The release notes for FreeBSD 12.0-RELEASE contain a summary of the changes made to the FreeBSD base system on the 12-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.

Last modified on 2019-10-09 21:23:40 by gjb.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the “™” or the “®” symbol.

SPARC, SPARC64, and UltraSPARC are trademarks of SPARC International, Inc in the United States and other countries. SPARC International, Inc owns all of the SPARC trademarks and under licensing agreements allows the proper use of these trademarks by its members.

Intel, Celeron, Centrino, Core, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

IEEE, POSIX, and 802 are registered trademarks of Institute of Electrical and Electronics Engineers, Inc. in the United States.

IBM, AIX, OS/2, PowerPC, PS/2, S/390, and ThinkPad are trademarks of International Business Machines Corporation in the United States, other countries, or both.

FreeBSD is a registered trademark of the FreeBSD Foundation.

Typical release note items document recent security advisories issued after 11.2-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.

This document describes the most user-visible new or changed features in FreeBSD since 11.2-RELEASE. In general, changes described here are unique to the 12-STABLE branch unless specifically marked as MERGED features.

All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with “late-breaking” information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD 12.0-RELEASE can be found on the FreeBSD Web site.

This distribution of FreeBSD 12.0-RELEASE is a release distribution. It can be found at https://www.FreeBSD.org/releases/ or any of its mirrors. More information on obtaining this (or other) release distributions of FreeBSD can be found in the “Obtaining FreeBSD” appendix to the FreeBSD Handbook .

The release distribution to which these release notes apply represents a point along the 12-STABLE development branch between 11.2-RELEASE and the future 13.0-RELEASE. Information regarding pre-built, binary release distributions along this branch can be found at https://www.FreeBSD.org/releases/ .

The release distribution to which these release notes apply represents the latest point along the 12-STABLE development branch since 12-STABLE was created. Information regarding pre-built, binary release distributions along this branch can be found at https://www.FreeBSD.org/releases/ .

This document contains the release notes for FreeBSD 12.0-RELEASE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.

Upgrading FreeBSD should only be attempted after backing up all data and configuration files.

Source-based upgrades (those based on recompiling the FreeBSD base system from source code) from previous versions are supported, according to the instructions in /usr/src/UPDATING .

[amd64,i386] Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade procedure will update unmodified userland utilities, as well as unmodified GENERIC kernels distributed as a part of an official FreeBSD release. The freebsd-update(8) utility requires that the host being upgraded have Internet connectivity.

This section lists the various Security Advisories and Errata Notices since 11.2-RELEASE.

4. Userland

This section covers changes and additions to userland applications, contributed software, and system utilities.

4.1. Userland Configuration Changes Group permissions on /dev/acpi have been changed to allow users in the operator GID to invoke acpiconf(8) to suspend the system. [r335864] (Sponsored by DARPA, AFRL) The default devfs.rules(5) configuration has been updated to allow mount_fusefs(8) with jail(8). [r336565] The default PAGER now defaults to less(1) for most commands. [r337497] The newsyslog(8) utility has been updated to reject configuration entries that specify setuid(2) or executable log files. [r338165] (Sponsored by Dell EMC Isilon) The WITH_REPRODUCIBLE_BUILD src.conf(5) knob has been enabled by default. [r338642] (Sponsored by The FreeBSD Foundation) LDNS now enables DANE-TA , and GOST has been removed. [r339303] A new src.conf(5) knob, WITH_RETPOLINE , has been added to enable the retpoline mitigation for userland builds. [r340773] (Sponsored by The FreeBSD Foundation)

4.2. Userland Application Changes xlint and the ability to build lint libraries or lint source code has been removed. The dtrace(1) utility has been updated to support if and else statements. [r304200] The legacy gdb(1) utility included in the base system is now installed to /usr/libexec for use with crashinfo(8). The gdbserver and gdbtui utilities are no longer installed. For interactive debugging, lldb(1) or a modern version of gdb(1) from devel/gdb should be used. A new src.conf(5) knob, WITHOUT_GDB_LIBEXEC has been added to disable building gdb(1). The gdb(1) utility is still installed in /usr/bin on sparc64. [r317416] The setfacl(1) utility has been updated to include a new flag, -R , used to operate recursively on directories. [r332396] (Sponsored by The FreeBSD Foundation) The cat(1) utility has been updated to print output aligned the same regardless of if invoked with -ne or -be . [r323865] The default bootstrap linker has been changed to ld_lld(1) for amd64. [r334391] (Sponsored by The FreeBSD Foundation) The dhclient(8) utility has been updated to add a configuration knob to allow superseding the interface-mtu option provided by an incorrectly-configured DHCP server. [r334443] The asf(8) utility has been removed, as kgdb(1) now handles kernel module state internally. [r335222] (Sponsored by The FreeBSD Foundation) The sha224(1) utility has been added. [r336126] The geli(8) utility has been updated to provide support for initializing multiple providers at once when they use the same passphrase and/or key. [r336659] The default bootstrap linker has been changed to ld_lld(1) for i386. [r336901] (Sponsored by The FreeBSD Foundation) The default bootstrap linker has been changed to ld_lld(1) for armv7. [r337057] (Sponsored by The FreeBSD Foundation) The dd(1) utility has been updated to add the status=progress option, which prints the status of its operation on a single line once per second, similar to GNU dd(1). [r337505] The date(1) utility has been updated to include a new flag, -I , which prints its output in ISO 8601 formatting. [r337332] The bectl(8) utility has been added, providing an administrative interface for managing ZFS boot environments, similar to sysutils/beadm . [r337663] The ls(1) utility has been updated to include a new --color= when flag, where when can be one of always , auto (default), or never . [r337956] The bhyve(8) utility has been updated to add a new subcommand to the -l and -s flags, help , which when used, prints a list of supported LPC and PCI devices, respectively. [r338210] (Sponsored by iXsystems) The tftp(1) utility has been updated to change the default transfer mode from ASCII to binary. [r338258] The last(1) utility has been updated to include libxo(3) support. [r338352] The lastlogin(8) utility has been updated to include libxo(3) support. [r338353] The chown(8) utility has been updated to prevent overflow of UID or GID arguments where the argument exceeded UID_MAX or GID_MAX , respectively. [r338950] (Sponsored by Dell EMC Isilon) The ctm(1) and related utilities have been marked as deprecated for removal in FreeBSD 13.0. [r340444]

4.3. Contributed Software The ELF Tool Chain has been updated to version r3614. [r333063] (Sponsored by The FreeBSD Foundation) The zstd(1) utility has been updated to version 1.3.4. [r331602] (Sponsored by Dell EMC Isilon) The vt(4) Terminus BSD Console font has been updated to version 4.46. [r332452] (Sponsored by The FreeBSD Foundation) The xz(1) utility has been updated to version 5.2.4. [r333783] The clang, llvm, lld, lldb, compiler-rt utilities and libc++ have been updated to version 6.0.1. [r335799] The bsnmp utility has been updated to version 1.13. [r335885] The WPA utilities have been updated to version 2.6. [r336203] The ntpd(8) utility has been updated to allow being run as a non-root user. [r336525] Note: Source-based upgrades from FreeBSD 11.x and earlier require the ntpd UID (123) and GID (123) to exist before the installworld target is run. See the "rebuild everything and install" section of UPDATING for the documented procedure for source-based upgrades for more details. Support for UDP -lite has been added to dtrace_udplite(4). [r337018] The file(1) utility has been updated to version 5.34. [r337442] The lua utility has been updated to version 5.3.5. [r337810] Support for send, receive, and state-change providers have been added to dtrace_sctp(4). [r338213] The ntpd(8) utility has been updated to version 4.2.8p12. [r338126] OpenSSH has been updated to version 7.8p1. [r338561] The mandoc(1) utility has been updated to version 1.14.4. [r338826] Additional capsicum(4) support has been added to sshd(8). [r339216] Serf has been updated to version 1.3.9. [r339256] ACPICA has been updated to version 20181003. [r339262] Unbound has been updated to version 1.8.1. [r339278] The timezone database files have been updated to version 2018g. [r339937] OpenSSL has been updated to version 1.1.1a. [r340711]

4.4. Installation and Configuration Tools The bsdinstall(8) installer and zfsboot(8) boot code have been updated to allow an UEFI + GELI installation option. [r338282] (Sponsored by Klara Systems)

4.5. /etc/rc.d Scripts A new rc(8) has been added to create cfumass(4) LUN s. [r332857] (Sponsored by The FreeBSD Foundation) The geli(8) rc(8) script has been updated to include support for a new variable, geli_groups , which provides support to attach multiple providers when set in rc.conf(5). [r335673] The rc(8) subsystem has been updated to support new keywords in rc.conf(5), enable , disable , and delete with rc.d(8) scripts and the service(8) utility. See rc.conf(5) for usage information. [r340348] (Sponsored by Smule, Inc.)

4.6. Runtime Libraries and API The getrandom(2) system call and getentropy(3) library have been added, compatible with Linux® and OpenBSD implementations. [r331279] The arc4random(3) library has been updated to match the OpenBSD version 1.35. [r338059] The libarchive(3) library has been updated to version 3.3.3. [r338600]