aboutsummaryrefslogtreecommitdiff
path: root/en_US.ISO8859-1/htdocs/releases/4.7R/relnotes-i386.html
diff options
context:
space:
mode:
Diffstat (limited to 'en_US.ISO8859-1/htdocs/releases/4.7R/relnotes-i386.html')
-rw-r--r--en_US.ISO8859-1/htdocs/releases/4.7R/relnotes-i386.html1174
1 files changed, 1174 insertions, 0 deletions
diff --git a/en_US.ISO8859-1/htdocs/releases/4.7R/relnotes-i386.html b/en_US.ISO8859-1/htdocs/releases/4.7R/relnotes-i386.html
new file mode 100644
index 0000000000..5ebf82d6e2
--- /dev/null
+++ b/en_US.ISO8859-1/htdocs/releases/4.7R/relnotes-i386.html
@@ -0,0 +1,1174 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+ <head>
+ <meta name="generator" content="HTML Tidy, see www.w3.org">
+ <title>FreeBSD/i386 4.7-RELEASE Release Notes</title>
+ <meta name="GENERATOR" content=
+ "Modular DocBook HTML Stylesheet Version 1.73 ">
+ <link rel="STYLESHEET" type="text/css" href="docbook.css">
+ </head>
+
+ <body class="ARTICLE" bgcolor="#FFFFFF" text="#000000" link=
+ "#0000FF" vlink="#840084" alink="#0000FF">
+ <div class="ARTICLE">
+ <div class="TITLEPAGE">
+ <h1 class="TITLE"><a name="AEN2">FreeBSD/i386 4.7-RELEASE
+ Release Notes</a></h1>
+
+ <h3 class="CORPAUTHOR">The FreeBSD Project</h3>
+
+ <p class="COPYRIGHT">Copyright &copy; 2000, 2001, 2002 by
+ The FreeBSD Documentation Project</p>
+
+ <p class="PUBDATE">$FreeBSD:
+ src/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml,v
+ 1.22.2.300 2002/09/30 19:03:49 dd Exp $<br>
+ </p>
+
+ <div>
+ <div class="ABSTRACT">
+ <a name="AEN11"></a>
+
+ <p>The release notes for FreeBSD 4.7-RELEASE contain a
+ summary of the changes made to the FreeBSD base system
+ since 4.6-RELEASE. Both changes for kernel and userland
+ are listed, as well as applicable security advisories
+ for the base system that were issued since the last
+ release. Some brief remarks on upgrading are also
+ presented.</p>
+ </div>
+ </div>
+ <hr>
+ </div>
+
+ <div class="TOC">
+ <dl>
+ <dt><b>Table of Contents</b></dt>
+
+ <dt>1 <a href="#AEN13">Introduction</a></dt>
+
+ <dt>2 <a href="#AEN21">What's New</a></dt>
+
+ <dd>
+ <dl>
+ <dt>2.1 <a href="#KERNEL">Kernel Changes</a></dt>
+
+ <dd>
+ <dl>
+ <dt>2.1.1 <a href="#AEN60">Processor/Motherboard
+ Support</a></dt>
+
+ <dt>2.1.2 <a href="#AEN65">Boot Loaders</a></dt>
+
+ <dt>2.1.3 <a href="#AEN68">Network Interface
+ Support</a></dt>
+
+ <dt>2.1.4 <a href="#AEN78">Network
+ Protocols</a></dt>
+
+ <dt>2.1.5 <a href="#AEN125">Disks and
+ Storage</a></dt>
+
+ <dt>2.1.6 <a href="#AEN151">Filesystems</a></dt>
+
+ <dt>2.1.7 <a href="#AEN154">PCCARD
+ Support</a></dt>
+
+ <dt>2.1.8 <a href="#AEN157">Multimedia
+ Support</a></dt>
+
+ <dt>2.1.9 <a href="#AEN165">Contributed
+ Software</a></dt>
+ </dl>
+ </dd>
+
+ <dt>2.2 <a href="#SECURITY">Security
+ Advisories</a></dt>
+
+ <dt>2.3 <a href="#USERLAND">Userland Changes</a></dt>
+
+ <dd>
+ <dl>
+ <dt>2.3.1 <a href="#AEN480">Contributed
+ Software</a></dt>
+
+ <dt>2.3.2 <a href="#AEN562">Ports/Packages
+ Collection</a></dt>
+ </dl>
+ </dd>
+
+ <dt>2.4 <a href="#AEN569">Release Engineering and
+ Integration</a></dt>
+ </dl>
+ </dd>
+
+ <dt>3 <a href="#AEN577">Upgrading from previous releases
+ of FreeBSD</a></dt>
+ </dl>
+ </div>
+
+ <div class="SECT1">
+ <hr>
+
+ <h1 class="SECT1"><a name="AEN13">1 Introduction</a></h1>
+
+ <p>This document contains the release notes for FreeBSD
+ 4.7-RELEASE on the IA-32 hardware platform. It describes
+ new features of FreeBSD that have been added (or changed)
+ since 4.6-RELEASE. It also provides some notes on upgrading
+ from previous versions of FreeBSD.</p>
+
+ <p>This distribution of FreeBSD 4.7-RELEASE is a release
+ distribution. It can be found at <a href=
+ "ftp://ftp.FreeBSD.org/" target=
+ "_top">ftp://ftp.FreeBSD.org/</a> or any of its mirrors.
+ More information on obtaining this (or other) release
+ distributions of FreeBSD can be found in the <a href=
+ "http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/mirrors.html"
+ target="_top">``Obtaining FreeBSD''</a> appendix in the <a
+ href=
+ "http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/"
+ target="_top">FreeBSD Handbook</a>.</p>
+ </div>
+
+ <div class="SECT1">
+ <hr>
+
+ <h1 class="SECT1"><a name="AEN21">2 What's New</a></h1>
+
+ <p>This section describes the most user-visible new or
+ changed features in FreeBSD since 4.6-RELEASE. Typical
+ release note items document new drivers or hardware
+ support, new commands or options, major bugfixes, or
+ contributed software upgrades. Security advisories for the
+ base system that were issued after 4.6-RELEASE are also
+ listed.</p>
+
+ <div class="SECT2">
+ <hr>
+
+ <h2 class="SECT2"><a name="KERNEL">2.1 Kernel
+ Changes</a></h2>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=acct&sektion=2&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">acct</span>(2)</span></a> has been
+ changed to open the accounting file in append mode, so
+ that <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=accton&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">accton</span>(8)</span></a> can be used
+ to enable accounting to an append-only file.</p>
+
+ <p><tt class="LITERAL">RLIMIT_VMEM</tt> support has been
+ added. This feature defines a new resource limit that
+ covers a process's entire virtual memory space, including
+ <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=mmap&sektion=2&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">mmap</span>(2)</span></a> space. This
+ limit can be configured in <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=login.conf&sektion=5&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">login.conf</span>(5)</span></a> via the
+ new <tt class="VARNAME">vmemoryuse</tt> variable.</p>
+
+ <p>A bug in the <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=sendfile&sektion=2&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">sendfile</span>(2)</span></a> system
+ call, in which headers counted against the size of the
+ file to be sent, has been fixed.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ucom&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ucom</span>(4)</span></a> device driver
+ has been added, to support USB modems, serial devices,
+ and other programs that need to look like a tty. The
+ related <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=uplcom&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">uplcom</span>(4)</span></a> and <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=uvscom&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">uvscom</span>(4)</span></a> drivers
+ provide specific support for the Prolific PL-2303 serial
+ adapter and the SUNTAC Slipper U VS-10U,
+ respectively.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=uvisor&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">uvisor</span>(4)</span></a> driver for
+ connecting Handspring Visors via USB has been added.</p>
+
+ <div class="SECT3">
+ <hr>
+
+ <h3 class="SECT3"><a name="AEN60">2.1.1
+ Processor/Motherboard Support</a></h3>
+
+ <p>Support for the AMD &Eacute;lan SC520 has been
+ added; this requires the <tt class=
+ "LITERAL">CPU_ELAN</tt> option in the kernel
+ configuration file.</p>
+ </div>
+
+ <div class="SECT3">
+ <hr>
+
+ <h3 class="SECT3"><a name="AEN65">2.1.2 Boot
+ Loaders</a></h3>
+ </div>
+
+ <div class="SECT3">
+ <hr>
+
+ <h3 class="SECT3"><a name="AEN68">2.1.3 Network
+ Interface Support</a></h3>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=em&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">em</span>(4)</span></a> driver now
+ supports the Intel 82545EM and 82545EB chips. It also
+ has VLAN support.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=rp&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">rp</span>(4)</span></a> driver has been
+ updated to version 3.02 and can now be built as a
+ module.</p>
+ </div>
+
+ <div class="SECT3">
+ <hr>
+
+ <h3 class="SECT3"><a name="AEN78">2.1.4 Network
+ Protocols</a></h3>
+
+ <p>A new version of <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ipfw</span>(4)</span></a> (commonly
+ referred to as ``IPFW2'') has been added as an option.
+ It now uses variable-sized representation of rules in
+ the kernel, similar to <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=bpf&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">bpf</span>(4)</span></a> instructions.
+ Most of the externally-visible behavior (i.e. through
+ <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ipfw</span>(8)</span></a>) should be
+ unchanged., although <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ipfw</span>(8)</span></a> now supports
+ <tt class="LITERAL">or</tt> connectives between match
+ fields. This new version is <span class="emphasis"><i
+ class="EMPHASIS">not</i></span> enabled by default. To
+ use it:</p>
+
+ <div class="PROCEDURE">
+ <ol type="1">
+ <li>
+ <p>Add <tt class="LITERAL">options IPFW2</tt>
+ (undocumented) to the kernel configuration.</p>
+ </li>
+
+ <li>
+ <p>Compile and install <tt class=
+ "FILENAME">libalias</tt> and <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ipfw</span>(8)</span></a> with
+ the <tt class="OPTION">-DIPFW2</tt> option
+ specified to <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=make&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">make</span>(1)</span></a>.</p>
+ </li>
+ </ol>
+ </div>
+
+ <p>A new <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ng_l2tp&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ng_l2tp</span>(4)</span></a> netgraph
+ node type, which implements the encapsulation layer of
+ the L2TP protocol as described in RFC 2661, has been
+ added.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=tcp&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">tcp</span>(4)</span></a> protocol's
+ retransmission timer can now be manipulated with two
+ sysctl variables, <tt class=
+ "VARNAME">net.inet.tcp.rexmit_min</tt> and <tt class=
+ "VARNAME">net.inet.tcp.rexmit_slop</tt>.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=tcp&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">tcp</span>(4)</span></a> protocol now
+ has the ability to dynamically limit the send-side
+ window to maximize bandwidth and minimize round trip
+ times. The feature can be enabled via the <tt class=
+ "VARNAME">net.inet.tcp.inflight_enable</tt> sysctl.</p>
+ </div>
+
+ <div class="SECT3">
+ <hr>
+
+ <h3 class="SECT3"><a name="AEN125">2.1.5 Disks and
+ Storage</a></h3>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ahd&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ahd</span>(4)</span></a> driver, which
+ supports the Adaptec AIC7901, AIC7901A, and AIC7902
+ Ultra320 PCI-X SCSI Controller chips, has been
+ added.</p>
+
+ <p>A bug which sometimes prevented <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ata</span>(4)</span></a> tagged
+ queueing from working correctly has been corrected.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ata</span>(4)</span></a> driver now
+ computes maximum transfer sizes correctly. This fixes
+ numerous <tt class="LITERAL">READ_BIG</tt> and other
+ errors that occurred when accessing certain ATA
+ devices.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ata</span>(4)</span></a> driver now has
+ support for the Sil 0680 and VIA 8233/8235
+ controllers.</p>
+
+ <p>The mpt driver, for supporting the LSI Logic
+ Fusion/MP architecture Fiber Channel controllers, has
+ been added.</p>
+
+ <p>The pst driver, for supporting Promise SuperTrak ATA
+ RAID controllers, has been added.</p>
+ </div>
+
+ <div class="SECT3">
+ <hr>
+
+ <h3 class="SECT3"><a name="AEN151">2.1.6
+ Filesystems</a></h3>
+ </div>
+
+ <div class="SECT3">
+ <hr>
+
+ <h3 class="SECT3"><a name="AEN154">2.1.7 PCCARD
+ Support</a></h3>
+ </div>
+
+ <div class="SECT3">
+ <hr>
+
+ <h3 class="SECT3"><a name="AEN157">2.1.8 Multimedia
+ Support</a></h3>
+
+ <p>The VT8233 audio controller now has its own driver
+ to facilitate supporting all known revisions of the
+ hardware. It is loadable at boot time by adding <tt
+ class="LITERAL">device pcm</tt> to the kernel
+ configuration or by adding <tt class=
+ "LITERAL">snd_via8233="YES"</tt> to <tt class=
+ "FILENAME">/boot/loader.conf</tt>. Documentation to
+ support this work was provided by VIA.</p>
+
+ <p>The ich sound driver now provides rudimentary
+ support for ich4 audio support.</p>
+
+ <p>The uaudio driver, for USB audio devices, has been
+ added.</p>
+ </div>
+
+ <div class="SECT3">
+ <hr>
+
+ <h3 class="SECT3"><a name="AEN165">2.1.9 Contributed
+ Software</a></h3>
+
+ <p><b class="APPLICATION">IPFilter</b> has been updated
+ to 3.4.29.</p>
+ </div>
+ </div>
+
+ <div class="SECT2">
+ <hr>
+
+ <h2 class="SECT2"><a name="SECURITY">2.2 Security
+ Advisories</a></h2>
+
+ <p>The original fix for security advisory SA-02:23 (which
+ addressed the use of file descriptors by set-user-id or
+ set-group-id programs) contained an error. It was still
+ possible for systems using <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=procfs&sektion=5&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">procfs</span>(5)</span></a> or <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=linprocfs&sektion=5&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">linprocfs</span>(5)</span></a> to be
+ exploited. This error has now been corrected; a revised
+ version of security advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc"
+ target="_top">FreeBSD-SA-02:23</a> contains more
+ details.</p>
+
+ <p>A buffer overflow in the resolver, which could be
+ exploited by a malicious domain name server or an
+ attacker forging DNS messages, has been fixed. See
+ security advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:28.resolv.asc"
+ target="_top">FreeBSD-SA-02:28</a> for more details.</p>
+
+ <p>A buffer overflow in <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=tcpdump&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">tcpdump</span>(1)</span></a>, which could
+ be triggered by badly-formed NFS packets, has been fixed.
+ See security advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:29.tcpdump.asc"
+ target="_top">FreeBSD-SA-02:29</a> for more details.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ktrace&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ktrace</span>(1)</span></a> can no longer
+ trace the operation of formerly privileged processes;
+ this prevents the leakage of sensitive information that
+ the process could have obtained before abandoning its
+ privileges. For a discussion of this issue, see security
+ advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:30.ktrace.asc"
+ target="_top">FreeBSD-SA-02:30</a> for more details.</p>
+
+ <p>A race condition in <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=pppd&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">pppd</span>(8)</span></a>, which could be
+ used to change the permissions of an arbitrary file, has
+ been corrected. For more information, see security
+ advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:32.pppd.asc"
+ target="_top">FreeBSD-SA-02:32</a>.</p>
+
+ <p>Multiple buffer overflows in <b class=
+ "APPLICATION">OpenSSL</b> have been corrected, by way of
+ an upgrade to the base system version of <b class=
+ "APPLICATION">OpenSSL</b>. More details can be found in
+ security advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc"
+ target="_top">FreeBSD-SA-02:33</a>.</p>
+
+ <p>A heap buffer overflow in the XDR decoder has been
+ fixed. For more details, see security advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:34.rpc.asc"
+ target="_top">FreeBSD-SA-02:34</a>.</p>
+
+ <p>A bug that could allow local users to read and write
+ arbitrary blocks on an FFS filesystem has been corrected.
+ More details can be found in security advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:35.ffs.asc"
+ target="_top">FreeBSD-SA-02:35</a>.</p>
+
+ <p>A bug in the NFS server code, which could allow a
+ remote denial of service attack, has been fixed. Security
+ advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:36.nfs.asc"
+ target="_top">FreeBSD-SA-02:36</a> has more details.</p>
+
+ <p>A bug that could allow local users to panic a system
+ using the <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=kqueue&sektion=2&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">kqueue</span>(2)</span></a> mechanism has
+ been fixed. More information is contained in security
+ advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:37.kqueue.asc"
+ target="_top">FreeBSD-SA-02:37</a>.</p>
+
+ <p>Several bounds-checking bugs in system calls, which
+ could result in some system calls returning a large
+ portion of kernel memory, have been fixed. More
+ information can be found in security advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:38.signed-error.asc"
+ target="_top">FreeBSD-SA-02:38</a>.</p>
+
+ <p>A bug that could allow applications using <tt class=
+ "FILENAME">libkvm</tt> to leak sensitive file descriptors
+ has been corrected. (See security advisory <a href=
+ "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:39.libkvm.asc"
+ target="_top">FreeBSD-SA-02:39</a> for more
+ details.)</p>
+ </div>
+
+ <div class="SECT2">
+ <hr>
+
+ <h2 class="SECT2"><a name="USERLAND">2.3 Userland
+ Changes</a></h2>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=biff&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">biff</span>(1)</span></a> now accepts a
+ <tt class="OPTION">b</tt> argument to enable ``bell
+ notification'' of new mail (which does not disturb the
+ terminal contents as <tt class="COMMAND">biff y</tt>
+ would).</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=cp&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">cp</span>(1)</span></a> now takes a
+ (nonstandard) <tt class="OPTION">-n</tt> option to
+ automatically answer ``no'' when it would ask to
+ overwrite a file.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=daemon&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">daemon</span>(8)</span></a> program, a
+ command-line interface to <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=daemon&sektion=3&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">daemon</span>(3)</span></a>, has been
+ added. It detaches itself from its controlling terminal
+ and executes a program specified on the command line.
+ This allows the user to run an arbitrary program as if it
+ were written to be a daemon.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=dump&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">dump</span>(8)</span></a> now supports a
+ new <tt class="OPTION">-S</tt> flag to allow it to just
+ print out the dump size estimates and exit.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=finger&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">finger</span>(1)</span></a> now has
+ support for a <tt class="FILENAME">.pubkey</tt> file.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=finger&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">finger</span>(1)</span></a> now supports
+ a <tt class="OPTION">-g</tt> flag to restrict the
+ printing of GECOS information to the user's full name
+ only.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=finger&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">finger</span>(1)</span></a> now supports
+ the <tt class="OPTION">-4</tt> and <tt class=
+ "OPTION">-6</tt> flags to specify an address family for
+ remote queries.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=fold&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">fold</span>(1)</span></a> now supports a
+ <tt class="OPTION">-b</tt> flag to break at byte
+ positions and a <tt class="OPTION">-s</tt> flag to break
+ at word boundaries.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ftp&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ftp</span>(1)</span></a> now supports the
+ <tt class="COMMAND">epsv4</tt> command to switch between
+ using the new EPSV/EPRT and plain old PASV/PORT requests
+ when talking over IPv4. This command is intended to
+ remedy the problem arising when running <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ftp&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ftp</span>(1)</span></a> through <b
+ class="APPLICATION">IPFilter</b> or another firewall not
+ supporting the newer FTP requests.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ftpd&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ftpd</span>(8)</span></a> now supports
+ the <tt class="OPTION">-m</tt> option to permit guest
+ users to modify existing files if allowed by filesystem
+ permissions. In particular, this enables guest users to
+ resume uploads.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ftpd&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ftpd</span>(8)</span></a> now supports
+ the <tt class="OPTION">-M</tt> option to prevent guest
+ users from creating directories.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ftpd&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ftpd</span>(8)</span></a> now supports
+ the <tt class="OPTION">-W</tt> option to disable logging
+ FTP sessions to <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=wtmp&sektion=5&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">wtmp</span>(5)</span></a>.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ifconfig</span>(8)</span></a> now
+ supports a <tt class="OPTION">eui64</tt> command to fill
+ in the lowermost 64 bits of an IPv6 address
+ automatically. This makes <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=prefix&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">prefix</span>(8)</span></a> obsolete.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ifconfig</span>(8)</span></a> now has the
+ ability to set promiscuous mode on an interface, via the
+ new <tt class="OPTION">promisc</tt> flag.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=inetd&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">inetd</span>(8)</span></a> now has the
+ capability for limiting the maximum number of
+ simultaneous invocations of each service from a single IP
+ address.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=lock&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">lock</span>(1)</span></a> now accepts a
+ <tt class="OPTION">-v</tt> to disable switching VTYs
+ while the current terminal is locked. This permits
+ locking the entire console from a single terminal.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ls&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ls</span>(1)</span></a> program now
+ supports a <tt class="OPTION">-m</tt> flag to list files
+ across a page, a <tt class="OPTION">-p</tt> flag to force
+ printing of a <tt class="LITERAL">/</tt> after
+ directories, and a <tt class="OPTION">-x</tt> flag to
+ sort filenames across a page.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=mv&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">mv</span>(1)</span></a> now takes a
+ (nonstandard) <tt class="OPTION">-n</tt> option to
+ automatically answer ``no'' when it would ask to
+ overwrite a file.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=nice&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">nice</span>(1)</span></a> now uses the
+ <tt class="OPTION">-n</tt> option to specify the
+ ``niceness'' of the utility being run.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=od&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">od</span>(1)</span></a> now supports the
+ <tt class="OPTION">-A</tt> option to specify the input
+ address base, the <tt class="OPTION">-N</tt> option to
+ specify the number of bytes to dump, the <tt class=
+ "OPTION">-j</tt> option to specify the number of bytes to
+ skip, the <tt class="OPTION">-s</tt> option to output
+ signed decimal shorts, and the <tt class="OPTION">-t</tt>
+ option to specify output type.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=pam_opie&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">pam_opie</span>(8)</span></a> no longer
+ emits fake challenges when the <tt class=
+ "VARNAME">no_fake_prompts</tt> variable is specified.</p>
+
+ <p>A <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=pam_opieaccess&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">pam_opieaccess</span>(8)</span></a>
+ module has been added.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=pam_radius&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">pam_radius</span>(8)</span></a>, <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=pam_ssh&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">pam_ssh</span>(8)</span></a>, and <a
+ href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=pam_tacplus&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">pam_tacplus</span>(8)</span></a> have
+ been synchronized with the versions in FreeBSD -CURRENT
+ as of 3 July 2002.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=pam_unix&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">pam_unix</span>(8)</span></a> has been
+ synchronized with the version in FreeBSD -CURRENT as of 9
+ March 2002 (pre-<b class="APPLICATION">OpenPAM</b>).</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=pwd&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">pwd</span>(1)</span></a> now supports the
+ <tt class="OPTION">-L</tt> flag to print the logical
+ current working directory.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=renice&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">renice</span>(8)</span></a> command
+ implements a <tt class="OPTION">-n</tt> option, which
+ specifies an increment to be applied to the priority of a
+ process.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=sed&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">sed</span>(1)</span></a> now takes a <tt
+ class="OPTION">-i</tt> option to enable in-place editing
+ of files.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">sh</span>(1)</span></a> now supports a
+ <tt class="OPTION">-C</tt> option to prevent existing
+ regular files from being overwritten by output
+ redirection, and a <tt class="OPTION">-u</tt> to give an
+ error if an unset variable is expanded.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">sh</span>(1)</span></a> built-in <tt
+ class="COMMAND">cd</tt> command now supports <tt class=
+ "OPTION">-L</tt> and <tt class="OPTION">-P</tt> flags to
+ invoke logical or physical modes of operation,
+ respectively. Logical mode is the default, but the
+ default can be changed with the <tt class=
+ "VARNAME">physical</tt> <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">sh</span>(1)</span></a> option.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">sh</span>(1)</span></a> built-in <tt
+ class="COMMAND">jobs</tt> command now supports a <tt
+ class="OPTION">-s</tt> flag to output PIDs only and a <tt
+ class="OPTION">-l</tt> flag to add PIDs to the
+ output.</p>
+
+ <p>The <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">sh</span>(1)</span></a> built-in <tt
+ class="COMMAND">export</tt> and <tt class=
+ "COMMAND">readonly</tt> commands now support a <tt class=
+ "OPTION">-p</tt> flag to print their output in
+ ``portable'' format.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">sh</span>(1)</span></a> no longer accepts
+ invalid constructs as <tt class="COMMAND"><tt class=
+ "REPLACEABLE"><i>command</i></tt> &amp; &amp;&amp; <tt
+ class="REPLACEABLE"><i>command</i></tt></tt>, <tt class=
+ "COMMAND">&amp;&amp;&#13; <tt class=
+ "REPLACEABLE"><i>command</i></tt></tt>, or <tt class=
+ "COMMAND">|| <tt class=
+ "REPLACEABLE"><i>command</i></tt></tt>.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=split&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">split</span>(1)</span></a> now supports a
+ <tt class="OPTION">-a</tt> option to specify the number
+ of letters to use for the suffix of split files.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=su&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">su</span>(1)</span></a> now has support
+ for Kerberos V authentication.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=tr&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">tr</span>(1)</span></a> now has basic
+ support for equivalence classes for locales that support
+ them.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=unexpand&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">unexpand</span>(1)</span></a> now
+ supports a <tt class="OPTION">-t</tt> to specify tabstabs
+ analogous to <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=expand&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">expand</span>(1)</span></a>.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=vidcontrol&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">vidcontrol</span>(1)</span></a> now
+ accepts a <tt class="OPTION">-S</tt> to allow the user to
+ disable VTY switching.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=who&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">who</span>(1)</span></a> now has a number
+ of new options: <tt class="OPTION">-H</tt> shows column
+ headings; <tt class="OPTION">-T</tt> shows <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=mesg&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">mesg</span>(1)</span></a> state; <tt
+ class="OPTION">-m</tt> is an equivalent to <tt class=
+ "OPTION">am i</tt>; <tt class="OPTION">-u</tt> shows idle
+ time; <tt class="OPTION">-q</tt> to list names in
+ columns.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=xargs&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">xargs</span>(1)</span></a> now supports a
+ <tt class="OPTION">-I</tt> <tt class=
+ "REPLACEABLE"><i>replstr</i></tt> option that allows the
+ user to tell <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=xargs&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">xargs</span>(1)</span></a> to insert the
+ data read from standard input at specific points in the
+ command line arguments rather than at the end. (A
+ FreeBSD-specific <tt class="OPTION">-J</tt> option is
+ similar, but is now deprecated in favor of the more
+ portable <tt class="OPTION">-I</tt> option.)</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=xargs&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">xargs</span>(1)</span></a> now supports a
+ <tt class="OPTION">-L</tt> option to force its utility
+ argument to be called after some number of lines.</p>
+
+ <div class="SECT3">
+ <hr>
+
+ <h3 class="SECT3"><a name="AEN480">2.3.1 Contributed
+ Software</a></h3>
+
+ <p><b class="APPLICATION">BIND</b> has been updated to
+ 8.3.3.</p>
+
+ <p><b class="APPLICATION">Binutils</b> has been updated
+ to 2.12.1 (specifically, a post-release snapshot from
+ 20 July 2002).</p>
+
+ <p><b class="APPLICATION">gcc</b> has been updated to a
+ snapshot from the GCC 2.95 CVS branch from 20 March
+ 2002. It carries the unofficial version number of
+ 2.95.4.</p>
+
+ <p><b class="APPLICATION">Heimdal Kerberos</b> has been
+ updated to a pre-0.5 snapshot from 29 August 2002.</p>
+
+ <p><b class="APPLICATION">libpcap</b> has been updated
+ to 0.7.1.</p>
+
+ <p>The FTP daemon from NetBSD, otherwise known as <b
+ class="APPLICATION">lukemftpd</b> 1.2 beta 1, has been
+ imported and is available as <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=lukemftpd&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">lukemftpd</span>(8)</span></a>.</p>
+
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=m4&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">m4</span>(1)</span></a> has been
+ imported from OpenBSD, as of 26 April 2002.</p>
+
+ <p>The <b class="APPLICATION">OPIE</b>
+ one-time-password suite has been updated to 2.4.</p>
+
+ <p><b class="APPLICATION">OpenSSH</b> has been updated
+ to version 3.4p1. Among the changes:</p>
+
+ <ul>
+ <li>
+ <p>The <tt class="FILENAME">*2</tt> files are
+ obsolete (for example, <tt class=
+ "FILENAME">~/.ssh/known_hosts</tt> can hold the
+ contents of <tt class=
+ "FILENAME">~/.ssh/known_hosts2</tt>).</p>
+ </li>
+
+ <li>
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ssh-keygen&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ssh-keygen</span>(1)</span></a> can
+ import and export keys using the SECSH Public Key
+ File Format, for key exchange with several
+ commercial SSH implementations.</p>
+ </li>
+
+ <li>
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ssh-add&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ssh-add</span>(1)</span></a> now
+ adds all three default keys.</p>
+ </li>
+
+ <li>
+ <p><a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=ssh-keygen&sektion=1&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">ssh-keygen</span>(1)</span></a> no
+ longer defaults to a specific key type; one must be
+ specified with the <tt class="OPTION">-t</tt>
+ option.</p>
+ </li>
+
+ <li>
+ <p>A ``privilege separation'' feature, which uses
+ unprivileged processes to contain and restrict the
+ effects of future compromises or programming
+ errors.</p>
+ </li>
+
+ <li>
+ <p>Several bugfixes, including closure of a
+ security hole that could lead to an integer
+ overflow and undesired privilege escalation.</p>
+ </li>
+
+ <li>
+ <p>The default SSH protocol to use is now Version 2
+ (with a fallback to Version 1), rather than Version
+ 1 (with a fallback to Version 2).</p>
+ </li>
+ </ul>
+ <br>
+ <br>
+
+ <p><b class="APPLICATION">OpenSSL</b> has been updated
+ to 0.9.6g.</p>
+
+ <p><b class="APPLICATION">sendmail</b> has been updated
+ from version 8.12.3 to version 8.12.6.</p>
+
+ <p>Version 1.4.5 of the <b class=
+ "APPLICATION">smbfs</b> userland utilities has been
+ imported.</p>
+
+ <p><b class="APPLICATION">GNU tar</b> has been updated
+ to 1.13.25.</p>
+
+ <p><b class="APPLICATION">tcsh</b> has been updated to
+ version 6.12.</p>
+
+ <p><b class="APPLICATION">texinfo</b> has been updated
+ to 4.2.</p>
+
+ <p>The contributed version of <b class=
+ "APPLICATION">tcp_wrappers</b> now includes the <a
+ href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=tcpd&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">tcpd</span>(8)</span></a> helper
+ daemon. While not strictly necessary in a standard
+ FreeBSD installation (because <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=inetd&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">inetd</span>(8)</span></a> already
+ incorporates this functionality), this may be useful
+ for <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=inetd&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">inetd</span>(8)</span></a> replacements
+ such as <b class="APPLICATION">xinetd</b>.</p>
+
+ <p><b class="APPLICATION">tcpdump</b> has been updated
+ to 3.7.1.</p>
+
+ <p><b class="APPLICATION">top</b> has been updated to
+ version 3.5b12.</p>
+ </div>
+
+ <div class="SECT3">
+ <hr>
+
+ <h3 class="SECT3"><a name="AEN562">2.3.2 Ports/Packages
+ Collection</a></h3>
+
+ <p>The libraries installed by the <a href=
+ "http://www.FreeBSD.org/cgi/url.cgi?ports/emulators/linux_base/pkg-descr">
+ <tt class="FILENAME">emulators/linux_base</tt></a> port
+ (required for Linux emulation) have been updated; they
+ now correspond to those included with <b class=
+ "APPLICATION">Red Hat Linux</b> 7.1.</p>
+
+ <p><b class="APPLICATION">XFree86</b> has been updated
+ to 4.2.1. This version provides some security and bug
+ fixes over version 4.2.0.</p>
+ </div>
+ </div>
+
+ <div class="SECT2">
+ <hr>
+
+ <h2 class="SECT2"><a name="AEN569">2.4 Release
+ Engineering and Integration</a></h2>
+
+ <p>A bug that caused <tt class=
+ "FILENAME">/usr/share/examples</tt> to be incompletely
+ populated on fresh installs has been fixed.</p>
+
+ <p>It is now possible to make releases of FreeBSD
+ 5-CURRENT on a FreeBSD 4-STABLE host and vice versa.
+ Cross-architecture (building a release for a target
+ architecture on a host of a different architecture)
+ releases are also possible. See <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=release&sektion=7&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">release</span>(7)</span></a> for
+ details.</p>
+ </div>
+ </div>
+
+ <div class="SECT1">
+ <hr>
+
+ <h1 class="SECT1"><a name="AEN577">3 Upgrading from
+ previous releases of FreeBSD</a></h1>
+
+ <p>If you're upgrading from a previous release of FreeBSD,
+ you generally will have three options:</p>
+
+ <ul>
+ <li>
+ <p>Using the binary upgrade option of <a href=
+ "http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.7-RELEASE">
+ <span class="CITEREFENTRY"><span class=
+ "REFENTRYTITLE">sysinstall</span>(8)</span></a>. This
+ option is perhaps the quickest, although it presumes
+ that your installation of FreeBSD uses no special
+ compilation options.</p>
+ </li>
+
+ <li>
+ <p>Performing a complete reinstall of FreeBSD.
+ Technically, this is not an upgrading method, and in
+ any case is usually less convenient than a binary
+ upgrade, in that it requires you to manually backup and
+ restore the contents of <tt class="FILENAME">/etc</tt>.
+ However, it may be useful in cases where you want (or
+ need) to change the partitioning of your disks.</p>
+ </li>
+
+ <li>
+ <p>From source code in <tt class=
+ "FILENAME">/usr/src</tt>. This route is more flexible,
+ but requires more disk space, time, and technical
+ expertise. More information can be found in the <a
+ href=
+ "http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html"
+ target="_top">``Using <tt class="COMMAND">make
+ world</tt>''</a> section of the <a href=
+ "http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/"
+ target="_top">FreeBSD Handbook</a>. Upgrading from
+ very old versions of FreeBSD may be problematic; in
+ cases like this, it is usually more effective to
+ perform a binary upgrade or a complete reinstall.</p>
+ </li>
+ </ul>
+ <br>
+ <br>
+
+ <p>Please read the <tt class="FILENAME">INSTALL.TXT</tt>
+ file for more information, preferably <span class=
+ "emphasis"><i class="EMPHASIS">before</i></span> beginning
+ an upgrade. If you are upgrading from source, please be
+ sure to read <tt class="FILENAME">/usr/src/UPDATING</tt> as
+ well.</p>
+
+ <p>Finally, if you want to use one of various means to
+ track the -STABLE or -CURRENT branches of FreeBSD, please
+ be sure to consult the <a href=
+ "http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/current-stable.html"
+ target="_top">``-CURRENT vs. -STABLE''</a> section of the
+ <a href=
+ "http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/"
+ target="_top">FreeBSD Handbook</a>.</p>
+
+ <div class="IMPORTANT">
+ <blockquote class="IMPORTANT">
+ <p><b>Important:</b> Upgrading FreeBSD should, of
+ course, only be attempted after backing up <span class=
+ "emphasis"><i class="EMPHASIS">all</i></span> data and
+ configuration files.</p>
+ </blockquote>
+ </div>
+ </div>
+ </div>
+ <hr>
+
+ <p align="center"><small>This file, and other release-related
+ documents, can be downloaded from <a href=
+ "ftp://ftp.FreeBSD.org/">ftp://ftp.FreeBSD.org/</a>.</small></p>
+
+ <p align="center"><small>For questions about FreeBSD, read the
+ <a href="http://www.FreeBSD.org/docs.html">documentation</a>
+ before contacting &#60;<a href=
+ "mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>&#62;.</small></p>
+
+ <p align="center"><small>For questions about this
+ documentation, e-mail &#60;<a href=
+ "mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>&#62;.</small></p>
+ <br>
+ <br>
+ </body>
+</html>
+