release/doc/en_US.ISO8859-1/relnotes/article.sgml

   1 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
   2 <!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
   3 %articles.ent;
   4
   5 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
   6 %release;
   7 ]>
   8
   9 <article>
  10   <articleinfo>
  11     <title>&os; &release.current; Release Notes</title>
  12
  13     <corpauthor>The &os; Project</corpauthor>
  14
  15     <pubdate>$FreeBSD$</pubdate>
  16
  17     <copyright>
  18       <year>2000</year>
  19       <year>2001</year>
  20       <year>2002</year>
  21       <year>2003</year>
  22       <year>2004</year>
  23       <year>2005</year>
  24       <year>2006</year>
  25       <year>2007</year>
  26       <year>2008</year>
  27       <year>2009</year>
  28       <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
  29     </copyright>
  30
  31     <legalnotice id="trademarks" role="trademarks">
  32       &tm-attrib.freebsd;
  33       &tm-attrib.ibm;
  34       &tm-attrib.ieee;
  35       &tm-attrib.intel;
  36       &tm-attrib.microsoft;
  37       &tm-attrib.sparc;
  38       &tm-attrib.general;
  39     </legalnotice>
  40
  41     <abstract>
  42       <para>The release notes for &os; &release.current; contain a summary
  43         of the changes made to the &os; base system on the
  44         &release.branch; development line.
  45         This document lists applicable security advisories that were issued since
  46         the last release, as well as significant changes to the &os;
  47         kernel and userland.
  48         Some brief remarks on upgrading are also presented.</para>
  49     </abstract>
  50   </articleinfo>
  51
  52   <sect1 id="intro">
  53     <title>Introduction</title>
  54
  55     <para>This document contains the release notes for &os;
  56       &release.current;.  It
  57       describes recently added, changed, or deleted features of &os;.
  58       It also provides some notes on upgrading
  59       from previous versions of &os;.</para>
  60
  61 <![ %release.type.current [
  62
  63     <para>The &release.type; distribution to which these release notes
  64       apply represents the latest point along the &release.branch; development
  65       branch since &release.branch; was created.  Information regarding pre-built, binary
  66       &release.type; distributions along this branch
  67       can be found at <ulink url="&release.url;"></ulink>.</para>
  68
  69 ]]>
  70
  71 <![ %release.type.snapshot [
  72
  73     <para>The &release.type; distribution to which these release notes
  74       apply represents a point along the &release.branch; development
  75       branch between &release.prev; and the future &release.next;.
  76       Information regarding
  77       pre-built, binary &release.type; distributions along this branch
  78       can be found at <ulink url="&release.url;"></ulink>.</para>
  79
  80 ]]>
  81
  82 <![ %release.type.release [
  83
  84     <para>This distribution of &os; &release.current; is a
  85       &release.type; distribution.  It can be found at <ulink
  86       url="&release.url;"></ulink> or any of its mirrors.  More
  87       information on obtaining this (or other) &release.type;
  88       distributions of &os; can be found in the <ulink
  89       url="&url.books.handbook;/mirrors.html"><quote>Obtaining
  90       &os;</quote> appendix</ulink> to the <ulink
  91       url="&url.books.handbook;/">&os; Handbook</ulink>.</para>
  92
  93 ]]>
  94
  95     <para>All users are encouraged to consult the release errata before
  96       installing &os;.  The errata document is updated with
  97       <quote>late-breaking</quote> information discovered late in the
  98       release cycle or after the release.  Typically, it contains
  99       information on known bugs, security advisories, and corrections to
 100       documentation.  An up-to-date copy of the errata for &os;
 101       &release.current; can be found on the &os; Web site.</para>
 102   </sect1>
 103
 104   <sect1 id="new">
 105     <title>What's New</title>
 106
 107     <para>This section describes the most user-visible new or changed
 108       features in &os; since &release.prev;.</para>
 109
 110     <para>Typical release note items document recent security
 111       advisories issued after &release.prev;, new drivers or hardware
 112       support, new commands or options, major bug fixes, or
 113       contributed software upgrades.  They may also list changes to
 114       major ports/packages or release engineering practices.  Clearly
 115       the release notes cannot list every single change made to &os;
 116       between releases; this document focuses primarily on security
 117       advisories, user-visible changes, and major architectural
 118       improvements.</para>
 119
 120     <sect2 id="security">
 121       <title>Security Advisories</title>
 122
 123       <para>Problems described in the following security advisories have
 124         been fixed.  For more information, consult the individual
 125         advisories available from
 126         <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
 127
 128       <informaltable frame="none" pgwide="0">
 129         <tgroup cols="3">
 130           <colspec colwidth="1*">
 131           <colspec colwidth="1*">
 132           <colspec colwidth="3*">
 133             <thead>
 134               <row>
 135                 <entry>Advisory</entry>
 136                 <entry>Date</entry>
 137                 <entry>Topic</entry>
 138               </row>
 139             </thead>
 140
 141             <tbody>
 142               <row>
 143                 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:01.lukemftpd.asc"
 144                               >SA-09:01.lukemftpd</ulink></entry>
 145                 <entry>07&nbsp;January&nbsp;2009</entry>
 146                 <entry><para>Cross-site request forgery in
 147                   &man.lukemftpd.8;</para></entry>
 148               </row>
 149
 150               <row>
 151                 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:02.openssl.asc"
 152                               >SA-09:02.openssl</ulink></entry>
 153                 <entry>07&nbsp;January&nbsp;2009</entry>
 154                 <entry><para>OpenSSL incorrectly checks for malformed
 155                   signatures</para></entry>
 156               </row>
 157
 158               <row>
 159                 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:03.ntpd.asc"
 160                               >SA-09:03.ntpd</ulink></entry>
 161                 <entry>13&nbsp;January&nbsp;2009</entry>
 162                 <entry><para>ntpd cryptographic signature
 163                   bypass</para></entry>
 164               </row>
 165
 166               <row>
 167                 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:04.bind.asc"
 168                               >SA-09:04.bind</ulink></entry>
 169                 <entry>13&nbsp;January&nbsp;2009</entry>
 170                 <entry><para>BIND DNSSEC incorrect checks for
 171                   malformed signatures</para></entry>
 172               </row>
 173
 174               <row>
 175                 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:05.telnetd.asc"
 176                               >SA-09:05.telnetd</ulink></entry>
 177                 <entry>16&nbsp;February&nbsp;2009</entry>
 178                 <entry><para>telnetd code execution
 179                   vulnerability</para></entry>
 180               </row>
 181
 182               <row>
 183                 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:06.ktimer.asc"
 184                               >SA-09:06.ktimer</ulink></entry>
 185                 <entry>23&nbsp;March&nbsp;2009</entry>
 186                 <entry><para>Local privilege escalation</para></entry>
 187               </row>
 188
 189               <row>
 190                 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:07.libc.asc"
 191                               >SA-09:07.libc</ulink></entry>
 192                 <entry>04&nbsp;April&nbsp;2009</entry>
 193                 <entry><para>Information leak in &man.db.3;</para></entry>
 194               </row>
 195
 196               <row>
 197                 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:08.openssl.asc"
 198                               >SA-09:08.openssl</ulink></entry>
 199                 <entry>22&nbsp;April&nbsp;2009</entry>
 200                 <entry><para>Remotely exploitable crash in
 201                   OpenSSL</para></entry>
 202               </row>
 203             </tbody>
 204         </tgroup>
 205       </informaltable>
 206     </sect2>
 207
 208     <sect2 id="kernel">
 209       <title>Kernel Changes</title>
 210
 211       <para>&os; DTrace subsystem now supports a probe for process execution.</para>
 212
 213       <sect3 id="boot">
 214         <title>Boot Loader Changes</title>
 215
 216         <para>The &man.boot.8; now supports 4-byte volume ID that
 217           certain versions of &windows; put into the MBR and invoking
 218           PXE by pressing F6 key on some supported BIOSes.</para>
 219
 220         <para>The &man.loader.8; is now able to obtain DHCP options
 221           via &man.kenv.2; variables in the case of network boot.</para>
 222       </sect3>
 223
 224       <sect3 id="proc">
 225         <title>Hardware Support</title>
 226
 227         <para>The &man.cpuctl.4; driver, which provides a special
 228           device <filename>/dev/cpuctl</filename> as an interface to
 229           the system CPU and functionality to retrieve CPUID
 230           information, read/write machine specific registers (MSR) and
 231           perform CPU firmware updates.</para>
 232
 233         <sect4 id="mm">
 234           <title>Multimedia Support</title>
 235
 236           <para>The &man.agp.4; now supports Intel G4X series graphics
 237             chipsets.</para>
 238
 239           <para>The DRM, a kernel module named Direct Rendering
 240             Manager that gives direct hardware access to DRI clients,
 241             has been updated.  Support for AMD/ATI r500 and IGP based
 242             chips, XGI V3XE/V5/V8, and Intel i915 chipsets has been
 243             improved.</para>
 244
 245           <para>The &man.snd.hda.4; driver has been updated.  Changes
 246             include: multiple codec per HDA bus, multiple functional
 247             groups per codec, multiple audio devices per functional
 248             group, digital (SPDIF/HDMI) audio input/output,
 249             suspend/resume, and part of multichannel audio.</para>
 250
 251           <para>Note that due to added HDMI audio and logical audio
 252             devices support, updated driver often provides several PCM
 253             devices.  In some cases it can make system default audio
 254             device no longer corresponding to the users's habitual
 255             audio connectors.  In such cases the default device can be
 256             specified in audio application setup or defined globally
 257             via <varname>hw.snd.default_unit sysctl</varname>
 258             as described in the &man.sound.4; manual page.</para>
 259         </sect4>
 260
 261         <sect4 id="net-if">
 262           <title>Network Interface Support</title>
 263
 264           <para>The ciphy(4) driver now supports Vitesse VSC8211
 265             PHY.</para>
 266
 267           <para>The &man.jme.4; driver now supports newer JMicron
 268             JMC250/JMC260 revisions.</para>
 269
 270           <para>The &man.rl.4; driver has been improved.  A bug which
 271             prevents it from working on systems with more than 4GB
 272             memory has been fixed.</para>
 273         </sect4>
 274       </sect3>
 275
 276       <sect3 id="net-proto">
 277         <title>Network Protocols</title>
 278
 279         <para>The &man.jail.8; subsystem now supports start with a
 280           specific route FIB.</para>
 281
 282         <para>The &man.ng.netflow.4; Netgraph node now supports
 283           ability to generate egress netflow instead or in addition to
 284           ingress.  A <literal>NGM_NETFLOW_SETCONFIG</literal> control
 285           message has been added to control the new functionality.</para>
 286       </sect3>
 287
 288       <sect3 id="disks">
 289         <title>Disks and Storage</title>
 290
 291         <para>The &man.ata.4; driver now supports Marvell PATA M88SX6121.</para>
 292
 293         <para>The &man.mmc.4; and &man.mmcsd.4; driver now support MMC
 294           and SDHC cards, high speed timing, wide bus, and multiblock
 295           transfers.</para>
 296
 297         <para>The &man.sdhci.4; driver has been added.  This supports
 298           PCI devices with class 8 and subclass 5 according to SD Host
 299           Controller Specification.</para>
 300
 301         <para>The &man.mmc.4; &man.mmcsd.4;, and &man.sdhci.4; driver
 302           are now included as a kernel module.</para>
 303       </sect3>
 304
 305       <sect3 id="fs">
 306         <title>File Systems</title>
 307
 308         <para></para>
 309       </sect3>
 310     </sect2>
 311
 312     <sect2 id="userland">
 313       <title>Userland Changes</title>
 314
 315       <para>The &man.config.8; utility now supports
 316         multiple <varname>makeoption</varname> lines.</para>
 317
 318       <para>The &man.fetch.1; utility now supports an
 319         <option>-i</option> flag which supports If-Modified-Since HTTP
 320         request.</para>
 321
 322       <para>The &man.fsck.8; utility now supports a
 323         <option>-C</option> flag for catastrophic recovery mode, which
 324         will enable certain aggressive operations that can make
 325         &man.fsck.8; to survive with file systems that has very
 326         serious data damage, which is an useful last resort when on
 327         disk data damage is very serious and causes &man.fsck.8; to
 328         crash otherwise.</para>
 329
 330       <para>A bug in the &man.ipfw.8; utility which displays extra
 331         messages for a NAT rule even when a <option>-q</option> flag
 332         is specified.</para>
 333
 334       <para>The &man.powerd.8; program has been improved.  Changes
 335         include reasonable CPU load estimation on SMP systems and a
 336         new mode named as <literal>hiadaptive</literal> for AC-powered
 337         systems which rises frequency twice faster, drops it 4 times
 338         slower, prefers twice lower CPU load and has additional delay
 339         before leaving the highest frequency after the period of
 340         maximum load.</para>
 341
 342       <para>The &man.strndup.3; function has been added.</para>
 343
 344       <para>A bug in the &man.rpc.yppasswdd.8; program which leaves a
 345         zombie process when a password or default shell is changed has
 346         been fixed.</para>
 347
 348       <sect3 id="rc-scripts">
 349         <title><filename>/etc/rc.d</filename> Scripts</title>
 350
 351         <para></para>
 352       </sect3>
 353     </sect2>
 354
 355     <sect2 id="contrib">
 356       <title>Contributed Software</title>
 357
 358       <para><application>ISC BIND</application> has been updated to
 359         version 9.4.3-P2.</para>
 360
 361       <para>The timezone database has been updated from
 362         the <application>tzdata2008h</application> release to
 363         the <application>tzdata2009f</application> release.</para>
 364     </sect2>
 365
 366     <sect2 id="ports">
 367       <title>Ports/Packages Collection Infrastructure</title>
 368
 369       <para>A bug in the &man.pkg.create.1; which prevents the
 370         <option>-n</option> flag from working has been fixed.</para>
 371     </sect2>
 372
 373     <sect2 id="releng">
 374       <title>Release Engineering and Integration</title>
 375
 376       <para>The supported version of
 377         the <application>GNOME</application> desktop environment
 378         (<filename role="package">x11/gnome2</filename>) has been
 379         updated from 2.22 to 2.26.</para>
 380
 381       <para>The supported version of
 382         the <application>KDE</application> desktop environment has
 383         been updated from 3.5.10 (<filename
 384         role="package">x11/kde3</filename>) to 4.2.2 (<filename
 385         role="package">x11/kde4</filename>).</para>
 386     </sect2>
 387
 388     <sect2 id="doc">
 389       <title>Documentation</title>
 390
 391       <para></para>
 392     </sect2>
 393   </sect1>
 394
 395   <sect1 id="upgrade">
 396     <title>Upgrading from previous releases of &os;</title>
 397
 398     <para arch="amd64,i386">Beginning with &os; 6.2-RELEASE, binary
 399       upgrades between RELEASE versions (and snapshots of the various
 400       security branches) are supported using the
 401       &man.freebsd-update.8; utility.  The binary upgrade procedure
 402       will update unmodified userland utilities, as well as unmodified
 403       GENERIC or SMP kernels distributed as a part of an official &os;
 404       release.  The &man.freebsd-update.8; utility requires that the
 405       host being upgraded have Internet connectivity.</para>
 406
 407     <para>An older form of binary upgrade is supported through the
 408       <command>Upgrade</command> option from the main
 409       &man.sysinstall.8; menu on CDROM distribution media.  This type
 410       of binary upgrade may be useful on non-&arch.i386;,
 411       non-&arch.amd64; machines or on systems with no Internet
 412       connectivity.</para>
 413
 414     <para>Source-based upgrades (those based on recompiling the &os;
 415       base system from source code) from previous versions are
 416       supported, according to the instructions in
 417       <filename>/usr/src/UPDATING</filename>.</para>
 418
 419     <important>
 420       <para>Upgrading &os; should, of course, only be attempted after
 421         backing up <emphasis>all</emphasis> data and configuration
 422         files.</para>
 423     </important>
 424   </sect1>
 425 </article>