FreeBSD 13.4-RELEASE Release Notes
Abstract
The release notes for FreeBSD 13.4-RELEASE contain a summary of the changes made to the FreeBSD base system on the 13-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.
Introduction
This document contains the release notes for FreeBSD 13.4-RELEASE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.
The "release" distribution to which these release notes apply represents the latest point along the 13-STABLE development branch since 13-STABLE was created. Information regarding pre-built, binary "release" distributions along this branch can be found at https://www.FreeBSD.org/releases/.
The "release" distribution to which these release notes apply represents a point along the 13-STABLE development branch between 13.3-RELEASE and the future 13.5-RELEASE. Information regarding pre-built, binary "release" distributions along this branch can be found at https://www.FreeBSD.org/releases/.
This distribution of FreeBSD 13.4-RELEASE is a "release" distribution. It can be found at https://www.FreeBSD.org/releases/ or any of its mirrors. More information on obtaining this (or other) "release" distributions of FreeBSD can be found in the Obtaining FreeBSD appendix to the FreeBSD Handbook.
All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with "late-breaking" information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD 13.4-RELEASE can be found on the FreeBSD Web site.
This document describes the most user-visible new or changed features in FreeBSD since 13.3-RELEASE. In general, changes described here are unique to the 13-STABLE branch unless specifically marked as MERGED features.
Typical release note items document recent security advisories issued after 13.3-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.
Upgrading from Previous Releases of FreeBSD
Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. See the release-specific upgrade procedure, FreeBSD 13.4-RELEASE upgrade information, with more details in the FreeBSD handbook binary upgrade procedure. This will update unmodified userland utilities, as well as unmodified GENERIC kernels distributed as a part of an official FreeBSD release. The freebsd-update(8) utility requires that the host being upgraded have Internet connectivity.
Source-based upgrades (those based on recompiling the FreeBSD base system from source code) from previous versions are supported, according to the instructions in /usr/src/UPDATING.
|
Upgrading FreeBSD should only be attempted after backing up all data and configuration files. |
Security and Errata
This section lists the various Security Advisories and Errata Notices since 13.3-RELEASE.
Security Advisories
| Advisory | Date | Topic |
|---|---|---|
|
28 March 2024 |
Multiple vulnerabilities in Unbound |
|
|
01 July 2024 |
OpenSSH pre-authentication remote code execution |
|
|
07 August 2024 |
pf incorrectly matches different ICMPv6 states in the state table |
|
|
07 August 2024 |
ktrace(2) fails to detach when executing a setuid binary |
|
|
07 August 2024 |
NFS client accepts file names containing path separators |
|
|
07 August 2024 |
OpenSSH pre-authentication async signal safety issue |
|
|
04 September 2024 |
Multiple vulnerabilities in libnv |
|
|
04 September 2024 |
bhyve(8) privileged guest escape via TPM device passthrough |
|
|
04 September 2024 |
Multiple issues in ctl(4) CAM Target Layer |
|
|
04 September 2024 |
bhyve(8) privileged guest escape via USB controller |
|
|
04 September 2024 |
Possible DoS in X.509 name checks in OpenSSL |
|
|
04 September 2024 |
umtx Kernel panic or Use-After-Free |
Errata Notices
| Errata | Date | Topic |
|---|---|---|
|
28 March 2024 |
TTY Kernel panic |
|
|
28 March 2024 |
Insufficient barriers in WireGuard if_wg(4) |
|
|
28 March 2024 |
Clang crash when certain optimization is enabled |
|
|
28 March 2024 |
Kerberos segfaults when using weak crypto |
|
|
24 April 2024 |
High CPU usage by kernel threads related to ZFS |
|
|
19 June 2024 |
Kernel memory leak in ZFS |
|
|
19 June 2024 |
LDNS uses nameserver commented out in resolv.conf |
|
|
19 June 2024 |
Lock order reversal in killpg causing livelock |
|
|
19 June 2024 |
Incorrect size passed to heap allocated std::string delete |
|
|
07 August 2024 |
Incorrect ifconfig netmask assignment |
|
|
04 September 2024 |
cron(8) / periodic(8) session login |
Userland
This section covers changes and additions to userland applications, contributed software, and system utilities.
Userland Application Changes
libcapsicum has been improved to cache more time
zone information. This change reduces the number of calls to
tzset(3) and improves performance.
Contributed Software
sqlite3 has been upgraded to 3.46.0.
OpenSSH has been to upgraded to 9.7p1. This release
contains mostly bugfixes. It also makes support for the DSA
signature algorithm a compile-time option, with plans to disable it
upstream later this year and remove support entirely in 2025.
LLVM and the clang compiler have been upgraded to
version 18.1.5.
bc has been updated to version 6.7.6.
atf has been updated to 0.22 snapshot 55c21b2c.
libarchive has been updated to 3.7.4.
capsicum-test has been updated to snapshot
eab7a83b.
Devices and Drivers
This section covers changes and additions to devices and device drivers since 13.3-RELEASE.
Networking
This section describes changes that affect networking in FreeBSD.
Network Protocols
Lots of improvements to the network stack, including performance improvements and bug fixes for the sctp(4) stack. Specifically, support for the SCTP checksum offload feature has been added to the loopback interface.
Hardware Support
This section covers general hardware support for physical machines, hypervisors, and virtualization environments, as well as hardware changes and updates that do not otherwise fit in other sections of this document.
Please see the list of hardware supported by 13.4-RELEASE, as well as the platforms page for the complete list of supported CPU architectures.
Processor Support
Added support for AMD Ryzen 7 "Phoenix" processors (family 0x19, model 0x70-0x7f) to the amdsmn(4) and amdtemp(4) drivers. This enables temperature readings of these CPUs via sysctl. The sensors function identically to those for the "Raphael" processors (model 0x60-0x6f); only the PCI device ID differs.
Documentation
This section covers changes to manual (man(1)) pages and other documentation shipped with the base system.
Man Pages
References to the legacy disklabel utility have
been removed in favour of gpart. Future FreeBSD releases will
remove this tool entirely.
Ports Collection and Package Infrastructure
This section covers changes to the FreeBSD Ports Collection, package infrastructure, and package maintenance and installation tools.
Packaging Changes
The DVD package set has been modernized.
archivers/unzip has been removed as it is in base now.
emulators/linux_base-c7 has been removed as it is unlikely to be useful without other Linux packages being installed.
ports-mgmt/portmaster has been removed as it has been discouraged in favour of using pkg and binary packages.
x11-drivers/xf86-video-vmware has been removed as it is no longer useful with the current version of xorg-server.
devel/git has been replaced with devel/git@lite as this is sufficient for most purposes.
sysutils/seatd and x11-wm/sway have been added for Wayland support.
General Notes Regarding Future FreeBSD Releases
FreeBSD 15.0 is not expected to include support for 32-bit platforms other than armv7. The armv6, i386, and powerpc platforms are deprecated and will be removed. 64-bit systems will still be able to run older 32-bit binaries.
The FreeBSD Project expects to support armv7 as a Tier 2 architecture in FreeBSD 15.0 and stable/15. However, the Project also anticipates that armv7 may be removed in FreeBSD 16.0. The Project will provide an update on the status of armv7 for both 15.x and 16.x at the time of 15.0 release.
Support for executing 32-bit binaries on 64-bit platforms via
the COMPAT_FREEBSD32 option will continue for at least
the stable/15 and stable/16 branches. Support for compiling
individual 32-bit applications via cc -m32 will also
continue for at least the stable/15 branch, which includes suitable
headers in /usr/include and libraries
in /usr/lib32.
Ports will not include support for deprecated 32-bit platforms for FreeBSD 15.0 and later releases. These future releases will not include binary packages or support for building packages from ports for deprecated 32-bit platforms.
The FreeBSD stable/14 and earlier branches will retain existing 32-bit kernel and world support. Ports will retain existing support for building ports and packages for 32-bit systems on stable/14 and earlier branches as long as those branches are supported by the ports system. However, all 32-bit platforms are Tier-2 or Tier-3, and support for individual ports should be expected to degrade as upstreams deprecate 32-bit platforms.
With the current support schedule, stable/14 will reach end of life (EOL) around 5 years after the release of FreeBSD 14.0-RELEASE. The EOL of stable/14 will mark the end of support for deprecated 32-bit platforms, including source releases, pre-built packages, and support for building applications from ports. With the release of 14.0-RELEASE in November 2023, support for deprecated 32-bit platforms will end in November 2028.
The Project may choose to alter this approach when FreeBSD 15.0 is released by extending some level of support for one or more of the deprecated platforms in 15.0 or later. Any alterations will be driven by community feedback and committed efforts to support these platforms.
Last modified on: September 17, 2024 by Graham Perrin