git: 40d53eda92 - main - 15.0R/relnotes: Add entries from 14.2R

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Muhammad Moinur Rahman <bofh_at_FreeBSD.org>
Date: Fri, 04 Jul 2025 18:32:11 UTC
The branch main has been updated by bofh:

URL: https://cgit.FreeBSD.org/doc/commit/?id=40d53eda9233fe25aaed51fdb84be1fe99fd27ee

commit 40d53eda9233fe25aaed51fdb84be1fe99fd27ee
Author:     Muhammad Moinur Rahman <bofh@FreeBSD.org>
AuthorDate: 2025-07-04 18:31:26 +0000
Commit:     Muhammad Moinur Rahman <bofh@FreeBSD.org>
CommitDate: 2025-07-04 18:31:26 +0000

    15.0R/relnotes: Add entries from 14.2R
    
    Approved by:    re (implicit)
    Sponsored by:   The FreeBSD Foundation
---
 website/content/en/releases/15.0R/relnotes.adoc | 234 ++++++++++++++++++++++--
 1 file changed, 220 insertions(+), 14 deletions(-)

diff --git a/website/content/en/releases/15.0R/relnotes.adoc b/website/content/en/releases/15.0R/relnotes.adoc
index 3afbb125f3..aa3189d525 100644
--- a/website/content/en/releases/15.0R/relnotes.adoc
+++ b/website/content/en/releases/15.0R/relnotes.adoc
@@ -110,6 +110,70 @@ This section lists the various Security Advisories and Errata Notices since {rel
 |https://www.freebsd.org/security/advisories/FreeBSD-SA-24:03.unbound.asc[FreeBSD-SA-24:03.unbound]
 |28 March 2024
 |Multiple vulnerabilities in unbound
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc[FreeBSD-SA-24:04.openssh]
+|01 July 2024
+|OpenSSH pre-authentication remote code execution
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:05.pf.asc[FreeBSD-SA-24:05.pf]
+|07 August 2024
+|pf incorrectly matches different ICMPv6 states in the state table
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:06.ktrace.asc[FreeBSD-SA-24:06.ktrace]
+|07 August 2024
+|man:ktrace[2] fails to detach when executing a setuid binary
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:07.nfsclient.asc[FreeBSD-SA-24:07.nfsclient]
+|07 August 2024
+|NFS client accepts file names containing path separators
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:08.openssh.asc[FreeBSD-SA-24:08.openssh]
+|07 August 2024
+|OpenSSH pre-authentication async signal safety issue
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:09.libnv.asc[FreeBSD-SA-24:09.libnv]
+|04 September 2024
+|Multiple vulnerabilities in libnv
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:10.bhyve.asc[FreeBSD-SA-24:10.bhyve]
+|04 September 2024
+|man:bhyve[8] privileged guest escape via TPM device passthrough
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:11.ctl.asc[FreeBSD-SA-24:11.ctl]
+|04 September 2024
+|Multiple issues in man:ctl[4] CAM Target Layer
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:12.bhyve.asc[FreeBSD-SA-24:12.bhyve]
+|04 September 2024
+|man:bhyve[8] privileged guest escape via USB controller
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:13.openssl.asc[FreeBSD-SA-24:13.openssl]
+|04 September 2024
+|Possible DoS in X.509 name checks in OpenSSL
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:14.umtx.asc[FreeBSD-SA-24:14.umtx]
+|04 September 2024
+|umtx Kernel panic or Use-After-Free
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:15.bhyve.asc[FreeBSD-SA-24:15.bhyve]
+|19 September 2024
+|man:bhyve[8] out-of-bounds read access via XHCI emulation
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:16.libnv.asc[FreeBSD-SA-24:16.libnv]
+|19 September 2024
+|Integer overflow in libnv
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:17.bhyve.asc[FreeBSD-SA-24:17.bhyve]
+|29 October 2024
+|Multiple issues in the bhyve hypervisor
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:18.ctl.asc[FreeBSD-SA-24:18.ctl]
+|29 October 2024
+|Unbounded allocation in man:ctl[4] CAM Target Layer
+
+|https://www.freebsd.org/security/advisories/FreeBSD-SA-24:19.fetch.asc[FreeBSD-SA-24:19.fetch]
+|29 October 2024
+|Certificate revocation list man:fetch[1] option fails
 |===
 
 [[errata]]
@@ -238,26 +302,47 @@ gitref:a25789646d71[repository=src], gitref:464fa66f639b[repository=src] (Sponso
 The man:usbconfig[8] utility now reads the descriptions of usb vendor and products from [.filename]#/usr/share/misc/usb_vendors# when available, similar to what man:pciconf[8] does.
 gitref:7b9a772f9f64[repository=src]
 
+An option has been added to change the directory in man:env[1] which closely resembles the feature in the GNU version of env although it does not support long options.
+gitref:08e8554c4a39[repository=src] (Sponsored by Klara, Inc.)
+
 [[userland-contrib]]
 === Contributed Software
 
 One True Awk (man:awk[1]) has been updated to 2nd Edition, with new -csv support and UTF-8 support.
 gitref:daf917daba9c[repository=src]
 
-Clang/LLVM have been upgraded to version 18.1.5.
-gitref:90a5e985e5f4[repository=src]
-
-The man:libarchive[3] library has been upgraded to version 3.7.4.
-gitref:8774c92e32b2[repository=src]
-
 The man:sendmail[8] suite has been upgraded to version 8.18.1, addressing CVE-2023-51765.
 gitref:58ae50f31e95[repository=src]
 
-The man:unbound[8] resolver has been upgraded to version 1.20.0, and addresses "`The DNSBomb`" vulnerability, CVE-2024-33655.
-gitref:dcde37c4170b[repository=src]
+`bc` has been upgraded to 7.0.2.
+gitref:90ea553a0d30[repository=src]
 
-[[userland-deprecated-programs]]
-=== Deprecated Applications
+`libarchive` has been upgraded to 3.7.7.
+gitref:2ae238160f20[repository=src]
+
+`libcbor` has been upgraded to 0.11.0.
+gitref:1755b9daa693[repository=src] (Sponsored by The FreeBSD Foundation)
+
+`libcxxrt` has been upgraded to vendor snapshot 6f2fdfebcd62.
+gitref:d0dcee46d971[repository=src]
+
+`libfido2` has been upgraded to 1.14.0.
+gitref:128bace5102e[repository=src] (Sponsored by The FreeBSD Foundation)
+
+`libpcap` has been upgraded to 1.10.5.
+gitref:26f21a6494b4[repository=src] (Sponsored by The FreeBSD Foundation)
+
+`llvm` has been upgraded to 18.1.6.
+gitref:f1e3279983d6[repository=src]
+
+`openssl` has been upgraded to 3.0.15.
+gitref:cc43f991ab3e[repository=src]
+
+`tcpdump` has been upgraded to 4.99.5.
+gitref:ec3da16d8bc1[repository=src] (Sponsored by The FreeBSD Foundation)
+
+`unbound` has been upgraded to 1.22.0.
+gitref:0a096a7b3ae8[repository=src]
 
 [[userland-libraries]]
 === Runtime Libraries and API
@@ -273,6 +358,24 @@ Many string and memory operations in the C library now use SIMD (single instruct
 There is now a much better implementation of the 128-bit `tgammal` function in the math library, man:math[3], on platforms that support it.
 gitref:8df6c930c151[repository=src]
 
+man:fma[3] now returns correctly-signed zero when provided certain small inputs (as observed in the Python test suite).
+gitref:dc39004bc670[repository=src]
+(Sponsored by The FreeBSD Foundation)
+
+The `cap_rights_is_empty` function has been added.
+It reports whether a `cap_rights_t` has no rights set.
+gitref:e77813f7e4a3[repository=src]
+(Sponsored by The FreeBSD Foundation)
+
+[[userland-deprecated-programs]]
+=== Deprecated Applications
+
+man:fdisk[8] has been deprecated in favor of man:gpart[8] for a long time but has not been removed, running this application will show a warning to migrate to man:gpart[8].
+gitref:3958be5c29da[repository=src] (Sponsored by The FreeBSD Foundation)
+
+The accuracy of man:asinf[3] and man:acosf[3] has improved.
+gitref:33c82f11c267[repository=src]
+
 [[cloud]]
 == Cloud Support
 
@@ -283,6 +386,22 @@ It is compatible with OpenStack and many hosting facilities.
 See the https://cloud-init.io[cloud-init] web site and the commit messages,
 gitref:16a6da44e28d[repository=src] gitref:227e7a205edf[repository=src]. (Sponsored by OVHCloud)
 
+The FreeBSD project is now publishing OCI-compatible container images.
+gitref:8a688fcc242e[repository=src]
+
+The FreeBSD project is now publishing Oracle Cloud Infrastructure images.
+See the
+link:https://cloudmarketplace.oracle.com/marketplace/app/freebsd-release[Oracle Cloud Infrastructure FreeBSD Listing]
+for more information.
+gitref:77b296a2582b[repository=src]
+
+The "shutdown" and "reboot" API in the Amazon EC2 cloud now work for arm64 instances.
+Older instances upgraded to FreeBSD {releaseCurrent} will need to have `debug.acpi.quirks="8"` set in `/boot/loader.conf`.
+gitref:28b881840df7[repository=src] (Sponsored by Amazon)
+
+The FreeBSD projects now publishes "small" EC2 images; these are the "base" images minus debug symbols, tests, 32-bit libraries, the LLDB debugger, the Amazon SSM Agent, and the AWS CLI.
+gitref:953142d6baf3[repository=src] (Sponsored by Amazon)
+
 [[kernel]]
 == Kernel
 
@@ -303,8 +422,8 @@ This section covers changes and additions to devices and device drivers since {r
 === Device Drivers
 
 A driver is available for man:ice[4] Ethernet network controllers in the Intel E800 series, which support 100 Gb/s operation.
-It was upgraded to version 1.39.13-k.
-gitref:71d104536b51[repository=src] gitref:f6de0a7c94e9[repository=src] (Sponsored by Intel Corporation)
+It was upgraded to version 1.43.2-k.
+gitref:38a1655adcb3[repository=src] (Sponsored by Intel Corporation)
 
 Numerous stability improvements have been in the man:iwlwifi[4] driver for Intel Wi-Fi devices.
 (Sponsored by The FreeBSD Foundation)
@@ -324,9 +443,45 @@ Audio now supports asynchronous device detach.
 This greatly simplifies hot plugging and unplugging of things such as USB headsets, and eases use of PulseAudio in cases that require operating system sleep and wake (suspend and resume).
 gitref:d692c314d29a[repository=src] (Sponsored by The FreeBSD Foundation)
 
+`ena` has been upgraded to 2.8.0.
+gitref:6bf02434bd9a[repository=src] (Sponsored by Amazon, Inc.)
+
+`ice_ddp` has been upgraded to 1.3.41.0.
+gitref:a9d78bb714e3[repository=src] (Sponsored by Intel Corporation)
+
+Tiger Lake-H support has been added to the man:hda[4] driver.
+gitref:dbb6f488df6e[repository=src]
+
+Meteor Lake support has been added to the man:ichsmb[4] driver.
+gitref:14c22e28e4ee[repository=src]
+(Sponsored by Framework Computer Inc)
+(Sponsored by The FreeBSD Foundation)
+
+Meteor Lake support has been added to the man:ig4[4] driver.
+gitref:56f0fc0011c2[repository=src]
+
+A new wireless driver supporting some Realtek chipsets is available: man:rtw89[4].
+gitref:a2d1e07f6451[repository=src] (Sponsored by The FreeBSD Foundation)
+
+Support for Realtek 8156/8156B has been moved from from man:cdce[4] to man:ure[4] for improved performance and reliability.
+gitref:630077a84186[repository=src] (Sponsored by The FreeBSD Foundation)
+
+Support for ACPI GPIO _AEI objects has been added.
+gitref:1db6ffb2a482[repository=src] (Sponsored by Amazon)
+
+man:nvme[4] and man:nvmecontrol[8] have been enabled on all architectures.
+gitref:24687a65dd7f[repository=src], gitref:aba2d7f89dcf[repository=src]
+(Sponsored by Chelsio Communications and Netflix)
+
 [[drivers-removals]]
 === Deprecated and Removed Drivers
 
+man:agp[4] has been planned for removal in FreeBSD 15.0, and the man page now states that it is deprecated.
+gitref:92af7c97e197[repository=src]
+
+man:syscons[4] has been planned for removal in future releases, and has been noted as deprecated in the man pages to notify users to migrate to man:vt[4].
+gitref:2bc5b1d60512[repository=src] (Sponsored by The FreeBSD Foundation)
+
 [[storage]]
 == Storage
 
@@ -353,8 +508,8 @@ gitref:6b2af2d88ffd[repository=src]
 [[storage-zfs]]
 === ZFS
 
-OpenZFS has been upgraded to version 2.2.4.
-gitref:78c9d8f1ce65[repository=src]
+OpenZFS has been upgraded to version 2.2.6.
+gitref:755e773877e9[repository=src]
 
 [[storage-general]]
 === General Storage
@@ -389,11 +544,24 @@ gitref:05cf4dda599a[repository=src] gitref:16c09de80135[repository=src]
 The LinuxBoot loader can be used to boot FreeBSD from Linux on aarch64 systems as well as amd64.
 gitref:46010641267[repository=src] (Sponsored by Netflix)
 
+The BIOS boot loader added back support for gzip and bzip2, but removed support for graphics mode (by default) to address size problems.
+(The EFI boot loader is unchanged with support for all of those.)
+gitref:4d3b05a8530e[repository=src] (Sponsored by Netflix)
+
 [[network]]
 == Networking
 
 This section describes changes that affect networking in FreeBSD.
 
+[[network-protocols]]
+=== Network Protocols
+
+Lots of improvements to the network stack, including performance improvements and bug fixes for the man:sctp[4] stack.
+
+Descriptors returned by man:sctp_peeloff[2] now inherit capabilities from the parent socket.
+gitref:ae3d7e27abc9[repository=src]
+(Sponsored by The FreeBSD Foundation)
+
 [[network-general]]
 === General Network
 
@@ -407,6 +575,12 @@ gitref:6df9fa1c6b83[repository=src] and others
 The netgraph man:ng_ipfw[4] module no longer truncates cookies to 16 bits, allowing a full 32 bits.
 gitref:dadf64c5586e[repository=src]
 
+AIM(Adaptive Interrupt Moderation) support has been added to the man:igc[4] driver.
+gitref:472a0ccf847a[repository=src] (Sponsored by Rubicon Communications, LLC ("Netgate") and BBOX.io)
+
+This feature has also been added to the man:lem[4], man:em[4] and man:igb[4] drivers.  A major regression in UDP performance introduced in FreeBSD 12.0, including NFS over UDP, is believed to be fixed with this change.
+gitref:49f12d5b38f6[repository=src] (Sponsored by Rubicon Communications, LLC ("Netgate") and BBOX.io)
+
 [[wireless-networking]]
 === Wireless Networking
 
@@ -422,6 +596,29 @@ Please see link:https://www.freebsd.org/releases/{localRel}R/hardware[the list o
 [[hardware-virtualization]]
 === Virtualization Support
 
+The NVMM hypervisor is now detected.
+gitref:34f40baca641[repository=src]
+
+The VNC server in man:bhyve[8] will now show the correct colors when using the package:www/novnc[] client.
+gitref:f9e09dc5b1d5[repository=src]
+
+Under Hyper-V, TLB flushes are now performed using hypercalls rather than IPIs, providing up to a 40% improvement in TLB performance.
+gitref:7ece5993b787[repository=src] (Sponsored by Microsoft)
+
+[[linuxulator]]
+=== Linux Binary Compatibility
+
+The `AT_NO_AUTOMOUNT` flag is now ignored for all Linuxulator stat() variants (as the behavior specified by the flag already matches FreeBSD's), improving Linux application compatibility.
+gitref:99d3ce80ba07[repository=src]
+(Sponsored by The FreeBSD Foundation)
+
+[[multimedia]]
+== Multimedia
+
+Many improvements to the audio stack including support for hot-swapping in man:mixer[8], and the addition of man:mididump[1].
+gitref:cf9d2fb18433[repository=src] (Sponsored by The FreeBSD Foundation)
+gitref:7224e9f2d4af[repository=src] (Sponsored by The FreeBSD Foundation)
+
 [[documentation]]
 == Documentation
 
@@ -438,8 +635,17 @@ gitref:39f92a4c4c49[repository=src]
 
 This section covers changes to the FreeBSD Ports Collection, package infrastructure, and package maintenance and installation tools.
 
+[[Installer]]
+=== Installer
+
+The FreeBSD installer, man:bsdinstall[8], now supports downloading and installing firmware packages after the FreeBSD base system installation is complete.
+gitref:03c07bdc8b31[repository=src] (Sponsored by The FreeBSD Foundation)
+
 [[ports-packages]]
 === Packaging Changes
 
+The package:net/wifi-firmware-kmod@release[] package has been added to the DVD package set in order to provide necessary firmware for wifi drivers.
+gitref:8c6df7ead19c[repository=src] (Sponsored by The FreeBSD Foundation)
+
 [[future-releases]]
 == General Notes Regarding Future FreeBSD Releases