Update release notes:

[FreeBSD/releng/7.2.git] / release / doc / en_US.ISO8859-1 / relnotes / article.sgml

<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
<!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
%articles.ent;

<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
%release;
]>

<article>
  <articleinfo>
    <title>&os; &release.current; Release Notes</title>

    <corpauthor>The &os; Project</corpauthor>

    <pubdate>$FreeBSD$</pubdate>

    <copyright>
      <year>2000</year>
      <year>2001</year>
      <year>2002</year>
      <year>2003</year>
      <year>2004</year>
      <year>2005</year>
      <year>2006</year>
      <year>2007</year>
      <year>2008</year>
      <year>2009</year>
      <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
    </copyright>

    <legalnotice id="trademarks" role="trademarks">
      &tm-attrib.freebsd;
      &tm-attrib.ibm;
      &tm-attrib.ieee;
      &tm-attrib.intel;
      &tm-attrib.microsoft;
      &tm-attrib.sparc;
      &tm-attrib.general;
    </legalnotice>

    <abstract>
      <para>The release notes for &os; &release.current; contain a summary
        of the changes made to the &os; base system on the
        &release.branch; development line.
        This document lists applicable security advisories that were issued since
        the last release, as well as significant changes to the &os;
        kernel and userland.
        Some brief remarks on upgrading are also presented.</para>
    </abstract>
  </articleinfo>

  <sect1 id="intro">
    <title>Introduction</title>

    <para>This document contains the release notes for &os;
      &release.current;.  It
      describes recently added, changed, or deleted features of &os;.
      It also provides some notes on upgrading
      from previous versions of &os;.</para>

<![ %release.type.current [

    <para>The &release.type; distribution to which these release notes
      apply represents the latest point along the &release.branch; development
      branch since &release.branch; was created.  Information regarding pre-built, binary
      &release.type; distributions along this branch
      can be found at <ulink url="&release.url;"></ulink>.</para>

]]>

<![ %release.type.snapshot [

    <para>The &release.type; distribution to which these release notes
      apply represents a point along the &release.branch; development
      branch between &release.prev; and the future &release.next;.
      Information regarding
      pre-built, binary &release.type; distributions along this branch
      can be found at <ulink url="&release.url;"></ulink>.</para>

]]>

<![ %release.type.release [

    <para>This distribution of &os; &release.current; is a
      &release.type; distribution.  It can be found at <ulink
      url="&release.url;"></ulink> or any of its mirrors.  More
      information on obtaining this (or other) &release.type;
      distributions of &os; can be found in the <ulink
      url="&url.books.handbook;/mirrors.html"><quote>Obtaining
      &os;</quote> appendix</ulink> to the <ulink
      url="&url.books.handbook;/">&os; Handbook</ulink>.</para>

]]>

    <para>All users are encouraged to consult the release errata before
      installing &os;.  The errata document is updated with
      <quote>late-breaking</quote> information discovered late in the
      release cycle or after the release.  Typically, it contains
      information on known bugs, security advisories, and corrections to
      documentation.  An up-to-date copy of the errata for &os;
      &release.current; can be found on the &os; Web site.</para>
  </sect1>

  <sect1 id="new">
    <title>What's New</title>

    <para>This section describes the most user-visible new or changed
      features in &os; since &release.prev;.</para>

    <para>Typical release note items document recent security
      advisories issued after &release.prev;, new drivers or hardware
      support, new commands or options, major bug fixes, or
      contributed software upgrades.  They may also list changes to
      major ports/packages or release engineering practices.  Clearly
      the release notes cannot list every single change made to &os;
      between releases; this document focuses primarily on security
      advisories, user-visible changes, and major architectural
      improvements.</para>

    <sect2 id="security">
      <title>Security Advisories</title>

      <para>Problems described in the following security advisories have
        been fixed.  For more information, consult the individual
        advisories available from
        <ulink url="http://security.FreeBSD.org/"></ulink>.</para>

      <informaltable frame="none" pgwide="0">
        <tgroup cols="3">
          <colspec colwidth="1*">
          <colspec colwidth="1*">
          <colspec colwidth="3*">
            <thead>
              <row>
                <entry>Advisory</entry>
                <entry>Date</entry>
                <entry>Topic</entry>
              </row>
            </thead>

            <tbody>
              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:01.lukemftpd.asc"
                              >SA-09:01.lukemftpd</ulink></entry>
                <entry>07&nbsp;January&nbsp;2009</entry>
                <entry><para>Cross-site request forgery in
                  &man.lukemftpd.8;</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:02.openssl.asc"
                              >SA-09:02.openssl</ulink></entry>
                <entry>07&nbsp;January&nbsp;2009</entry>
                <entry><para>OpenSSL incorrectly checks for malformed
                  signatures</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:03.ntpd.asc"
                              >SA-09:03.ntpd</ulink></entry>
                <entry>13&nbsp;January&nbsp;2009</entry>
                <entry><para>ntpd cryptographic signature
                  bypass</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:04.bind.asc"
                              >SA-09:04.bind</ulink></entry>
                <entry>13&nbsp;January&nbsp;2009</entry>
                <entry><para>BIND DNSSEC incorrect checks for
                  malformed signatures</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:05.telnetd.asc"
                              >SA-09:05.telnetd</ulink></entry>
                <entry>16&nbsp;February&nbsp;2009</entry>
                <entry><para>telnetd code execution
                  vulnerability</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:06.ktimer.asc"
                              >SA-09:06.ktimer</ulink></entry>
                <entry>23&nbsp;March&nbsp;2009</entry>
                <entry><para>Local privilege escalation</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:07.libc.asc"
                              >SA-09:07.libc</ulink></entry>
                <entry>04&nbsp;April&nbsp;2009</entry>
                <entry><para>Information leak in &man.db.3;</para></entry>
              </row>

              <row>
                <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:08.openssl.asc"
                              >SA-09:08.openssl</ulink></entry>
                <entry>22&nbsp;April&nbsp;2009</entry>
                <entry><para>Remotely exploitable crash in
                  OpenSSL</para></entry>
              </row>
            </tbody>
        </tgroup>
      </informaltable>
    </sect2>

    <sect2 id="kernel">
      <title>Kernel Changes</title>

      <para>The &man.ddb.8; kernel debugger now supports a
        <command>show mount</command> subcommand.</para>

      <para>The &os; DTrace subsystem now supports a probe for
        process execution.</para>

      <para arch="amd64">The &os; kernel virtual address space has
        been increased to 6GB and the ceiling on the kmem map size
        to 3.6GB.  Note that the ceiling as a fraction of the kernel
        map size rather than an absolute quantity.</para>

      <para>The &man.jail.8; subsystem has been updated.  Changes include:</para>

      <itemizedlist>
        <listitem>
          <para>Multiple addresses of both IPv4 and IPv6 per jail has
            been supported.  It is even possible to have jails without
            an IP address at all, which basically gives one a chrooted
            environment with restricted process view and no
            networking.</para>
        </listitem>

        <listitem>
          <para>SCTP (&man.sctp.4;) with IPv6 in jails has been supported.</para>
        </listitem>

        <listitem>
          <para>Specific CPU binding by using &man.cpuset.1; has been supported.</para>
        </listitem>

        <listitem>
          <para>A <literal>show jails</literal> subcommand in
            &man.ddb.8; has been added.</para>
        </listitem>

        <listitem>
          <para>Compatibility support which permits 32bit jail
            binaries to be used on 64bit systems to manage jails has
            been added.</para>
        </listitem>

        <listitem>
          <para>Note that both version numbers of
            <literal>jail</literal> and <literal>prison</literal> in
            the &man.jail.8; have been updated for the new
            features.</para>
        </listitem>
      </itemizedlist>

      <para>The &man.jail.8; subsystem now supports SCTP (&man.sctp.4;)
        with IPv6 in jails.</para>

      <para>The &man.kld.4; now supports installing 32-bit system
        call to the &os; system call translation layer from kernel
        modules.</para>

      <para>The &man.ktr.4; now supports a new KTR tracepoint in the
        <literal>KTR_CALLOUT</literal> class to note when a callout
        routine finishes executing.</para>

      <para>Types of variables used to track amount of allocated
        System V shared memory from <literal>int</literal> to
        <literal>size_t</literal>.  This makes it possible to use more
        than 2 GB shared memory segments on 64-bit architectures.
        Please note the new BUGS section in &man.shmctl.2; and
        <filename>/usr/src/UPDATING</filename> for limitations of this
        temporal solution.</para>

      <para>The &os; 32-bit system call translation layer now
        supports installing 32-bit system calls for
        <literal>VFS_AIO</literal>.</para>

      <para arch="amd64,i386">The &os; virtual memory subsystem now
        supports Superpages.  The Superpages is a feature in modern
        CPUs that enables each entry in the TLB (translation lookaside
        buffer) to map a large physical memory region into a virtual
        address space.  This provides possible memory savings for
        applications that share large amounts of memory between the
        address spaces and performance improvements due to fewer TLB
        misses.</para>

      <sect3 id="boot">
        <title>Boot Loader Changes</title>

        <para>The &man.boot.8; now supports 4-byte volume ID that
          certain versions of &windows; put into the MBR and invoking
          PXE by pressing F6 key on some supported BIOSes.</para>

        <para>The &man.loader.8; is now able to obtain DHCP options
          via &man.kenv.2; variables in the case of network boot.</para>

        <para>A bug in the &man.loader.8; has been fixed.  Now the
          following line works as expected:</para>

        <programlisting>loader_conf_files="<replaceable>foo</replaceable> <replaceable>bar</replaceable> ${<replaceable>variable</replaceable>}"</programlisting>
      </sect3>

      <sect3 id="proc">
        <title>Hardware Support</title>

        <para arch="sparc64">The &os; now supports Ultra SPARC III
          (Cheetah) family.</para>

        <para>The &man.acpi.4; subsystem now supports a &man.sysctl.8;
          variable <varname>debug.batt.batt_sleep_ms</varname>.  On
          some laptops with smart batteries, enabling battery
          monitoring software causes keystrokes from &man.atkbd.4; to
          be lost.  This sysctl variable adds a delay in millisecond
          to the status checking code as a workaround.</para>

        <para>The &man.acpi.asus.4; driver now supports Asus A8Sr
          notebooks.</para>

        <para arch="powerpc">Support for the AltiVec, a floating point
          and integer SIMD instruction set has been added.</para>

        <para>The &man.cpuctl.4; driver, which provides a special
          device <filename>/dev/cpuctl</filename> as an interface to
          the system CPU and functionality to retrieve CPUID
          information, read/write machine specific registers (MSR) and
          perform CPU firmware updates.</para>

        <para>The &man.cpufreq.4; driver now supports a
          <varname>hw.est.msr_info</varname> loader tunable.  When
          this set to <literal>1</literal>, it attempts to build a
          simple list containing just the high and low frequencies if
          it cannot obtain a frequency list from either ACPI or the
          static tables.  This is disabled by default.</para>

        <para arch="amd64,i386">CPU frequency change notifiers are now
          disabled when the TSC is P-state invariant.  Also, a new
          loader tunable
          <varname>kern.timecounter.invariant_tsc</varname> has been
          added to force this behavior by setting it to
          non-zero.</para>

        <para>In the &man.pci.4; subsystem INTx is now disabled when
          MSI/MSIX is enabled.  This change fixes interrupt storm
          related issues.</para>

        <para>A &man.sysctl.3; leaf node has a flag to tag itself as
          MPSAFE now.</para>

        <sect4 id="mm">
          <title>Multimedia Support</title>

          <para>The &man.agp.4; now supports Intel G4X series graphics
            chipsets.</para>

          <para>The DRM, a kernel module named Direct Rendering
            Manager that gives direct hardware access to DRI clients,
            has been updated.  Support for AMD/ATI r500, r600, r700,
            and IGP based chips, XGI V3XE/V5/V8, and Intel i915
            chipsets has been improved.</para>

          <para>A new loader tunable <varname>hw.drm.msi</varname>
            which controls if DRM uses MSI or not.  This is set to
            <literal>1</literal> (enabled) by default.</para>

          <para>The snd_au88x0(4) driver for Aureal Vortex
            1/2/Advantage PCI has been removed because this was
            broken for a long time.</para>

          <para>The &man.snd.hda.4; driver has been updated.  Changes
            include: multiple codec per HDA bus, multiple functional
            groups per codec, multiple audio devices per functional
            group, digital (SPDIF/HDMI) audio input/output,
            suspend/resume, and part of multichannel audio.</para>

          <para>Note that due to added HDMI audio and logical audio
            devices support, updated driver often provides several PCM
            devices.  In some cases it can make system default audio
            device no longer corresponding to the users's habitual
            audio connectors.  In such cases the default device can be
            specified in audio application setup or defined globally
            via <varname>hw.snd.default_unit sysctl</varname>
            as described in the &man.sound.4; manual page.</para>
        </sect4>

        <sect4 id="net-if">
          <title>Network Interface Support</title>

          <para>The &man.ae.4; driver now supports WoL
            (Wake on LAN).</para>

          <para arch="amd64,i386">The &man.ale.4; driver are now
            included in the <filename>GENERIC</filename>
            kernel.</para>

          <para>The &man.ath.hal.4;, Atheros Hardware Access Layer,
            has been updated to the open source version.</para>

          <para>The &man.axe.4; driver has been improved in
            performance by eliminating extra context switch and now
            supports Apple USB Ethernet adapter.</para>

          <para>The ciphy(4) driver now supports Vitesse VSC8211
            PHY.</para>

          <para>The &man.cxgb.4; driver now supports hardware MAC
            statistics.</para>

          <para>The &man.fxp.4; driver has been improved.  Changes include:</para>

          <itemizedlist>
            <listitem>
              <para>The checksum offload feature can be controlled by
                &man.ifconfig.8;.</para>
            </listitem>

            <listitem>
              <para>Rx checksum offload support for 82559 or later
                controllers has been added.</para>
            </listitem>

            <listitem>
              <para>TSO (TCP Segmentation Offload) support for 82550
                and 82551 controllers has been added.</para>
            </listitem>

            <listitem>
              <para>WoL (Wake on LAN) support for 82550, 82551, 82558,
                and 82559-based controllers has been added.  Note that
                ICH based controllers are treated as 82559, and 82557,
                earlier revision of 82558, and 82559ER have no WOL
                capability.</para>
            </listitem>

            <listitem>
              <para>VLAN hardware tag insertion/stripping support and
                Tx/Rx checksum offload for VLAN frames support have
                been added.  Note that the VLAN hardware assistance is
                available only on 82550 or 82551-based
                controllers.</para>
            </listitem>
          </itemizedlist>

          <para>A bug in &man.igb.4; driver which prevents a tunable
            <varname>hw.igb.ave_latency</varname> from working has
            been fixed.</para>

          <para>The &man.jme.4; driver now supports newer JMicron
            JMC250/JMC260 revisions.</para>

          <para>The &man.msk.4; driver has been improved.  An issue
            which makes it hang up in a certain condition has been
            fixed.  A hardware MAC statistics support has been added
            and users can get the information via sysctl variables
            named
            <varname>dev.msk.<replaceable>N</replaceable>.stats</varname>.</para>

          <para>The &man.mxge.4; driver now supports some newer
            revisions and 10GBASE-LRM and 10GBASE-Twinax media
            types.</para>

          <para>The &man.nfe.4; driver now supports hardware MAC
            statistics.</para>

          <para>The &man.re.4; driver has been improved.  It now
            detects the link status.  A new loader tunable
            <varname>hw.re.prefer_iomap</varname> to disable memory
            register mapping.  This tunable is <literal>0</literal>
            for all controllers except RTL8169SC family.</para>

          <para>The &man.rl.4; driver has been improved.  It now
            detects the link status and a bug which prevents it from
            working on systems with more than 4GB memory has been
            fixed.</para>

          <para>A bug in &man.sis.4; on VLAN tagged frame handling has
            been fixed.</para>

          <para>The &man.txp.4; driver has been updated to the latest
            firmware.</para>
        </sect4>
      </sect3>

      <sect3 id="net-proto">
        <title>Network Protocols</title>

        <para>IPv4 source address selection for unbound sockets has
          been implemented as follows:</para>

        <orderedlist>
          <listitem>
            <para>If we found a route, use the address corresponding
              to the outgoing interface.</para>
          </listitem>

          <listitem>
            <para>Otherwise we assume the foreign address is reachable
              on a directly connected network and try to find a
              corresponding interface to take the source address
              from.</para>
          </listitem>

          <listitem>
            <para>As a last resort use the default jail address.</para>
          </listitem>
        </orderedlist>

        <para>The TCP MD5 Signature Option (RFC 2385) for IPv6 has
          been implemented in the same way it has been implemented for
          IPv4.</para>

        <para>This also changes the semantics of selecting the IP for
          processes within a &man.jail.8; as it now uses the same
          logic as outside the &man.jail.8;.</para>

        <para>The &man.jail.8; subsystem now supports start with a
          specific route FIB.</para>

        <para>The &man.ng.netflow.4; Netgraph node now supports
          ability to generate egress netflow instead or in addition to
          ingress.  A <literal>NGM_NETFLOW_SETCONFIG</literal> control
          message has been added to control the new functionality.</para>

        <para>The &man.tap.4;, Ethernet tunnel software network
          interface now supports <literal>TAPGIFNAME</literal>
          character device ioctl.  This is a convenient shortcut to
          obtain network interface name using file descriptor for
          character device.</para>

        <para>The domains list for handling the list of supported
          domains in the &man.unix.4; (UNIX domain protocol family)
          subsystem is now MPSAFE.</para>
      </sect3>

      <sect3 id="disks">
        <title>Disks and Storage</title>

        <para>The &man.ata.4; driver now supports Marvell PATA M88SX6121.</para>

        <para>The &man.ataraid.4; driver now has an initial support
          for DDF metadata found on Adaptec HostRAID controllers.
          Note that spares and rebuilds are not supported yet.</para>

        <para>The &man.cam.4; SCSI subsystem now supports a sysctl
          variable <varname>kern.cam.cd.retry_count</varname>.  This
          controls the number of retries for the CD media.  When
          trying to read scratched or damaged CDs and DVDs, the
          default mechanism is sub-optimal, and programs like
          <application>ddrescue</application> do much better if you
          turn off the retries entirely since their algorithms do it
          by themselves.  This value is set to <literal>4</literal>
          (for a total 5 attempts) by default.  Setting to 0 turns off
          all retry attempts.</para>

        <para>A bug in the &man.ciss.4; driver which caused low
          <quote>max device openings</quote> count that has led
          to poor performance has been fixed.</para>

        <para>The &man.gpart.8; utility has been updated.  The APM
          scheme now supports Tivo Series 1 partitions (read only), a
          new EBR scheme to support Extended Boot Records has been
          added, the BSD scheme now support bootcode, and bugs in PC98
          and VTOC8 scheme have been fixed.</para>

        <para>An issue in the &man.gvinum.8; with access permissions
          to underlying disks used by a gvinum plex has been fixed.
          If the plex is a raid5 plex and is being written to, parity data might
          have to be read from the underlying disks, requiring them to be opened for
          reading as well as writing.</para>

        <para>The &man.mmc.4; and &man.mmcsd.4; driver now support MMC
          and SDHC cards, high speed timing, wide bus, and multiblock
          transfers.</para>

        <para arch="sparc64">The &man.mpt.4; driver is now in the
          <filename>GENERIC</filename> kernel.</para>

        <para>The &man.sdhci.4; driver has been added.  This supports
          PCI devices with class 8 and subclass 5 according to SD Host
          Controller Specification.</para>

        <para>The &man.sdhci.4; driver now supports kernel dumping and
          a sysctl variable <varname>hw.sdhci.debug</varname> for debug
          level.</para>

        <para>The &man.mmc.4; &man.mmcsd.4;, and &man.sdhci.4; driver
          are now included as a kernel module.</para>
      </sect3>

      <sect3 id="fs">
        <title>File Systems</title>

        <para>The semantics of &man.acl.3; extended access control
          list has been changed as follows:</para>

        <itemizedlist>
          <listitem>
            <para>The inode modification time (mtime) is not updated
              when extended attribute are added, modified, or removed.</para>
          </listitem>

          <listitem>
            <para>The inode access time (atime) is not updated
              when extended attribute are queried.</para>
          </listitem>
        </itemizedlist>

        <para>The &os; NFS file system now supports a sysctl variable
          <varname>vfs.nfs.prime_access_cache</varname> to determine
          whether or not <function>nfs_getattr()</function> will use
          an ACCESS RPC to prime the access cache instead of a simple
          GETATTR RPC.  This is because on many NFS servers an ACCESS
          RPC is much more expensive to service than a GETATTR RPC for
          files in a NFSv3 mount.  The sysctl variables is enabled by
          default to maintain the previous behavior.</para>

        <para>The &os; UDF file system now supports fifo.</para>

        <para>The shared vnode locking for pathname lookups in
          &man.VFS.9; subsystem has been improved.  This is disabled
          by default.  Setting a sysctl variable
          <varname>vfs.lookup_shared</varname> to <literal>1</literal>
          enables it for better performance.  Note that the
          <literal>LOOKUP_SHARED</literal> equivalent to the sysctl
          variable kernel option has been removed.</para>
      </sect3>
    </sect2>

    <sect2 id="userland">
      <title>Userland Changes</title>

      <para>A bug in the &man.atacontrol.8; utility which prevents it
        from working when <filename>/usr</filename> is not mounted or
        invoked from <filename>/rescue</filename>, has been
        fixed.</para>

      <para>The &man.btpand.8; daemon from NetBSD has been added.
        This daemon provides support for Bluetooth Network Access
        Point (NAP), Group Ad-hoc Network (GN) and Personal Area
        Network User (PANU) profiles.</para>

      <para>The &man.ncal.1; utility now supports multibyte
        characters.</para>

      <para>The &man.config.8; utility now supports
        multiple <varname>makeoption</varname> lines.</para>

      <para>The &man.csup.1; utility now supports CVSMode to fetch a
        complete CVS repository.  Note that the rsync transfer mode is
        currently disabled.</para>

      <para>The &man.dirname.1; utility now accepts multiple arguments
        in the same way that &man.basename.1; does.</para>

      <para>The &man.du.1; utility now supports an <option>-l</option>
        flag.  When specified, the &man.du.1; counts a file with
        multiple hard links as multiple different files.</para>

      <para>The &man.du.1; utility now supports an <option>-A</option> flag
        to display the apparent size instead of the disk usage.  This can be
        helpful when operating on compressed volumes or sparse files.</para>

      <para>The &man.du.1; utility now supports a <option>-B
        <replaceable>blocksize</replaceable></option> option to
        calculate block counts in blocksize byte blocks.  This is
        different from the <option>-k</option>, <option>-m</option>
        options or setting <varname>BLOCKSIZE</varname> and gives an
        estimate of how much space the examined file hierarchy would
        require on a filesystem with the given
        <replaceable>blocksize</replaceable>.  Unless in
        <option>-A</option> mode, <replaceable>blocksize</replaceable>
        is rounded up to the next multiple of 512.</para>

      <para>The &man.dumpfs.8; utility now supports an
        <option>-f</option> flag, which causes it to list all free
        fragments in the file system by fragment (block) number.  This
        new mode does the necessary arithmetic to generate absolute
        fragment numbers rather than than the cg-relative numbers
        printed in the default mode.</para>

      <para>If <option>-f</option> is passed once, contiguous fragment
        ranges are collapsed into an X-Y format as free block lists are
        currently printed in regular dumpfs output, but if specified twice,
        all block numbers are printed individually, allowing both compact
        and more script-friendly representation.</para>

      <para>The &man.fetch.1; utility now supports an
        <option>-i</option> flag which supports If-Modified-Since HTTP
        1.1 request.  If specified it will cause the file to be
        downloaded only if it is more recent than the mtime of the
        file.  Also, <application>libfetch</application> now accepts
        the mtime in the url structure and a flag to indicate when
        this behavior is desired.</para>

      <para>The &man.fsck.8; utility now supports a
        <option>-D</option> flag for damaged recovery mode, which
        will enable certain aggressive operations that can make
        &man.fsck.8; to survive with file systems that has very
        serious data damage, which is an useful last resort when on
        disk data damage is very serious and causes &man.fsck.8; to
        crash otherwise.</para>

      <para>A bug in the &man.ipfw.8; utility which displays extra
        messages for a NAT rule even when a <option>-q</option> flag
        is specified.</para>

      <para>The &man.ln.1; utility now supports a <option>-w</option>
        flag to check if the source file actually exists.  When the
        flag is specified and the file does not exist, the &man.ln.1;
        will put a warning message.</para>

      <para>The &man.makefs.8; utility to create a file system image
        from a directory tree has been added.</para>

      <para>The &man.mergemaster.8; utility now supports an
        <option>-F</option> option to automatically install files that
        differ only in version control ID strings.</para>

      <para>The &man.netstat.1; utility now reports &man.unix.4;
        sockets listen queue statistics when an <option>-L</option>
        flag.</para>

      <para>A bug in the &man.netstat.1; utility has been fixed.  It
        crashed with the following options in the previous
        versions:</para>

      <screen>&prompt.user; netstat -m -N foo</screen>

      <para>A bug in the &man.netstat.1; utility has been fixed.  The
        <option>-ss</option> now works in the icmp6 section as
        expected.</para>

      <para>The &man.pciconf.8; utility now supports a
        <option>-b</option> flag, which lists any base address
        registers (BAR) that are assigned resources for each
        device.</para>

      <para>The &man.powerd.8; program has been improved.  Changes
        include reasonable CPU load estimation on SMP systems and a
        new mode named as <literal>hiadaptive</literal> for AC-powered
        systems which rises frequency twice faster, drops it 4 times
        slower, prefers twice lower CPU load and has additional delay
        before leaving the highest frequency after the period of
        maximum load.</para>

      <para>The &man.stat.1; utility now displays an octal
        representation of suid, sgid and sticky bits when an
        <option>-x</option> flag is specified.</para>

      <para>The &man.strndup.3; function has been added.</para>

      <para>The &man.wc.1; utility now supports an <option>-L</option>
        flag to output the number of characters in the longest input
        line.</para>

      <para>A bug in the &man.rpc.yppasswdd.8; program which leaves a
        zombie process when a password or default shell is changed has
        been fixed.</para>

      <sect3 id="rc-scripts">
        <title><filename>/etc/rc.d</filename> Scripts</title>

        <para></para>
      </sect3>
    </sect2>

    <sect2 id="contrib">
      <title>Contributed Software</title>

      <para><application>ISC BIND</application> has been updated to
        version 9.4.3-P2.</para>

      <para>The timezone database has been updated from
        the <application>tzdata2008h</application> release to
        the <application>tzdata2009f</application> release.</para>
    </sect2>

    <sect2 id="ports">
      <title>Ports/Packages Collection Infrastructure</title>

      <para>A bug in the &man.pkg.create.1; which prevents the
        <option>-n</option> flag from working has been fixed.</para>
    </sect2>

    <sect2 id="releng">
      <title>Release Engineering and Integration</title>

      <para>The supported version of
        the <application>GNOME</application> desktop environment
        (<filename role="package">x11/gnome2</filename>) has been
        updated from 2.22 to 2.26.</para>

      <para>The supported version of
        the <application>KDE</application> desktop environment has
        been updated from 3.5.10 (<filename
        role="package">x11/kde3</filename>) to 4.2.2 (<filename
        role="package">x11/kde4</filename>).</para>
    </sect2>

    <sect2 id="doc">
      <title>Documentation</title>

      <para></para>
    </sect2>
  </sect1>

  <sect1 id="upgrade">
    <title>Upgrading from previous releases of &os;</title>

    <para arch="amd64,i386">Beginning with &os; 6.2-RELEASE, binary
      upgrades between RELEASE versions (and snapshots of the various
      security branches) are supported using the
      &man.freebsd-update.8; utility.  The binary upgrade procedure
      will update unmodified userland utilities, as well as unmodified
      GENERIC or SMP kernels distributed as a part of an official &os;
      release.  The &man.freebsd-update.8; utility requires that the
      host being upgraded have Internet connectivity.</para>

    <para>An older form of binary upgrade is supported through the
      <command>Upgrade</command> option from the main
      &man.sysinstall.8; menu on CDROM distribution media.  This type
      of binary upgrade may be useful on non-&arch.i386;,
      non-&arch.amd64; machines or on systems with no Internet
      connectivity.</para>

    <para>Source-based upgrades (those based on recompiling the &os;
      base system from source code) from previous versions are
      supported, according to the instructions in
      <filename>/usr/src/UPDATING</filename>.</para>

    <important>
      <para>Upgrading &os; should, of course, only be attempted after
        backing up <emphasis>all</emphasis> data and configuration
        files.</para>
    </important>
  </sect1>
</article>