Update release note:

[FreeBSD/releng/7.2.git] / release / doc / en_US.ISO8859-1 / relnotes / article.sgml

<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
<!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
%articles.ent;

<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
%release;
]>

<article>
  <articleinfo>
    <title>&os; &release.current; Release Notes</title>

    <corpauthor>The &os; Project</corpauthor>

    <pubdate>$FreeBSD$</pubdate>

    <copyright>
      <year>2000</year>
      <year>2001</year>
      <year>2002</year>
      <year>2003</year>
      <year>2004</year>
      <year>2005</year>
      <year>2006</year>
      <year>2007</year>
      <year>2008</year>
      <year>2009</year>
      <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
    </copyright>

    <legalnotice id="trademarks" role="trademarks">
      &tm-attrib.freebsd;
      &tm-attrib.ibm;
      &tm-attrib.ieee;
      &tm-attrib.intel;
      &tm-attrib.sparc;
      &tm-attrib.general;
    </legalnotice>

    <abstract>
      <para>The release notes for &os; &release.current; contain a summary
        of the changes made to the &os; base system on the
        &release.branch; development line.
        This document lists applicable security advisories that were issued since
        the last release, as well as significant changes to the &os;
        kernel and userland.
        Some brief remarks on upgrading are also presented.</para>
    </abstract>
  </articleinfo>

  <sect1 id="intro">
    <title>Introduction</title>

    <para>This document contains the release notes for &os;
      &release.current;.  It
      describes recently added, changed, or deleted features of &os;.
      It also provides some notes on upgrading
      from previous versions of &os;.</para>

<![ %release.type.current [

    <para>The &release.type; distribution to which these release notes
      apply represents the latest point along the &release.branch; development
      branch since &release.branch; was created.  Information regarding pre-built, binary
      &release.type; distributions along this branch
      can be found at <ulink url="&release.url;"></ulink>.</para>

]]>

<![ %release.type.snapshot [

    <para>The &release.type; distribution to which these release notes
      apply represents a point along the &release.branch; development
      branch between &release.prev; and the future &release.next;.
      Information regarding
      pre-built, binary &release.type; distributions along this branch
      can be found at <ulink url="&release.url;"></ulink>.</para>

]]>

<![ %release.type.release [

    <para>This distribution of &os; &release.current; is a
      &release.type; distribution.  It can be found at <ulink
      url="&release.url;"></ulink> or any of its mirrors.  More
      information on obtaining this (or other) &release.type;
      distributions of &os; can be found in the <ulink
      url="&url.books.handbook;/mirrors.html"><quote>Obtaining
      &os;</quote> appendix</ulink> to the <ulink
      url="&url.books.handbook;/">&os; Handbook</ulink>.</para>

]]>

    <para>All users are encouraged to consult the release errata before
      installing &os;.  The errata document is updated with
      <quote>late-breaking</quote> information discovered late in the
      release cycle or after the release.  Typically, it contains
      information on known bugs, security advisories, and corrections to
      documentation.  An up-to-date copy of the errata for &os;
      &release.current; can be found on the &os; Web site.</para>
  </sect1>

  <sect1 id="new">
    <title>What's New</title>

    <para>This section describes the most user-visible new or changed
      features in &os; since &release.prev;.</para>

    <para>Typical release note items document recent security
      advisories issued after &release.prev;, new drivers or hardware
      support, new commands or options, major bug fixes, or
      contributed software upgrades.  They may also list changes to
      major ports/packages or release engineering practices.  Clearly
      the release notes cannot list every single change made to &os;
      between releases; this document focuses primarily on security
      advisories, user-visible changes, and major architectural
      improvements.</para>

    <sect2 id="security">
      <title>Security Advisories</title>

      <para>Problems described in the following security advisories have
        been fixed.  For more information, consult the individual
        advisories available from
        <ulink url="http://security.FreeBSD.org/"></ulink>.</para>

      <informaltable frame="none" pgwide="0">
        <tgroup cols="3">
          <colspec colwidth="1*">
          <colspec colwidth="1*">
          <colspec colwidth="3*">
            <thead>
              <row>
                <entry>Advisory</entry>
                <entry>Date</entry>
                <entry>Topic</entry>
              </row>
            </thead>

            <tbody>
              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:01.lukemftpd.asc"
                              >SA-09:01.lukemftpd</ulink></entry>
                <entry>07&nbsp;January&nbsp;2009</entry>
                <entry><para>Cross-site request forgery in
                  &man.lukemftpd.8;</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:02.openssl.asc"
                              >SA-09:02.openssl</ulink></entry>
                <entry>07&nbsp;January&nbsp;2009</entry>
                <entry><para>OpenSSL incorrectly checks for malformed
                  signatures</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:03.ntpd.asc"
                              >SA-09:03.ntpd</ulink></entry>
                <entry>13&nbsp;January&nbsp;2009</entry>
                <entry><para>ntpd cryptographic signature
                  bypass</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:04.bind.asc"
                              >SA-09:04.bind</ulink></entry>
                <entry>13&nbsp;January&nbsp;2009</entry>
                <entry><para>BIND DNSSEC incorrect checks for
                  malformed signatures</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:05.telnetd.asc"
                              >SA-09:05.telnetd</ulink></entry>
                <entry>16&nbsp;February&nbsp;2009</entry>
                <entry><para>telnetd code execution
                  vulnerability</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:06.ktimer.asc"
                              >SA-09:06.ktimer</ulink></entry>
                <entry>23&nbsp;March&nbsp;2009</entry>
                <entry><para>Local privilege escalation</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:07.libc.asc"
                              >SA-09:07.libc</ulink></entry>
                <entry>04&nbsp;April&nbsp;2009</entry>
                <entry><para>Information leak in &man.db.3;</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:08.openssl.asc"
                              >SA-09:08.openssl</ulink></entry>
                <entry>22&nbsp;April&nbsp;2009</entry>
                <entry><para>Remotely exploitable crash in
                  OpenSSL</para></entry>
              </row>
            </tbody>
        </tgroup>
      </informaltable>
    </sect2>

    <sect2 id="kernel">
      <title>Kernel Changes</title>

      <para>&os; DTrace subsystem now supports a probes for process execution.</para>

      <sect3 id="boot">
        <title>Boot Loader Changes</title>

        <para></para>
      </sect3>

      <sect3 id="proc">
        <title>Hardware Support</title>

        <para></para>

        <sect4 id="mm">
          <title>Multimedia Support</title>

          <para>The &man.agp.4; now supports Intel G4X series graphics
            chipsets.</para>

          <para>The DRM, a kernel module named Direct Rendering
            Manager that gives direct hardware access to DRI clients,
            has been updated.  Support for AMD/ATI r500 and IGP based
            chips, XGI V3XE/V5/V8, and Intel i915 chipsets has been
            improved.</para>

          <para>The &man.snd.hda.4; driver has been updated.  Changes
            include: multiple codec per HDA bus, multiple functional
            gropups per codec, multiple audio devices per functional
            group, digital (SPDIF/HDMI) audio input/output,
            suspend/resume, and part of multichannel audio.</para>

          <para>Note that due to added HDMI audio and logical audio
            devices support, updated driver often provides several PCM
            devices.  In some cases it can make system default audio
            device no longer corresponding to the users's habbitual
            audio connectors.  In such cases the default device can be
            specified in audio application setup or defined globally
            via <varname>hw.snd.default_unit sysctl</varname>
            as described in the &man.sound.4; manual page.</para>
        </sect4>

        <sect4 id="net-if">
          <title>Network Interface Support</title>

          <para></para>

        </sect4>
      </sect3>

      <sect3 id="net-proto">
        <title>Network Protocols</title>

        <para>The &man.jail.8; subsystem now supports start with a
          specific route FIB.</para>

        <para>The &man.ng.netflow.4; Netgraph node now supports
          ability to generate egress netflow instead or in addition to
          ingress.  A <literal>NGM_NETFLOW_SETCONFIG</literal> control
          message has been added to control the new functionality.</para>
      </sect3>

      <sect3 id="disks">
        <title>Disks and Storage</title>

        <para>The &man.mmc.4; and &man.mmcsd.4; driver now support MMC
          and SDHC cards, high speed timing, wide bus, and multiblock
          transfers.</para>

        <para>The &man.sdhci.4; driver has been added.  This supports
          PCI devices with class 8 and subclass 5 accord- ing to SD Host
          Controller Specification.</para>

        <para>The &man.mmc.4; &man.mmcsd.4;, and &man.sdhci.4; driver
          are now included as a kernel module.</para>
      </sect3>

      <sect3 id="fs">
        <title>File Systems</title>

        <para></para>
      </sect3>
    </sect2>

    <sect2 id="userland">
      <title>Userland Changes</title>

      <para>The &man.fetch.1; utility now supports an
        <option>-i</option> flag which supports If-Modified-Since HTTP
        request.</para>

      <para>The &man.fsck.8; utility now supports a
        <option>-C</option> flag for catastriphic recovery mode, which
        will enable certain aggressive operations that can make
        &man.fsck.8; to survive with file systems that has very
        serious data damage, which is an useful last resort when on
        disk data damage is very serious and causes &man.fsck.8; to
        crash otherwise.</para>

      <para>A bug in the &man.ipfw.8; utility which displays extra
        messages for a NAT rule even when a <option>-q</option> flag
        is specified.</para>

      <para>The &man.powerd.8; program has been improved.  Changes
        include reasonable CPU load estimation on SMP systems and a
        new mode named as <literal>hiadaptive</literal> for AC-powered
        systems which rises frequency twice faster, drops it 4 times
        slower, prefers twice lower CPU load and has additional delay
        before leaving the highest frequency after the period of
        maximum load.</para>

      <para>The &man.strndup.3; function has been added.</para>

      <para>A bug in the &man.rpc.yppasswdd.8; program which leaves a
        zombie process when a password or default shell is changed has
        been fixed.</para>

      <sect3 id="rc-scripts">
        <title><filename>/etc/rc.d</filename> Scripts</title>

        <para></para>
      </sect3>
    </sect2>

    <sect2 id="contrib">
      <title>Contributed Software</title>

      <para><application>ISC BIND</application> has been updated to
        version 9.4.3-P2.</para>

      <para>The timezone database has been updated from
        the <application>tzdata2008h</application> release to
        the <application>tzdata2009f</application> release.</para>
    </sect2>

    <sect2 id="ports">
      <title>Ports/Packages Collection Infrastructure</title>

      <para>A bug in the &man.pkg.create.1; which prevents the
        <option>-n</option> flag from working has been fixed.</para>
    </sect2>

    <sect2 id="releng">
      <title>Release Engineering and Integration</title>

      <para>The supported version of
        the <application>GNOME</application> desktop environment
        (<filename role="package">x11/gnome2</filename>) has been
        updated from 2.22 to 2.26.</para>

      <para>The supported version of
        the <application>KDE</application> desktop environment has
        been updated from 3.5.10 (<filename
        role="package">x11/kde3</filename>) to 4.2.2 (<filename
        role="package">x11/kde4</filename>).</para>
    </sect2>

    <sect2 id="doc">
      <title>Documentation</title>

      <para></para>
    </sect2>
  </sect1>

  <sect1 id="upgrade">
    <title>Upgrading from previous releases of &os;</title>

    <para arch="amd64,i386">Beginning with &os; 6.2-RELEASE, binary
      upgrades between RELEASE versions (and snapshots of the various
      security branches) are supported using the
      &man.freebsd-update.8; utility.  The binary upgrade procedure
      will update unmodified userland utilities, as well as unmodified
      GENERIC or SMP kernels distributed as a part of an official &os;
      release.  The &man.freebsd-update.8; utility requires that the
      host being upgraded have Internet connectivity.</para>

    <para>An older form of binary upgrade is supported through the
      <command>Upgrade</command> option from the main
      &man.sysinstall.8; menu on CDROM distribution media.  This type
      of binary upgrade may be useful on non-&arch.i386;,
      non-&arch.amd64; machines or on systems with no Internet
      connectivity.</para>

    <para>Source-based upgrades (those based on recompiling the &os;
      base system from source code) from previous versions are
      supported, according to the instructions in
      <filename>/usr/src/UPDATING</filename>.</para>

    <important>
      <para>Upgrading &os; should, of course, only be attempted after
        backing up <emphasis>all</emphasis> data and configuration
        files.</para>
    </important>
  </sect1>
</article>