# $NetBSD: CHANGES-5.0.1,v 1.1.2.44 2009/07/29 22:35:18 snj Exp $ A complete list of changes from the NetBSD 5.0 release to the NetBSD 5.0.1 release: gnu/usr.bin/groff/tmac/mdoc.local patched by hand sys/sys/param.h patched by hand Welcome to 5.0.0_PATCH. [snj] sys/kern/uipc_socket.c 1.189 PR kern/41311: Mutex error: mutex_vector_enter: locking against myself [ad, ticket #731] sys/dev/ic/ncr53c9x.c 1.138 Add missing braces - patch from Kurt Lidl in PR port-vax/41314. [martin, ticket #734] sys/netinet6/ip6_input.c 1.127 Add missing paranthesis - from Kurt Lidl in PR port-vax/41316 [martin, ticket #733] gnu/dist/binutils/bfd/elf32-vax.c 1.9 Allocate relocation section using bfd_zalloc() to ensure no garbage relocations when not all the entries are used. Fixes PR port-vax/39182. [mhitch, ticket #738] sys/ufs/ffs/ffs_alloc.c 1.123 via patch Fix random 'filesystem full' messages by trapping a couple of 32-bit overflow areas missed in rev 1.110 and switching cgbase(). [sborrill, ticket #726] usr.sbin/racoonctl/Makefile 1.5 via patch Adjust the ADMINPORTDIR to match that of racoon (with which it'll want to talk). Fixes PR 41376. [spz, ticket #740] sys/arch/hp700/include/intr.h 1.14 Add __insn_barrier after updating cpl in splraise. PR/41369. [skrll, ticket #741] sys/arch/m68k/include/psl.h 1.14 Add memory clobber to the instructions that change the IPL in the status register. See also kern/38637. [mhitch, ticket #743] sys/netinet/in_pcb.c patch Fix compilation with IPNOPRIVPORTS option. [sborrill, ticket #745] share/man/man8/afterboot.8 1.39 Fix typo, from Shannon -jj Behrens in PR 41375. [dholland, ticket #746] sys/dist/ipf/netinet/ip_fil_netbsd.c 1.50 Don't call callout_stop() without callout_init() Fixes PR/41364 [kefren, ticket #748] sys/arch/sparc/include/math.h 1.5 sys/arch/sparc64/include/math.h 1.7 merge these two files, makes sparc64 sparc/libc work again. only provide __HAVE_LONG_DOUBLE if _LP64. [mrg, ticket #750] sys/arch/amd64/amd64/lock_stubs.S 1.22, 1.23 sys/arch/i386/i386/lock_stubs.S 1.23 sys/arch/x86/include/mutex.h 1.6 sys/arch/x86/x86/patch.c 1.18 sys/kern/kern_rwlock.c 1.30 Add a workaround for a bug with some Opteron revisions where locked operations sometimes do not serve as memory barriers, allowing memory references to bleed outside of critical sections. [ad, ticket #725] usr.sbin/postinstall/postinstall 1.95 Teach postinstall about /etc/dhcpcd.conf. [jnemeth, ticket #752] usr.sbin/postinstall/postinstall 1.97 Fetch /etc/dhcpcd.conf from the correct place when building the system from source. [jnemeth, ticket #756] sys/kern/sys_mqueue.c 1.17 sys_mq_open: remove broken access flag check. Noted by Stathis Kamperis. [rmind, ticket #762] usr.sbin/schedctl/schedctl.c 1.14 Skip LSIDL and LSZOMB threads when retrieving info. [rmind, ticket #763] sys/arch/sparc/include/psl.h 1.45 Add memory clobbers to the inline assembler modifying/testing the %psr register, to avoid the compiler reordering instructions out of critical sections. Should fix PR port-sparc/41372. [martin, ticket #764] share/man/man7/sysctl.7 1.22 via patch Document PROC_PID_LIMIT_SBSIZE. From Greg A. Woods in PR lib/36463. Wording is taken from getrlimit(2). [snj, ticket #765] sys/arch/vax/include/mtpr.h 1.21, 1.22 Add "memory" clobber to mtpr for barrier. See also kern/38637. [mhitch, ticket #767] dist/ntp/ntpd/ntp_crypto.c 1.15 Fix CVE-2009-1252: Buffer overflow in ntpd crypto code. A remote attacker can send a specially constructed request packet that would overflow the sprintf()'ed buffer causing ntpd to crash. [dholland, ticket #777] sys/arch/sparc64/sparc64/vm_machdep.c 1.88 When preparing the initial trap frame for a new forked lwp, explicitly clear condition code. Otherwise we might catch a signal (handlers are inherited from the parent) before we ever return to userland. The current trapframe is converted into a ucontext and after the signal handler returns, the lwp stays in userland and directly uses the ucontext to return to the fork call. Fixes PR 41302. [martin, ticket #774] sys/kern/sys_mqueue.c 1.18 - Slightly rework the way permissions are checked. Neither mq_receive() nor mq_send() should fail due to permissions. - Check for empty message queue name (POSIX does not allow this for regular files, and it's weird), check for DTYPE_MQUEUE, fix permission check in mq_unlink(), clean up. [rmind, ticket #779] sys/kern/kern_physio.c 1.91 Remove a race where physio_done() may use memory already freed. Fixes PR kern/39536. [hannken, ticket #781] src/external/bsd/fetch/dist/libfetch/common.c libfetch-2-23 src/external/bsd/fetch/dist/libfetch/common.h libfetch-2-23 src/external/bsd/fetch/dist/libfetch/errlist.sh libfetch-2-23 src/external/bsd/fetch/dist/libfetch/fetch.3 libfetch-2-23 src/external/bsd/fetch/dist/libfetch/fetch.c libfetch-2-23 src/external/bsd/fetch/dist/libfetch/fetch.cat3 libfetch-2-23 src/external/bsd/fetch/dist/libfetch/fetch.h libfetch-2-23 src/external/bsd/fetch/dist/libfetch/file.c libfetch-2-23 src/external/bsd/fetch/dist/libfetch/ftp.c libfetch-2-23 src/external/bsd/fetch/dist/libfetch/ftp.errors libfetch-2-23 src/external/bsd/fetch/dist/libfetch/http.c libfetch-2-23 src/external/bsd/fetch/dist/libfetch/http.errors libfetch-2-23 Pull up libfetch-2.23: - if-not-modified support - document that struct URL is not part of the ABI - fetchRestartCalls cleanup for signal handlers - allow HTTP basic auth to be specified in the URL, allow : as part of the cleartext password - fix a file descriptor leak in the file:// iteration code [joerg, ticket #670] UPDATING patch distrib/sets/lists/base/mi patch distrib/sets/lists/etc/mi patch distrib/sets/lists/man/mi patch external/bsd/pkg_install/Makefile.inc patch external/bsd/pkg_install/prepare-import.sh patch external/bsd/pkg_install/dist/add/add.h pkg_install-20090528 external/bsd/pkg_install/dist/add/main.c pkg_install-20090528 external/bsd/pkg_install/dist/add/perform.c pkg_install-20090528 external/bsd/pkg_install/dist/add/pkg_add.1 pkg_install-20090528 external/bsd/pkg_install/dist/admin/admin.h pkg_install-20090528 external/bsd/pkg_install/dist/admin/audit.c pkg_install-20090528 external/bsd/pkg_install/dist/admin/check.c pkg_install-20090528 external/bsd/pkg_install/dist/admin/main.c pkg_install-20090528 external/bsd/pkg_install/dist/admin/pkg_admin.1 pkg_install-20090528 external/bsd/pkg_install/dist/bpm/bpm.1 pkg_install-20090528 external/bsd/pkg_install/dist/create/build.c pkg_install-20090528 external/bsd/pkg_install/dist/create/create.h pkg_install-20090528 external/bsd/pkg_install/dist/create/main.c pkg_install-20090528 external/bsd/pkg_install/dist/create/perform.c pkg_install-20090528 external/bsd/pkg_install/dist/create/pkg_create.1 pkg_install-20090528 external/bsd/pkg_install/dist/create/pl.c pkg_install-20090528 external/bsd/pkg_install/dist/create/util.c pkg_install-20090528 external/bsd/pkg_install/dist/delete/pkg_delete.1 pkg_install-20090528 external/bsd/pkg_install/dist/info/info.h pkg_install-20090528 external/bsd/pkg_install/dist/info/main.c pkg_install-20090528 external/bsd/pkg_install/dist/info/perform.c pkg_install-20090528 external/bsd/pkg_install/dist/info/pkg_info.1 pkg_install-20090528 external/bsd/pkg_install/dist/info/show.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/automatic.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/config.h.in pkg_install-20090528 external/bsd/pkg_install/dist/lib/conflicts.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/decompress.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/dewey.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/fexec.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/file.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/global.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/iterate.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/lib.h pkg_install-20090528 external/bsd/pkg_install/dist/lib/lpkg.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/opattern.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/pkg_io.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/pkg_summary.5 pkg_install-20090528 external/bsd/pkg_install/dist/lib/pkgdb.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/plist.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/str.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/var.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/version.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/version.h pkg_install-20090528 external/bsd/pkg_install/dist/lib/vulnerabilities-file.c pkg_install-20090528 external/bsd/pkg_install/dist/admin/audit-packages.sh.in pkg_install-20090528 external/bsd/pkg_install/dist/admin/download-vulnerability-list.sh.in pkg_install-20090528 external/bsd/pkg_install/dist/delete/pkg_delete.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/gpgsig.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/license.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/parse-config.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/pkcs7.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/pkg_install.conf.5.in pkg_install-20090528 external/bsd/pkg_install/dist/lib/pkg_signature.c: pkg_install-20090528 external/bsd/pkg_install/dist/lib/remove.c pkg_install-20090528 external/bsd/pkg_install/dist/lib/xwrapper.c pkg_install-20090528 external/bsd/pkg_install/dist/x509/pkgsrc.cnf pkg_install-20090528 external/bsd/pkg_install/dist/x509/pkgsrc.sh pkg_install-20090528 external/bsd/pkg_install/dist/x509/signing.txt pkg_install-20090528 external/bsd/pkg_install/lib/Makefile patch external/bsd/pkg_install/sbin/Makefile patch external/bsd/pkg_install/sbin/Makefile.inc patch external/bsd/pkg_install/sbin/pkg_add/Makefile patch external/bsd/pkg_install/sbin/pkg_admin/Makefile patch external/bsd/pkg_install/sbin/pkg_create/Makefile patch external/bsd/pkg_install/sbin/pkg_delete/Makefile patch external/bsd/pkg_install/sbin/pkg_info/Makefile patch external/bsd/pkg_install/dist/add/extract.c removed external/bsd/pkg_install/dist/add/futil.c removed external/bsd/pkg_install/dist/add/verify.c removed external/bsd/pkg_install/dist/add/verify.h removed external/bsd/pkg_install/dist/admin/config.c removed external/bsd/pkg_install/dist/audit-packages/AUTHORS removed external/bsd/pkg_install/dist/audit-packages/COPYING removed external/bsd/pkg_install/dist/audit-packages/README removed external/bsd/pkg_install/dist/audit-packages/audit-packages.1.in removed external/bsd/pkg_install/dist/audit-packages/audit-packages.c removed external/bsd/pkg_install/dist/audit-packages/audit-packages.conf.5.in removed external/bsd/pkg_install/dist/audit-packages/audit-packages.conf.in removed external/bsd/pkg_install/dist/audit-packages/download-vulnerability-list.1.in removed external/bsd/pkg_install/dist/audit-packages/download-vulnerability-list.sh.in removed external/bsd/pkg_install/dist/delete/delete.h removed external/bsd/pkg_install/dist/delete/main.c removed external/bsd/pkg_install/dist/delete/perform.c removed external/bsd/pkg_install/dist/lib/ftpio.c removed external/bsd/pkg_install/dist/lib/path.c removed external/bsd/pkg_install/dist/lib/path.h removed external/bsd/pkg_install/dist/lib/pen.c removed external/bsd/pkg_install/dist/lib/pexec.c removed external/bsd/pkg_install/dist/view/linkfarm.1 removed external/bsd/pkg_install/dist/view/linkfarm.sh.in removed external/bsd/pkg_install/dist/view/pkg_view.1 removed external/bsd/pkg_install/dist/view/pkg_view.sh.in removed external/bsd/pkg_install/sbin/audit-packages/Makefile removed external/bsd/pkg_install/sbin/pkg_view/Makefile removed Merge pkg_install-20090528 from HEAD. [joerg, ticket #784] usr.sbin/puffs/mount_sysctlfs/sysctlfs.c 1.11 Fix a crash while trying to read nodes on amd64, reported in PR/41494. [njoly, ticket #783] sys/arch/sparc64/include/cpu.h 1.86 sys/arch/sparc64/sparc64/locore.s 1.291 sys/arch/sparc64/sparc64/vm_machdep.c 1.89 cpu_setfunc() can not use lwp_trampoline, as that has additional lwp startup semantics. Use a simpler setfunc_trampoline instead. [martin, ticket #786] sys/arch/m68k/include/m68k.h 1.14 sys/arch/m68k/m68k/switch_subr.s 1.22 sys/arch/m68k/m68k/vm_machdep.c 1.28 Do not use lwp_trampoline for cpu_setfunc, we do not want to call lwp_startup() after a setfunc. Grow a simplified setfunc_trampoline instead. [martin, ticket #787] sys/arch/hp700/hp700/locore.S 1.35 sys/arch/hp700/include/cpu.h 1.34 sys/arch/hppa/hppa/vm_machdep.c 1.36 Do not use lwp_trampoline for cpu_setfunc, but a simplified setfunc_trampoline that does not call lwp_startup(). [skrll, ticket #793] distrib/common/parselist.awk 1.16 distrib/sets/maketars 1.66 share/dict/Makefile 1.17 share/mk/bsd.README 1.249 share/mk/bsd.hostprog.mk 1.55 share/mk/bsd.kmodule.mk 1.19 share/mk/bsd.lib.mk 1.298 share/mk/bsd.links.mk 1.34 share/mk/bsd.man.mk 1.100 share/mk/bsd.prog.mk 1.241 share/zoneinfo/Makefile 1.43 usr.bin/xinstall/xinstall.c 1.106 - 1.108 via patch Various METALOG fixes, including entries sorting to fix inconsistent shared sets among builds as seen in /pub/NetBSD-daily/netbsd-5/200904010000Z/shared/ and /pub/NetBSD-daily/netbsd-5/200904010002Z/shared/ dirs. Should fix PR 24457 and PR 41155. [snj, ticket #790] sys/kern/sched_4bsd.c 1.25 sched_pstats_hook: fix estcpu decay. this makes my desktop usable when running "make -j4". [rmind, ticket #791] external/mit/xorg/server/drivers/xf86-video-s3/Makefile patch Add missing object file to build a properly working s3 module. Fixes PR xsrc/41206. [ahoka, ticket #795] sys/arch/alpha/alpha/locore.s 1.114 sys/arch/alpha/alpha/vm_machdep.c 1.100 sys/arch/alpha/include/alpha.h 1.24 Do not use lwp_trampoline for cpu_setfunc, but a simplified setfunc_trampoline that does not call lwp_startup() instead. [martin, ticket #798] sys/arch/mips/include/locore.h 1.79 sys/arch/mips/mips/locore_mips1.S 1.65 sys/arch/mips/mips/mipsX_subr.S 1.28 sys/arch/mips/mips/mips_machdep.c 1.211 sys/arch/mips/mips/vm_machdep.c 1.123 Do not use the same trampoline for cpu_lwp_fork and cpu_setfunc - only the former needs to call lwp_startup(). [martin, ticket #799] sys/arch/sparc/dev/zs.c 1.116 Properly initialize child attach args to zero - we could end up with various devices having different ideas about being console otherwise. [martin, ticket #800] sys/arch/powerpc/powerpc/locore_subr.S 1.38 sys/arch/powerpc/powerpc/vm_machdep.c 1.77 Do not use the same trampoline for cpu_setfunc and cpu_lwp_fork, the latter does a lot more work. [martin, ticket #801] share/man/man8/afterboot.8 1.40 Make some updates (most notably syncing the Postfix section with reality). inspired by PR misc/39168. [snj, ticket #804] sys/arch/sh3/sh3/locore_subr.S 1.52 Fix logic error in copyinstr() when deciding whether to return EFAULT or ENAMETOOLONG. [uwe, ticket #802] distrib/sets/lists/xbase/mi 1.76 external/mit/xorg/bin/xvidtune/Makefile 1.2 fix xsrc/41577: install the Xvidtune app-defaults file, after the necessary preprocessing and sed processing it needs. [mrg, ticket #805] sys/compat/linux/common/linux_socket.c 1.100 In sendmsg(2), do copy the msghdr structure before trying to use it. [njoly, ticket #806] sys/kern/subr_kobj.c 1.35 Fix a crash observed when trying to load a corrupted ELF kernel module. [rmind, ticket #809] sys/netinet/tcp_usrreq.c 1.155 sysctl_inpcblist: fix a lock leak in error path [rmind, ticket #812] sys/dev/pci/ehci_pci.c 1.45 Apply hw workaround required for all SB600 revisions and SB700 revisions A12 and A13 to avoid USB subsystem hang symptom. The USB subsystem hang symptom is observed when the system has multiple USB devices connected to it or one USB device is often re-connected. [cegger, ticket #814] lib/libpam/modules/pam_unix/pam_unix.c 1.13 Restore the good old UNIX behavior of root password changing: only root may change the root password. [tonnerre, ticket #817] sys/kern/sys_generic.c 1.122 via patch Updates to f_flag need to be made with atomics. [rmind, ticket #811] sys/kern/tty_pty.c 1.117 Writes on the controlling tty were not being awoken from blocks, use the correct condvar to make this happen. this fixes PR/41566 [plunky, ticket #807] distrib/hp300/miniroot/install.md 1.14 Make hp300's install.md script probe cd(4) devices properly. [tsutsui, ticket #820] sys/compat/linux/common/linux_sched.c 1.59 In linux_sys_sched_getaffinity(), do not leak memory on error. [njoly, ticket #822] external/bsd/pkg_install/dist/admin/pkg_admin.1: 1.1.1.7 external/bsd/pkg_install/dist/lib/license.c: 1.1.1.3 external/bsd/pkg_install/dist/lib/version.h: 1.1.1.16 Merge pkg_install-20090610 from HEAD [joerg, ticket #815] games/hunt/huntd/answer.c 1.10 Fix possible remote DoS of a running hunt game, and prevent a possible theoretical attack involving >= 1 billion ammo. [dholland, ticket #834] crypto/dist/ssh/cipher.c 1.22 crypto/dist/ssh/cipher.h 1.3 crypto/dist/ssh/packet.c 1.32 Add special handling for CBC cipher modes to make them appear less favorable than CTR modes. Also, in order to avoid creating oracles unnecessarily, change behavior in various situations from "Drop connection" to "Ignore packets up to 256kB". This affects CBC mode ciphers only. [tonnerre, ticket #843] games/hack/extern.h 1.11 games/hack/hack.do_name.c 1.9, 1.10 games/hack/hack.eat.c 1.8 games/hack/hack.end.c 1.12 via patch games/hack/hack.fight.c 1.10 games/hack/hack.h 1.13 via patch games/hack/hack.invent.c 1.12, 1.13 games/hack/hack.main.c 1.12, 1.13 games/hack/hack.objnam.c 1.9 games/hack/hack.options.c 1.9 games/hack/hack.pri.c 1.11 games/hack/hack.rip.c 1.10, 1.11 games/hack/hack.shk.c 1.10 games/hack/hack.topl.c 1.10, 1.11 games/hack/hack.unix.c 1.12, 1.13 sprintf -> snprintf, plus some use of strlcpy/strlcat where appropriate. Fix two serious string-handling bugs (one exploitable, one probably exploitable) and also add proper checking/paranoia in several other places. [dholland, ticket #844] sys/kern/init_sysctl.c 1.161 sysctl_doeproc: fix a bug in rev.1.135. Don't forget to mark our marker process PK_MARKER. This fixes crashes in sched_pstats, etc. [rmind, ticket #835] sys/kern/kern_exit.c 1.221 exit1: fix a race with do_sys_wait/proc_free. [rmind, ticket #836] sys/kern/kern_rwlock.c 1.31 lockdebug fixes for rw_tryupgrade/rw_downgrade. [rmind, ticket #837] sys/kern/init_sysctl.c 1.162 sys/kern/vfs_trans.c 1.25 Don't forget to skip marker processes. [rmind, ticket #838] sys/kern/init_sysctl.c 1.163 sysctl_doeproc: - simplify. - KERN_PROC: fix possible stale proc pointer dereference. - KERN_PROC: don't do copyout with proc_lock held. [rmind, ticket #839] sys/kern/vfs_lockf.c 1.70 lf_split: cv_destroy a condvar before clobbering it. [rmind, ticket #840] sys/kern/vfs_syscalls.c 1.392 do_sys_utimes: fix a bug introduced by rev.1.367. VA_UTIMES_NULL is in va_vaflags, not va_flags. [rmind, ticket #841] sys/kern/vfs_lockf.c 1.71 Don't make F_GETLK or the common case of F_UNLCK fail for per-user limit. [rmind, ticket #842] lib/libc/sys/getrlimit.2 1.31, 1.32 Document RLIMIT_AS. Fixes PR#41517. [mrg, ticket #846] xsrc/external/mit/freetype/dist/src/cff/cffload.c 1.2 xsrc/external/mit/freetype/dist/src/lzw/ftzopen.c 1.2 xsrc/external/mit/freetype/dist/src/sfnt/ttcmap.c 1.2 xsrc/external/mit/freetype/dist/src/smooth/ftsmooth.c 1.2 Apply fixes from CVE-2009-0946. [mrg, ticket #848] crypto/dist/openssl/crypto/pqueue/pqueue.c 1.2 crypto/dist/openssl/crypto/pqueue/pqueue.h 1.2 crypto/dist/openssl/ssl/d1_both.c 1.4 crypto/dist/openssl/ssl/d1_pkt.c 1.2 crypto/dist/openssl/ssl/s3_pkt.c 1.10 crypto/dist/openssl/ssl/ssl.h 1.19 crypto/dist/openssl/ssl/ssl_err.c 1.13 Fix various vulnerabilities in OpenSSL which have not previously been addressed: CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386 and CVE-2009-1387. [tonnerre, ticket #850] crypto/dist/openssl/ssl/d1_both.c 1.5 Fix build problem from ticket 850 on non-64bit systems. [spz, ticket #851] sys/netinet/ip_output.c 1.203 Fix PR kern/41659: add missing splx() in FAST_IPSEC code. [martin, ticket #847] common/lib/libc/hash/sha2/sha2.c 1.8-1.18 via patch crypto/dist/openssl/crypto/evp/m_sha1.c 1.2-1.3 via patch distrib/sets/lists/base/md.amd64 1.51 via patch distrib/sets/lists/base/md.sparc64 1.46 via patch distrib/sets/lists/base/shl.mi 1.474 via patch distrib/sets/lists/comp/mi 1.1263 via patch lib/libc/hash/sha2/Makefile.inc 1.4 via patch lib/libc/hash/sha2/sha2.3 1.5 via patch lib/libc/hash/sha2/sha224hl.c 1.1 via patch lib/libc/include/namespace.h 1.138 via patch lib/libc/shlib_version patch lib/libcrypto/libc-sha256.c 1.1 via patch lib/libcrypto/libc-sha512.c 1.1 via patch lib/libcrypto/sha.inc 1.10 via patch lib/libcrypto/shlib_version patch sys/sys/sha2.h 1.3 via patch Add SHA224 implementation to libc. Make libcrypto use the SHA2 implementation of libc. Bump minor versions of libc and libcrypto. [joerg, ticket #855] dist/dhcp/client/dhclient.c 1.20 Limit the length of the address mask before we copy it. Fixes CVE-2009-0692. [tonnerre, ticket #856] dist/dhcp/server/dhcp.c 1.11 Fix behavior of dhcpd in the case where clientid and hardware ethernet definitions are mixed. Fixes a refcount assertion. [tonnerre, ticket #860] sys/netinet/tcp_input.c 1.296 Follow exactly the recommendation of draft-ietf-tcpm-tcpsecure-11.txt: Don't check gainst the last ack received, but the expected sequence number. This makes RST handling independent of delayed ACK. [is, ticket #859] sys/dev/pci/if_wm.c 1.168, 1.170 and 1.173 via patch sys/dev/pci/if_wmreg.h 1.27 1) On i82563, the em driver says that the ready bit in the MDIC register may be incorrectly set. Insert delay(200) like the em driver. Fixes PR#41014 2) Add workaround for 82543GC. We need to force speed and duplex on the MAC equal to what the PHY speed and duplex configuration is. Fixes PR#36430. 3) Fix many problems and panic on TBI's cards (includes PR#32009). [msaitoh, ticket #862] sys/kern/sys_mqueue.c 1.21 via patch mq_send/mq_receive: while permission may allow that, return EBADF if sending to read-only queue, or receiving from write-only queue. [rmind, ticket #857] sys/kern/vfs_subr.c 1.379 sys/sys/vnode.h 1.207 Put a flag bit into v_usecount to prevent vtryget during getcleanvnode. Fixes PR/41374. [rmind, ticket #863] sys/arch/amd64/amd64/trap.c 1.56, 1.57 Handle protection fault properly. [rmind, ticket #865] sys/dev/ic/ciss.c 1.15 sys/dev/ic/tcic2.c 1.31 sys/dev/isa/if_ntwoc_isa.c 1.18 sys/dev/isa/isadma.c 1.59 sys/dev/pci/if_sk.c 1.57 sys/dev/pcmcia/if_cnw.c 1.46 sys/dev/usb/ulpt.c 1.82 printf format fixes. [dholland, ticket #874] lib/libc/sys/intro.2 1.53, 1.54 Mention, along with the behavior of succeeding system calls, the normal behavior of succeeding library functions regarding errno. (That is, they may leave arbitrary nonzero values in errno.) [dholland, ticket #867] lib/libc/stdlib/strtol.3 1.25, 1.26 lib/libc/stdlib/strtoul.3 1.22, 1.23 Clarify the description of the errno behavior, based on the recent thread in tech-userlevel. [dholland, ticket #868] sys/arch/pmax/pmax/machdep.c 1.233 Fix an #ifdef botch in rev 1.214 that causes [ Kernel symbol table invalid! ] message at boot, which means no ksyms(4) support even on GENERIC kernel. [tsutsui, ticket #869] lib/libc/sys/intro.2 1.50 via patch PR/40060 - Bug Hunting -- grammar fix [dholland, ticket #872] sbin/wsconsctl/wsconsctl.8 1.26 PR/40059 - Bug Hunting -- add Xref to wscons.conf(5) [dholland, ticket #873] external/bsd/pkg_install/dist/info/perform.c pkg_install-20090724 external/bsd/pkg_install/dist/lib/license.c pkg_install-20090724 external/bsd/pkg_install/dist/lib/pkg_install.conf.5.in pkg_install-20090724 external/bsd/pkg_install/dist/lib/version.h pkg_install-20090724 Import pkg_install-20070724: - license handling: accept upper case letters. Keep license checks case-sensitive as done in the older pkgsrc logic. Document this. - pkg_info: - fix handling of non-packages, that are valid archives - invert order of pkg_info -r to better match the expectations of make update. [joerg, ticket #877] dist/bind/bin/named/update.c patch Fix CVE-2009-0696. [christos, ticket #881] sys/conf/copyright 1.6 Update copyright notice for 2009. [rmind, ticket #882] distrib/notes/common/main patch Update for 5.0.1. [snj] gnu/usr.bin/groff/tmac/mdoc.local patch sys/sys/param.h patch Welcome to 5.0.1! [snj]