The &os; Project $FreeBSD$ 2014 The &os; Documentation Project &tm-attrib.freebsd; &tm-attrib.ibm; &tm-attrib.ieee; &tm-attrib.intel; &tm-attrib.sparc; &tm-attrib.general; The release notes for &os; &release.current; contain a summary of the changes made to the &os; base system on the &release.branch; development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the &os; kernel and userland. Some brief remarks on upgrading are also presented. This document contains the release notes for &os; &release.current;. It describes recently added, changed, or deleted features of &os;. It also provides some notes on upgrading from previous versions of &os;. This distribution of &os; &release.current; is a &release.type; distribution. It can be found at &release.url; or any of its mirrors. More information on obtaining this (or other) &release.type; distributions of &os; can be found in the Obtaining &os; appendix to the &os; Handbook. All users are encouraged to consult the release errata before installing &os;. The errata document is updated with late-breaking information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for &os; &release.current; can be found on the &os; Web site. This section describes the most user-visible new or changed features in &os; since &release.prev;. Typical release note items document recent security advisories issued after &release.prev;, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to &os; between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements. Problems described in the following security advisories have been fixed. For more information, consult the individual advisories available from http://security.FreeBSD.org/. Advisory Date Topic SA-12:01.openssl 3 May 2012 OpenSSL multiple vulnerabilities SA-12:02.crypt 30 May 2012 Incorrect crypt() hashing SA-12:03.bind 12 June 2012 Incorrect handling of zero-length RDATA fields in &man.named.8; SA-12:04.sysret 12 June 2012 Privilege escalation when returning from kernel SA-12:05.bind 6 August 2012 &man.named.8; DNSSEC validation Denial of Service SA-12:06.bind 22 November 2012 Multiple Denial of Service vulnerabilities with &man.named.8; SA-12:07.hostapd 22 November 2012 Insufficient message length validation for EAP-TLS messages SA-12:08.linux 22 November 2012 Linux compatibility layer input validation error The &man.netmap.4; framework has been updated to match the version in head/, which includes netmap pipes, kqueue support, and enhanced VALE switch port. A deadlock triggered by sending a mounted &man.zfs.8; snapshot has been fixed. Support for SIIG X1 PCI-e has been added to &man.ppc.4;. Support for the ext4 filesystem has been enabled, supporting read-only mounts. A kernel panic triggered by inserting a USB ethernet device on VIMAGE-enabled systems has been fixed. TTM, a memory manager used by video drivers, has been merged. Support for /sys/kernel/random/uuid has been added to &man.linprocfs.5;. A memory leak in the zpool_in_use() function has been fixed. The extensible_dataset &man.zpool.8; feature has been added. See &man.zpool-features.7; for more information. A memory leak has been fixed in libzfs.   The &man.mfi.4; driver has been updated to support MegaRAID Fury cards. The Radeon KMS driver has been added. The &man.aacraid.4; driver has been updated to version 3.2.5.   The &man.axge.4; driver has been added. The &man.urndis.4; driver has been imported from OpenBSD.     The &man.zfs.8; filesystem has been updated to support the bookmarks feature. A bug that would allow creating a &man.zfs.8; snapshot of an inconsistent dataset has been fixed. Receiving a &man.zfs.8; dataset with zfs recv -F now properly destroys any snapshots that were created since the incremental source snapshot. BIND has been updated to version 9.9.5. Installation from a read-only .OBJDIR has been fixed. A new shared library directory, /usr/lib/private, has been added for internal-use shared libraries. A default libmap32.conf has been added, for 32-bit applications. The libucl library a JSON-compatible configuration file parsing library,has been imported. The &man.pkg.7; package management utility has been syncronized with head/. This implements binary package signature verification when bootstrapping the system with pkg bootstrap. The system timezone data files have been updated to version tzdata2014a. The NetBSD &man.make.1; utility, bmake has been imported for compatibility with the &os; Ports Collection. It is installed as bmake, and the make remains the &os; version. The &man.xz.1; utility has been updated to a post-5.0.5 snapshot. The &man.fetch.3; library now supports Last-Modified timestamps which return UTC instead of GMT. Aliases for the &man.zfs.8; commands list -t snap and snap have been added to match &oracle; Solaris 11. A new flag, -p, has been added to the &man.zfs.8; list command, providing output in a parseable form. OpenPAM has been updated to Nummularia (20130907), which incorporates several bug fixes and documentation improvements. The &man.openpam.ttyconv.3; library has been completely rewritten.       The release.sh script and release Makefile have been updated to use &man.pkg.7; to populate the dvd installation medium. The &man.services.mkdb.8; utility has been updated to support multiple byte orders. Similar to &man.cap.mkdb.1;, the services.db will be created with proper endinanness as part of cross-architecture release builds. Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the &man.freebsd-update.8; utility. The binary upgrade procedure will update unmodified userland utilities, as well as an unmodified GENERIC kernel, distributed as a part of an official &os; release. The &man.freebsd-update.8; utility requires that the host being upgraded have Internet connectivity. Source-based upgrades (those based on recompiling the &os; base system from source code) from previous versions are supported using to the instructions in /usr/src/UPDATING. For more specific information about upgrading instructions, see http://www.FreeBSD.org/releases/9.1R/installation.html. Upgrading &os; should, of course, only be attempted after backing up all data and configuration files. FreeBSD 9.0 and later have several incompatibilities in system configuration which you might want to know before upgrading your system. Please read this section and the Upgrading Section in 9.0-RELEASE Release Notes carefully before submitting a problem report and/or posting a question to the FreeBSD mailing lists.