article.xml revision 145112 
1<articleinfo>
2  <title>&os;/&arch; &release.current; Release Notes</title>
3
4  <corpauthor>The &os; Project</corpauthor>
5
6  <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/relnotes/article.sgml 145112 2005-04-15 14:27:26Z simon $</pubdate>
7
8  <copyright>
9    <year>2000</year>
10    <year>2001</year>
11    <year>2002</year>
12    <year>2003</year>
13    <year>2004</year>
14    <year>2005</year>
15    <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
16  </copyright>
17
18  <legalnotice id="trademarks" role="trademarks">
19    &tm-attrib.freebsd;
20    &tm-attrib.ibm;
21    &tm-attrib.ieee;
22    &tm-attrib.intel;
23    &tm-attrib.sparc;
24    &tm-attrib.general;
25  </legalnotice>
26
27  <abstract>
28    <para>The release notes for &os; &release.current; contain a summary
29      of the changes made to the &os; base system since &release.branch; is created.
30      This document lists applicable security advisories that were issued since
31      the last release, as well as significant changes to the &os;
32      kernel and userland.
33      Some brief remarks on upgrading are also presented.</para>
34  </abstract>
35</articleinfo>
36
37<sect1 id="intro">
38  <title>Introduction</title>
39
40  <para>This document contains the release notes for &os;
41    &release.current; on the &arch.print; hardware platform.  It
42    describes recently added, changed, or deleted features of &os;.
43    It also provides some notes on upgrading
44    from previous versions of &os;.</para>
45
46<![ %release.type.current [
47
48  <para>The &release.type; distribution to which these release notes
49    apply represents the latest point along the &release.branch; development
50    branch since &release.branch; was created.  Information regarding pre-built, binary
51    &release.type; distributions along this branch
52    can be found at <ulink url="&release.url;"></ulink>.</para>
53
54]]>
55
56<![ %release.type.snapshot [
57
58  <para>The &release.type; distribution to which these release notes
59    apply represents a point along the &release.branch; development
60    branch between &release.prev; and the future &release.next;.
61    Information regarding
62    pre-built, binary &release.type; distributions along this branch
63    can be found at <ulink url="&release.url;"></ulink>.</para>
64
65]]>
66
67<![ %release.type.release [
68
69  <para>This distribution of &os; &release.current; is a
70    &release.type; distribution.  It can be found at <ulink
71    url="&release.url;"></ulink> or any of its mirrors.  More
72    information on obtaining this (or other) &release.type;
73    distributions of &os; can be found in the <ulink
74    url="&url.books.handbook;/mirrors.html"><quote>Obtaining
75    &os;</quote> appendix</ulink> to the <ulink
76    url="&url.books.handbook;/">&os;
77    Handbook</ulink>.</para>
78
79]]>
80
81  <para>All users are encouraged to consult the release errata before
82    installing &os;.  The errata document is updated with
83    <quote>late-breaking</quote> information discovered late in the
84    release cycle or after the release.  Typically, it contains
85    information on known bugs, security advisories, and corrections to
86    documentation.  An up-to-date copy of the errata for &os;
87    &release.current; can be found on the &os; Web site.</para>
88
89</sect1>
90
91<sect1 id="new">
92  <title>What's New</title>
93
94  <para>This section describes
95    the most user-visible new or changed features in &os;
96    since &release.prev;.
97    In general, changes described here are unique to the &release.branch;
98    branch unless specifically marked as &merged; features.
99  </para>
100
101  <para>Typical release note items
102    document recent security advisories issued after
103    &release.prev.historic;,
104    new drivers or hardware support, new commands or options,
105    major bug fixes, or contributed software upgrades.  They may also
106    list changes to major ports/packages or release engineering
107    practices.  Clearly the release notes cannot list every single
108    change made to &os; between releases; this document focuses
109    primarily on security advisories, user-visible changes, and major
110    architectural improvements.</para>
111
112  <sect2 id="security">
113    <title>Security Advisories</title>
114
115    <para>A bug in the &man.fetch.1; utility, which allows
116      a malicious HTTP server to cause arbitrary portions of the client's
117      memory to be overwritten, has been fixed.
118      For more information, see security advisory
119      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:16.fetch.asc">FreeBSD-SA-04:16.fetch</ulink>.
120      &merged;</para>
121
122    <para>A bug in &man.procfs.5; and &man.linprocfs.5;
123      which could allow a malicious local user to read parts of kernel
124      memory or perform a local
125      denial of service attack by causing a system panic,
126      has been fixed.
127      For more information, see security advisory
128      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:17.procfs.asc">FreeBSD-SA-04:17.procfs</ulink>.
129      &merged;</para>
130
131    <para>Two buffer overflows in the TELNET client program have been
132      corrected.  They could have allowed a malicious TELNET server or
133      an active network attacker to cause &man.telnet.1; to execute
134      arbitrary code with the privileges of the user running it.
135      More information can be found in security advisory
136      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc">FreeBSD-SA-05:01.telnet</ulink>.
137      &merged;</para>
138
139    <para>A information disclosure vulnerability in the
140      &man.sendfile.2; system call, which could permit it to transmit
141      random parts of kernel memory, has been fixed.  More details are
142      in security advisory
143      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:02.sendfile.asc">FreeBSD-SA-05:02.sendfile</ulink>.
144      &merged;</para>
145
146    <para>A possible privilege escalation vulnerability on &os;/amd64
147      has been fixed.  This allows unprivileged users to gain direct
148      access to some hardware which cannot be accessed
149      without the elevated privilege level.  More details are in security advisory
150      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc">FreeBSD-SA-05:03.amd64</ulink>.
151      &merged;</para>
152
153    <para>An information leak vulnerability in the
154      <literal>SIOCGIFCONF</literal> &man.ioctl.2;, which leaked 12
155      bytes of kernel memory, has been fixed.  More details are in security advisory
156      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:04.ifconf.asc">FreeBSD-SA-05:04.ifconf</ulink>.
157      &merged;</para>
158
159  </sect2>
160
161  <sect2 id="kernel">
162    <title>Kernel Changes</title>
163
164    <para arch="i386">Support for 80386 processors (the
165      <literal>I386_CPU</literal> kernel configuration option) has
166      been removed.  Users running this class of CPU should use &os;
167      5.<replaceable>X</replaceable> or earlier.</para>
168
169    <para>The kernel debugger &man.ddb.4; now supports a
170      <command>show alllocks</command> command, which dumps a list of processes
171      and threads currently holding sleep mutexes (and spin mutexes for
172      the current thread).  &merged;</para>
173
174    <para>The &man.jail.8; feature now supports a new sysctl
175      <varname>security.jail.chflags_allowed</varname>, which controls the
176      behavior of &man.chflags.1; within a jail.
177      If set to <literal>0</literal> (the default), then a jailed <username>root</username> user is
178      treated as an unprivileged user; if set to <literal>1</literal>, then
179      a jailed root user is treated the same as an unjailed <username>root</username> user.  &merged;</para>
180
181    <para arch="alpha,amd64,i386,sparc64">The loader tunable <varname>debug.mpsafevm</varname>
182      has been enabled by default.  &merged;</para>
183
184    <para>&man.memguard.9;, a kernel memory allocator designed to help detect
185      <quote>tamper-after-free</quote> scenarios, has been added.
186      This must be explicitly enabled via <literal>options
187      DEBUG_MEMGUARD</literal>, plus small kernel modifications.  It
188      is generally intended for use by kernel developers.</para>
189
190    <para>A number of bugs have been fixed in the ULE
191      scheduler. &merged;</para>
192
193    <para>Fine-grained locking to allow much of the VFS stack to run
194      without the Giant lock has been added.  This is enabled by default
195      on the alpha, amd64, and i386 architectures, and can be disabled
196      by setting the loader tunable (and sysctl variable)
197      <varname>debug.mpsafevfs</varname> to
198      <literal>0</literal>.</para>
199
200    <para arch="i386">A bug in Inter-Processor Interrupt (IPI)
201      handling, which could cause SMP systems to crash under heavy
202      load, has been fixed.  More details are contained in errata note
203      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/ERRATA/notices/FreeBSD-EN-05:03.ipi.asc">FreeBSD-EN-05:03.ipi</ulink>.
204      &merged;</para>
205
206    <para>System V IPC objects (message queues, semaphores, and shared
207      memory) now have support for Mandatory Access Control policies,
208      notably &man.mac.biba.4;, &man.mac.mls.4;, &man.mac.stub.4;, and
209      &man.mac.test.4;.</para>
210
211    <para arch="i386">Memory allocation for legacy PCI bridges has
212      been limited to the top 32MB of RAM.  Many older, legacy bridges
213      only allow allocation from this range.  This change only applies
214      to devices which do not have their memory assigned by the BIOS.
215      This change fixes the <quote>bad Vcc</quote> error of CardBus
216      bridges (&man.pccbb.4;). &merged;</para>
217
218    <para>The &man.sysctl.3; MIBs beginning with <quote>debug</quote>
219      now require the kernel option <literal>options SYSCTL_DEBUG</literal>.
220      This option is disabled by default.</para>
221
222    <para>The generic &man.tty.4; driver interface has been added
223      and many device drivers including
224      &man.cx.4; (<literal>{tty,cua}x</literal>),
225      &man.cy.4; (<literal>{tty,cua}c</literal>),
226      &man.digi.4; (<literal>{tty,cua}D</literal>),
227      &man.rc.4; (<literal>{tty,cua}m</literal>),
228      &man.rp.4; (<literal>{tty,cua}R</literal>),
229      &man.sab.4; (<literal>{tty,cua}z</literal>),
230      &man.si.4; (<literal>{tty,cua}A</literal>),
231      &man.sio.4; (<literal>{tty,cua}d</literal>),
232      sx (<literal>{tty,cua}G</literal>),
233      &man.uart.4; (<literal>{tty,cua}u</literal>),
234      &man.ubser.4; (<literal>{tty,cua}y</literal>),
235      &man.ucom.4; (<literal>{tty,cua}U</literal>), and
236      &man.ucycom.4; (<literal>{tty,cua}y</literal>)
237      have been rewritten to use it.  Note that <filename>/etc/remote</filename>
238      and <filename>/etc/ttys</filename> have been updated as well.</para>
239
240    <para>The &man.vkbd.4; driver has been added.  This driver
241      provides a software loopback mechanism that can implement
242      a virtual AT keyboard similar to what the &man.pty.4; driver
243      does for terminals.</para>
244
245    <!-- Above this line, sort kernel changes by manpage/keyword-->
246
247    <para arch="i386,amd64,ia64">The default <varname>HZ</varname>
248      parameter (which controls various kernel timers) has been
249      increased from <literal>100</literal> to <literal>1000</literal>
250      on the i386 and ia64.  It has been reduced from
251      <literal>1024</literal> to <literal>1000</literal> on the amd64
252      to reduce synchronization effects with other system
253      clocks.</para>
254
255    <para>The maximum length of shell commands has changed from 128
256      bytes to <varname>PAGE_SIZE</varname>.  By default, this value
257      is either 4KB (i386, pc98, amd64, and powerpc) or 8KB (sparc64
258      and ia64).  As a result, compatibility modules need to be
259      rebuilt to stay synchronized with data structure changes in the
260      kernel.</para>
261
262    <sect3 id="boot">
263      <title>Boot Loader Changes</title>
264
265      <para arch="i386">A serial console-capable version of
266	<filename>boot0</filename> has been added.  It can be written
267	to a disk using &man.boot0cfg.8; and specifying
268	<filename>/boot/boot0sio</filename> as the argument to the
269	<option>-b</option> option.</para>
270
271      <para arch="i386"><filename>cdboot</filename> now works around a
272	BIOS problem observed on some systems when booting from USB
273	CDROM drives.</para>
274
275      <para>The <command>autoboot</command> loader command
276	now supports the prompt parameter.</para>
277
278      <para>A loader menu option to set <varname>hint.atkbd.0.flags=0x1</varname>
279	has been added.  This setting allows USB keyboards to work
280	if no PS/2 keyboard is attached.</para>
281
282      <para>The beastie boot menu has been disabled by default.</para>
283
284      <!-- Above this line, order boot loader changes by keyword-->
285
286    </sect3>
287
288    <sect3 id="proc">
289      <title>Hardware Support</title>
290
291      <para arch="i386,amd64">The &man.acpi.4; driver now turns
292	the ACPI and PCI devices off or to a lower power state
293	when suspending, and back on again when resuming.
294	This behavior can be disabled by
295	setting the <varname>debug.acpi.do_powerstate</varname> and
296	<varname>hw.pci.do_powerstate</varname> sysctls to <literal>0</literal>.</para>
297
298      <para arch="i386,amd64">The acpi_ibm driver for IBM laptops
299	has been added.</para>
300
301      <para arch="i386,amd64">The &man.acpi.fujitsu.4; driver for handling
302        &man.acpi.4;-controlled buttons Fujitsu laptops has been added.</para>
303
304      <para arch="i386,amd64">The acpi_sony driver,
305	which supports the Sony Notebook Controller on various
306	Sony laptops has been added.</para>
307
308      <para arch="sparc64">The &man.auxio.4; driver has been to drive
309	some auxiliary I/O functions found on various SBus/EBus
310	&ultrasparc; models. &merged;</para>
311
312      <para arch="sparc64">The clkbrd driver has been added to support
313	the <literal>clock-board</literal> device frequently found on
314	Sun E<replaceable>xx</replaceable>00 servers.</para>
315
316      <para>A framework for flexible processor speed control has been
317	added.  It provides methods for various drivers to control CPU
318	power utilization by adjusting the processor speed.  More
319	details can be found in the &man.cpufreq.4; manual page. &merged;
320	Currently supported drivers include ichss (Intel SpeedStep for ICH),
321	acpi_perf (ACPI CPU performance states), and acpi_throttle
322	(ACPI CPU throttling).  The latter two drivers are contained
323	in the &man.acpi.4; driver.  These can individually be disabled by setting device
324	hints such as <varname>hint.<replaceable>ichss</replaceable>.0.disabled="1"</varname>.</para>
325
326      <para arch="i386">Support for the OLDCARD subsystem has
327	been removed.  The NEWCARD system is now used for all PCCARD
328	device support.</para>
329
330      <para>The pcii driver has been added to support GPIB-PCIIA IEEE-488
331	cards. &merged;</para>
332
333      <para>The &man.atkbd.4; driver now supports a <literal>0x8</literal>
334	(bit 3) flag to disable testing the keyboard port during
335	the device probe as this can cause hangs on some machines,
336	specifically Compaq R3000Z series amd64 laptops.</para>
337
338      <para arch="i386">The &man.pbio.4; driver,
339	which supports direct access to
340	the Intel 8255A programmable peripheral interface (PPI)
341	chip running in mode 0 (simple I/O) has been added.</para>
342
343      <para>The &man.psm.4; driver now has improved support for
344	Synaptics Touchpad users.  It now has better tracking of
345	slow-speed movement and support for various extra
346	buttons and dials.  These features can be tuned with the
347	<varname>hw.psm.synaptics.<replaceable>*</replaceable></varname>
348	hierarchy of sysctl variables.</para>
349
350      <para arch="sparc64">The rtc driver has been added to support
351	the MC146818-compatible clock found on some &ultrasparc; II
352	and III models. &merged;</para>
353
354      <para arch="sparc64">The &man.uart.4; driver is now enabled in
355	the <filename>GENERIC</filename> kernel, and is now the
356	default driver for serial ports.  The ofw_console and
357	&man.sab.4; drivers are now disabled in the
358	<filename>GENERIC</filename> kernel. &merged;</para>
359
360      <para>The &man.uplcom.4; driver now supports handling of the
361	<literal>CTS</literal> signal.</para>
362
363      <para>The &man.ehci.4; driver has been improved.</para>
364
365      <para arch="sparc64">The zs driver has been removed
366	in favor of the &man.uart.4; driver.</para>
367
368      <sect4 id="mm">
369	<title>Multimedia Support</title>
370
371	<para arch="sparc64">The &man.snd.audiocs.4; driver has been
372	  added to support the Crystal Semiconductor CS4231 audio
373	  controller found on &ultrasparc;
374	  workstations. &merged;</para>
375
376	<para>The &man.uaudio.4; driver now has some added
377	  functionality, including volume control on more inputs and
378	  recording capability on some devices.</para>
379
380      </sect4>
381
382      <sect4 id="net-if">
383	<title>Network Interface Support</title>
384
385	<para>The &man.ath.4; driver has been updated to split the
386	  transmit rate control algorithm into a separate module.
387	  One of <literal>device ath_rate_onoe</literal>,
388	  <literal>device ath_rate_amrr</literal>, or
389	  <literal>device ath_rate_sample</literal> must be included in
390	  the kernel configuration when using the &man.ath.4;
391	  driver.</para>
392
393	<para>The &man.bge.4; driver now supports the &man.altq.4;
394	  framework.</para>
395
396	<para>The &man.cdce.4; USB Communication Device Class Ethernet
397	  driver has been added. &merged;</para>
398
399	<para>The &man.cp.4; driver is now MPSAFE. &merged;</para>
400
401	<para>The &man.ctau.4; driver is now MPSAFE. &merged;</para>
402
403	<para>The &man.cx.4; driver is now MPSAFE. &merged;</para>
404
405	<para>The &man.dc.4; driver now supports the &man.altq.4; framework.</para>
406
407	<para>The &man.ed.4; driver now supports the &man.altq.4;
408	  framework.  &merged;</para>
409
410	<para>In the &man.em.4; driver, hardware support for VLAN
411	  tagging is now disabled by default due to some interactions
412	  between this feature and promiscuous mode. &merged;</para>
413
414	<para>Ethernet flow control is now disabled by default in the
415	  &man.fxp.4; driver, to prevent problems with a system panics
416	  or is left in the kernel debugger. &merged;</para>
417
418	<para>The gx(4) driver has been removed because
419	  it is no longer maintained actively and
420	  the &man.em.4; driver supports all of the supported hardware.</para>
421	  
422	<para>The &man.hme.4; driver is now MPSAFE. &merged;</para>
423
424	<para>The &man.ixgb.4; driver is now MPSAFE.</para>
425
426	<para arch="amd64">The &man.ndis.4; device driver wrapper now
427	  supports &windows;/x86-64 binaries on amd64
428	  systems. &merged;</para>
429
430	<para arch="i386,amd64">The nve driver, which supports the
431	  nVidia nForce MCP Networking Adapter, has been added.</para>
432
433	<para>The &man.re.4; driver now supports the &man.altq.4;
434	  framework.  &merged;</para>
435
436	<para>The &man.sf.4; driver now has support for device polling
437	  and &man.altq.4;. &merged;</para>
438
439	<para>Several programming errors in the &man.sk.4; driver have
440	  been corrected.  These bugs were particular to SMP systems, and
441	  could cause panics, page faults, aborted SSH connections, or
442	  corrupted file transfers.  More details can be found in
443	  errata note
444	  <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/ERRATA/notices/FreeBSD-EN-05:02.sk.asc">FreeBSD-EN-05:02.sk</ulink>.
445	  &merged;</para>
446
447	<para>The &man.sk.4; driver now has support for &man.altq.4;.
448	  This driver also now supports jumbo frames on Yukon-based
449	  interfaces. &merged;</para>
450
451	<para>The &man.vge.4; driver now has support for device polling
452	  (&man.polling.4;).</para>
453
454	<para>Support for 802.11 devices in the &man.wlan.4; framework has been
455	  greatly overhauled.  In addition to architectural changes,
456	  it includes completed 802.11g, WPA, 802.11i, 802.1x,
457	  WME/WMM, AP-side power-saving, and plugin frameworks for
458	  cryptography modules, authenticators, and access control.
459	  Note in particular that WEP now requires the
460	  <filename>wlan_wep</filename> module to be loaded (or
461	  compiled) into the kernel.</para>
462
463	<para>The &man.xl.4; driver now supports
464	  &man.polling.4;.</para>
465
466      </sect4>
467    </sect3>
468
469    <sect3 id="net-proto">
470      <title>Network Protocols</title>
471
472      <para>The MTU feedback in IPv6 has been disabled when the sender writes
473	data that must be fragmented.  &merged;</para>
474
475      <para>The Common Address Redundancy Protocol (CARP) has
476	been implemented.  CARP comes from OpenBSD and allows
477	multiple hosts to share an IP address, providing
478	high availability and load balancing.
479	For more information, see the &man.carp.4; manual page.  &merged;</para>
480
481      <para>The &man.ipfw.4; <literal>IPDIVERT</literal> option is now
482	available as a kernel loadable module.
483	If this module is not loaded, &man.ipfw.4; will refuse to
484	install <literal>divert</literal> rules and &man.natd.8;
485	will return the error message <quote>protocol not supported</quote>.</para>
486
487      <para>The &man.ipfw.4; system can work with
488	<varname>debug.mpsafenet</varname>=<literal>1</literal>
489	(this tunable is <literal>1</literal> by default)
490	when the <literal>gid</literal>, <literal>jail</literal>,
491	and/or <literal>uid</literal> rule options are used.  &merged;</para>
492
493      <para>&man.ipfw.8; now supports classification and tagging
494	of &man.altq.4; packets via a divert socket,
495	as well as the TCP data length.</para>
496
497      <para>The &man.ipfw.8; <literal>ipfw fwd</literal> rule now supports
498	the full packet destination manipulation when the kernel option
499	<literal>options IPFIREWALL_FORWARD_EXTENDED</literal> is specified
500	in addition to <literal>options IPFIRWALL_FORWARD</literal>.
501	This kernel option disables all restrictions to ensure proper
502	behavior for locally generated packets and allows redirection of
503	packets destined to locally configured IP addresses.
504	Note that &man.ipfw.8; rules have to be carefully crafted to
505	make sure that things like PMTU discovery do not break. &merged;</para>
506
507      <para>&man.ipnat.8; now allows redirect rules to
508	work for non-TCP/UDP packets.  &merged;</para>
509
510      <para>Ongoing work is reducing the use of the Giant lock by the
511	network protocol stack and improving the locking
512	strategies.</para>
513
514      <para>A new &man.ng.ipfw.4; NetGraph node provides
515	a simple interface between the &man.ipfw.4; and &man.netgraph.4;
516	facilities.</para>
517
518      <para>A new &man.ng.netflow.4; NetGraph node allows a router
519	running &os; to do NetFlow version 5 exports. &merged;</para>
520
521      <para>The &man.sppp.4; driver now includes Frame Relay
522	support. &merged;</para>
523
524      <para>The &man.sppp.4; driver is now MPSAFE.</para>
525
526      <para>A bug in TCP that sometimes caused RST packets to
527	be ignored if the receive window was zero bytes has been
528	fixed. &merged;</para>
529
530      <para>The <literal>RST</literal>
531	handling of the &os; TCP stack has been improved
532	to make reset attacks as difficult as possible while
533	maintaining compatibility with the widest range of TCP stacks.
534	The algorithm is as follows:  For connections in the
535	<literal>ESTABLISHED</literal>
536	state, only resets with sequence numbers exactly matching
537	<varname>last_ack_sent</varname> will cause a reset;
538	all other segments will
539	be silently dropped. For connections in all other states,
540	a reset anywhere in the window will cause the connection
541	to be reset.  All other segments will be silently dropped.
542	Note that this behavior technically violates the RFC 793 specification;
543	the conventional (but less secure) behavior can be restored
544	by setting a new sysctl <varname>net.inet.tcp.insecure_rst</varname>
545	to <literal>1</literal>.  &merged;</para>
546
547      <para>Several bugs in the TCP SACK implementation have been
548	fixed. &merged;</para>
549
550      <para>RFC 1644 T/TCP support has been removed.  This is because
551	the design is based on a weak security model that can easily
552	permit denial-of-service attacks.  This TCP
553	extension has been considered a defective one in
554	a recent Internet Draft.</para>
555
556      <para>The KAME IPv4 IPsec implementation integrated
557	in &os; now supports TCP-MD5.  &merged;</para>
558
559      <para>Random ephemeral port number allocation has led to some
560        problems with port reuse at high connection rates.  This
561        feature is now disabled during periods of high connection
562        rates; whenever new connections are created faster than
563        <varname>net.inet.ip.portrange.randomcps</varname> per second,
564        port number randomization is disabled for the next
565        <varname>net.inet.ip.portrange.randomtime</varname>
566        seconds.  The default values for these two sysctl variables
567        are <literal>10</literal> and <literal>45</literal>,
568        respectively. &merged;</para>
569
570      <para>Fine-grained locking has been applied to many of the data
571	structures in the IPX/SPX protocol stack.  While not fully
572	MPSAFE at this point, it is generally safe to use IPX/SPX
573	without the Giant lock (in other words, the
574	<varname>debug.mpsafenet</varname> sysctl variable may be set
575	to <literal>1</literal>).</para>
576
577    </sect3>
578
579    <sect3 id="disks">
580      <title>Disks and Storage</title>
581
582      <para>The &man.amr.4; driver is now safe for use on systems
583	using &man.pae.4;. &merged;</para>
584
585      <para arch="i386,ia64">The &man.arcmsr.4; driver has been added.
586	It supports the Areca ARC-11<replaceable>xx</replaceable> and
587	ARC-12<replaceable>xx</replaceable> series of SATA RAID
588	controllers.  &merged;</para>
589
590      <para>The SHSEC GEOM class has been added.  It provides for the
591	sharing of a secret between multiple GEOM providers.  All of
592	these providers must be present in order to reveal the
593	secret.  This feature is controlled by the &man.gshsec.8;
594	utility. &merged;</para>
595
596      <para>The &man.hptmv.4; driver, which supports the HighPoint
597	RocketRAID 182x series, has been added. &merged;</para>
598
599      <para>The &man.ips.4; driver now support kernel crash dumps
600	on some modern ServeRAID models.  &merged;</para>
601
602      <para>The &man.matcd.4; driver has been removed. &merged;</para>
603
604      <para>The default SCSI boot-time probe delay in the
605	<filename>GENERIC</filename> kernel has been reduced from
606	fifteen seconds to five seconds.</para>
607
608      <para>The old vinum(4) subsystem has been removed
609	in favor of the new &man.geom.4;-based version.</para>
610
611      <para arch="pc98">The &man.wd.4; driver has been removed.  The
612	&man.ata.4; driver has been found to work well enough on the
613	pc98 platform that there is no need for the older &man.wd.4;
614	driver.</para>
615
616      <para>Information about newly-mounted cd9660 file systems (such
617	as the presence of RockRidge extensions) is now only printed
618	if the kernel was booted in verbose mode.  This change was
619	made to reduce the amount of (generally unnecessary) kernel
620	log messages. &merged;</para>
621
622    </sect3>
623
624    <sect3 id="fs">
625      <title>File Systems</title>
626
627      <para>Recomputing the summary information for
628	<quote>dirty</quote> UFS and UFS2 file systems is no longer
629	done at mount time, but is now done by background
630	&man.fsck.8;.  This change improves the startup speed when
631	mounting large file systems after a crash.  The prior behavior
632	can be restored by setting the
633	<varname>vfs.ffs.compute_summary_at_mount</varname> sysctl
634	variable to a non-zero value.  &merged;</para>
635
636      <para>A kernel panic in the NFS server has been fixed.  More
637	details can be found in errata note
638	<ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/ERRATA/notices/FreeBSD-EN-05:01.nfs.asc">FreeBSD-EN-05:01.nfs</ulink>.
639	&merged;</para>
640
641    </sect3>
642
643    <sect3>
644      <title>Contributed Software</title>
645
646      <para><application>ACPI-CA</application> has been updated from
647	20040527 to 20041119. &merged;</para>
648
649    </sect3>
650  </sect2>
651
652  <sect2 id="userland">
653    <title>Userland Changes</title>
654
655    <para>The &man.burncd.8; utility now allows commands (such as
656      <command>eject</command>) to take place after fixating a
657      disk.</para>
658
659    <para>The &man.ftpd.8; program now uses the <literal>212</literal>
660      and <literal>213</literal> status codes for directory
661      and file status correctly (<literal>211</literal> was used in
662      the previous versions).  This behavior is described in RFC 959.
663      &merged;</para>
664
665    <para>The <literal>create</literal> command of the &man.gpt.8;
666      utility now supports a <option>-f</option> command-line flag to
667      force creation of a GPT even when there is an MBR record on a
668      disk. &merged;</para>
669
670    <para>The &man.getaddrinfo.3; function now queries <literal>A</literal>
671      DNS resource records before <literal>AAAA</literal> records
672      when <literal>AF_UNSPEC</literal> is specified.
673      Some broken DNS servers return <literal>NXDOMAIN</literal>
674      against non-existent <literal>AAAA</literal> queries,
675      even when it should return <literal>NOERROR</literal>
676      with empty return records.  This is a problem for an IPv4/IPv6 dual
677      stack node because the <literal>NXDOMAIN</literal> returned
678      by the first query of an <literal>AAAA</literal> record makes
679      the querying server stop attempting to resolve the <literal>A</literal>
680      record if any.  Also, this behavior has been recognized as a potential
681      denial-of-service attack (see <ulink url="http://www.kb.cert.org/vuls/id/714121"></ulink>
682      for more details).
683      Note that although the query order has been changed,
684      the returned result still includes
685      <literal>AF_INET6</literal> records before
686      <literal>AF_INET</literal> records.  &merged;</para>
687
688    <para>The gvinum(8) utility now supports
689      <command>checkparity</command>,
690      <command>rebuildparity</command>, and
691      <command>setstate</command>
692      subcommands.  &merged;</para>
693
694    <para>The &man.ifconfig.8; utility has been restructured.  It is
695      now more modular and flexible with respect to supporting
696      interface-specific functionality.  The 802.11 support has been
697      updated to support recent changes to the 802.11 subsystem and
698      drivers.</para>
699
700    <para>Support for abbreviated forms of a number of &man.ipfw.8;
701      options has been deprecated.  Warnings are printed to stderr
702      indicating the correct full form when one of these abbreviations
703      is detected.</para>
704
705    <para>The on-disk format of <literal>LC_CTYPE</literal> files has
706      been changed to be machine-independent.</para>
707
708    <para>A bug in the <filename>libalias</filename> library
709      which causes a core dump when the <option>-reverse</option>
710      option is specified in &man.natd.8; has been fixed.</para>
711
712    <para>The <filename>libarchive</filename> library (as well as the
713      &man.tar.1; command that uses it) now has support for reading ISO
714      images (with optional RockRidge extensions) and ZIP archives
715      (with <literal>deflate</literal> and <literal>none</literal>
716      compression). &merged;</para>
717
718    <para>The <filename>libarchive</filename> library now supports
719      handling a ZIP archive entry with more than 4GB compressed size (ZIP64
720      extension) and Unix extension.</para>
721
722    <para>The <filename>libgpib</filename> library has been added to
723      give userland access to GPIB devices (using the the pcii driver)
724      via the
725      <function>ib<replaceable>foo</replaceable></function>
726      API. &merged;</para>
727
728    <para>The default stack sizes in <filename>libpthread</filename>,
729      <filename>libthr</filename>,
730      and <filename>libc_r</filename> have been increased.  On 32-bit
731      platforms, the main thread receives a 2MB stack size by default,
732      with other threads receiving a 1MB stack size by default.  On
733      64-bit platforms, the default stack sizes are 4MB and 2MB
734      respectively.</para>
735
736    <para>The <filename>libxpg4</filename> library has been removed
737      because all of its functionality was long ago merged into
738      <filename>libc</filename>.
739      All binaries linked with <filename>libxpg4</filename>
740      must be recompiled or use &man.libmap.conf.5;.
741      Note that the &os; base system has no such binaries.</para>
742
743    <para>The &man.lpd.8; program now checks to make sure the data
744      file has been completely transfered before starting to
745      print it when a data file received from some other host.
746      Some implementations of &man.lpr.1; send the control file
747      for a print job before sending the matching data files,
748      which can cause problems if the receiving host is
749      a busy print-server.  &merged;</para>
750
751    <para>A number of new functions have been implemented in the
752      &man.math.3; library.  These include &man.ceill.3;,
753      &man.floorl.3;, &man.ilogbl.3;, &man.fma.3; and variants,
754      &man.lrint.3; and variants, and &man.lround.3; and
755      variants. &merged;</para>
756
757    <para>The &man.mknod.8; utility is now deprecated.
758      Device nodes have been managed by the &man.devfs.5; device file
759      system since &os; 5.0.</para>
760
761    <para arch="i386">The &man.mkuzip.8; utility, which
762      compresses file system images for use with
763      <literal>GEOM_UZIP</literal> &man.geom.4; module,
764      has been added. &merged;</para>
765
766    <para>The &man.moused.8; daemon now supports <quote>virtual
767      scrolling</quote>, in which mouse motions made while holding
768      down the middle mouse button are interpreted as scrolling.  This
769      feature is enabled with the <option>-V</option>
770      flag. &merged;</para>
771
772    <para>A separate directory has been added for &man.named.8;
773      dynamic zones which is owned by the <username>bind</username> user
774      (for creation of the zone journal file).
775      For more detail, see an example dynamic zone in the sample
776      &man.named.conf.5;.  &merged;</para>
777
778    <para>The &man.ncal.1; utility now supports a <option>-m</option>
779      flag to generate a calendar for a specified month in the current
780      year. &merged;</para>
781
782    <para>The &man.newfs.8; utility now supports a <option>-n</option>
783      flag to suppress the creation of a <filename>.snap</filename>
784      directory on new file systems.  This feature is intended for use
785      on memory or vnode file systems that will not require snapshot
786      support. &merged;</para>
787
788    <para>The &man.newfs.8; utility now emits a warning when creating
789      a UFS or UFS2 file system that cannot support snapshots.  This
790      situation can occur in the case of very large file systems with
791      small block sizes. &merged;</para>
792
793    <para>The &man.newsyslog.8; utility now supports
794	a <option>-d</option> option to specify an alternate root for log files
795	similar to <varname>DESTDIR</varname> in the BSD make process.
796	This only affects log file paths, not configuration file (<option>-f</option>)
797	or archive directory (<option>-a</option>) paths.</para>
798
799    <para>The &man.newsyslog.8; utility now supports a
800      <option>-N</option> that causes it not to rotate any files.</para>
801
802    <para>The <literal>NO_NIS</literal> compile-time knob for userland
803      has been added.  As its name implies, enabling this
804      <filename>Makefile</filename> variable will cause NIS support to
805      be excluded from various programs and will cause the NIS
806      utilities to not be built. &merged;</para>
807
808    <para>For years, &os; has used <filename>Makefile</filename>
809      variables of the form
810      <varname>NO<replaceable>FOO</replaceable></varname> and
811      <varname>NO_<replaceable>FOO</replaceable></varname>.  For
812      consistency, those variables using the former naming convention
813      have been converted to the
814      <varname>NO_<replaceable>FOO</replaceable></varname> form.  The
815      file <filename>/usr/share/mk/bsd.compat.mk</filename> has a
816      complete list of these variables; it also implements some
817      temporary backward compatibility for the old names.</para>
818
819    <para>The &man.periodic.8; security output now supports the display of
820      information about blocked packet counts from &man.pf.4;.  &merged;</para>
821
822    <para>The &man.pgrep.1; now supports an <option>-S</option> option
823      which allows to match system processes (kernel threads).</para>
824
825    <para>The &man.pgrep.1; and &man.pkill.1; now support an
826      <option>-F</option> option which allows to use file where PID is stored
827      for matching.</para>
828
829    <para>The &man.pgrep.1; and &man.pkill.1; now support an
830      <option>-i</option> option to ignore case in the process match.</para>
831
832    <para>The &man.pgrep.1; and &man.pkill.1; now support an
833      <option>-j</option> option which allows to match processes
834      based on its &man.jail.2; ID.</para>
835
836    <para>The &man.pgrep.1; and &man.pkill.1; now support an
837      <option>-o</option> option which allows to match oldest
838      (least recently started) of the matching processes.</para>
839
840    <para>The &man.powerd.8; program for managing power consumption has been
841      added.</para>
842
843    <para>The &man.ppp.8; program now implements an
844      <option>echo</option> parameter, which allows LCP ECHOs to be
845      enabled independently of LQR reports.  Older versions of
846      &man.ppp.8; would revert to LCP ECHO mode on negotiation
847      failure.  It is now necessary to specify <command>enable
848      echo</command> to get this behavior. &merged;</para>
849
850    <para>The <option>disable NAS-IP-Address</option> and
851      <option>disable NAS-Identifier</option> options,
852      which support pre-RFC 2865 RADIUS servers
853      have been added to the &man.ppp.8; program.</para>
854
855    <para>Two bugs in the &man.pppd.8; program have been fixed.
856      They may result in an incorrect CBCP response,
857      which violates the Microsoft PPP Callback Control Protocol
858      section 3.2.  &merged;</para>
859
860    <para>The &man.ps.1; now supports a <literal>jid</literal>
861      keyword in the <option>-o</option> option.  It displays
862      &man.jail.2; ID of each process.</para>
863
864    <para>The &man.pstat.8; now supports a <option>-h</option> option
865      to print swap sizes with SI prefixes such as K, M, and G,
866      which are used to form binary multiples.</para>
867
868    <para>The &man.rescue.8; utilities in the <filename>/rescue</filename>
869      directory now include &man.bsdtar.1; instead of GNU tar.</para>
870
871    <para>The &man.restore.8; utility has regained the ability to read
872      &os; version 1 dump tapes.</para>
873
874    <para>A bug of the &man.rexecd.8; utility which results in
875      it behaving as if the <option>-i</option> option is always
876      specified has been fixed.  &merged;</para>
877
878    <para>The &man.rm.1; utility now supports an <option>-I</option>
879      option that asks for confirmation (once) if recursively
880      removing directories or if more than 3 files are listed in the
881      command line. &merged;</para>
882
883    <para>The &man.rm.1; utility now suppresses diagnostic messages
884      when it attempts to remove a non-existent directory
885      with the <option>-r</option> and <option>-f</option> options
886      specified.  This behavior is required by
887      Version 3 of the Single UNIX Specification (SUSv3).</para>
888
889    <para>An &man.rpmatch.3; library function has been added to check
890      a string for being an affirmative or negative response in the
891      current locale.</para>
892
893    <para>The &man.rtld.1; dynamic linker now supports specifying
894      library replacements via the <varname>LD_LIBMAP</varname>
895      environment variable.  This variable will override the entries
896      in &man.libmap.conf.5;. &merged;</para>
897
898    <para>The rune(3) non-standard multibyte and wide character support
899      interface has been removed.</para>
900
901    <para>The &man.strftime.3; function now supports some GNU extensions
902      such as <literal>-</literal> (no padding),
903      <literal>_</literal> (use space as padding),
904      and <literal>0</literal> (zero padding). &merged;</para>
905
906    <para>The &man.syslog.3; function is now thread-safe. &merged;</para>
907
908    <para>The &man.syslogd.8; utility now opens an additional domain
909      socket (<filename>/var/run/logpriv</filename> by default),
910      with <literal>0600</literal> permissions to be used
911      by privileged programs.  This prevents privileged
912      programs from locking when the domain sockets
913      run out of buffer space due to a
914      local denial-of-service attack. &merged;</para>
915
916    <para>The &man.syslogd.8; utility now allows
917      <literal>:</literal> and <literal>%</literal>
918      characters in the hostname specifications.
919      These characters are used in IPv6 addresses and scope IDs.</para>
920
921    <para>The &man.systat.1; <option>-netstat</option> display is now
922      IPv6-aware. &merged;</para>
923
924    <para>The <option>-f</option> option of &man.tail.1; utility
925      now supports more than one file at a time. &merged;</para>
926
927    <para>The &man.telnet.1; and &man.telnetd.8; programs now support
928      the <option>-S</option> option for specifying a numeric TOS
929      byte.</para>
930
931    <para>Prepending a <literal>+</literal> character to port numbers
932      passed to &man.telnet.1; program will now disable option
933      negotiation and allow the transfer of characters with the high
934      bit set.  This feature is intended to support the fairly common
935      use of &man.telnet.1; as a protocol tester.</para>
936
937    <para>The &man.tcpdrop.8; command, which closes a selected TCP
938      connection, has been added.  It was obtained from
939      OpenBSD. &merged;</para>
940
941    <para>&man.whois.1; now supports
942      a <option>-k</option> flag
943      for querying <hostid role="fqdn">whois.krnic.net</hostid>
944      (the National Internet Development Agency of Korea),
945      which holds details of IP address allocations within
946      Korea. &merged;</para>
947
948    <para>The <option>-I</option> option of the &man.xargs.1; command
949      has been changed to conform to IEEE Std 1003.1-2004.
950      The standard requires that the constructed
951      arguments cannot grow larger than 255 bytes.</para>
952
953    <para>A bug, which caused the last line of configuration files such as &man.hosts.5;,
954      &man.services.5;, and so on to be ignored if it did not end in a newline character,
955      has been fixed. &merged;</para>
956
957    <sect3 id="rc-scripts">
958      <title><filename>/etc/rc.d</filename> Scripts</title>
959
960      <para>&man.rc.conf.5; now supports changes of network interface names
961	at boot time. &merged;  For example:</para>
962
963      <programlisting>ifconfig_fxp0_name="net0"
964ifconfig_net0="inet 10.0.0.1/16"</programlisting>
965
966      <para>The <filename>rc.d/moused</filename> script now
967	starts/stops/checks a specific device when
968	the device name is given as the second argument to the script:</para>
969
970      <screen>&prompt.root; /etc/rc.d/moused start ums0</screen>
971
972      <para>To use different &man.rc.conf.5; knobs with different
973	mice, use the device name as part of the knob.
974	For example, if the mouse device is <filename>/dev/ums0</filename>
975	the following lines can be used:</para>
976
977	<programlisting>moused_ums0_enable=yes
978moused_ums0_flags="-z 4"
979moused_ums0_port="/dev/ums0"</programlisting>
980
981      <para>&man.rc.conf.5; now supports the <varname>tmpmfs_flags</varname>
982	and <varname>varmfs_flags</varname> variables.
983	These can be used to pass extra options to the &man.mdmfs.8; utility,
984	to customize the finer details of the &man.md.4; file system creation,
985	such as to turn on/off softupdates, to specify a default owner
986	for the file system, and so on. &merged;</para>
987
988    </sect3>
989  </sect2>
990
991  <sect2 id="contrib">
992    <title>Contributed Software</title>
993
994    <para><application>BIND</application> has been updated from version
995      9.3.0 to version 9.3.1.  &merged;</para>
996
997    <para><application>FILE</application> has been updated from 4.10
998      to 4.12.</para>
999
1000    <para><application>GNU readline</application> has been updated from
1001      version 4.3 to version 5.0.</para>
1002
1003    <para><application>Heimdal</application> has been updated from
1004      0.6.1 to 0.6.3. &merged;</para>
1005
1006    <para><application>lukemftp</application> has been updated from a
1007      26 April 2004 snapshot from OpenBSD's sources to a snapshot as
1008      of 19 February 2005.</para>
1009
1010    <para>A snapshot of <application>netcat</application> from OpenBSD
1011      as of 4 February 2005 has been added.  More information can be
1012      found in the &man.nc.1; manual page. &merged;</para>
1013
1014    <para><application>OpenPAM</application> has been updated from the
1015      Eelgrass release to the Feterita release.</para>
1016
1017    <para><application>OpenSSH</application> has been updated from 3.8p1
1018      to 3.9p1.</para>
1019
1020    <para><application>OpenSSL</application> has been updated from
1021      0.9.7d to 0.9.7e. &merged;</para>
1022
1023    <para><application>sendmail</application> has been updated from
1024      version 8.13.1 to version 8.13.3. &merged;</para>
1025
1026    <para>The timezone database has been updated from the
1027      <application>tzdata2004e</application> release to the
1028      <application>tzdata2004g</application> release. &merged;</para>
1029
1030  </sect2>
1031
1032  <sect2 id="ports">
1033    <title>Ports/Packages Collection Infrastructure</title>
1034
1035    <para>The &man.pkg.version.1; utility now supports a
1036      <option>-q</option> flag to suppress the output of the port
1037      version comparison characters <literal>&lt;</literal>,
1038      <literal>=</literal>, and <literal>&gt;</literal>.</para>
1039
1040    <para>The
1041      <filename>ports/INDEX<replaceable>*</replaceable></filename>
1042      files, which kept an index of all of the entries in the ports
1043      collection, have been removed from the CVS repository. &merged;
1044      These files were generated only infrequently, and therefore were
1045      usually out-of-date and inaccurate.  Users requiring an index
1046      file (such as for use by programs such as &man.portupgrade.1;)
1047      have two alternatives for obtaining a copy:</para>
1048
1049    <itemizedlist>
1050      <listitem>
1051	<para>Build an index file based on the current ports tree by
1052	  running <command>make index</command> from the top of the
1053	  <filename>ports/</filename> tree.</para>
1054      </listitem>
1055
1056      <listitem>
1057	<para>Fetch an index file over the network by running
1058	  <command>make fetchindex</command> from the top of the
1059	  <filename>ports/</filename> tree.  This index file will
1060	  (typically) be accurate to within a day.</para>
1061      </listitem>
1062    </itemizedlist>
1063
1064  </sect2>
1065
1066  <sect2 id="releng">
1067    <title>Release Engineering and Integration</title>
1068
1069    <para>In prior &os; releases, the <filename>disc1</filename>
1070      CD-ROM (or ISO image) was a bootable installation disk
1071      containing the base system, ports tree, and common packages.
1072      The <filename>disc2</filename> CD-ROM (or ISO image) was a
1073      bootable <quote>fix it</quote> disk with a live filesystem, to
1074      be used for making emergency repairs.  This layout has now
1075      changed.  For all architectures except ia64, the
1076      <filename>disc1</filename> image now contains the base system
1077      distribution files, ports tree, and the live filesystem, making
1078      it suitable for both an initial installation and repair
1079      purposes.  (On the ia64, the live filesystem is on a separate
1080      disk due to its size.)  Packages appear on separate
1081      disks; in particular, the <filename>disc2</filename> image
1082      contains commonly packages such as desktop environments.
1083      Documents from the &os; Documentation Project also appear on
1084      <filename>disc2</filename>.  &merged;</para>
1085
1086    <para>The supported version of the
1087      <application>GNOME</application> desktop environment has been
1088      updated from 2.6.2 to 2.10.  More information about
1089      running <application>GNOME</application> on &os; can be found on
1090      the <ulink url="&url.base;/gnome/">FreeBSD GNOME Project</ulink>
1091      Web page. &merged;
1092
1093      <note>
1094	<para>Users of older versions of the
1095	  <application>GNOME</application> desktop
1096	  (<filename role="package">x11/gnome2</filename>)
1097	  must take particular care in upgrading.  Simply upgrading it
1098	  from the &os; Ports Collection with &man.portupgrade.1;
1099	  (<filename role="package">sysutils/portupgrade</filename>)
1100	  will cause serious problems.
1101	  <application>GNOME</application> desktop users should read
1102	  the instructions carefully at
1103	  <ulink url="&url.base;/gnome/docs/faq210.html"></ulink>
1104	  and use the
1105	  <ulink url="&url.base;/gnome/gnome_upgrade.sh"><filename>gnome_upgrade.sh</filename></ulink>
1106	  script to properly upgrade to
1107	  <application>GNOME</application> 2.10.</para>
1108	</note>
1109      </para>
1110
1111    <para>The supported version of the <application>KDE</application>
1112      desktop environment has been updated from 3.3.0 to
1113      3.4.0.  More information regarding running
1114      <application>KDE</application> on &os; can be found on the
1115      <ulink url="http://freebsd.kde.org/">KDE on FreeBSD</ulink> Web
1116      page. &merged;
1117
1118      <note>
1119	<para>Users of older versions of
1120	  <application>KDE</application> should follow the upgrading
1121	  procedure documented on the 
1122	  <ulink url="http://freebsd.kde.org/">KDE on FreeBSD</ulink> Web
1123	  page or in <filename>ports/UPDATING</filename>.</para>
1124	</note>
1125      </para>
1126
1127    <para>The supported version of <application>Xorg</application> has
1128      been updated from 6.7.0 to 6.8.2. &merged;</para>
1129
1130  </sect2>
1131
1132  <sect2 id="doc">
1133    <title>Documentation</title>
1134
1135    <para>Manual pages in the base system have received a number of
1136      cleanups, both for content and presentation.  Cross-references
1137      are more correct and consistent, standard section headings are
1138      now used throughout, and markup has been cleaned up.</para>
1139
1140    <para>The following manual pages, which were derived from RFCs
1141      and possibly violate the IETF's copyrights, have been replaced:
1142      &man.gai.strerror.3;,
1143      &man.getaddrinfo.3;,
1144      &man.getnameinfo.3;,
1145      &man.inet6.opt.init.3;,
1146      &man.inet6.option.space.3;,
1147      &man.inet6.rth.space.3;,
1148      &man.inet6.rthdr.space.3;,
1149      &man.icmp6.4;, and
1150      &man.ip6.4;.  &merged;</para>
1151
1152  </sect2>
1153</sect1>
1154
1155<sect1 id="upgrade">
1156  <title>Upgrading from previous releases of &os;</title>
1157
1158  <para>Source upgrades to &os; &release.current; are only supported
1159    from &os; 5.3-RELEASE or later.  Users of older systems wanting to
1160    upgrade &release.current; will need to update to &os; 5.3 or newer
1161    first, then to &os; &release.current;.</para>
1162
1163  <important>
1164    <para>Upgrading &os; should, of course, only be attempted after
1165      backing up <emphasis>all</emphasis> data and configuration
1166      files.</para>
1167  </important>
1168</sect1>
1169