diff --git a/website/content/en/releases/13.3R/relnotes.adoc b/website/content/en/releases/13.3R/relnotes.adoc --- a/website/content/en/releases/13.3R/relnotes.adoc +++ b/website/content/en/releases/13.3R/relnotes.adoc @@ -128,6 +128,16 @@ `security_status_diff_flags`. gitref:4c14a3a6aebe[repository=src] gitref:6d9195b5f763[repository=src] +The default location for downloading leapsecond information has been updated to use the canonical source, as the previous location was no longer supported. +gitref:d19b59cfe594[repository=src] + +The man:powerd[8] daemon is now enabled by default in [.filename]#/etc/rc.conf# on the arm64 `RPI` image for Raspberry Pi systems, allowing the system to run at full speed as needed. +Users with non-default turbo settings may want to disable it. +gitref:e889b5a892b6[repository=src] + +The umask for a service may now be specified in man:rc.conf[5] using the variable _umask, where the service is named . +gitref:2d6a03dd43c7[repository=src] + [[userland-programs]] === Userland Application Changes @@ -138,18 +148,26 @@ The man:objdump[1] utility from LLVM is now available. Some LLVM objdump options have a different output format than GNU objdump; man:readelf[1] is available for inspecting ELF files, and GNU objdump is available from the [.filename]#devel/binutils# port or package. +The man:tftpd[8] server can be configured to allow writes to files in a chrooted environment that are not world-writable using the new `-S` option. +gitref:b71dde1aeba2[repository=src] [[userland-contrib]] === Contributed Software +`expat` has been upgaded to version 2.6.0. + +Several Heimdal security fixes have been applied to mitigate vulnerabilities in the Kerberos Key Distribution Center. + The `libfido2` authentication token library has been updated to version 1.13.0. gitref:b27bad1e0373[repository=src] gitref:079a1c2059e7[repository=src] gitref:d79e0d1735e3[repository=src] (Sponsored by The FreeBSD Foundation) `LLVM` and the `clang` compiler have been upgraded to version 17.0.6. +`nvi` (man:vi[1]) has been upgraded to version 2.2.1. + `sendmail` has been upgraded to version 8.18.1. This version enforces stricter RFC compliance by default, especially with respect to line endings. -This may cause issues with receiving messages from non-compliant MTAs; please see the first 8.18.1 release note in link:https://ftp.sendmail.org/RELEASE_NOTES[https://ftp.sendmail.org/RELEASE_NOTES] for mitigations. +This may cause issues with receiving messages from non-compliant MTAs; please see the first 8.18.1 release note in link:https://ftp.sendmail.org/RELEASE_NOTES[] for mitigations. gitref:b36ddb27b3b9[repository=src] `OpenSSH` has been updated to version 9.6p1, including a number of security fixes. @@ -160,6 +178,11 @@ `tzdata` has been upgraded to version 2024a. +`unbound` has been upgraded to version 1.19.1, including security fixes. +gitref:c6edb21e3763[repository=src] + +`xz` has been upgraded to version 5.4.5. + The man:zlib[3] library has been updated to version 1.3.1. gitref:f2de7ba78a49[repository=src] gitref:05e3998add1c[repository=src] @@ -188,6 +211,18 @@ Multiple PCI MCFG regions are now supported on x86 systems, enabling support for PCI config access for domains (segments) other than 0. gitref:0fb0306a89ad[repository=src] +A problem with the `graid` implementation of Promise RAID1 created with 4 or more disks has been fixed. +The array worked only until reboot. +gitref:94ceefc2f2f5[repository=src] + +The man:iwlwifi[4] driver for Intel wireless interfaces has been updated, supporting chipsets up to B200. +(Sponsored by The FreeBSD Foundation) + +The man:rtw88[4] driver for Realtek wireless PCI interfaces has been updated. + +There have been many stability fixes to native and LinuxKPI-based wireless drivers. +(Sponsored by The FreeBSD Foundation) + The man:smsc[4] driver for USB Ethernet adapters will now obtain the MAC address from bootargs on Raspberry Pi systems that pass it, and will otherwise fall back to use of man:ether_gen_addr[9] to generate a stable MAC address if none is provided by the hardware. gitref:3d96ee7c7dcc[repository=src] @@ -196,6 +231,12 @@ This section covers changes and additions to file systems and other storage subsystems, both local and networked. +[[storage-general]] +=== General Storage + +In the course of debugging and resolving a problem with vnode recycling in the generic file system code, sysctls for vnode-related statistics have been grouped under `vfs.vnode` for greater visibility. +gitref:77a8bd148796[repository=src] + [[storage-nfs]] === NFS Changes @@ -221,7 +262,6 @@ The man:zfsd[8] daemon will now fault disks that generate too many I/O delay events. gitref:e2ce586899ff[repository=src] (Sponsored by Axcient) - [[boot]] == Boot Loader Changes @@ -238,6 +278,15 @@ [[network-general]] === General Network +The logging priority of syslog messages due to overflow of a socket listen queue can now be set using the sysctl `kern.ipc.sooverprio`. +The default is 7, corresponding to LOG_DEBUG. +A value of -1 suppresses logging. +See man:listen[2]. +gitref:773c91ccc892[repository=src] + +The netgraph man:ng_ipfw[4] module no longer truncates cookies to 16 bits, allowing a full 32 bits. +gitref:0b9242dea68c[repository=src] + Support for IPv6 RFC 4620 nodeinfo is now disabled by default. gitref:5c4e8a631097[repository=src] (Sponsored by The FreeBSD Foundation) @@ -245,9 +294,22 @@ to enable pf rdr rules for connections initiated from the host. This can change the behavior of rules which match packets delivered to `lo0`. To enable this feature, use the commands `sysctl net.pf.filter_local=1; service pf restart`. -When enabled, it is best to ensure that packets delivered locally are not filtered, e.g. by adding a "set skip on lo" rule. +When enabled, it is best to ensure that packets delivered locally are not filtered, e.g. by adding a `set skip on lo` rule. gitref:6dfb2c2dce0f[repository=src] +[[hardware]] +== Hardware Support + +This section covers general hardware support for physical machines, as well as hardware changes and updates that do not fit in other sections of this document. + +[[hardware-arch]] +=== Hardware Architecture Support + +The BeagleBone Black (armv7) is no longer supported; it does not work with the current boot files (DTB). + +[[hardware-virtualization]] +=== Virtualization Support + [[future-releases]] == General Notes Regarding Future FreeBSD Releases