1 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
2 <!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
5 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
11 <title>&os; &release.current; Release Notes</title>
13 <corpauthor>The &os; Project</corpauthor>
15 <pubdate>$FreeBSD$</pubdate>
28 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
31 <legalnotice id="trademarks" role="trademarks">
42 <para>The release notes for &os; &release.current; contain a summary
43 of the changes made to the &os; base system on the
44 &release.branch; development line.
45 This document lists applicable security advisories that were issued since
46 the last release, as well as significant changes to the &os;
48 Some brief remarks on upgrading are also presented.</para>
53 <title>Introduction</title>
55 <para>This document contains the release notes for &os;
57 describes recently added, changed, or deleted features of &os;.
58 It also provides some notes on upgrading
59 from previous versions of &os;.</para>
61 <![ %release.type.current [
63 <para>The &release.type; distribution to which these release notes
64 apply represents the latest point along the &release.branch; development
65 branch since &release.branch; was created. Information regarding pre-built, binary
66 &release.type; distributions along this branch
67 can be found at <ulink url="&release.url;"></ulink>.</para>
71 <![ %release.type.snapshot [
73 <para>The &release.type; distribution to which these release notes
74 apply represents a point along the &release.branch; development
75 branch between &release.prev; and the future &release.next;.
77 pre-built, binary &release.type; distributions along this branch
78 can be found at <ulink url="&release.url;"></ulink>.</para>
82 <![ %release.type.release [
84 <para>This distribution of &os; &release.current; is a
85 &release.type; distribution. It can be found at <ulink
86 url="&release.url;"></ulink> or any of its mirrors. More
87 information on obtaining this (or other) &release.type;
88 distributions of &os; can be found in the <ulink
89 url="&url.books.handbook;/mirrors.html"><quote>Obtaining
90 &os;</quote> appendix</ulink> to the <ulink
91 url="&url.books.handbook;/">&os; Handbook</ulink>.</para>
95 <para>All users are encouraged to consult the release errata before
96 installing &os;. The errata document is updated with
97 <quote>late-breaking</quote> information discovered late in the
98 release cycle or after the release. Typically, it contains
99 information on known bugs, security advisories, and corrections to
100 documentation. An up-to-date copy of the errata for &os;
101 &release.current; can be found on the &os; Web site.</para>
105 <title>What's New</title>
107 <para>This section describes the most user-visible new or changed
108 features in &os; since &release.prev;.</para>
110 <para>Typical release note items document recent security
111 advisories issued after &release.prev;, new drivers or hardware
112 support, new commands or options, major bug fixes, or
113 contributed software upgrades. They may also list changes to
114 major ports/packages or release engineering practices. Clearly
115 the release notes cannot list every single change made to &os;
116 between releases; this document focuses primarily on security
117 advisories, user-visible changes, and major architectural
120 <sect2 id="security">
121 <title>Security Advisories</title>
123 <para>Problems described in the following security advisories have
124 been fixed. For more information, consult the individual
125 advisories available from
126 <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
128 <informaltable frame="none" pgwide="0">
130 <colspec colwidth="1*">
131 <colspec colwidth="1*">
132 <colspec colwidth="3*">
135 <entry>Advisory</entry>
143 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:01.lukemftpd.asc"
144 >SA-09:01.lukemftpd</ulink></entry>
145 <entry>07 January 2009</entry>
146 <entry><para>Cross-site request forgery in
147 &man.lukemftpd.8;</para></entry>
151 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:02.openssl.asc"
152 >SA-09:02.openssl</ulink></entry>
153 <entry>07 January 2009</entry>
154 <entry><para>OpenSSL incorrectly checks for malformed
155 signatures</para></entry>
159 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:03.ntpd.asc"
160 >SA-09:03.ntpd</ulink></entry>
161 <entry>13 January 2009</entry>
162 <entry><para>ntpd cryptographic signature
163 bypass</para></entry>
167 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:04.bind.asc"
168 >SA-09:04.bind</ulink></entry>
169 <entry>13 January 2009</entry>
170 <entry><para>BIND DNSSEC incorrect checks for
171 malformed signatures</para></entry>
175 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:05.telnetd.asc"
176 >SA-09:05.telnetd</ulink></entry>
177 <entry>16 February 2009</entry>
178 <entry><para>telnetd code execution
179 vulnerability</para></entry>
183 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:06.ktimer.asc"
184 >SA-09:06.ktimer</ulink></entry>
185 <entry>23 March 2009</entry>
186 <entry><para>Local privilege escalation</para></entry>
190 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:07.libc.asc"
191 >SA-09:07.libc</ulink></entry>
192 <entry>04 April 2009</entry>
193 <entry><para>Information leak in &man.db.3;</para></entry>
197 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:08.openssl.asc"
198 >SA-09:08.openssl</ulink></entry>
199 <entry>22 April 2009</entry>
200 <entry><para>Remotely exploitable crash in
201 OpenSSL</para></entry>
209 <title>Kernel Changes</title>
211 <para>The &man.ddb.8; kernel debugger now supports a
212 <command>show mount</command> subcommand.</para>
214 <para>The &os; DTrace subsystem now supports a probe for
215 process execution.</para>
217 <para arch="amd64">The &os; kernel virtual address space has
218 been increased to 6GB and the ceiling on the kmem map size
219 to 3.6GB. Note that the ceiling as a fraction of the kernel
220 map size rather than an absolute quantity.</para>
222 <para>The &man.jail.8; subsystem has been updated. Changes include:</para>
226 <para>Multiple addresses of both IPv4 and IPv6 per jail has
227 been supported. It is even possible to have jails without
228 an IP address at all, which basically gives one a chrooted
229 environment with restricted process view and no
234 <para>SCTP (&man.sctp.4;) with IPv6 in jails has been supported.</para>
238 <para>Specific CPU binding by using &man.cpuset.1; has been
239 supported. Note that the current implementation allows
240 the superuser inside of the jail to change the CPU
241 bindings specified. This behavior will be fixed in the
246 <para>A <literal>show jails</literal> subcommand in
247 &man.ddb.8; has been added.</para>
251 <para>Compatibility support which permits 32bit jail
252 binaries to be used on 64bit systems to manage jails has
257 <para>Note that both version numbers of
258 <literal>jail</literal> and <literal>prison</literal> in
259 the &man.jail.8; have been updated for the new
264 <para>The &man.kld.4; now supports installing 32-bit system
265 call to the &os; system call translation layer from kernel
268 <para>The &man.ktr.4; now supports a new KTR tracepoint in the
269 <literal>KTR_CALLOUT</literal> class to note when a callout
270 routine finishes executing.</para>
272 <para>Types of variables used to track amount of allocated
273 System V shared memory from <literal>int</literal> to
274 <literal>size_t</literal>. This makes it possible to use more
275 than 2 GB shared memory segments on 64-bit architectures.
276 Please note the new BUGS section in &man.shmctl.2; and
277 <filename>/usr/src/UPDATING</filename> for limitations of this
278 temporal solution.</para>
280 <para>The &os; 32-bit system call translation layer now
281 supports installing 32-bit system calls for
282 <literal>VFS_AIO</literal>.</para>
284 <para arch="amd64,i386">The &os; virtual memory subsystem now
285 supports Superpages. The Superpages is a feature in modern
286 CPUs that enables each entry in the TLB (translation lookaside
287 buffer) to map a large physical memory region into a virtual
288 address space. This provides possible memory savings for
289 applications that share large amounts of memory between the
290 address spaces and performance improvements due to fewer TLB
294 <title>Boot Loader Changes</title>
296 <para>The &man.boot.8; now supports 4-byte volume ID that
297 certain versions of &windows; put into the MBR and invoking
298 PXE by pressing F6 key on some supported BIOSes.</para>
300 <para>The &man.loader.8; is now able to obtain DHCP options
301 via &man.kenv.2; variables in the case of network boot.</para>
303 <para>A bug in the &man.loader.8; has been fixed. Now the
304 following line works as expected:</para>
306 <programlisting>loader_conf_files="<replaceable>foo</replaceable> <replaceable>bar</replaceable> ${<replaceable>variable</replaceable>}"</programlisting>
310 <title>Hardware Support</title>
312 <para arch="sparc64">The &os; now supports Ultra SPARC III
313 (Cheetah) family.</para>
315 <para>The &man.acpi.4; subsystem now supports a &man.sysctl.8;
316 variable <varname>debug.batt.batt_sleep_ms</varname>. On
317 some laptops with smart batteries, enabling battery
318 monitoring software causes keystrokes from &man.atkbd.4; to
319 be lost. This sysctl variable adds a delay in millisecond
320 to the status checking code as a workaround.</para>
322 <para>The &man.acpi.asus.4; driver now supports Asus A8Sr
325 <para arch="powerpc">Support for the AltiVec, a floating point
326 and integer SIMD instruction set has been added.</para>
328 <para>The &man.cpuctl.4; driver, which provides a special
329 device <filename>/dev/cpuctl</filename> as an interface to
330 the system CPU and functionality to retrieve CPUID
331 information, read/write machine specific registers (MSR) and
332 perform CPU firmware updates.</para>
334 <para>The &man.cpufreq.4; driver now supports a
335 <varname>hw.est.msr_info</varname> loader tunable. When
336 this set to <literal>1</literal>, it attempts to build a
337 simple list containing just the high and low frequencies if
338 it cannot obtain a frequency list from either ACPI or the
339 static tables. This is disabled by default.</para>
341 <para arch="amd64,i386">CPU frequency change notifiers are now
342 disabled when the TSC is P-state invariant. Also, a new
344 <varname>kern.timecounter.invariant_tsc</varname> has been
345 added to force this behavior by setting it to
348 <para>The &man.atkbd.4; now disables the interrupt handler
349 which is called from the keyboard callback function when
350 polled mode is enabled. This fixes duplicated/missing
351 characters problem at mountroot on multi CPU systems while
352 &man.kbdmux.4; is enabled.</para>
354 <para>In the &man.pci.4; subsystem INTx is now disabled when
355 MSI/MSIX is enabled. This change fixes interrupt storm
356 related issues.</para>
358 <para arch="sparc64">The schizo(4) driver for Schizo
359 Fireplane/Safari to PCI 2.1 and Tomatillo JBus to PCI 2.2
360 bridges has been added.</para>
362 <para>A &man.sysctl.3; leaf node has a flag to tag itself as
365 <para>The &man.sched.ule.4; scheduler now supports a loader
366 tunable <varname>machdep.hyperthreading_enabled</varname> as
367 the &man.sched.4bsd.4; does. Note that it cannot be
368 modified at run-time.</para>
371 <title>Multimedia Support</title>
373 <para>The &man.agp.4; now supports Intel G4X series graphics
376 <para>The DRM, a kernel module named Direct Rendering
377 Manager that gives direct hardware access to DRI clients,
378 has been updated. Support for AMD/ATI r500, r600, r700,
379 and IGP based chips, XGI V3XE/V5/V8, and Intel i915
380 chipsets has been improved.</para>
382 <para>A new loader tunable <varname>hw.drm.msi</varname>
383 which controls if DRM uses MSI or not. This is set to
384 <literal>1</literal> (enabled) by default.</para>
386 <para>The snd_au88x0(4) driver for Aureal Vortex
387 1/2/Advantage PCI has been removed because this was
388 broken for a long time.</para>
390 <para>The &man.snd.hda.4; driver has been updated. Changes
391 include: multiple codec per HDA bus, multiple functional
392 groups per codec, multiple audio devices per functional
393 group, digital (SPDIF/HDMI) audio input/output,
394 suspend/resume, and part of multichannel audio.</para>
396 <para>Note that due to added HDMI audio and logical audio
397 devices support, updated driver often provides several PCM
398 devices. In some cases it can make system default audio
399 device no longer corresponding to the users's habitual
400 audio connectors. In such cases the default device can be
401 specified in audio application setup or defined globally
402 via <varname>hw.snd.default_unit sysctl</varname>
403 as described in the &man.sound.4; manual page.</para>
407 <title>Network Interface Support</title>
409 <para>The &man.ae.4; driver now supports WoL
410 (Wake on LAN).</para>
412 <para arch="amd64,i386">The &man.ale.4; driver are now
413 included in the <filename>GENERIC</filename>
416 <para>The &man.ath.hal.4;, Atheros Hardware Access Layer,
417 has been updated to the open source version.</para>
419 <para>The &man.axe.4; driver has been improved in
420 performance by eliminating extra context switch and now
421 supports Apple USB Ethernet adapter.</para>
423 <para>The &man.bce.4; driver's firmware has been updated to
424 the latest version (4.6.X).</para>
426 <para>The ciphy(4) driver now supports Vitesse VSC8211
429 <para>The &man.cxgb.4; driver has been updated to the
430 firmware revision 4.7 and now supports hardware MAC
433 <para>The &man.fxp.4; driver has been improved. Changes include:</para>
437 <para>The checksum offload feature can be controlled by
438 &man.ifconfig.8;.</para>
442 <para>Rx checksum offload support for 82559 or later
443 controllers has been added.</para>
447 <para>TSO (TCP Segmentation Offload) support for 82550
448 and 82551 controllers has been added.</para>
452 <para>WoL (Wake on LAN) support for 82550, 82551, 82558,
453 and 82559-based controllers has been added. Note that
454 ICH based controllers are treated as 82559, and 82557,
455 earlier revision of 82558, and 82559ER have no WOL
460 <para>VLAN hardware tag insertion/stripping support and
461 Tx/Rx checksum offload for VLAN frames support have
462 been added. Note that the VLAN hardware assistance is
463 available only on 82550 or 82551-based
468 <para>A bug in &man.igb.4; driver which prevents a tunable
469 <varname>hw.igb.ave_latency</varname> from working has
472 <para>A bug in &man.ixgbe.4; driver has been updated to
473 version 1.7.4.</para>
475 <para>The &man.jme.4; driver now supports newer JMicron
476 JMC250/JMC260 revisions.</para>
478 <para>The &man.msk.4; driver has been improved. An issue
479 which makes it hang up in a certain condition has been
480 fixed. A hardware MAC statistics support has been added
481 and users can get the information via sysctl variables
483 <varname>dev.msk.<replaceable>N</replaceable>.stats</varname>.</para>
485 <para>The &man.mxge.4; driver now supports some newer
486 revisions and 10GBASE-LRM and 10GBASE-Twinax media
489 <para>The &man.nfe.4; driver now supports hardware MAC
492 <para>The &man.re.4; driver has been improved. It now
493 detects the link status. A new loader tunable
494 <varname>hw.re.prefer_iomap</varname> to disable memory
495 register mapping. This tunable is <literal>0</literal>
496 for all controllers except RTL8169SC family.</para>
498 <para>The &man.rl.4; driver has been improved. It now
499 detects the link status and a bug which prevents it from
500 working on systems with more than 4GB memory has been
503 <para>A bug in &man.sis.4; on VLAN tagged frame handling has
506 <para>The &man.txp.4; driver now works on all supported
507 architecture. Also, &man.altq.4; support, WoL support,
508 checksum offload when VLAN enabled, better link state
509 change handling, a new sysctl variable
510 <varname>dev.txp.<replaceable>N</replaceable>.stats</varname>
511 for MAC statistics have been added. A new sysctl
513 <varname>dev.txp.<replaceable>N</replaceable>.process_limit</varname>
514 to control how many received frames should be served in Rx
515 handler (set to 64 by default and valid ranges are 16 to
516 128 in unit of frames) has been added. The firmware has
517 been updated to the latest version.</para>
521 <sect3 id="net-proto">
522 <title>Network Protocols</title>
524 <para>IPv4 source address selection for unbound sockets has
525 been implemented as follows:</para>
529 <para>If we found a route, use the address corresponding
530 to the outgoing interface.</para>
534 <para>Otherwise we assume the foreign address is reachable
535 on a directly connected network and try to find a
536 corresponding interface to take the source address
541 <para>As a last resort use the default jail address.</para>
545 <para>The TCP MD5 Signature Option (RFC 2385) for IPv6 has
546 been implemented in the same way it has been implemented for
549 <para>This also changes the semantics of selecting the IP for
550 processes within a &man.jail.8; as it now uses the same
551 logic as outside the &man.jail.8;.</para>
553 <para>The &man.jail.8; subsystem now supports start with a
554 specific route FIB.</para>
556 <para>The &man.ng.netflow.4; Netgraph node now supports
557 ability to generate egress netflow instead or in addition to
558 ingress. A <literal>NGM_NETFLOW_SETCONFIG</literal> control
559 message has been added to control the new functionality.</para>
561 <para>The &man.tap.4;, Ethernet tunnel software network
562 interface now supports <literal>TAPGIFNAME</literal>
563 character device ioctl. This is a convenient shortcut to
564 obtain network interface name using file descriptor for
565 character device.</para>
567 <para>The &man.tap.4; now supports
568 <literal>SIOCSIFMTU</literal> ioctl to set a higher MTU than
569 1500 (ETHERMTU). This allows &man.tap.4; device to be added
570 to a bridge, which requires all interface members to have
571 the same MTU, with an interface configured for jumbo
574 <para>The domains list for handling the list of supported
575 domains in the &man.unix.4; (UNIX domain protocol family)
576 subsystem is now MPSAFE.</para>
580 <title>Disks and Storage</title>
582 <para>The &man.ata.4; driver now supports Marvell PATA M88SX6121.</para>
584 <para>The &man.ata.4; driver now recognizes nForce MCP67 and
585 MCP73 SATA controllers as AHCI.</para>
587 <para>The &man.ataraid.4; driver now has an initial support
588 for DDF metadata found on Adaptec HostRAID controllers.
589 Note that spares and rebuilds are not supported yet.</para>
591 <para>The &man.cam.4; SCSI subsystem now supports a sysctl
592 variable <varname>kern.cam.cd.retry_count</varname>. This
593 controls the number of retries for the CD media. When
594 trying to read scratched or damaged CDs and DVDs, the
595 default mechanism is sub-optimal, and programs like
596 <application>ddrescue</application> do much better if you
597 turn off the retries entirely since their algorithms do it
598 by themselves. This value is set to <literal>4</literal>
599 (for a total 5 attempts) by default. Setting to 0 turns off
600 all retry attempts.</para>
602 <para>A bug in the &man.ciss.4; driver which caused low
603 <quote>max device openings</quote> count that has led
604 to poor performance has been fixed.</para>
606 <para>The &man.glabel.8; GEOM class now supports a new
607 UFS-based label called <literal>ufsid</literal> that can be
608 used to reference UFS-carrying devices by the unique file
609 system ID. This file system ID is automatically generated
610 and detected when &man.glabel.8; GEOM class is enabled. An
611 example of this new label is:
612 <filename>/dev/ufsid/48e69c8b5c8e1b43</filename>. The
613 benefit of using GEOM labels in general is to avoid problems
614 of device renaming when shifting drives or
617 <para>The &man.gjournal.8; GEOM class now supports the root
618 filesystem. Previously, an unclean shutdown would make it
619 impossible to mount root file system at boot.</para>
621 <para>The &man.gpart.8; utility has been updated. The APM
622 scheme now supports Tivo Series 1 partitions (read only), a
623 new EBR scheme to support Extended Boot Records has been
624 added, the BSD scheme now support bootcode, and bugs in PC98
625 and VTOC8 scheme have been fixed.</para>
627 <para>An issue in the &man.gvinum.8; with access permissions
628 to underlying disks used by a gvinum plex has been fixed.
629 If the plex is a raid5 plex and is being written to, parity data might
630 have to be read from the underlying disks, requiring them to be opened for
631 reading as well as writing.</para>
633 <para>The &man.hptmv.4; driver has been updated to version
634 1.16 from the vendor.</para>
636 <para>The &man.mmc.4; and &man.mmcsd.4; driver now support MMC
637 and SDHC cards, high speed timing, wide bus, and multiblock
640 <para arch="sparc64">The &man.mpt.4; driver is now in the
641 <filename>GENERIC</filename> kernel.</para>
643 <para>The &man.sdhci.4; driver has been added. This supports
644 PCI devices with class 8 and subclass 5 according to SD Host
645 Controller Specification.</para>
647 <para>The &man.sdhci.4; driver now supports kernel dumping and
648 a sysctl variable <varname>hw.sdhci.debug</varname> for debug
651 <para>The &man.twa.4; driver now supports 64-bit DMA.</para>
653 <para>The &man.mmc.4; &man.mmcsd.4;, and &man.sdhci.4; driver
654 are now included as a kernel module.</para>
658 <title>File Systems</title>
660 <para>The semantics of &man.acl.3; extended access control
661 list has been changed as follows:</para>
665 <para>The inode modification time (mtime) is not updated
666 when extended attribute are added, modified, or removed.</para>
670 <para>The inode access time (atime) is not updated
671 when extended attribute are queried.</para>
675 <para>The &os; NFS file system now supports a sysctl variable
676 <varname>vfs.nfs.prime_access_cache</varname> to determine
677 whether or not <function>nfs_getattr()</function> will use
678 an ACCESS RPC to prime the access cache instead of a simple
679 GETATTR RPC. This is because on many NFS servers an ACCESS
680 RPC is much more expensive to service than a GETATTR RPC for
681 files in a NFSv3 mount. The sysctl variables is enabled by
682 default to maintain the previous behavior.</para>
684 <para>The &os; UDF file system now supports fifo.</para>
686 <para>The shared vnode locking for pathname lookups in
687 &man.VFS.9; subsystem has been improved. This is disabled
688 by default. Setting a sysctl variable
689 <varname>vfs.lookup_shared</varname> to <literal>1</literal>
690 enables it for better performance. Note that the
691 <literal>LOOKUP_SHARED</literal> equivalent to the sysctl
692 variable kernel option has been removed.</para>
696 <sect2 id="userland">
697 <title>Userland Changes</title>
699 <para>A bug in the &man.atacontrol.8; utility which prevents it
700 from working when <filename>/usr</filename> is not mounted or
701 invoked from <filename>/rescue</filename>, has been
704 <para>The &man.btpand.8; daemon from NetBSD has been added.
705 This daemon provides support for Bluetooth Network Access
706 Point (NAP), Group Ad-hoc Network (GN) and Personal Area
707 Network User (PANU) profiles.</para>
709 <para>The &man.ncal.1; utility now supports multibyte
712 <para>The &man.config.8; utility now supports
713 multiple <varname>makeoption</varname> lines.</para>
715 <para>The &man.csup.1; utility now supports CVSMode to fetch a
716 complete CVS repository. Note that the rsync transfer mode is
717 currently disabled.</para>
719 <para>The &man.dirname.1; utility now accepts multiple arguments
720 in the same way that &man.basename.1; does.</para>
722 <para>The &man.du.1; utility now supports an <option>-l</option>
723 flag. When specified, the &man.du.1; counts a file with
724 multiple hard links as multiple different files.</para>
726 <para>The &man.du.1; utility now supports an <option>-A</option> flag
727 to display the apparent size instead of the disk usage. This can be
728 helpful when operating on compressed volumes or sparse files.</para>
730 <para>The &man.du.1; utility now supports a <option>-B
731 <replaceable>blocksize</replaceable></option> option to
732 calculate block counts in blocksize byte blocks. This is
733 different from the <option>-k</option>, <option>-m</option>
734 options or setting <varname>BLOCKSIZE</varname> and gives an
735 estimate of how much space the examined file hierarchy would
736 require on a filesystem with the given
737 <replaceable>blocksize</replaceable>. Unless in
738 <option>-A</option> mode, <replaceable>blocksize</replaceable>
739 is rounded up to the next multiple of 512.</para>
741 <para>The &man.dumpfs.8; utility now supports an
742 <option>-f</option> flag, which causes it to list all free
743 fragments in the file system by fragment (block) number. This
744 new mode does the necessary arithmetic to generate absolute
745 fragment numbers rather than than the cg-relative numbers
746 printed in the default mode.</para>
748 <para>If <option>-f</option> is passed once, contiguous fragment
749 ranges are collapsed into an X-Y format as free block lists are
750 currently printed in regular dumpfs output, but if specified twice,
751 all block numbers are printed individually, allowing both compact
752 and more script-friendly representation.</para>
754 <para>The &man.fetch.1; utility now supports an
755 <option>-i</option> flag which supports If-Modified-Since HTTP
756 1.1 request. If specified it will cause the file to be
757 downloaded only if it is more recent than the mtime of the
758 file. Also, <application>libfetch</application> now accepts
759 the mtime in the url structure and a flag to indicate when
760 this behavior is desired.</para>
762 <para>The &man.fsck.8; utility now supports a
763 <option>-C</option> flag for <literal>check clean</literal>
764 mode. This checks if the file system was dismounted cleanly
765 first and then skip file system checks if true. Otherwise it
766 does full checks.</para>
768 <para>The &man.fsck.8; utility now supports a
769 <option>-D</option> flag for damaged recovery mode, which
770 will enable certain aggressive operations that can make
771 &man.fsck.8; to survive with file systems that has very
772 serious data damage, which is an useful last resort when on
773 disk data damage is very serious and causes &man.fsck.8; to
774 crash otherwise.</para>
776 <para>The &man.getaddrinfo.3; function now supports SCTP.</para>
778 <para>A bug in the &man.ipfw.8; utility which displays extra
779 messages for a NAT rule even when a <option>-q</option> flag
782 <para>The &man.ln.1; utility now supports a <option>-w</option>
783 flag to check if the source file actually exists. When the
784 flag is specified and the file does not exist, the &man.ln.1;
785 will put a warning message.</para>
787 <para>The &man.make.1; utility now supports a
788 <option>-p</option> flag to print the input graph only, not
789 executing any commands. The output is the same as <option>-d
790 g1</option>. When combined with <option>-f
791 /dev/null</option>, only the built-in rules of make are
794 <para>The &man.make.1; utility now supports a
795 <option>-Q</option> flag to cause file banners not to be
796 generated in addition to the same effect of a
797 <option>-q</option> flag when a <option>-j</option> option is
800 <para>The &man.make.1; utility now supports
801 <varname>.MAKE.JOB.PREFIX</varname> variable. If
802 <option>-j</option> and <option>-v</option> are specified, it
803 outputs for each target is prefixed with a token <literal>---
804 <replaceable>target</replaceable> ---</literal> the first part
805 of which can be controlled via the variable.</para>
807 <para>The &man.make.1; utility now supports
808 <varname>.MAKE.PID</varname> and <varname>.MAKE.PPID</varname>
809 variable. These are set to process ID of the &man.make.1;
810 process and one of its parent process respectively.</para>
812 <para>The &man.makefs.8; utility to create a file system image
813 from a directory tree has been added.</para>
815 <para>The &man.mergemaster.8; utility now supports an
816 <option>-F</option> option to automatically install files that
817 differ only in version control ID strings.</para>
819 <para>The &man.mount.8; utility now supports an <option>-o
820 mountprog=<replaceable>/somewhere/mount_xxx</replaceable></option>
821 option to force it to use the specified program to mount the
822 file system instead of calling &man.nmount.2; directly. This
823 is useful when you want to use third party programs such as
824 FUSE, for example.</para>
826 <para>The &man.netstat.1; utility now reports &man.unix.4;
827 sockets listen queue statistics when an <option>-L</option>
830 <para>A bug in the &man.netstat.1; utility has been fixed. It
831 crashed with the following options in the previous
834 <screen>&prompt.user; netstat -m -N foo</screen>
836 <para>A bug in the &man.netstat.1; utility has been fixed. The
837 <option>-ss</option> now works in the icmp6 section as
840 <para>The &man.pciconf.8; utility now supports a
841 <option>-b</option> flag, which lists any base address
842 registers (BAR) that are assigned resources for each
845 <para>The &man.powerd.8; program has been improved. Changes
846 include reasonable CPU load estimation on SMP systems and a
847 new mode named as <literal>hiadaptive</literal> for AC-powered
848 systems which rises frequency twice faster, drops it 4 times
849 slower, prefers twice lower CPU load and has additional delay
850 before leaving the highest frequency after the period of
853 <para>The &man.stat.1; utility now displays an octal
854 representation of suid, sgid and sticky bits when an
855 <option>-x</option> flag is specified.</para>
857 <para>The &man.strndup.3; function has been added.</para>
859 <para>The &man.wc.1; utility now supports an <option>-L</option>
860 flag to output the number of characters in the longest input
863 <para>A bug in the &man.rpc.yppasswdd.8; program which leaves a
864 zombie process when a password or default shell is changed has
867 <sect3 id="rc-scripts">
868 <title><filename>/etc/rc.d</filename> Scripts</title>
875 <title>Contributed Software</title>
877 <para><application>ISC BIND</application> has been updated to
878 version 9.4.3-P2.</para>
880 <para>The timezone database has been updated from
881 the <application>tzdata2008h</application> release to
882 the <application>tzdata2009f</application> release.</para>
886 <title>Ports/Packages Collection Infrastructure</title>
888 <para>A bug in the &man.pkg.create.1; which prevents the
889 <option>-n</option> flag from working has been fixed.</para>
893 <title>Release Engineering and Integration</title>
895 <para>The supported version of
896 the <application>GNOME</application> desktop environment
897 (<filename role="package">x11/gnome2</filename>) has been
898 updated from 2.22 to 2.26.</para>
900 <para>The supported version of
901 the <application>KDE</application> desktop environment has
902 been updated from 3.5.10 (<filename
903 role="package">x11/kde3</filename>) to 4.2.2 (<filename
904 role="package">x11/kde4</filename>).</para>
908 <title>Documentation</title>
915 <title>Upgrading from previous releases of &os;</title>
917 <para arch="amd64,i386">Beginning with &os; 6.2-RELEASE, binary
918 upgrades between RELEASE versions (and snapshots of the various
919 security branches) are supported using the
920 &man.freebsd-update.8; utility. The binary upgrade procedure
921 will update unmodified userland utilities, as well as unmodified
922 GENERIC or SMP kernels distributed as a part of an official &os;
923 release. The &man.freebsd-update.8; utility requires that the
924 host being upgraded have Internet connectivity.</para>
926 <para>An older form of binary upgrade is supported through the
927 <command>Upgrade</command> option from the main
928 &man.sysinstall.8; menu on CDROM distribution media. This type
929 of binary upgrade may be useful on non-&arch.i386;,
930 non-&arch.amd64; machines or on systems with no Internet
933 <para>Source-based upgrades (those based on recompiling the &os;
934 base system from source code) from previous versions are
935 supported, according to the instructions in
936 <filename>/usr/src/UPDATING</filename>.</para>
939 <para>Upgrading &os; should, of course, only be attempted after
940 backing up <emphasis>all</emphasis> data and configuration