1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
3 "../../../share/xml/freebsd50.dtd" [
4 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
7 <article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
8 <info><title>&os; &release.current; Release Notes</title>
10 <author><orgname>The &os; Project</orgname></author>
12 <pubdate>$FreeBSD$</pubdate>
17 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation
21 <legalnotice xml:id="trademarks" role="trademarks">
31 <para>The release notes for &os; &release.current; contain
32 a summary of the changes made to the &os; base system on the
33 &release.branch; development line. This document lists
34 applicable security advisories that were issued since the last
35 release, as well as significant changes to the &os; kernel and
36 userland. Some brief remarks on upgrading are also
41 <sect1 xml:id="intro">
42 <title>Introduction</title>
44 <para>This document contains the release notes for &os;
45 &release.current;. It describes recently added, changed, or
46 deleted features of &os;. It also provides some notes on
47 upgrading from previous versions of &os;.</para>
49 <para>The latest, up-to-date version of the release notes are
50 available online at <uri
51 xlink:href="&release.url;10.0R/relnotes.html">&release.url;10.0R/relnotes.html</uri>.</para>
53 <para>This distribution of &os;
54 &release.current; is a &release.type; distribution. It can be
55 found at <uri xlink:href="&release.url;">&release.url;</uri> or
56 any of its mirrors. More information on obtaining this (or other)
57 &release.type; distributions of &os; can be found in the <link
58 xlink:href="&url.books.handbook;/mirrors.html"><quote>Obtaining
59 &os;</quote> appendix</link> to the <link
60 xlink:href="&url.books.handbook;/">&os; Handbook</link>.</para>
62 <para>All users are encouraged to consult the release errata before
63 installing &os;. The errata document is updated with
64 <quote>late-breaking</quote> information discovered late in the
65 release cycle or after the release. Typically, it contains
66 information on known bugs, security advisories, and corrections to
67 documentation. An up-to-date copy of the errata for &os;
68 &release.current; can be found on the &os; Web site.</para>
72 <title>What's New</title>
74 <para>This section describes the most user-visible new or changed
75 features in &os; since &release.prev;.</para>
77 <para>Typical release note items document recent security advisories
78 issued after &release.prev;, new drivers or hardware support, new
79 commands or options, major bug fixes, or contributed software
80 upgrades. They may also list changes to major ports/packages or
81 release engineering practices. Clearly the release notes cannot
82 list every single change made to &os; between releases; this
83 document focuses primarily on security advisories, user-visible
84 changes, and major architectural improvements.</para>
86 <sect2 xml:id="security">
87 <title>Security Advisories</title>
89 <para>Problems described in the following security advisories have
90 been fixed. For more information, consult the individual
91 advisories available from
92 <link xlink:href="http://security.FreeBSD.org/">FreeBSD
93 Security Information</link>.</para>
95 <informaltable frame="none" pgwide="0">
97 <colspec colwidth="1*" />
98 <colspec colwidth="1*" />
99 <colspec colwidth="3*" />
102 <entry>Advisory</entry>
111 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-13:14.openssh.asc">SA-13:14.openssh</link></entry>
112 <entry>19 November 2013</entry>
113 <entry><para>OpenSSH AES-GCM memory corruption
114 vulnerability</para></entry>
119 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:01.bsnmpd.asc">SA-14:01.bsnmpd</link></entry>
120 <entry>14 January 2014</entry>
121 <entry><para>bsnmpd remote denial of service vulnerability</para></entry>
126 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:02.ntpd.asc">SA-14:02.ntpd</link></entry>
127 <entry>14 January 2014</entry>
128 <entry><para>ntpd distributed reflection Denial of Service vulnerability</para></entry>
133 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:03.openssl.asc">SA-14:03.openssl</link></entry>
134 <entry>14 January 2014</entry>
135 <entry><para>OpenSSL multiple vulnerabilities</para></entry>
140 xlink:href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:04.bind.asc">SA-14:04.bind</link></entry>
141 <entry>14 January 2014</entry>
142 <entry><para>BIND remote denial of service vulnerability</para></entry>
150 <sect2 xml:id="kernel">
151 <title>Kernel Changes</title>
153 <para revision="248508">The use of unmapped VMIO buffers
154 eliminates the need to perform TLB shootdown for mapping on
155 buffer creation and reuse, greatly reducing the amount of IPIs
156 for shootdown on big-SMP machines and eliminating up to 25-30%
157 of the system time on i/o intensive workloads.</para>
159 <para arch="amd64" revision="254466">The maximum amount of memory
160 the &os; kernel can address has been increased from 1TB to
163 <para>A new &man.cpuset.2; API has been added for thread to CPU
164 binding and CPU resource grouping and assignment. The
165 &man.cpuset.1; userland utility has been added to allow
166 manipulation of processor sets.</para>
168 <para>The &man.ddb.4; kernel debugger now has an
169 output capture facility. Input and output from &man.ddb.4; can
170 now be captured to a memory buffer for later inspection using
171 &man.sysctl.8; or a textdump. The new
172 <command>capture</command> command controls this feature.</para>
174 <para>The &man.ddb.4; debugger now supports a simple
175 scripting facility, which supports a set of named scripts
176 consisting of a set of &man.ddb.4; commands. These commands can
177 be managed from within &man.ddb.4; or with the use of the new
178 &man.ddb.8; utility. More details can be found in the
179 &man.ddb.4; manual page.</para>
181 <para>The kernel now supports a new textdump format
182 of kernel dumps. A textdump provides higher-level information
183 via mechanically generated/extracted debugging output, rather
184 than a simple memory dump. This facility can be used to
185 generate brief kernel bug reports that are rich in debugging
186 information, but are not dependent on kernel symbol tables or
187 precisely synchronized source code. More information can be
188 found in the &man.textdump.4; manual page.</para>
190 <para>Kernel support for M:N threading has been removed. While
191 the KSE (Kernel Scheduled Entities) project was quite successful
192 in bringing threading to FreeBSD, the M:N approach taken by the
193 KSE library was never developed to its full potential.
194 Backwards compatibility for applications using KSE threading
195 will be provided via &man.libmap.conf.5; for dynamically linked
196 binaries. The &os; Project greatly appreciates the work of
197 &a.julian;, &a.deischen;, and &a.davidxu; on KSE support.</para>
199 <para>The &os; kernel now exports information about certain kernel
200 features via the <varname>kern.features</varname> sysctl tree.
201 The &man.feature.present.3; library call provides a convenient
202 interface for user applications to test the presence of
205 <para arch="amd64">The &os; kernel now has support for large
206 memory page mappings (<quote>superpages</quote>).</para>
208 <para arch="amd64,i386,ia64,powerpc">The ULE
209 scheduler is now the default process scheduler
210 in <filename>GENERIC</filename> kernels.</para>
212 <para arch="amd64,i386" revision="240135">Support was added for
213 the new Intel on-CPU Bull Mountain random number
214 generator, found on IvyBridge and supposedly later CPUs,
215 accessible with the RDRAND instruction.</para>
217 <sect3 xml:id="kernel-virtualization">
218 <title>Virtualization support</title>
219 <para arch="amd64" revision="245652">The BSD Hypervisor,
220 &man.bhyve.8; is included with &os;. &man.bhyve.8; requires
221 Intel CPUs with VT-x and Extended Page Table (EPT) support.
222 These features are on all Nehalem models and beyond (e.g.
223 Nehalem and newer), but not on the lower-end Atom CPUs.</para>
225 <para revision="227652">&man.virtio.4; support has been added.
226 &man.virtio.4; is the name for the paravirtualization
227 interface developed for the Linux KVM, but since adopted to
228 other virtual machine hypervisors (with the notable exception
229 of Xen). This work brings in a BSD-licensed clean-room
230 implementation of the virtio kernel drivers for disk IO
231 (&man.virtio_blk.4; and &man.virtio_scsi.4;), network IO
232 (&man.vtnet.4;), memory ballooning (&man.virtio_balloon.4;),
233 and PCI. Tested with on Qemu/KVM, VirtualBox, and
234 &man.bhyve.4;.</para>
236 <para arch="amd64,i386" revision="255524">Paravirtualized
237 drivers which support Microsoft Hyper-V have been imported and
238 made part of the amd64 GENERIC kernel. For i386, these
239 drivers are not part of GENERIC, so the following lines must
240 be added to <filename>/boot/loader.conf</filename> to load
241 these drivers:</para>
243 <programlisting>hv_ata_pci_disengage_load="YES"
246 hv_vmbus_load="YES"</programlisting>
248 <para>Alternatively, the Hyper-V drivers can be added to the
249 i386 kernel by adding <literal>device hyperv</literal> to the
250 kernel config, and then recompiling the kernel. Please refer
251 to <link xlink:href="http://wiki.freebsd.org/HyperV">FreeBSD
252 and Microsoft Windows Server Hyper-V support</link> for full
253 instructions on how to set up Hyper-V support under
256 <para revision="254738">The &man.vmx.4; driver has been added.
257 &man.vmx.4; is a VMware VMXNET3 ethernet driver ported from
260 <para revision="255744" arch="amd64,i386">Xen PVHVM
261 virtualization is now part of the GENERIC kernel.</para>
264 <sect3 xml:id="kernel-arm">
265 <title>ARM support</title>
267 <para revision="239922">Raspberry PI support has been added.
269 xlink:href="http://kernelnomicon.org/?p=164">setup
270 instructions</link> and this <link
271 xlink:href="http://www.raspberrypi.org/quick-start-guide">quick
272 start guide</link>.</para>
274 <para revision="253396">The default ABI on ARM is now the ARM
275 EABI. This brings a number of improvements and allows future
276 support for VFP and Thumb-2.</para>
278 <para revision="239268">ARM support has been greatly improved,
279 including support for ARMv6 and ARMv7, SMP and thread-local
280 storage (TLS). Additionally support for some newer SoC like
281 the MV78x60 and OMAP4 was added. See the <link
282 xlink:href="http://lists.freebsd.org/pipermail/freebsd-arm/2012-August/003757.html">announcement</link>
283 for further details.</para>
285 <para revision="254918">Superpages support on ARM has been
286 added. Superpages support provides improved performance and
287 scalability by allowing TLB translations to dynamically cover
288 large physical memory regions. All ARMv6 and ARMv7-based
289 platforms can take advantage of this feature. See the <link
290 xlink:href="https://wiki.freebsd.org/ARMSuperpages">ARM
291 Superpages status</link> page for further details.</para>
294 <sect3 xml:id="boot">
295 <title>Boot Loader Changes</title>
297 <para arch="amd64,i386">The BTX kernel used by the
298 boot loader has been changed to invoke BIOS routines from real
299 mode. This change makes it possible to boot &os; from USB
302 <para arch="amd64,i386">A new &man.gptboot.8; boot
303 loader has been added to support booting from a GPT labeled
304 disk. A new <command>boot</command> command has been added to
305 &man.gpart.8;, which makes a GPT disk bootable by writing the
306 required bits of the boot loader, creating a new boot
307 partition if required.</para>
310 <sect3 xml:id="proc">
311 <title>Hardware Support</title>
313 <para>The &man.cmx.4; driver, a driver for Omnikey
314 CardMan 4040 PCMCIA smartcard readers, has been added.</para>
316 <para>The &man.syscons.4; driver now supports the Colemak
317 keyboard layout.</para>
319 <para>The &man.uslcom.4; driver, a driver for
320 Silicon Laboratories CP2101/CP2102-based USB serial adapters,
321 has been imported from OpenBSD.</para>
324 <title>Multimedia Support</title>
326 <para revision="240609">Support for version 2.0 of the USB
327 Audio reference design has been added. New devices should
328 support higher bandwidth, increased sampling frequency and
329 wider dynamic range.</para>
332 <sect4 xml:id="net-if">
333 <title>Network Interface Support</title>
335 <para>The &man.ale.4; driver has been added to provide support
336 for Atheros AR8121/AR8113/AR8114 Gigabit/Fast Ethernet
339 <para>The &man.em.4; driver has been split into two drivers
340 with some common parts. The &man.em.4; driver will continue
341 to support adapters up to the 82575, as well as new
342 client/desktop adapters. A new &man.igb.4; driver
343 will support new server adapters.</para>
345 <para>The &man.jme.4; driver has been added to provide support
346 for PCIe network adapters based on JMicron JMC250 Gigabit
347 Ethernet and JMC260 Fast Ethernet controllers.</para>
349 <para>The &man.malo.4; driver has been added to provide
350 support for Marvell Libertas 88W8335 based PCI network
353 <para>The firmware for the &man.mxge.4; driver has been
354 updated from 1.4.25 to 1.4.29.</para>
356 <para>The &man.sf.4; driver has been overhauled to improve its
357 performance and to add support for checksum offloading. It
358 should also work on all architectures.</para>
360 <para>The &man.re.4; driver has been overhauled to fix a
361 number of issues. This driver now has Wake On LAN (WOL)
364 <para>The &man.vr.4; driver has been overhauled to fix a
365 number of outstanding issues. It also now works on all
366 architectures.</para>
368 <para arch="amd64,i386">The &man.wpi.4; driver has
369 been updated to include a number of stability fixes.</para>
371 <para revision="248925">The &man.cxgbe.4; driver has been
372 updated to support 40G/10G Ethernet NICs based on Chelsio's
373 Terminator 5 (T5) ASIC.</para>
375 <para revision="256694">The iw_cxgbe driver has been
376 added. This is an experimental iWARP/RDMA driver (kernel
377 verbs only) for Chelsio's T4 and T5 based cards.</para>
379 <para revision="255932">The Open Fabrics Enterprise
380 Distribution (OFED) and OFED Infiniband core has been
381 updated to the same version as supplied by Linux version
384 <para revision="255932">The Mellanox Infiniband driver has
385 been updated to firmware version 2.30.3200 for ConnectX3
386 NICs. Support has been added for ConnectX3 VPI NICs, where
387 each port can be used as Infiniband 56 GB/s or Ethernet 40
388 GB/s. Support has been added for dynamically loading kernel
389 modules for Infiniband core (ibcore) and IP over Infiniband
392 <para revision="227614">&man.netmap.4; has been added.
393 &man.netmap.4; is a framework for high-performance
394 direct-to-hardware packet IO, offering low latency and high
395 PPS rates to userland applications while bypassing any
396 kernel-side packet processing. With &man.netmap.4; it is
397 trivially possible to fully saturate a 10 Gbps network
398 interface with minimal packet sizes. For more information,
400 xlink:href="http://info.iet.unipi.it/~luigi/netmap/">Netmap
401 Project</link>.</para>
405 <sect3 xml:id="net-proto">
406 <title>Network Protocols</title>
408 <para revision="228571">&man.carp.4; has been rewritten to make
409 addresses more sane from the viewpoint of routing daemons such
410 as quagga/zebra. It also brings support for a single redundant
411 address on the subnet (carpdev), switching state with
412 &man.ifconfig.8;, better locking and using modern kernel
413 interfaces to allocate multicast memberships. Configuration
414 of the CARP protocol via &man.ifconfig.8; has changed, as well
415 as the format of CARP events submitted to &man.devd.8;. See
416 &man.carp.4; for more information. The arpbalance feature of
417 &man.carp.4; is currently not supported anymore.</para>
419 <para revision="240233">The &man.pf.4; firewall now supports
420 fine-grain locking and better utilization on multi-CPU
421 machines, resulting in significant improvements in
424 <para revision="250700">Support for up to 65536 routing tables
425 has been introduced.</para>
427 <para revision="248552">Support for setting/matching
428 differentiated services codepoints (DSCP) in IP header has
429 been added to &man.ipfw.8;.</para>
432 <sect3 xml:id="disks">
433 <title>Disks and Storage</title>
435 <para>The &man.aac.4; driver now supports volumes
436 larger than 2TB in size.</para>
438 <para>The &man.ata.4; driver now supports a spindown command for
439 disks; after a configurable amount of time, if no requests
440 have been received for a disk, the disk will be spun down
441 until the next request. The &man.atacontrol.8; utility now
442 supports a <command>spindown</command> command to configure
445 <para>The &man.hptrr.4; driver has been updated to
446 version 1.2 from Highpoint.</para>
448 <para revision="240616">&man.nvme.4; has been added and provides
449 NVM Express support. NVM Express is an optimized register
450 interface, command set and feature set of PCI Express
451 (PCIe)-based Solid-State Drives (SSDs). For more information,
453 xlink:href="http://www.nvmexpress.org/">nvmexpress.org</link>.</para>
457 <title>File Systems</title>
459 <para revision="255570">A new kernel-based iSCSI target and
460 initiator has been added.</para>
462 <para revision="243246">UFS filesystems can now be enlarged with
463 &man.growfs.8; while mounted read-write. This is especially
464 useful for virtual machines, allowing the addition of more
465 harddrive space without interruption of service.</para>
467 <para revision="241519">A state of the art FUSE implementation
468 is now part of the base system. It allows the use of nearly
469 all fusefs file systems.</para>
471 <sect4 xml:id="fs-zfs">
474 <para revision="">&man.bsdinstall.8; now supports installing
475 ZFS on the root file system. It includes a single
476 configuration menu that allows you to select all of the
477 required details, including which drives to use, what ZFS
478 RAID level to use (taking into consideration the selected
479 number of drives), GPT or MBR, GELI encryption, forcing 4K
480 sectors, pool name, etc.</para>
482 <para revision="240868">TRIM support has been added for
485 <para revision="246586">Support for the high-performance LZ4
486 compression algorithm has been added to ZFS. LZ4 is usually
487 faster and can achieve a higher compression ratio than LZJB,
488 the default compression algorithm.</para>
490 <para revision="252140">Support for L2ARC compression has been
493 <para revision="243524">The zio nop-write improvement from
494 Illumos was imported into &os;. To reduce I/O, nop-write
495 skips overwriting data if the (cryptographically secure)
496 checksum of new data matches the checksum of existing data.
497 It also saves space if snapshots are in use. This
498 improvement only works on datasets with enabled compression,
499 disabled deduplication and sha256 checksums. ZFS will now
500 compare the checksums of incoming writes to the checksum of
501 the existing on-disk data and avoid issuing any write I/O
502 for data that has not changed. This will reduce I/O as well
503 as space usage because if the old block is referenced by
504 a snapshot, both copies of the block are kept even though
505 both contain the same data.</para>
510 <sect2 xml:id="userland">
511 <title>Userland Changes</title>
513 <para revision="255321">On platforms where &man.clang.1; is the default
514 system compiler (such as i386, amd64, arm), GCC and GNU libstdc++ are no
515 longer built by default. &man.clang.1; and libc++ from LLVM are used on
516 these platforms by instead. GCC 4.2.1 and libstdc++ are still built
517 and used by default on pc98 and all other platforms where &man.clang.1;
518 is not the default system compiler.</para>
520 <para revision="251662">&man.clang.1; and llvm have been updated to
521 version 3.3 release. Please refer to <link
522 xlink:href="http://llvm.org/releases/3.3/tools/clang/docs/ReleaseNotes.html">
523 Clang 3.3 Release Notes</link>.</para>
525 <para revision="255949"><application>BIND</application> has been
526 removed from the base system. &man.unbound.8;, which is
527 maintained by NLnet Labs, has been imported to support local DNS
528 resolution functionality with DNSSEC. Note that it is not a
529 replacement of <application>BIND</application> and the latest
530 versions of <application>BIND</application> is still available
531 in the Ports Collection.
532 With this change, nslookup and dig are no longer a part of the
533 base system. Users should instead use &man.host.1; and
534 &man.drill.1; Alternatively, nslookup and dig can be obtained by
535 installing <filename>dns/bind-tools</filename> port.</para>
537 <para revision="225937">sysinstall has been removed from the base
538 system. Auxiliary libraries and tools used by sysinstall such
539 as libdisk, libftpio, and sade have also been removed.
540 sysinstall has been replaced by &man.bsdinstall.8; and
541 &man.bsdconfig.8;.</para>
543 <para revision="256106">&man.freebsd-version.1; has been added.
544 This tool makes a best effort to determine the version and patch
545 level of the installed kernel and userland.</para>
547 <para revision="255191">GNU patch has been removed from the base
548 system, and replaced by a BSD-licensed &man.patch.1;
551 <para revision="241511">GNU sort has been removed from the base
552 system, and replaced by a BSD-licensed &man.sort.1;
555 <para revision="235723">Berkely yacc (byacc) has been imported
557 xlink:href="http://invisible-island.net/byacc/">invisible
558 island</link>. This brings bison compatibilities to
559 &man.yacc.1; while preserving full backwards compatibility with
560 previous version of &man.yacc.1;.</para>
562 <para revision="250881">&man.lex.1; has been replaced by flex
565 <para revision="250699">&man.make.1; has been replaced with the
566 <quote>Portable</quote> BSD make tool (bmake) from
569 <para>The &man.adduser.8; utility now supports
570 a <option>-M</option> option to set the mode of a new user's
571 home directory.</para>
573 <para>BSD-licensed versions of &man.ar.1; and &man.ranlib.1;,
574 based on &man.libarchive.3;, have replaced the GNU Binutils
575 versions of these utilities.</para>
577 <para>BSD-licensed versions of &man.bc.1; and &man.dc.1; have
578 replaced their GNU counterparts.</para>
580 <para>&man.chflags.1; now supports
581 a <option>-v</option> flag for verbose output and
582 a <option>-f</option> flag to ignore errors with the same
583 semantics as (for example) &man.chmod.1;.</para>
585 <para>For compatibility with other implementations, &man.cp.1; now
586 supports a <option>-a</option> flag, which is equivalent to
587 specifying the <option>-RrP</option> flags.</para>
589 <para>BSD-licensed version of &man.cpio.1; based on
590 &man.libarchive.3;, has replaced the GNU cpio. Note that the
591 GNU cpio is still installed as
592 <filename>gcpio</filename>.</para>
594 <para>The &man.env.1; program now supports <option>-u
595 <replaceable>name</replaceable></option> which will completely
596 unset the given variable <replaceable>name</replaceable> by
597 removing it from the environment, instead of just setting it to
600 <para>The &man.fdopendir.3; library function has been
603 <para>The &man.fetch.3; library now supports HTTP
604 1.1 If-Modified-Since behavior. The &man.fetch.1; program now
605 supports <option>-i <replaceable>filename</replaceable></option>
606 which will only download the specified HTTP URL if the content
607 is newer than <replaceable>filename</replaceable>.</para>
609 <para>&man.find.1; has been enhanced by the addition of a number
610 of primaries that were present in GNU find but not &os;
613 <para>&man.kgdb.1; now supports a new <command>add-kld</command>
614 command to make it easier to debug crash dumps with kernel
617 <para>The &man.ls.1; program now supports a <option>-D</option>
618 option to specify a date format string to be used with the long
619 format (<option>-l</option>) output.</para>
621 <para>&man.nc.1; now supports a <option>-O</option> switch to
622 disable the use of TCP options.</para>
624 <para>&man.nc.1;'s <option>-o</option> switch has been deprecated.
625 It will be removed in a future release.</para>
627 <para>The &man.ping6.8; utility now returns <literal>2</literal>
628 when the packet transmission was successful but no responses
629 were received (this is the same behavior as &man.ping.8;).
630 It returned a non-zero value before this change.</para>
632 <para>The &man.procstat.1; utility has been added to display
633 detailed information about processes.</para>
635 <para>The &man.realpath.1; utility now supports
636 a <option>-q</option> flag to suppress warnings; it now also
637 accepts multiple paths on its command line.</para>
639 <para>&man.sh.1; has many bug fixes, some new features, and will
640 now refuse to parse some invalid scripts. Additionally, it now
641 has filename completion and defaults to the <quote>emacs</quote>
644 <para>The &man.split.1; utility now supports a <option>-n</option>
645 flag to split a file into a certain number of chunks.</para>
647 <para>The &man.tar.1; utility now supports a <option>-Z</option>
648 flag to enable &man.compress.1;-style
649 compression/decompression.</para>
651 <para>The &man.tar.1; utility now supports a
652 <option>--numeric-owner</option> flag to ignore user/group names
653 on create and extract.</para>
655 <para>The &man.tar.1; utility now supports the
656 <option>-S</option> flag to sparsify files on extraction.</para>
658 <para>The &man.tar.1; utility now supports a <option>-s</option>
659 flag to substitute filenames based on the specified regular
662 <para>The &man.tcgetsid.3; library function has been added to
663 return the process group ID for the session leader for the
664 controlling terminal. It is defined in IEEE Std 1003.1-2001
667 <para>&man.top.1; now supports a <option>-P</option> flag to
668 provide per-CPU usage statistics.</para>
670 <para>&man.zdump.8; is now working properly on 64-bit
671 architectures.</para>
673 <para>&man.traceroute.8; now has the ability to print the AS
674 number for each hop with the new <option>-a</option> switch; a
675 new <option>-A</option> option allows selecting a particular
678 <para>&man.traceroute6.8; now supports a <option>-U</option> flag
679 to send probe packets with no upper-layer protocol, rather than
680 the usual UDP probe packets.</para>
682 <sect3 xml:id="rc-scripts">
683 <title><filename>/etc/rc.d</filename> Scripts</title>
685 <para revision="256773"><filename>rc.d/sendmail</filename> now
686 generates and uses an SSL certificate by default when
687 <literal>sendmail_enable="YES"</literal>. This will allow
688 remote MTA to use STARTTLS to encrypt incoming email. The
689 certification is signed with a key that is thrown away and is
690 not a substitute for generating your own properly if you need
691 to use STARTTLS authentication. Options to control the
692 certificate generation is documented in
693 <filename>rc.d/sendmail</filename>.</para>
695 <para>The followoing &man.rc.8; scripts have been added:</para>
697 <informaltable frame="none" pgwide="0">
699 <colspec colwidth="1*" />
700 <colspec colwidth="1*" />
703 <entry>&man.rc.8; Script</entry>
704 <entry>Function</entry>
710 <entry><filename>ctld</filename></entry>
711 <entry><para>iSCSI target daemon startup
712 script</para></entry>
715 <entry><filename>iscsictl</filename></entry>
716 <entry><para>iSCSI initiator management utility
717 startup script</para></entry>
720 <entry><filename>iscsid</filename></entry>
721 <entry><para>iSCSI initiatior daemon startup
722 script</para></entry>
725 <entry><filename>kfd</filename></entry>
726 <entry><para>Kerberos ticket forwarding daemon
727 startup script</para></entry>
730 <entry><filename>local_unbound</filename></entry>
731 <entry><para>Unbound startup script for the local
732 caching resolver</para></entry>
735 <entry><filename>postrandom</filename></entry>
736 <entry><para>Generates a new entropy file at system
740 <entry><filename>swap</filename></entry>
741 <entry><para>Replaces <filename>swap1</filename>;
742 enable swap at system boot</para></entry>
745 <entry><filename>swaplate</filename></entry>
746 <entry><para>Enables swap with <quote>late</quote>
747 set at system boot</para></entry>
750 <entry><filename>utx</filename></entry>
751 <entry><para>User accounting database startup and
752 shutdown script</para></entry>
758 <para>The following &man.rc.8; scripts have been removed:</para>
760 <informaltable frame="none" pgwide="0">
762 <colspec colwidth="1*" />
765 <entry>&man.rc.8; Script</entry>
766 <entry><para>Reason</para></entry>
772 <entry><filename>encswap</filename></entry>
773 <entry><para>Replaced by <filename>swap</filename> and
774 <filename>swaplate</filename></para></entry>
777 <entry><filename>named</filename></entry>
778 <entry><para>Removed with
779 <application>BIND</application></para></entry>
782 <entry><filename>swap1</filename></entry>
783 <entry><para>Replaced by <filename>swap</filename> and
784 <filename>swaplate</filename></para></entry>
792 <sect2 xml:id="contrib">
793 <title>Contributed Software</title>
795 <para revision="251300">&man.jemalloc.3; has been updated to
797 xlink:href="http://www.facebook.com/jemalloc/">this
798 link</link> for more details.</para>
800 <para><application>AMD</application> has been
801 updated from 6.0.10 to 6.1.5.</para>
803 <para><application>awk</application> has been
804 updated from the 1 May
805 2007 release to the 23 October 2007 release.</para>
807 <para><application>bzip2</application> has been
808 updated from 1.0.4 to 1.0.5.</para>
810 <para revision="251794"><application>CVS</application> has been
811 removed from the base system, but is still available from Ports
814 <para revision="251886">Subversion has been imported into the base
815 system and is installed as <application>svnlite</application>.
816 <application>svnlite</application> should only be used for
817 checking out the &os; source trees and committing, and does not
818 replace the full Subversion port.</para>
820 <para revision="234449"><application>file</application> has been
821 updated to 5.11.</para>
823 <para revision="252726"><application>hostapd</application> has
824 been updated from 0.5.8 to 0.5.10.</para>
826 <para><application>IPFilter</application> has been updated to
829 <para revision="250592"><application>less</application> has been
830 updated to v458.</para>
832 <para><application>ncurses</application> has been updated to
835 <para><application>OpenSSH</application> has been
836 updated to 6.4.</para>
838 <para revision="236109"><application>OpenPAM</application> has
839 been updated to the Micrampelis release.</para>
841 <para><application>sendmail</application> has been
842 updated from 8.14.1 to 8.14.7.</para>
844 <para>The timezone database has been updated from
845 the <application>tzdata2008h</application> release to
846 the <application>tzdata2009m</application> release.</para>
848 <para>The stdtime part of libc, &man.zdump.8; and &man.zic.8; have
849 been updated from the <application>tzcode2004a</application>
850 release to the <application>tzcode2009h</application> release.
851 If you have upgraded from source or via the
852 &man.freebsd-update.8;, then please run &man.tzsetup.8; to
853 install a new <filename>/etc/localtime</filename>.</para>
855 <para revision="252726"><application>WPA Supplicant</application>
856 has been updated to 2.0.</para>
858 <para><application>xz</application> has been updated
859 from snapshot as of 12 April 2010 to 5.0.0.</para>
861 <para revision="258231">&man.nvi.1; has been updated
864 <para revision="254225">&man.nvi.1; supports wide-character
868 <sect2 xml:id="ports">
869 <title>Ports/Packages Collection Infrastructure</title>
871 <para revision="257444">The pkg_add, pkg_create, pkg_delete,
872 pkg_info, pkg_updating, and pkg_version utilities have been
873 removed. &man.pkg.7; must now be used to install binary
874 packages. &man.pkg.7; is the next generation &os; package
875 manager, also referred to as <quote>pkgng</quote>.</para>
878 <sect2 xml:id="releng">
879 <title>Release Engineering and Integration</title>
881 <para>The supported version of
882 the <application>GNOME</application> desktop environment
883 (<package>x11/gnome2</package>) has been
884 updated from 2.20.1 to 2.22.</para>
889 <title>Documentation</title>
897 <sect1 xml:id="upgrade">
898 <title>Upgrading from previous releases of &os;</title>
900 <para arch="amd64,i386">Beginning with &os; 6.2-RELEASE, binary
901 upgrades between RELEASE versions (and snapshots of the various
902 security branches) are supported using the &man.freebsd-update.8;
903 utility. The binary upgrade procedure will update unmodified
904 userland utilities, as well as unmodified GENERIC or SMP kernels
905 distributed as a part of an official &os; release. The
906 &man.freebsd-update.8; utility requires that the host being
907 upgraded have Internet connectivity.</para>
909 <para>Source-based upgrades (those based on recompiling the &os;
910 base system from source code) from previous versions are
911 supported, according to the instructions in
912 <filename>/usr/src/UPDATING</filename>.</para>
915 <para>Upgrading &os; should, of course, only be attempted after
916 backing up <emphasis>all</emphasis> data and configuration