New release notes: ipfw(4) rewrite.

Modified release notes: ACPI 20020404, OpenSSH 3.4p1 (rewrote 3.3p1
update and reformatted).
This commit is contained in:
bmah 2002-06-30 18:48:24 +00:00
parent ccdaff9ef1
commit 065834fe01
2 changed files with 48 additions and 10 deletions

View File

@ -913,6 +913,13 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>
<para role="historic">&man.ipfw.4; now filters correctly in the presence of ECN
bits in TCP segments. &merged;</para>
<para>&man.ipfw.4 has been re-implemented. It now uses
variable-sized representation of rules in the kernel, similar
to &man.bpf.4; instructions. Most of the externally-visible
behavior (i.e. through &man.ipfw.8;) should be unchanged.,
although &man.ipfw.8; now supports <literal>or</literal>
connectives between match fields.</para>
<para role="historic">A new ng_eiface netgraph module has been added, which
appears as an Ethernet interface but delivers its Ethernet
frames to a Netgraph hook. &merged;</para>
@ -1453,7 +1460,7 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>
(ACPI), a multi-vendor standard for configuration and power
management, has been added. This functionality has been
provided by the <application>Intel ACPI Component
Architecture</application> project, as of the ACPI CA 20020308
Architecture</application> project, as of the ACPI CA 20020404
snapshot. Some backward compatability for applications using
the older APM standard has been provided.</para>
@ -3550,10 +3557,22 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>
</para>
<para><application>OpenSSH</application> has been updated to
3.3p1. This version adds a <quote>privilege
separation</quote> feature, which uses unprivileged
processes to contain and restrict the effects of future
compromises or programming errors.</para>
3.4p1. The main changes are:
<itemizedlist>
<listitem>
<para>A <quote>privilege separation</quote> feature,
which uses unprivileged processes to contain and
restrict the effects of future compromises or
programming errors.</para>
</listitem>
<listitem>
<para>Several bugfixes, including closure of a
security hole that could lead to an integer overflow
and undesired privilege escalation.</para>
</listitem>
</itemizedlist>
</para>
<para><application>OpenSSH</application> can now authenticate
using <application>OPIE</application> passwords.</para>

View File

@ -913,6 +913,13 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>
<para role="historic">&man.ipfw.4; now filters correctly in the presence of ECN
bits in TCP segments. &merged;</para>
<para>&man.ipfw.4 has been re-implemented. It now uses
variable-sized representation of rules in the kernel, similar
to &man.bpf.4; instructions. Most of the externally-visible
behavior (i.e. through &man.ipfw.8;) should be unchanged.,
although &man.ipfw.8; now supports <literal>or</literal>
connectives between match fields.</para>
<para role="historic">A new ng_eiface netgraph module has been added, which
appears as an Ethernet interface but delivers its Ethernet
frames to a Netgraph hook. &merged;</para>
@ -1453,7 +1460,7 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>
(ACPI), a multi-vendor standard for configuration and power
management, has been added. This functionality has been
provided by the <application>Intel ACPI Component
Architecture</application> project, as of the ACPI CA 20020308
Architecture</application> project, as of the ACPI CA 20020404
snapshot. Some backward compatability for applications using
the older APM standard has been provided.</para>
@ -3550,10 +3557,22 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>
</para>
<para><application>OpenSSH</application> has been updated to
3.3p1. This version adds a <quote>privilege
separation</quote> feature, which uses unprivileged
processes to contain and restrict the effects of future
compromises or programming errors.</para>
3.4p1. The main changes are:
<itemizedlist>
<listitem>
<para>A <quote>privilege separation</quote> feature,
which uses unprivileged processes to contain and
restrict the effects of future compromises or
programming errors.</para>
</listitem>
<listitem>
<para>Several bugfixes, including closure of a
security hole that could lead to an integer overflow
and undesired privilege escalation.</para>
</listitem>
</itemizedlist>
</para>
<para><application>OpenSSH</application> can now authenticate
using <application>OPIE</application> passwords.</para>