1 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
2 <!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
5 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
11 <title>&os; &release.current; Release Notes</title>
13 <corpauthor>The &os; Project</corpauthor>
15 <pubdate>$FreeBSD$</pubdate>
19 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
22 <legalnotice id="trademarks" role="trademarks">
32 <para>The release notes for &os; &release.current; contain a summary
33 of the changes made to the &os; base system on the
34 &release.branch; development line.
35 This document lists applicable security advisories that were issued since
36 the last release, as well as significant changes to the &os;
38 Some brief remarks on upgrading are also presented.</para>
43 <title>Introduction</title>
45 <para>This document contains the release notes for &os;
47 describes recently added, changed, or deleted features of &os;.
48 It also provides some notes on upgrading
49 from previous versions of &os;.</para>
51 <![ %release.type.current [
53 <para>The &release.type; distribution to which these release notes
54 apply represents the latest point along the &release.branch; development
55 branch since &release.branch; was created. Information regarding pre-built, binary
56 &release.type; distributions along this branch
57 can be found at <ulink url="&release.url;"></ulink>.</para>
61 <![ %release.type.snapshot [
63 <para>The &release.type; distribution to which these release notes
64 apply represents a point along the &release.branch; development
65 branch between &release.prev; and the future &release.next;.
67 pre-built, binary &release.type; distributions along this branch
68 can be found at <ulink url="&release.url;"></ulink>.</para>
72 <![ %release.type.release [
74 <para>This distribution of &os; &release.current; is a
75 &release.type; distribution. It can be found at <ulink
76 url="&release.url;"></ulink> or any of its mirrors. More
77 information on obtaining this (or other) &release.type;
78 distributions of &os; can be found in the <ulink
79 url="&url.books.handbook;/mirrors.html"><quote>Obtaining
80 &os;</quote> appendix</ulink> to the <ulink
81 url="&url.books.handbook;/">&os;
82 Handbook</ulink>.</para>
86 <para>All users are encouraged to consult the release errata before
87 installing &os;. The errata document is updated with
88 <quote>late-breaking</quote> information discovered late in the
89 release cycle or after the release. Typically, it contains
90 information on known bugs, security advisories, and corrections to
91 documentation. An up-to-date copy of the errata for &os;
92 &release.current; can be found on the &os; Web site.</para>
97 <title>What's New</title>
99 <para>This section describes the most user-visible new or changed
100 features in &os; since &release.prev;.</para>
102 <para>Typical release note items document recent security
103 advisories issued after &release.prev;, new drivers or hardware
104 support, new commands or options, major bug fixes, or
105 contributed software upgrades. They may also list changes to
106 major ports/packages or release engineering practices. Clearly
107 the release notes cannot list every single change made to &os;
108 between releases; this document focuses primarily on security
109 advisories, user-visible changes, and major architectural
112 <sect2 id="security">
113 <title>Security Advisories</title>
115 <para>Problems described in the following security advisories have
116 been fixed. For more information, consult the individual
117 advisories available from
118 <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
120 <informaltable frame="none" pgwide="0">
122 <colspec colwidth="1*">
123 <colspec colwidth="1*">
124 <colspec colwidth="3*">
127 <entry>Advisory</entry>
135 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:15.ssl.asc"
136 >SA-09:15.ssl</ulink></entry>
137 <entry>3 Dec 2009</entry>
138 <entry><para>SSL protocol flaw</para></entry>
141 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:16.rtld.asc"
142 >SA-09:16.rtld</ulink></entry>
143 <entry>3 Dec 2009</entry>
144 <entry><para>Improper environment sanitization in &man.rtld.1;</para></entry>
147 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:17.freebsd-update.asc"
148 >SA-09:17.freebsd-update</ulink></entry>
149 <entry>3 Dec 2009</entry>
150 <entry><para>Inappropriate directory permissions in &man.freebsd-update.8;</para></entry>
153 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:01.bind.asc"
154 >SA-10:01.bind</ulink></entry>
155 <entry>6 Jan 2010</entry>
156 <entry><para>BIND &man.named.8; cache poisoning with DNSSEC validation</para></entry>
159 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:02.ntpd.asc"
160 >SA-10:02.ntpd</ulink></entry>
161 <entry>6 Jan 2010</entry>
162 <entry><para>ntpd mode 7 denial of service</para></entry>
165 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:03.zfs.asc"
166 >SA-10:03.zfs</ulink></entry>
167 <entry>6 Jan 2010</entry>
168 <entry><para>ZFS ZIL playback with insecure permissions</para></entry>
171 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:04.jail.asc"
172 >SA-10:04.jail</ulink></entry>
173 <entry>27 May 2010</entry>
174 <entry><para>Insufficient environment sanitization in &man.jail.8;</para></entry>
177 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:05.opie.asc"
178 >SA-10:05.opie</ulink></entry>
179 <entry>27 May 2010</entry>
180 <entry><para>OPIE off-by-one stack overflow</para></entry>
183 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:06.nfsclient.asc"
184 >SA-10:06.nfsclient</ulink></entry>
185 <entry>27 May 2010</entry>
186 <entry><para>Unvalidated input in nfsclient</para></entry>
189 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:07.mbuf.asc"
190 >SA-10:07.mbuf</ulink></entry>
191 <entry>13 July 2010</entry>
192 <entry><para>Lost mbuf flag resulting in data corruption</para></entry>
200 <title>Kernel Changes</title>
204 <para>The <command>show mount</command> command in the
205 &man.ddb.4; debugger now prints active string mount
208 <para>The default &man.devfs.5; rules now expose the upper 256
209 of &man.pty.4; device nodes.</para>
211 <para>A new kernel thread called <quote>deadlock
212 resolver</quote> has been added. This can be used to detect
213 possible deadlock by using information of thread state and
214 heuristical analysis. This is not enabled by default. To
215 enable this, an option <option>option DEADLKRES</option> in
216 kernel configuration file and recompilation of the
219 <para>Two commands to enable/disable read-ahead has been added
220 to &man.fcntl.2; system call:</para>
224 <para><varname>F_READAHEAD</varname> specifies the amount
225 for sequential access. The amount is specified in bytes and is
226 rounded up to nearest block size.</para>
230 <para><varname>F_RDAHEAD</varname> is a Darwin compatible
231 version that use 128KB as the sequential access
236 <para>Note that the read-ahead amount is also constrainted by
237 sysctl variable <varname>vfs.read_max</varname>, which may
238 need to be raised in order to better utilize this
241 <para>The &man.lindev.4; driver has been added. This is for
242 supporting various linux-specific pseudo devices such as
243 <filename>/dev/full</filename>. Note that this is not
244 included in <filename>GENERIC</filename> kernel.</para>
246 <para>A POSIX function pselect(3) has been reimplemented as a
247 system call &man.pselect.2; to eliminate race
250 <para>A kernel option <option>option
251 INCLUDE_CONFIG_FILE</option> has been added to
252 <filename>GENERIC</filename> kernel by default.</para>
254 <para>New SDT (Statically Defined Tracing) probes such as ones
255 for opencrypto have been added to &os; &man.dtrace.1;
258 <para arch="powerpc">&os; now supports SMP in PowerPC G5
259 systems. Note that SMP support is disabled by default in
260 <filename>GENERIC</filename> kernel.</para>
262 <para>A bug in the &man.tty.4; driver that
263 <varname>TIOCSTI</varname> did not work has been fixed. This
264 affects applications like &man.mail.1;.</para>
266 <para>A bug in the &man.sched.4bsd.4; scheduler that the
267 timestamp for the sleeping operation is not cleaned up on the
268 wakeup has been fixed.</para>
270 <para>A bug in the &man.sched.ule.4; scheduler which prevented
271 process usage (<literal>%CPU</literal>) from working correctly
272 has been fixed.</para>
274 <para>The VIMAGE &man.jail.8; virtualization container can work
275 with &man.sctp.4; now. Note that the VIMAGE is not enabled by
276 default in <filename>GENERIC</filename> kernel.</para>
278 <para>The VIMAGE &man.jail.8; now supports
279 <varname>ip4.saddrsel</varname>,
280 <varname>ip4.nosaddrsel</varname>,
281 <varname>ip6.saddrsel</varname>, and
282 <varname>ip6.nosaddrsel</varname> to control whether to use
283 source address selection or the primary jail address for
284 unbound outgoing connections. The default value is to use
285 source address selection.</para>
288 <title>Boot Loader Changes</title>
290 <para arch="pc98">The <filename>boot2</filename> bootcode has
291 been reimplemented based on the &arch.i386 counterpart. It
292 now supports ELF binary, UFS2 file system, and larger number
295 <para arch="ia64">The EFI <filename>loader</filename> program
296 now supports a command-line option <option>-dev
297 <replaceable>currdev</replaceable></option> to specify the
298 default value of <varname>currdev</varname>. This option
299 can be set by the EFI boot manager.</para>
301 <para>A kernel environment variable
302 <varname>vfs.root.mountfrom</varname> now supports
303 multiple elements for root file system in a space-separated
304 list. Each list element will be tried in order and the
305 first available one will be mounted.</para>
307 <para arch="i386">The algorithm the &man.loader.8; uses has
308 been improved to choose a memory range for its heap when
309 using a range above 1MB. This fixes a symptom that the
310 loader fails to load a kernel.</para>
312 <para>The <filename>zfsloader</filename> has been added. This
313 is a separate &man.zfs.8; enabled loader. Note that a ZFS
314 bootcode (<filename>zfsboot</filename> or
315 <filename>gptzfsboot</filename>) need to be installed
316 to use this new loader.</para>
318 <para>The <filename>zfsboot</filename> and
319 <filename>gptzfsboot</filename> bootcode now fully support
320 64-bit LBAs for disk addresses. This allows booting from
321 large volumes.</para>
327 <title>Hardware Support</title>
329 <para arch="powerpc">The <filename>adb</filename> driver now
330 supports for interpreting taps on ADB touchpads as a button
333 <para>The amdsbwd(4) driver for AMD SB600/SB7xx watchdog
334 timer has been added.</para>
336 <para arch="powerpc">The <filename>apt</filename> driver for
337 the Apple Touchpad present on MacBook has been added to
338 <filename>GENERIC</filename> kernel.</para>
340 <para arch="sparc64">The epic(4) driver for the front panel
341 LEDs in Sun Fire V215/V245 has been added.</para>
343 <para>A bug in the &man.ipmi.4; driver that caused incorrect
344 watchdog timer setting has been fixed.</para>
346 <para arch="sparc64">The &man.pci.4; driver now supports a
347 JBus to PCIe bridge (called as <quote>Fire</quote>) found in
348 the Sun Fire V215/V245 and Sun Ultra 25/45 machines.</para>
350 <para>The &man.uart.4; driver now supports NetMos NM9865
351 family of Serial/Parallel ports.</para>
353 <para>A bug in the &man.uftdi.4; driver that can allow to send
354 a zero length packet has been fixed.</para>
357 <title>Multimedia Support</title>
361 <para>The &man.agp.4; driver has been improved. It includes
362 a fix for aparture size calculation issue which prevents
363 some graphics cards from working.</para>
365 <para>The &man.snd.hda.4; driver now allows AD1981HD codecs
366 to use playback mixer.</para>
368 <para>The &man.snd.hda.4; driver now supports multichannel
369 (4.0 and 7.1) playback support. The 5.1 mode support is
370 disabled now due to unidentified synchonization problem.
371 Devices which supports the 7.1 mode can handle the 5.1
372 operation via software upmix done by &man.sound.4;. Note
373 that stereo stream is no longer duplicated to all
378 <title>Network Interface Support</title>
382 <para>The &man.bge.4; driver now supports BCM5761, BCM5784, and
383 BCM57780-based devices.</para>
385 <para>The &man.bge.4; driver now supports TSO (TCP
386 segmentation offloading) on BCM5755 or newer
389 <para>A long-standing stability issue of the &man.bce.4; and
390 &man.bge.4; driver due to a hardware bug in its DMA
391 handling when the system has more than 4GB memory has been
392 fixed. This applies to BCM5714, BCM5715, and BCM5708
395 <para>A bug in the &man.bge.4; driver that incorrectly
396 enabled TSO on BCM5754/BCM5754M controllers has been
399 <para>The &man.cxgb.4; driver has been updated to T3
400 firmware 7.8.0.</para>
402 <para>The et(4) driver now supports MSI and Tx checksum
403 offloading of IPv4, TCP, and UDP.</para>
405 <para>The &man.iwn.4; driver has been updated. This
406 includes various improvements and bugfixes regarding RF
407 switch, bgscan support, suspend/resume support, locking
408 issue, and more. The line <literal>device iwnfw</literal>
409 in the kernel configuration file will include all firmware
412 <para>The &man.msk.4; driver now supports Marvell Yukon
413 88E8042, 88E8057 devices and DGE-560SX (Yukon XL).</para>
415 <para>The &man.mxge.4; driver has been updated to firmware
418 <para>The &man.re.4; driver no longer performs an
419 unnecessary interface up/down during getting IP address
422 <para>The &man.ste.4; driver has been improved:</para>
426 <para>The DMA handling has been improved.</para>
430 <para>Wake-On-LAN is now supported.</para>
434 <para>Unnecessary reinitialization of the
435 interfaces has been eliminated.</para>
439 <para>RX interrupt moderation with single shot timer has
440 been implemented. The default parameter of the
441 moderation time is 150us and this can be changed via
443 <varname>dev.ste.<replaceable>0</replaceable>.int_rx_mod</varname>.
444 Setting it 0 effectively disables the RX interrupt
445 moderation feature.</para>
449 <para>The tsec(4) driver now supports &man.altq.4;.</para>
451 <para>The &man.u3g.4; driver has been improved and now works
452 with ZTE MF636, Option Gi0322, Globetrotter GE40x, and
453 Novatel MC950D.</para>
455 <para>The &man.uhso.4; driver for Option HSDPA USB devices
456 has been added. A new &man.uhsoctl.1; userland utility
457 can be used to initiate and close the WAN
460 <para>The &man.vge.4; driver has been improved:</para>
464 <para>The DMA handling has been improved.</para>
468 <para>Wake-On-LAN is now supported.</para>
472 <para>Unnecessary reinitialization of the
473 interfaces has been eliminated.</para>
477 <para>Hardware MAC statistics are now supported via sysctl variables
478 <varname>dev.vge.<replaceable>0</replaceable>.stats</varname>.</para>
482 <para>Interrupt moderation with single shot timer and
483 scheme supported by VT61xx controllers have been
484 implemented. The default parameters are tuned to
485 generate interrupt less than 8k per second, and these
486 parameters can be changed via sysctl variables
487 <varname>dev.vge.<replaceable>0</replaceable>.int_holdoff</varname>,
488 <varname>dev.vge.<replaceable>0</replaceable>.rx_coal_pkt</varname>,
490 <varname>dev.vge.<replaceable>0</replaceable>.tx_coal_pkt</varname>.
491 Note that an up/down cycle is needed to make a
492 parameter change take effect.</para>
496 <para>The &man.urtw.4; driver has been improved and now
497 supports RTL8187B-based devices.</para>
501 <sect3 id="net-proto">
502 <title>Network Protocols</title>
506 <para>IPcomp (IP Payload Compression Protocol defined in RFC
507 2393) protocol is now enabled by default. Note that this
508 requires <option>option IPSEC</option> in the kernel
509 configuration file and <filename>GENERIC</filename> kernel
510 does not include it. This functionality can be disabled by
511 using a sysctl variable
512 <varname>net.inet.ipcomp.ipcomp_enable</varname>.</para>
514 <para>A bug in the &man.ipfw.4; subsystem that
515 <command>keep-alive</command> rule did not work for IPv6
516 packets has been fixed.</para>
518 <para>The &man.pf.4; subsystem now supports
519 <literal>sloppy</literal> keyword to enable a TCP state
520 machine for tracking TCP connections with no sequence number
521 check. This feature is in the latest version of
522 <application>pf</application>.</para>
524 <para>A bug that proxy ARP entries cannot be added over
525 point-to-point link types has been fixed.</para>
527 <para>The &man.vlan.4; pseudo interface has been added to
528 <filename>GENERIC</filename> kernel.</para>
530 <para>The &man.vlan.4; pseudo interface for IEEE 802.1Q VLAN
531 now ignore renaming of the parent's interface name. The
532 configured VLAN interfaces continue to work with the new
533 name while previously the configurations were removed as the
534 renaming happens.</para>
538 <title>Disks and Storage</title>
542 <para>The &man.ada.4; driver now supports
543 <varname>BIO_DELETE</varname>. For SSDs this uses
544 <literal>TRIM</literal> feature of <literal>DATA SET
545 MANAGEMENT</literal> command, as defined by ACS-2
546 specification working draft. For Compact Flash use
547 <literal>CFA ERASE</literal> command, same as &man.ad.4;
548 does. This change realizes restoring write speed of SSDs
549 which supports <literal>TRIM</literal> command by doing
551 <replaceable>/dev/ada1</replaceable></command>, for
554 <para>A bug in the &man.fdc.4; driver which prevents the
555 kernel module from unloading has been fixed.</para>
557 <para>&man.geom.8; providers including complex ones such as
558 &man.gconcat.8;, &man.gmirror.8;, &man.graid3.8,
559 &man.gstripe.8;, and some hardware RAID device drivers like
560 &man.twa.4; now inform its optimal access block size to the
563 <para>The &man.gmirror.8; utility now supports
564 <command>configure <option>-p</option>
565 <replaceable>priority</replaceable></command> command to
566 change the providers priority.</para>
568 <para>The balancing mode algorithm <literal>load</literal>
569 used in the &man.gmirror.8; utility has been changed and it
570 is now the default one instead of
571 <literal>split</literal>:</para>
575 <para>Instead of measuring last request execution time for
576 each drive and choosing one with smallest time, use
577 averaged number of requests, running on each drive. This
578 information is more accurate and timely. It allows to
579 distribute load between drives in more even and
580 predictable way.</para>
584 <para>For each drive track offset of the last submitted
585 request. If new request offset matches previous one or
586 close for some drive, prefer that drive. It allows to
587 significantly speedup simultaneous sequential reads.</para>
591 <para>A bug in the &man.graid3.8; which causes a panic when a
592 large request arrives has been fixed. This happens when
593 <varname>MAXPHYS</varname> is set as larger than 128k.</para>
595 <para>The default block size of &man.gstripe.8; has been
596 increased from 4k to 64k.</para>
598 <para>A new kernel option <option>option ATA_CAM</option> has
599 been added. This turns &man.ata.4; controller drivers into
600 &man.cam.4; interface modules. When enabled, this option
601 deprecates all &man.ata.4; peripheral drivers and interfaces
602 such as <filename>ad</filename> and
603 <filename>acd</filename>, and allows &man.cam.4; drivers
604 <filename>ada</filename>, and <filename>cd</filename> and
605 interfaces to be natively used instead. Note that this is
606 not enabled by default in the <filename>GENERIC</filename>
609 <para>A bug in the &man.ata.4; driver which can lead to
610 interrupt storms and command timeouts has been fixed.</para>
612 <para>USB mass storage device support in the &man.ata.4;
613 driver has been removed. Note that this was not used in
614 <filename>GENERIC</filename> kernel and the &man.umass.4;
615 driver supports such devices for a long time.</para>
617 <para>The &man.ahd.4; driver now supports three separated
618 error counters for correctable, uncorrectable, and fatal, in
619 &man.sysctl.8; MIB.</para>
621 <para>SATA and PATA support of &os; &man.cam.3; SCSI framework
622 has been improved and it now recognizes more detail device
623 capabilities. For example, the &man.ahci.4; and
624 &man.siis.4; driver now reports maximum tag number to the
625 framework to optimize the NCQ handling.</para>
629 <title>File Systems</title>
631 <para>&os; NFS subsystem now supports a timeout for the
632 negative name cache entries in the client. This avoids a
633 bogus negative name cache entry from persisting forever when
634 another client creates an entry with the same name within
635 the same NFS server time of day clock tick. The mount
636 option <option>negnametimeo</option> can be used to override
637 the default timeout interval (60 seconds) on a
638 per-mount-point basis. a Setting
639 <option>negnametimeo</option> to <literal>0</literal>
640 disables negative name caching for the mount point.</para>
642 <para>&os; &man.VFS.9; subsystem now supports a new sysctl
643 variable <varname>vfs.vlru_allow_cache_src</varname>. This
644 allow <filename>vnlru</filename> kernel thread to reclaim
645 of the directory vnodes that are source of the namecache
646 records. This is not enabled by default because for
647 typical workload it would make namecache unusable, but
648 large nested directory tree easily puts any process that
649 accesses file system into one second wait for
650 <filename>vnlru</filename> kernel thread.</para>
652 <para>The ZFS file system now supports NFSv4 ACL.</para>
654 <para>The zpool version of ZFS subsystem has been updated to
655 version 14. It is now possible to use zpools created on
656 OpenSolaris 2009.06.</para>
658 <para>Bugs in the ZFS file system that <command>zfs snapshot
659 -r</command> fails when the file system is busy, and
660 <command>zfs receive</command> can fail with an E2BIG
661 error, have been fixed.</para>
665 <sect2 id="userland">
666 <title>Userland Changes</title>
668 <para>A bug in &man.bsnmpd.1; program which leads to high CPU
669 consumption on a loaded system has been fixed.</para>
671 <para>A bug in &man.bzip2.1; utility which prevented it from
672 working with multi-session bzip2 files has been fixed.</para>
674 <para>The &man.camcontrol.8; utility now supports a
675 <option>-v</option> flag in the subcommand
676 <command>identify</command>. It displays whole of identify
679 <para>The &man.cp.1;, &man.find.1;, &man.getfacl.1;, &man.mv.1;,
680 and &man.setfacl.1; utilities now support NFSv4 ACL.</para>
682 <para>The &man.diskinfo.8; now supports reporting disk stripe
683 size and offset. This helps users to make file systems
684 optimally aligned and tuned for better performance.</para>
686 <para>A bug in &man.ee.1; utility which can crash the
687 program has been fixed.</para>
689 <para>A bug in &man.factor.6; utility which leads to performance
690 degradation has been fixed.</para>
692 <para>The &man.fetch.1; utility now supports HTTP digest
693 authentication.</para>
695 <para>A bug in &man.fetch.1; utility which incorrectly evaluates
696 a variable <varname>NO_PROXY</varname> has been fixed.</para>
698 <para>The &man.gcore.1; utility now recognizes threads in the
699 process and handles dumps on a thread scope.</para>
701 <para>The &man.ifconfig.8; utility now supports manipulation of
702 NDP flags handled by &man.ndp.8;.</para>
704 <para>The &man.netstat.1; utility now supports ARP information
705 in statistics shown by the <option>-s</option> flag.</para>
707 <para>The &man.newsyslog.8; utility does not consider
708 non-existence of a PID file as an error now. A new flag
709 <option>-P</option> reverts it to the old behavior.</para>
711 <para>The &man.ntpd.8; program no longer tries to bind to an
712 IPv6 anycast address.</para>
714 <para>The &man.pwait.1; utility has been added. This is similar
715 to the Solaris utility of the same name, and waits for any
716 process to terminate.</para>
718 <para>The &man.scandir.3; and &man.alphasort.3; functions has
719 been updated to conform POSIX.1-2008 (IEEE Std
722 <para>The &man.sighold.2;, &man.sigignore.2;, &man.sigpause.2;,
723 &man.sigrelse.2;, and &man.sigset.2; functions have been
724 implemented for making porting software from System V-like
725 systems easy. Note that these are defined in POSIX.1-2008 XSI
726 (IEEE Std 1003.1-2008, X/Open System Interface) but now
727 obsolete. Since &os; already has another
728 <function>sigpause(3)</function> function derived from 4.2BSD,
729 a version of the XSI interface is implemented as
730 <function>xsi_sigpause()</function>.</para>
732 <para>The &man.sshd.8;, &man.cron.8;, &man.inetd.8;, and
733 &man.syslogd.8; programs now set
734 <literal>MADV_PROTECT</literal> memory flag onto themselves to
735 protect from being terminated by the &os; kernel when
736 available memory becomes short. This kind of process
737 termination happens in a swap-intensive workload.</para>
739 <para>The &man.traceroute.8; utility now performs source address
740 selection correctly even in a VIMAGE &man.jail.8;
743 <para>The &man.unifdef.1; utility has been updated to version
744 1.188. It now supports a new <option>-B</option> flag to
745 compress blank lines around a deleted section to prevent blank
746 lines around paragraphs of code from getting doubled.</para>
748 <para>The &man.usbconfig.8; utility now supports a new flag
749 <option>-d</option> to specify the &man.ugen.4; device, and
750 <command>add_quirk</command> and
751 <command>remove_quirk</command> commands.</para>
753 <para>The &man.whois.1; utility now supports searching IPv6
754 addresses just like IPv4 without specifying the ARIN server.
755 A <option>-d</option> flag has been removed becuase it is now
758 <para>A new errno <varname>ENOTCAPABLE</varname> has been added.
759 This is to be returned when a process requests an operation on
760 a file descriptor that is not authorized by the descriptor's
761 capability flags.</para>
763 <para>The &man.zfs.8; command now supports a new flag
764 <option>receive -u</option> to specify that the received ZFS
765 should not be mounted automatically.</para>
767 <sect3 id="rc-scripts">
768 <title><filename>/etc/rc.d</filename> Scripts</title>
772 <para>The &man.service.8; command has been added. This
773 provides an easy command-line interface to the
774 <filename>rc.d</filename> system.</para>
776 <para>A new <filename>rc.d</filename> script
777 <filename>static_arp</filename> has been added. This allows
778 the administrator to statically define mappings of MAC
779 address to IPv4 at boot time. See also the &man.rc.conf.5;
780 manual page for more details.</para>
782 <para>The &man.rc.conf.5; now supports configuring
783 &man.vlan.4; interfaces as child devices similar to
784 &man.wlan.4; interfaces. &man.vlan.4; interfaces are listed
786 <varname>vlans_<replaceable>IF</replaceable></varname>
787 variable. If a VLAN interface is a number, then that number
788 is treated as the VLAN tag for the interface and the
789 interface will be named
790 <varname><replaceable>IF</replaceable>.<replaceable>tag</replaceable></varname>.
791 Otherwise, the VLAN tag must be provided via a VLAN
793 <varname>create_args_<replaceable>IF</replaceable></varname>
799 <title>Contributed Software</title>
803 <para>The <application>ACPI-CA</application> has been updated to
806 <para>The <application>awk</application> has been updated from
807 the 23 October 2007 release to the 26 November 2009 release.</para>
809 <para><application>ISC BIND</application> has been updated to
810 version 9.6.1-P2.</para>
812 <para><application>netcat</application> has been updated to
815 <para><application>sendmail</application> has been updated to
816 version 8.14.4.</para>
818 <para>The timezone database has been updated to the
819 <application>tzdata2010b</application> release.</para>
822 <para role="8.0">The <application>ee</application> (easy editor) has
823 been updated to 1.5.0. This version is now licensed under a
824 2-clause BSD license, instead of the Artistic license.</para>
826 <para role="8.0">The <application>hostapd</application> has been updated to
827 version 0.6.8 + radius ACL support.</para>
829 <para role="8.0">The <application>less</application> has been updated to
832 <para role="8.0">The <filename>libarchive</filename> library has
833 been updated to version 2.7.0.</para>
835 <para role="8.0">The <filename>libexpat</filename> library has
836 been updated from version 1.95.5 to version 2.0.1.</para>
838 <para role="8.0">The <filename>ncurses</filename> library has been updated
839 to version 5.7-20081102.</para>
841 <para role="8.0"><application>OpenBSM</application> 1.1 from
842 Trusted BSD Project has been merged.</para>
844 <para role="8.0"><application>TCPDUMP</application> has been
845 updated to 4.0.0.</para>
847 <para role="8.0"><application>wpa_supplicant</application> has been updated to
850 <para role="8.0">The <application>ZFS</application> file system
851 has been updated from version 6 to version 13.</para>
853 <para role="7.1">The <application>am-utils</application> has been updated from
854 version 6.0.10p1 to version 6.1.5.</para>
856 <para role="7.1">The <application>bzip2</application> has been updated from
857 version 1.0.4 to version 1.0.5.</para>
859 <para role="7.1">The <application>CVS</application> has been updated to
860 version 1.11.22.1.</para>
862 <para role="7.1"><application>NTP</application> has been updated to version
865 <para role="7.1"><application>OpenPAM</application> has been updated from the
866 Figwort release to the Hydrangea release.</para>
868 <para role="7.1"><application>OpenSSH</application> has been updated from
869 version 4.5p1 to version 5.1p1.</para>
871 <para role="7.1">The &man.resolver.3; library has been updated to
872 one of <application>ISC BIND</application> 9.4.3.</para>
878 <title>Ports/Packages Collection Infrastructure</title>
884 <title>Release Engineering and Integration</title>
886 <para>The filename of ISO images for &os; releases now has a
887 <filename>FreeBSD-</filename> at the beginning.</para>
889 <para>The supported version of
890 the <application>GNOME</application> desktop environment
891 (<filename role="package">x11/gnome2</filename>) has been
892 updated to 2.28.2.</para>
894 <para>The supported version of
895 the <application>KDE</application> desktop environment
896 (<filename role="package">x11/kde4</filename>) has been
897 updated to 4.4.3.</para>
902 <title>Upgrading from previous releases of &os;</title>
904 <para arch="amd64,i386">Upgrades between RELEASE versions (and
905 snapshots of the various security branches) are supported using
906 the &man.freebsd-update.8; utility. The binary upgrade
907 procedure will update unmodified userland utilities, as well as
908 unmodified GENERIC kernel distributed as a part of an
909 official &os; release. The &man.freebsd-update.8; utility
910 requires that the host being upgraded has Internet
913 <para>An older form of binary upgrade is supported through the
914 <command>Upgrade</command> option from the main
915 &man.sysinstall.8; menu on CDROM distribution media. This type
916 of binary upgrade may be useful on non-&arch.i386;,
917 non-&arch.amd64; machines or on systems with no Internet
920 <para>Source-based upgrades (those based on recompiling the &os;
921 base system from source code) from previous versions are
922 supported, according to the instructions in
923 <filename>/usr/src/UPDATING</filename>.</para>
926 <para>Upgrading &os; should, of course, only be attempted after
927 backing up <emphasis>all</emphasis> data and configuration