From owner-svn-doc-all@freebsd.org Fri Jun 14 00:34:26 2019 Return-Path: Delivered-To: svn-doc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0764C15C18EB; Fri, 14 Jun 2019 00:34:26 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9091474F75; Fri, 14 Jun 2019 00:34:25 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 69A318358; Fri, 14 Jun 2019 00:34:25 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x5E0YPUd064043; Fri, 14 Jun 2019 00:34:25 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x5E0YPYf064042; Fri, 14 Jun 2019 00:34:25 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201906140034.x5E0YPYf064042@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Fri, 14 Jun 2019 00:34:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r53145 - head/en_US.ISO8859-1/htdocs/releases/11.3R X-SVN-Group: doc-head X-SVN-Commit-Author: gjb X-SVN-Commit-Paths: head/en_US.ISO8859-1/htdocs/releases/11.3R X-SVN-Commit-Revision: 53145 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 9091474F75 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.97 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.998,0]; NEURAL_HAM_SHORT(-0.97)[-0.975,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Jun 2019 00:34:26 -0000 Author: gjb Date: Fri Jun 14 00:34:25 2019 New Revision: 53145 URL: https://svnweb.freebsd.org/changeset/doc/53145 Log: Add the relnotes page. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Added: head/en_US.ISO8859-1/htdocs/releases/11.3R/relnotes.html (contents, props changed) Added: head/en_US.ISO8859-1/htdocs/releases/11.3R/relnotes.html ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/11.3R/relnotes.html Fri Jun 14 00:34:25 2019 (r53145) @@ -0,0 +1,282 @@ + +FreeBSD 11.3-RELEASE Release Notes

FreeBSD 11.3-RELEASE Release Notes

The FreeBSD Project

Copyright © 2019 The FreeBSD Documentation + Project

FreeBSD is a registered trademark of + the FreeBSD Foundation.

IBM, AIX, OS/2, + PowerPC, PS/2, S/390, and ThinkPad are + trademarks of International Business Machines Corporation in the + United States, other countries, or both.

IEEE, POSIX, and 802 are registered + trademarks of Institute of Electrical and Electronics Engineers, + Inc. in the United States.

Intel, Celeron, Centrino, Core, EtherExpress, i386, + i486, Itanium, Pentium, and Xeon are trademarks or registered + trademarks of Intel Corporation or its subsidiaries in the United + States and other countries.

SPARC, SPARC64, and + UltraSPARC are trademarks of SPARC International, Inc in the United + States and other countries. SPARC International, Inc owns all of the + SPARC trademarks and under licensing agreements allows the proper use + of these trademarks by its members.

Many of the designations used by + manufacturers and sellers to distinguish their products are claimed + as trademarks. Where those designations appear in this document, + and the FreeBSD Project was aware of the trademark claim, the + designations have been followed by the or the + ® symbol.

Last modified on 2019-06-13 23:55:01 UTC by gjb.
Abstract

The release notes for FreeBSD 11.3-RELEASE contain + a summary of the changes made to the FreeBSD base system on the + 11.3-STABLE development line. This document lists + applicable security advisories that were issued since the last + release, as well as significant changes to the FreeBSD kernel and + userland. Some brief remarks on upgrading are also + presented.

Table of Contents
1. Introduction
2. Upgrading from Previous Releases of FreeBSD
3. Security and Errata
3.1. Security Advisories
3.2. Errata Notices
4. Userland
4.1. Userland Configuration Changes
4.2. Userland Application Changes
4.3. Contributed Software
4.4. Installation and Configuration Tools
4.5. /etc/rc.d + Scripts
4.6. /etc/periodic + Scripts
4.7. Runtime Libraries and API
4.8. ABI Compatibility
4.9. Userland Debugging
5. Kernel
5.1. General Kernel Changes
5.2. Kernel Bug Fixes
5.3. Kernel Configuration
5.4. Kernel Modules
5.5. System Tuning and Controls
6. Devices and Drivers
6.1. Device Dr ivers
6.2. Storage Drivers
6.3. Network Drivers
7. Hardware Support
7.1. Hardware Support
7.2. Virtualization Support
7.3. ARM Support
8. Storage
8.1. General Storage
8.2. Networked Storage
8.3. ZFS
8.4. geom(4)
9. Boot Loader Changes
9.1. Boot Loader Changes
9.2. Boot Menu Changes
10. Networking
10.1. General Network Changes
10.2. Network Protocols
11. Ports Collection and Package Infrastructure
11.1. Infrastructure Changes
11.2. Packaging Changes
12. Documentation
12.1. Documentation Source Changes
12.2. Documentation Toolchain Changes
13. Release Engineering and Integration
13.1. Integration Changes

1. Introduction

This document contains the release notes for FreeBSD + 11.3-RELEASE. It describes recently added, changed, or + deleted features of FreeBSD. It also provides some notes on + upgrading from previous versions of FreeBSD.

This distribution of FreeBSD + 11.3-RELEASE is a release distribution. It can be + found at https://www.FreeBSD.org/releases/ or + any of its mirrors. More information on obtaining this (or + other) release distributions of FreeBSD can be found in the + Obtaining + FreeBSD appendix to the FreeBSD + Handbook.

All users are encouraged to consult the release errata + before installing FreeBSD. The errata document is updated with + late-breaking information discovered late in the + release cycle or after the release. Typically, it contains + information on known bugs, security advisories, and corrections + to documentation. An up-to-date copy of the errata for FreeBSD + 11.3-RELEASE can be found on the FreeBSD Web site.

This document describes the most user-visible new or changed + features in FreeBSD since 11.2-RELEASE. In general, changes + described here are unique to the 11.3-STABLE branch unless + specifically marked as MERGED features.

Typical release note items document recent security + advisories issued after 11.2-RELEASE, new drivers or hardware + support, new commands or options, major bug fixes, or + contributed software upgrades. They may also list changes to + major ports/packages or release engineering practices. Clearly + the release notes cannot list every single change made to FreeBSD + between releases; this document focuses primarily on security + advisories, user-visible changes, and major architectural + improvements.

2. Upgrading from Previous Releases of FreeBSD

[amd64,i386] Binary upgrades between RELEASE versions + (and snapshots of the various security branches) are supported + using the freebsd-update(8) utility. The binary upgrade + procedure will update unmodified userland utilities, as well as + unmodified GENERIC kernels distributed as a part of an official + FreeBSD release. The freebsd-update(8) utility requires that + the host being upgraded have Internet connectivity.

Source-based upgrades (those based on recompiling the FreeBSD + base system from source code) from previous versions are + supported, according to the instructions in + /usr/src/UPDATING.

Important:

Upgrading FreeBSD should only be attempted after backing up + all data and configuration files.

3. Security and Errata

This section lists the various Security Advisories and + Errata Notices since 11.2-RELEASE.

3.1. Security Advisories

AdvisoryDateTopic
FreeBSD-SA-18:08.tcp06 August 2018

Resource exhaustion in TCP + reassembly

FreeBSD-SA-18:09.l1tf14 August 2018

L1 Terminal Fault (L1TF) Kernel Information + Disclosure

FreeBSD-SA-18:10.ip14 August 2018

Resource exhaustion in IP fragment + reassembly

FreeBSD-SA-18:11.hostapd14 August 2018

Unauthenticated EAPOL-Key Decryption + Vulnerability

FreeBSD-SA-18:12.elf12 September 2018

Improper ELF header parsing

FreeBSD-SA-18:13.nfs27 November 2018

Multiple vulnerabilities

FreeBSD-SA-18:14.bhyve4 December 2018

Insufficient bounds checking

FreeBSD-SA-18:15.bootpd19 December  2018

Buffer overflow

FreeBSD-SA-19:01.syscall5 February 2019

Kernel data register leak

FreeBSD-SA-19:02.fd5 February 2019

File description reference count + leak

FreeBSD-SA-19:03.wpa14 May 2019

Multiple vulnerabilities

FreeBSD-SA-19:04.ntp14 May 2019

Authenticated denial of service in + ntpd(8)

FreeBSD-SA-19:05.pf14 May 2019

IPv6 fragment reassembly panic in + pf(4)

FreeBSD-SA-19:06.pf14 May 2019

ICMP/ICMP6 packet filter bypass in + pf(4)

FreeBSD-SA-19:07.mds14 May 2019

Microarchitectural Data Sampling

3.2. Errata Notices

ErrataDateTopic
FreeBSD-EN-18:08.lazyfpu12 September 2018

Regression in Lazy FPU remediation

FreeBSD-EN-18:09.ip27 September 2018

IP fragment remediation causes + IPv6 reassembly failure

FreeBSD-EN-18:10.syscall27 September 2018

Null pointer dereference in + freebsd4_getfsstat system + call

FreeBSD-EN-18:11.listen27 September 2018

Denial of service in listen + system call

FreeBSD-EN-18:12.mem27 September 2018

Small kernel memory disclosures in two system + calls

FreeBSD-EN-18:13.icmp27 November 2018

ICMP buffer underwrite

FreeBSD-EN-18:14.tzdata27 November 2018

Timezone database information + update

FreeBSD-EN-18:15.loader27 November 2018

Deferred kernel loading breaks loader + password

FreeBSD-EN-18:16.ptrace19 December 2018

Kernel panic when attaching to stopped + process

FreeBSD-EN-18:17.vm19 December 2018

Kernel panic under load on Intel® Skylake™ + CPUs

FreeBSD-EN-18:18.zfs19 December 2018

ZFS vnode reclaim deadlock

FreeBSD-EN-19:03.sqlite9 January 2019

sqlite update

FreeBSD-EN-19:04.tzdata9 January 2019

Timezone database information + update

FreeBSD-EN-19:05.kqueue9 January 2019

kqueue race condition and kernel + panic

FreeBSD-EN-19:08.tzdata14 May 2019

Timezone database information + update

FreeBSD-EN-19:09.xinstall14 May 2019

install(1) broken with partially matching + relative paths

4. Userland

This section covers changes and additions to userland + applications, contributed software, and system utilities.

4.1. Userland Configuration Changes

The jail(8) utility has been + updated to include a new jail.conf(5) parameter, + allow.read_msgbuf, which prevents jailed + processes and users from accessing the dmesg(8) buffer. + This parameter is set to false by + default. [r339446]

The system crontab(5), + /etc/crontab, has been updated to set + PATH for consistency with the cron(8) + daemon. [r342103]

The default devd.conf(5) has been + updated to prevent duplicated hostapd(8) and + wpa_supplicant(8) startup via devd(8). [r343469]

4.2. Userland Application Changes

The cpuset(1), sockstat(1), + ipfw(8), and ugidfw(8) utilities have been updated + to support jail(8) names. [r336040]

The newfs_msdos(8) utililty has + been updated to include a new flag, -T, + which is used to specify the timestamp for build + reproducibility. [r336328]

The dd(1) utility has been updated + to add a new statusoperand, + progress, which reports the current status + on a single line every second. [r338364]

The last(1) utility has been + updated to include libxo(3) support. [r338451]

The lastlogin(8) utility has been + updated to include libxo(3) support. [r338452]

The traceroute(8) utility has been + updated to include libcasper(3) support. [r338475]

The diff(1) utility has been + updated to implement -B and + --ignore-blank-lines support. [r339160]

The makewhatis(1) utility has been + updated to prevent operating within read-only + directories. [r340963]

The jail(8) utility has been + updated to add a new flag, -e, which takes + a jail.conf(5) parameter as an argument and prints a list + of non-wildcard jails with the specified parameter. [r341790]

The ktrdump(8) utility has been + updated to include the -l flag which + enables "live" mode when specified. [r342706]

The trim(8) utility has been added, + which deletes content for blocks on flash-based storage + devices that use wear-leveling algorithms. [r343118]

The gzip(1) utility has been + updated to add -l support for xz(1) + files. [r343251]

The newfs(8) and tunefs(8) + utilities have been updated to allow underscores in label + names. [r343538] + (Sponsored by + Netflix)

The pfctl(8) utility has been + updated to provide clearer output and reference the + net.pf.request_maxcount sysctl(8) + if a defined table is too large. [r344020]

The newfs(8) and tunefs(8) + utilities have been updated to allow dashes in label + names. [r344052]

The fdisk(8) utility has been + updated to support sectors larger than 2048 bytes. [r344490]

The sh(1) utility has been updated + to add the pipefail option which simplifies + checking the exit status of all commands in a pipeline. [r345561]

The patch(1) utility has been + updated to exit successfully if the input patch file is + zero-length. [r345878]

4.3. Contributed Software

The xz(1) utility has been updated + to version 5.2.4. [r334607]

The file(1) utility has been + updated to version 5.34. [r337827]

The + ELF Tool Chain has been updated to + version r3614. [r338414] + (Sponsored by + The FreeBSD Foundation)

The + lld utility has been updated to add + -z interpose, marking the object file as + an interposer. [r339100] + (Sponsored by + The FreeBSD Foundation)

The file(1) utility has been + updated to fix incorrect date reporting for dump(8) + files. [r343079]

The LUA + loader(8) has been merged. [r344220]

The ntpd(8) utilities have been + updated to version 4.2.8p13. [r344884]

Timezone data files have been updated to + version 2019a. [r345670]

The clang, + llvm, + lld, + lldb, and + compiler-rt utilities as well as + libc++ have been updated to + upstream version 8.0.0. [r346296]

The WPA + utilities have been updated to version 2.8. [r346981]

OpenSSL has + been updated to version 1.0.2s. [r348343]

The libarchive(3) library has been + updated to version 3.3.3, with additional fixes from + upstream. [r348607]

OpenPAM has + been updated to the latest upstream version. [r348980]

4.4. Installation and Configuration Tools

 

4.5. /etc/rc.d + Scripts

Support for auxiliary + RAM has been added to + /etc/rc.initdiskless. [r340611]

The rcorder(8) utility has been + updated to add support for + /etc/rc.resume. [r340966]

The jail_conf + definition, which defaults to + /etc/jail.conf, has been moved from + the jail(8) rc(8) script to + /etc/defaults/rc.conf. [r341792]

The rc_service + variable has been added to rc.subr(8), which defaults to + the path of the service being executed in case the service + needs to re-invoke itself. [r343046]

4.6. /etc/periodic + Scripts

The periodic(8) weekly + 340.noid script has been updated to + prevent decending into the root directory of jails. [r341794]

4.7. Runtime Libraries and API

The pcap(3) library has been + updated to version 1.9.0 (pre-release). [r335640]

The setproctitle_fast(3) function + has been added, which is optimized for high-frequency process + title updates. [r336449]

The kqueue(2) system call has been + updated to allow updating + EVFILT_TIMER. [r337418] + (Sponsored by + Dell EMC)

The pthread_get_name_np(3) function + has been added, which is used to retrieve the function name + associated with a thread. [r338405]

The pthread(3) library has been + updated to improve POSIX compliance. [r338707]

4.8. ABI Compatibility

 

4.9. Userland Debugging

 

5. Kernel

This section covers changes to kernel configurations, system + tuning, and system control parameters that are not otherwise + categorized.

5.1. General Kernel Changes

The ddb(4) debugging utility has been + updated to print command-line arguments to a process. [r339857] + (Sponsored by + Panzura)

The number of MSI + IRQs have been converted from a constant to + a tunable. The default remains at 512, + which can now be changed during boot with the + machdep.num_msi_irqs sysctl(8). [r342656]

The kernel will now log the jail(8) + ID when logging a process exit. The + jail(8) ID 0 + represents processes that are not jailed. [r343084] + (Sponsored by + Modirum MDPay)

Warnings for features deprecated in + future releases will now be printed on all FreeBSD + versions. [r348753]

5.2. Kernel Bug Fixes

 

5.3. Kernel Configuration

 

5.4. Kernel Modules

 

5.5. System Tuning and Controls

 

6. Devices and Drivers

This section covers changes and additions to devices and + device drivers since 11.2-RELEASE.

6.1. Device Drivers

The ichwd(4) driver has been updated + to include support for TCO watchdog timers + in the Lewisburg PCH (C620) chipset. [r340182] + (Sponsored by + Panzura)

The random(4) driver has been + updated to improve performance during expensive + reseeding. [r345981]

6.2. Storage Drivers

 

6.3. Network Drivers

The TP-Link® TL-WN321G™ + network adapter now uses the run(4) driver instead of the + rum(4) driver. [r340369]

The + lagg(4) driver has been updated to allow changing the + MTU without requiring destroying and + recreating the interface. [r342206] + (Sponsored by + iXsystems)

The ccr(4) driver has been added, + providing support for Chelsio® T6™ cryptography + accelerators. [r345040] + (Sponsored by + Chelsio Communications)

The cxgbe(4) driver has been updated + to include support for hash filters, NAT + offloading, and + SMAC/DMAC swapping + filters. [r346855] + (Sponsored by + Chelsio Communications)

The cxgbe(4) T4, T5, and T6 firmware + has been updated to version 1.23.0.0. [r346940] + (Sponsored by + Chelsio Communications)

7. Hardware Support

This section covers general hardware support for physical + machines, hypervisors, and virtualization environments, as well + as hardware changes and updates that do not otherwise fit in + other sections of this document.

7.1. Hardware Support

The vt(4) keyboard mapping has been + updated to include uk.macbook.kbd + support. [r342254]

7.2. Virtualization Support

Support + for PS/2 scan codes for + NumLock, ScrollLock, and + numerical keypad keys has been added to bhyve(8). [r341758] + (Sponsored by + iXsystems)

7.3. ARM Support

 

8. Storage

This section covers changes and additions to file systems + and other storage subsystems, both local and networked.

8.1. General Storage

Deprecation warnings have been added for + weaker algorithms when creating geli(8) providers. [r348588]

8.2. Networked Storage

 

8.3. ZFS

An + issue that could result in a system hang during + ZFS vnode reclamation has been + fixed. [r341828] + (Sponsored by + Klara Systems)

The + ZFS filesystem has been updated to + implement parallel mounting. [r346690] + (Sponsored by + Gandi.net)

8.4. geom(4)

 

9. Boot Loader Changes

This section covers the boot loader, boot menu, and other + boot-related changes.

9.1. Boot Loader Changes

The functionality provided by + zfsloader has been added to + loader(8). Once the system boot blocks have been updated + following UPDATING, + zfsloader is no longer needed. A hard + link to loader(8) has been added to ease in the + transition. [r344399]

The loader(8) has been updated to + extend geli(8) support to all architectures. [r344399]

The UEFI boot + loader(8) has been updated to better determine the system + console type and device if not defined in + loader.conf(5). [r344403]

9.2. Boot Menu Changes

 

10. Networking

This section describes changes that affect networking in + FreeBSD.

10.1. General Network Changes

The ipfw(8) firewall has been + updated to include new rule options, + record-state, set-limit, + and defer-action. [r337461]

Support for NAT64 + CLAT has been added, as defined in + RFC6877. [r346212] + (Sponsored by + Yandex LLC)

10.2. Network Protocols

 

11. Ports Collection and Package Infrastructure

This section covers changes to the FreeBSD Ports + Collection, package infrastructure, and package maintenance and + installation tools.

11.1. Infrastructure Changes

 

11.2. Packaging Changes

 

12. Documentation

This section covers changes to the FreeBSD Documentation + Project sources and toolchain.

12.1. Documentation Source Changes

 

12.2. Documentation Toolchain Changes

 

13. Release Engineering and Integration

This section convers changes that are specific to the + FreeBSD Release Engineering processes.

13.1. Integration Changes

 

This file, and other release-related documents, + can be downloaded from https://www.FreeBSD.org/releases/.

For questions about FreeBSD, read the + documentation before + contacting <questions@FreeBSD.org>.

All users of FreeBSD 11.3-STABLE should + subscribe to the <stable@FreeBSD.org> + mailing list.

For questions about this documentation, + e-mail <doc@FreeBSD.org>.

\ No newline at end of file