1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
3 "../../../share/xml/freebsd50.dtd" [
4 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
7 <article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
9 <title>&os; &release.current; Release Notes</title>
11 <author><orgname>The &os; Project</orgname></author>
13 <pubdate>$FreeBSD$</pubdate>
17 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation
21 <legalnotice xml:id="trademarks" role="trademarks">
31 <para>The release notes for &os; &release.current; contain
32 a summary of the changes made to the &os; base system on the
33 &release.branch; development line. This document lists
34 applicable security advisories that were issued since the last
35 release, as well as significant changes to the &os; kernel and
36 userland. Some brief remarks on upgrading are also
41 <sect1 xml:id="intro">
42 <title>Introduction</title>
44 <para>This document contains the release notes for &os;
45 &release.current;. It describes recently added, changed, or
46 deleted features of &os;. It also provides some notes on
47 upgrading from previous versions of &os;.</para>
49 <para>This distribution of &os; &release.current; is
50 a &release.type; distribution. It can be found at <uri
51 xlink:href="&release.url;">&release.url;</uri> or any of its
52 mirrors. More information on obtaining this (or other)
53 &release.type; distributions of &os; can be found in the <link
54 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining
55 &os;</quote> appendix</link> to the <link
56 xlink:href="&url.books.handbook;/">&os;
57 Handbook</link>.</para>
59 <para>All users are encouraged to consult the release errata
60 before installing &os;. The errata document is updated with
61 <quote>late-breaking</quote> information discovered late in the
62 release cycle or after the release. Typically, it contains
63 information on known bugs, security advisories, and corrections
64 to documentation. An up-to-date copy of the errata for &os;
65 &release.current; can be found on the &os; Web site.</para>
69 <title>What's New</title>
71 <para>This section describes the most user-visible new or changed
72 features in &os; since &release.prev;.</para>
74 <para>Typical release note items document recent security
75 advisories issued after &release.prev;, new drivers or hardware
76 support, new commands or options, major bug fixes, or
77 contributed software upgrades. They may also list changes to
78 major ports/packages or release engineering practices. Clearly
79 the release notes cannot list every single change made to &os;
80 between releases; this document focuses primarily on security
81 advisories, user-visible changes, and major architectural
84 <sect2 xml:id="security">
85 <title>Security Advisories</title>
87 <para>Problems described in the following security advisories
88 have been fixed. For more information, consult the individual
89 advisories available from <uri
90 xlink:href="http://security.FreeBSD.org/">http://security.FreeBSD.org/</uri>.</para>
92 <informaltable frame="none" pgwide="1">
94 <colspec colwidth="1*"/>
95 <colspec colwidth="1*"/>
96 <colspec colwidth="3*"/>
99 <entry>Advisory</entry>
108 xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:01.bsnmpd.asc">FreeBSD-SA-14:01.bsnmpd</link></entry>
109 <entry>1 January 2014</entry>
110 <entry><para>Fix &man.bsnmpd.1; remote denial of service
111 vulnerability</para></entry>
116 xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:02.ntpd.asc">FreeBSD-SA-14:02.ntpd</link></entry>
117 <entry>1 January 2014</entry>
118 <entry><para>Disable <quote>monitor</quote> feature in
119 &man.ntpd.8; by default</para></entry>
124 xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:04.bind.asc">FreeBSD-SA-14:04.bind</link></entry>
125 <entry>1 January 2014</entry>
126 <entry><para>Remote denial of service
127 vulnerability</para></entry>
132 xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:05.nfsserver.asc">FreeBSD-SA-14:05.nfsserver</link></entry>
133 <entry>8 April 2014</entry>
134 <entry><para>Deadlock in the NFS server</para></entry>
139 xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:06.openssl.asc">FreeBSD-SA-14:06.openssl</link></entry>
140 <entry>8 April 2014</entry>
141 <entry><para>ECDSA side channel leak</para></entry>
148 <sect2 xml:id="kernel">
149 <title>Kernel Changes</title>
151 <para revision="256033">The &man.arcmsr.4; driver has been
152 updated to version 1.20.00.28.</para>
154 <para revision="256437">The &man.isci.4; driver is now loadable
155 via &man.kldload.8;.</para>
157 <para revision="256759">System-level &man.sysctl.8; values are
158 now exposed to the system for the &man.ixgbe.4; device.</para>
160 <para revision="256924">The &man.mfi.4; driver has been updated
161 to support MegaRAID Invader controllers.</para>
163 <para revision="257119">A kernel panic triggered in
164 <literal>zfs_root()</literal> after a failed rollback has
167 <para revision="257125">A new &man.sysctl.8;,
168 <literal>debug.devfs_iosize_max_clamp</literal> has been added
169 which enables and disables <literal>SSIZE_MAX</literal>-sized
170 I/O requests on &man.devfs.5; files.</para>
172 <para revision="257126">A new &man.sysctl.8;,
173 <literal>kern.disallow_high_osrel</literal>, has been added
174 which disables executing the images compiled on a userland
175 with a higher major version number than the major version
176 number of the running kernel.</para>
178 <para revision="257253">A kernel panic triggered by unmounting
179 a busy &man.zfs.8; filesystem has been fixed.</para>
181 <para revision="257373">A deadlock triggered by powering off
182 a USB device has been fixed.</para>
184 <para revision="258214">The &man.ata.4; driver has been updated
185 to support Intel Lynx Point PCH SMBus devices.</para>
187 <para revision="258215">The &man.ata.4; driver has been updated
188 to support Coleto Creek devices.</para>
190 <para revision="258217">The &man.ahci.4; driver has been updated
191 to support the PCI-express solid state drive in the
192 &apple; MacBook Air (model A1465).</para>
194 <para revision="258635">The &man.sysctl.8;
195 <literal>vfs.zfs.arc_meta_limit</literal> can now be changed
198 <para revision="258870">The &man.mmap.2; system call has been
199 updated to more optimally use superpages and provide support
200 for tweaking the alignment of virtual mappings.</para>
202 <para revision="258962">A workaround has been implemented
203 in the &man.bge.4; driver for hung transmission on BCM5719
204 and BCM5720 chipsets.</para>
206 <para revision="259002">A kernel panic when listing sysctls
207 on a system with <literal>INVARIANTS</literal> enabled has
210 <para revision="259466">A new &man.sysctl.8;,
211 <literal>kern.supported_archs</literal> has been added,
212 which will list the <envar>MACHINE_ARCH</envar> values
213 whose binaries can be run on the system.</para>
215 <para revision="259519">Several problems that could trigger
216 kernel panic on &man.kldload.8; and &man.kldunload.8; have
219 <para revision="260082">A kernel panic triggered by some
220 multi-threaded applications has been fixed.</para>
222 <para revision="260134">The &man.runfw.4; firmware has been
223 renamed from <literal>runfw</literal> to
224 <literal>run.fw</literal> for consistency with other firmware
227 <para revision="260433">A new &man.sysctl.8;,
228 <literal>kern.panic_reboot_wait_time</literal>, has been
229 added. This allows tuning the amount of time the system
230 will wait before rebooting after &man.panic.9;. The
231 <literal>kern.panic_reboot_wait_time</literal> value defaults
232 to the kernel configuration option,
233 <literal>PANIC_REBOOT_WAIT_TIME</literal>.</para>
235 <para revision="260644">Hardware Random Number Generators have
236 been disabled by default.</para>
238 <para revision="261483">Support for GPS ports has been added
239 to the &man.uhso.4; driver.</para>
241 <para revision="262116">A memory leak of compressed buffers
243 <literal>l2arc_write_done()</literal>.</para>
245 <para revision="262153">The &man.netmap.4; framework has been
246 updated to match the version in <literal>head/</literal>,
247 which includes netmap pipes, kqueue support, and enhanced
248 VALE switch port.</para>
250 <para revision="262175">A deadlock triggered by sending
251 a mounted &man.zfs.8; snapshot has been fixed.</para>
253 <para revision="262231">Support for SIIG X1 PCI-e has been added
254 to &man.ppc.4;.</para>
256 <para revision="262564">Support for the ext4 filesystem
257 has been enabled, supporting read-only mounts.</para>
259 <para revision="262594">A kernel panic triggered by inserting
260 a USB ethernet device on VIMAGE-enabled systems has been
263 <para revision="262988">TTM, a memory manager used by video
264 drivers, has been merged.</para>
266 <para revision="263103">Support for
267 <literal>/sys/kernel/random/uuid</literal> has been added
268 to &man.linprocfs.5;.</para>
270 <para revision="263128">A memory leak in the
271 <literal>zpool_in_use()</literal> function has been
274 <para revision="263391">The
275 <literal>extensible_dataset</literal> &man.zpool.8; feature
276 has been added. See &man.zpool-features.7; for more
279 <para revision="263408">A memory leak has been fixed in
280 <literal>libzfs</literal>.</para>
282 <para revision="263817,263818">The <literal>vt</literal> driver
283 has been merged from <literal>head/</literal>.</para>
285 <para revision="265729">The &man.mpr.4; device has been added,
286 providing support for LSI Fusion-MPT 3 12Gb SCSI/SATA
289 <para revision="266167">A kernel bug that inhibited proper
290 functionality of the <literal>dev.cpu.0.freq</literal>
291 &man.sysctl.8; on &intel; processors with Turbo
292 Boost ™ enabled has been fixed.</para>
294 <para revision="266269">Support for &man.xen.4;
295 hardware-assisted virtualization, <literal>XENHVM</literal>,
296 has been reworked as a loadable module.</para>
298 <sect3 xml:id="boot">
299 <title>Boot Loader Changes</title>
305 <sect3 xml:id="proc">
306 <title>Hardware Support</title>
308 <para revision="261510">Trackpad support for
309 &apple; MacBook products has been added.</para>
311 <para revision="261973">The &man.nve.4; driver has been
312 deprecated, and the &man.nfe.4; driver should be used
315 <para revision="262968">The &man.mfi.4; driver has been
316 updated to support MegaRAID Fury cards.</para>
318 <para revision="263170,263171">The Radeon KMS driver has been
321 <para revision="263340">The &man.aacraid.4; driver has been
322 updated to version 3.2.5.</para>
325 <title>Multimedia Support</title>
331 <sect4 xml:id="net-if">
332 <title>Network Interface Support</title>
334 <para revision="257611">The &man.re.4; driver has been
335 updated to add preliminary support for the RTL8106E
338 <para revision="257614,257616">The &man.re.4; driver has
339 been updated to support the RTL8168G, RTL8168GU and
340 RTL8411B chipsets.</para>
342 <para revision="257618">The &man.re.4; driver has been
343 updated to add preliminary support for the RTL8168EP
346 <para revision="258586">The &man.oce.4; driver has been
347 updated to version 10.0.664.0.</para>
349 <para revision="258898">The &man.qlxgbe.4; driver has been
350 imported from <literal>head/</literal>.</para>
352 <para revision="258936">The &man.qlxge.4; driver has been
353 imported from <literal>head/</literal>.</para>
355 <para revision="258965">The &man.bge.4; driver has been
356 updated to support the BCM5725 chipset.</para>
358 <para revision="258967">The &man.bge.4; driver has been
359 updated to support the BCM57764, BCM57767, BCM57782,
360 BCM57786 and BCM57787 chipsets.</para>
362 <para revision="259457">The &man.run.4; driver has been
363 updated to support MediaTek/Ralink chipsets RT5370 and
366 <para revision="259460">The &man.usb.4; wireless radiotap
367 headers have been realigned, allowing wireless adapters
368 to work on &arch.arm;, &arch.mips;, and other similar
369 platforms where alignment is important.</para>
371 <para revision="260119">The &man.run.4; firmware has been
372 updated to version 0.33.</para>
374 <para revision="260252">The &man.bxe.4; driver has been
375 merged from <literal>head/</literal>, providing support
376 for Broadcom NetXtreme II 10Gb PCIe adapters.</para>
378 <para revision="261865">The &man.run.4; driver has been
379 updated to include support for the MediaTek/Ralink RT3593
382 <para revision="261933">The &man.run.4; driver has been
383 updated to include support for the DLINK DWA-127 wireless
386 <para revision="262153">The &man.axge.4; driver has been
389 <para revision="262362">The &man.urndis.4; driver has been
390 imported from OpenBSD.</para>
392 <para revision="263582">The &man.bxe.4; driver has been
393 updated to version 1.78.78.</para>
398 <sect3 xml:id="net-proto">
399 <title>Network Protocols</title>
405 <sect3 xml:id="disks">
406 <title>Disks and Storage</title>
413 <title>File Systems</title>
415 <para revision="263410">The &man.zfs.8; filesystem has been
416 updated to support the <literal>bookmarks</literal>
422 <sect2 xml:id="userland">
423 <title>Userland Changes</title>
425 <para revision="256054">A new flag <literal>-c</literal>, has
426 been added to &man.pgrep.1; and &man.pkill.1;, which restricts
427 the process lookup to the specified login class.</para>
429 <para revision="257496">The &man.ddb.8; utility has been updated
430 to add <command>show ioapic</command> and <command>show all
431 ioapics</command>.</para>
433 <para revision="258183">Setting <literal>nmbcluster</literal>
434 values to their current value will now be ignored, instead of
435 failing with an error.</para>
437 <para revision="258763">The <filename
438 class="directory">/var/cache</filename> directory is now
439 created with mode <literal>0755</literal> instead of mode
440 <literal>0750</literal>, since this directory is used by
441 many third-party applications, which makes dropping group
442 privileges impossible.</para>
444 <para revision="258818">The &man.uname.1; utility has been
445 updated to include the <literal>-U</literal> and
446 <literal>-K</literal> flags, which print the
447 <envar>__FreeBSD_version</envar> for the running userland
448 and kernel, respectively.</para>
450 <para revision="258844">The &man.fetch.3; library has been
451 updated to support SNI (Server Name Identification), allowing
452 to use virtual hosts on HTTPS.</para>
454 <para revision="259243">A segmentation fault and internal
455 compiler error bug in &man.gcc.1; triggered by throwing
456 a warning before parsing any tokens has been fixed.</para>
458 <para revision="259269,259406">Several updates to &man.gcc.1;
459 have been imported from Google.</para>
461 <para revision="259448">A byte-order bug in the Heimdal
462 <literal>gss_pseudo_random()</literal> function which would
463 prevent interoperability with other
464 <application>Kerberos</application> implementations has been
465 fixed. In particular, this would prevent interoperability
466 with the MIT implementation.</para>
468 <para revision="260007">The &man.hastctl.8; utility has been
469 updated to output the current queue sizes.</para>
471 <para revision="260197">The &man.ps.1; utility will no longer
472 truncate the <literal>command</literal> output column.</para>
474 <para revision="260208">The &man.protect.1; command has been
475 added, which allows exempting processes from being killed
476 when swap is exhausted.</para>
478 <para revision="260507">The &man.gmirror.8; utility now prevents
479 deactivating the last component of a mirror.</para>
481 <para revision="260507">A new &man.gmirror.8; command,
482 <command>gmirror destroy</command>, has been added, which will
483 destroy the &man.geom.8; and erase the &man.gmirror.8;
486 <para revision="260650">The &man.etcupdate.8; utility, a tool
487 for managing updates to files in <filename
488 class="directory">/etc</filename>, has been merged from
489 <literal>head/</literal>.</para>
491 <para revision="260651">The &man.find.1; utility has been
492 updated to fix incorrect behavior with the
493 <literal>-lname</literal> and <literal>-ilname</literal>
496 <para revision="260868,260869">The
497 <literal>hw.uart.console</literal> is now always updated when
498 the comconsole setup changes.</para>
500 <para revision="260909">The &man.kldload.8; utility has been
501 updated to display a message directing to &man.dmesg.8;,
502 instead of the cryptic message <quote>Exec format
503 error</quote>.</para>
505 <para revision="261674">A bug that could trigger an infinite
506 loop in KDE and X has been fixed.</para>
508 <para revision="262076">The &man.newsyslog.8; utility has been
509 changed to use the size of the file, instead of the blocks the
510 file takes on the disk to match the behavior documented in
511 &man.newsyslog.conf.5;.</para>
513 <para revision="262105">A bug in &man.zdb.8; which would cause
514 numeric parameters to a flag as being treated as additional
515 flags has been fixed.</para>
517 <para revision="262124">The default number of &man.nfsd.8;
518 threads has been increased from <literal>4</literal> to
519 <literal>(8 * N)</literal>, where <literal>N</literal> is
520 the number of CPUs as reported by
521 <command>sysctl -n hw.ncpu</command>.</para>
523 <para revision="262134">The &man.pciconf.8; utility now has
524 a <literal>-V</literal> flag, which lists information such
525 as serial numbers for each device.</para>
527 <para revision="262158">A bug that would allow creating
528 a &man.zfs.8; snapshot of an inconsistent dataset has been
531 <para revision="262160">Receiving a &man.zfs.8; dataset with
532 <command>zfs recv -F</command> now properly destroys any
533 snapshots that were created since the incremental source
536 <para revision="263031">Installation from a read-only
537 <envar>.OBJDIR</envar> has been fixed.</para>
539 <para revision="263031">A new shared library directory,
540 <filename class="directory">/usr/lib/private</filename>,
541 has been added for internal-use shared libraries.</para>
543 <para revision="263031">A default
544 <filename>libmap32.conf</filename> has been added, for 32-bit
547 <para revision="263032">The <literal>libucl</literal> library,
548 a JSON-compatible configuration file parsing library, has been
551 <para revision="263038">The &man.pkg.7; package management
552 utility has been syncronized with <literal>head/</literal>.
553 This implements binary package signature verification when
554 bootstrapping the system with <command>pkg
555 bootstrap</command>.</para>
557 <para revision="263042">The system timezone data files have
558 been updated to version tzdata2014a.</para>
560 <para revision="263212">The NetBSD &man.make.1; utility,
561 <command>bmake</command> has been imported for compatibility
562 with the &os; Ports Collection. It is installed as
563 <command>bmake</command>, and the <command>make</command>
564 remains the &os; version.</para>
566 <para revision="263326">The &man.fetch.3; library now
567 supports <literal>Last-Modified</literal> timestamps which
568 return UTC instead of GMT.</para>
570 <para revision="263404">Aliases for the &man.zfs.8; commands
571 <literal>list -t snap</literal> and <literal>snap</literal>
572 have been added to match &oracle; Solaris 11.</para>
574 <para revision="263406">A new flag, <literal>-p</literal>, has
575 been added to the &man.zfs.8; <literal>list</literal> command,
576 providing output in a parseable form.</para>
578 <para revision="263421"><application>OpenPAM</application> has
579 been updated to Nummularia (20130907), which incorporates
580 several bug fixes and documentation improvements. The
581 &man.openpam.ttyconv.3; library has been completely
584 <para revision="264423">The &man.sh.1; command interpreter has
585 been updated to expand assignments after
586 <literal>export</literal>, <literal>local</literal>, and
587 <literal>readonly</literal> differently. As result of this
588 change, variable assignment such as <literal>local
589 v=$1</literal> will assign the first positional
590 parameter to <literal>v</literal>, even if
591 <literal>$1</literal> contains spaces, and
592 <literal>local w=<replaceable>~/myfile</replaceable></literal>
593 will expand the tilde (<literal>~</literal>).</para>
595 <para revision="264699">The &man.find.1; utility has been
596 updated to implement <literal>-ignore_readdir_race</literal>.
597 Prior to this change, <literal>-ignore_readdir_race</literal>
598 existed as an option for GNU &man.find.1; compatibility, and
599 was ignored if specified. A counter primary,
600 <literal>-noignore_readdir_race</literal> now also exists, and
601 is the default behavior.</para>
603 <sect3 xml:id="periodic-scripts">
604 <title>&man.periodic.8; Scripts</title>
610 <sect3 xml:id="rc-scripts">
611 <title>&man.rc.8; Scripts</title>
613 <para revision="256917">Support for <quote>first boot</quote>
614 scripts has been added to &man.rc.8;. See &man.rc.8; and
615 &man.rc.conf.5; for implementation details.</para>
617 <para revision="260432">The &man.rc.8; system will now
618 re-source &man.rc.conf.5; on receipt of
619 <literal>SIGALRM</literal>.</para>
624 <sect2 xml:id="contrib">
625 <title>Contributed Software</title>
627 <para revision="255934">The &man.readline.3; library has been
628 updated to version 1.104.</para>
630 <para revision="261375"><application>Sendmail</application> has
631 been updated to version 8.14.8.</para>
633 <para revision="262706"><application>BIND</application> has
634 been updated to version 9.9.5.</para>
636 <para revision="263286">The &man.xz.1; utility has been updated
637 to a post-5.0.5 snapshot.</para>
639 <para revision="263970"><application>OpenSSH</application> has
640 been updated to version 6.6p1.</para>
644 <sect2 xml:id="releng">
645 <title>Release Engineering and Integration</title>
647 <para revision="260891">As part of the release build, the
648 &man.etcupdate.8; utility will bootstrap the system, allowing
649 &man.etcupdate.8; to work after the first upgrade of a
652 <para revision="262879">The <filename>release.sh</filename>
653 script and release <filename>Makefile</filename> have been
654 updated to use &man.pkg.7; to populate the dvd installation
657 <para revision="263028">The &man.services.mkdb.8; utility has
658 been updated to support multiple byte orders. Similar to
659 &man.cap.mkdb.1;, the <filename>services.db</filename> will
660 be created with proper endinanness as part of
661 cross-architecture release builds.</para>
666 <sect1 xml:id="upgrade">
667 <title>Upgrading from Previous Releases of &os;</title>
670 <title>Upgrading Using &man.freebsd-update.8; or a Source-Based
673 <para arch="amd64,i386">Binary upgrades between RELEASE versions
674 (and snapshots of the various security branches) are supported
675 using the &man.freebsd-update.8; utility. The binary upgrade
676 procedure will update unmodified userland utilities, as well
677 as an unmodified <filename>GENERIC</filename> kernel,
678 distributed as a part of an official &os; release. The
679 &man.freebsd-update.8; utility requires that the host being
680 upgraded have Internet connectivity.</para>
682 <para>Source-based upgrades (those based on recompiling the &os;
683 base system from source code) from previous versions are
684 supported using to the instructions in
685 <filename>/usr/src/UPDATING</filename>.</para>
688 <para>For more specific information about upgrading
689 instructions, see <uri
690 xlink:href="http://www.FreeBSD.org/releases/9.3R/installation.html">http://www.FreeBSD.org/releases/9.3R/installation.html</uri>.</para>
694 <para>Upgrading &os; should only be attempted
695 after backing up <emphasis>all</emphasis> data and
696 configuration files.</para>
701 <title xml:id="upgrade-pitfalls">User-Visible
702 Incompatibilities</title>
704 <para>&os; 9.0 and later have several incompatibilities in
705 system configuration which you might want to know before
706 upgrading your system. <emphasis>Please read this section and
708 xlink:href="http://www.freebsd.org/releases/9.0R/relnotes-detailed.html#UPGRADE">Upgrading
709 Section in 9.0-RELEASE Release Notes</link> carefully
710 before submitting a problem report and/or posting a question
711 to the &os; mailing lists.</emphasis></para>