1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
3 "../../../share/xml/freebsd50.dtd" [
4 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
7 <article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
9 <title>&os; &release.current; Release Notes</title>
11 <author><orgname>The &os; Project</orgname></author>
13 <pubdate>$FreeBSD$</pubdate>
17 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation
21 <legalnotice xml:id="trademarks" role="trademarks">
31 <para>The release notes for &os; &release.current; contain
32 a summary of the changes made to the &os; base system on the
33 &release.branch; development line. This document lists
34 applicable security advisories that were issued since the last
35 release, as well as significant changes to the &os; kernel and
36 userland. Some brief remarks on upgrading are also
41 <sect1 xml:id="intro">
42 <title>Introduction</title>
44 <para>This document contains the release notes for &os;
45 &release.current;. It describes recently added, changed, or
46 deleted features of &os;. It also provides some notes on
47 upgrading from previous versions of &os;.</para>
49 <para>This distribution of &os; &release.current; is
50 a &release.type; distribution. It can be found at <uri
51 xlink:href="&release.url;">&release.url;</uri> or any of its
52 mirrors. More information on obtaining this (or other)
53 &release.type; distributions of &os; can be found in the <link
54 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining
55 &os;</quote> appendix</link> to the <link
56 xlink:href="&url.books.handbook;/">&os;
57 Handbook</link>.</para>
59 <para>All users are encouraged to consult the release errata
60 before installing &os;. The errata document is updated with
61 <quote>late-breaking</quote> information discovered late in the
62 release cycle or after the release. Typically, it contains
63 information on known bugs, security advisories, and corrections
64 to documentation. An up-to-date copy of the errata for &os;
65 &release.current; can be found on the &os; Web site.</para>
69 <title>What's New</title>
71 <para>This section describes the most user-visible new or changed
72 features in &os; since &release.prev;.</para>
74 <para>Typical release note items document recent security
75 advisories issued after &release.prev;, new drivers or hardware
76 support, new commands or options, major bug fixes, or
77 contributed software upgrades. They may also list changes to
78 major ports/packages or release engineering practices. Clearly
79 the release notes cannot list every single change made to &os;
80 between releases; this document focuses primarily on security
81 advisories, user-visible changes, and major architectural
84 <sect2 xml:id="security">
85 <title>Security Advisories</title>
87 <para>Problems described in the following security advisories
88 have been fixed. For more information, consult the individual
89 advisories available from <uri
90 xlink:href="http://security.FreeBSD.org/">http://security.FreeBSD.org/</uri>.</para>
92 <informaltable frame="none" pgwide="1">
94 <colspec colwidth="1*"/>
95 <colspec colwidth="1*"/>
96 <colspec colwidth="3*"/>
99 <entry>Advisory</entry>
108 xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:01.bsnmpd.asc">FreeBSD-SA-14:01.bsnmpd</link></entry>
109 <entry>1 January 2014</entry>
110 <entry><para>Fix &man.bsnmpd.1; remote denial of service
111 vulnerability</para></entry>
116 xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:02.ntpd.asc">FreeBSD-SA-14:02.ntpd</link></entry>
117 <entry>1 January 2014</entry>
118 <entry><para>Disable <quote>monitor</quote> feature in
119 &man.ntpd.8; by default</para></entry>
124 xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:04.bind.asc">FreeBSD-SA-14:04.bind</link></entry>
125 <entry>1 January 2014</entry>
126 <entry><para>Remote denial of service
127 vulnerability</para></entry>
132 xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:05.nfsserver.asc">FreeBSD-SA-14:05.nfsserver</link></entry>
133 <entry>8 April 2014</entry>
134 <entry><para>Deadlock in the NFS server</para></entry>
139 xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:06.openssl.asc">FreeBSD-SA-14:06.openssl</link></entry>
140 <entry>8 April 2014</entry>
141 <entry><para>ECDSA side channel leak</para></entry>
148 <sect2 xml:id="kernel">
149 <title>Kernel Changes</title>
151 <para revision="256033">The &man.arcmsr.4; driver has been
152 updated to version 1.20.00.28.</para>
154 <para revision="256437">The &man.isci.4; driver is now loadable
155 via &man.kldload.8;.</para>
157 <para revision="256759">System-level &man.sysctl.8; values are
158 now exposed to the system for the &man.ixgbe.4; device.</para>
160 <para revision="256924">The &man.mfi.4; driver has been updated
161 to support MegaRAID Invader controllers.</para>
163 <para revision="257119">A kernel panic triggered in
164 <literal>zfs_root()</literal> after a failed rollback has
167 <para revision="257125">A new &man.sysctl.8;,
168 <literal>debug.devfs_iosize_max_clamp</literal> has been added
169 which enables and disables <literal>SSIZE_MAX</literal>-sized
170 I/O requests on &man.devfs.5; files.</para>
172 <para revision="257126">A new &man.sysctl.8;,
173 <literal>kern.disallow_high_osrel</literal>, has been added
174 which disables executing the images compiled on a userland
175 with a higher major version number than the major version
176 number of the running kernel.</para>
178 <para revision="257253">A kernel panic triggered by unmounting
179 a busy &man.zfs.8; filesystem has been fixed.</para>
181 <para revision="257373">A deadlock triggered by powering off
182 a USB device has been fixed.</para>
184 <para revision="258214">The &man.ata.4; driver has been updated
185 to support Intel Lynx Point PCH SMBus devices.</para>
187 <para revision="258215">The &man.ata.4; driver has been updated
188 to support Coleto Creek devices.</para>
190 <para revision="258217">The &man.ahci.4; driver has been updated
191 to support the PCI-express solid state drive in the
192 &apple; MacBook Air (model A1465).</para>
194 <para revision="258635">The &man.sysctl.8;
195 <literal>vfs.zfs.arc_meta_limit</literal> can now be changed
198 <para revision="258870">The &man.mmap.2; system call has been
199 updated to more optimally use superpages and provide support
200 for tweaking the alignment of virtual mappings.</para>
202 <para revision="258962">A workaround has been implemented
203 in the &man.bge.4; driver for hung transmission on BCM5719
204 and BCM5720 chipsets.</para>
206 <para revision="259002">A kernel panic when listing sysctls
207 on a system with <literal>INVARIANTS</literal> enabled has
210 <para revision="259466">A new &man.sysctl.8;,
211 <literal>kern.supported_archs</literal> has been added,
212 which will list the <envar>MACHINE_ARCH</envar> values
213 whose binaries can be run on the system.</para>
215 <para revision="259519">Several problems that could trigger
216 kernel panic on &man.kldload.8; and &man.kldunload.8; have
219 <para revision="260082">A kernel panic triggered by some
220 multi-threaded applications has been fixed.</para>
222 <para revision="260134">The &man.runfw.4; firmware has been
223 renamed from <literal>runfw</literal> to
224 <literal>run.fw</literal> for consistency with other firmware
227 <para revision="260433">A new &man.sysctl.8;,
228 <literal>kern.panic_reboot_wait_time</literal>, has been
229 added. This allows tuning the amount of time the system
230 will wait before rebooting after &man.panic.9;. The
231 <literal>kern.panic_reboot_wait_time</literal> value defaults
232 to the kernel configuration option,
233 <literal>PANIC_REBOOT_WAIT_TIME</literal>.</para>
235 <para revision="260644">Hardware Random Number Generators have
236 been disabled by default.</para>
238 <para revision="261483">Support for GPS ports has been added
239 to the &man.uhso.4; driver.</para>
241 <para revision="262116">A memory leak of compressed buffers
243 <literal>l2arc_write_done()</literal>.</para>
245 <para revision="262153">The &man.netmap.4; framework has been
246 updated to match the version in <literal>head/</literal>,
247 which includes netmap pipes, kqueue support, and enhanced
248 VALE switch port.</para>
250 <para revision="262175">A deadlock triggered by sending
251 a mounted &man.zfs.8; snapshot has been fixed.</para>
253 <para revision="262231">Support for SIIG X1 PCI-e has been added
254 to &man.ppc.4;.</para>
256 <para revision="262564">Support for the ext4 filesystem
257 has been enabled, supporting read-only mounts.</para>
259 <para revision="262594">A kernel panic triggered by inserting
260 a USB ethernet device on VIMAGE-enabled systems has been
263 <para revision="262988">TTM, a memory manager used by video
264 drivers, has been merged.</para>
266 <para revision="263103">Support for
267 <literal>/sys/kernel/random/uuid</literal> has been added
268 to &man.linprocfs.5;.</para>
270 <para revision="263128">A memory leak in the
271 <literal>zpool_in_use()</literal> function has been
274 <para revision="263391">The
275 <literal>extensible_dataset</literal> &man.zpool.8; feature
276 has been added. See &man.zpool-features.7; for more
279 <para revision="263408">A memory leak has been fixed in
280 <literal>libzfs</literal>.</para>
282 <para revision="263817,263818">The <literal>vt</literal> driver
283 has been merged from <literal>head/</literal>.</para>
285 <para revision="265729">The &man.mpr.4; device has been added,
286 providing support for LSI Fusion-MPT 3 12Gb SCSI/SATA
289 <para revision="266167">A kernel bug that inhibited proper
290 functionality of the <literal>dev.cpu.0.freq</literal>
291 &man.sysctl.8; on &intel; processors with Turbo
292 Boost ™ enabled has been fixed.</para>
294 <para revision="266269">Support for &man.xen.4;
295 hardware-assisted virtualization, <literal>XENHVM</literal>,
296 is now available as a loadable module,
297 <literal>xenhvm.ko</literal>.</para>
299 <sect3 xml:id="boot">
300 <title>Boot Loader Changes</title>
306 <sect3 xml:id="proc">
307 <title>Hardware Support</title>
309 <para revision="261510">Trackpad support for
310 &apple; MacBook products has been added.</para>
312 <para revision="261973">The &man.nve.4; driver has been
313 deprecated, and the &man.nfe.4; driver should be used
316 <para revision="262968">The &man.mfi.4; driver has been
317 updated to support MegaRAID Fury cards.</para>
319 <para revision="263170,263171">The Radeon KMS driver has been
322 <para revision="263340">The &man.aacraid.4; driver has been
323 updated to version 3.2.5.</para>
326 <title>Multimedia Support</title>
332 <sect4 xml:id="net-if">
333 <title>Network Interface Support</title>
335 <para revision="257611">The &man.re.4; driver has been
336 updated to add preliminary support for the RTL8106E
339 <para revision="257614,257616">The &man.re.4; driver has
340 been updated to support the RTL8168G, RTL8168GU and
341 RTL8411B chipsets.</para>
343 <para revision="257618">The &man.re.4; driver has been
344 updated to add preliminary support for the RTL8168EP
347 <para revision="258586">The &man.oce.4; driver has been
348 updated to version 10.0.664.0.</para>
350 <para revision="258898">The &man.qlxgbe.4; driver has been
351 imported from <literal>head/</literal>.</para>
353 <para revision="258936">The &man.qlxge.4; driver has been
354 imported from <literal>head/</literal>.</para>
356 <para revision="258965">The &man.bge.4; driver has been
357 updated to support the BCM5725 chipset.</para>
359 <para revision="258967">The &man.bge.4; driver has been
360 updated to support the BCM57764, BCM57767, BCM57782,
361 BCM57786 and BCM57787 chipsets.</para>
363 <para revision="259457">The &man.run.4; driver has been
364 updated to support MediaTek/Ralink chipsets RT5370 and
367 <para revision="259460">The &man.usb.4; wireless radiotap
368 headers have been realigned, allowing wireless adapters
369 to work on &arch.arm;, &arch.mips;, and other similar
370 platforms where alignment is important.</para>
372 <para revision="260119">The &man.run.4; firmware has been
373 updated to version 0.33.</para>
375 <para revision="260252">The &man.bxe.4; driver has been
376 merged from <literal>head/</literal>, providing support
377 for Broadcom NetXtreme II 10Gb PCIe adapters.</para>
379 <para revision="261865">The &man.run.4; driver has been
380 updated to include support for the MediaTek/Ralink RT3593
383 <para revision="261933">The &man.run.4; driver has been
384 updated to include support for the DLINK DWA-127 wireless
387 <para revision="262153">The &man.axge.4; driver has been
390 <para revision="262362">The &man.urndis.4; driver has been
391 imported from OpenBSD.</para>
393 <para revision="263582">The &man.bxe.4; driver has been
394 updated to version 1.78.78.</para>
399 <sect3 xml:id="net-proto">
400 <title>Network Protocols</title>
406 <sect3 xml:id="disks">
407 <title>Disks and Storage</title>
414 <title>File Systems</title>
416 <para revision="263410">The &man.zfs.8; filesystem has been
417 updated to support the <literal>bookmarks</literal>
423 <sect2 xml:id="userland">
424 <title>Userland Changes</title>
426 <para revision="256054">A new flag <literal>-c</literal>, has
427 been added to &man.pgrep.1; and &man.pkill.1;, which restricts
428 the process lookup to the specified login class.</para>
430 <para revision="257496">The &man.ddb.8; utility has been updated
431 to add <command>show ioapic</command> and <command>show all
432 ioapics</command>.</para>
434 <para revision="258183">Setting <literal>nmbcluster</literal>
435 values to their current value will now be ignored, instead of
436 failing with an error.</para>
438 <para revision="258763">The <filename
439 class="directory">/var/cache</filename> directory is now
440 created with mode <literal>0755</literal> instead of mode
441 <literal>0750</literal>, since this directory is used by
442 many third-party applications, which makes dropping group
443 privileges impossible.</para>
445 <para revision="258818">The &man.uname.1; utility has been
446 updated to include the <literal>-U</literal> and
447 <literal>-K</literal> flags, which print the
448 <envar>__FreeBSD_version</envar> for the running userland
449 and kernel, respectively.</para>
451 <para revision="258844">The &man.fetch.3; library has been
452 updated to support SNI (Server Name Identification), allowing
453 to use virtual hosts on HTTPS.</para>
455 <para revision="259243">A segmentation fault and internal
456 compiler error bug in &man.gcc.1; triggered by throwing
457 a warning before parsing any tokens has been fixed.</para>
459 <para revision="259269,259406">Several updates to &man.gcc.1;
460 have been imported from Google.</para>
462 <para revision="259448">A byte-order bug in the Heimdal
463 <literal>gss_pseudo_random()</literal> function which would
464 prevent interoperability with other
465 <application>Kerberos</application> implementations has been
466 fixed. In particular, this would prevent interoperability
467 with the MIT implementation.</para>
469 <para revision="260007">The &man.hastctl.8; utility has been
470 updated to output the current queue sizes.</para>
472 <para revision="260197">The &man.ps.1; utility will no longer
473 truncate the <literal>command</literal> output column.</para>
475 <para revision="260208">The &man.protect.1; command has been
476 added, which allows exempting processes from being killed
477 when swap is exhausted.</para>
479 <para revision="260507">The &man.gmirror.8; utility now prevents
480 deactivating the last component of a mirror.</para>
482 <para revision="260507">A new &man.gmirror.8; command,
483 <command>gmirror destroy</command>, has been added, which will
484 destroy the &man.geom.8; and erase the &man.gmirror.8;
487 <para revision="260650">The &man.etcupdate.8; utility, a tool
488 for managing updates to files in <filename
489 class="directory">/etc</filename>, has been merged from
490 <literal>head/</literal>.</para>
492 <para revision="260651">The &man.find.1; utility has been
493 updated to fix incorrect behavior with the
494 <literal>-lname</literal> and <literal>-ilname</literal>
497 <para revision="260868,260869">The
498 <literal>hw.uart.console</literal> is now always updated when
499 the comconsole setup changes.</para>
501 <para revision="260909">The &man.kldload.8; utility has been
502 updated to display a message directing to &man.dmesg.8;,
503 instead of the cryptic message <quote>Exec format
504 error</quote>.</para>
506 <para revision="261674">A bug that could trigger an infinite
507 loop in KDE and X has been fixed.</para>
509 <para revision="262076">The &man.newsyslog.8; utility has been
510 changed to use the size of the file, instead of the blocks the
511 file takes on the disk to match the behavior documented in
512 &man.newsyslog.conf.5;.</para>
514 <para revision="262105">A bug in &man.zdb.8; which would cause
515 numeric parameters to a flag as being treated as additional
516 flags has been fixed.</para>
518 <para revision="262124">The default number of &man.nfsd.8;
519 threads has been increased from <literal>4</literal> to
520 <literal>(8 * N)</literal>, where <literal>N</literal> is
521 the number of CPUs as reported by
522 <command>sysctl -n hw.ncpu</command>.</para>
524 <para revision="262134">The &man.pciconf.8; utility now has
525 a <literal>-V</literal> flag, which lists information such
526 as serial numbers for each device.</para>
528 <para revision="262158">A bug that would allow creating
529 a &man.zfs.8; snapshot of an inconsistent dataset has been
532 <para revision="262160">Receiving a &man.zfs.8; dataset with
533 <command>zfs recv -F</command> now properly destroys any
534 snapshots that were created since the incremental source
537 <para revision="263031">Installation from a read-only
538 <envar>.OBJDIR</envar> has been fixed.</para>
540 <para revision="263031">A new shared library directory,
541 <filename class="directory">/usr/lib/private</filename>,
542 has been added for internal-use shared libraries.</para>
544 <para revision="263031">A default
545 <filename>libmap32.conf</filename> has been added, for 32-bit
548 <para revision="263032">The <literal>libucl</literal> library,
549 a JSON-compatible configuration file parsing library, has been
552 <para revision="263038">The &man.pkg.7; package management
553 utility has been syncronized with <literal>head/</literal>.
554 This implements binary package signature verification when
555 bootstrapping the system with <command>pkg
556 bootstrap</command>.</para>
558 <para revision="263042">The system timezone data files have
559 been updated to version tzdata2014a.</para>
561 <para revision="263212">The NetBSD &man.make.1; utility,
562 <command>bmake</command> has been imported for compatibility
563 with the &os; Ports Collection. It is installed as
564 <command>bmake</command>, and the <command>make</command>
565 remains the &os; version.</para>
567 <para revision="263326">The &man.fetch.3; library now
568 supports <literal>Last-Modified</literal> timestamps which
569 return UTC instead of GMT.</para>
571 <para revision="263404">Aliases for the &man.zfs.8; commands
572 <literal>list -t snap</literal> and <literal>snap</literal>
573 have been added to match &oracle; Solaris 11.</para>
575 <para revision="263406">A new flag, <literal>-p</literal>, has
576 been added to the &man.zfs.8; <literal>list</literal> command,
577 providing output in a parseable form.</para>
579 <para revision="263421"><application>OpenPAM</application> has
580 been updated to Nummularia (20130907), which incorporates
581 several bug fixes and documentation improvements. The
582 &man.openpam.ttyconv.3; library has been completely
585 <para revision="264423">The &man.sh.1; command interpreter has
586 been updated to expand assignments after
587 <literal>export</literal>, <literal>local</literal>, and
588 <literal>readonly</literal> differently. As result of this
589 change, variable assignment such as <literal>local
590 v=$1</literal> will assign the first positional
591 parameter to <literal>v</literal>, even if
592 <literal>$1</literal> contains spaces, and
593 <literal>local w=<replaceable>~/myfile</replaceable></literal>
594 will expand the tilde (<literal>~</literal>).</para>
596 <para revision="264699">The &man.find.1; utility has been
597 updated to implement <literal>-ignore_readdir_race</literal>.
598 Prior to this change, <literal>-ignore_readdir_race</literal>
599 existed as an option for GNU &man.find.1; compatibility, and
600 was ignored if specified. A counter primary,
601 <literal>-noignore_readdir_race</literal> now also exists, and
602 is the default behavior.</para>
604 <para revision="266286">The &man.ps.1; utility has been updated
605 to include the <literal>-J</literal> flag, used to filter
606 output by matching &man.jail.8; IDs and names. Additionally,
607 argument <literal>0</literal> can be used to
608 <literal>-J</literal> to only list processes running on the
611 <para revision="266287">The &man.top.1; utility has been updated
612 to filter by &man.jail.8; ID or name, in followup to the
613 &man.ps.1; change in <literal>r265229</literal>.</para>
615 <sect3 xml:id="periodic-scripts">
616 <title>&man.periodic.8; Scripts</title>
622 <sect3 xml:id="rc-scripts">
623 <title>&man.rc.8; Scripts</title>
625 <para revision="256917">Support for <quote>first boot</quote>
626 scripts has been added to &man.rc.8;. See &man.rc.8; and
627 &man.rc.conf.5; for implementation details.</para>
629 <para revision="260432">The &man.rc.8; system will now
630 re-source &man.rc.conf.5; on receipt of
631 <literal>SIGALRM</literal>.</para>
636 <sect2 xml:id="contrib">
637 <title>Contributed Software</title>
639 <para revision="255934">The &man.readline.3; library has been
640 updated to version 1.104.</para>
642 <para revision="266711"><application>Sendmail</application> has
643 been updated to version 8.14.9.</para>
645 <para revision="262706"><application>BIND</application> has
646 been updated to version 9.9.5.</para>
648 <para revision="263286">The &man.xz.1; utility has been updated
649 to a post-5.0.5 snapshot.</para>
651 <para revision="263970"><application>OpenSSH</application> has
652 been updated to version 6.6p1.</para>
656 <sect2 xml:id="releng">
657 <title>Release Engineering and Integration</title>
659 <para revision="260891">As part of the release build, the
660 &man.etcupdate.8; utility will bootstrap the system, allowing
661 &man.etcupdate.8; to work after the first upgrade of a
664 <para revision="262879">The <filename>release.sh</filename>
665 script and release <filename>Makefile</filename> have been
666 updated to use &man.pkg.7; to populate the dvd installation
669 <para revision="263028">The &man.services.mkdb.8; utility has
670 been updated to support multiple byte orders. Similar to
671 &man.cap.mkdb.1;, the <filename>services.db</filename> will
672 be created with proper endinanness as part of
673 cross-architecture release builds.</para>
678 <sect1 xml:id="upgrade">
679 <title>Upgrading from Previous Releases of &os;</title>
682 <title>Upgrading Using &man.freebsd-update.8; or a Source-Based
685 <para arch="amd64,i386">Binary upgrades between RELEASE versions
686 (and snapshots of the various security branches) are supported
687 using the &man.freebsd-update.8; utility. The binary upgrade
688 procedure will update unmodified userland utilities, as well
689 as an unmodified <filename>GENERIC</filename> kernel,
690 distributed as a part of an official &os; release. The
691 &man.freebsd-update.8; utility requires that the host being
692 upgraded have Internet connectivity.</para>
694 <para>Source-based upgrades (those based on recompiling the &os;
695 base system from source code) from previous versions are
696 supported using to the instructions in
697 <filename>/usr/src/UPDATING</filename>.</para>
700 <para>For more specific information about upgrading
701 instructions, see <uri
702 xlink:href="http://www.FreeBSD.org/releases/9.3R/installation.html">http://www.FreeBSD.org/releases/9.3R/installation.html</uri>.</para>
706 <para>Upgrading &os; should only be attempted
707 after backing up <emphasis>all</emphasis> data and
708 configuration files.</para>
713 <title xml:id="upgrade-pitfalls">User-Visible
714 Incompatibilities</title>
716 <para>&os; 9.0 and later have several incompatibilities in
717 system configuration which you might want to know before
718 upgrading your system. <emphasis>Please read this section and
720 xlink:href="http://www.freebsd.org/releases/9.0R/relnotes-detailed.html#UPGRADE">Upgrading
721 Section in 9.0-RELEASE Release Notes</link> carefully
722 before submitting a problem report and/or posting a question
723 to the &os; mailing lists.</emphasis></para>