git: a5ba1c9303 - main - 13.3 relnotes: additions and corrections

From: Mike Karels <>
Date: Tue, 27 Feb 2024 00:09:21 UTC
The branch main has been updated by karels:


commit a5ba1c9303f21fa81a0e8754399b571f66c93560
Author:     Mike Karels <>
AuthorDate: 2024-02-27 00:09:04 +0000
Commit:     Mike Karels <>
CommitDate: 2024-02-27 00:09:04 +0000

    13.3 relnotes: additions and corrections
    Additions from a number of people; more contrib upgrades;
    Differential Revision:
 website/content/en/releases/13.3R/relnotes.adoc | 68 +++++++++++++++++++++++--
 1 file changed, 65 insertions(+), 3 deletions(-)

diff --git a/website/content/en/releases/13.3R/relnotes.adoc b/website/content/en/releases/13.3R/relnotes.adoc
index ced30aebaa..b68002c8ad 100644
--- a/website/content/en/releases/13.3R/relnotes.adoc
+++ b/website/content/en/releases/13.3R/relnotes.adoc
@@ -128,6 +128,16 @@ the options passed to man:diff[1] for the security scripts are controlled by
 gitref:4c14a3a6aebe[repository=src] gitref:6d9195b5f763[repository=src]
+The default location for downloading leapsecond information has been updated to use the canonical source, as the previous location was no longer supported.
+The man:powerd[8] daemon is now enabled by default in [.filename]#/etc/rc.conf# on the arm64 `RPI` image for Raspberry Pi systems, allowing the system to run at full speed as needed.
+Users with non-default turbo settings may want to disable it.
+The umask for a service may now be specified in man:rc.conf[5] using the variable <service>_umask, where the service is named <service>.
 === Userland Application Changes
@@ -138,18 +148,26 @@ gitref:585762c3733f[repository=src]
 The man:objdump[1] utility from LLVM is now available.
 Some LLVM objdump options have a different output format than GNU objdump; man:readelf[1] is available for inspecting ELF files, and GNU objdump is available from the [.filename]#devel/binutils# port or package.
+The man:tftpd[8] server can be configured to allow writes to files in a chrooted environment that are not world-writable using the new `-S` option.
 === Contributed Software
+`expat` has been upgaded to version 2.6.0.
+Several Heimdal security fixes have been applied to mitigate vulnerabilities in the Kerberos Key Distribution Center.
 The `libfido2` authentication token library has been updated to version 1.13.0.
 gitref:b27bad1e0373[repository=src] gitref:079a1c2059e7[repository=src] gitref:d79e0d1735e3[repository=src] (Sponsored by The FreeBSD Foundation)
 `LLVM` and the `clang` compiler have been upgraded to version 17.0.6.
+`nvi` (man:vi[1]) has been upgraded to version 2.2.1.
 `sendmail` has been upgraded to version 8.18.1. 
 This version enforces stricter RFC compliance by default, especially with respect to line endings.
-This may cause issues with receiving messages from non-compliant MTAs; please see the first 8.18.1 release note in link:[] for mitigations.
+This may cause issues with receiving messages from non-compliant MTAs; please see the first 8.18.1 release note in link:[] for mitigations.
 `OpenSSH` has been updated to version 9.6p1, including a number of security fixes.
@@ -160,6 +178,11 @@ gitref:f26eafdfafb0[repository=src] gitref:221a6bc397ad[repository=src] gitref:2
 `tzdata` has been upgraded to version 2024a.
+`unbound` has been upgraded to version 1.19.1, including security fixes.
+`xz` has been upgraded to version 5.4.5.
 The man:zlib[3] library has been updated to version 1.3.1.
 gitref:f2de7ba78a49[repository=src] gitref:05e3998add1c[repository=src]
@@ -188,6 +211,18 @@ This section covers changes and additions to devices and device drivers since {r
 Multiple PCI MCFG regions are now supported on x86 systems, enabling support for PCI config access for domains (segments) other than 0.
+A problem with the `graid` implementation of Promise RAID1 created with 4 or more disks has been fixed.
+The array worked only until reboot.
+The man:iwlwifi[4] driver for Intel wireless interfaces has been updated, supporting chipsets up to B200.
+(Sponsored by The FreeBSD Foundation)
+The man:rtw88[4] driver for Realtek wireless PCI interfaces has been updated.
+There have been many stability fixes to native and LinuxKPI-based wireless drivers.
+(Sponsored by The FreeBSD Foundation)
 The man:smsc[4] driver for USB Ethernet adapters will now obtain the MAC address from bootargs on Raspberry Pi systems that pass it, and will otherwise fall back to use of man:ether_gen_addr[9] to generate a stable MAC address if none is provided by the hardware.
@@ -196,6 +231,12 @@ gitref:3d96ee7c7dcc[repository=src]
 This section covers changes and additions to file systems and other storage subsystems, both local and networked.
+=== General Storage
+In the course of debugging and resolving a problem with vnode recycling in the generic file system code, sysctls for vnode-related statistics have been grouped under `vfs.vnode` for greater visibility.
 === NFS Changes
@@ -221,7 +262,6 @@ gitref:7005cd440405[repository=src] gitref:e6c1e181ba7f[repository=src] gitref:d
 The man:zfsd[8] daemon will now fault disks that generate too many I/O delay events.
 gitref:e2ce586899ff[repository=src] (Sponsored by Axcient)
 == Boot Loader Changes
@@ -238,6 +278,15 @@ This section describes changes that affect networking in FreeBSD.
 === General Network
+The logging priority of syslog messages due to overflow of a socket listen queue can now be set using the sysctl `kern.ipc.sooverprio`.
+The default is 7, corresponding to LOG_DEBUG.
+A value of -1 suppresses logging.
+See man:listen[2].
+The netgraph man:ng_ipfw[4] module no longer truncates cookies to 16 bits, allowing a full 32 bits.
 Support for IPv6 RFC 4620 nodeinfo is now disabled by default.
 gitref:5c4e8a631097[repository=src] (Sponsored by The FreeBSD Foundation)
@@ -245,9 +294,22 @@ pf filter rules can be optionally enabled for packets delivered locally
 to enable pf rdr rules for connections initiated from the host.
 This can change the behavior of rules which match packets delivered to `lo0`.
 To enable this feature, use the commands `sysctl; service pf restart`.
-When enabled, it is best to ensure that packets delivered locally are not filtered, e.g. by adding a "set skip on lo" rule.
+When enabled, it is best to ensure that packets delivered locally are not filtered, e.g. by adding a `set skip on lo` rule.
+== Hardware Support
+This section covers general hardware support for physical machines, as well as hardware changes and updates that do not fit in other sections of this document.
+=== Hardware Architecture Support
+The BeagleBone Black (armv7) is no longer supported; it does not work with the current boot files (DTB).
+=== Virtualization Support
 == General Notes Regarding Future FreeBSD Releases