| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-04-22 | Remove KERBEROS5 from the Makefiles (except ssh for now, where it is | Reyk Floeter | |
| already manually disabled). ok deraadt@ | |||
| 2014-04-15 | Remove workarounds for ld reaching MAXDSIZ on vax, now that MAXDSIZ is | Miod Vallat | |
| more comfortable. Reminded by brad@ | |||
| 2014-04-13 | Clean up last bits of TCP_WRAPPERS and ELF_TOOLCHAIN. | Brad Smith | |
| ok miod@ | |||
| 2014-04-12 | Bring back the fix in r1.16 of the gcc 2.95 version of protector.c - the code | Miod Vallat | |
| was present, but commented. This fixes code generation of usr.sbin/dhcpd/memory.c!new_address_range() on vax. | |||
| 2014-04-10 | Revive the fix for Perl RT bug 116441 (null dereference affecting | Matthias Kilian | |
| mod_perl). ok sthen@ millert@ | |||
| 2014-04-08 | Build libgcc without SSP. With the new SSP-strong heuristics, | Martynas Venckus | |
| _moddi3.o gets protected and landisk bootblocks got broken. Fundamentally this causes a link dependency on libc that we'll not always be able to satisfy. Spotted by deraadt@. OK matthew@, kettenis@, guenther@. | |||
| 2014-04-06 | Add the missing addressing modes for the fucomip instruction. Surprisingly, | Miod Vallat | |
| fucompi was correct. Unbreaks www/webkit on i386. ok sthen@ | |||
| 2014-04-03 | Put back 1.11, lost during the last update; unbreaks NOPIC builds. | Miod Vallat | |
| ok deraadt@ | |||
| 2014-03-30 | Change the heuristics of -fstack-protector to select to protect | Martynas Venckus | |
| additional functions --- those that have local array definitions, or have references to local frame addresses. Note that upstream uses -fstack-protector-strong and misleads people: -fstack-protector, -fstack-protector-all, -fstack-protector-strong can you tell which one is safe? Luckily, OpenBSD has its own compiler and is able to do the right thing for security: this is enabled by default, and called -fstack-protector. OK deraadt@, miod@. Tested for 3 months. | |||
| 2014-03-27 | remove gets reference. ok espie | Ted Unangst | |
| 2014-03-26 | Make perl build in a non-writable src tree | afresh1 | |
| OK millert@ deraadt@ | |||
| 2014-03-24 | Merge perl-5.18.2 plus local patches, remove old files | afresh1 | |
| OK espie@ sthen@ deraadt@ | |||
| 2014-03-24 | Import perl-5.18.2 | afresh1 | |
| OK espie@ sthen@ deraadt@ | |||
| 2010-09-24 | Perl 5.12.2 from CPAN | Todd C. Miller | |
| 2006-03-28 | perl 5.8.8 import | Todd C. Miller | |
| 2003-12-03 | perl 5.8.2 from CPAN | Todd C. Miller | |
| 2002-10-27 | stock perl 5.8.0 from CPAN | Todd C. Miller | |
| 2001-05-24 | stock perl 5.6.1 | Todd C. Miller | |
| 2000-04-06 | virgin perl 5.6.0 | Todd C. Miller | |
| 2000-04-06 | virgin perl 5.6.0 | Todd C. Miller | |
| 1999-04-29 | perl5.005_03 | Todd C. Miller | |
| 1999-04-29 | perl5.005_03 | Todd C. Miller | |
| 1999-04-29 | perl5.005_03 | Todd C. Miller | |
| 1996-08-19 | Import of Perl 5.003 into the tree. Makefile.bsd-wrapper and | Jason Downs | |
| config.sh.OpenBSD are the only local changes. | |||
| 2014-03-19 | use smtpd man pages by default. ok deraadt jmc | Ted Unangst | |
| sendmail.8 note by jmc | |||
| 2014-03-13 | Add a few more instruction patterns that are apparently needed by gcc 4.8. | Mark Kettenis | |
| Taken from binutils 2.17. ok guenther@ | |||
| 2014-03-12 | no more rmail in base; ok millert | Jason McIntyre | |
| 2014-02-17 | Having CpuSMAP and Cpu64 overlap isn't a terribly good idea. | Mark Kettenis | |
| Makes it possible to build an i386 kernel with binutils-2.17 again. ok miod@ | |||
| 2014-02-15 | install man perlinterp so you can learn all about the interpreter | Ted Unangst | |
| 2014-02-09 | Add support for i386 XSAVE family of instructions: xgetbv, xsetbv, xsave, | Philip Guenther | |
| xrstor, and xsaveopt. based on kettenis's original that did xgetbv and xsetbv ok kettenis@ | |||
| 2014-02-07 | Update to sendmail 8.14.8. This touches a lot of files due to the | Todd C. Miller | |
| Sendmail, Inc -> Proofpoint name change. See RELEASE_NOTES for actual changes. | |||
| 2014-01-24 | Catch SIGPIPE to clean up temp files | Philip Guenther | |
| ok deraadt@ | |||
| 2014-01-20 | Add strong stack protector mode for the original propolice in GCC3. | Martynas Venckus | |
| This includes additional functions to be protected --- those that have local array definitions, or have references to local frame addresses. Miod verified that this works on real hardware, and not just on the cross-compiled monster I tested this on. | |||
| 2014-01-18 | Fix the NAME section: | Ingo Schwarze | |
| One .Nm macro per name, and pass punctuation a as seperate argument. Found with mandocdb(8). OK jmc@. | |||
| 2014-01-14 | Add wcstring attribute support for Wbounded. To be used for wchar.h | Martynas Venckus | |
| which operates on element counts rather than buffer sizes. I'll start annotating headers in a few weeks, after the hackathon. OK millert@. | |||
| 2014-01-14 | Add a new option "-fstack-protector-strong" for GCC4. This includes | Martynas Venckus | |
| additional functions to be protected --- those that have local array definitions, or have references to local frame addresses. Note 1: Han explicitly licensed this under GPLv2 for us. Note 2: Do *not* use this anywhere in "src" Makefiles, as the other GCC doesn't have this option yet (but I'm working on it). | |||
| 2014-01-13 | Enable Wbounded by default. Passing bound bigger than the buffer | Martynas Venckus | |
| size almost always has security implications. I think this quote from Theo summarizes the situation best: Which is why it is important to have at least one unforgiving platform in the ecosystem which properly labels shit shit. That's OpenBSD. If anyone can't handle that, they can go to platforms which hide the reality. | |||
| 2013-12-30 | Recognize PT_OPENBSD_RANDOMIZE in linker scripts. | Mark Kettenis | |
| ok miod@, matthew@ | |||
| 2013-12-28 | Prevent GCC from inlining these unsafe builtins: sprintf, vsprintf, | Martynas Venckus | |
| stpcpy, strcat, strcpy. Also don't simplify some safe builtins into unsafe ones, otherwise we'll hit the linker with the bogus warning. OK miod@, millert@. | |||
| 2013-12-17 | Backport the code from binutils 2.16 that makes weak undefined references | Mark Kettenis | |
| work on alpha. tested by naddy@, deraadt@ | |||
| 2013-12-14 | When writing a history entry, don't downcast time() return value to | Jeremie Courreges-Anglas | |
| (long). Use (long long) and print it with %ll08x instead. ok zhuk@ | |||
| 2013-12-11 | Revert the previous commit; this is not the right approach. | Mark Kettenis | |
| 2013-12-11 | Stop the madness! Prevent GCC from inlining these unsafe functions: | Martynas Venckus | |
| sprintf, vsprintf, stpcpy, strcat, strcpy. We're hitting the linker again, therefore the warning will show up now. | |||
| 2013-12-03 | Backport from gcc4 (mostly): make collect2 preserve ld's stdout and | Philip Guenther | |
| stderr separately so that redirections of gcc's stdout/stderr act as expected. ok and testing miod@ | |||
| 2013-12-03 | Kill usage of timeb.h for upcoming removal of libcompat. OK deraadt@ | Todd C. Miller | |
| 1997-06-28 | Latest version from Cyclic Software | Thorsten Lockert | |
| 1996-10-18 | New release from Cyclic Software | Thorsten Lockert | |
| 1996-01-30 | Missed files from 1.7.1 import | Thorsten Lockert | |
| 1995-12-19 | raw import of cvs-1.6 | Theo de Raadt | |
| 2013-12-02 | Do not add -lcompat in configure. | Christian Weisgerber | |
| libcompat isn't needed; configure checks for the presence of cuserid() and ftime() and the build copes well with the absence of either. ftime() would only ever be used if gettimeofday() wasn't available, and cuserid() is replaced by getlogin() but that code branch is not reached anyway. ok sthen@ jca@ deraadt@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |