diff options
authorHiroki Sato <hrs@FreeBSD.org>2012-03-18 12:03:06 +0000
committerHiroki Sato <hrs@FreeBSD.org>2012-03-18 12:03:06 +0000
commitbaf8e819fe8fe40954804164c66caf905ef2811b (patch)
parentd5e70f8166cf5f1ba60640544b00008aa4dfd9f6 (diff)
Add relnote items for 8.3R (revision numbers are fixed yet):
SA-11:01 to SA-11:10, dtrace systrace_linux32 on amd64 support, hhook(9) and khelp(9~ added, hw.mwmtest.tests loader tunable, O_CLOEXEC for open(2) and fhopen(2) added, posix_fallocate(2) added, usbdump(8) added, cxgbe(4) 7.11.0 added, dc(4) PAE support, em(4) 7.3.2, igb(4) 2.3.1, igb(4) I350 support, ixgbe(4) 2.4.5, iwn(4) firmware image updated, msk(4) RXCSUM fixed, nge(4) MTU handling fixed, rdcphy(4) added, re(4) RTL8168E/8111E-VL and RTL8401E support added, re(4) TX interrupt moderation on RTL810xE added, re(4) RX interrupt moderation performance improvement, re(4) TSO support on RTL8168/8111 added, re(4) TXCSUM/RXCSUM offloading can be enabled independently now, re(4) RTL8105E support added, vte(4) added, ipfw(8) call and return actions added, IPsec HMAC-SHA-{256,384,512} in RFC 4868 supported, IPV6_PKTINFO bug in sendmsg(2) fixed, mod_cc(9) pluggable congestion control framework added, h_ertt(4) khelp module added, TCP_CONGESTION sockopt added, nf_ipfw(4) now supports IPv6, ng_one2many(4) XMIT_FAILOVER algorithm support added, ada(4) kern.cam.ada.write_cache, arcmsr(4), graid(8) added, mxge(4) updated, tws(4) added, FFS TRIM support added, NFS nocto mount option added, vfs.typenumhash loader tunable added, ZFS SPA version 28, bsdtar 2.8.5, cpuset(1) -C, fetch(1) STAT FTP command bug fixed, gpart(8) show -p added, hastd(8) drops root privilege, hastd(8) checksum keyword support added, hastd(8) compression keyword support added, readline(3) API imported to libedit, makefs(8) ISO 9660 format support, libmd/libcrypt SHA-{256,512} support added, netstat(1) not expose scope addr representation derived from KAME stack, newsyslog(8) xz compression support, poweroff(8) added, ppp(8) iface name xxx and iface description xxx subcommands added, ps(1) -o usertime and -o systime, rtadvd(8) noifprefix, RFC 6106 support, rtadvctl(8) added, tftpd(8) large file bugfix, zpool labelclear subcommand added, awk 2011/8/7 snapshot, BIND 9.6-ESV-R5-P1, netcat 4.9, GCC r127959, the last GPLv2-licensed version, less v444, OpenSSH 5.4p1+HPN, sendmail 8.14.5, tzdata2011n, unifdef 2.5.6, xz 2011/7/11 snapshot, and x11/kde4 4.7.4. Approved by: re (implicit)
Notes: svn path=/releng/8.3/; revision=233114
1 files changed, 487 insertions, 30 deletions
diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
index 72c568504614..412f27958887 100644
--- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
@@ -109,7 +109,6 @@
advisories, user-visible changes, and major architectural
-<!-- XXX: will be added
<sect2 id="security">
<title>Security Advisories</title>
@@ -132,34 +131,123 @@
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc"
- >SA-10:08.bzip2</ulink></entry>
- <entry>20&nbsp;September&nbsp;2010</entry>
- <entry><para>Integer overflow in bzip2 decompression</para></entry>
- </row>
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:09.pseudofs.asc"
- >SA-10:09.pseudofs</ulink></entry>
- <entry>10&nbsp;October&nbsp;2010</entry>
- <entry><para>Spurious mutex unlock</para></entry>
- </row>
- <row>
- <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-10:10.openssl.asc"
- >SA-10:10.openssl</ulink></entry>
- <entry>29&nbsp;November&nbsp;2010</entry>
- <entry><para>OpenSSL multiple vulnerabilities</para></entry>
- </row>
- </tbody>
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:01.mountd.asc"
+ >SA-11:01.mountd</ulink></entry>
+ <entry>20&nbsp;April&nbsp;2011</entry>
+ <entry><para>Network ACL mishandling in &man.mountd.8;</para></entry>
+ </row>
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:02.bind.asc"
+ >SA-11:02.bind</ulink></entry>
+ <entry>28&nbsp;May&nbsp;2011</entry>
+ <entry><para>BIND remote DoS with large RRSIG RRsets and negative
+ caching</para></entry>
+ </row>
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:04.compress.asc"
+ >SA-11:04.compress</ulink></entry>
+ <entry>28&nbsp;September&nbsp;2011</entry>
+ <entry><para>Errors handling corrupt compress file in
+ &man.compress.1; and &man.gzip.1;</para></entry>
+ </row>
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc"
+ >SA-11:05.unix</ulink></entry>
+ <entry>28&nbsp;September&nbsp;2011</entry>
+ <entry><para>Buffer overflow in handling of UNIX socket
+ addresses</para></entry>
+ </row>
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:06.bind.asc"
+ >SA-11:06.bind</ulink></entry>
+ <entry>23&nbsp;December&nbsp;2011</entry>
+ <entry><para>Remote packet Denial of Service against &man.named.8;
+ servers</para></entry>
+ </row>
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:07.chroot.asc"
+ >SA-11:07.chroot</ulink></entry>
+ <entry>23&nbsp;December&nbsp;2011</entry>
+ <entry><para>Code execution via chrooted ftpd</para></entry>
+ </row>
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc"
+ >SA-11:08.telnetd</ulink></entry>
+ <entry>23&nbsp;December&nbsp;2011</entry>
+ <entry><para>telnetd code execution vulnerability</para></entry>
+ </row>
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:09.pam_ssh.asc"
+ >SA-11:09.pam_ssh</ulink></entry>
+ <entry>23&nbsp;December&nbsp;2011</entry>
+ <entry><para>pam_ssh improperly grants access when user account has
+ unencrypted SSH private keys</para></entry>
+ </row>
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:10.pam.asc"
+ >SA-11:10.pam</ulink></entry>
+ <entry>23&nbsp;December&nbsp;2011</entry>
+ <entry><para><function>pam_start()</function> does not validate
+ service names</para></entry>
+ </row>
+ </tbody>
<sect2 id="kernel">
<title>Kernel Changes</title>
- <para></para>
+ <para revision="219559,219561" arch="amd64,i386">The &os;
+ &man.dtrace.1; framework now supports
+ <literal>systrace</literal> for system calls of
+ <literal>linux32</literal> and <literal>freebsd32</literal> on
+ &os;/&arch.amd64;. Two new
+ <filename>systrace_linux32</filename> and
+ <filename>systrace_freebsd32</filename> kernel modules provide
+ support for tracing compat system calls in addition to the native
+ system call tracing provided by the
+ <filename>systrace</filename> module.</para>
+ <para revision="216758,216615">The &man.hhook.9; (Helper Hook)
+ and &man.khelp.9; (Kernel Helpers) KPIs have been implemented.
+ These are a kind of superset of &man.pfil.9; framework for
+ more general use in the kernel. The &man.hhook.9; KPI
+ provides a way for kernel subsystems to export hook points
+ that &man.khelp.9; modules can hook to provide enhanced or new
+ functionality to the kernel. The &man.khelp.9; KPI provides a
+ framework for managing &man.khelp.9; modules, which indirectly
+ use the &man.hhook.9; KPI to register their hook functions
+ with hook points of interest within the kernel. These allow a
+ structured way to dynamically extend the kernel at runtime in
+ an ABI preserving manner.</para>
+ <para revision="224516" arch="amd64,i386,pc98">A &man.loader.8;
+ tunable <varname>hw.memtest.tests</varname> has been added.
+ This controls whether to perform memory testing at boot time
+ or not. The default value is <literal>1</literal> (perform a
+ memory test).</para>
+ <para revision="219999">The &man.open.2; and &man.fhopen.2;
+ system calls now support the <literal>O_CLOEXEC</literal> flag,
+ which allows setting the <literal>FD_CLOEXEC</literal> flag for the
+ newly created file descriptor. This is standardized in IEEE
+ Std 1003.1-2008 (POSIX, Single UNIX Specification Version
+ 4).</para>
+ <para revision="220791">The &man.posix.fallocate.2; system call has
+ been implemented. This is a function in POSIX to ensure that
+ a part of the storage for regular file data is allocated on the
+ file system storage media.</para>
<sect3 id="boot">
<title>Boot Loader Changes</title>
@@ -170,7 +258,11 @@
<sect3 id="proc">
<title>Hardware Support</title>
- <para></para>
+ <para revision="215649">The &os; &man.usb.4; subsystem now
+ supports USB packet filter. This allows to capture packets
+ which go through each USB host controller. The
+ implementation is almost based on &man.bpf.4; code.
+ The userland program &man.usbdump.8; has been added.</para>
<sect4 id="mm">
<title>Multimedia Support</title>
@@ -181,33 +273,360 @@
<sect4 id="net-if">
<title>Network Interface Support</title>
- <para></para>
+ <para revision="220009">The &man.cxgb.4; driver has been
+ updated to version 7.11.0.</para>
+ <para revision="218794">A &man.cxgbe.4; driver for Chelsio
+ T4 (Terminator 4) based 10Gb/1Gb adapters has been
+ added.</para>
+ <para revision="218832" arch="i386">The &man.dc.4; driver
+ now works correctly in kernels with the
+ <option>PAE</option> option.</para>
+ <para revision="219753">The &man.em.4; driver has been
+ updated to version 7.3.2.</para>
+ <para>The &man.igb.4; driver has been
+ updated to version 2.3.1.</para>
+ <para revision="218530">The &man.igb.4; driver now supports
+ Intel I350 PCIe Gigabit Ethernet controllers.</para>
+ <para>The &man.ixgbe.4; driver has been
+ updated to version 2.4.5.</para>
+ <para revision="220892">Firmware images in the &man.iwn.4;
+ driver for 1000, 5000, 6000, and 6500 series cards have been
+ updated.</para>
+ <para revision="216860">A bug in the &man.msk.4; driver has been
+ fixed. It could prevent RX checksum offloading from
+ working.</para>
+ <para revision="217794">A bug in the &man.nfe.4; driver which
+ could prevent reinitialization after changing the MTU has
+ been fixed.</para>
+ <para revision="216828">A rdcphy(4) driver for RDC Semiconductor
+ R6040 10/100 PHY has been added.</para>
+ <para revision="217498,218760">The &man.re.4; driver now supports
+ RTL8168E/8111E-VL PCIe Gigabit Ethernet controllers and
+ RTL8401E PCIe Fast Ethernet controllers.</para>
+ <para revision="217766">The &man.re.4; driver now supports
+ TX interrupt moderation on RTL810xE PCIe Fast Ethernet
+ controllers.</para>
+ <para revision="217902">The &man.re.4; driver now supports
+ another mechanism for RX interrupt moderation because of
+ performance problems. A &man.sysctl.8; variable
+ <varname>dev.re.<replaceable>N</replaceable>.int_rx_mod</varname>
+ has been added to control amount of time to delay RX
+ interrupt processing, in units of microsecond. Setting it
+ to <literal>0</literal> completely disables RX interrupt
+ moderation. A &man.loader.8; tunable
+ <varname>hw.re.intr_filter</varname> controls whether the
+ old mechanism utilizing MSI/MSI-X capability on
+ supported controllers is used or not. When set to
+ a non-zero value, the &man.re.4; driver uses the old
+ mechanism. The default value is <literal>0</literal> and
+ this tunable has no effect on controllers without MSI/MSI-X
+ capability.</para>
+ <para revision="217246,217832">The &man.re.4; driver now
+ supports TSO (TCP Segmentation Offload) on RealTek
+ RTL8168/8111 C or later controllers. Note that this is
+ disabled by default because broken frames can be sent
+ under certain conditions.</para>
+ <para revision="217381,218289">The &man.re.4; driver now
+ supports enabling TX and/or RX checksum offloading
+ independently from each other. Note that TX IP checksum
+ is disabled on some RTL8168C-based network interfaces
+ because it can generate an incorrect IP checksum when the
+ packet contains IP options.</para>
+ <para revision="217911">The &man.re.4; driver now supports
+ RTL8105E PCIe Fast Ethernet controllers.</para>
+ <para>A &man.vte.4; driver for RDC R6040 Fast
+ Ethernet controllers, which are commonly found on the Vortex86
+ System On a Chip, has been added.</para>
<sect3 id="net-proto">
<title>Network Protocols</title>
- <para></para>
+ <para revision="223666">&man.ipfw.8; now supports the
+ <command>call</command> and <command>return</command>
+ actions. Upon the <command>call
+ <replaceable>number</replaceable></command> action, the
+ current rule number is saved in the internal stack and
+ ruleset processing continues with the first rule numbered
+ <replaceable>number</replaceable> or higher. The
+ <command>return</command> action takes the rule number saved
+ to internal stack by the latest <command>call</command>
+ action and returns ruleset processing to the first rule with
+ number greater than that saved number.</para>
+ <para revision="218794">&os;'s &man.ipsec.4; support now uses
+ half of the hash size as the authenticator hash size in
+ Hashed Message Authentication Mode (HMAC-SHA-256,
+ HMAC-SHA-384, and HMAC-SHA-512) as described in RFC 4868.
+ This was a fixed 96-bit length in prior releases because the
+ implementation was based on an old Internet draft
+ draft-ietf-ipsec-ciph-sha-256-00. Note that this means
+ &release.current; and later are no longer interoperable with
+ the older &os; releases.</para>
+ <para revision="225682">A bug in the
+ <literal>IPV6_PKTINFO</literal> option used in
+ &man.sendmsg.2; has been fixed. The
+ <literal>IPV6_USE_MIN_MTU</literal> state set by
+ &man.setsockopt.2; was ignored.</para>
+ <para revision="216109,216114,216115,218152,218153,218155">The
+ &os; TCP/IP network stack now supports the &man.mod.cc.9; pluggable
+ congestion control framework. This allows TCP congestion
+ control algorithms to be implemented as dynamically loadable
+ kernel modules. The following kernel modules are available
+ as of &release.current;: &man.cc.chd.4; for the
+ CAIA-Hamilton-Delay algorithm, &man.cc.cubic.4; for the CUBIC
+ algorithm, &man.cc.hd.4; for the Hamilton-Delay algorithm,
+ &man.cc.htcp.4; for the H-TCP algorithm, &man.cc.newreno.4; for
+ the NewReno algorithm, and &man.cc.vegas.4; for the Vegas algorithm.
+ The default algorithm can be set by a new &man.sysctl.8;
+ variable <varname>net.inet.tcp.cc.algorithm</varname>. The
+ value must be set to one of the names listed by
+ <varname>net.inet.tcp.cc.available</varname>, and
+ <literal>newreno</literal> is the default set at boot time.
+ For more
+ detail, see the &man.mod.cc.4; and &man.mod.cc.9; manual pages.</para>
+ <para revision="217806">An &man.h.ertt.4; (Enhanced Round Trip
+ Time) &man.khelp.9; module has been added. This module
+ allows per-connection, low noise estimates of the
+ instantaneous RTT in the TCP/IP network stack with a robust
+ implementation even in the face of delayed acknowledgments
+ and/or TSO (TCP Segmentation Offload) being in use for a
+ connection.</para>
+ <para revision="218912">A new &man.tcp.4; socket option
+ <literal>TCP_CONGESTION</literal> has been added. This
+ allows to select or query the congestion control algorithm
+ that the TCP/IP network stack will use for connections on
+ the socket.</para>
+ <para revision="225586">The &man.ng.ipfw.4; &man.netgraph.4;
+ node now supports IPv6.</para>
+ <para revision="219127">The &man.ng.one2many.4;
+ &man.netgraph.4; node now supports the
+ <literal>XMIT_FAILOVER</literal> transmit algorithm. This
+ makes packets deliver out of the first active
+ <literal>many</literal> hook.</para>
<sect3 id="disks">
<title>Disks and Storage</title>
- <para></para>
+ <para revision="220412">The &man.ada.4; driver now supports
+ write cache control. A new &man.sysctl.8 variable
+ <varname>kern.cam.ada.write_cache</varname> determines
+ whether the write cache of &man.ada.4; devices is enabled or
+ not. Setting to <literal>1</literal> enables and
+ <literal>0</literal> disables the write cache, and <literal>-1</literal>
+ leaves the device default behavior. &man.sysctl.8 variables
+ <varname>kern.cam.ada.<replaceable>N</replaceable>.write_cache</varname>
+ can override the configuration in a per-device basis (the
+ default value is <literal>-1</literal>, which means to use
+ the global setting). Note that the value can be changed at
+ runtime, but it takes effect only after a device
+ reset.</para>
+ <para revision="224905">The &man.arcmsr.4; driver has been
+ updated to version</para>
+ <para revision="219974">The &man.graid.8; GEOM class has been
+ added. This is a replacement of the &man.ataraid.4; driver
+ supporting various BIOS-based software RAID.</para>
+ <para revision="223958">The &man.mxge.4; driver has been
+ updated.</para>
+ <para revision="226115">A &man.tws.4; driver for 3ware 9750
+ SATA+SAS 6Gb/s RAID controllers has been added.</para>
<sect3 id="fs">
<title>File Systems</title>
- <para></para>
+ <para revision="216796">The &os; Fast File System now
+ supports the <literal>TRIM</literal> command when freeing data
+ blocks. A new flag <option>-t</option> in the &man.newfs.8;
+ and &man.tunefs.8; utilities sets the TRIM-enable flag for a
+ file system. The TRIM-enable flag makes the file system
+ send a delete request to the underlying device for each
+ freed block. The <literal>TRIM</literal> command is
+ specified as a Data Set Management Command in the ATA8-ACS2
+ standard to carry the information related to deleted data
+ blocks to a device, especially for a SSD (Solid-State Drive) for
+ optimization.</para>
+ <para revision="221233">A new flag <option>-E</option> has
+ been added to the &man.newfs.8; and &man.fsck.ffs.8; utilities.
+ This clears unallocated blocks, notifying the underlying
+ device that they are not used and that their contents may be
+ discarded. This is useful in &man.fsck.ffs.8; for file
+ systems which have been mounted on systems without
+ <literal>TRIM</literal> support, or with
+ <literal>TRIM</literal> support disabled, as well as
+ filesystems which have been copied from one device to
+ another.</para>
+ <para revision="221436">The &os; NFS subsystem now supports a
+ <option>nocto</option> mount option. This disables the
+ close-to-open cache coherency check at open time. This
+ option may improve performance for read-only mounts, but
+ should only be used only if the data on the server changes
+ rarely. The &man.mount.nfs.8; utility now also supports
+ this flag keyword.</para>
+ <para revision="225537">A &man.loader.8; tunable
+ <varname>vfs.typenumhash</varname> has been added. Setting
+ this to <literal>1</literal> enables to use a hash
+ calculation on the file system identification number
+ internally used in the kernel. This fixes the <quote>Stale
+ NFS file handle</quote> error on NFS clients when upgrading
+ or rebuilding the kernel on the NFS server due to unexpected
+ change of these identification number values. Note that
+ this is set to <literal>0</literal> (disable) by default for
+ backward compatibility.</para>
+ <para revision="219089">The &os; ZFS subsystem has been
+ updated to the SPA (Storage Pool Allocator, also known as
+ zpool) version 28. It now supports data deduplication,
+ triple parity RAIDZ (raidz3), snapshot holds, log device
+ removal, zfs diff, zpool split, zpool import
+ <option>-F</option>, and read-only zpool import.</para>
<sect2 id="userland">
<title>Userland Changes</title>
- <para></para>
+ <para revision="224152,224153,224154">The &man.bsdtar.1; and
+ &man.cpio.1; utilities are now based on
+ <application>libarchive</application> version 2.8.5.</para>
+ <para revision="217416">The &man.cpuset.1; utility now supports
+ a <option>-C</option> flag to create a new cpuset and assign
+ an existing process into that set, and an
+ <literal>all</literal> keyword in the <option>-l
+ <replaceable>cpu-list</replaceable></option> option to specify
+ all CPUs in the system.</para>
+ <para revision="217505">A bug in the &man.fetch.1; utility which
+ could prevent the <command>STAT</command> FTP command from working
+ properly has been fixed.</para>
+ <para revision="219415">The &man.gpart.8; utility now supports a
+ <option>-p</option> flag to the <command>show</command>
+ subcommand. This allows showing providers' names of
+ partitions instead of the partitions' indexes.</para>
+ <para revision="218049">The &man.hastd.8; utility now drops
+ <literal>root</literal> privileges of the worker processes to the
+ <literal>hast</literal> user.</para>
+ <para revision="219351">The &man.hastd.8; utility now supports a
+ <literal>checksum</literal> keyword to specify the checksum
+ algorithm in a <literal>resource</literal> section. As of
+ &release.current;, <literal>none</literal>,
+ <literal>sha256</literal>, and <literal>crc32</literal> are
+ supported.</para>
+ <para revision="219354">The &man.hastd.8; utility now supports a
+ <literal>compression</literal> keyword to specify the compression
+ algorithm in a <literal>resource</literal> section. As of
+ &release.current;, <literal>none</literal>,
+ <literal>hole</literal> and <literal>lzf</literal> are
+ supported.</para>
+ <para revision="219818">The &man.hastd.8; utility now supports a
+ <literal>source</literal> keyword to specify the local address
+ to bind to before connecting the remote &man.hastd.8
+ daemon.</para>
+ <para revision="220370">A &man.readline.3; API set has been
+ imported into <application>libedit</application>. This is
+ based on NetBSD's implementation and BSD licensed utilities
+ now use it instead of GNU
+ <application>libreadline</application>.</para>
+ <para revision="224762">The &man.makefs.8; utility now supports the
+ ISO 9660 format.</para>
+ <para revision="220496,220497"><application>libmd</application>
+ and <application>libcrypt</application> now support the SHA-256
+ and SHA-512 algorithms.</para>
+ <para revision="217642">The &man.netstat.1; utility now does not
+ expose the internal scope address representation used in the &os;
+ kernel, which is derived from KAME IPv6 stack, in the results
+ of <command>netstat -ani</command> and <command>netstat
+ -nr</command>.</para>
+ <para revision="218127">The &man.newsyslog.8; utility now
+ supports &man.xz.1; compression. An <literal>X</literal> flag
+ in the optional field has been added to specify the
+ compression.</para>
+ <para revision="216823">A &man.poweroff.8; utility has been added.
+ This is equivalent to:</para>
+ <screen>&prompt.root; shutdown -p now</screen>
+ <para revision="218397">The &man.ppp.8; utility now supports
+ <command>iface name <replaceable>name</replaceable></command>
+ and <command>iface description
+ <replaceable>description</replaceable></command> commands.
+ These have the same functionalities as the <literal>name</literal>
+ and <literal>description</literal> subcommands of the
+ &man.ifconfig.8; utility.</para>
+ <para revision="219713">The &man.ps.1; utility now supports
+ <option>-o usertime</option> and <option>-o systime</option>
+ options to display accumulated system and user CPU time,
+ respectively.</para>
+ <para revision="222732">The &man.rtadvd.8; daemon now supports a
+ <literal>noifprefix</literal> keyword to disable gathering
+ on-link prefixes from interfaces when no
+ <literal>addr</literal> keyword is specified. An entry in
+ <filename>/etc/rtadvd.conf</filename> with
+ <literal>noifprefix</literal> and no <literal>addr</literal>
+ generates an RA message with no prefix information
+ option.</para>
+ <para revision="222732,224006">The &man.rtadvd.8; daemon now
+ supports the RDNSS and DNSSL options described in RFC 6106,
+ <quote>IPv6 Router Advertisement Options for DNS
+ Configuration</quote>. A &man.rtadvctl.8; utility to control
+ the &man.rtadvd.8; daemon has been added.</para>
+ <para revision="224536">A bug in the &man.tftpd.8; daemon has
+ been fixed. It had an interoperability issue when
+ transferring a large file.</para>
+ <para revision="224171">The &man.zpool.8: utility now supports a
+ <command>zpool labelclear</command> command. This allows to
+ wipe the label data from a drive that is not active in a
+ pool.</para>
<sect3 id="periodic-scripts">
<title><filename>/etc/periodic</filename> Scripts</title>
@@ -225,13 +644,51 @@
<sect2 id="contrib">
<title>Contributed Software</title>
- <para></para>
+ <para revision="224731">The <application>awk</application> has
+ been updated to the 7 August 2011 release.</para>
+ <para><application>ISC BIND</application> has
+ been updated to version 9.6-ESV-R5-P1.</para>
+ <para revision="221793">The <literal>netcat</literal> utility
+ has been updated to version 4.9.</para>
+ <para revision="220150"><application>GNU GCC</application> and
+ <application>libstdc++</application> have been updated to rev
+ 127959 of <literal>gcc-4_2-branch</literal> (the last
+ GPLv2-licensed version).</para>
+ <para revision="222906">The <application>LESS</application>
+ program has been updated to version v444.</para>
+ <para revision="221484,224638">The
+ <application>OpenSSH</application> utility has been updated to
+ 5.4p1, and optimization for large bandwidth-delay product
+ connection and <literal>none</literal> cipher support have
+ been merged</para>
+ <para revision="223067"><application>sendmail</application>
+ has been updated to version 8.14.5.</para>
+ <para revision="226977">The <application>timezone</application>
+ database has been updated to the
+ <application>tzdata2011n</application> release.</para>
+ <para revision="217698">The &man.unifdef.1; utility has been updated
+ to version 2.5.6.</para>
+ <para revision="223935">The <application>xz</application>
+ program has been updated from 5.0.0 to a snapshot as of 11
+ July, 2011.</para>
<sect2 id="ports">
<title>Ports/Packages Collection Infrastructure</title>
- <para></para>
+ <para>The supported version of
+ the <application>KDE</application> desktop environment
+ (<filename role="package">x11/kde4</filename>) has been
+ updated from 4.5.5 to 4.7.4.</para>
<sect2 id="releng">