Copyright © 2019 The FreeBSD Documentation + Project
FreeBSD is a registered trademark of + the FreeBSD Foundation.
IBM, AIX, OS/2, + PowerPC, PS/2, S/390, and ThinkPad are + trademarks of International Business Machines Corporation in the + United States, other countries, or both.
IEEE, POSIX, and 802 are registered + trademarks of Institute of Electrical and Electronics Engineers, + Inc. in the United States.
Intel, Celeron, Centrino, Core, EtherExpress, i386, + i486, Itanium, Pentium, and Xeon are trademarks or registered + trademarks of Intel Corporation or its subsidiaries in the United + States and other countries.
SPARC, SPARC64, and + UltraSPARC are trademarks of SPARC International, Inc in the United + States and other countries. SPARC International, Inc owns all of the + SPARC trademarks and under licensing agreements allows the proper use + of these trademarks by its members.
Many of the designations used by + manufacturers and sellers to distinguish their products are claimed + as trademarks. Where those designations appear in this document, + and the FreeBSD Project was aware of the trademark claim, the + designations have been followed by the “™” or the + “®” symbol.
The release notes for FreeBSD 11.3-RELEASE contain + a summary of the changes made to the FreeBSD base system on the + 11.3-STABLE development line. This document lists + applicable security advisories that were issued since the last + release, as well as significant changes to the FreeBSD kernel and + userland. Some brief remarks on upgrading are also + presented.
This document contains the release notes for FreeBSD + 11.3-RELEASE. It describes recently added, changed, or + deleted features of FreeBSD. It also provides some notes on + upgrading from previous versions of FreeBSD.
This distribution of FreeBSD
+ 11.3-RELEASE is a release distribution. It can be
+ found at https://www.FreeBSD.org/releases/ or
+ any of its mirrors. More information on obtaining this (or
+ other) release distributions of FreeBSD can be found in the
+ “Obtaining
+ FreeBSD” appendix to the FreeBSD
+ Handbook.
All users are encouraged to consult the release errata + before installing FreeBSD. The errata document is updated with + “late-breaking” information discovered late in the + release cycle or after the release. Typically, it contains + information on known bugs, security advisories, and corrections + to documentation. An up-to-date copy of the errata for FreeBSD + 11.3-RELEASE can be found on the FreeBSD Web site.
This document describes the most user-visible new or changed + features in FreeBSD since 11.2-RELEASE. In general, changes + described here are unique to the 11.3-STABLE branch unless + specifically marked as MERGED features.
Typical release note items document recent security + advisories issued after 11.2-RELEASE, new drivers or hardware + support, new commands or options, major bug fixes, or + contributed software upgrades. They may also list changes to + major ports/packages or release engineering practices. Clearly + the release notes cannot list every single change made to FreeBSD + between releases; this document focuses primarily on security + advisories, user-visible changes, and major architectural + improvements.
[amd64,i386] Binary upgrades between RELEASE versions + (and snapshots of the various security branches) are supported + using the freebsd-update(8) utility. The binary upgrade + procedure will update unmodified userland utilities, as well as + unmodified GENERIC kernels distributed as a part of an official + FreeBSD release. The freebsd-update(8) utility requires that + the host being upgraded have Internet connectivity.
Source-based upgrades (those based on recompiling the FreeBSD
+ base system from source code) from previous versions are
+ supported, according to the instructions in
+ /usr/src/UPDATING.
Upgrading FreeBSD should only be attempted after backing up + all data and configuration files.
This section lists the various Security Advisories and + Errata Notices since 11.2-RELEASE.
| Advisory | Date | Topic |
|---|---|---|
| FreeBSD-SA-18:08.tcp | 06 August 2018 | Resource exhaustion in TCP + reassembly |
| FreeBSD-SA-18:09.l1tf | 14 August 2018 | L1 Terminal Fault (L1TF) Kernel Information + Disclosure |
| FreeBSD-SA-18:10.ip | 14 August 2018 | Resource exhaustion in IP fragment + reassembly |
| FreeBSD-SA-18:11.hostapd | 14 August 2018 | Unauthenticated EAPOL-Key Decryption + Vulnerability |
| FreeBSD-SA-18:12.elf | 12 September 2018 | Improper ELF header parsing |
| FreeBSD-SA-18:13.nfs | 27 November 2018 | Multiple vulnerabilities |
| FreeBSD-SA-18:14.bhyve | 4 December 2018 | Insufficient bounds checking |
| FreeBSD-SA-18:15.bootpd | 19 December 2018 | Buffer overflow |
| FreeBSD-SA-19:01.syscall | 5 February 2019 | Kernel data register leak |
| FreeBSD-SA-19:02.fd | 5 February 2019 | File description reference count + leak |
| FreeBSD-SA-19:03.wpa | 14 May 2019 | Multiple vulnerabilities |
| FreeBSD-SA-19:04.ntp | 14 May 2019 | Authenticated denial of service in + ntpd(8) |
| FreeBSD-SA-19:05.pf | 14 May 2019 | IPv6 fragment reassembly panic in + pf(4) |
| FreeBSD-SA-19:06.pf | 14 May 2019 | ICMP/ICMP6 packet filter bypass in + pf(4) |
| FreeBSD-SA-19:07.mds | 14 May 2019 | Microarchitectural Data Sampling |
| Errata | Date | Topic |
|---|---|---|
| FreeBSD-EN-18:08.lazyfpu | 12 September 2018 | Regression in Lazy FPU remediation |
| FreeBSD-EN-18:09.ip | 27 September 2018 | IP fragment remediation causes + IPv6 reassembly failure |
| FreeBSD-EN-18:10.syscall | 27 September 2018 | Null pointer dereference in
+ |
| FreeBSD-EN-18:11.listen | 27 September 2018 | Denial of service in |
| FreeBSD-EN-18:12.mem | 27 September 2018 | Small kernel memory disclosures in two system + calls |
| FreeBSD-EN-18:13.icmp | 27 November 2018 | ICMP buffer underwrite |
| FreeBSD-EN-18:14.tzdata | 27 November 2018 | Timezone database information + update |
| FreeBSD-EN-18:15.loader | 27 November 2018 | Deferred kernel loading breaks loader + password |
| FreeBSD-EN-18:16.ptrace | 19 December 2018 | Kernel panic when attaching to stopped + process |
| FreeBSD-EN-18:17.vm | 19 December 2018 | Kernel panic under load on Intel® Skylake™ + CPUs |
| FreeBSD-EN-18:18.zfs | 19 December 2018 | ZFS vnode reclaim deadlock |
| FreeBSD-EN-19:03.sqlite | 9 January 2019 | sqlite update |
| FreeBSD-EN-19:04.tzdata | 9 January 2019 | Timezone database information + update |
| FreeBSD-EN-19:05.kqueue | 9 January 2019 | kqueue race condition and kernel + panic |
| FreeBSD-EN-19:08.tzdata | 14 May 2019 | Timezone database information + update |
| FreeBSD-EN-19:09.xinstall | 14 May 2019 | install(1) broken with partially matching + relative paths |
This section covers changes and additions to userland + applications, contributed software, and system utilities.
The jail(8) utility has been
+ updated to include a new jail.conf(5) parameter,
+ allow.read_msgbuf, which prevents jailed
+ processes and users from accessing the dmesg(8) buffer.
+ This parameter is set to false by
+ default. [r339446]
The system crontab(5),
+ /etc/crontab, has been updated to set
+ PATH for consistency with the cron(8)
+ daemon. [r342103]
The default devd.conf(5) has been + updated to prevent duplicated hostapd(8) and + wpa_supplicant(8) startup via devd(8). [r343469]
The cpuset(1), sockstat(1), + ipfw(8), and ugidfw(8) utilities have been updated + to support jail(8) names. [r336040]
The newfs_msdos(8) utililty has
+ been updated to include a new flag, -T,
+ which is used to specify the timestamp for build
+ reproducibility. [r336328]
The dd(1) utility has been updated
+ to add a new statusoperand,
+ progress, which reports the current status
+ on a single line every second. [r338364]
The last(1) utility has been + updated to include libxo(3) support. [r338451]
The lastlogin(8) utility has been + updated to include libxo(3) support. [r338452]
The traceroute(8) utility has been + updated to include libcasper(3) support. [r338475]
The diff(1) utility has been
+ updated to implement -B and
+ --ignore-blank-lines support. [r339160]
The makewhatis(1) utility has been + updated to prevent operating within read-only + directories. [r340963]
The jail(8) utility has been
+ updated to add a new flag, -e, which takes
+ a jail.conf(5) parameter as an argument and prints a list
+ of non-wildcard jails with the specified parameter. [r341790]
The ktrdump(8) utility has been
+ updated to include the -l flag which
+ enables "live" mode when specified. [r342706]
The trim(8) utility has been added, + which deletes content for blocks on flash-based storage + devices that use wear-leveling algorithms. [r343118]
The gzip(1) utility has been
+ updated to add -l support for xz(1)
+ files. [r343251]
The newfs(8) and tunefs(8) + utilities have been updated to allow underscores in label + names. [r343538] + (Sponsored by + Netflix)
The pfctl(8) utility has been
+ updated to provide clearer output and reference the
+ net.pf.request_maxcount sysctl(8)
+ if a defined table is too large. [r344020]
The newfs(8) and tunefs(8) + utilities have been updated to allow dashes in label + names. [r344052]
The fdisk(8) utility has been + updated to support sectors larger than 2048 bytes. [r344490]
The sh(1) utility has been updated
+ to add the pipefail option which simplifies
+ checking the exit status of all commands in a pipeline. [r345561]
The patch(1) utility has been + updated to exit successfully if the input patch file is + zero-length. [r345878]
The xz(1) utility has been updated + to version 5.2.4. [r334607]
The file(1) utility has been + updated to version 5.34. [r337827]
The + ELF Tool Chain has been updated to + version r3614. [r338414] + (Sponsored by + The FreeBSD Foundation)
The
+ lld utility has been updated to add
+ -z interpose, marking the object file as
+ an interposer. [r339100]
+ (Sponsored by
+ The FreeBSD Foundation)
The file(1) utility has been + updated to fix incorrect date reporting for dump(8) + files. [r343079]
The LUA + loader(8) has been merged. [r344220]
The ntpd(8) utilities have been + updated to version 4.2.8p13. [r344884]
Timezone data files have been updated to + version 2019a. [r345670]
The clang, + llvm, + lld, + lldb, and + compiler-rt utilities as well as + libc++ have been updated to + upstream version 8.0.0. [r346296]
The WPA + utilities have been updated to version 2.8. [r346981]
OpenSSL has + been updated to version 1.0.2s. [r348343]
The libarchive(3) library has been + updated to version 3.3.3, with additional fixes from + upstream. [r348607]
OpenPAM has + been updated to the latest upstream version. [r348980]
Support for auxiliary
+ RAM has been added to
+ /etc/rc.initdiskless. [r340611]
The rcorder(8) utility has been
+ updated to add support for
+ /etc/rc.resume. [r340966]
The jail_conf
+ definition, which defaults to
+ /etc/jail.conf, has been moved from
+ the jail(8) rc(8) script to
+ /etc/defaults/rc.conf. [r341792]
The rc_service
+ variable has been added to rc.subr(8), which defaults to
+ the path of the service being executed in case the service
+ needs to re-invoke itself. [r343046]
The periodic(8) weekly
+ 340.noid script has been updated to
+ prevent decending into the root directory of jails. [r341794]
The pcap(3) library has been + updated to version 1.9.0 (pre-release). [r335640]
The setproctitle_fast(3) function + has been added, which is optimized for high-frequency process + title updates. [r336449]
The kqueue(2) system call has been
+ updated to allow updating
+ EVFILT_TIMER. [r337418]
+ (Sponsored by
+ Dell EMC)
The pthread_get_name_np(3) function + has been added, which is used to retrieve the function name + associated with a thread. [r338405]
The pthread(3) library has been + updated to improve POSIX compliance. [r338707]
This section covers changes to kernel configurations, system + tuning, and system control parameters that are not otherwise + categorized.
The ddb(4) debugging utility has been + updated to print command-line arguments to a process. [r339857] + (Sponsored by + Panzura)
The number of MSI
+ IRQs have been converted from a constant to
+ a tunable. The default remains at 512,
+ which can now be changed during boot with the
+ machdep.num_msi_irqs sysctl(8). [r342656]
The kernel will now log the jail(8)
+ ID when logging a process exit. The
+ jail(8) ID 0
+ represents processes that are not jailed. [r343084]
+ (Sponsored by
+ Modirum MDPay)
Warnings for features deprecated in + future releases will now be printed on all FreeBSD + versions. [r348753]
This section covers changes and additions to devices and + device drivers since 11.2-RELEASE.
The ichwd(4) driver has been updated + to include support for TCO watchdog timers + in the Lewisburg PCH (C620) chipset. [r340182] + (Sponsored by + Panzura)
The random(4) driver has been + updated to improve performance during expensive + reseeding. [r345981]
The TP-Link® TL-WN321G™ + network adapter now uses the run(4) driver instead of the + rum(4) driver. [r340369]
The + lagg(4) driver has been updated to allow changing the + MTU without requiring destroying and + recreating the interface. [r342206] + (Sponsored by + iXsystems)
The ccr(4) driver has been added, + providing support for Chelsio® T6™ cryptography + accelerators. [r345040] + (Sponsored by + Chelsio Communications)
The cxgbe(4) driver has been updated + to include support for hash filters, NAT + offloading, and + SMAC/DMAC swapping + filters. [r346855] + (Sponsored by + Chelsio Communications)
The cxgbe(4) T4, T5, and T6 firmware + has been updated to version 1.23.0.0. [r346940] + (Sponsored by + Chelsio Communications)
This section covers general hardware support for physical + machines, hypervisors, and virtualization environments, as well + as hardware changes and updates that do not otherwise fit in + other sections of this document.
This section covers changes and additions to file systems + and other storage subsystems, both local and networked.
Deprecation warnings have been added for + weaker algorithms when creating geli(8) providers. [r348588]
This section covers the boot loader, boot menu, and other + boot-related changes.
The functionality provided by
+ zfsloader has been added to
+ loader(8). Once the system boot blocks have been updated
+ following UPDATING,
+ zfsloader is no longer needed. A hard
+ link to loader(8) has been added to ease in the
+ transition. [r344399]
The loader(8) has been updated to + extend geli(8) support to all architectures. [r344399]
The UEFI boot + loader(8) has been updated to better determine the system + console type and device if not defined in + loader.conf(5). [r344403]
This section describes changes that affect networking in + FreeBSD.
This section covers changes to the FreeBSD Ports + Collection, package infrastructure, and package maintenance and + installation tools.
This section covers changes to the FreeBSD Documentation + Project sources and toolchain.
This file, and other release-related documents, + can be downloaded from https://www.FreeBSD.org/releases/.
For questions about FreeBSD, read the + documentation before + contacting <questions@FreeBSD.org>.
All users of FreeBSD 11.3-STABLE should + subscribe to the <stable@FreeBSD.org> + mailing list.
For questions about this documentation, + e-mail <doc@FreeBSD.org>.
\ No newline at end of file Property changes on: head/en_US.ISO8859-1/htdocs/releases/11.3R/relnotes.html ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +on \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/html \ No newline at end of property