FreeBSD 14.1-RELEASE Release Notes
Abstract
The release notes for FreeBSD 14.1-RELEASE contain a summary of the changes made to the FreeBSD base system on the 14-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.
Introduction
This document contains the release notes for FreeBSD 14.1-RELEASE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.
The "release" distribution to which these release notes apply represents the latest point along the 14-STABLE development branch since 14-STABLE was created. Information regarding pre-built, binary "release" distributions along this branch can be found at https://www.FreeBSD.org/releases/.
The "release" distribution to which these release notes apply represents a point along the 14-STABLE development branch between 14.0-RELEASE and the future 14.2-RELEASE. Information regarding pre-built, binary "release" distributions along this branch can be found at https://www.FreeBSD.org/releases/.
This distribution of FreeBSD 14.1-RELEASE is a "release" distribution. It can be found at https://www.FreeBSD.org/releases/ or any of its mirrors. More information on obtaining this (or other) "release" distributions of FreeBSD can be found in the Obtaining FreeBSD appendix to the FreeBSD Handbook.
All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with "late-breaking" information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD 14.1-RELEASE can be found on the FreeBSD Web site.
This document describes the most user-visible new or changed features in FreeBSD since 14.0-RELEASE. In general, changes described here are unique to the 14-STABLE branch unless specifically marked as MERGED features.
Typical release note items document recent security advisories issued after 14.0-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.
Upgrading from Previous Releases of FreeBSD
Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. See the release-specific upgrade procedure, FreeBSD 14.1-RELEASE upgrade information, with more details in the FreeBSD handbook binary upgrade procedure. This will update unmodified userland utilities, as well as unmodified GENERIC kernels distributed as a part of an official FreeBSD release. The freebsd-update(8) utility requires that the host being upgraded have Internet connectivity.
Source-based upgrades (those based on recompiling the FreeBSD base system from source code) from previous versions are supported, according to the instructions in /usr/src/UPDATING.
Upgrading FreeBSD should only be attempted after backing up all data and configuration files. |
Security and Errata
This section lists the various Security Advisories and Errata Notices since 14.0-RELEASE.
Security Advisories
Advisory | Date | Topic |
---|---|---|
No advisories. |
Errata Notices
Errata | Date | Topic |
---|---|---|
No notices. |
Userland
This section covers changes and additions to userland applications, contributed software, and system utilities.
Userland Configuration Changes
A new kdc_restart
variable is available that
manages
kdc(8) (or krb5kdc
) under
daemon(8). Set kdc_restart="YES"
in
rc.conf(5) to auto restart kdc on abnormal termination. Set
kdc_restart_delay="N"
to the number of seconds to
delay before restarting the kdc. abc4b3088941
By default, changes shown in email by the
periodic(8) facility from the daily
scripts show
less context than before to reduce the size of the output. The
behavior can be controlled by the daily_diff_flags
variable in
periodic.conf(5). Similarly, the changes shown by the security
scripts show less context than previously, controlled by the
security_status_diff_flags
variable in
periodic.conf(5). 538994626b9f,
37dc394170a5,
128e78ffb084
Userland Application Changes
The adduser(8) utility, used by bsdinstall(8), will now create a ZFS dataset for a new user’s home directory if the parent directory resides on a ZFS dataset. A command-line option is available to disable use of a separate dataset. ZFS encryption is also available. 516009ce8d38
The
date(1) program now supports nanoseconds. For example:
date -Ins
prints "2024-04-22T12:20:28,763742224+02:00"
and date +%N
prints "415050400". eeb04a736cb9
The dtrace(1) utility can now generate machine-readable output in JSON, XML, and HTML using libxo(3). aef4504139a4 (Sponsored by Innovate UK)
The lastcomm(1) utility now displays timestamps with a precision of seconds. 692c0a2e80c1 (Sponsored by DSS Gmbh)
The ldconfig(8) utility now supports hints files of either byte order. The default format is the native byte-order of the host. fa7b31166ddb
OpenSSH has been upgraded to version 9.7p1. Full release notes are at https://www.openssh.com/txt/release-9.7 and https://www.openssh.com/txt/release-9.6 . a25789646d71, 464fa66f639b (Sponsored by The FreeBSD Foundation)
The usbconfig(8) utility now reads the descriptions of usb vendor and products from /usr/share/misc/usb_vendors when available, similar to what pciconf(8) does. 7b9a772f9f64
Contributed Software
One True Awk (awk(1)) has been updated to 2nd Edition, with new -csv support and UTF-8 support. daf917daba9c
Clang/LLVM have been upgraded to version 18.1.5. 90a5e985e5f4
The libarchive(3) library has been upgraded to version 3.7.4. 8774c92e32b2
The sendmail(8) suite has been upgraded to version 8.18.1, addressing CVE-2023-51765. 58ae50f31e95
The unbound(8) resolver has been upgraded to version 1.20.0, and addresses “The DNSBomb” vulnerability, CVE-2024-33655. dcde37c4170b
Runtime Libraries and API
The
setusercontext(3) routine in libutil
will now set
the process priority (nice) from the .login.conf file from the home directory under
appropriate conditions, as well as the system
login.conf(5). The priority can now have the value
inherit
, indicating that the priority should be
unchanged from that of the parent process. Similarly, the umask can
have the value inherit
. 6f6186e19fe5,
a8c273b3c97f,
d2d66fedc418
(Sponsored by Kumacom SAS)
Many string and memory operations in the C library now use SIMD (single instruction multiple data) extensions for improved performance when available on amd64 systems; see simd(7). (Sponsored by The FreeBSD Foundation)
There is now a much better implementation of the 128-bit
tgammal
function in the math library,
math(3), on platforms that support it. 8df6c930c151
Cloud Support
This section covers changes in support for cloud environments.
14.1-RELEASE supports cloudinit, including the
nuageinit
startup script and support for a
config-drive
partition. It is compatible with
OpenStack and many hosting facilities. See the cloud-init web site and the commit
messages, 16a6da44e28d
227e7a205edf.
(Sponsored by OVHCloud)
Kernel
This section covers changes to kernel configurations, system tuning, and system control parameters that are not otherwise categorized.
General Kernel Changes
The fpu_kern_enter
and fpu_kern_leave
routines have been implemented for powerpc, allowing the use of
ossl(4) crypto functions in the kernel that use floating point
and vector registers. 91e53779b4fc
Devices and Drivers
This section covers changes and additions to devices and device drivers since 14.0-RELEASE.
Device Drivers
A driver is available for ice(4) Ethernet network controllers in the Intel E800 series, which support 100 Gb/s operation. It was upgraded to version 1.39.13-k. 71d104536b51 f6de0a7c94e9 (Sponsored by Intel Corporation)
Numerous stability improvements have been in the iwlwifi(4) driver for Intel Wi-Fi devices. (Sponsored by The FreeBSD Foundation)
Multiple PCI MCFG regions are now supported on amd64 and i386, allowing PCI configuration space access for domains (segments) other than 0. 4b5f64408804
The
smsc(4) Ethernet driver can now fetch the value of
smsc95xx.macaddr
passed by some Raspberry Pi models
and use it for the MAC address. It always uses a stable MAC address
even if there is no address in EEPROM. 028e4c6548e4
The snd_clone
framework has been removed from the
sound subsystem, including related sysctls, simplifying the system.
The per-channel nodes (/dev/dspX.Y)
are no longer created, just the primary device (/dev/dspX). e6c51f6db8d7
(Sponsored by The FreeBSD Foundation)
Audio now supports asynchronous device detach. This greatly simplifies hot plugging and unplugging of things such as USB headsets, and eases use of PulseAudio in cases that require operating system sleep and wake (suspend and resume). d692c314d29a (Sponsored by The FreeBSD Foundation)
Storage
This section covers changes and additions to file systems and other storage subsystems, both local and networked.
NFS
The
mountd(8) server has been modified to use
strunvis(3) to decode directory names in
exports(5) file(s). This allows special characters, such as
blanks, to be embedded in the directory name. vis -M
may be used to encode such directory names; see
vis(1). 2c83f1ada435
New
sysctl(8) variables have been added under
kern.rpc.unenc
and kern.rpc.tls
, which
allow an NFS server administrator to determine how much
NFS-over-TLS is being used. A large number of failed handshakes
might indicate an NFS configuration problem. b8e137d8d32d
UFS
Soft updates are now enabled by default when creating a new UFS file system with newfs(8). 6b2af2d88ffd
ZFS
OpenZFS has been upgraded to version 2.2.4. 78c9d8f1ce65
Boot Loader Changes
This section covers the boot loader, boot menu, and other boot-related changes.
Boot Loader Changes
The
loader(8) now reads local configuration files listed in the
variable local_loader_conf_files
after other
configuration files, defaulting to /boot/loader.conf.local. a25531db0fc2
The loader(8) can now be configured to read specific configuration files based on the planar maker, planar product, system product and uboot m_product variables from the SMBIOS. For the moment, the best documentation is the git commit message, 3eb3a802a31b.
Console detection in loader(8) has been improved on EFI systems. If there is no ConOut variable, ConIn is checked. If multiple devices are found, serial is preferred. 20a6f4779ac6 (Sponsored by Netflix)
Frame buffer support in loader(8) can now use a text-only video driver, resulting in space savings. 57ca2848c0aa (Sponsored by Netflix)
The detection of ACPI is now done earlier in loader.efi(8) on arm64 systems. The copy of loader.efi on the EFI partition should be updated on arm64 systems using ACPI. 05cf4dda599a 16c09de80135
The LinuxBoot loader can be used to boot FreeBSD from Linux on aarch64 systems as well as amd64. 46010641267 (Sponsored by Netflix)
Networking
This section describes changes that affect networking in FreeBSD.
General Network
ARP (arp(4)) support for 802-standard networks has been restored; it had been accidentally removed with FDDI support. (This is different than the Ethernet standard encapsulation.) d776dd5fbd48
It is possible to build a kernel with IPv6 support (INET6) without IPv4 (INET). 6df9fa1c6b83 and others
The netgraph ng_ipfw(4) module no longer truncates cookies to 16 bits, allowing a full 32 bits. dadf64c5586e
Hardware Support
This section covers general hardware support for physical machines, hypervisors, and virtualization environments, as well as hardware changes and updates that do not otherwise fit in other sections of this document.
Please see the list of hardware supported by 14.1-RELEASE, as well as the platforms page for the complete list of supported CPU architectures.
Documentation
This section covers changes to manual (man(1)) pages and other documentation shipped with the base system.
Man Pages
A new networking(7) manual page provides a quickstart guide to connecting the system to networks including Wi-Fi, and links to other manual pages and the handbook. 39f92a4c4c49
General Notes Regarding Future FreeBSD Releases
FreeBSD 15.0 is not expected to include support for 32-bit platforms other than armv7. The armv6, i386, and powerpc platforms are deprecated and will be removed. 64-bit systems will still be able to run older 32-bit binaries.
We expect to support armv7 as a Tier 2 architecture in FreeBSD 15.0 and stable/15. However, we also anticipate that armv7 may be removed in FreeBSD 16.0. We will provide an update on the status of armv7 for both 15.x and 16.x at the time of 15.0 release.
Support for executing 32-bit binaries on 64-bit platforms via
the COMPAT_FREEBSD32
option will continue for at least
the stable/15 and stable/16 branches. Support for compiling
individual 32-bit applications via cc -m32
will also
continue for at least the stable/15 branch, which includes suitable
headers in /usr/include and libraries
in /usr/lib32.
Ports will not include support for deprecated 32-bit platforms for FreeBSD 15.0 and later releases. These future releases will not include binary packages or support for building packages from ports for deprecated 32-bit platforms.
The FreeBSD stable/14 and earlier branches will retain existing 32-bit kernel and world support. Ports will retain existing support for building ports and packages for 32-bit systems on stable/14 and earlier branches as long as those branches are supported by the ports system. However, all 32-bit platforms are Tier-2 or Tier-3, and support for individual ports should be expected to degrade as upstreams deprecate 32-bit platforms.
With the current support schedule, stable/14 will reach end of life (EOL) 5 years after the release of FreeBSD 14.0-RELEASE. The EOL of stable/14 will mark the end of support for deprecated 32-bit platforms, including source releases, pre-built packages, and support for building applications from ports. With the release of 14.0-RELEASE in November 2023, support for deprecated 32-bit platforms will end in November 2028.
The project may choose to alter this approach when FreeBSD 15.0 is released by extending some level of support for one or more of the deprecated platforms in 15.0 or later. Any alterations will be driven by community feedback and committed efforts to support these platforms. Use FreeBSD 14.0-RELEASE and following minor releases, or the stable/14 branch, to migrate off 32-bit platforms.
Last modified on: June 4, 2024 by Alexander Ziaee