Copyright © 2015 The FreeBSD Documentation +
Copyright © 2015 The FreeBSD Documentation Project
FreeBSD is a registered trademark of the FreeBSD Foundation.
IBM, AIX, OS/2, PowerPC, PS/2, S/390, and ThinkPad are trademarks of International Business Machines Corporation in the United States, other countries, or both.
IEEE, POSIX, and 802 are registered trademarks of Institute of Electrical and Electronics Engineers, Inc. in the United States.
Intel, Celeron, Centrino, Core, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
SPARC, SPARC64, and UltraSPARC are trademarks of SPARC International, Inc in the United States and other countries. SPARC International, Inc owns all of the SPARC trademarks and under licensing agreements allows the proper use of these trademarks by its members.
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the “™” or the - “®” symbol.
The release notes for FreeBSD 10.2-STABLE contain + “®” symbol.
The release notes for FreeBSD 10.2-STABLE contain a summary of the changes made to the FreeBSD base system on the 10.2-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.
This document contains the release notes for FreeBSD 10.2-STABLE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.
The snapshot distribution to
which these release notes apply represents a point along the
10.2-STABLE development branch between 10.2-RELEASE and
the future 10.3-RELEASE. Information regarding pre-built,
binary snapshot distributions along this branch can be
found at https://www.FreeBSD.org/snapshots/.
All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with “late-breaking” information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD 10.2-STABLE can be found on the FreeBSD Web site.
This document describes the most user-visible new or changed features in FreeBSD since 10.2-RELEASE.
Typical release note items document recent security advisories issued after 10.2-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.
[amd64,i386] Binary upgrades between RELEASE versions
(and snapshots of the various security branches) are supported
using the freebsd-update(8) utility. The binary upgrade
procedure will update unmodified userland utilities, as well as
unmodified GENERIC kernel distributed as
a part of an official FreeBSD release. The freebsd-update(8)
utility requires that the host being upgraded have Internet
connectivity.
Source-based upgrades (those based on recompiling the FreeBSD
base system from source code) from previous versions are
supported, according to the instructions in
/usr/src/UPDATING.
Upgrading FreeBSD should only be attempted after backing up all data and configuration files.
This section lists the various Security Advisories and Errata Notices since 10.2-RELEASE.
| Advisory | Date | Topic |
|---|---|---|
| FreeBSD-SA-15:20.expat | 18 August 2015 | Fix multiple integer overflows in libbsdxml(3). |
| FreeBSD-SA-15:22.openssh | 25 August 2015 | Multiple vulnerabilities |
| FreeBSD-SA-15:24.rpcbind | 29 September 2015 | Remote denial of service |
| FreeBSD-SA-15:25.ntp | 26 October 2015 | Multiple vulnerabilities |
| FreeBSD-SA-15:26.openssl | 5 December 2015 | Multiple vulnerabilities |
| FreeBSD-SA-16:01.sctp | 14 January 2016 | ICMPv6 error message vulnerability |
| FreeBSD-SA-16:02.ntp | 14 January 2016 | Panic threshold bypass vulnerability |
| FreeBSD-SA-16:03.linux | 14 January 2016 | Incorrect |
| FreeBSD-SA-16:04.linux | 14 January 2016 | setgroups(2) system call vulnerability |
| FreeBSD-SA-16:05.tcp | 14 January 2016 | MD5 signature denial of service |
| FreeBSD-SA-16:06.bsnmpd | 14 January 2016 | Insecure default configuration file permissions |
| FreeBSD-SA-16:07.openssh | 14 January 2016 | OpenSSH client information leak |
| FreeBSD-SA-16:09.ntp | 27 January 2016 | Multiple vulnerabilities. |
| FreeBSD-SA-16:10.linux | 27 January 2016 | issetugid(2) system call vulnerability. |
| FreeBSD-SA-16:11.openssl | 30 January 2016 | SSLv2 cipher suite downgrade vulnerability. |
| Errata | Date | Topic |
|---|---|---|
| FreeBSD-EN-15:11.toolchain | 18 August 2015 | Fix make(1) syntax errors when upgrading from FreeBSD 9.x and earlier. |
| FreeBSD-EN-15:12.netstat | 18 August 2015 | Fix incorrect netstat(1) data handling on 32-bit systems. |
| FreeBSD-EN-15:13.vidcontrol | 18 August 2015 | Allow size argument to vidcontrol(1) for syscons(4). |
| FreeBSD-EN-15:15.pkg | 25 August 2015 | Insufficient check of supported pkg(7) signature methods. |
| FreeBSD-EN-15:16.pw | 16 September 2015 | Fix pw(8) regression when creating numeric users or groups. |
| FreeBSD-EN-15:17.libc | 16 September 2015 | Fix libc handling of signals for multi-threaded processes. |
| FreeBSD-EN-15:18.pkg | 16 September 2015 | Implement |
| FreeBSD-EN-15:19.kqueue | 4 November 2015 | kqueue(2) write events never fire for files larger than 2GB. |
| FreeBSD-EN-15:20.vm | 4 November 2015 | Applications exiting due to segmentation violation on a correct memory address. |
| FreeBSD-EN-16:01.filemon | 14 January 2016 | bmake and filemon(4) stability issues. |
| FreeBSD-EN-16:02.pf | 14 January 2016 | Invalid TCP checksum issue. |
| FreeBSD-EN-16:03.yplib | 14 January 2016 | YP/NIS library bug. |
This section covers changes and additions to userland applications, contributed software, and system utilities.
The jail(8) utility has been
updated to include a new flag, -l, which
ensures a clean environment in the target jail when used.
Additionally, jail(8) will run a shell within the target
jail when run no commands are specified. [r286064]
The mkimg(1) utility has been
updated to include support for NTFS
filesystems in both MBR and
GPT partitioning schemes. [r287122]
The
ar(1) utility now enables deterministic mode
(-D) by default. This behavior can be
disabled by specifying the -U flag. [r288202]
(Sponsored by
The FreeBSD Foundation)
The pciconf(8) utility has been
updated to use the PCI ID database from the misc/pciids package, if present,
falling back to the PCI ID database in the FreeBSD base
system. [r287746]
A new utility, sesutil(8), has been added, which is used to manage ses(4) devices. [r288710] (Sponsored by - Gandi.net)
The libarchive(3) library has been + Gandi.net)
The cp(1) utility has been updated
+ to include a new flag, -s, which creates
+ a symbolic link to the specified source. [r291774]
Support for the
+ -manage-gids has been added to
+ nfsd(8). This option can be enabled at boot time by
+ adding nfs_server_managegids="YES" to
+ rc.conf(5). [r292231]
The resolver library has been updated to
+ reload /etc/resolv.conf if the
+ modification time has changed. [r292462]
+ (Sponsored by
+ Dell, Inc.)
The + initial implementation of “reroot” support has + been added to the shutdown(8) utility, allowing the root + filesystem to be mounted from a temporary source filesystem + without requiring a full system reboot. [r293744] + (Sponsored by + The FreeBSD Foundation)
The libarchive(3) library has been updated to properly skip a sparse file entry in a tar(1) file, which would previously produce errors. [r286082]
Timezone data files have been updated to - version 2015f. [r286751]
/etc/periodic
+ version 2015f. [r286751]The file(1) utility has been + updated to version 5.25. [r290152]
The xz(1) utility has been updated + to version 5.2.2, which provides support for multi-threaded + compression. [r292588]
The ntpd(8) utility has been + updated to version 4.2.8p5. [r293650]
The unbound(8) utility has been + updated to version 1.5.7. [r294190]
The less(1) utility has been + updated to version v481. [r294286]
The OpenSSH + suite has been updated to version 7.1p2. [r295367]
The
+ unbound-control-setup script has been
+ removed from the base system. [r295690]
The unbound(8) utility has been
+ updated to enable the insecure-lan-zones
+ option in preference of listing each AS112
+ zone individually. [r295691]
The OpenSSL + suite has been updated to version 1.0.1s. [r296317]
The bsdinstall(8) utility has + been updated to support ZFS installation + on EFI-based systems. [r295264] + (Sponsored by + ScaleEngine, Inc.)
This section covers changes to kernel configurations, system tuning, and system control parameters that are not otherwise categorized.
This section covers changes and additions to devices and device drivers since 10.2-RELEASE.
This section covers general hardware support for physical + to support CD-ROM and removable devices. [r288810]
This section covers general hardware support for physical machines, hypervisors, and virtualization environments, as well as hardware changes and updates that do not otherwise fit in - other sections of this document.
The xen(4) driver has been updated + other sections of this document.
The ismt(4) driver has been added, + providing support for recent Intel® SMBus 2.0 + controllers. [r293675]
This section covers changes and additions to file systems and other storage subsystems, both local and networked.
The zfs(8) l2arc
code has been updated to take ashift into
account when gathering buffers to be written to the
l2arc device. [r287665]
(Sponsored by
ClusterHQ)
This section covers the boot loader, boot menu, and other - boot-related changes.
This section describes changes that affect networking in + boot-related changes.
Initial terminal emulation support has
+ been added to loader.efi for
+ UEFI-based systems. [r294445]
Initial ZFS boot + support has been added to the EFI + implementation. [r294999] + (Sponsored by + Multiplay)
The UEFI loader has
+ been updated to support multiple ZFS boot
+ environments, such as those provided by sysutils/beadm. [r295475]
+ (Sponsored by
+ ScaleEngine, Inc.)
This section describes changes that affect networking in FreeBSD.
This section covers changes to the FreeBSD Ports Collection, package infrastructure, and package maintenance and installation tools.
This section covers changes to the FreeBSD Documentation Project sources and toolchain.
This file, and other release-related documents, can be downloaded from https://www.FreeBSD.org/snapshots/.
For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.
All users of FreeBSD 10.2-STABLE should subscribe to the <stable@FreeBSD.org> mailing list.
For questions about this documentation, e-mail <doc@FreeBSD.org>.
\ No newline at end of file