                 FreeBSD/pc98 6.4-RELEASE Release Notes

  The FreeBSD Project

   Copyright (c) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
   The FreeBSD Documentation Project

   $FreeBSD:
   src/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml,v
   1.883.2.93.2.3 2008/11/25 02:19:13 hrs Exp $

   FreeBSD is a registered trademark of the FreeBSD Foundation.

   IBM, AIX, EtherJet, Netfinity, OS/2, PowerPC, PS/2, S/390, and
   ThinkPad are trademarks of International Business Machines
   Corporation in the United States, other countries, or both.

   IEEE, POSIX, and 802 are registered trademarks of Institute of
   Electrical and Electronics Engineers, Inc. in the United States.

   Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and
   Xeon are trademarks or registered trademarks of Intel Corporation
   or its subsidiaries in the United States and other countries.

   Sparc, Sparc64, SPARCEngine, and UltraSPARC are trademarks of
   SPARC International, Inc in the United States and other countries.
   Products bearing SPARC trademarks are based upon architecture
   developed by Sun Microsystems, Inc.

   Many of the designations used by manufacturers and sellers to
   distinguish their products are claimed as trademarks. Where those
   designations appear in this document, and the FreeBSD Project was
   aware of the trademark claim, the designations have been followed
   by the "(TM)" or the "(R)" symbol.

   The release notes for FreeBSD 6.4-RELEASE contain a summary of the
   changes made to the FreeBSD base system on the 6.4-STABLE
   development line. This document lists applicable security
   advisories that were issued since the last release, as well as
   significant changes to the FreeBSD kernel and userland. Some brief
   remarks on upgrading are also presented.

     --------------------------------------------------------------

   Table of Contents

   1 Introduction

   2 What's New

                2.1 Security Advisories

                2.2 Kernel Changes

                             2.2.1 Boot Loader Changes

                             2.2.2 Hardware Support

                             2.2.3 Network Protocols

                             2.2.4 Disks and Storage

                2.3 Userland Changes

                             2.3.1 /etc/rc.d Scripts

                2.4 Contributed Software

                2.5 Ports/Packages Collection Infrastructure

                2.6 Release Engineering and Integration

   3 Upgrading from previous releases of FreeBSD

1 Introduction

   This document contains the release notes for FreeBSD 6.4-RELEASE
   on the NEC PC-98x1 hardware platform. It describes recently added,
   changed, or deleted features of FreeBSD. It also provides some
   notes on upgrading from previous versions of FreeBSD.

   This distribution of FreeBSD 6.4-RELEASE is a release
   distribution. It can be found at ftp://ftp.FreeBSD.org/ or any of
   its mirrors. More information on obtaining this (or other) release
   distributions of FreeBSD can be found in the "Obtaining FreeBSD"
   appendix to the FreeBSD Handbook.

   All users are encouraged to consult the release errata before
   installing FreeBSD. The errata document is updated with
   "late-breaking" information discovered late in the release cycle
   or after the release. Typically, it contains information on known
   bugs, security advisories, and corrections to documentation. An
   up-to-date copy of the errata for FreeBSD 6.4-RELEASE can be found
   on the FreeBSD Web site.

     --------------------------------------------------------------

2 What's New

   This section describes the most user-visible new or changed
   features in FreeBSD since 6.3-RELEASE.

   Typical release note items document recent security advisories
   issued after 6.3-RELEASE, new drivers or hardware support, new
   commands or options, major bug fixes, or contributed software
   upgrades. They may also list changes to major ports/packages or
   release engineering practices. Clearly the release notes cannot
   list every single change made to FreeBSD between releases; this
   document focuses primarily on security advisories, user-visible
   changes, and major architectural improvements.

     --------------------------------------------------------------

  2.1 Security Advisories

   Problems described in the following security advisories has been
   fixed. For more information, consult the individual advisories
   available from http://security.FreeBSD.org/.

        Advisory             Date                   Topic             
   SA-08:03.sendfile   14 February 2008 sendfile(2) write-only file   
                                        permission bypass             
   SA-08:05.openssh    17 April 2008    OpenSSH X11-forwarding        
                                        privilege escalation          
   SA-08:06.bind       13 July 2008     DNS cache poisoning           
   SA-08:07.amd64      3 September 2008 amd64 swapgs local privilege  
                                        escalation                    
   SA-08:09.icmp6      3 September 2008 Remote kernel panics on IPv6  
                                        connections                   
                                        IPv6 Neighbor Discovery       
   SA-08:10.nd6        1 October 2008   Protocol routing              
                                        vulnerability                 
   SA-08:11.arc4random 24 November 2008 arc4random(9) predictable     
                                        sequence vulnerability        

     --------------------------------------------------------------

  2.2 Kernel Changes

   The opencrypto framework (crypto(9)) and ipsec(4) subsystem now
   support Camellia block cipher.

   The FreeBSD kernel malloc(9) now supports buffer corruption
   protection (RedZone). This detects both buffer underflow and
   buffer overflow bugs at runtime on free(9) and realloc(9) and
   prints backtraces from where memory was allocated and from where
   it was freed. For more details, see DEBUG_REDZONE kernel option.

   The client side functionality of rpc.lockd(8) has been implemented
   in FreeBSD kernel. This implementation provides the correct
   semantics for flock(2) style locks which are used by the lockf(1)
   command line tool and the pidfile(3) library. It also implements
   recovery from server restarts and ensures that dirty cache blocks
   are written to the server before obtaining locks (allowing
   multiple clients to use file locking to safely share data). Also,
   a new kernel option options NFSLOCKD has been added and enabled by
   default. If the kernel support is enabled, rpc.lockd(8)
   automatically detects and uses the functionality.

     --------------------------------------------------------------

    2.2.1 Boot Loader Changes

   FreeBSD now support booting from GPT-labeled disks from the BIOS.

     --------------------------------------------------------------

    2.2.2 Hardware Support

   The acpi_asus(4) driver now supports Asus EeePC backlight control.

     --------------------------------------------------------------

      2.2.2.1 Multimedia Support

   The DRM driver now supports i915 GME device.

     --------------------------------------------------------------

      2.2.2.2 Network Interface Support

   The bge(4) driver now supports BCM5906-based adapters.

     --------------------------------------------------------------

    2.2.3 Network Protocols

   The dummynet(4) subsystem now supports fast mode operation which
   allows certain packets to bypass the dummynet scheduler. This can
   achieve lower latency and lower overhead when the packet flow is
   under the pipe bandwidth, and eliminate recursion in the
   subsystem. The new sysctl variable net.inet.ip.dummynet.io_fast
   has been added to enable this feature.

   The resolver(3) now allows underscore in domain names. Although
   this is a violation of RFC 1034 [STD 13], it is accepted by
   certain name servers as well as other popular operating systems'
   resolver library.

     --------------------------------------------------------------

    2.2.4 Disks and Storage

   The aac(4) driver now supports 64-bit array support for RAIDs
   larger than 2TB and simultaneous opens of the device for issuing
   commands to the controller.

   A data corruption problem of the ata(4) driver on ServerWorks
   HT1000 chipsets has been fixed.

   Stability of the iir(4) driver has been improved.

   The mpt(4) driver now supports mpt_user personality.

     --------------------------------------------------------------

  2.3 Userland Changes

   The bsdtar(1) utility now supports the following options:
   --numeric-owner, -S, and -s.

   A bug in cp(1) utility which prevents POSIX.1e ACL (see also
   acl(3)) from copying properly has been fixed.

   The cron(8) utility now supports -m flag which overrides the
   default mail recipient for cron mails unless explicitly provided
   by MAILTO= line in crontab file.

   The cvs(1) now supports -n flag which is the opposite of -N flag.

   The dump(8) and restore(8) utility now support extended attributes
   (see also extattr(9)).

   The fortune(6) program now supports FORTUNE_PATH environment
   variable to specify search path of the fortune files.

   A bug in the fortune(6) program that prevents -e option with
   multiple files from working has been fixed.

   The freebsd-update.conf(5) now supports IDSIgnorePaths statement.

   The fwcontrol(8) utility now supports -f node option which
   specifies node as the root node on the next bus reset.

   The make(1) utility now supports :u variable modifier which
   removes adjacent duplicate words.

   The incorrect output grammer of morse(6) program has been fixed.

   The mountd(8) utility now supports -h bindip option which
   specifies IP addresses to bind to for TCP and UDP requests. This
   option may be specified multiple times. If no -h option is
   specified, INADDR_ANY will be used. Note that when specifying IP
   addresses with this option, it will automatically add 127.0.0.1
   and if IPv6 is enabled, ::1 to the list.

   The moused(8) utility now supports -L flag which changes the speed
   of scrolling and changes -U option behavior to only affect the
   scroll threshold.

   The mv(1) now support POSIX specification when moving a directory
   to an existing directory across devices.

   The periodic(8) now supports daily_status_mail_rejects_shorten
   configuration variable in periodic.conf(5). This allows the
   rejected mail reports to tally the rejects per blacklist without
   providing details about individual sender hosts. The default
   configuration keeps the reports in their original form.

   The ping6(8) now uses exit status of 0 and 2 in the same manner as
   ping(8).

   A bug in telnetd(8) that it attempts authentication even when -a
   all option is specified has been fixed.

   The top(1) and vmstat(8) now support -P flag which displays
   per-CPU statistics.

   The watch(8) utility now supports more than 10 snp(4) devices at a
   time.

     --------------------------------------------------------------

    2.3.1 /etc/rc.d Scripts

   The ike rc(8) script has been removed.

   The rc.conf(5) now supports dummynet_enable variable which allow
   dummynet(4) kernel module to be loaded when firewall_enable is
   YES.

   The ppp rc(8) script now supports multiple instances. For more
   details, see description of ppp_profile variable in rc.conf(5).

   The rfcomm_pppd_server rc(8) script which allows start
   rfcomm_pppd(8) in server mode at boot time, has been added.
   Multiple profiles can be started at the same time. For more
   details, see rc.conf(5).

   The sysctl rc(8) script now supports loading
   /etc/sysctl.conf.local in addition to /etc/sysctl.conf.

   The rc.conf(5) now supports configuration of interfaces and
   attached networks for firewall rule set by rc.firewall when
   firewall_type is simple or client. See firewall_client_net,
   firewall_simple_iif, firewall_simple_inet, firewall_simple_oif,
   and firewall_simple_onet.

     --------------------------------------------------------------

  2.4 Contributed Software

   am-utils has been updated to version 6.1.5.

   ISC BIND has been updated to version 9.3.5-P2.

   bzip2 has been updated from 1.0.4 to 1.0.5.

   NTP has been updated to version 4.2.4p5.

   FILE has been updated to version 4.21.

   libarchive has been virtually updated to 2.5.4b. Note that the
   internal version number remains 1.9.25 because the API/ABI
   compatibility is preserved.

   ncurses library has been updated to version 5.6-20080503.

   OpenPAM has been updated to Hydrangea release.

   sendmail has been updated from 8.14.2 to 8.14.3.

   tcsh has been updated to version 6.15.00.

   The timezone database has been updated from the tzdata2007k
   release to the tzdata2008e release.

     --------------------------------------------------------------

  2.5 Ports/Packages Collection Infrastructure

   The pkg_install utilities have been upgraded to snapshot on
   8.0-CURRENT as of May 30, 2008.

   The pkg_sign(1) and the pkg_check(1) utility have been removed.

     --------------------------------------------------------------

  2.6 Release Engineering and Integration

   The supported version of the GNOME desktop environment
   (x11/gnome2) has been updated from 2.20.1 to 2.22.3.

   The supported version of the KDE desktop environment (x11/kde3)
   has been updated from 3.5.8 to 3.5.10.

     --------------------------------------------------------------

3 Upgrading from previous releases of FreeBSD

   Source upgrades to FreeBSD 6.4-RELEASE are only supported from
   FreeBSD 5.3-RELEASE or later. Users of older systems wanting to
   upgrade 6.4-RELEASE will need to update to FreeBSD 5.3 or newer
   first, then to FreeBSD 6.4-RELEASE.

     Important: Upgrading FreeBSD should, of course, only be
     attempted after backing up all data and configuration files.

     --------------------------------------------------------------

 This file, and other release-related documents, can be downloaded from
                        ftp://ftp.FreeBSD.org/.

 For questions about FreeBSD, read the documentation before contacting
                        <questions@FreeBSD.org>.

   For questions about this documentation, e-mail <doc@FreeBSD.org>.
