FreeBSD/amd64 5.2.1-RELEASE Release Notes
The FreeBSD Project
Copyright (c) 2000, 2001, 2002, 2003, 2004 The FreeBSD Documentation
Project
$FreeBSD: src/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml,v
1.663.2.13 2004/02/06 21:37:54 bmah Exp $
The release notes for FreeBSD 5.2.1-RELEASE contain a summary of recent
changes made to the FreeBSD base system on the 5-CURRENT development
branch. This document lists applicable security advisories that were
issued since the last release, as well as significant changes to the
FreeBSD kernel and userland. Some brief remarks on upgrading are also
presented.
----------------------------------------------------------------------
Table of Contents
1 Introduction
2 What's New
2.1 Security Advisories
2.2 Kernel Changes
2.2.1 Platform-Specific Hardware Support
2.2.2 Boot Loader Changes
2.2.3 Network Interface Support
2.2.4 Network Protocols
2.2.5 Disks and Storage
2.2.6 File Systems
2.2.7 Multimedia Support
2.3 Userland Changes
2.4 Contributed Software
2.5 Ports/Packages Collection Infrastructure
2.6 Release Engineering and Integration
2.7 Documentation
3 Upgrading from previous releases of FreeBSD
1 Introduction
This document contains the release notes for FreeBSD 5.2.1-RELEASE on the
AMD64 hardware platform. It describes recently added, changed, or deleted
features of FreeBSD. It also provides some notes on upgrading from
previous versions of FreeBSD.
This distribution of FreeBSD 5.2.1-RELEASE is a ``point release'',
intended to address some issues (primarily bug fixes) discovered in
FreeBSD 5.2-RELEASE.
Users who are new to the 5-CURRENT series of FreeBSD releases should also
read the ``Early Adopters Guide to FreeBSD 5.2.1-RELEASE''. This document
can generally be found in the same location as the release notes (either
as a part of a FreeBSD distribution or on the FreeBSD Web site). It
contains important information regarding the advantages and disadvantages
of using FreeBSD 5.2.1-RELEASE, as opposed to releases based on the
FreeBSD 4-STABLE development branch.
All users are encouraged to consult the release errata before installing
FreeBSD. The errata document is updated with ``late-breaking'' information
discovered late in the release cycle or after the release. Typically, it
contains information on known bugs, security advisories, and corrections
to documentation. An up-to-date copy of the errata for FreeBSD
5.2.1-RELEASE can be found on the FreeBSD Web site.
----------------------------------------------------------------------
2 What's New
This section describes many of the user-visible new or changed features in
FreeBSD since 5.1-RELEASE. It includes items that are unique to the
5-CURRENT branch, as well as some features that may have been recently
merged to other branches (after FreeBSD 5.1-RELEASE). The latter items are
marked as [MERGED].
Typical release note items document recent security advisories issued
after 5.1-RELEASE, new drivers or hardware support, new commands or
options, major bug fixes, or contributed software upgrades. They may also
list changes to major ports/packages or release engineering practices.
Clearly the release notes cannot list every single change made to FreeBSD
between releases; this document focuses primarily on security advisories,
user-visible changes, and major architectural improvements.
Release note entries that describe changes specific to this point release
are marked with [5.2.1].
----------------------------------------------------------------------
2.1 Security Advisories
A single-byte buffer overflow in realpath(3) was fixed. Although the fix
was committed prior to FreeBSD 5.1-RELEASE (and thus 5.1-RELEASE was not
affected), it was not noted in the release documentation. See security
advisory FreeBSD-SA-03:08. [MERGED]
A bug that could allow the kernel to attempt delivery of invalid signals
has been fixed. The bug could have led to a kernel panic or, under some
circumstances, unauthorized modification of kernel memory. For more
information, see security advisory FreeBSD-SA-03:09. [MERGED]
A bug in the iBCS2 emulation module, which could result in disclosing the
contents of kernel memory, has been fixed. This module is not enabled in
FreeBSD by default. For more information, see security advisory
FreeBSD-SA-03:10. [MERGED]
A buffer management bug in OpenSSH, which could potentially cause a crash,
has been fixed. More information can be found in security advisory
FreeBSD-SA-03:12. [MERGED]
A buffer overflow in sendmail has been fixed. More information can be
found in security advisory FreeBSD-SA-03:13. [MERGED]
A bug that could allow the kernel to cause resource starvation which
eventually results in a system panic in the ARP cache code has been fixed.
More information can be found in security advisory FreeBSD-SA-03:14.
[MERGED]
Several errors in the OpenSSH PAM challenge/response authentication
subsystem have been fixed. The impacts of these bugs vary; details can be
found in security advisory FreeBSD-SA-03:15. [MERGED]
A bug in procfs(5) and linprocfs(5), which could result in disclosing the
contents of kernel memory, has been fixed. More information can be found
in security advisory FreeBSD-SA-03:17. [MERGED]
Four separate security flaws in OpenSSL, which could allow a remote
attacker to crash an OpenSSL-using application or to execute arbitrary
code with the privileges of the application, have been fixed. More
information can be found in security advisory FreeBSD-SA-03:18. [MERGED]
A potential denial of service in BIND has been fixed. For more
information, see security advisory FreeBSD-SA-03:19. [MERGED]
[5.2.1] A bug in mksnap_ffs(8) has been fixed; it caused the creation of a
filesystem snapshot to reset the flags on the filesystem to their default
values. The possible consequences depended on local usage, but could
include disabling extended access control lists or enabling the use of
setuid executables stored on an untrusted filesystem. This bug also
affected the dump(8) -L option, which uses mksnap_ffs(8). Note that
mksnap_ffs(8) is normally only available to the superuser and members of
the operator group. For more information, see security advisory
FreeBSD-SA-04:01.
[5.2.1] A bug with the System V Shared Memory interface (specifically the
shmat(2) system call) has been fixed. This bug can cause a shared memory
segment to reference unallocated kernel memory. In turn, this can permit a
local attacker to gain unauthorized access to parts of kernel memory,
possibly resulting in disclosure of sensitive information, bypass of
access control mechanisms, or privilege escalation. More details can be
found in security advisory FreeBSD-SA-04:02. [MERGED]
----------------------------------------------------------------------
2.2 Kernel Changes
The acpi(4) driver's CPU component now supports idle states C1-C3 for both
single and SMP systems, providing power/heat savings when the processor is
idle, according to ACPI 2.0. Additionally, the throttling support has been
updated to ACPI 2.0.
[5.2.1] devfs(5) path rules now work correctly on directories.
The dcons(4) ``dumb console'' driver has been added to provide a local and
remote console. It can be accessed over FireWire using the dcons_crom(4)
driver. A dconschat(8) utility provides user access to dcons(4) devices.
A multi-byte character set conversion method is now supported by the
LIBICONV kernel option.
The puc(4) PCI Universal Communications driver now supports connecting
parallel ports to the ppc(4) driver.
The uart(4) driver has been added to support various classes of UART
(Universal Asynchronous Receiver/Transmitter) devices. It is an analog of
the sio(4) driver but supports a wider range of devices. This driver is
necessary to support serial ports on certain architectures, such as ia64
and sparc64.
A kernel software watchdog facility has been implemented. For more
information, see watchdog(4) and watchdogd(8).
The swap pager has been revamped. Among user-visible changes are a change
in the layout policy (from fixed-width striping to a round-robin across
devices) for better I/O throughput, the elimination of compile-time limits
on the number of swap devices, and a reduction in memory overheads.
----------------------------------------------------------------------
2.2.1 Platform-Specific Hardware Support
----------------------------------------------------------------------
2.2.2 Boot Loader Changes
----------------------------------------------------------------------
2.2.3 Network Interface Support
The new ath(4) and ath_hal(4) drivers provide support for 802.11a/b/g
devices based on the AR5210, AR5211, and AR5212 chips.
The bfe(4) driver has been added to support Broadcom BCM4401 based Fast
Ethernet adapters.
bge(4) now supports Broadcom 5705 based Gigabit Ethernet NICs. [MERGED]
A bug in the bge(4) driver that prevented it from working correctly at 10
Mbps has been fixed.
The em(4) driver now has support for tuning the interrupt delays using
sysctl tunables without recompiling the driver.
The fatm(4) driver has been added. This is a driver for NATM and NgATM
that supports Fore/Marconi PCA200 ATM cards.
The re(4) driver has been added. It provides support for the RealTek
RTL8139C+, RTL8169, RTL8169S and RTL8110S PCI Fast Ethernet and Gigabit
Ethernet controllers.
sk(4) now supports SK-9521 V2.0 and 3COM 3C940 based Gigabit Ethernet
NICs. [MERGED]
[5.2.1] Several bugs related to multicast and promiscuous mode handling in
the sk(4) driver have been fixed.
A new utopia(4) driver supports 25MBit/sec, 155MBit/sec and 622MBit/sec
ATM physical layer configuration, status and statistics reporting for the
most commonly used ATM-PHY chips.
The suspend/resume support for the wi(4) driver now works correctly when
the device is configured down. [MERGED]
The wi(4) driver should once again work correctly with Lucent 802.11b
interfaces.
The 802.11 support layer has been rewritten to allow for future growth and
new features.
The xe(4) driver now supports CE2, CEM28, and CEM33 cards, and
multicast(4) datagrams. Also several bugs in the driver have been fixed.
A number of network drivers have had their interrupt handlers marked as
MPSAFE, meaning they can run without the Giant lock. Among the drivers so
converted are: ath(4), em(4), ep(4), fxp(4), sn(4), wi(4), and sis(4).
----------------------------------------------------------------------
2.2.4 Network Protocols
The ip_flow feature in the IPv4 protocol implementation has been replaced
by the ip_fastforward feature. ip_fastforward attempts to speed up simple
cases of packet forwarding, processing a forwarded packet to an outgoing
interface without queues or netisrs. If it cannot handle a particular
packet, it passes that packet to the normal ip_input routines for
processing. This feature can be enabled by setting the
net.inet.ip.fastforwarding sysctl variable to 1.
The IP_ONESBCAST option has been added to enable undirected ip(4)
broadcasts to be sent to specific network interfaces.
Enabling the options IPFILTER feature also requires enabling options
PFIL_HOOKS.
A bug in ipfw(4) limit rule processing that could cause various panics has
been fixed. [MERGED]
ipfw(4) rules now support comma-separated address lists (such as 1.2.3.4,
5.6.7.8/30, 9.10.11.12/22), and allow spaces after commas to make lists of
addresses more readable. [MERGED]
ipfw(4) rules now support C++-style comments. Each comment is stored
together with its rule and appears using the ipfw(8) show command.
[MERGED]
ipfw(8) can now modify ipfw(4) rules in set 31, which was read-only and
used for the default rules. They can be deleted by ipfw delete set 31
command but are not deleted by the ipfw flush command. This implements a
flexible form of ``persistent rules''. More details can be found in
ipfw(8). [MERGED]
The ng_atmpif(4) NetGraph node type has been added. It emulates a HARP
physical interface, and allows one to run the HARP ATM stack without real
hardware.
Kernel support has been added for Protocol Independent Multicast routing
(pim(4)). [MERGED]
The FreeBSD Bluetooth protocol stack has been updated:
* libsdp has been re-implemented under a BSD style license. This is
because the Linux BlueZ code is distributed under the GPL.
* The hccontrol(8) utility now supports four new commands:
Read/Write_Page_Scan_Mode and Read/Write_Page_Scan_Period_Mode.
* The hcsecd(8) daemon now stores link keys on a disk. It is no longer
required to pair devices every time.
* A NetGraph timeout problem in the ng_hci(4) and ng_l2cap(4) kernel
modules, which could cause access to a data structure that was already
freed, has been fixed.
* The ng_ubt(4) module, which cannot be built on FreeBSD 5.1-RELEASE,
has been fixed.
* rfcomm_sppd(1) and rfcomm_pppd(8) now support to query the RFCOMM
channel via SDP from the server. Specifying the RFCOMM channel
manually, this behavior can be disabled and these utilities will not
use SDP query.
* The sdpcontrol(8) utility, which is analogous to the sdptool utility
in the Linux BlueZ SDP package, has been added.
A number of fixes and updates to the IPv6 and IPSec code have been
imported from the KAME Project.
[5.2.1] Some bugs in the IPsec implementation from the KAME Project have
been fixed. These bugs were related to freeing memory objects before all
references to them were removed, and could cause erratic behavior or
kernel panics after flushing the Security Policy Database (SPD).
Support for the IPv6 Advanced Sockets API now conforms to RFC 3542 (also
known as RFC 2292bis), rather than RFC 2292. Applications using this API
have been updated accordingly.
[5.2.1] The PFIL_HOOKS option is now enabled by default in the GENERIC
kernel. The most notable effect of this change is to make IPFilter work
correctly when loaded as a kernel module.
Support for the source address selection part of RFC 3484 has been added.
The ip6addrctl(8) utility can be used to configure the address selection
policy.
The tcp_hostcache feature has been added to the TCP implementation. It
caches measured parameters of past TCP sessions to provide better initial
start values for following connections from or to the same source or
destination. Similar information that used to be stored in the routing
table has been removed.
The TCP implementation in FreeBSD now includes protection against a
certain class of TCP MSS resource exhaustion attacks, in the form of
limits on the size and rate of TCP segments. The first limit sets the
minimum allowed maximum TCP segment size, and is controlled by the
net.inet.tcp.minmss sysctl variable (the default value is 216 bytes). The
second limit is set by the net.inet.tcp.minmssoverload variable, and
controls the maximum rate of connections whose average segment size is
less than net.inet.tcp.minmss. Connections exceeding this packet rate are
reset and dropped. Because this feature was added late in the 5.2-RELEASE
release cycle, connection rate limiting is disabled by default, but can be
enabled manually by assigning a non-zero value to
net.inet.tcp.minmssoverload.
----------------------------------------------------------------------
2.2.5 Disks and Storage
The amr(4) driver now has system crashdump support. [MERGED]
A major rework of the ata(4) driver has been committed. One of the more
notable changes is that the ata(4) driver is now out from under the Giant
kernel lock. Note that ATA software RAID systems must now include device
ataraid in their kernel configuration files, as it is no longer
automatically implied by device atadisk.
[5.2.1] A number of bugs in the ata(4) driver have been fixed. Most
notably, master/slave device detection should work better, and some
problems with timeouts should be resolved.
ccd(4) can now operate on raw disks and other geom(4) providers.
The da(4) driver no longer tries to send 6-byte commands to USB and
FireWire devices. The quirks for these devices (which hopefully are now
unnecessary) have been disabled; to restore the old behavior, add options
DA_OLD_QUIRKS to the kernel configuration. [MERGED]
Various geom(4) modules can now be loaded as kernel modules, namely:
geom_apple, geom_bde, geom_bsd, geom_gpt, geom_mbr, geom_pc98,
geom_sunlabel, geom_vol_ffs.
A GEOM_FOX module has been added to detect and select between multiple
redundant paths to the same device.
The twe(4) driver now supports the 3ware generic API. [MERGED]
----------------------------------------------------------------------
2.2.6 File Systems
Multi-byte character conversion with the cd9660, msdosfs, ntfs, and udf
filesystems is now supported by including the CD9660_ICONV, MSDOSFS_ICONV,
NTFS_ICONV, and UDF_ICONV kernel options, respectively.
[5.2.1] A bug in GEOM that could result in I/O hangs in some rare cases
has been fixed.
Some off-by-one errors in the smbfs that prevented it from working
correctly with 15-character NetBIOS names have been fixed.
The sizes of some members of the statfs structure have changed from 32
bits to 64 bits in order to better support multi-terabyte filesystems.
* Users performing source upgrades across this change must ensure that
their kernel and userland bits are in sync, by following the
documented source upgrade procedures.
* A backward compatibility version of the statfs(2) system call exists
but only if the COMPAT_FREEBSD4 kernel option is defined. Including
this option in the kernel is strongly encouraged.
* Programs that use the statfs(2) will need to be recompiled. Among the
known examples are the devel/gnomevfs2, mail/postfix, and security/cfg
ports.
Support for NFSv4 has been added with the import of the University of
Michigan's Citi NFSv4 client implementation. More information can be found
in the mount_nfs4(8) and idmapd(8) manual pages.
[5.2.1] A panic in the NFSv4 client has been fixed; this occurred when
attempting operations against an NFSv3/NFSv2-only server.
----------------------------------------------------------------------
2.2.7 Multimedia Support
----------------------------------------------------------------------
2.3 Userland Changes
acpiconf(8) now supports a -i option to print battery information.
acpidb(8), an ACPI DSDT debugger, has been added.
arp(8) now supports a -i option to limit the scope of the current
operation to the ARP entries on a particular interface. This option
applies to the display operations only. It should be useful on routers
with numerous network interfaces. [MERGED]
The atmconfig(8) program has been added for configuration of the ATM
drivers and IP-over-ATM functionality.
chroot(8) now allows the optional setting of a user, primary group, or
group list to use inside the chroot environment via the -u, -g, and -G
options respectively. [MERGED]
The compat4x.i386 libraries have been updated to correspond to those
available in FreeBSD 4.9-RELEASE.
The dev_mkdb utility is unnecessary due to the mandatory presence of
devfs, and has been removed.
dhclient(8) now polls the state of network interfaces and only sends DHCP
requests on interfaces that are up. The polling interval can be controlled
with the -i option.
The default mode for the lost+found directory of fsck(8) is now 0700
instead of 01777. [MERGED]
fsck_ffs(8) and newfs(8) now create a .snap directory in the root
directory of each filesystem, with group operator. fsck_ffs(8),
mksnap_ffs(8), and dump(8) will write their filesystem snapshots to this
directory. This change avoids locking access to the root directory of a
filesystem during snapshot creation and also helps non-root users create
snapshots.
The ffsinfo(8) utility has been updated to understand UFS2 filesystems and
has been re-enabled.
The iasl(8) utility, a compiler/decompiler for ACPI Source Language (ASL)
and ACPI Machine language (AML), has been added.
ifconfig(8) now supports a staticarp option for an interface, which
disables the sending of ARP requests for that interface.
A fix in the initgroups(3) library function now causes logins to fail if
the login process is unable to successfully set the process credentials to
include all groups defined for a user. The current kernel limit is 16
groups; administrators may wish to check that users do not have more than
16 groups defined, or they will be unable to log in.
The ipfw(8) list and show commands now support ranges of rule numbers.
[MERGED]
ipfw(8) now supports a -n flag to test the syntax of commands without
actually changing anything. [MERGED]
kdump(1) now supports a -p option to display only the trace events
corresponding to a specific process, as well as a new -E flag to display
timestamps relative to the start of the dump.
last(1) now supports a -n flag to limit the number of lines in its output
report.
The libalias library, natd(8), and ppp(8) now support Cisco Skinny Station
protocol, which is the protocol used by Cisco IP phones to talk to Cisco
Call Managers. Note that currently having the Call Manager behind the NAT
gateway is not supported. [MERGED]
The libcipher DES cryptography library has been removed. All of its
functionality is provided by the libcrypto library, and all base systems
programs that used libcipher have been converted to use libcrypto instead.
The libkiconv library has been added to support working with loadable
character set conversion tables in the kernel.
libwrap and tcpdchk(8) are now configured to support the extended
tcp_wrappers syntax by default.
The locale(1) utility has been re-implemented and is now POSIX-compliant.
A new -m option shows all available codesets.
The mount(8) utility now supports to display the filesystem ID for each
file system in addition to the normal information when a -v flag is
specified, and the umount(8) utility now accepts the filesystem ID as well
as the usual device and path names. This allows to unambiguously specify
which file system is to be unmounted even when two or more file systems
share the same device and mount point names.
The mount_cd9660(8), mount_ntfs(8), and mount_udf(8) utilities now support
a -C option to specify local character sets to convert Unicode filenames.
It is possible to specify multi-byte character sets using this option.
The mount_msdosfs(8) utility now supports a -M option to specify the
maximum file permissions for directories in the file system. [MERGED]
The mount_msdosfs(8) utility now supports a -D option to specify MS-DOS
codepages and a -L option to specify local character sets. They are used
to convert character sets of filenames. The /usr/libdata/msdosfs tables
have been retired.
The mount_nwfs(8), mount_portalfs(8), and mount_smbfs(8) utilities have
been moved from /sbin to /usr/sbin.
The nologin(8) program has been reimplemented in C (it was formerly a
shell script).
[5.2.1] A bugfix has been applied to NSS support, which fixes problems
when using third-party NSS modules (such as net/nss_ldap) and groups with
large membership lists.
The rc.conf(5) variable ntpd_flags for ntpd(8) now includes -f
/var/db/ntpd.drift by default.
The pam_guest(8) PAM module has been added to allow guest logins. It
replaces the pam_ftp(8) module.
ps(1) and top(1) now support a -H flag to display all kernel-visible
threads in each process.
A bug that rarpd(8) does not recognize removable Ethernet NICs has been
fixed.
repquota(8) now supports a -n flag to display users and groups
numerically.
rtld(1) now includes ``libmap'' functionality by default; the WITH_LIBMAP
compile knob is unnecessary and has been retired. More information can be
found in libmap.conf(5).
savecore(8) now supports a -C flag that merely indicates the existence or
absence of a coredump file.
The symorder utility has been removed. It is unnecessary now that all
kernels use ELF format and there is no a.out format toolchain.
sysinstall(8) now gives the ability to select an alternate MTA during
installation. Currently, exim and Postfix are supported.
sysinstall(8) no longer supports system ``security profiles''; this
feature has been replaced by individual tuning knobs to enable and disable
sshd(8) and set the system securelevels.
systat(1) now includes displays for IPv6 and ICMPv6 traffic. [MERGED]
uname(1) now supports a -i flag to return the kernel identification. This
name is also available via the kern.ident sysctl variable.
A number of utilities available in /bin and /sbin are now available as a
statically-linked ``crunched'' binary that lives in /rescue. This
functionality is similar to the /stand directory installed by
sysinstall(8), but /rescue includes more functionality and is updated as
part of buildworld/installworld operations. More details can be found in
rescue(8).
Many executables in /bin and /sbin are now built using dynamic, rather
than static linking. This feature brings support for loadable PAM and NSS
modules to base system utilities located in those directories. It also
reduces the storage requirements for the root filesystem due to the use of
shared libraries. This feature can be disabled in a buildworld by defining
the Makefile variable NO_DYNAMICROOT. Note that statically-linked,
crunched executables are available in the /rescue directory for use during
system repair and recovery operations.
----------------------------------------------------------------------
2.4 Contributed Software
The ACPI-CA code has been updated from the 20030228 snapshot to the
20030619 snapshot.
amd has been updated from 6.0.7 to 6.0.9.
awk from Bell Labs has been updated from a 14 March 2003 snapshot to a 29
July 2003 snapshot.
BIND has been updated from 8.3.4 to 8.3.7. [MERGED]
[5.2.1] Security improvements from CVS 1.11.10 and 1.11.11 have been
backported. Specifically, certain malformed module requests are now
rejected, and when using cvs pserver mode, attempts to authenticate as
root are rejected and recorded via syslog(3).
GCC has been updated from 3.2.2 to a 3.3.3 pre-release snapshot from 6
November 2003.
Note: Previous versions of GCC generated incorrect code when
-march=pentium4 optimization was enabled. This problem is believed to
have been fixed with this upgrade, and the earlier workaround for the
case of CPUTYPE=p4 has been removed.
GNU Readline has been updated from 4.2 to 4.3.
GNU Sort has been updated from the version in textutils 2.0.21 to the
version in textutils 2.1.
Heimdal Kerberos has been updated from 0.5.1 to 0.6.
The ISC DHCP client has been updated from 3.0.1rc11 to 3.0.1rc12.
lukemftp has been updated from 1.6beta2 to a 11 November 2003 snapshot
from NetBSD.
OpenPAM has been updated from the ``Dianthus'' release to the ``Dogwood''
release.
OpenSSL has been updated from 0.9.7a to 0.9.7c. [MERGED]
sendmail has been updated from version 8.12.9 to version 8.12.10. [MERGED]
texinfo has been updated from 4.5 to 4.6. [MERGED]
The timezone database has been updated from the tzdata2003a release to the
tzdata2003d release. [MERGED]
----------------------------------------------------------------------
2.5 Ports/Packages Collection Infrastructure
If GNU_CONFIGURE is defined, all instances of config.guess and config.sub
found under WRKDIR are replaced with the master versions from
PORTSDIR/Template. This allows old ports (which contain old versions of
these scripts) to build on newer architectures like ia64 and amd64.
----------------------------------------------------------------------
2.6 Release Engineering and Integration
Floppy disk installation images are no longer built for the alpha, amd64,
and ia64 architectures.
The supported release of GNOME has been updated from 2.2.1 to 2.4.
[MERGED]
The supported release of KDE has been updated from 3.1.2 to 3.1.4.
[MERGED]
[5.2.1] The sysutils/kdeadmin3 port and package have been updated to
version 3.1.4_1. This update fixes a bug in the KUser application that
could cause the root user to be deleted from the password file
----------------------------------------------------------------------
2.7 Documentation
To reduce duplication of information (and subsequent difficulty in
maintaining consistency), many instances of specific devices supported in
the Hardware Notes have been moved to system manual pages. This project is
ongoing as of this release.
A Turkish (tr_TR.ISO8859-9) translation project has been started.
----------------------------------------------------------------------
3 Upgrading from previous releases of FreeBSD
Users with existing FreeBSD systems are highly encouraged to read the
``Early Adopter's Guide to FreeBSD 5.2.1-RELEASE''. This document
generally has the filename EARLY.TXT on the distribution media, or any
other place that the release notes can be found. It offers some notes on
upgrading, but more importantly, also discusses some of the relative
merits of upgrading to FreeBSD 5.X versus running FreeBSD 4.X.
Important: Upgrading FreeBSD should, of course, only be attempted after
backing up all data and configuration files.
----------------------------------------------------------------------
This file, and other release-related documents, can be downloaded from
ftp://ftp.FreeBSD.org/.
For questions about FreeBSD, read the documentation before contacting
<questions@FreeBSD.org>.
For questions about this documentation, e-mail <doc@FreeBSD.org>.