1 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
2 <!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
5 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
11 <title>&os; &release.current; Release Notes</title>
13 <corpauthor>The &os; Project</corpauthor>
15 <pubdate>$FreeBSD$</pubdate>
19 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
22 <legalnotice id="trademarks" role="trademarks">
32 <para>The release notes for &os; &release.current; contain a summary
33 of the changes made to the &os; base system on the
34 &release.branch; development line.
35 This document lists applicable security advisories that were issued since
36 the last release, as well as significant changes to the &os;
38 Some brief remarks on upgrading are also presented.</para>
43 <title>Introduction</title>
45 <para>This document contains the release notes for &os;
47 describes recently added, changed, or deleted features of &os;.
48 It also provides some notes on upgrading
49 from previous versions of &os;.</para>
51 <![ %release.type.current [
53 <para>The &release.type; distribution to which these release notes
54 apply represents the latest point along the &release.branch; development
55 branch since &release.branch; was created. Information regarding pre-built, binary
56 &release.type; distributions along this branch
57 can be found at <ulink url="&release.url;"></ulink>.</para>
61 <![ %release.type.snapshot [
63 <para>The &release.type; distribution to which these release notes
64 apply represents a point along the &release.branch; development
65 branch between &release.prev; and the future &release.next;.
67 pre-built, binary &release.type; distributions along this branch
68 can be found at <ulink url="&release.url;"></ulink>.</para>
72 <![ %release.type.release [
74 <para>This distribution of &os; &release.current; is a
75 &release.type; distribution. It can be found at <ulink
76 url="&release.url;"></ulink> or any of its mirrors. More
77 information on obtaining this (or other) &release.type;
78 distributions of &os; can be found in the <ulink
79 url="&url.books.handbook;/mirrors.html"><quote>Obtaining
80 &os;</quote> appendix</ulink> to the <ulink
81 url="&url.books.handbook;/">&os;
82 Handbook</ulink>.</para>
86 <para>All users are encouraged to consult the release errata before
87 installing &os;. The errata document is updated with
88 <quote>late-breaking</quote> information discovered late in the
89 release cycle or after the release. Typically, it contains
90 information on known bugs, security advisories, and corrections to
91 documentation. An up-to-date copy of the errata for &os;
92 &release.current; can be found on the &os; Web site.</para>
97 <title>What's New</title>
99 <para>This section describes the most user-visible new or changed
100 features in &os; since &release.prev;.</para>
102 <para>Typical release note items document recent security
103 advisories issued after &release.prev;, new drivers or hardware
104 support, new commands or options, major bug fixes, or
105 contributed software upgrades. They may also list changes to
106 major ports/packages or release engineering practices. Clearly
107 the release notes cannot list every single change made to &os;
108 between releases; this document focuses primarily on security
109 advisories, user-visible changes, and major architectural
112 <sect2 id="security">
113 <title>Security Advisories</title>
115 <para>Problems described in the following security advisories have
116 been fixed. For more information, consult the individual
117 advisories available from
118 <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
120 <informaltable frame="none" pgwide="0">
122 <colspec colwidth="1*">
123 <colspec colwidth="1*">
124 <colspec colwidth="3*">
127 <entry>Advisory</entry>
135 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:15.ssl.asc"
136 >SA-09:15.ssl</ulink></entry>
137 <entry>3 Dec 2009</entry>
138 <entry><para>SSL protocol flaw</para></entry>
141 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:16.rtld.asc"
142 >SA-09:16.rtld</ulink></entry>
143 <entry>3 Dec 2009</entry>
144 <entry><para>Improper environment sanitization in &man.rtld.1;</para></entry>
147 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-09:17.freebsd-update.asc"
148 >SA-09:17.freebsd-update</ulink></entry>
149 <entry>3 Dec 2009</entry>
150 <entry><para>Inappropriate directory permissions in &man.freebsd-update.8;</para></entry>
153 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:01.bind.asc"
154 >SA-10:01.bind</ulink></entry>
155 <entry>6 Jan 2010</entry>
156 <entry><para>BIND &man.named.8; cache poisoning with DNSSEC validation</para></entry>
159 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:02.ntpd.asc"
160 >SA-10:02.ntpd</ulink></entry>
161 <entry>6 Jan 2010</entry>
162 <entry><para>ntpd mode 7 denial of service</para></entry>
165 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:03.zfs.asc"
166 >SA-10:03.zfs</ulink></entry>
167 <entry>6 Jan 2010</entry>
168 <entry><para>ZFS ZIL playback with insecure permissions</para></entry>
171 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:04.jail.asc"
172 >SA-10:04.jail</ulink></entry>
173 <entry>27 May 2010</entry>
174 <entry><para>Insufficient environment sanitization in &man.jail.8;</para></entry>
177 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:05.opie.asc"
178 >SA-10:05.opie</ulink></entry>
179 <entry>27 May 2010</entry>
180 <entry><para>OPIE off-by-one stack overflow</para></entry>
183 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:06.nfsclient.asc"
184 >SA-10:06.nfsclient</ulink></entry>
185 <entry>27 May 2010</entry>
186 <entry><para>Unvalidated input in nfsclient</para></entry>
189 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:07.mbuf.asc"
190 >SA-10:07.mbuf</ulink></entry>
191 <entry>13 July 2010</entry>
192 <entry><para>Lost mbuf flag resulting in data corruption</para></entry>
200 <title>Kernel Changes</title>
204 <para>The <command>show mount</command> command in the
205 &man.ddb.4; debugger now prints active string mount
208 <para>The &man.ddb.4; now supports <command>show
209 vnetrcrs</command> command to dump the whole log of
210 distinctive <varname>curvnet</varname> recursion
213 <para>The default &man.devfs.5; rules now expose the upper 256
214 of &man.pty.4; device nodes.</para>
216 <para>A new kernel thread called <quote>deadlock
217 resolver</quote> has been added. This can be used to detect
218 possible deadlock by using information of thread state and
219 heuristical analysis. This is not enabled by default. To
220 enable this, an option <option>option DEADLKRES</option> in
221 kernel configuration file and recompilation of the
224 <para>Two commands to enable/disable read-ahead has been added
225 to &man.fcntl.2; system call:</para>
229 <para><varname>F_READAHEAD</varname> specifies the amount
230 for sequential access. The amount is specified in bytes and is
231 rounded up to nearest block size.</para>
235 <para><varname>F_RDAHEAD</varname> is a Darwin compatible
236 version that use 128KB as the sequential access
241 <para>Note that the read-ahead amount is also constrainted by
242 sysctl variable <varname>vfs.read_max</varname>, which may
243 need to be raised in order to better utilize this
246 <para>The &man.lindev.4; driver has been added. This is for
247 supporting various linux-specific pseudo devices such as
248 <filename>/dev/full</filename>. Note that this is not
249 included in <filename>GENERIC</filename> kernel.</para>
251 <para>A POSIX function pselect(3) has been reimplemented as a
252 system call &man.pselect.2; to eliminate race
255 <para>A kernel option <option>option
256 INCLUDE_CONFIG_FILE</option> has been added to
257 <filename>GENERIC</filename> kernel by default.</para>
259 <para>New SDT (Statically Defined Tracing) probes such as ones
260 for opencrypto have been added to &os; &man.dtrace.1;
263 <para arch="powerpc">&os; now supports SMP in PowerPC G5
264 systems. Note that SMP support is disabled by default in
265 <filename>GENERIC</filename> kernel.</para>
267 <para>A bug in the &man.tty.4; driver that
268 <varname>TIOCSTI</varname> did not work has been fixed. This
269 affects applications like &man.mail.1;.</para>
271 <para>A bug in the &man.sched.4bsd.4; scheduler that the
272 timestamp for the sleeping operation is not cleaned up on the
273 wakeup has been fixed.</para>
275 <para>A race condition in the &man.sched.4bsd.4; scheduler has
278 <para>A bug in the &man.sched.ule.4; scheduler which prevented
279 process usage (<literal>%CPU</literal>) from working correctly
280 has been fixed.</para>
282 <para>The VIMAGE &man.jail.8; virtualization container can work
283 with &man.sctp.4; now. Note that the VIMAGE is not enabled by
284 default in <filename>GENERIC</filename> kernel.</para>
286 <para>The VIMAGE &man.jail.8; now supports
287 <varname>ip4.saddrsel</varname>,
288 <varname>ip4.nosaddrsel</varname>,
289 <varname>ip6.saddrsel</varname>, and
290 <varname>ip6.nosaddrsel</varname> to control whether to use
291 source address selection or the primary jail address for
292 unbound outgoing connections. The default value is to use
293 source address selection.</para>
296 <title>Boot Loader Changes</title>
298 <para arch="pc98">The <filename>boot2</filename> bootcode has
299 been reimplemented based on the &arch.i386 counterpart. It
300 now supports ELF binary, UFS2 file system, and larger number
303 <para arch="ia64">The EFI <filename>loader</filename> program
304 now supports a command-line option <option>-dev
305 <replaceable>currdev</replaceable></option> to specify the
306 default value of <varname>currdev</varname>. This option
307 can be set by the EFI boot manager.</para>
309 <para>A kernel environment variable
310 <varname>vfs.root.mountfrom</varname> now supports
311 multiple elements for root file system in a space-separated
312 list. Each list element will be tried in order and the
313 first available one will be mounted.</para>
315 <para arch="i386">The algorithm the &man.loader.8; uses has
316 been improved to choose a memory range for its heap when
317 using a range above 1MB. This fixes a symptom that the
318 loader fails to load a kernel.</para>
320 <para>The <filename>zfsloader</filename> has been added. This
321 is a separate &man.zfs.8; enabled loader. Note that a ZFS
322 bootcode (<filename>zfsboot</filename> or
323 <filename>gptzfsboot</filename>) need to be installed
324 to use this new loader.</para>
326 <para>The <filename>zfsboot</filename> and
327 <filename>gptzfsboot</filename> bootcode now fully support
328 64-bit LBAs for disk addresses. This allows booting from
329 large volumes.</para>
335 <title>Hardware Support</title>
337 <para arch="powerpc">The <filename>adb</filename> driver now
338 supports for interpreting taps on ADB touchpads as a button
341 <para>The amdsbwd(4) driver for AMD SB600/SB7xx watchdog
342 timer has been added.</para>
344 <para arch="powerpc">The <filename>apt</filename> driver for
345 the Apple Touchpad present on MacBook has been added to
346 <filename>GENERIC</filename> kernel.</para>
348 <para arch="sparc64">The epic(4) driver for the front panel
349 LEDs in Sun Fire V215/V245 has been added.</para>
351 <para>A bug in the &man.ipmi.4; driver that caused incorrect
352 watchdog timer setting has been fixed.</para>
354 <para arch="sparc64">The &man.pci.4; driver now supports a
355 JBus to PCIe bridge (called as <quote>Fire</quote>) found in
356 the Sun Fire V215/V245 and Sun Ultra 25/45 machines.</para>
358 <para>The &man.uart.4; driver now supports NetMos NM9865
359 family of Serial/Parallel ports.</para>
361 <para>A bug in the &man.uftdi.4; driver that can allow to send
362 a zero length packet has been fixed.</para>
365 <title>Multimedia Support</title>
369 <para>The &man.agp.4; driver has been improved. It includes
370 a fix for aparture size calculation issue which prevents
371 some graphics cards from working.</para>
373 <para>The &man.snd.hda.4; driver now allows AD1981HD codecs
374 to use playback mixer.</para>
376 <para>The &man.snd.hda.4; driver now supports multichannel
377 (4.0 and 7.1) playback support. The 5.1 mode support is
378 disabled now due to unidentified synchonization problem.
379 Devices which supports the 7.1 mode can handle the 5.1
380 operation via software upmix done by &man.sound.4;. Note
381 that stereo stream is no longer duplicated to all
386 <title>Network Interface Support</title>
390 <para>The &man.bge.4; driver now supports BCM5761, BCM5784, and
391 BCM57780-based devices.</para>
393 <para>The &man.bge.4; driver now supports TSO (TCP
394 segmentation offloading) on BCM5755 or newer
397 <para>A long-standing stability issue of the &man.bce.4; and
398 &man.bge.4; driver due to a hardware bug in its DMA
399 handling when the system has more than 4GB memory has been
400 fixed. This applies to BCM5714, BCM5715, and BCM5708
403 <para>A bug in the &man.bge.4; driver that incorrectly
404 enabled TSO on BCM5754/BCM5754M controllers has been
407 <para>The &man.cxgb.4; driver has been updated to T3
408 firmware 7.8.0.</para>
410 <para>The et(4) driver now supports MSI and Tx checksum
411 offloading of IPv4, TCP, and UDP.</para>
413 <para>The &man.iwn.4; driver has been updated. This
414 includes various improvements and bugfixes regarding RF
415 switch, bgscan support, suspend/resume support, locking
416 issue, and more. The line <literal>device iwnfw</literal>
417 in the kernel configuration file will include all firmware
420 <para>The &man.msk.4; driver now supports Marvell Yukon
421 88E8042, 88E8057 devices and DGE-560SX (Yukon XL).</para>
423 <para>The &man.mxge.4; driver has been updated to firmware
426 <para>The &man.re.4; driver no longer performs an
427 unnecessary interface up/down during getting IP address
430 <para>The &man.ste.4; driver has been improved:</para>
434 <para>The DMA handling has been improved.</para>
438 <para>Wake-On-LAN is now supported.</para>
442 <para>Unnecessary reinitialization of the
443 interfaces has been eliminated.</para>
447 <para>RX interrupt moderation with single shot timer has
448 been implemented. The default parameter of the
449 moderation time is 150us and this can be changed via
451 <varname>dev.ste.<replaceable>0</replaceable>.int_rx_mod</varname>.
452 Setting it 0 effectively disables the RX interrupt
453 moderation feature.</para>
457 <para>The tsec(4) driver now supports &man.altq.4;.</para>
459 <para>The &man.u3g.4; driver has been improved and now works
460 with ZTE MF636, Option Gi0322, Globetrotter GE40x, and
461 Novatel MC950D.</para>
463 <para>The &man.uhso.4; driver for Option HSDPA USB devices
464 has been added. A new &man.uhsoctl.1; userland utility
465 can be used to initiate and close the WAN
468 <para>The &man.vge.4; driver has been improved:</para>
472 <para>The DMA handling has been improved.</para>
476 <para>Wake-On-LAN is now supported.</para>
480 <para>Unnecessary reinitialization of the
481 interfaces has been eliminated.</para>
485 <para>Hardware MAC statistics are now supported via sysctl variables
486 <varname>dev.vge.<replaceable>0</replaceable>.stats</varname>.</para>
490 <para>Interrupt moderation with single shot timer and
491 scheme supported by VT61xx controllers have been
492 implemented. The default parameters are tuned to
493 generate interrupt less than 8k per second, and these
494 parameters can be changed via sysctl variables
495 <varname>dev.vge.<replaceable>0</replaceable>.int_holdoff</varname>,
496 <varname>dev.vge.<replaceable>0</replaceable>.rx_coal_pkt</varname>,
498 <varname>dev.vge.<replaceable>0</replaceable>.tx_coal_pkt</varname>.
499 Note that an up/down cycle is needed to make a
500 parameter change take effect.</para>
504 <para>The &man.urtw.4; driver has been improved and now
505 supports RTL8187B-based devices.</para>
509 <sect3 id="net-proto">
510 <title>Network Protocols</title>
514 <para>IPcomp (IP Payload Compression Protocol defined in RFC
515 2393) protocol is now enabled by default. Note that this
516 requires <option>option IPSEC</option> in the kernel
517 configuration file and <filename>GENERIC</filename> kernel
518 does not include it. This functionality can be disabled by
519 using a sysctl variable
520 <varname>net.inet.ipcomp.ipcomp_enable</varname>.</para>
522 <para>A bug in the &man.ipfw.4; subsystem that
523 <command>keep-alive</command> rule did not work for IPv6
524 packets has been fixed.</para>
526 <para>The &man.pf.4; subsystem now supports
527 <literal>sloppy</literal> keyword to enable a TCP state
528 machine for tracking TCP connections with no sequence number
529 check. This feature is in the latest version of
530 <application>pf</application>.</para>
532 <para>The &man.pfil.9; framework for packet filtering in &os;
533 kernel now supports separate packet filtering instances like
534 &man.ipfw.4; for each VIMAGE jail.</para>
536 <para>A bug that proxy ARP entries cannot be added over
537 point-to-point link types has been fixed.</para>
539 <para>The &man.vlan.4; pseudo interface has been added to
540 <filename>GENERIC</filename> kernel.</para>
542 <para>The &man.vlan.4; pseudo interface for IEEE 802.1Q VLAN
543 now ignore renaming of the parent's interface name. The
544 configured VLAN interfaces continue to work with the new
545 name while previously the configurations were removed as the
546 renaming happens.</para>
550 <title>Disks and Storage</title>
554 <para>The &man.ada.4; driver now supports
555 <varname>BIO_DELETE</varname>. For SSDs this uses
556 <literal>TRIM</literal> feature of <literal>DATA SET
557 MANAGEMENT</literal> command, as defined by ACS-2
558 specification working draft. For Compact Flash use
559 <literal>CFA ERASE</literal> command, same as &man.ad.4;
560 does. This change realizes restoring write speed of SSDs
561 which supports <literal>TRIM</literal> command by doing
563 <replaceable>/dev/ada1</replaceable></command>, for
566 <para>The &man.ahci.4; driver now supports SATA part of
567 Marvell 88SE912x controllers.</para>
569 <para>The &man.ahci.4; driver now supports FIS-based (Frame
570 Information Structure) switching of port multiplier on
571 supported controlers.</para>
573 <para>The &man.ahd.4; driver now supports three separated
574 error counters for correctable, uncorrectable, and fatal, in
575 &man.sysctl.8; MIB.</para>
577 <para>A new kernel option <option>option ATA_CAM</option> has
578 been added. This turns &man.ata.4; controller drivers into
579 &man.cam.4; interface modules. When enabled, this option
580 deprecates all &man.ata.4; peripheral drivers and interfaces
581 such as <filename>ad</filename> and
582 <filename>acd</filename>, and allows &man.cam.4; drivers
583 <filename>ada</filename>, and <filename>cd</filename> and
584 interfaces to be natively used instead. Note that this is
585 not enabled by default in the <filename>GENERIC</filename>
588 <para>A bug in the &man.ata.4; driver which can lead to
589 interrupt storms and command timeouts has been fixed.</para>
591 <para>The &man.ata.4; driver now supports Power-Up In Stand-by
592 (PUIS). The PUIS is a configudation of SATA or PATA drives
593 to prevent them from automatic spin-up when power is
594 applied. This feature can be controled via &man.cam.3;
595 framework (a typical application is staggered
598 <para>USB mass storage device support in the &man.ata.4;
599 driver has been removed. Note that this was not used in
600 <filename>GENERIC</filename> kernel and the &man.umass.4;
601 driver supports such devices for a long time.</para>
603 <para>&os; &man.cam.3; SCSI framework has been improved:</para>
607 <para>SATA and PATA support has been improved and it now
608 recognizes more detail device capabilities. For example,
609 the &man.ahci.4; and &man.siis.4; driver now reports maximum
610 tag number to the framework to optimize the NCQ
615 <para>A loader tunable
616 <varname>kern.cam.boot_delay</varname> has been added.
617 This controls the delay time before &man.cam.3; probes
618 the attached devices.</para>
622 <para>SCSI error recovery for devices on buses without
623 automatic sense reporting has been improved. Typical
624 devices are on ATAPI and USB. For example, this allows
625 &man.cam.3; to wait, while CD drive loads disk, instead
626 of immediately return error status.</para>
630 <para>A bug in the &man.fdc.4; driver which prevents the
631 kernel module from unloading has been fixed.</para>
633 <para>&man.geom.8; providers including complex ones such as
634 &man.gconcat.8;, &man.gmirror.8;, &man.graid3.8,
635 &man.gstripe.8;, and some hardware RAID device drivers like
636 &man.twa.4; now inform its optimal access block size to the
639 <para>The &man.gmirror.8; utility now supports
640 <command>configure <option>-p</option>
641 <replaceable>priority</replaceable></command> command to
642 change the providers priority.</para>
644 <para>The balancing mode algorithm <literal>load</literal>
645 used in the &man.gmirror.8; utility has been changed and it
646 is now the default one instead of
647 <literal>split</literal>:</para>
651 <para>Instead of measuring last request execution time for
652 each drive and choosing one with smallest time, use
653 averaged number of requests, running on each drive. This
654 information is more accurate and timely. It allows to
655 distribute load between drives in more even and
656 predictable way.</para>
660 <para>For each drive track offset of the last submitted
661 request. If new request offset matches previous one or
662 close for some drive, prefer that drive. It allows to
663 significantly speedup simultaneous sequential reads.</para>
667 <para>The &man.gmultipath.8; utility now supports
668 <command>destroy</command> command.</para>
670 <para>A bug in the &man.graid3.8; which causes a panic when a
671 large request arrives has been fixed. This happens when
672 <varname>MAXPHYS</varname> is set as larger than 128k.</para>
674 <para>The default block size of &man.gstripe.8; has been
675 increased from 4k to 64k.</para>
677 <para>The &man.isp.4; driver has been improved in
680 <para>The Max Read Request Size in the &man.siis.4; driver for
681 PCIe chips has been increased from 512 to 1024 bytes for
682 better performance.</para>
686 <title>File Systems</title>
688 <para>&os; NFS subsystem now supports a timeout for the
689 negative name cache entries in the client. This avoids a
690 bogus negative name cache entry from persisting forever when
691 another client creates an entry with the same name within
692 the same NFS server time of day clock tick. The mount
693 option <option>negnametimeo</option> can be used to override
694 the default timeout interval (60 seconds) on a
695 per-mount-point basis. a Setting
696 <option>negnametimeo</option> to <literal>0</literal>
697 disables negative name caching for the mount point.</para>
699 <para>A race condition in &os; NFS subsystem that occurs when
700 &man.nfsiod.8; threads are being created has been fixed.
701 This also fixes an interoperability issue found in
702 combination of a &os; NFS client and a Linux NFS
705 <para>The inode number handling in &man.ffs.7; file system is
706 now unsigned. Previously some large inode numbers can be
707 treated as negative, and this issue shows up at file systems
708 with the size of more than 16Tb in 16k block case. The
709 &man.newfs.8; utility never create a file system with more
710 than 2^32 inodes by cutting back on the number of inodes per
711 cylinder group if necessary to stay under the limit.</para>
713 <para>&os; &man.VFS.9; subsystem now supports a new sysctl
714 variable <varname>vfs.vlru_allow_cache_src</varname>. This
715 allow <filename>vnlru</filename> kernel thread to reclaim
716 of the directory vnodes that are source of the namecache
717 records. This is not enabled by default because for
718 typical workload it would make namecache unusable, but
719 large nested directory tree easily puts any process that
720 accesses file system into one second wait for
721 <filename>vnlru</filename> kernel thread.</para>
723 <para>The ZFS file system now supports NFSv4 ACL.</para>
725 <para>The zpool version of ZFS subsystem has been updated to
726 version 14. It is now possible to use zpools created on
727 OpenSolaris 2009.06.</para>
729 <para>Bugs in the ZFS file system that <command>zfs snapshot
730 -r</command> fails when the file system is busy, and
731 <command>zfs receive</command> can fail with an E2BIG
732 error, have been fixed.</para>
736 <sect2 id="userland">
737 <title>Userland Changes</title>
739 <para>A bug in &man.bsnmpd.1; program which leads to high CPU
740 consumption on a loaded system has been fixed.</para>
742 <para>A bug in &man.bzip2.1; utility which prevented it from
743 working with multi-session bzip2 files has been fixed.</para>
745 <para>The &man.camcontrol.8; utility now supports a
746 <option>-v</option> flag in the subcommand
747 <command>identify</command>. It displays whole of identify
750 <para>The &man.cp.1; now supports a <option>-x</option> flag to
751 make it not traverse across multiple mount points.</para>
753 <para>The &man.cp.1;, &man.find.1;, &man.getfacl.1;, &man.mv.1;,
754 and &man.setfacl.1; utilities now support NFSv4 ACL.</para>
756 <para>The &man.diskinfo.8; now supports reporting disk stripe
757 size and offset. This helps users to make file systems
758 optimally aligned and tuned for better performance.</para>
760 <para>A bug in &man.ee.1; utility which can crash the
761 program has been fixed.</para>
763 <para>A bug in &man.factor.6; utility which leads to performance
764 degradation has been fixed.</para>
766 <para>The &man.fetch.1; utility now supports HTTP digest
767 authentication.</para>
769 <para>A bug in &man.fetch.1; utility which incorrectly evaluates
770 a variable <varname>NO_PROXY</varname> has been fixed.</para>
772 <para>A bug in the &man.fsck.ffs.8; utility which causes the
773 last cylinder group of a UFS1 file system is always reported
774 as broken even after it is fixed.</para>
776 <para>The &man.gcore.1; utility now recognizes threads in the
777 process and handles dumps on a thread scope.</para>
779 <para>The &man.ifconfig.8; utility now supports manipulation of
780 NDP flags handled by &man.ndp.8;.</para>
782 <para>The &man.ifconfig.8; utility now supports a
784 <replaceable>value</replaceable></command> command to add a
785 description <replaceable>value</replaceable> to the specified
788 <para>The &man.mount.nfs.8; utility now supports
789 <literal>[<replaceable>ipaddr</replaceable>]:<replaceable>path</replaceable></literal>
790 notation in addition to the existing one. This allows IPv6
791 address in the address field, and a path including
792 <quote><literal>:</literal></quote> to be mounted.</para>
794 <para>The &man.netstat.1; utility now supports ARP information
795 in statistics shown by the <option>-s</option> flag.</para>
797 <para>The &man.netstat.1; utility now supports a <option>-q
798 <replaceable>number</replaceable></option> option to specify
799 the number of outputs. This is used in conjunction with
800 <option>-w</option> option.</para>
802 <para>The &man.newsyslog.8; utility does not consider
803 non-existence of a PID file as an error now. A new flag
804 <option>-P</option> reverts it to the old behavior.</para>
806 <para>The &man.ntpd.8; program no longer tries to bind to an
807 IPv6 anycast address.</para>
809 <para>The &man.pwait.1; utility has been added. This is similar
810 to the Solaris utility of the same name, and waits for any
811 process to terminate.</para>
813 <para>A bug in the &man.restore.8; utility which caused short
814 reads when a option <option>-P</option> was used has been
817 <para>The &man.rtsold.8; <option>-a</option> flag now excludes
818 the interfaces which IPv6 or accepting ICMPv6 Router
819 Advertisement message is disabled from the auto-probed
820 interface list.</para>
822 <para>The &man.scandir.3; and &man.alphasort.3; functions has
823 been updated to conform POSIX.1-2008 (IEEE Std
826 <para>The &man.sighold.2;, &man.sigignore.2;, &man.sigpause.2;,
827 &man.sigrelse.2;, and &man.sigset.2; functions have been
828 implemented for making porting software from System V-like
829 systems easy. Note that these are defined in POSIX.1-2008 XSI
830 (IEEE Std 1003.1-2008, X/Open System Interface) but now
831 obsolete. Since &os; already has another
832 <function>sigpause(3)</function> function derived from 4.2BSD,
833 a version of the XSI interface is implemented as
834 <function>xsi_sigpause()</function>.</para>
836 <para>The &man.sshd.8;, &man.cron.8;, &man.inetd.8;, and
837 &man.syslogd.8; programs now set
838 <literal>MADV_PROTECT</literal> memory flag onto themselves to
839 protect from being terminated by the &os; kernel when
840 available memory becomes short. This kind of process
841 termination happens in a swap-intensive workload.</para>
843 <para>The &man.strsignal.3; function is now thread-safe.</para>
845 <para>The &man.sysctl.8; utility now supports a
846 <option>-i</option> flag to ignore failures while retrieving
847 individual OIDs. This allows the same list of OIDs to be
848 passed to &man.sysctl.8; across different systems where
849 particular OIDs may not exist, and still get as much
850 information as possible from them.</para>
852 <para>The &man.traceroute.8; utility now performs source address
853 selection correctly even in a VIMAGE &man.jail.8;
856 <para>The &man.unifdef.1; utility has been updated to version
857 1.188. It now supports a new <option>-B</option> flag to
858 compress blank lines around a deleted section to prevent blank
859 lines around paragraphs of code from getting doubled.</para>
861 <para>The &man.usbconfig.8; utility now supports a new flag
862 <option>-d</option> to specify the &man.ugen.4; device, and
863 <command>add_quirk</command> and
864 <command>remove_quirk</command> commands.</para>
866 <para>The &man.whois.1; utility now supports searching IPv6
867 addresses just like IPv4 without specifying the ARIN server.
868 A <option>-d</option> flag has been removed becuase it is now
871 <para>A new errno <varname>ENOTCAPABLE</varname> has been added.
872 This is to be returned when a process requests an operation on
873 a file descriptor that is not authorized by the descriptor's
874 capability flags.</para>
876 <para>The &man.zfs.8; command now supports a new flag
877 <option>receive -u</option> to specify that the received ZFS
878 should not be mounted automatically.</para>
880 <sect3 id="rc-scripts">
881 <title><filename>/etc/rc.d</filename> Scripts</title>
885 <para>The &man.service.8; command has been added. This
886 provides an easy command-line interface to the
887 <filename>rc.d</filename> system.</para>
889 <para>A new <filename>rc.d</filename> script
890 <filename>rtsold</filename> has been added. This handles
891 &man.rtsold.8; daemon.</para>
893 <para>A new <filename>rc.d</filename> script
894 <filename>static_arp</filename> has been added. This allows
895 the administrator to statically define mappings of MAC
896 address to IPv4 at boot time. See also the &man.rc.conf.5;
897 manual page for more details.</para>
899 <para>The &man.rc.conf.5; now supports a
900 <varname>firewall_coscripts</varname> variable. This should
901 contain a list of commands which should be excuted after
902 firewall starts or stops.</para>
904 <para>The &man.rc.conf.5; now supports configuring
905 &man.vlan.4; interfaces as child devices similar to
906 &man.wlan.4; interfaces. &man.vlan.4; interfaces are listed
908 <varname>vlans_<replaceable>IF</replaceable></varname>
909 variable. If a VLAN interface is a number, then that number
910 is treated as the VLAN tag for the interface and the
911 interface will be named
912 <varname><replaceable>IF</replaceable>.<replaceable>tag</replaceable></varname>.
913 Otherwise, the VLAN tag must be provided via a VLAN
915 <varname>create_args_<replaceable>IF</replaceable></varname>
921 <title>Contributed Software</title>
925 <para>The <application>ACPI-CA</application> has been updated to
928 <para>The <application>awk</application> has been updated from
929 the 23 October 2007 release to the 26 November 2009 release.</para>
931 <para><application>ISC BIND</application> has been updated to
932 version 9.6.1-P3.</para>
934 <para><application>netcat</application> has been updated to
937 <para><application>sendmail</application> has been updated to
938 version 8.14.4.</para>
940 <para>The timezone database has been updated to the
941 <application>tzdata2010b</application> release.</para>
944 <para role="8.0">The <application>ee</application> (easy editor) has
945 been updated to 1.5.0. This version is now licensed under a
946 2-clause BSD license, instead of the Artistic license.</para>
948 <para role="8.0">The <application>hostapd</application> has been updated to
949 version 0.6.8 + radius ACL support.</para>
951 <para role="8.0">The <application>less</application> has been updated to
954 <para role="8.0">The <filename>libarchive</filename> library has
955 been updated to version 2.7.0.</para>
957 <para role="8.0">The <filename>libexpat</filename> library has
958 been updated from version 1.95.5 to version 2.0.1.</para>
960 <para role="8.0">The <filename>ncurses</filename> library has been updated
961 to version 5.7-20081102.</para>
963 <para role="8.0"><application>OpenBSM</application> 1.1 from
964 Trusted BSD Project has been merged.</para>
966 <para role="8.0"><application>TCPDUMP</application> has been
967 updated to 4.0.0.</para>
969 <para role="8.0"><application>wpa_supplicant</application> has been updated to
972 <para role="8.0">The <application>ZFS</application> file system
973 has been updated from version 6 to version 13.</para>
975 <para role="7.1">The <application>am-utils</application> has been updated from
976 version 6.0.10p1 to version 6.1.5.</para>
978 <para role="7.1">The <application>bzip2</application> has been updated from
979 version 1.0.4 to version 1.0.5.</para>
981 <para role="7.1">The <application>CVS</application> has been updated to
982 version 1.11.22.1.</para>
984 <para role="7.1"><application>NTP</application> has been updated to version
987 <para role="7.1"><application>OpenPAM</application> has been updated from the
988 Figwort release to the Hydrangea release.</para>
990 <para role="7.1"><application>OpenSSH</application> has been updated from
991 version 4.5p1 to version 5.1p1.</para>
993 <para role="7.1">The &man.resolver.3; library has been updated to
994 one of <application>ISC BIND</application> 9.4.3.</para>
1000 <title>Ports/Packages Collection Infrastructure</title>
1006 <title>Release Engineering and Integration</title>
1008 <para>The filename of ISO images for &os; releases now has a
1009 <filename>FreeBSD-</filename> at the beginning.</para>
1011 <para>The supported version of
1012 the <application>GNOME</application> desktop environment
1013 (<filename role="package">x11/gnome2</filename>) has been
1014 updated to 2.28.2.</para>
1016 <para>The supported version of
1017 the <application>KDE</application> desktop environment
1018 (<filename role="package">x11/kde4</filename>) has been
1019 updated to 4.4.3.</para>
1023 <sect1 id="upgrade">
1024 <title>Upgrading from previous releases of &os;</title>
1026 <para arch="amd64,i386">Upgrades between RELEASE versions (and
1027 snapshots of the various security branches) are supported using
1028 the &man.freebsd-update.8; utility. The binary upgrade
1029 procedure will update unmodified userland utilities, as well as
1030 unmodified GENERIC kernel distributed as a part of an
1031 official &os; release. The &man.freebsd-update.8; utility
1032 requires that the host being upgraded has Internet
1033 connectivity.</para>
1035 <para>An older form of binary upgrade is supported through the
1036 <command>Upgrade</command> option from the main
1037 &man.sysinstall.8; menu on CDROM distribution media. This type
1038 of binary upgrade may be useful on non-&arch.i386;,
1039 non-&arch.amd64; machines or on systems with no Internet
1040 connectivity.</para>
1042 <para>Source-based upgrades (those based on recompiling the &os;
1043 base system from source code) from previous versions are
1044 supported, according to the instructions in
1045 <filename>/usr/src/UPDATING</filename>.</para>
1048 <para>Upgrading &os; should, of course, only be attempted after
1049 backing up <emphasis>all</emphasis> data and configuration