeral buffers to be toggled between writeable and read-only using "toggle-read-only-all".
Fixed printf statements of snmpctl(8) and snmpd(8) when they are compiled with -DDEBUG.
Added the ability to read from stdin using "-f -" to kdump(1).
Made kcov(4) multi-processor safe.
Added optional per-cpu counters for interface statistics.
Updated to unbound(8) version 1.8.3.
Fixed unbound(8) dns64 allocation for returned internal queries.
Extended the vmctl(8) "start -B" argument to work for disk, cdrom, and net. SeaBIOS respects disk and cdrom. The kernel understands net.
Taught libtool(1) to build shared libraries with a soname.
Implemented the fw_cfg interface in vmd(8) which can be used to set the boot order when a boot device was forced.
Started passing the IO ports 0x510, 0x511, 0x514, and 0x518 to vmd(8) in order to pass options to SeaBIOS.
Updated nsd to version 4.1.26.
Improved malloc(3) speed for the multi-threaded case by reducing lock contention.
Fixed mec(4) phy discovery on sgi O2 systems.
Updated xf86-video-openchrome to version 0.6.176.
Added basic MPLS support to libpcap.
Modified behavior of vmd(8) so the guest will stop or exit at the next reboot after "-B" is used to specify a specific boot device.
Fixed a bunch of cases where the dhcpd(8) "pf table handler" process did not exit during a number of failure conditions.
Made sure in iked(8) the prefixlen returned by mask2prefixlen6 is never bigger than 128 and that the daemon will exit when the mask is not contiguous.
Changed conversion of a netmask into a prefixlen to be more strict for eigrpd(8), ldpd(8), and snmpd(8).
Removed an ugly hack in the ssl(3) client certificate verification code that worked around broken GOST implementations.
Corrected ssh(1) calculation of initial bandwidth limits.
Modified rtwn(4) and urtwn(4) to handle 2 transmit chains in the computation of transmit power for the RTL8192UE.
Added support for "-" as an input file for stdin to sed(1), as specified by POSIX.
Added "-not" as a shell-friendly alias for "!" in find(1).
Added very experimental support for DNS over https (RFC 8484) to rebound(8)).
Introduced tx-mail and tx-rcpt report events for smtpd(8).
Made sure that when bgpd(8) is converting a netmask to prefixlen that it never returns a value bigger than 128.
Implemented a simple bgpd(8) ruleset optimizer that merges filter rules that differ only by filter sets.
Added a new "-B device" argument to vmctl(8) start to allow setting of the boot device. It allows kicking off an OpenBSD autoinstall by using 'vmctl start "installer" -Lc -B net -b bsd.rd -d disk.img'.
Made it possible to define the bootdevice in vmd(8). If VMBOOTDEV_NET is used the internal dhcp server will pass "auto_install" as the boot file to the client and the boot loader will pass the MAC address of the first interface to the kernel to indicate PXE booting.
Implemented a time-based method for tracking motion states of touches in wscons(4).
Disabled pvclock(4) on old hardware that lacks a stable clock.
Stopped axen(4) from calling usbd_delay_ms() in an interrupt context.
Changed bgpctl(8) to set the routing table when adding a network.
Applied fix to savecore(8) to unbreak 'savecore -c'.
Added support for RTL8192EU adapters to urtwn(4).
Added the 'vmctl wait <VM>' command to vmctl(8).
Introduced into vmd(8) IMSG_VMDOP_WAIT_VM_REQUEST, a control message registering a vmctl peerid which should be informed when the VM is stopped.
Cleaned up the validation of .Pp, .PP, .sp and .br in mandoc(1), resolving duplicate handling issues, handling missing cases and improving diagnostics.
Began performing forward-confirmed reverse DNS verification on incoming connections in smtp(1).
Stopped processing the top 32 bits of the 64 bit interrupt mask register in macebus(4) on the SGI O2. The CRIME interrupt controller has only 32 interrupt sources.
Fixed handling of lld-linked executables on mips64.
Added Spleen font 8x16, 12x24, 16x32 and 32x64 variants.
Added support for Xeon E3-1200 v6/7 host device and nVidia Quadro M1200.
Added new midicat(1) utility to send to or receive from MIDI ports.
Removed midiplay.
Restore inadvertently removed function prototype for ASN1_dup in crypto(3), fixing usage on I32LP64 platforms.
Modified syslogd(8) to honor SIGINT/QUIT when running in the foreground, allowing stopping 'syslogd -F' with ^C.
Fixed various overflows in perl(1).
Fixed a bgpd(8) memory leak and use-after-free of the peer ID in the bgpctl(8) code path by flushing the Adj-RIB-Out as soon as the peer state is PEER_DOWN.
Modified top(1) to allow reversing sort order by prefixing the field with a dash.
Enabled configuration of explicit congestion notification propagation on tunnel interfaces.
Corrected lock initialization for crypto(3).
Prevented discovered prefixes from overriding explicitly configured prefixes in rad(8).
Modified ssh(1) not to truncate username or hostname in 'user@host's password: ' prompts.
Removed an extra tick from tvtohz(9) on timeout reload.
Fixed malformed output when querying certain databases with ldap(1), matching the functionality of openldap's ldapsearch.
Released mandoc.css from mandoc(1) into the public domain.
Changed vmd(8) to keep a list of known VMs and reuse the VM IDs. When using '-L', the IP addresses of the VMs are stable.
Removed fontcacheproto, xf86miscproto, libXfontcache and libXxf86misc.
Adjusted installboot(8) not to allow the bootstrap to overlap the start of the OpenBSD area of the disk.
Expanded detail available about networks saved by 'join' when a user uses the ifconfig(8) 'joinlist' option.
Improved error handling and logging in qcow2 within vmd(8).
Added the pvclock(4) guest driver for paravirtual clocks, improving timekeeping on KVM guests.
Added an ssh_config(5) "Match final" predicate.
Provided new mandoc(1) output option -O tag[=term] to move directly to the definition of "term" when opening the manual page in a pager.
Added support for 'local inet6' interfaces to vmd(8).
Deleted malloc_usable_size() function, which exposed some of the internal workings of malloc(3) and can be replaced by allocation.
Initialized cached last sequence numbers for received packets to invalid values rather than dropping the first packet received from each AP in each QoS class, which would affect the first packet of the WPA2 4-way handshake on certain APs and could lead to connection delay or failure.
Fixed the case in ksh(1) where the recursion detection isn't reset when the command is interrupted.
Applied unveil(2) to boot images specified by the -o option in makefs(8). Added exiting with an error status when writing a CD image fails.
Fixed malloc(3) compilation on alpha.
Made case-insensitive extended regular expressions the default in man(1) -k searches, improving POSIX compliance.
Adjusted wscons(4) to use sigio(9).
Added usb(4) device ids for D-Link DWA-171 rev C1 and Xiaomi mini USB WiFi.
Silenced (to log level debug2) ssh(1) failure messages when loading the default hostkeys.
Fixed syspatch(8) build on macppc and arm64.
Fixed a crash in bgpd(8) when printing an error message that a network prefix-set is not found.
Added new KERN_CPUSTATS sysctl(2) for identifying offline CPUs. Made use of this in systat(1) and top(1).
Added a check to prevent a truncated cmsghdr leading to an embedded length longer than the supplied buffer in kdump(1).
Added a fix to avoid leaking kernel memory in struct kevent(2) padding.
Modified tcpdump(8) to allow root privileges to be dropped completely at runtime.
Corrected tty hang-up in getty(8).
Finished transition of ld.so(1) to GNU_RELRO.
Added support for Allwinner A64's eMMC controller. This makes the eMMC work on the Pinebook.
Changed rad(8) to avoid a fatal error if IPV6_LEAVE_GROUP fails due to a destroyed or detached interface.
Adjusted vlan(4) to use txprio, not link0 and llprio, to set the dotlp in the header. IMPORTANT NOTE: if you're using llprio and link0, a configuration update will be needed.
Redirected stderr of ProxyCommands to /dev/null when ssh(1) is started with ControlPersist.
Fixed an ssh(1) client bug where a redundant ssh-agent socket was retained for the life of the connection.
Fixed an ssh(1) bug where when only RSA-SHA2 signature types were specified, authentication would always fail for RSA keys.
Repaired legacy ciphers for ssl(8) prior to 1.1 by setting a legacy signature algorithm for MD5_SHA1 and using it as the non-signature algorithm default.
Introduced a prefix of '@' to suppress echo of sftp(1) batch commands.
Added support for txprio configuration in vxlan(4).
Added [template] to display-panes and choose-{buffer,client,tree} usage in tmux(1).
Ported an additional mitigation for an openssl(1) timing vulnerabiity in ECDSA signature generation.
Plugged a memory leak in host()'s error code path in bgpd(8).
Used the txprio setting to populate the tos in keepalive packets.
Modified snmpd(8) to use unveil(2) despite inability to use pledge(2), closing an attack vector.
Added txprio support to gre(4), mgre(4), egre(4), nvgre(4) and eoip(4).
Added support for txprio settings on interfaces with ifconfig(8). This adds a txprio argument with a setting which can be changed to 'payload,' 'packet' or a number between 0 and 7.
Modified dhclient(8) to restart when an SSID change is noted in RTM_80211INFO, ensuring that the correct lease is discovered or renewed and the lease file is properly updated.
Added the new routing socket message RTM_80211INFO to provide details of 802.11 interface state changes and added support to route(8).
Added a mechanism for managing asyncronous IO signal registrations.
Set the hardmtu on ethernet encapsulated interfaces so the MTU can be raised above 1500.
Limited the number of interface units to the number of device minors, preventing the creation of tap(4) and tun(4) devices which can't be opened from userland because of the limit on the number of dev_t minor numbers.
Built clang(1) on mips64.
Changed the proc message formatting API in smtpd(8) to accept NULL as a valid string.
Adjusted ripd(8) to accept 'interface ifX' without parameters.
Added implementation of the SM3 hashing function within crypto(3). The SM2/SM3/SM4 algorithms are mandatory for legal use of cryptography within China.
Added automatic threading initialization for crypto(3).
Fixed ssl(8) to free the server TLS transcript in case session reuse has failed.
Enabled the -D option for ping6(8).
Fixed the vnetid range in ifconfig(8). 0 and 4095 are reserved IDs per 802.1Q and vlan(4).
Added support to ping(8) and traceroute(8) for setting the traffic class on IPv6 packets.
Reduced needed pledge(2) use further in tcpdump(8).
Removed ethers(5) YP support from libc, allowing more effective use of pledge(2) in some programs.
Modified nc(1) to report to stderr in verbose mode when the listen system call has finished, allowing writing of race-free scripts as server status can be checked.
Cleaned up and simplified the ssl(8) handshake transcript code, providing a more readable API with code that uses a BUF_MEM instead of a BIO.
Fixed a case where if a server asked the client for a certificate that doesn't exist, a handshake transcript would be left behind in ssl(8).
Changed the default listen port for switchd(8) from 6633 to 6653, the IANA standardized OpenFlow port. When a listen port is not specified in switchd.conf(5), it will be randomized.
Used the original client border width to adjust initial placement of clients containing {P,US}Position requests where they are explicitly set to 'ignore' in cwmrc. This prevents unintentional client offset in cwm(1).
Improved use of unveil(2) within passwd(1).
Introduced the 'smtp-in' keyword to smtpd(8) to allow less ambiguous reporting of smtp-in and smtp-out events.
Expanded reporting of tx events in smtpd(8).
Fixed a problem associated with keeping default ribs alive and Adj-RIB-In/Out in bgpd(8). The RIB will only be recreated if the FIB distribution flags changed or the rtableid changed and there is a FIB.
Applied unveil(2) to tcpdrop(8).
Fixed clipping during float to integer conversions in aucat(1).
Fixed an error in tmux(1) by ensuring that a non-repeating key used when repeating be treated as an entirely new key press.
Tested TLS interoperability between LibreSSL and OpenSSL by implementing a simple SSL client and server in C, then creating four binaries by linking them with LibreSSL or OpenSSL to test API compatibility.
Defined TLS_CA_CERT_FILE rather than having every application create their own define for /etc/ssl/cert.pem.
Corrected unzooming and redrawing of panes in switch-client for tmux(1).
Implemented SAFE-INIT-CHAR for ldap(1).
Allowed join(1) to join on a multibyte separator.
Added new vm.malloc_conf sysctl for malloc(3) flags.
Began work to add feature flags for LibreSSL.
Introduced bn_rand_interval() to allow specifying an interval from which a BIGNUM is chosen uniformly at random.
Improved the filters for touchpad scrolling in wscons(4).
Modified icmp_input_if() m_pullup to increase the maximum size of required data at the start to simplify code and reduce m_pullup calls.
Implemented coordinate blinding for EC_POINT in ssl(8). Renamed the TLS Supported Elliptic Curves extension to Supported Groups re: RFC 7919.
Adjusted snmpd(8) promises to remove an unnecessary rpath promise and unveil(2) the snmpe process.
Fixed the case where an mbuf cluster is used in icmp(4) to correctly offset the data and generalize checking.
Implemented C11's aligned_alloc(3).
Adjusted ntpd(8) to be stricter with TLS configuration.
Updated the opensslfeatures.h to include all of the OPENSSL_NO_* flags that exist in ssl(8). Defined OPENSSL_NO_ASYNC, as libcrypto does not have built-in async features.
Fixed an error introduced to tcp(4) that broke setting of a fixed socket send buffer size due to out-of-sync algorithms.
Introduced a real Adj-RIB-Out to bgpd(8) and removed the update_rib introduced before 6.4.
Added a pledge(2) to ripe and rde in ripd(8) and used unveil(2) to remove file system access for the parent process.
Changed dhclient(1) to log "LLADDR changed" and "restarting" when LLADDR is modified and the restart is actually executed, no longer saying 'restarting' twice.
Adjusted smtpd(8) to apply filter rules only to filtered interfaces.
Explicitly disabled xdm-authorization-1 support in X(7) server.
Changed dhclient(8) to ignore incoming packets and routing socket messages and to cancel any pending protocol timeout when reacting to SIGHUP.
Modified top(1) to accept numeric user IDs, making 'top -U 0' and 'u-1000' work.
Modified getent(1) to prefer user names over numeric user IDs.
Disabled LOCKF_DIAGNOSTIC for lockf(3).
Allowed smtpd(8) to fork processes at startup and maintain a socketpair with them.
Merged libdrm 2.4.96.
Changed smtpd(8) to log tls events as 'tls' and not 'starttls'.
Increased max frame size and hard MTU to allow use of vlan(4) and jumbo frames on ure(4).
Added unveil(2) support to htpasswd(1) and ifstated(8).
Added C11's timespec_get(3) to libc.
Relaxed unveil(2) restrictions for shells needed to run shell scripts that starts with a '#!' line.
Added unveil(2) support to ospfd(8) and ospf6d(8).
Changed mbufs and mbuf(9) clusters to be backed by large pools and relaxed the oversubscribe limit of socket buffers.
Fixed route collector mode in bgpd(8).
Updated libtool(1) to handle both DT_RUNPATH and the older DT_RPATH elements.
Corrected handling of symlinks in syspatch(8).
Changed ieee80211(9) to avoid joining a network where crypto is found but cleartext was expected.
Added acpipci(4) on amd64.
Added tracking of memory usage for sets and tries in bgpd(8) and display of memory usage to bgpctl(8).
Fixed memory leak in csh(1).
Changed nc(1) to show what went wrong with a unix domain socket rather than failing silently.
Added unveil(2) support to rebound(8), getconf(1), kvm_mkdb(8) and bdftopcf(1).
Disabled setuid on Xserver(1) in response to recent disclosure of vulnerabilities.
Fixed calculation of ASPATH_HEADER_SIZE by using offsetof() instead of the sizeof calculation in bgpd(8).
Disabled -logfile and -modulepath when running Xserver(1) with elevated privileges, as these could cause arbitrary overwriting of files (CVE-2018-14665).
Fixed a kernel resource leak in doaccept().
Added a 'terminal' colour which can be used instead of 'default' in style options for tmux(1).
Added unveil(2) support to Xserver(1), passwd(1), spamlogd(8) and spamd(8).
Implemented constant width font escape sequences for html output in mandoc(1).
Incremented major versions for crypto(3), ssl(3) and libtls due to libcrypto symbol removals and libssl changes to struct visibility/sizes.
Further restricted the pledge(2) in switchctl(8).
Fixed bgplg(8) show ip bgp out/in, updated usage message and added missing neighbor argument. Added 'show ip bgp ovs' and 'show ip bgp ext-community' commands.
Fixed minor issues in csh(1) found by coverity.
Fixed qcow2 disk images larger than 4GB in vmd(8).
Adjusted mandoc(1) handling of tags containing whitespace to better interoperate with ctags(1).
Fixed a bug in mandoc(1) when handling blank lines inside preformatted html sections.
Adjusted join(1) to allow joining on NULL columns.
Fixed an off-by-one error in ldap(1) when wrapping long LDIF lines.
Imported Mesa 17.3.9.
Corrected HFSC so it no longer forces packet priority to the highest setting when enabled.
Switched amd64 to ld.lld(1) as the default linker.
Added unveil(2) support to sensorsd(8).
Removed instances of #ifdef INET6 from tcpdump(8) code.
Set ipsec(4) to use a monotonic clock for SA creation and lookup timestamps.
Adjusted ld.lld(1) to accept both '--foo bar' and '--foo=bar' style options in the manner of GNU linkers.
Fixed cvs(1) handling of checking out commits by date when there is a vendor branch with a commit on top of it.
Adjusted the bgpd(8) RDE to act on XON/XOFF messages to properly throttle dumping of prefixes to peers.
Added the ability to query a switch(4) instance via its control device to switchctl(8).
Set kdump(1) to display the errno returned by futex(2).
Fixed mail.lmtp(8) to not consider connect(2) errors a permanent failure.
Switched alpha to futex(2)-based condvars, mutexes and semaphores.
Added missing unveil(2) of /etc/shells to su(1) for -m option.
Backported llvm's libunwind hardware floating point handling and added quad-precision floating-point support routines for mips64.
Enabled the integrated llvm assembler on mips64.
Adjusted CPU identification in amd64 to take the 'package' into account when calculating the 'smt' ID on modern AMD CPUs to avoid knocking out too many processor threads.
Copied the root check from ping(8) into traceroute(8).
Updated X(7) to libX11 1.6.7 and libSM 1.2.3.
Added vmctl(8) support for creating and converting disk images from existing images.
Fixed slowcgi(8) calculation of the file descriptor limit before accepting a new connection. This prevents a failure when slowcgi is close to the file descriptor limit.
Changed ssh-keygen(1) to include the signing algorithm used by the CA when printing certificate contents.
Removed potential for a spurious end-of-RIB being sent by bgpd(8).
Corrected wrong results produced by join(1) during full and outer join operations.
Added support for windows larger than are visible on the attached client to tmux(1).
Improved tmux(1) clipboard handling.
Added tmux(1) support for extended underline styles on terminals offering them.
Fixed fmt(1) accounting of NUL for allocation size and moved to use of reallocarray(3).
Reworked processing of gre(4) keep alive packets.
Adjusted time scheduler statistics so time spent spinning in interrupts is no longer accounted for within the system time of a process.
Fixed regression in pf(4) that caused quick on anchor rules to be ignored.
Adjusted bitmap tables and output routines of banner(6).
Added a linker script to assist lld with building biosboot(8).
Added traffic class of ipv6 headers to gre(4) encapsulation.
Addressed crashes when checking for duplicate user(8) entries.
Used the up_rib tree to withdraw all prefixes of a peer which is used to reload peers into a new RIB in bgpd(8). Removes one additional full RIB tree walker.
Rate-limited the interval over which a VM can reboot, preventing VM reboot loops in vmd(8). Three VM restarts less than six seconds apart are assumed to be unintentional, and the VM is stopped.
Made httpd(8) omit HSTS headers for unencrypted connections per RFC 6797.
Fixed mrt table dumps in bgpd(8).
Linked libc++.so against libc++abi.so to allow linking of C binaries against C++ shared libraries.
Exposed net.inet.ip.arpq.drops to sysctl(8) to aid debugging of dropped packets without counter increases.