From nobody Mon Nov 18 21:58:21 2024 X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XshMd6Zhlz5dcjf for ; Mon, 18 Nov 2024 21:58:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XshMd6162z4R1X; Mon, 18 Nov 2024 21:58:21 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731967101; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kTvwSipsdnhVFRmB/Qwthr4XZWha8vFfWD6vtWhP+3U=; b=DMM86eMJ0M6fi8rh9d9kAAdUHMv9bSnKirpsX5OfvhZqhsxF2xHl6koW7yLYGwV2EourzC aknlXhvZPW5oETIzQOijppfgrV9nzt+PPVs1bRlPt4uNF0Cqo1xC0Cy0TAkHOMyIrnBGKp nPvhTxAQb+WcSkGmJ9YopNUr6jX0yUgGCtTcmxV0SX7/ftEYbLMVdJH9rTibe/qwV8B3nD LW3Wxk8t7xNvu0eufhVZh3rNVvAyn+Gij8DnAYSt+uRwA+54BkHfQ2qMbPVdHBLTkezdts CHh1DPymJCidqg+OUsHYomZ4GWE0Y/DEdVKM9QBvHEUDmu/5/KEEFfTryil2UA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731967101; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kTvwSipsdnhVFRmB/Qwthr4XZWha8vFfWD6vtWhP+3U=; b=jqn0oh699D9R2ivjjdmuPvziGfVGJFjeHfXe0zJ2+j/yjcnMShf0Q8vKI4BcLEUn6/YC56 fUNajps+vmnFkyjrNyHakz/mEzR4/WDcdnuVUUQ5wL0zTE77ZWWSzchPMU1x4fNyJf4XOt qzVaF5PuCTXD3FFZBrfK4CSuUDhE9iC+DEYmwNKG7twVJJezbzYT7UQSB/RRAYGR0hc3b4 WsvlVrDKQg5AtfXFsBgJQ25EoSBnwk+KtSCrIqlGYbp7otVeqolSB1qnydTuBBuAdyEuuG Gnv3nBkSaWoiDc5v0fVYR0O85cwNFLRQ9SZsnzYt34m8kA40ywc8z/iuZaCfWg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1731967101; a=rsa-sha256; cv=none; b=D7VBjvP+7iYoOpGT3er6yVGcsk/jug+YFGKriQTxeEUC1JgMzqktIs11UYOEOo3y3CUPtD OCxStriTZJf72DUcjcUSAbzMnyIKKRYuL1TGI26BRFKlLhqoUJVbHL72FZLrwCBuwMu/7R H3h9AEnzvaLAEkWHm10cnv4H/A8XRBfRUlPM8TqeRbO3+wTSfNGejavyuYvRQEECrypUXZ YVM324bz1YBm7aicAzzNYowZrgwUhJYZ9D1UlozcvfIa2WR5AJ9iZl6tFBY9K6OZDcwBfC OJMUuZ5ZM0yvtEJzvX+9jzqxKtmcv/CBCs7eqv+92HMf6SwLwab24bNka+BedQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XshMd5VF4zy18; Mon, 18 Nov 2024 21:58:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4AILwLci083091; Mon, 18 Nov 2024 21:58:21 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4AILwLFm083088; Mon, 18 Nov 2024 21:58:21 GMT (envelope-from git) Date: Mon, 18 Nov 2024 21:58:21 GMT Message-Id: <202411182158.4AILwLFm083088@gitrepo.freebsd.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: Muhammad Moinur Rahman Subject: git: 9d6f63ce06 - main - website/content: Initial commit for 14.2 Release Notes List-Id: Commit messages for all branches of the doc repository List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-doc-all@freebsd.org Sender: owner-dev-commits-doc-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bofh X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 9d6f63ce06af8df9189f43a1185bb9660ca7fe6f Auto-Submitted: auto-generated The branch main has been updated by bofh: URL: https://cgit.FreeBSD.org/doc/commit/?id=9d6f63ce06af8df9189f43a1185bb9660ca7fe6f commit 9d6f63ce06af8df9189f43a1185bb9660ca7fe6f Author: Muhammad Moinur Rahman AuthorDate: 2024-11-18 21:52:05 +0000 Commit: Muhammad Moinur Rahman CommitDate: 2024-11-18 21:53:49 +0000 website/content: Initial commit for 14.2 Release Notes Sponsored by: The FreeBSD Foundation --- website/content/en/releases/14.2R/relnotes.adoc | 162 +++++++++++++++++++++++- 1 file changed, 156 insertions(+), 6 deletions(-) diff --git a/website/content/en/releases/14.2R/relnotes.adoc b/website/content/en/releases/14.2R/relnotes.adoc index e4d7e02797..eb730e3ca2 100644 --- a/website/content/en/releases/14.2R/relnotes.adoc +++ b/website/content/en/releases/14.2R/relnotes.adoc @@ -84,10 +84,69 @@ This section lists the various Security Advisories and Errata Notices since {rel | Date | Topic -|No advisories. -| -| +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc[FreeBSD-SA-24:04.openssh] +|01 July 2024 +|OpenSSH pre-authentication remote code execution +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:05.pf.asc[FreeBSD-SA-24:05.pf] +|07 August 2024 +|pf incorrectly matches different ICMPv6 states in the state table + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:06.ktrace.asc[FreeBSD-SA-24:06.ktrace] +|07 August 2024 +|man:ktrace[2] fails to detach when executing a setuid binary + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:07.nfsclient.asc[FreeBSD-SA-24:07.nfsclient] +|07 August 2024 +|NFS client accepts file names containing path separators + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:08.openssh.asc[FreeBSD-SA-24:08.openssh] +|07 August 2024 +|OpenSSH pre-authentication async signal safety issue + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:09.libnv.asc[FreeBSD-SA-24:09.libnv] +|04 September 2024 +|Multiple vulnerabilities in libnv + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:10.bhyve.asc[FreeBSD-SA-24:10.bhyve] +|04 September 2024 +|man:bhyve[8] privileged guest escape via TPM device passthrough + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:11.ctl.asc[FreeBSD-SA-24:11.ctl] +|04 September 2024 +|Multiple issues in man:ctl[4] CAM Target Layer + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:12.bhyve.asc[FreeBSD-SA-24:12.bhyve] +|04 September 2024 +|man:bhyve[8] privileged guest escape via USB controller + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:13.openssl.asc[FreeBSD-SA-24:13.openssl] +|04 September 2024 +|Possible DoS in X.509 name checks in OpenSSL + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:14.umtx.asc[FreeBSD-SA-24:14.umtx] +|04 September 2024 +|umtx Kernel panic or Use-After-Free + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:15.bhyve.asc[FreeBSD-SA-24:15.bhyve] +|19 September 2024 +|man:bhyve[8] out-of-bounds read access via XHCI emulation + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:16.libnv.asc[FreeBSD-SA-24:16.libnv] +|19 September 2024 +|Integer overflow in libnv + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:17.bhyve.asc[FreeBSD-SA-24:17.bhyve] +|29 October 2024 +|Multiple issues in the bhyve hypervisor + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:18.ctl.asc[FreeBSD-SA-24:18.ctl] +|29 October 2024 +|Unbounded allocation in man:ctl[4] CAM Target Layer + +|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:19.fetch.asc[FreeBSD-SA-24:19.fetch] +|29 October 2024 +|Certificate revocation list man:fetch[1] option fails |=== [[errata]] @@ -100,11 +159,37 @@ This section lists the various Security Advisories and Errata Notices since {rel | Date | Topic -|No notices. -| -| +|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:10.zfs.asc[FreeBSD-EN-24:10.zfs] +|19 June 2024 +|Kernel memory leak in ZFS + +|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:11.ldns.asc[FreeBSD-EN-24:11.ldns] +|19 June 2024 +|LDNS uses nameserver commented out in resolv.conf + +|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:12.killpg.asc[FreeBSD-EN-24:12.killpg] +|19 June 2024 +|Lock order reversal in killpg causing livelock + +|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:13.libcpass:[++].asc[FreeBSD-EN-24:13.libc++] +|19 June 2024 +|Incorrect size passed to heap allocated std::string delete +|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:14.ifconfig.asc[FreeBSD-EN-24:14.ifconfig] +|07 August 2024 +|Incorrect ifconfig netmask assignment +|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:15.calendar.asc[FreeBSD-EN-24:15.calendar] +|04 September 2024 +|man:cron[8] / man:periodic[8] session login + +|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:16.pf.asc[FreeBSD-EN-24:16.pf] +|19 September 2024 +|Incorrect ICMPv6 state handling in pf + +|https://www.freebsd.org/security/advisories/FreeBSD-EN-24:17.pam_xdg.asc[FreeBSD-EN-24:17.pam_xdg] +|29 October 2024 +|XDG runtime directory's file descriptor leak at login |=== [[userland]] @@ -121,6 +206,20 @@ This section covers changes and additions to userland applications, contributed [[userland-contrib]] === Contributed Software +`bc` has been upgraded to 7.0.2. + +`libarchive` has been upgraded to 3.7.7. + +`libcxxrt` has been upgraded to vendor snapshot 698997bfde1f. + +`libpcap` has been upgraded to vendor snapshot 1.10.5. + +`tcpdump` has been upgraded to 4.99.5. + +`openssl` has been upgraded to 3.0.15. + +`unbound` has been upgraded to 1.22.0. + [[userland-deprecated-programs]] === Deprecated Applications @@ -167,6 +266,12 @@ This section covers the boot loader, boot menu, and other boot-related changes. This section describes changes that affect networking in FreeBSD. +[[network-protocols]] +== Network Protocols + +Lots of improvements to the network stack, including performance improvements and bug fixes for the man:sctp[4] stack. +Specifically, support for the SCTP checksum offload feature has been added to the loopback interface. + [[network-general]] === General Network @@ -177,6 +282,12 @@ This section covers general hardware support for physical machines, hypervisors, Please see link:https://www.freebsd.org/releases/{localRel}R/hardware[the list of hardware] supported by {releaseCurrent}, as well as link:https://www.freebsd.org/platforms/[the platforms page] for the complete list of supported CPU architectures. +[[processor]] +=== Processor Support + +Nominal support for POWER10 and POWER11 has been added. + +[[networking]] [[hardware-virtualization]] === Virtualization Support @@ -196,5 +307,44 @@ This section covers changes to the FreeBSD Ports Collection, package infrastruct [[ports-packages]] === Packaging Changes +The DVD package set has been modernized. + +package:archivers/unzip[] has been removed as it is in base now. + +package:emulators/linux_base-c7[] has been removed as it is unlikely to be useful without other Linux packages being installed. + +package:ports-mgmt/portmaster[] has been removed as it has been discouraged in favour of using pkg and binary packages. + +package:x11-drivers/xf86-video-vmware[] has been removed as it is no longer useful with the current version of xorg-server. + +package:devel/git[] has been replaced with package:devel/git@lite[] as this is sufficient for most purposes. + +package:sysutils/seatd[] and package:x11-wm/sway[] have been added for Wayland support. + [[future-releases]] == General Notes Regarding Future FreeBSD Releases + +FreeBSD 15.0 is not expected to include support for 32-bit platforms other than armv7. +The armv6, i386, and powerpc platforms are deprecated and will be removed. +64-bit systems will still be able to run older 32-bit binaries. + +The FreeBSD Project expects to support armv7 as a Tier 2 architecture in FreeBSD 15.0 and stable/15. +However, the Project also anticipates that armv7 may be removed in FreeBSD 16.0. +The Project will provide an update on the status of armv7 for both 15.x and 16.x at the time of 15.0 release. + +Support for executing 32-bit binaries on 64-bit platforms via the `COMPAT_FREEBSD32` option will continue for at least the stable/15 and stable/16 branches. +Support for compiling individual 32-bit applications via `cc -m32` will also continue for at least the stable/15 branch, which includes suitable headers in [.filename]#/usr/include# and libraries in [.filename]#/usr/lib32#. + +Ports will not include support for deprecated 32-bit platforms for FreeBSD 15.0 and later releases. +These future releases will not include binary packages or support for building packages from ports for deprecated 32-bit platforms. + +The FreeBSD stable/14 and earlier branches will retain existing 32-bit kernel and world support. +Ports will retain existing support for building ports and packages for 32-bit systems on stable/14 and earlier branches as long as those branches are supported by the ports system. +However, all 32-bit platforms are Tier-2 or Tier-3, and support for individual ports should be expected to degrade as upstreams deprecate 32-bit platforms. + +With the current support schedule, stable/14 will reach end of life (EOL) around 5 years after the release of FreeBSD 14.0-RELEASE. +The EOL of stable/14 will mark the end of support for deprecated 32-bit platforms, including source releases, pre-built packages, and support for building applications from ports. +With the release of 14.0-RELEASE in November 2023, support for deprecated 32-bit platforms will end in November 2028. + +The Project may choose to alter this approach when FreeBSD 15.0 is released by extending some level of support for one or more of the deprecated platforms in 15.0 or later. +Any alterations will be driven by community feedback and committed efforts to support these platforms.