Index: head/en_US.ISO8859-1/htdocs/releases/12.0R/share/xml/errata.xml =================================================================== --- head/en_US.ISO8859-1/htdocs/releases/12.0R/share/xml/errata.xml (revision 53312) +++ head/en_US.ISO8859-1/htdocs/releases/12.0R/share/xml/errata.xml (revision 53313) @@ -1,131 +1,145 @@ Errata Date Topic FreeBSD-EN-19:01.cc_cubic 9 January 2019 Connection stalls with CUBIC congestion control FreeBSD-EN-19:02.tcp 9 January 2019 TCP connections may stall and eventually fail in case of packet loss FreeBSD-EN-19:03.sqlite 9 January 2019 sqlite update FreeBSD-EN-19:04.tzdata 9 January 2019 Timezone database information update FreeBSD-EN-19:06.dtrace 5 February 2019 DTrace incompatibility with SMAP-enabled systems FreeBSD-EN-19:07.lle 5 February 2019 LLE table lookup code race condition FreeBSD-EN-19:08.tzdata 14 May 2019 Timezone database information update FreeBSD-EN-19:09.xinstall 14 May 2019 &man.install.1; broken with partially matching relative paths FreeBSD-EN-19:10.scp 14 May 2019 Insufficient filename validation in &man.scp.1; client FreeBSD-EN-19:11.net 19 June 2019 Incorrect locking in networking stack FreeBSD-EN-19:12.tzdata 2 July 2019 Timezone database information update FreeBSD-EN-19:13.mds 24 July 2019 System crash from Intel CPU vulnerability mitigation FreeBSD-EN-19:14.epoch 6 August 2019 Incorrect locking FreeBSD-EN-19:15.libunwind 6 August 2019 Incorrect exception handling + + + FreeBSD-EN-19:16.bhyve + 20 August 2019 + Instruction emulation improvements + + + + FreeBSD-EN-19:17.ipfw + 20 August 2019 + "jail" keyword fix + Index: head/en_US.ISO8859-1/htdocs/releases/12.0R/share/xml/security.xml =================================================================== --- head/en_US.ISO8859-1/htdocs/releases/12.0R/share/xml/security.xml (revision 53312) +++ head/en_US.ISO8859-1/htdocs/releases/12.0R/share/xml/security.xml (revision 53313) @@ -1,176 +1,197 @@ Advisory Date Topic FreeBSD-SA-18:15.bootpd 19 December 2018 Buffer overflow FreeBSD-SA-19:01.syscall 5 February 2019 Kernel data register leak FreeBSD-SA-19:02.fd 5 February 2019 File description reference count leak FreeBSD-SA-19:03.wpa 14 May 2019 Multiple vulnerabilities FreeBSD-SA-19:04.ntp 14 May 2019 Authenticated denial of service in &man.ntpd.8; FreeBSD-SA-19:05.pf 14 May 2019 IPv6 fragment reassembly panic in &man.pf.4; FreeBSD-SA-19:06.pf 14 May 2019 ICMP/ICMP6 packet filter bypass in &man.pf.4; FreeBSD-SA-19:07.mds 14 May 2019 Microarchitectural Data Sampling FreeBSD-SA-19:08.rack 19 June 2019 Resource exhaustion in non-default RACK TCP stack FreeBSD-SA-19:09.iconv 2 July 2019 &man.iconv.3; buffer overflow FreeBSD-SA-19:10.ufs 2 July 2019 Kernel stack disclosure FreeBSD-SA-19:11.cd_ioctl 2 July 2019 Privilege escalation in &man.cd.4; FreeBSD-SA-19:12.telnet 24 July 2019 Multiple vulnerabilities FreeBSD-SA-19:13.pts 24 July 2019 Write-after-free vulnerability FreeBSD-SA-19:15.mqueuefs 24 July 2019 Reference count overflow FreeBSD-SA-19:16.bhyve 24 July 2019 &man.xhci.4; out-of-bounds read FreeBSD-SA-19:17.fd 24 July 2019 Reference count leak FreeBSD-SA-19:18.bzip2 6 August 2019 Multiple vulnerabilities FreeBSD-SA-19:19.mldv2 6 August 2019 Out-of-bounds memory access FreeBSD-SA-19:20.bsnmp 6 August 2019 Insufficient message length validation FreeBSD-SA-19:21.bhyve 6 August 2019 Insufficient validation of guest-supplied data + + + FreeBSD-SA-19:22.mbuf + 20 August 2019 + IPv6 remove denial-of-service + + + + FreeBSD-SA-19:23.midi + 20 August 2019 + Kernel memory disclosure + + + + FreeBSD-SA-19:24.mqueuefs + 20 August 2019 + Reference count overflow + Index: head/en_US.ISO8859-1/htdocs/releases/12.1R/relnotes/relnotes.xml =================================================================== --- head/en_US.ISO8859-1/htdocs/releases/12.1R/relnotes/relnotes.xml (revision 53312) +++ head/en_US.ISO8859-1/htdocs/releases/12.1R/relnotes/relnotes.xml (revision 53313) @@ -1,793 +1,828 @@ %release; %sponsor; %vendor; ]>
&os; &release.current; Release Notes The &os; Project $FreeBSD$ 2019 The &os; Documentation Project &tm-attrib.freebsd; &tm-attrib.ibm; &tm-attrib.ieee; &tm-attrib.intel; &tm-attrib.sparc; &tm-attrib.general; The release notes for &os; &release.current; contain a summary of the changes made to the &os; base system on the &release.branch; development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the &os; kernel and userland. Some brief remarks on upgrading are also presented. Introduction This document contains the release notes for &os; &release.current;. It describes recently added, changed, or deleted features of &os;. It also provides some notes on upgrading from previous versions of &os;. The &release.type; distribution to which these release notes apply represents the latest point along the &release.branch; development branch since &release.branch; was created. Information regarding pre-built, binary &release.type; distributions along this branch can be found at &release.url;. The &release.type; distribution to which these release notes apply represents a point along the &release.branch; development branch between &release.prev; and the future &release.next;. Information regarding pre-built, binary &release.type; distributions along this branch can be found at &release.url;. This distribution of &os; &release.current; is a &release.type; distribution. It can be found at &release.url; or any of its mirrors. More information on obtaining this (or other) &release.type; distributions of &os; can be found in the Obtaining &os; appendix to the &os; Handbook. All users are encouraged to consult the release errata before installing &os;. The errata document is updated with late-breaking information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for &os; &release.current; can be found on the &os; Web site. This document describes the most user-visible new or changed features in &os; since &release.prev;. In general, changes described here are unique to the &release.branch; branch unless specifically marked as &merged; features. Typical release note items document recent security advisories issued after &release.prev;, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to &os; between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements. Upgrading from Previous Releases of &os; Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the &man.freebsd-update.8; utility. The binary upgrade procedure will update unmodified userland utilities, as well as unmodified GENERIC kernels distributed as a part of an official &os; release. The &man.freebsd-update.8; utility requires that the host being upgraded have Internet connectivity. Source-based upgrades (those based on recompiling the &os; base system from source code) from previous versions are supported, according to the instructions in /usr/src/UPDATING. Upgrading &os; should only be attempted after backing up all data and configuration files. Security and Errata This section lists the various Security Advisories and Errata Notices since &release.prev;. Security Advisories Advisory Date Topic FreeBSD-SA-18:15.bootpd 19 December 2018 Buffer overflow FreeBSD-SA-19:01.syscall 5 February 2019 Kernel data register leak FreeBSD-SA-19:02.fd 5 February 2019 File description reference count leak FreeBSD-SA-19:03.wpa 14 May 2019 Multiple vulnerabilities FreeBSD-SA-19:04.ntp 14 May 2019 Authenticated denial of service in &man.ntpd.8; FreeBSD-SA-19:05.pf 14 May 2019 IPv6 fragment reassembly panic in &man.pf.4; FreeBSD-SA-19:06.pf 14 May 2019 ICMP/ICMP6 packet filter bypass in &man.pf.4; FreeBSD-SA-19:07.mds 14 May 2019 Microarchitectural Data Sampling FreeBSD-SA-19:08.rack 19 June 2019 Resource exhaustion in non-default RACK TCP stack FreeBSD-SA-19:09.iconv 2 July 2019 &man.iconv.3; buffer overflow FreeBSD-SA-19:10.ufs 2 July 2019 Kernel stack disclosure FreeBSD-SA-19:11.cd_ioctl 2 July 2019 Privilege escalation in &man.cd.4; FreeBSD-SA-19:12.telnet 24 July 2019 Multiple vulnerabilities FreeBSD-SA-19:13.pts 24 July 2019 Write-after-free vulnerability FreeBSD-SA-19:15.mqueuefs 24 July 2019 Reference count overflow FreeBSD-SA-19:16.bhyve 24 July 2019 &man.xhci.4; out-of-bounds read FreeBSD-SA-19:17.fd 24 July 2019 Reference count leak FreeBSD-SA-19:18.bzip2 6 August 2019 Multiple vulnerabilities FreeBSD-SA-19:19.mldv2 6 August 2019 Out-of-bounds memory access FreeBSD-SA-19:20.bsnmp 6 August 2019 Insufficient message length validation FreeBSD-SA-19:21.bhyve 6 August 2019 Insufficient validation of guest-supplied data + + + FreeBSD-SA-19:22.mbuf + 20 August 2019 + IPv6 remove denial-of-service + + + + FreeBSD-SA-19:23.midi + 20 August 2019 + Kernel memory disclosure + + + + FreeBSD-SA-19:24.mqueuefs + 20 August 2019 + Reference count overflow + Errata Notices Errata Date Topic FreeBSD-EN-19:01.cc_cubic 9 January 2019 Connection stalls with CUBIC congestion control FreeBSD-EN-19:02.tcp 9 January 2019 TCP connections may stall and eventually fail in case of packet loss FreeBSD-EN-19:03.sqlite 9 January 2019 sqlite update FreeBSD-EN-19:04.tzdata 9 January 2019 Timezone database information update FreeBSD-EN-19:06.dtrace 5 February 2019 DTrace incompatibility with SMAP-enabled systems FreeBSD-EN-19:07.lle 5 February 2019 LLE table lookup code race condition FreeBSD-EN-19:08.tzdata 14 May 2019 Timezone database information update FreeBSD-EN-19:09.xinstall 14 May 2019 &man.install.1; broken with partially matching relative paths FreeBSD-EN-19:10.scp 14 May 2019 Insufficient filename validation in &man.scp.1; client FreeBSD-EN-19:11.net 19 June 2019 Incorrect locking in networking stack FreeBSD-EN-19:12.tzdata 2 July 2019 Timezone database information update FreeBSD-EN-19:13.mds 24 July 2019 System crash from Intel CPU vulnerability mitigation FreeBSD-EN-19:14.epoch 6 August 2019 Incorrect locking FreeBSD-EN-19:15.libunwind 6 August 2019 Incorrect exception handling + + + + FreeBSD-EN-19:16.bhyve + 20 August 2019 + Instruction emulation improvements + + + + FreeBSD-EN-19:17.ipfw + 20 August 2019 + "jail" keyword fix Userland This section covers changes and additions to userland applications, contributed software, and system utilities. Userland Configuration Changes   Userland Application Changes The &man.lockf.1; utility has been updated to return EX_UNAVAILABLE if the -n flag is used and the lock file does not exist. The &man.ktrdump.8; utility has been updated to include the -l flag which enables "live" mode when specified. The &man.gzip.1; utility has been updated to add -l support for &man.xz.1; files. The &man.trim.8; utility has been added, which deletes content for blocks on flash-based storage devices that use wear-leveling algorithms. The &man.sh.1; utility has been updated to include a new pipefail option, which when set, changes the exit status of a pipeline to the last non-zero exit status of any command in the pipeline. The &man.mlx5tool.8; utility has been updated to implement firmware update capability for ConnectX-4®, ConnectX-5®, and ConnectX-6®. The &man.posixshmcontrol.1; utility has been added. The &man.swapon.8; utility has been updated to invoke BIO_DELETE to trim swap devices if either the -E flag is used on the command line, or if the trimonce option is included in &man.fstab.5;. Contributed Software BearSSL has been imported to the base system. The &man.ntpd.8; suite of utilities have been updated to version 4.2.8p13. The WPA utilities have been updated to version 2.7. The &man.tcpdump.1; utility has been updated to disable &man.capsicum.4; support when the -E flag is used. The &man.bsnmpd.1; utility has been updated to includeIPv6 transport support. OpenSSL has been updated to version 1.1.1c. The &man.mandoc.1; utility has been updated to version 1.14.5. The &man.libarchive.3; library has been updated to version 3.4.0. The timezone database files have been updated to version 2019b. The &man.bzip2.1; utility has been updated to version 1.0.7. The clang, llvm, lld, lldb, compiler-rt utilities and libc++ have been updated to version 8.0.1. The lld linker has been enabled by default for &arch.i386;. The bzip2recover utility has been added. Deprecated Applications The &man.ctm.1; utility has been marked as deprecated, and has been removed in &os; 13.0. The &man.timed.8; utility has been marked as deprecated, and has been removed in &os; 13.0. Installation and Configuration Tools   <filename class="directory">/etc/rc.d</filename> Scripts   Runtime Libraries and API The libomp library has been added. ABI Compatibility   Kernel This section covers changes to kernel configurations, system tuning, and system control parameters that are not otherwise categorized. General Kernel Changes The pci_vendors list has been updated to version 2019.01.29. Kernel Bug Fixes   Kernel Configuration   Devices and Drivers This section covers changes and additions to devices and device drivers since &release.prev;. Device Drivers   Network Drivers   Deprecated Drivers   Hardware Support This section covers general hardware support for physical machines, hypervisors, and virtualization environments, as well as hardware changes and updates that do not otherwise fit in other sections of this document. Hardware Support   Graphics Support   Virtualization Support   ARM Support   Storage This section covers changes and additions to file systems and other storage subsystems, both local and networked. General Storage The &man.camcontrol.8; utility has been updated to add ATA power mode support. Networked Storage   ZFS   Boot Loader Changes This section covers the boot loader, boot menu, and other boot-related changes. Boot Loader Changes   Networking This section describes changes that affect networking in &os;. General Network The &man.ipfw.8; utility has been updated to fix showing headers outside of "all" when executing ipfw table list. Support for NAT64 CLAT has been added, as defined in RFC6877. The net.inet.tcp.rexmit_initial &man.sysctl.8; has been added, used for setting RTO.Initial, used by TCP. Support for GRE-in-UDP encapsulation has been added, as defined in RFC8086. Network Protocols   Ports Collection and Package Infrastructure This section covers changes to the &os; Ports Collection, package infrastructure, and package maintenance and installation tools. Packaging Changes   Documentation This section covers changes to the &os; Documentation Project sources and toolchain. Documentation Source Changes   Release Engineering and Integration This section convers changes that are specific to the &os; Release Engineering processes. Integration Changes