head	1.778;
access;
symbols
	RELENG_8_4:1.757.0.2
	RELENG_9_1_0_RELEASE:1.702.2.11.2.3
	RELENG_9_1:1.702.2.11.0.2
	RELENG_9_1_BP:1.702.2.11
	RELENG_8_3_0_RELEASE:1.632.2.26.2.2
	RELENG_8_3:1.632.2.26.0.2
	RELENG_8_3_BP:1.632.2.26
	RELENG_9_0_0_RELEASE:1.702.2.4.2.2
	RELENG_9_0:1.702.2.4.0.2
	RELENG_9_0_BP:1.702.2.4
	RELENG_9:1.702.0.2
	RELENG_9_BP:1.702
	RELENG_7_4_0_RELEASE:1.507.2.36.2.2
	RELENG_8_2_0_RELEASE:1.632.2.19.2.2
	RELENG_7_4:1.507.2.36.0.2
	RELENG_7_4_BP:1.507.2.36
	RELENG_8_2:1.632.2.19.0.2
	RELENG_8_2_BP:1.632.2.19
	RELENG_8_1_0_RELEASE:1.632.2.14.2.3
	RELENG_8_1:1.632.2.14.0.2
	RELENG_8_1_BP:1.632.2.14
	RELENG_7_3_0_RELEASE:1.507.2.34.2.2
	RELENG_7_3:1.507.2.34.0.2
	RELENG_7_3_BP:1.507.2.34
	RELENG_8_0_0_RELEASE:1.632.2.7.2.3
	RELENG_8_0:1.632.2.7.0.2
	RELENG_8_0_BP:1.632.2.7
	RELENG_8:1.632.0.2
	RELENG_8_BP:1.632
	RELENG_7_2_0_RELEASE:1.507.2.23.2.3
	RELENG_7_2:1.507.2.23.0.2
	RELENG_7_2_BP:1.507.2.23
	RELENG_7_1_0_RELEASE:1.507.2.13.2.3
	RELENG_6_4_0_RELEASE:1.416.2.40.2.3
	RELENG_7_1:1.507.2.13.0.2
	RELENG_7_1_BP:1.507.2.13
	RELENG_6_4:1.416.2.40.0.2
	RELENG_6_4_BP:1.416.2.40
	RELENG_7_0_0_RELEASE:1.507.2.3.2.4
	RELENG_6_3_0_RELEASE:1.416.2.37.2.4
	RELENG_7_0:1.507.2.3.0.2
	RELENG_7_0_BP:1.507.2.3
	RELENG_6_3:1.416.2.37.0.2
	RELENG_6_3_BP:1.416.2.37
	RELENG_7:1.507.0.2
	RELENG_7_BP:1.507
	RELENG_6_2_0_RELEASE:1.416.2.29.2.3
	RELENG_6_2:1.416.2.29.0.2
	RELENG_6_2_BP:1.416.2.29
	RELENG_5_5_0_RELEASE:1.342.2.35
	RELENG_5_5:1.342.2.35.0.2
	RELENG_5_5_BP:1.342.2.35
	RELENG_6_1_0_RELEASE:1.416.2.22.2.2
	RELENG_6_1:1.416.2.22.0.2
	RELENG_6_1_BP:1.416.2.22
	RELENG_6_0_0_RELEASE:1.416.2.3.2.5
	RELENG_6_0:1.416.2.3.0.2
	RELENG_6_0_BP:1.416.2.3
	RELENG_6:1.416.0.2
	RELENG_6_BP:1.416
	RELENG_5_4_0_RELEASE:1.342.2.24.2.9
	RELENG_5_4:1.342.2.24.0.2
	RELENG_5_4_BP:1.342.2.24
	RELENG_4_11_0_RELEASE:1.73.2.91.2.1
	RELENG_4_11:1.73.2.91.0.2
	RELENG_4_11_BP:1.73.2.91
	RELENG_5_3_0_RELEASE:1.342.2.13.2.3
	RELENG_5_3:1.342.2.13.0.2
	RELENG_5_3_BP:1.342.2.13
	RELENG_5:1.342.0.2
	RELENG_5_BP:1.342
	RELENG_4_10_0_RELEASE:1.73.2.90
	RELENG_4_10:1.73.2.90.0.2
	RELENG_4_10_BP:1.73.2.90
	RELENG_5_2_1_RELEASE:1.282.2.8
	RELENG_5_2_0_RELEASE:1.282.2.3
	RELENG_5_2:1.282.0.2
	RELENG_5_2_BP:1.282
	RELENG_4_9_0_RELEASE:1.73.2.89
	RELENG_4_9:1.73.2.89.0.2
	RELENG_4_9_BP:1.73.2.89
	RELENG_5_1_0_RELEASE:1.251.2.1
	RELENG_5_1:1.251.0.2
	RELENG_5_1_BP:1.251
	RELENG_4_8_0_RELEASE:1.73.2.80.2.1
	RELENG_4_8:1.73.2.80.0.2
	RELENG_4_8_BP:1.73.2.80
	RELENG_5_0_0_RELEASE:1.229.2.3
	RELENG_5_0:1.229.0.2
	RELENG_5_0_BP:1.229
	RELENG_4_7_0_RELEASE:1.73.2.74
	RELENG_4_7:1.73.2.74.0.2
	RELENG_4_7_BP:1.73.2.74
	RELENG_4_6_2_RELEASE:1.73.2.68.2.24
	RELENG_4_6_1_RELEASE:1.73.2.68.2.8
	RELENG_4_6_0_RELEASE:1.73.2.68.2.1
	RELENG_4_6:1.73.2.68.0.2
	RELENG_4_6_BP:1.73.2.68
	RELENG_4_5_0_RELEASE:1.73.2.50.2.4
	RELENG_4_5:1.73.2.50.0.2
	RELENG_4_5_BP:1.73.2.50
	RELENG_4_4_0_RELEASE:1.73.2.43.2.1
	RELENG_4_4:1.73.2.43.0.2
	RELENG_4_4_BP:1.73.2.43
	KSE_MILESTONE_2:1.169
	KSE_PRE_MILESTONE_2:1.169
	RELENG_4_3_0_RELEASE:1.73.2.28
	RELENG_4_3:1.73.2.28.0.2
	RELENG_4_3_BP:1.73.2.28
	RELENG_4_2_0_RELEASE:1.73.2.24
	RELENG_4_1_1_RELEASE:1.73.2.18
	PRE_SMPNG:1.114
	RELENG_4_1_0_RELEASE:1.73.2.10
	RELENG_3_5_0_RELEASE:1.14.2.5
	RELENG_4_0_0_RELEASE:1.73
	RELENG_4:1.73.0.2
	RELENG_4_BP:1.73
	RELENG_3_4_0_RELEASE:1.14.2.3
	RELENG_3_3_0_RELEASE:1.14.2.3
	RELENG_3_2_PAO:1.14.2.2.0.2
	RELENG_3_2_PAO_BP:1.14.2.2
	RELENG_3_2_0_RELEASE:1.14.2.2
	RELENG_3_1_0_RELEASE:1.14
	RELENG_3:1.14.0.2
	RELENG_3_BP:1.14;
locks; strict;
comment	@# @;


1.778
date	2013.07.17.00.32.46;	author svnexp;	state Exp;
branches;
next	1.777;

1.777
date	2013.07.15.00.34.43;	author svnexp;	state Exp;
branches;
next	1.776;

1.776
date	2013.07.13.00.50.11;	author svnexp;	state Exp;
branches;
next	1.775;

1.775
date	2013.07.10.00.50.54;	author svnexp;	state Exp;
branches;
next	1.774;

1.774
date	2013.07.01.00.37.33;	author svnexp;	state Exp;
branches;
next	1.773;

1.773
date	2013.06.19.00.31.58;	author svnexp;	state Exp;
branches;
next	1.772;

1.772
date	2013.06.16.00.38.18;	author svnexp;	state Exp;
branches;
next	1.771;

1.771
date	2013.06.14.00.38.16;	author svnexp;	state Exp;
branches;
next	1.770;

1.770
date	2013.05.22.00.39.38;	author svnexp;	state Exp;
branches;
next	1.769;

1.769
date	2013.05.13.00.36.28;	author svnexp;	state Exp;
branches;
next	1.768;

1.768
date	2013.05.02.00.33.40;	author svnexp;	state Exp;
branches;
next	1.767;

1.767
date	2013.05.01.00.47.15;	author svnexp;	state Exp;
branches;
next	1.766;

1.766
date	2013.05.01.00.36.46;	author svnexp;	state Exp;
branches;
next	1.765;

1.765
date	2013.04.27.00.50.36;	author svnexp;	state Exp;
branches;
next	1.764;

1.764
date	2013.04.27.00.29.14;	author svnexp;	state Exp;
branches;
next	1.763;

1.763
date	2013.04.26.00.39.38;	author svnexp;	state Exp;
branches;
next	1.762;

1.762
date	2013.04.22.00.36.46;	author svnexp;	state Exp;
branches;
next	1.761;

1.761
date	2013.04.21.00.50.36;	author svnexp;	state Exp;
branches;
next	1.760;

1.760
date	2013.04.21.00.26.06;	author svnexp;	state Exp;
branches;
next	1.759;

1.759
date	2013.04.07.00.50.02;	author svnexp;	state Exp;
branches;
next	1.758;

1.758
date	2013.04.07.00.39.36;	author svnexp;	state Exp;
branches;
next	1.757;

1.757
date	2013.03.09.02.56.34;	author svnexp;	state Exp;
branches
	1.757.2.1;
next	1.756;

1.756
date	2013.03.05.01.01.54;	author svnexp;	state Exp;
branches;
next	1.755;

1.755
date	2013.03.05.00.59.04;	author svnexp;	state Exp;
branches;
next	1.754;

1.754
date	2013.03.03.01.15.35;	author svnexp;	state Exp;
branches;
next	1.753;

1.753
date	2013.03.01.00.42.29;	author svnexp;	state Exp;
branches;
next	1.752;

1.752
date	2013.02.28.01.07.21;	author svnexp;	state Exp;
branches;
next	1.751;

1.751
date	2013.01.31.00.29.19;	author svnexp;	state Exp;
branches;
next	1.750;

1.750
date	2013.01.30.00.27.05;	author svnexp;	state Exp;
branches;
next	1.749;

1.749
date	2013.01.19.00.30.33;	author svnexp;	state Exp;
branches;
next	1.748;

1.748
date	2012.12.23.14.23.14;	author svnexp;	state Exp;
branches;
next	1.747;

1.747
date	2012.12.22.14.12.55;	author svnexp;	state Exp;
branches;
next	1.746;

1.746
date	2012.12.16.23.31.15;	author svnexp;	state Exp;
branches;
next	1.745;

1.745
date	2012.12.02.22.10.40;	author svnexp;	state Exp;
branches;
next	1.744;

1.744
date	2012.11.23.12.15.44;	author svnexp;	state Exp;
branches;
next	1.743;

1.743
date	2012.11.17.01.48.28;	author svnexp;	state Exp;
branches;
next	1.742;

1.742
date	2012.11.05.19.20.18;	author brooks;	state Exp;
branches;
next	1.741;

1.741
date	2012.11.05.19.08.18;	author brooks;	state Exp;
branches;
next	1.740;

1.740
date	2012.11.02.01.20.55;	author ae;	state Exp;
branches;
next	1.739;

1.739
date	2012.10.31.13.52.03;	author gavin;	state Exp;
branches;
next	1.738;

1.738
date	2012.10.25.10.35.08;	author ae;	state Exp;
branches;
next	1.737;

1.737
date	2012.10.23.16.33.43;	author andre;	state Exp;
branches;
next	1.736;

1.736
date	2012.10.22.21.09.03;	author glebius;	state Exp;
branches;
next	1.735;

1.735
date	2012.10.22.17.54.32;	author kib;	state Exp;
branches;
next	1.734;

1.734
date	2012.10.18.12.11.13;	author attilio;	state Exp;
branches;
next	1.733;

1.733
date	2012.10.16.13.37.54;	author glebius;	state Exp;
branches;
next	1.732;

1.732
date	2012.10.16.01.10.43;	author gonzo;	state Exp;
branches;
next	1.731;

1.731
date	2012.10.13.23.54.26;	author attilio;	state Exp;
branches;
next	1.730;

1.730
date	2012.10.13.19.37.58;	author gabor;	state Exp;
branches;
next	1.729;

1.729
date	2012.10.13.18.40.39;	author gabor;	state Exp;
branches;
next	1.728;

1.728
date	2012.10.06.10.02.11;	author glebius;	state Exp;
branches;
next	1.727;

1.727
date	2012.10.02.17.46.32;	author adrian;	state Exp;
branches;
next	1.726;

1.726
date	2012.10.01.10.46.35;	author kib;	state Exp;
branches;
next	1.725;

1.725
date	2012.09.08.06.41.54;	author glebius;	state Exp;
branches;
next	1.724;

1.724
date	2012.08.28.12.25.37;	author mm;	state Exp;
branches;
next	1.723;

1.723
date	2012.07.27.18.23.11;	author marius;	state Exp;
branches;
next	1.722;

1.722
date	2012.07.12.19.30.53;	author jkim;	state Exp;
branches;
next	1.721;

1.721
date	2012.07.12.07.34.09;	author brueffer;	state Exp;
branches;
next	1.720;

1.720
date	2012.06.28.08.22.00;	author gabor;	state Exp;
branches;
next	1.719;

1.719
date	2012.06.11.11.35.22;	author mm;	state Exp;
branches;
next	1.718;

1.718
date	2012.04.17.20.35.54;	author jasone;	state Exp;
branches;
next	1.717;

1.717
date	2012.04.17.20.21.04;	author jasone;	state Exp;
branches;
next	1.716;

1.716
date	2012.03.29.02.54.35;	author jmallett;	state Exp;
branches;
next	1.715;

1.715
date	2012.03.06.20.01.25;	author attilio;	state Exp;
branches;
next	1.714;

1.714
date	2012.02.29.21.38.31;	author trociny;	state Exp;
branches;
next	1.713;

1.713
date	2012.02.11.06.05.40;	author bz;	state Exp;
branches;
next	1.712;

1.712
date	2012.01.14.23.19.10;	author dougb;	state Exp;
branches;
next	1.711;

1.711
date	2012.01.14.09.32.58;	author dougb;	state Exp;
branches;
next	1.710;

1.710
date	2012.01.09.12.06.09;	author avg;	state Exp;
branches;
next	1.709;

1.709
date	2011.12.16.12.16.56;	author glebius;	state Exp;
branches;
next	1.708;

1.708
date	2011.11.30.20.08.30;	author jh;	state Exp;
branches;
next	1.707;

1.707
date	2011.11.08.10.18.07;	author attilio;	state Exp;
branches;
next	1.706;

1.706
date	2011.11.01.21.26.57;	author marius;	state Exp;
branches;
next	1.705;

1.705
date	2011.10.16.14.30.28;	author eadler;	state Exp;
branches;
next	1.704;

1.704
date	2011.10.03.15.13.09;	author nwhitehorn;	state Exp;
branches;
next	1.703;

1.703
date	2011.09.26.02.27.04;	author kensmith;	state Exp;
branches;
next	1.702;

1.702
date	2011.09.13.21.01.26;	author rmacklem;	state Exp;
branches
	1.702.2.1;
next	1.701;

1.701
date	2011.08.28.09.26.48;	author kib;	state Exp;
branches;
next	1.700;

1.700
date	2011.08.24.12.18.29;	author gjb;	state Exp;
branches;
next	1.699;

1.699
date	2011.08.15.07.30.48;	author rwatson;	state Exp;
branches;
next	1.698;

1.698
date	2011.06.29.13.12.15;	author bz;	state Exp;
branches;
next	1.697;

1.697
date	2011.06.28.11.57.25;	author bz;	state Exp;
branches;
next	1.696;

1.696
date	2011.06.18.10.48.00;	author marius;	state Exp;
branches;
next	1.695;

1.695
date	2011.06.08.08.12.15;	author avg;	state Exp;
branches;
next	1.694;

1.694
date	2011.06.07.19.39.34;	author bz;	state Exp;
branches;
next	1.693;

1.693
date	2011.06.07.08.46.13;	author attilio;	state Exp;
branches;
next	1.692;

1.692
date	2011.05.14.01.53.38;	author attilio;	state Exp;
branches;
next	1.691;

1.691
date	2011.04.30.11.30.42;	author adrian;	state Exp;
branches;
next	1.690;

1.690
date	2011.04.27.17.51.51;	author rmacklem;	state Exp;
branches;
next	1.689;

1.689
date	2011.04.27.08.53.52;	author mav;	state Exp;
branches;
next	1.688;

1.688
date	2011.04.26.17.01.49;	author mav;	state Exp;
branches;
next	1.687;

1.687
date	2011.04.24.09.23.08;	author mav;	state Exp;
branches;
next	1.686;

1.686
date	2011.04.24.08.58.58;	author mav;	state Exp;
branches;
next	1.685;

1.685
date	2011.04.24.00.06.56;	author rmacklem;	state Exp;
branches;
next	1.684;

1.684
date	2011.04.18.10.25.54;	author dim;	state Exp;
branches;
next	1.683;

1.683
date	2011.04.14.15.44.44;	author nwhitehorn;	state Exp;
branches;
next	1.682;

1.682
date	2011.03.31.08.32.53;	author adrian;	state Exp;
branches;
next	1.681;

1.681
date	2011.02.18.20.54.12;	author dim;	state Exp;
branches;
next	1.680;

1.680
date	2011.02.18.13.21.30;	author vanhu;	state Exp;
branches;
next	1.679;

1.679
date	2011.02.18.09.40.13;	author vanhu;	state Exp;
branches;
next	1.678;

1.678
date	2011.02.08.00.36.46;	author mdf;	state Exp;
branches;
next	1.677;

1.677
date	2011.01.12.19.28.52;	author brucec;	state Exp;
branches;
next	1.676;

1.676
date	2011.01.12.17.52.48;	author mdf;	state Exp;
branches;
next	1.675;

1.675
date	2011.01.12.14.55.02;	author nwhitehorn;	state Exp;
branches;
next	1.674;

1.674
date	2011.01.03.23.05.20;	author imp;	state Exp;
branches;
next	1.673;

1.673
date	2010.12.28.12.13.30;	author lstewart;	state Exp;
branches;
next	1.672;

1.672
date	2010.12.20.15.17.34;	author netchild;	state Exp;
branches;
next	1.671;

1.671
date	2010.11.14.13.26.10;	author marius;	state Exp;
branches;
next	1.670;

1.670
date	2010.11.12.06.41.55;	author lstewart;	state Exp;
branches;
next	1.669;

1.669
date	2010.10.25.07.39.05;	author avg;	state Exp;
branches;
next	1.668;

1.668
date	2010.10.07.17.26.22;	author emaste;	state Exp;
branches;
next	1.667;

1.667
date	2010.10.04.15.39.53;	author gordon;	state Exp;
branches;
next	1.666;

1.666
date	2010.09.15.10.04.41;	author avg;	state Exp;
branches;
next	1.665;

1.665
date	2010.09.13.19.55.40;	author hrs;	state Exp;
branches;
next	1.664;

1.664
date	2010.09.13.17.49.39;	author rpaulo;	state Exp;
branches;
next	1.663;

1.663
date	2010.07.25.18.32.59;	author rpaulo;	state Exp;
branches;
next	1.662;

1.662
date	2010.07.22.19.11.57;	author gabor;	state Exp;
branches;
next	1.661;

1.661
date	2010.07.13.05.32.19;	author nwhitehorn;	state Exp;
branches;
next	1.660;

1.660
date	2010.07.12.23.49.04;	author mm;	state Exp;
branches;
next	1.659;

1.659
date	2010.05.12.21.20.04;	author brueffer;	state Exp;
branches;
next	1.658;

1.658
date	2010.04.30.00.46.43;	author kmacy;	state Exp;
branches;
next	1.657;

1.657
date	2010.04.02.06.55.31;	author netchild;	state Exp;
branches;
next	1.656;

1.656
date	2010.03.11.14.49.06;	author nwhitehorn;	state Exp;
branches;
next	1.655;

1.655
date	2010.03.10.06.10.39;	author obrien;	state Exp;
branches;
next	1.654;

1.654
date	2010.03.10.05.44.57;	author dougb;	state Exp;
branches;
next	1.653;

1.653
date	2010.01.14.20.58.45;	author ed;	state Exp;
branches;
next	1.652;

1.652
date	2010.01.13.19.25.03;	author ed;	state Exp;
branches;
next	1.651;

1.651
date	2010.01.09.01.46.38;	author attilio;	state Exp;
branches;
next	1.650;

1.650
date	2009.12.25.21.14.34;	author ru;	state Exp;
branches;
next	1.649;

1.649
date	2009.12.18.16.35.28;	author ume;	state Exp;
branches;
next	1.648;

1.648
date	2009.11.21.01.43.22;	author dougb;	state Exp;
branches;
next	1.647;

1.647
date	2009.11.13.11.28.54;	author ed;	state Exp;
branches;
next	1.646;

1.646
date	2009.11.13.05.54.55;	author ed;	state Exp;
branches;
next	1.645;

1.645
date	2009.11.09.16.05.32;	author rpaulo;	state Exp;
branches;
next	1.644;

1.644
date	2009.11.03.21.06.19;	author thompsa;	state Exp;
branches;
next	1.643;

1.643
date	2009.10.26.09.16.08;	author mav;	state Exp;
branches;
next	1.642;

1.642
date	2009.10.25.10.29.37;	author rpaulo;	state Exp;
branches;
next	1.641;

1.641
date	2009.09.26.18.59.00;	author hrs;	state Exp;
branches;
next	1.640;

1.640
date	2009.09.22.18.19.18;	author rpaulo;	state Exp;
branches;
next	1.639;

1.639
date	2009.09.14.21.10.40;	author pjd;	state Exp;
branches;
next	1.638;

1.638
date	2009.09.05.08.09.35;	author imp;	state Exp;
branches;
next	1.637;

1.637
date	2009.09.05.08.08.14;	author imp;	state Exp;
branches;
next	1.636;

1.636
date	2009.09.03.17.13.54;	author imp;	state Exp;
branches;
next	1.635;

1.635
date	2009.09.03.17.04.42;	author imp;	state Exp;
branches;
next	1.634;

1.634
date	2009.08.22.23.44.37;	author kensmith;	state Exp;
branches;
next	1.633;

1.633
date	2009.08.13.17.09.45;	author attilio;	state Exp;
branches;
next	1.632;

1.632
date	2009.07.26.20.12.06;	author kib;	state Exp;
branches
	1.632.2.1;
next	1.631;

1.631
date	2009.07.19.17.25.24;	author kensmith;	state Exp;
branches;
next	1.630;

1.630
date	2009.07.14.22.48.30;	author rwatson;	state Exp;
branches;
next	1.629;

1.629
date	2009.07.13.11.51.02;	author lstewart;	state Exp;
branches;
next	1.628;

1.628
date	2009.07.12.09.14.28;	author lstewart;	state Exp;
branches;
next	1.627;

1.627
date	2009.07.01.18.12.50;	author dfr;	state Exp;
branches;
next	1.626;

1.626
date	2009.07.01.07.35.57;	author dfr;	state Exp;
branches;
next	1.625;

1.625
date	2009.06.29.19.46.29;	author brooks;	state Exp;
branches;
next	1.624;

1.624
date	2009.06.28.08.59.46;	author blackend;	state Exp;
branches;
next	1.623;

1.623
date	2009.06.26.17.50.52;	author jhb;	state Exp;
branches;
next	1.622;

1.622
date	2009.06.26.01.10.10;	author dougb;	state Exp;
branches;
next	1.621;

1.621
date	2009.06.22.17.48.16;	author bz;	state Exp;
branches;
next	1.620;

1.620
date	2009.06.19.17.10.35;	author brooks;	state Exp;
branches;
next	1.619;

1.619
date	2009.06.17.01.55.42;	author attilio;	state Exp;
branches;
next	1.618;

1.618
date	2009.06.13.23.44.56;	author sam;	state Exp;
branches;
next	1.617;

1.617
date	2009.06.11.16.50.49;	author zec;	state Exp;
branches;
next	1.616;

1.616
date	2009.06.08.17.15.40;	author zec;	state Exp;
branches;
next	1.615;

1.615
date	2009.06.02.13.44.36;	author ed;	state Exp;
branches;
next	1.614;

1.614
date	2009.06.01.22.47.59;	author dougb;	state Exp;
branches;
next	1.613;

1.613
date	2009.06.01.18.07.38;	author bz;	state Exp;
branches;
next	1.612;

1.612
date	2009.06.01.16.00.36;	author rwatson;	state Exp;
branches;
next	1.611;

1.611
date	2009.06.01.15.49.42;	author bz;	state Exp;
branches;
next	1.610;

1.610
date	2009.05.30.23.52.23;	author attilio;	state Exp;
branches;
next	1.609;

1.609
date	2009.05.30.14.01.01;	author trasz;	state Exp;
branches;
next	1.608;

1.608
date	2009.05.29.19.45.39;	author maxim;	state Exp;
branches;
next	1.607;

1.607
date	2009.05.29.18.50.27;	author trasz;	state Exp;
branches;
next	1.606;

1.606
date	2009.05.29.01.49.27;	author attilio;	state Exp;
branches;
next	1.605;

1.605
date	2009.05.27.14.11.23;	author jamie;	state Exp;
branches;
next	1.604;

1.604
date	2009.05.23.21.43.44;	author zec;	state Exp;
branches;
next	1.603;

1.603
date	2009.05.23.09.24.07;	author joel;	state Exp;
branches;
next	1.602;

1.602
date	2009.05.23.08.49.55;	author edwin;	state Exp;
branches;
next	1.601;

1.601
date	2009.05.23.06.31.50;	author edwin;	state Exp;
branches;
next	1.600;

1.600
date	2009.05.21.01.48.42;	author thompsa;	state Exp;
branches;
next	1.599;

1.599
date	2009.05.20.20.05.56;	author sam;	state Exp;
branches;
next	1.598;

1.598
date	2009.04.30.13.36.26;	author zec;	state Exp;
branches;
next	1.597;

1.597
date	2009.04.29.19.19.13;	author bms;	state Exp;
branches;
next	1.596;

1.596
date	2009.04.24.15.38.13;	author delphij;	state Exp;
branches;
next	1.595;

1.595
date	2009.04.24.11.34.59;	author garga;	state Exp;
branches;
next	1.594;

1.594
date	2009.04.24.09.58.50;	author rwatson;	state Exp;
branches;
next	1.593;

1.593
date	2009.04.22.15.54.27;	author emax;	state Exp;
branches;
next	1.592;

1.592
date	2009.04.15.22.09.42;	author kmacy;	state Exp;
branches;
next	1.591;

1.591
date	2009.04.15.20.34.19;	author kmacy;	state Exp;
branches;
next	1.590;

1.590
date	2009.04.14.23.05.36;	author kmacy;	state Exp;
branches;
next	1.589;

1.589
date	2009.04.12.19.42.25;	author emax;	state Exp;
branches;
next	1.588;

1.588
date	2009.04.08.18.30.42;	author zec;	state Exp;
branches;
next	1.587;

1.587
date	2009.03.20.23.13.32;	author ivoras;	state Exp;
branches;
next	1.586;

1.586
date	2009.03.20.21.51.27;	author ivoras;	state Exp;
branches;
next	1.585;

1.585
date	2009.03.19.20.33.26;	author thompsa;	state Exp;
branches;
next	1.584;

1.584
date	2009.03.19.01.43.03;	author bms;	state Exp;
branches;
next	1.583;

1.583
date	2009.03.15.16.12.50;	author rwatson;	state Exp;
branches;
next	1.582;

1.582
date	2009.03.13.16.40.56;	author gabor;	state Exp;
branches;
next	1.581;

1.581
date	2009.03.13.16.30.33;	author rpaulo;	state Exp;
branches;
next	1.580;

1.580
date	2009.03.09.22.43.00;	author thompsa;	state Exp;
branches;
next	1.579;

1.579
date	2009.03.09.22.42.01;	author thompsa;	state Exp;
branches;
next	1.578;

1.578
date	2009.03.09.19.56.37;	author stas;	state Exp;
branches;
next	1.577;

1.577
date	2009.03.09.19.22.45;	author stas;	state Exp;
branches;
next	1.576;

1.576
date	2009.03.09.17.53.05;	author bms;	state Exp;
branches;
next	1.575;

1.575
date	2009.03.09.17.05.31;	author thompsa;	state Exp;
branches;
next	1.574;

1.574
date	2009.03.05.12.04.42;	author kib;	state Exp;
branches;
next	1.573;

1.573
date	2009.03.02.18.53.30;	author kib;	state Exp;
branches;
next	1.572;

1.572
date	2009.03.01.18.57.59;	author imp;	state Exp;
branches;
next	1.571;

1.571
date	2009.03.01.12.44.33;	author rwatson;	state Exp;
branches;
next	1.570;

1.570
date	2009.02.27.17.32.49;	author thompsa;	state Exp;
branches;
next	1.569;

1.569
date	2009.02.23.19.30.00;	author thompsa;	state Exp;
branches;
next	1.568;

1.568
date	2009.02.23.19.28.29;	author thompsa;	state Exp;
branches;
next	1.567;

1.567
date	2009.02.23.18.56.49;	author thompsa;	state Exp;
branches;
next	1.566;

1.566
date	2009.02.17.11.55.50;	author mtm;	state Exp;
branches;
next	1.565;

1.565
date	2009.02.17.10.50.18;	author maxim;	state Exp;
branches;
next	1.564;

1.564
date	2009.02.17.10.49.36;	author maxim;	state Exp;
branches;
next	1.563;

1.563
date	2009.02.16.18.59.18;	author thompsa;	state Exp;
branches;
next	1.562;

1.562
date	2009.02.15.22.33.44;	author thompsa;	state Exp;
branches;
next	1.561;

1.561
date	2009.02.06.15.03.14;	author jhb;	state Exp;
branches;
next	1.560;

1.560
date	2009.02.01.21.11.08;	author bz;	state Exp;
branches;
next	1.559;

1.559
date	2009.01.19.17.00.42;	author sobomax;	state Exp;
branches;
next	1.558;

1.558
date	2009.01.15.06.44.22;	author lstewart;	state Exp;
branches;
next	1.557;

1.557
date	2008.12.25.10.05.00;	author mav;	state Exp;
branches;
next	1.556;

1.556
date	2008.12.19.23.12.14;	author sam;	state Exp;
branches;
next	1.555;

1.555
date	2008.12.19.23.10.55;	author sam;	state Exp;
branches;
next	1.554;

1.554
date	2008.12.17.00.11.56;	author kmacy;	state Exp;
branches;
next	1.553;

1.553
date	2008.12.15.06.10.57;	author qingli;	state Exp;
branches;
next	1.552;

1.552
date	2008.12.08.17.12.40;	author schweikh;	state Exp;
branches;
next	1.551;

1.551
date	2008.12.01.23.09.58;	author sam;	state Exp;
branches;
next	1.550;

1.550
date	2008.12.01.16.53.01;	author sam;	state Exp;
branches;
next	1.549;

1.549
date	2008.11.22.05.55.56;	author kmacy;	state Exp;
branches;
next	1.548;

1.548
date	2008.11.19.00.25.15;	author delphij;	state Exp;
branches;
next	1.547;

1.547
date	2008.11.18.21.41.09;	author delphij;	state Exp;
branches;
next	1.546;

1.546
date	2008.10.28.14.14.57;	author oleg;	state Exp;
branches;
next	1.545;

1.545
date	2008.10.10.06.37.51;	author n_hibma;	state Exp;
branches;
next	1.544;

1.544
date	2008.10.10.04.23.40;	author jkoshy;	state Exp;
branches;
next	1.543;

1.543
date	2008.10.08.01.31.00;	author delphij;	state Exp;
branches;
next	1.542;

1.542
date	2008.09.14.19.25.57;	author ed;	state Exp;
branches;
next	1.541;

1.541
date	2008.09.03.08.30.17;	author roberto;	state Exp;
branches;
next	1.540;

1.540
date	2008.09.01.23.50.56;	author des;	state Exp;
branches;
next	1.539;

1.539
date	2008.08.20.08.31.58;	author ed;	state Exp;
branches;
next	1.538;

1.538
date	2008.08.18.10.38.16;	author ed;	state Exp;
branches;
next	1.537;

1.537
date	2008.07.25.09.30.53;	author maxim;	state Exp;
branches;
next	1.536;

1.536
date	2008.07.25.09.13.18;	author maxim;	state Exp;
branches;
next	1.535;

1.535
date	2008.07.13.07.20.14;	author ed;	state Exp;
branches;
next	1.534;

1.534
date	2008.07.07.13.08.30;	author remko;	state Exp;
branches;
next	1.533;

1.533
date	2008.07.07.11.44.57;	author remko;	state Exp;
branches;
next	1.532;

1.532
date	2008.06.09.21.33.57;	author marcel;	state Exp;
branches;
next	1.531;

1.531
date	2008.06.03.18.09.10;	author rdivacky;	state Exp;
branches;
next	1.530;

1.530
date	2008.06.03.17.50.13;	author rdivacky;	state Exp;
branches;
next	1.529;

1.529
date	2008.05.26.10.39.45;	author bz;	state Exp;
branches;
next	1.528;

1.528
date	2008.05.09.23.14.01;	author julian;	state Exp;
branches;
next	1.527;

1.527
date	2008.04.29.19.55.18;	author imp;	state Exp;
branches;
next	1.526;

1.526
date	2008.04.27.04.07.36;	author imp;	state Exp;
branches;
next	1.525;

1.525
date	2008.04.20.21.25.37;	author sam;	state Exp;
branches;
next	1.524;

1.524
date	2008.04.08.17.55.25;	author jkim;	state Exp;
branches;
next	1.523;

1.523
date	2008.03.12.09.48.42;	author jeff;	state Exp;
branches;
next	1.522;

1.522
date	2008.03.01.22.54.42;	author marcel;	state Exp;
branches;
next	1.521;

1.521
date	2008.02.29.22.08.49;	author jfv;	state Exp;
branches;
next	1.520;

1.520
date	2008.02.20.07.50.12;	author thompsa;	state Exp;
branches;
next	1.519;

1.519
date	2008.02.11.23.23.20;	author kris;	state Exp;
branches;
next	1.518;

1.518
date	2008.02.08.21.24.58;	author sam;	state Exp;
branches;
next	1.517;

1.517
date	2008.01.26.17.09.39;	author yar;	state Exp;
branches;
next	1.516;

1.516
date	2008.01.23.22.21.36;	author ru;	state Exp;
branches;
next	1.515;

1.515
date	2008.01.22.15.05.22;	author trhodes;	state Exp;
branches;
next	1.514;

1.514
date	2008.01.21.22.04.37;	author imp;	state Exp;
branches;
next	1.513;

1.513
date	2007.11.28.13.04.11;	author matteo;	state Exp;
branches;
next	1.512;

1.512
date	2007.11.18.18.11.16;	author marius;	state Exp;
branches;
next	1.511;

1.511
date	2007.10.24.20.51.43;	author marius;	state Exp;
branches;
next	1.510;

1.510
date	2007.10.21.04.27.07;	author julian;	state Exp;
branches;
next	1.509;

1.509
date	2007.10.12.04.48.58;	author kevlo;	state Exp;
branches;
next	1.508;

1.508
date	2007.10.11.04.28.07;	author kensmith;	state Exp;
branches;
next	1.507;

1.507
date	2007.10.09.17.51.11;	author obrien;	state Exp;
branches
	1.507.2.1;
next	1.506;

1.506
date	2007.10.09.13.42.20;	author obrien;	state Exp;
branches;
next	1.505;

1.505
date	2007.09.30.11.05.12;	author marius;	state Exp;
branches;
next	1.504;

1.504
date	2007.09.28.10.38.07;	author bushman;	state Exp;
branches;
next	1.503;

1.503
date	2007.07.09.01.13.00;	author yongari;	state Exp;
branches;
next	1.502;

1.502
date	2007.07.06.06.35.50;	author yongari;	state Exp;
branches;
next	1.501;

1.501
date	2007.07.04.21.47.23;	author gnn;	state Exp;
branches;
next	1.500;

1.500
date	2007.07.03.13.06.44;	author mlaier;	state Exp;
branches;
next	1.499;

1.499
date	2007.07.01.11.38.26;	author gnn;	state Exp;
branches;
next	1.498;

1.498
date	2007.07.01.10.25.05;	author thompsa;	state Exp;
branches;
next	1.497;

1.497
date	2007.06.12.17.33.56;	author gshapiro;	state Exp;
branches;
next	1.496;

1.496
date	2007.06.12.17.33.22;	author gshapiro;	state Exp;
branches;
next	1.495;

1.495
date	2007.06.12.16.24.56;	author bms;	state Exp;
branches;
next	1.494;

1.494
date	2007.06.11.04.06.50;	author sam;	state Exp;
branches;
next	1.493;

1.493
date	2007.06.10.18.57.18;	author yar;	state Exp;
branches;
next	1.492;

1.492
date	2007.05.29.12.40.45;	author yar;	state Exp;
branches;
next	1.491;

1.491
date	2007.05.16.17.23.53;	author wkoszek;	state Exp;
branches;
next	1.490;

1.490
date	2007.05.13.14.41.48;	author deischen;	state Exp;
branches;
next	1.489;

1.489
date	2007.04.23.22.15.07;	author gshapiro;	state Exp;
branches;
next	1.488;

1.488
date	2007.04.19.17.08.54;	author dds;	state Exp;
branches;
next	1.487;

1.487
date	2007.04.18.17.34.59;	author dds;	state Exp;
branches;
next	1.486;

1.486
date	2007.04.17.00.41.59;	author thompsa;	state Exp;
branches;
next	1.485;

1.485
date	2007.04.14.16.26.01;	author gshapiro;	state Exp;
branches;
next	1.484;

1.484
date	2007.04.03.10.04.54;	author brueffer;	state Exp;
branches;
next	1.483;

1.483
date	2007.04.01.17.49.27;	author mlaier;	state Exp;
branches;
next	1.482;

1.482
date	2007.03.02.14.56.15;	author flz;	state Exp;
branches;
next	1.481;

1.481
date	2007.03.01.15.42.23;	author ru;	state Exp;
branches;
next	1.480;

1.480
date	2007.02.28.21.33.40;	author bms;	state Exp;
branches;
next	1.479;

1.479
date	2007.02.24.21.59.18;	author simon;	state Exp;
branches;
next	1.478;

1.478
date	2007.02.24.21.21.53;	author bms;	state Exp;
branches;
next	1.477;

1.477
date	2007.02.24.20.15.04;	author piso;	state Exp;
branches;
next	1.476;

1.476
date	2007.02.24.19.45.09;	author piso;	state Exp;
branches;
next	1.475;

1.475
date	2007.02.24.11.41.05;	author bms;	state Exp;
branches;
next	1.474;

1.474
date	2007.02.19.22.49.43;	author njl;	state Exp;
branches;
next	1.473;

1.473
date	2007.02.14.14.17.01;	author bms;	state Exp;
branches;
next	1.472;

1.472
date	2007.02.10.13.59.13;	author bms;	state Exp;
branches;
next	1.471;

1.471
date	2007.02.07.16.04.11;	author bms;	state Exp;
branches;
next	1.470;

1.470
date	2006.12.22.03.03.31;	author jdp;	state Exp;
branches;
next	1.469;

1.469
date	2006.12.15.00.30.37;	author jdp;	state Exp;
branches;
next	1.468;

1.468
date	2006.12.14.23.10.59;	author jdp;	state Exp;
branches;
next	1.467;

1.467
date	2006.12.06.06.39.47;	author julian;	state Exp;
branches;
next	1.466;

1.466
date	2006.11.26.12.24.04;	author ariff;	state Exp;
branches;
next	1.465;

1.465
date	2006.11.22.23.01.40;	author rodrigc;	state Exp;
branches;
next	1.464;

1.464
date	2006.11.15.20.02.20;	author jhb;	state Exp;
branches;
next	1.463;

1.463
date	2006.11.11.03.18.06;	author kmacy;	state Exp;
branches;
next	1.462;

1.462
date	2006.10.26.22.05.24;	author jb;	state Exp;
branches;
next	1.461;

1.461
date	2006.10.26.21.42.15;	author jb;	state Exp;
branches;
next	1.460;

1.460
date	2006.09.30.20.01.15;	author ru;	state Exp;
branches;
next	1.459;

1.459
date	2006.09.29.10.39.23;	author bms;	state Exp;
branches;
next	1.458;

1.458
date	2006.09.29.10.14.37;	author ru;	state Exp;
branches;
next	1.457;

1.457
date	2006.09.28.13.00.50;	author bms;	state Exp;
branches;
next	1.456;

1.456
date	2006.09.18.11.24.25;	author maxim;	state Exp;
branches;
next	1.455;

1.455
date	2006.09.04.21.49.31;	author sam;	state Exp;
branches;
next	1.454;

1.454
date	2006.09.02.22.17.15;	author marius;	state Exp;
branches;
next	1.453;

1.453
date	2006.08.17.00.41.05;	author julian;	state Exp;
branches;
next	1.452;

1.452
date	2006.07.26.16.31.10;	author jkim;	state Exp;
branches;
next	1.451;

1.451
date	2006.07.09.21.16.06;	author twinterg;	state Exp;
branches;
next	1.450;

1.450
date	2006.06.27.20.22.32;	author rink;	state Exp;
branches;
next	1.449;

1.449
date	2006.05.15.15.47.45;	author keramida;	state Exp;
branches;
next	1.448;

1.448
date	2006.05.14.20.54.45;	author brueffer;	state Exp;
branches;
next	1.447;

1.447
date	2006.05.13.06.08.25;	author mlaier;	state Exp;
branches;
next	1.446;

1.446
date	2006.05.04.03.48.06;	author marcel;	state Exp;
branches;
next	1.445;

1.445
date	2006.04.07.11.36.25;	author ru;	state Exp;
branches;
next	1.444;

1.444
date	2006.03.21.10.10.05;	author ru;	state Exp;
branches;
next	1.443;

1.443
date	2006.03.10.18.40.31;	author imp;	state Exp;
branches;
next	1.442;

1.442
date	2006.03.09.17.50.01;	author yar;	state Exp;
branches;
next	1.441;

1.441
date	2006.03.05.22.52.15;	author yar;	state Exp;
branches;
next	1.440;

1.440
date	2006.03.03.21.37.38;	author yar;	state Exp;
branches;
next	1.439;

1.439
date	2006.02.19.01.05.57;	author yar;	state Exp;
branches;
next	1.438;

1.438
date	2006.02.01.13.04.52;	author yar;	state Exp;
branches;
next	1.437;

1.437
date	2006.01.31.20.29.04;	author jhb;	state Exp;
branches;
next	1.436;

1.436
date	2006.01.18.20.36.58;	author pav;	state Exp;
branches;
next	1.435;

1.435
date	2006.01.18.19.54.51;	author julian;	state Exp;
branches;
next	1.434;

1.434
date	2006.01.13.22.37.48;	author jasone;	state Exp;
branches;
next	1.433;

1.433
date	2006.01.13.17.32.22;	author glebius;	state Exp;
branches;
next	1.432;

1.432
date	2006.01.06.19.04.39;	author jhb;	state Exp;
branches;
next	1.431;

1.431
date	2005.12.31.14.44.49;	author netchild;	state Exp;
branches;
next	1.430;

1.430
date	2005.12.19.03.15.49;	author obrien;	state Exp;
branches;
next	1.429;

1.429
date	2005.12.11.23.18.58;	author sam;	state Exp;
branches;
next	1.428;

1.428
date	2005.12.07.20.49.42;	author dougb;	state Exp;
branches;
next	1.427;

1.427
date	2005.12.06.10.39.14;	author glebius;	state Exp;
branches;
next	1.426;

1.426
date	2005.12.03.07.51.07;	author dougb;	state Exp;
branches;
next	1.425;

1.425
date	2005.11.29.19.13.28;	author rodrigc;	state Exp;
branches;
next	1.424;

1.424
date	2005.11.29.08.59.40;	author glebius;	state Exp;
branches;
next	1.423;

1.423
date	2005.10.29.05.27.32;	author yar;	state Exp;
branches;
next	1.422;

1.422
date	2005.10.01.20.53.51;	author glebius;	state Exp;
branches;
next	1.421;

1.421
date	2005.09.27.18.10.29;	author mlaier;	state Exp;
branches;
next	1.420;

1.420
date	2005.09.09.15.59.17;	author obrien;	state Exp;
branches;
next	1.419;

1.419
date	2005.07.23.14.23.30;	author netchild;	state Exp;
branches;
next	1.418;

1.418
date	2005.07.22.18.51.36;	author ume;	state Exp;
branches;
next	1.417;

1.417
date	2005.07.11.15.46.45;	author kensmith;	state Exp;
branches;
next	1.416;

1.416
date	2005.07.01.15.12.09;	author des;	state Exp;
branches
	1.416.2.1;
next	1.415;

1.415
date	2005.06.30.05.02.34;	author brooks;	state Exp;
branches;
next	1.414;

1.414
date	2005.06.10.19.59.26;	author jkoshy;	state Exp;
branches;
next	1.413;

1.413
date	2005.06.10.16.51.49;	author brooks;	state Exp;
branches;
next	1.412;

1.412
date	2005.06.09.19.09.38;	author gad;	state Exp;
branches;
next	1.411;

1.411
date	2005.06.07.18.07.47;	author brooks;	state Exp;
branches;
next	1.410;

1.410
date	2005.06.05.03.38.03;	author thompsa;	state Exp;
branches;
next	1.409;

1.409
date	2005.06.03.10.19.26;	author ume;	state Exp;
branches;
next	1.408;

1.408
date	2005.06.03.09.15.17;	author ume;	state Exp;
branches;
next	1.407;

1.407
date	2005.06.03.03.34.21;	author ume;	state Exp;
branches;
next	1.406;

1.406
date	2005.05.28.22.45.31;	author gad;	state Exp;
branches;
next	1.405;

1.405
date	2005.05.25.21.03.13;	author netchild;	state Exp;
branches;
next	1.404;

1.404
date	2005.05.16.05.37.32;	author imp;	state Exp;
branches;
next	1.403;

1.403
date	2005.05.09.16.44.22;	author imp;	state Exp;
branches;
next	1.402;

1.402
date	2005.05.03.17.43.13;	author mlaier;	state Exp;
branches;
next	1.401;

1.401
date	2005.04.18.14.33.18;	author scottl;	state Exp;
branches;
next	1.400;

1.400
date	2005.03.03.08.44.33;	author imp;	state Exp;
branches;
next	1.399;

1.399
date	2005.03.03.08.43.33;	author imp;	state Exp;
branches;
next	1.398;

1.398
date	2005.03.01.02.33.34;	author delphij;	state Exp;
branches;
next	1.397;

1.397
date	2005.02.26.22.26.10;	author ru;	state Exp;
branches;
next	1.396;

1.396
date	2005.02.25.20.10.38;	author njl;	state Exp;
branches;
next	1.395;

1.395
date	2005.02.25.19.46.41;	author brooks;	state Exp;
branches;
next	1.394;

1.394
date	2005.02.25.11.49.42;	author sobomax;	state Exp;
branches;
next	1.393;

1.393
date	2005.02.23.20.37.11;	author ru;	state Exp;
branches;
next	1.392;

1.392
date	2005.02.23.16.52.55;	author njl;	state Exp;
branches;
next	1.391;

1.391
date	2005.02.07.09.15.52;	author ru;	state Exp;
branches;
next	1.390;

1.390
date	2005.02.06.21.24.50;	author njl;	state Exp;
branches;
next	1.389;

1.389
date	2005.02.05.23.25.59;	author glebius;	state Exp;
branches;
next	1.388;

1.388
date	2005.02.05.20.44.53;	author maxim;	state Exp;
branches;
next	1.387;

1.387
date	2005.02.04.21.22.06;	author imp;	state Exp;
branches;
next	1.386;

1.386
date	2005.01.15.01.53.49;	author brooks;	state Exp;
branches;
next	1.385;

1.385
date	2004.12.23.16.03.08;	author ru;	state Exp;
branches;
next	1.384;

1.384
date	2004.12.20.04.27.23;	author sam;	state Exp;
branches;
next	1.383;

1.383
date	2004.12.13.17.52.10;	author brian;	state Exp;
branches;
next	1.382;

1.382
date	2004.12.12.07.22.16;	author obrien;	state Exp;
branches;
next	1.381;

1.381
date	2004.12.11.23.21.31;	author sam;	state Exp;
branches;
next	1.380;

1.380
date	2004.12.08.04.08.33;	author mlaier;	state Exp;
branches;
next	1.379;

1.379
date	2004.11.16.21.18.41;	author jhb;	state Exp;
branches;
next	1.378;

1.378
date	2004.11.10.07.39.27;	author phk;	state Exp;
branches;
next	1.377;

1.377
date	2004.11.02.22.22.22;	author andre;	state Exp;
branches;
next	1.376;

1.376
date	2004.10.22.19.55.04;	author andre;	state Exp;
branches;
next	1.375;

1.375
date	2004.10.18.21.24.21;	author phk;	state Exp;
branches;
next	1.374;

1.374
date	2004.10.17.14.59.18;	author obrien;	state Exp;
branches;
next	1.373;

1.373
date	2004.10.10.16.12.09;	author mtm;	state Exp;
branches;
next	1.372;

1.372
date	2004.10.07.14.51.23;	author mtm;	state Exp;
branches;
next	1.371;

1.371
date	2004.10.07.14.06.23;	author mtm;	state Exp;
branches;
next	1.370;

1.370
date	2004.10.07.05.45.39;	author mtm;	state Exp;
branches;
next	1.369;

1.369
date	2004.10.04.20.11.34;	author dougb;	state Exp;
branches;
next	1.368;

1.368
date	2004.10.03.10.08.12;	author des;	state Exp;
branches;
next	1.367;

1.367
date	2004.10.01.15.38.06;	author kensmith;	state Exp;
branches;
next	1.366;

1.366
date	2004.09.29.04.54.31;	author mlaier;	state Exp;
branches;
next	1.365;

1.365
date	2004.09.28.13.44.41;	author dougb;	state Exp;
branches;
next	1.364;

1.364
date	2004.09.28.09.45.59;	author dougb;	state Exp;
branches;
next	1.363;

1.363
date	2004.09.26.07.50.23;	author dougb;	state Exp;
branches;
next	1.362;

1.362
date	2004.09.25.03.41.38;	author dougb;	state Exp;
branches;
next	1.361;

1.361
date	2004.09.22.20.42.30;	author andre;	state Exp;
branches;
next	1.360;

1.360
date	2004.09.22.19.23.35;	author andre;	state Exp;
branches;
next	1.359;

1.359
date	2004.09.15.01.08.32;	author seanc;	state Exp;
branches;
next	1.358;

1.358
date	2004.09.14.03.01.38;	author seanc;	state Exp;
branches;
next	1.357;

1.357
date	2004.09.14.02.39.55;	author mlaier;	state Exp;
branches;
next	1.356;

1.356
date	2004.09.06.23.37.16;	author jmg;	state Exp;
branches;
next	1.355;

1.355
date	2004.09.04.21.03.10;	author imp;	state Exp;
branches;
next	1.354;

1.354
date	2004.09.02.05.07.29;	author brooks;	state Exp;
branches;
next	1.353;

1.353
date	2004.09.01.15.14.13;	author brooks;	state Exp;
branches;
next	1.352;

1.352
date	2004.08.30.06.29.25;	author brooks;	state Exp;
branches;
next	1.351;

1.351
date	2004.08.28.17.08.30;	author rwatson;	state Exp;
branches;
next	1.350;

1.350
date	2004.08.27.15.16.24;	author andre;	state Exp;
branches;
next	1.349;

1.349
date	2004.08.25.19.39.13;	author imp;	state Exp;
branches;
next	1.348;

1.348
date	2004.08.23.18.51.36;	author imp;	state Exp;
branches;
next	1.347;

1.347
date	2004.08.23.18.47.13;	author imp;	state Exp;
branches;
next	1.346;

1.346
date	2004.08.21.19.44.43;	author obrien;	state Exp;
branches;
next	1.345;

1.345
date	2004.08.20.01.24.23;	author julian;	state Exp;
branches;
next	1.344;

1.344
date	2004.08.19.19.45.28;	author andre;	state Exp;
branches;
next	1.343;

1.343
date	2004.08.19.18.54.54;	author andre;	state Exp;
branches;
next	1.342;

1.342
date	2004.08.14.16.16.01;	author dwmalone;	state Exp;
branches
	1.342.2.1;
next	1.341;

1.341
date	2004.08.13.13.14.05;	author ru;	state Exp;
branches;
next	1.340;

1.340
date	2004.08.12.06.25.05;	author ru;	state Exp;
branches;
next	1.339;

1.339
date	2004.08.12.00.00.15;	author jmg;	state Exp;
branches;
next	1.338;

1.338
date	2004.08.07.09.41.30;	author mlaier;	state Exp;
branches;
next	1.337;

1.337
date	2004.08.07.04.17.03;	author imp;	state Exp;
branches;
next	1.336;

1.336
date	2004.08.03.19.29.48;	author markm;	state Exp;
branches;
next	1.335;

1.335
date	2004.08.01.11.46.00;	author markm;	state Exp;
branches;
next	1.334;

1.334
date	2004.07.29.17.51.32;	author kan;	state Exp;
branches;
next	1.333;

1.333
date	2004.07.29.15.06.19;	author imp;	state Exp;
branches;
next	1.332;

1.332
date	2004.07.29.14.49.57;	author kan;	state Exp;
branches;
next	1.331;

1.331
date	2004.07.28.00.09.19;	author eik;	state Exp;
branches;
next	1.330;

1.330
date	2004.07.27.23.32.06;	author rwatson;	state Exp;
branches;
next	1.329;

1.329
date	2004.07.25.14.13.45;	author mtm;	state Exp;
branches;
next	1.328;

1.328
date	2004.07.24.14.56.20;	author mtm;	state Exp;
branches;
next	1.327;

1.327
date	2004.07.24.11.54.30;	author schweikh;	state Exp;
branches;
next	1.326;

1.326
date	2004.07.16.04.04.29;	author tanimura;	state Exp;
branches;
next	1.325;

1.325
date	2004.07.11.13.26.44;	author simon;	state Exp;
branches;
next	1.324;

1.324
date	2004.07.11.04.38.39;	author marcel;	state Exp;
branches;
next	1.323;

1.323
date	2004.07.09.16.57.24;	author emax;	state Exp;
branches;
next	1.322;

1.322
date	2004.07.05.18.11.59;	author imp;	state Exp;
branches;
next	1.321;

1.321
date	2004.06.30.23.13.16;	author bms;	state Exp;
branches;
next	1.320;

1.320
date	2004.06.30.22.51.29;	author julian;	state Exp;
branches;
next	1.319;

1.319
date	2004.06.30.19.52.40;	author njl;	state Exp;
branches;
next	1.318;

1.318
date	2004.06.26.21.58.56;	author green;	state Exp;
branches;
next	1.317;

1.317
date	2004.06.23.01.32.28;	author mlaier;	state Exp;
branches;
next	1.316;

1.316
date	2004.06.22.21.07.54;	author brooks;	state Exp;
branches;
next	1.315;

1.315
date	2004.06.22.20.28.03;	author brooks;	state Exp;
branches;
next	1.314;

1.314
date	2004.06.22.10.33.58;	author des;	state Exp;
branches;
next	1.313;

1.313
date	2004.06.21.19.38.58;	author des;	state Exp;
branches;
next	1.312;

1.312
date	2004.06.14.18.19.04;	author jdp;	state Exp;
branches;
next	1.311;

1.311
date	2004.06.13.18.39.20;	author mlaier;	state Exp;
branches;
next	1.310;

1.310
date	2004.06.13.17.31.15;	author mlaier;	state Exp;
branches;
next	1.309;

1.309
date	2004.06.07.21.37.40;	author julian;	state Exp;
branches;
next	1.308;

1.308
date	2004.06.04.15.24.12;	author tanimura;	state Exp;
branches;
next	1.307;

1.307
date	2004.04.23.14.33.30;	author andre;	state Exp;
branches;
next	1.306;

1.306
date	2004.04.20.15.49.30;	author cperciva;	state Exp;
branches;
next	1.305;

1.305
date	2004.04.16.18.36.52;	author brooks;	state Exp;
branches;
next	1.304;

1.304
date	2004.04.16.17.13.10;	author brooks;	state Exp;
branches;
next	1.303;

1.303
date	2004.04.14.17.54.18;	author imp;	state Exp;
branches;
next	1.302;

1.302
date	2004.04.11.03.30.09;	author kensmith;	state Exp;
branches;
next	1.301;

1.301
date	2004.03.22.16.37.32;	author rwatson;	state Exp;
branches;
next	1.300;

1.300
date	2004.03.18.00.50.40;	author obrien;	state Exp;
branches;
next	1.299;

1.299
date	2004.03.10.17.39.05;	author gad;	state Exp;
branches;
next	1.298;

1.298
date	2004.03.08.22.26.46;	author mlaier;	state Exp;
branches;
next	1.297;

1.297
date	2004.03.03.09.17.06;	author des;	state Exp;
branches;
next	1.296;

1.296
date	2004.02.26.16.44.31;	author green;	state Exp;
branches;
next	1.295;

1.295
date	2004.02.26.15.54.44;	author des;	state Exp;
branches;
next	1.294;

1.294
date	2004.02.26.12.00.41;	author des;	state Exp;
branches;
next	1.293;

1.293
date	2004.02.25.23.56.30;	author bms;	state Exp;
branches;
next	1.292;

1.292
date	2004.02.24.16.12.09;	author andre;	state Exp;
branches;
next	1.291;

1.291
date	2004.02.22.19.02.38;	author imp;	state Exp;
branches;
next	1.290;

1.290
date	2004.02.20.22.38.21;	author imp;	state Exp;
branches;
next	1.289;

1.289
date	2004.02.20.15.25.55;	author imp;	state Exp;
branches;
next	1.288;

1.288
date	2004.02.07.07.25.47;	author mtm;	state Exp;
branches;
next	1.287;

1.287
date	2004.01.30.12.24.21;	author deischen;	state Exp;
branches;
next	1.286;

1.286
date	2004.01.26.09.57.04;	author ale;	state Exp;
branches;
next	1.285;

1.285
date	2003.12.15.19.19.16;	author jhb;	state Exp;
branches;
next	1.284;

1.284
date	2003.12.14.00.42.00;	author rwatson;	state Exp;
branches;
next	1.283;

1.283
date	2003.12.10.15.59.20;	author jhb;	state Exp;
branches;
next	1.282;

1.282
date	2003.11.17.23.25.16;	author rwatson;	state Exp;
branches
	1.282.2.1;
next	1.281;

1.281
date	2003.11.14.22.11.44;	author marcel;	state Exp;
branches;
next	1.280;

1.280
date	2003.11.14.08.07.13;	author mckusick;	state Exp;
branches;
next	1.279;

1.279
date	2003.11.13.00.10.43;	author imp;	state Exp;
branches;
next	1.278;

1.278
date	2003.11.12.19.13.02;	author mckusick;	state Exp;
branches;
next	1.277;

1.277
date	2003.11.12.09.11.18;	author harti;	state Exp;
branches;
next	1.276;

1.276
date	2003.11.04.19.42.55;	author ceri;	state Exp;
branches;
next	1.275;

1.275
date	2003.11.03.23.02.17;	author jhb;	state Exp;
branches;
next	1.274;

1.274
date	2003.10.31.21.58.15;	author brooks;	state Exp;
branches;
next	1.273;

1.273
date	2003.10.31.18.31.54;	author brooks;	state Exp;
branches;
next	1.272;

1.272
date	2003.10.19.10.24.59;	author phk;	state Exp;
branches;
next	1.271;

1.271
date	2003.10.03.18.29.06;	author ru;	state Exp;
branches;
next	1.270;

1.270
date	2003.09.28.16.25.35;	author phk;	state Exp;
branches;
next	1.269;

1.269
date	2003.09.27.14.12.39;	author fjoe;	state Exp;
branches;
next	1.268;

1.268
date	2003.09.25.16.12.12;	author sam;	state Exp;
branches;
next	1.267;

1.267
date	2003.09.23.16.39.30;	author bms;	state Exp;
branches;
next	1.266;

1.266
date	2003.09.15.17.20.05;	author nectar;	state Exp;
branches;
next	1.265;

1.265
date	2003.08.29.13.25.08;	author mtm;	state Exp;
branches;
next	1.264;

1.264
date	2003.08.24.16.46.03;	author sos;	state Exp;
branches;
next	1.263;

1.263
date	2003.08.24.16.14.52;	author sos;	state Exp;
branches;
next	1.262;

1.262
date	2003.08.20.15.42.05;	author obrien;	state Exp;
branches;
next	1.261;

1.261
date	2003.08.20.01.52.30;	author obrien;	state Exp;
branches;
next	1.260;

1.260
date	2003.07.29.04.40.33;	author njl;	state Exp;
branches;
next	1.259;

1.259
date	2003.07.22.11.08.41;	author imp;	state Exp;
branches;
next	1.258;

1.258
date	2003.07.12.01.16.54;	author ceri;	state Exp;
branches;
next	1.257;

1.257
date	2003.07.11.23.40.16;	author imp;	state Exp;
branches;
next	1.256;

1.256
date	2003.07.11.22.44.59;	author imp;	state Exp;
branches;
next	1.255;

1.255
date	2003.06.13.20.05.46;	author marcel;	state Exp;
branches;
next	1.254;

1.254
date	2003.06.11.06.37.55;	author phk;	state Exp;
branches;
next	1.253;

1.253
date	2003.06.10.08.26.38;	author ache;	state Exp;
branches;
next	1.252;

1.252
date	2003.06.09.19.25.06;	author phk;	state Exp;
branches;
next	1.251;

1.251
date	2003.05.05.20.05.37;	author markm;	state Exp;
branches
	1.251.2.1;
next	1.250;

1.250
date	2003.05.04.06.26.30;	author imp;	state Exp;
branches;
next	1.249;

1.249
date	2003.05.02.05.27.33;	author dougb;	state Exp;
branches;
next	1.248;

1.248
date	2003.04.27.21.28.37;	author dougb;	state Exp;
branches;
next	1.247;

1.247
date	2003.04.25.20.11.17;	author ru;	state Exp;
branches;
next	1.246;

1.246
date	2003.04.25.02.10.17;	author imp;	state Exp;
branches;
next	1.245;

1.245
date	2003.04.23.14.28.13;	author schweikh;	state Exp;
branches;
next	1.244;

1.244
date	2003.03.31.12.46.18;	author ru;	state Exp;
branches;
next	1.243;

1.243
date	2003.02.13.17.55.12;	author obrien;	state Exp;
branches;
next	1.242;

1.242
date	2003.02.09.13.02.57;	author schweikh;	state Exp;
branches;
next	1.241;

1.241
date	2003.02.08.20.36.35;	author gshapiro;	state Exp;
branches;
next	1.240;

1.240
date	2003.02.07.08.26.23;	author jkoshy;	state Exp;
branches;
next	1.239;

1.239
date	2003.01.29.07.14.16;	author phk;	state Exp;
branches;
next	1.238;

1.238
date	2003.01.27.23.30.21;	author fjoe;	state Exp;
branches;
next	1.237;

1.237
date	2003.01.27.04.53.30;	author jake;	state Exp;
branches;
next	1.236;

1.236
date	2003.01.26.05.29.48;	author jeff;	state Exp;
branches;
next	1.235;

1.235
date	2003.01.17.07.54.27;	author imp;	state Exp;
branches;
next	1.234;

1.234
date	2003.01.16.16.56.58;	author imp;	state Exp;
branches;
next	1.233;

1.233
date	2003.01.01.18.48.38;	author schweikh;	state Exp;
branches;
next	1.232;

1.232
date	2002.12.22.07.08.14;	author kan;	state Exp;
branches;
next	1.231;

1.231
date	2002.12.22.07.00.45;	author kan;	state Exp;
branches;
next	1.230;

1.230
date	2002.12.16.22.24.24;	author mbr;	state Exp;
branches;
next	1.229;

1.229
date	2002.12.06.13.19.35;	author keramida;	state Exp;
branches
	1.229.2.1;
next	1.228;

1.228
date	2002.10.30.20.11.07;	author imp;	state Exp;
branches;
next	1.227;

1.227
date	2002.10.29.16.46.52;	author fenner;	state Exp;
branches;
next	1.226;

1.226
date	2002.10.28.21.33.10;	author imp;	state Exp;
branches;
next	1.225;

1.225
date	2002.10.27.06.31.37;	author imp;	state Exp;
branches;
next	1.224;

1.224
date	2002.10.27.04.48.31;	author imp;	state Exp;
branches;
next	1.223;

1.223
date	2002.10.27.01.35.36;	author imp;	state Exp;
branches;
next	1.222;

1.222
date	2002.10.26.22.55.43;	author imp;	state Exp;
branches;
next	1.221;

1.221
date	2002.10.26.22.50.31;	author imp;	state Exp;
branches;
next	1.220;

1.220
date	2002.10.26.06.25.11;	author imp;	state Exp;
branches;
next	1.219;

1.219
date	2002.10.26.06.21.00;	author imp;	state Exp;
branches;
next	1.218;

1.218
date	2002.10.24.18.41.02;	author gallatin;	state Exp;
branches;
next	1.217;

1.217
date	2002.09.03.06.13.43;	author imp;	state Exp;
branches;
next	1.216;

1.216
date	2002.08.28.19.34.49;	author schweikh;	state Exp;
branches;
next	1.215;

1.215
date	2002.08.15.08.51.24;	author ru;	state Exp;
branches;
next	1.214;

1.214
date	2002.07.29.08.51.03;	author ru;	state Exp;
branches;
next	1.213;

1.213
date	2002.07.03.04.23.38;	author julian;	state Exp;
branches;
next	1.212;

1.212
date	2002.07.01.07.25.05;	author imp;	state Exp;
branches;
next	1.211;

1.211
date	2002.06.05.20.21.40;	author rwatson;	state Exp;
branches;
next	1.210;

1.210
date	2002.06.04.18.10.54;	author obrien;	state Exp;
branches;
next	1.209;

1.209
date	2002.06.03.00.21.13;	author rwatson;	state Exp;
branches;
next	1.208;

1.208
date	2002.05.20.13.06.24;	author rwatson;	state Exp;
branches;
next	1.207;

1.207
date	2002.05.14.07.49.12;	author ru;	state Exp;
branches;
next	1.206;

1.206
date	2002.05.12.03.17.13;	author nectar;	state Exp;
branches;
next	1.205;

1.205
date	2002.05.10.22.56.59;	author obrien;	state Exp;
branches;
next	1.204;

1.204
date	2002.05.06.09.40.52;	author dd;	state Exp;
branches;
next	1.203;

1.203
date	2002.04.25.14.41.39;	author nectar;	state Exp;
branches;
next	1.202;

1.202
date	2002.04.25.02.14.48;	author imp;	state Exp;
branches;
next	1.201;

1.201
date	2002.04.19.11.37.34;	author ru;	state Exp;
branches;
next	1.200;

1.200
date	2002.04.19.04.22.35;	author imp;	state Exp;
branches;
next	1.199;

1.199
date	2002.04.11.05.45.17;	author imp;	state Exp;
branches;
next	1.198;

1.198
date	2002.04.11.01.39.16;	author imp;	state Exp;
branches;
next	1.197;

1.197
date	2002.04.05.07.42.42;	author gshapiro;	state Exp;
branches;
next	1.196;

1.196
date	2002.03.18.04.52.24;	author imp;	state Exp;
branches;
next	1.195;

1.195
date	2002.02.28.05.31.02;	author imp;	state Exp;
branches;
next	1.194;

1.194
date	2002.02.18.06.29.17;	author imp;	state Exp;
branches;
next	1.193;

1.193
date	2002.01.27.07.00.25;	author imp;	state Exp;
branches;
next	1.192;

1.192
date	2002.01.27.06.50.09;	author imp;	state Exp;
branches;
next	1.191;

1.191
date	2002.01.27.06.36.13;	author imp;	state Exp;
branches;
next	1.190;

1.190
date	2002.01.26.21.33.07;	author imp;	state Exp;
branches;
next	1.189;

1.189
date	2002.01.12.21.27.02;	author imp;	state Exp;
branches;
next	1.188;

1.188
date	2002.01.06.20.18.13;	author imp;	state Exp;
branches;
next	1.187;

1.187
date	2001.12.28.05.35.32;	author imp;	state Exp;
branches;
next	1.186;

1.186
date	2001.12.28.05.33.34;	author imp;	state Exp;
branches;
next	1.185;

1.185
date	2001.12.28.05.09.19;	author imp;	state Exp;
branches;
next	1.184;

1.184
date	2001.12.24.07.04.23;	author imp;	state Exp;
branches;
next	1.183;

1.183
date	2001.12.05.09.21.51;	author imp;	state Exp;
branches;
next	1.182;

1.182
date	2001.12.05.09.18.08;	author imp;	state Exp;
branches;
next	1.181;

1.181
date	2001.12.03.13.13.38;	author nectar;	state Exp;
branches;
next	1.180;

1.180
date	2001.11.28.05.43.10;	author imp;	state Exp;
branches;
next	1.179;

1.179
date	2001.11.03.17.42.56;	author imp;	state Exp;
branches;
next	1.178;

1.178
date	2001.10.31.14.32.58;	author imp;	state Exp;
branches;
next	1.177;

1.177
date	2001.10.31.04.36.54;	author imp;	state Exp;
branches;
next	1.176;

1.176
date	2001.10.02.07.01.27;	author imp;	state Exp;
branches;
next	1.175;

1.175
date	2001.10.01.03.59.13;	author imp;	state Exp;
branches;
next	1.174;

1.174
date	2001.10.01.03.45.07;	author alfred;	state Exp;
branches;
next	1.173;

1.173
date	2001.09.27.15.43.04;	author imp;	state Exp;
branches;
next	1.172;

1.172
date	2001.09.23.06.44.07;	author imp;	state Exp;
branches;
next	1.171;

1.171
date	2001.09.23.06.36.41;	author imp;	state Exp;
branches;
next	1.170;

1.170
date	2001.09.21.05.08.00;	author imp;	state Exp;
branches;
next	1.169;

1.169
date	2001.08.24.21.43.35;	author imp;	state Exp;
branches;
next	1.168;

1.168
date	2001.08.23.15.39.13;	author imp;	state Exp;
branches;
next	1.167;

1.167
date	2001.08.22.15.44.19;	author imp;	state Exp;
branches;
next	1.166;

1.166
date	2001.08.11.02.03.51;	author imp;	state Exp;
branches;
next	1.165;

1.165
date	2001.08.10.21.32.53;	author imp;	state Exp;
branches;
next	1.164;

1.164
date	2001.07.25.22.53.11;	author imp;	state Exp;
branches;
next	1.163;

1.163
date	2001.07.17.08.01.25;	author markm;	state Exp;
branches;
next	1.162;

1.162
date	2001.06.30.06.35.45;	author imp;	state Exp;
branches;
next	1.161;

1.161
date	2001.06.29.06.00.44;	author imp;	state Exp;
branches;
next	1.160;

1.160
date	2001.06.22.04.50.11;	author imp;	state Exp;
branches;
next	1.159;

1.159
date	2001.06.13.06.36.28;	author imp;	state Exp;
branches;
next	1.158;

1.158
date	2001.06.10.03.09.52;	author imp;	state Exp;
branches;
next	1.157;

1.157
date	2001.06.10.02.59.59;	author julian;	state Exp;
branches;
next	1.156;

1.156
date	2001.06.04.16.17.06;	author imp;	state Exp;
branches;
next	1.155;

1.155
date	2001.06.04.07.10.19;	author imp;	state Exp;
branches;
next	1.154;

1.154
date	2001.05.30.07.07.41;	author imp;	state Exp;
branches;
next	1.153;

1.153
date	2001.05.29.16.55.34;	author imp;	state Exp;
branches;
next	1.152;

1.152
date	2001.05.29.16.52.18;	author imp;	state Exp;
branches;
next	1.151;

1.151
date	2001.05.29.16.50.23;	author imp;	state Exp;
branches;
next	1.150;

1.150
date	2001.05.29.05.32.13;	author imp;	state Exp;
branches;
next	1.149;

1.149
date	2001.05.29.05.24.08;	author imp;	state Exp;
branches;
next	1.148;

1.148
date	2001.05.29.04.26.44;	author imp;	state Exp;
branches;
next	1.147;

1.147
date	2001.05.22.20.41.36;	author imp;	state Exp;
branches;
next	1.146;

1.146
date	2001.05.21.16.40.50;	author imp;	state Exp;
branches;
next	1.145;

1.145
date	2001.05.19.06.27.16;	author imp;	state Exp;
branches;
next	1.144;

1.144
date	2001.05.16.19.15.32;	author imp;	state Exp;
branches;
next	1.143;

1.143
date	2001.05.16.04.34.40;	author imp;	state Exp;
branches;
next	1.142;

1.142
date	2001.05.14.05.11.31;	author imp;	state Exp;
branches;
next	1.141;

1.141
date	2001.04.24.04.49.21;	author imp;	state Exp;
branches;
next	1.140;

1.140
date	2001.04.22.05.35.49;	author imp;	state Exp;
branches;
next	1.139;

1.139
date	2001.03.02.00.36.13;	author imp;	state Exp;
branches;
next	1.138;

1.138
date	2001.02.28.05.45.16;	author imp;	state Exp;
branches;
next	1.137;

1.137
date	2001.02.12.21.16.37;	author imp;	state Exp;
branches;
next	1.136;

1.136
date	2001.01.22.08.03.13;	author imp;	state Exp;
branches;
next	1.135;

1.135
date	2001.01.17.17.59.09;	author imp;	state Exp;
branches;
next	1.134;

1.134
date	2001.01.03.05.30.30;	author imp;	state Exp;
branches;
next	1.133;

1.133
date	2001.01.02.21.28.48;	author imp;	state Exp;
branches;
next	1.132;

1.132
date	2000.12.18.17.25.26;	author imp;	state Exp;
branches;
next	1.131;

1.131
date	2000.12.05.16.38.14;	author imp;	state Exp;
branches;
next	1.130;

1.130
date	2000.11.16.20.15.12;	author marko;	state Exp;
branches;
next	1.129;

1.129
date	2000.11.03.07.04.43;	author imp;	state Exp;
branches;
next	1.128;

1.128
date	2000.10.29.15.55.15;	author nik;	state Exp;
branches;
next	1.127;

1.127
date	2000.10.09.03.56.39;	author imp;	state Exp;
branches;
next	1.126;

1.126
date	2000.10.05.23.13.47;	author imp;	state Exp;
branches;
next	1.125;

1.125
date	2000.09.17.21.01.30;	author imp;	state Exp;
branches;
next	1.124;

1.124
date	2000.09.16.19.27.41;	author imp;	state Exp;
branches;
next	1.123;

1.123
date	2000.09.16.03.08.55;	author imp;	state Exp;
branches;
next	1.122;

1.122
date	2000.09.14.06.04.44;	author imp;	state Exp;
branches;
next	1.121;

1.121
date	2000.09.12.19.06.16;	author markm;	state Exp;
branches;
next	1.120;

1.120
date	2000.09.12.19.05.11;	author markm;	state Exp;
branches;
next	1.119;

1.119
date	2000.09.12.04.37.12;	author imp;	state Exp;
branches;
next	1.118;

1.118
date	2000.09.11.05.59.00;	author imp;	state Exp;
branches;
next	1.117;

1.117
date	2000.09.08.06.41.47;	author imp;	state Exp;
branches;
next	1.116;

1.116
date	2000.09.07.21.39.59;	author imp;	state Exp;
branches;
next	1.115;

1.115
date	2000.09.07.21.04.39;	author imp;	state Exp;
branches;
next	1.114;

1.114
date	2000.09.06.23.51.10;	author marko;	state Exp;
branches;
next	1.113;

1.113
date	2000.09.06.18.53.48;	author imp;	state Exp;
branches;
next	1.112;

1.112
date	2000.09.06.18.02.03;	author imp;	state Exp;
branches;
next	1.111;

1.111
date	2000.09.04.21.09.01;	author imp;	state Exp;
branches;
next	1.110;

1.110
date	2000.09.04.16.59.32;	author marko;	state Exp;
branches;
next	1.109;

1.109
date	2000.09.04.03.18.01;	author imp;	state Exp;
branches;
next	1.108;

1.108
date	2000.08.29.06.35.46;	author imp;	state Exp;
branches;
next	1.107;

1.107
date	2000.08.28.03.54.51;	author imp;	state Exp;
branches;
next	1.106;

1.106
date	2000.08.13.02.19.13;	author imp;	state Exp;
branches;
next	1.105;

1.105
date	2000.08.12.22.47.21;	author imp;	state Exp;
branches;
next	1.104;

1.104
date	2000.08.10.23.16.32;	author imp;	state Exp;
branches;
next	1.103;

1.103
date	2000.08.10.05.14.31;	author imp;	state Exp;
branches;
next	1.102;

1.102
date	2000.08.10.05.03.49;	author imp;	state Exp;
branches;
next	1.101;

1.101
date	2000.08.06.22.18.39;	author imp;	state Exp;
branches;
next	1.100;

1.100
date	2000.08.06.22.16.34;	author imp;	state Exp;
branches;
next	1.99;

1.99
date	2000.07.27.20.49.24;	author imp;	state Exp;
branches;
next	1.98;

1.98
date	2000.07.19.18.35.05;	author imp;	state Exp;
branches;
next	1.97;

1.97
date	2000.07.16.06.00.40;	author imp;	state Exp;
branches;
next	1.96;

1.96
date	2000.07.13.05.35.31;	author imp;	state Exp;
branches;
next	1.95;

1.95
date	2000.07.07.05.17.49;	author imp;	state Exp;
branches;
next	1.94;

1.94
date	2000.07.06.23.04.55;	author imp;	state Exp;
branches;
next	1.93;

1.93
date	2000.07.06.22.51.16;	author imp;	state Exp;
branches;
next	1.92;

1.92
date	2000.06.30.17.19.07;	author imp;	state Exp;
branches;
next	1.91;

1.91
date	2000.06.29.00.34.54;	author imp;	state Exp;
branches;
next	1.90;

1.90
date	2000.06.26.05.54.02;	author imp;	state Exp;
branches;
next	1.89;

1.89
date	2000.06.25.08.26.38;	author imp;	state Exp;
branches;
next	1.88;

1.88
date	2000.06.22.07.28.44;	author dbaker;	state Exp;
branches;
next	1.87;

1.87
date	2000.06.22.02.23.52;	author imp;	state Exp;
branches;
next	1.86;

1.86
date	2000.06.21.07.09.22;	author imp;	state Exp;
branches;
next	1.85;

1.85
date	2000.06.21.07.06.38;	author imp;	state Exp;
branches;
next	1.84;

1.84
date	2000.06.21.07.01.33;	author imp;	state Exp;
branches;
next	1.83;

1.83
date	2000.06.21.06.59.35;	author imp;	state Exp;
branches;
next	1.82;

1.82
date	2000.06.14.15.42.50;	author imp;	state Exp;
branches;
next	1.81;

1.81
date	2000.05.29.01.49.56;	author imp;	state Exp;
branches;
next	1.80;

1.80
date	2000.05.27.21.20.07;	author imp;	state Exp;
branches;
next	1.79;

1.79
date	2000.05.16.07.48.18;	author imp;	state Exp;
branches;
next	1.78;

1.78
date	2000.05.04.08.02.11;	author imp;	state Exp;
branches;
next	1.77;

1.77
date	2000.04.04.17.14.18;	author imp;	state Exp;
branches;
next	1.76;

1.76
date	2000.03.28.06.59.46;	author imp;	state Exp;
branches;
next	1.75;

1.75
date	2000.03.23.05.57.10;	author imp;	state Exp;
branches;
next	1.74;

1.74
date	2000.03.21.19.19.47;	author imp;	state Exp;
branches;
next	1.73;

1.73
date	2000.03.09.07.34.46;	author imp;	state Exp;
branches
	1.73.2.1;
next	1.72;

1.72
date	2000.03.07.04.35.24;	author imp;	state Exp;
branches;
next	1.71;

1.71
date	2000.02.23.05.51.02;	author imp;	state Exp;
branches;
next	1.70;

1.70
date	2000.02.22.01.50.25;	author imp;	state Exp;
branches;
next	1.69;

1.69
date	2000.02.07.05.14.16;	author imp;	state Exp;
branches;
next	1.68;

1.68
date	2000.02.06.04.31.15;	author imp;	state Exp;
branches;
next	1.67;

1.67
date	2000.02.06.04.07.11;	author imp;	state Exp;
branches;
next	1.66;

1.66
date	2000.02.02.05.35.31;	author imp;	state Exp;
branches;
next	1.65;

1.65
date	2000.01.30.23.15.21;	author imp;	state Exp;
branches;
next	1.64;

1.64
date	2000.01.30.23.09.58;	author imp;	state Exp;
branches;
next	1.63;

1.63
date	2000.01.19.17.18.43;	author imp;	state Exp;
branches;
next	1.62;

1.62
date	2000.01.17.06.12.00;	author imp;	state Exp;
branches;
next	1.61;

1.61
date	2000.01.09.05.12.25;	author imp;	state Exp;
branches;
next	1.60;

1.60
date	2000.01.07.20.16.39;	author imp;	state Exp;
branches;
next	1.59;

1.59
date	2000.01.06.18.19.35;	author imp;	state Exp;
branches;
next	1.58;

1.58
date	99.12.19.23.51.50;	author imp;	state Exp;
branches;
next	1.57;

1.57
date	99.12.13.17.55.23;	author imp;	state Exp;
branches;
next	1.56;

1.56
date	99.12.06.22.42.01;	author imp;	state Exp;
branches;
next	1.55;

1.55
date	99.12.06.04.21.50;	author imp;	state Exp;
branches;
next	1.54;

1.54
date	99.12.05.18.55.53;	author phk;	state Exp;
branches;
next	1.53;

1.53
date	99.11.26.20.38.36;	author imp;	state Exp;
branches;
next	1.52;

1.52
date	99.11.26.06.36.13;	author imp;	state Exp;
branches;
next	1.51;

1.51
date	99.11.19.02.16.26;	author billf;	state Exp;
branches;
next	1.50;

1.50
date	99.11.17.18.06.56;	author imp;	state Exp;
branches;
next	1.49;

1.49
date	99.10.23.18.15.14;	author chris;	state Exp;
branches;
next	1.48;

1.48
date	99.10.15.17.34.56;	author imp;	state Exp;
branches;
next	1.47;

1.47
date	99.09.30.14.54.48;	author imp;	state Exp;
branches;
next	1.46;

1.46
date	99.09.29.22.29.15;	author imp;	state Exp;
branches;
next	1.45;

1.45
date	99.09.08.18.34.31;	author imp;	state Exp;
branches;
next	1.44;

1.44
date	99.09.06.20.10.26;	author n_hibma;	state Exp;
branches;
next	1.43;

1.43
date	99.08.31.17.07.14;	author imp;	state Exp;
branches;
next	1.42;

1.42
date	99.08.31.17.01.34;	author imp;	state Exp;
branches;
next	1.41;

1.41
date	99.08.28.01.35.59;	author peter;	state Exp;
branches;
next	1.40;

1.40
date	99.08.01.18.58.45;	author imp;	state Exp;
branches;
next	1.39;

1.39
date	99.08.01.18.19.03;	author imp;	state Exp;
branches;
next	1.38;

1.38
date	99.07.07.04.28.48;	author imp;	state Exp;
branches;
next	1.37;

1.37
date	99.07.03.22.15.43;	author imp;	state Exp;
branches;
next	1.36;

1.36
date	99.06.24.04.20.37;	author imp;	state Exp;
branches;
next	1.35;

1.35
date	99.06.23.06.39.07;	author imp;	state Exp;
branches;
next	1.34;

1.34
date	99.06.23.05.51.37;	author imp;	state Exp;
branches;
next	1.33;

1.33
date	99.06.20.09.56.32;	author imp;	state Exp;
branches;
next	1.32;

1.32
date	99.05.10.05.34.32;	author imp;	state Exp;
branches;
next	1.31;

1.31
date	99.04.28.05.18.46;	author imp;	state Exp;
branches;
next	1.30;

1.30
date	99.04.21.06.57.35;	author imp;	state Exp;
branches;
next	1.29;

1.29
date	99.04.15.04.36.45;	author imp;	state Exp;
branches;
next	1.28;

1.28
date	99.04.13.06.10.53;	author imp;	state Exp;
branches;
next	1.27;

1.27
date	99.04.12.16.22.15;	author max;	state Exp;
branches;
next	1.26;

1.26
date	99.04.09.06.34.00;	author imp;	state Exp;
branches;
next	1.25;

1.25
date	99.04.09.06.31.00;	author imp;	state Exp;
branches;
next	1.24;

1.24
date	99.04.09.06.17.37;	author imp;	state Exp;
branches;
next	1.23;

1.23
date	99.03.18.05.39.45;	author imp;	state Exp;
branches;
next	1.22;

1.22
date	99.03.10.06.21.28;	author imp;	state Exp;
branches;
next	1.21;

1.21
date	99.02.27.03.14.22;	author imp;	state Exp;
branches;
next	1.20;

1.20
date	99.02.17.05.32.40;	author imp;	state Exp;
branches;
next	1.19;

1.19
date	99.02.15.08.09.07;	author imp;	state Exp;
branches;
next	1.18;

1.18
date	99.02.14.05.18.35;	author imp;	state Exp;
branches;
next	1.17;

1.17
date	99.01.26.03.13.22;	author imp;	state Exp;
branches;
next	1.16;

1.16
date	99.01.21.20.16.24;	author imp;	state Exp;
branches;
next	1.15;

1.15
date	99.01.21.20.13.41;	author imp;	state Exp;
branches;
next	1.14;

1.14
date	99.01.19.21.04.22;	author imp;	state Exp;
branches
	1.14.2.1;
next	1.13;

1.13
date	99.01.17.17.39.32;	author imp;	state Exp;
branches;
next	1.12;

1.12
date	99.01.14.05.59.52;	author imp;	state Exp;
branches;
next	1.11;

1.11
date	99.01.12.20.11.29;	author imp;	state Exp;
branches;
next	1.10;

1.10
date	99.01.11.09.07.18;	author imp;	state Exp;
branches;
next	1.9;

1.9
date	99.01.06.19.35.46;	author imp;	state Exp;
branches;
next	1.8;

1.8
date	99.01.06.07.12.41;	author imp;	state Exp;
branches;
next	1.7;

1.7
date	99.01.06.07.06.38;	author imp;	state Exp;
branches;
next	1.6;

1.6
date	99.01.05.07.45.10;	author imp;	state Exp;
branches;
next	1.5;

1.5
date	99.01.05.05.46.37;	author imp;	state Exp;
branches;
next	1.4;

1.4
date	98.12.31.08.01.12;	author imp;	state Exp;
branches;
next	1.3;

1.3
date	98.12.31.06.20.01;	author imp;	state Exp;
branches;
next	1.2;

1.2
date	98.12.24.02.02.09;	author imp;	state Exp;
branches;
next	1.1;

1.1
date	98.12.15.00.24.32;	author imp;	state Exp;
branches;
next	;

1.757.2.1
date	2013.03.09.02.56.34;	author svnexp;	state dead;
branches;
next	1.757.2.2;

1.757.2.2
date	2013.03.28.13.00.03;	author svnexp;	state Exp;
branches;
next	1.757.2.3;

1.757.2.3
date	2013.05.16.14.47.11;	author svnexp;	state Exp;
branches;
next	1.757.2.4;

1.757.2.4
date	2013.06.28.05.47.42;	author svnexp;	state Exp;
branches;
next	1.757.2.5;

1.757.2.5
date	2013.07.26.22.47.41;	author svnexp;	state Exp;
branches;
next	1.757.2.6;

1.757.2.6
date	2013.08.22.01.47.36;	author svnexp;	state Exp;
branches;
next	1.757.2.7;

1.757.2.7
date	2013.09.10.10.46.20;	author svnexp;	state Exp;
branches;
next	1.757.2.8;

1.757.2.8
date	2013.10.26.20.46.59;	author svnexp;	state Exp;
branches;
next	1.757.2.9;

1.757.2.9
date	2013.11.28.22.48.30;	author svnexp;	state Exp;
branches;
next	1.757.2.10;

1.757.2.10
date	2014.01.14.19.48.08;	author svnexp;	state Exp;
branches;
next	1.757.2.11;

1.757.2.11
date	2014.04.08.23.48.31;	author svnexp;	state Exp;
branches;
next	1.757.2.12;

1.757.2.12
date	2014.04.30.04.47.07;	author svnexp;	state Exp;
branches;
next	1.757.2.13;

1.757.2.13
date	2014.05.13.23.47.08;	author svnexp;	state Exp;
branches;
next	;

1.702.2.1
date	2011.09.23.00.51.37;	author kensmith;	state Exp;
branches;
next	1.702.2.2;

1.702.2.2
date	2011.10.15.21.23.04;	author kensmith;	state Exp;
branches;
next	1.702.2.3;

1.702.2.3
date	2011.10.19.23.02.57;	author kensmith;	state Exp;
branches;
next	1.702.2.4;

1.702.2.4
date	2011.11.07.13.40.54;	author marius;	state Exp;
branches
	1.702.2.4.2.1;
next	1.702.2.5;

1.702.2.5
date	2012.01.02.14.43.33;	author kensmith;	state Exp;
branches;
next	1.702.2.6;

1.702.2.6
date	2012.01.04.03.37.41;	author eadler;	state Exp;
branches;
next	1.702.2.7;

1.702.2.7
date	2012.01.06.15.07.28;	author kib;	state Exp;
branches;
next	1.702.2.8;

1.702.2.8
date	2012.01.06.19.29.16;	author jhb;	state Exp;
branches;
next	1.702.2.9;

1.702.2.9
date	2012.01.09.15.56.33;	author jh;	state Exp;
branches;
next	1.702.2.10;

1.702.2.10
date	2012.04.24.19.08.40;	author trociny;	state Exp;
branches;
next	1.702.2.11;

1.702.2.11
date	2012.07.30.11.11.05;	author marius;	state Exp;
branches
	1.702.2.11.2.1;
next	1.702.2.12;

1.702.2.12
date	2012.10.04.08.49.41;	author kib;	state Exp;
branches;
next	1.702.2.13;

1.702.2.13
date	2012.11.06.21.16.45;	author gavin;	state Exp;
branches;
next	1.702.2.14;

1.702.2.14
date	2012.11.17.11.36.03;	author svnexp;	state Exp;
branches;
next	1.702.2.15;

1.702.2.15
date	2012.11.27.02.01.52;	author svnexp;	state Exp;
branches;
next	1.702.2.16;

1.702.2.16
date	2012.11.29.14.07.16;	author svnexp;	state Exp;
branches;
next	1.702.2.17;

1.702.2.17
date	2012.11.30.19.29.18;	author svnexp;	state Exp;
branches;
next	1.702.2.18;

1.702.2.18
date	2012.12.18.10.36.48;	author svnexp;	state Exp;
branches;
next	1.702.2.19;

1.702.2.19
date	2012.12.24.14.37.13;	author svnexp;	state Exp;
branches;
next	1.702.2.20;

1.702.2.20
date	2013.01.28.23.02.19;	author svnexp;	state Exp;
branches;
next	1.702.2.21;

1.702.2.21
date	2013.01.28.23.03.10;	author svnexp;	state Exp;
branches;
next	1.702.2.22;

1.702.2.22
date	2013.03.02.01.18.17;	author svnexp;	state Exp;
branches;
next	1.702.2.23;

1.702.2.23
date	2013.03.15.15.47.37;	author svnexp;	state Exp;
branches;
next	1.702.2.24;

1.702.2.24
date	2013.04.29.22.03.09;	author svnexp;	state Exp;
branches;
next	1.702.2.25;

1.702.2.25
date	2013.04.30.21.01.43;	author svnexp;	state Exp;
branches;
next	1.702.2.26;

1.702.2.26
date	2013.04.30.23.01.44;	author svnexp;	state Exp;
branches;
next	1.702.2.27;

1.702.2.27
date	2013.05.23.16.01.42;	author svnexp;	state Exp;
branches;
next	1.702.2.28;

1.702.2.28
date	2013.05.27.14.01.43;	author svnexp;	state Exp;
branches;
next	1.702.2.29;

1.702.2.29
date	2013.06.05.14.01.44;	author svnexp;	state Exp;
branches;
next	1.702.2.30;

1.702.2.30
date	2013.06.18.08.02.23;	author svnexp;	state Exp;
branches;
next	1.702.2.31;

1.702.2.31
date	2013.07.05.09.02.21;	author svnexp;	state Exp;
branches;
next	1.702.2.32;

1.702.2.32
date	2013.08.23.15.02.31;	author svnexp;	state Exp;
branches;
next	1.702.2.33;

1.702.2.33
date	2013.09.26.19.03.19;	author svnexp;	state Exp;
branches;
next	1.702.2.34;

1.702.2.34
date	2013.12.16.03.01.48;	author svnexp;	state Exp;
branches;
next	1.702.2.35;

1.702.2.35
date	2014.02.16.20.01.44;	author svnexp;	state Exp;
branches;
next	1.702.2.36;

1.702.2.36
date	2014.03.21.18.09.45;	author svnexp;	state Exp;
branches;
next	1.702.2.37;

1.702.2.37
date	2014.03.27.21.03.26;	author svnexp;	state Exp;
branches;
next	1.702.2.38;

1.702.2.38
date	2014.04.14.18.01.41;	author svnexp;	state Exp;
branches;
next	;

1.702.2.4.2.1
date	2011.11.11.04.20.22;	author kensmith;	state Exp;
branches;
next	1.702.2.4.2.2;

1.702.2.4.2.2
date	2012.01.02.14.44.28;	author kensmith;	state Exp;
branches;
next	1.702.2.4.2.3;

1.702.2.4.2.3
date	2012.05.03.15.25.11;	author bz;	state Exp;
branches;
next	1.702.2.4.2.4;

1.702.2.4.2.4
date	2012.05.30.12.01.28;	author bz;	state Exp;
branches;
next	1.702.2.4.2.5;

1.702.2.4.2.5
date	2012.06.12.12.10.10;	author bz;	state Exp;
branches;
next	1.702.2.4.2.6;

1.702.2.4.2.6
date	2012.08.06.21.33.11;	author simon;	state Exp;
branches;
next	1.702.2.4.2.7;

1.702.2.4.2.7
date	2012.11.17.08.36.04;	author svnexp;	state Exp;
branches;
next	1.702.2.4.2.8;

1.702.2.4.2.8
date	2012.11.22.23.05.39;	author svnexp;	state Exp;
branches;
next	1.702.2.4.2.9;

1.702.2.4.2.9
date	2013.02.19.17.17.39;	author svnexp;	state Exp;
branches;
next	1.702.2.4.2.10;

1.702.2.4.2.10
date	2013.04.02.18.17.57;	author svnexp;	state Exp;
branches;
next	;

1.702.2.11.2.1
date	2012.08.05.23.54.33;	author kensmith;	state Exp;
branches;
next	1.702.2.11.2.2;

1.702.2.11.2.2
date	2012.11.17.08.46.53;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.3;

1.702.2.11.2.3
date	2012.11.30.19.37.16;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.4;

1.702.2.11.2.4
date	2013.02.19.17.09.00;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.5;

1.702.2.11.2.5
date	2013.04.02.18.10.50;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.6;

1.702.2.11.2.6
date	2013.04.29.22.06.59;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.7;

1.702.2.11.2.7
date	2013.06.18.07.09.24;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.8;

1.702.2.11.2.8
date	2013.07.26.23.09.07;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.9;

1.702.2.11.2.9
date	2013.08.22.01.08.36;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.10;

1.702.2.11.2.10
date	2013.09.10.11.07.26;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.11;

1.702.2.11.2.11
date	2013.10.26.20.08.06;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.12;

1.702.2.11.2.12
date	2013.11.28.23.09.18;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.13;

1.702.2.11.2.13
date	2014.01.14.20.09.22;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.14;

1.702.2.11.2.14
date	2014.04.09.00.09.39;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.15;

1.702.2.11.2.15
date	2014.04.30.04.08.12;	author svnexp;	state Exp;
branches;
next	1.702.2.11.2.16;

1.702.2.11.2.16
date	2014.05.14.00.08.14;	author svnexp;	state Exp;
branches;
next	;

1.632.2.1
date	2009.08.03.08.13.06;	author kensmith;	state Exp;
branches;
next	1.632.2.2;

1.632.2.2
date	2009.08.03.09.42.11;	author kensmith;	state Exp;
branches;
next	1.632.2.3;

1.632.2.3
date	2009.08.13.17.54.11;	author attilio;	state Exp;
branches;
next	1.632.2.4;

1.632.2.4
date	2009.09.15.11.13.40;	author pjd;	state Exp;
branches;
next	1.632.2.5;

1.632.2.5
date	2009.09.29.12.20.10;	author rpaulo;	state Exp;
branches;
next	1.632.2.6;

1.632.2.6
date	2009.09.29.19.57.06;	author kensmith;	state Exp;
branches;
next	1.632.2.7;

1.632.2.7
date	2009.09.30.12.53.21;	author kensmith;	state Exp;
branches
	1.632.2.7.2.1;
next	1.632.2.8;

1.632.2.8
date	2009.10.29.09.58.16;	author mav;	state Exp;
branches;
next	1.632.2.9;

1.632.2.9
date	2009.11.11.02.07.01;	author thompsa;	state Exp;
branches;
next	1.632.2.10;

1.632.2.10
date	2010.01.25.12.05.51;	author attilio;	state Exp;
branches;
next	1.632.2.11;

1.632.2.11
date	2010.04.07.02.24.41;	author nwhitehorn;	state Exp;
branches;
next	1.632.2.12;

1.632.2.12
date	2010.04.07.19.04.36;	author ume;	state Exp;
branches;
next	1.632.2.13;

1.632.2.13
date	2010.05.02.06.34.13;	author imp;	state Exp;
branches;
next	1.632.2.14;

1.632.2.14
date	2010.06.05.18.30.42;	author gavin;	state Exp;
branches
	1.632.2.14.2.1;
next	1.632.2.15;

1.632.2.15
date	2010.07.17.04.35.02;	author kensmith;	state Exp;
branches;
next	1.632.2.16;

1.632.2.16
date	2010.09.15.16.05.40;	author mm;	state Exp;
branches;
next	1.632.2.17;

1.632.2.17
date	2010.10.22.08.46.22;	author avg;	state Exp;
branches;
next	1.632.2.18;

1.632.2.18
date	2010.10.25.07.36.39;	author avg;	state Exp;
branches;
next	1.632.2.19;

1.632.2.19
date	2010.11.26.22.31.56;	author avg;	state Exp;
branches
	1.632.2.19.2.1;
next	1.632.2.20;

1.632.2.20
date	2011.02.16.14.25.26;	author kensmith;	state Exp;
branches;
next	1.632.2.21;

1.632.2.21
date	2011.02.25.15.32.44;	author netchild;	state Exp;
branches;
next	1.632.2.22;

1.632.2.22
date	2011.04.28.08.49.43;	author vanhu;	state Exp;
branches;
next	1.632.2.23;

1.632.2.23
date	2011.06.06.09.36.46;	author mm;	state Exp;
branches;
next	1.632.2.24;

1.632.2.24
date	2011.08.31.01.17.49;	author gjb;	state Exp;
branches;
next	1.632.2.25;

1.632.2.25
date	2011.11.07.13.45.18;	author marius;	state Exp;
branches;
next	1.632.2.26;

1.632.2.26
date	2012.01.06.19.32.39;	author jhb;	state Exp;
branches
	1.632.2.26.2.1;
next	1.632.2.27;

1.632.2.27
date	2012.04.08.05.03.46;	author kensmith;	state Exp;
branches;
next	1.632.2.28;

1.632.2.28
date	2012.07.30.11.29.05;	author marius;	state Exp;
branches;
next	1.632.2.29;

1.632.2.29
date	2012.10.04.09.02.38;	author kib;	state Exp;
branches;
next	1.632.2.30;

1.632.2.30
date	2012.10.19.11.01.39;	author jhb;	state Exp;
branches;
next	1.632.2.31;

1.632.2.31
date	2012.11.17.10.35.48;	author svnexp;	state Exp;
branches;
next	1.632.2.32;

1.632.2.32
date	2012.11.30.22.42.17;	author svnexp;	state Exp;
branches;
next	1.632.2.33;

1.632.2.33
date	2013.03.02.01.25.04;	author svnexp;	state Exp;
branches;
next	1.632.2.34;

1.632.2.34
date	2013.04.29.21.23.42;	author svnexp;	state Exp;
branches;
next	1.632.2.35;

1.632.2.35
date	2013.05.27.14.22.00;	author svnexp;	state Exp;
branches;
next	1.632.2.36;

1.632.2.36
date	2013.06.07.16.21.40;	author svnexp;	state Exp;
branches;
next	1.632.2.37;

1.632.2.37
date	2013.06.24.16.22.12;	author svnexp;	state Exp;
branches;
next	1.632.2.38;

1.632.2.38
date	2013.07.05.08.22.12;	author svnexp;	state Exp;
branches;
next	1.632.2.39;

1.632.2.39
date	2013.08.23.15.21.39;	author svnexp;	state Exp;
branches;
next	1.632.2.40;

1.632.2.40
date	2013.12.16.03.21.43;	author svnexp;	state Exp;
branches;
next	1.632.2.41;

1.632.2.41
date	2014.02.16.20.21.42;	author svnexp;	state Exp;
branches;
next	;

1.632.2.7.2.1
date	2009.10.25.01.10.29;	author kensmith;	state Exp;
branches;
next	1.632.2.7.2.2;

1.632.2.7.2.2
date	2009.10.29.15.42.50;	author mav;	state Exp;
branches;
next	1.632.2.7.2.3;

1.632.2.7.2.3
date	2009.11.20.16.00.40;	author kensmith;	state Exp;
branches;
next	1.632.2.7.2.4;

1.632.2.7.2.4
date	2009.12.03.09.18.40;	author cperciva;	state Exp;
branches;
next	1.632.2.7.2.5;

1.632.2.7.2.5
date	2010.01.06.21.45.30;	author simon;	state Exp;
branches;
next	1.632.2.7.2.6;

1.632.2.7.2.6
date	2010.05.27.03.15.04;	author cperciva;	state Exp;
branches;
next	1.632.2.7.2.7;

1.632.2.7.2.7
date	2010.07.13.02.45.17;	author cperciva;	state Exp;
branches;
next	1.632.2.7.2.8;

1.632.2.7.2.8
date	2010.09.20.14.58.08;	author cperciva;	state Exp;
branches;
next	1.632.2.7.2.9;

1.632.2.7.2.9
date	2010.11.29.20.43.06;	author simon;	state Exp;
branches;
next	;

1.632.2.14.2.1
date	2010.06.14.02.09.06;	author kensmith;	state Exp;
branches;
next	1.632.2.14.2.2;

1.632.2.14.2.2
date	2010.07.13.02.45.17;	author cperciva;	state Exp;
branches;
next	1.632.2.14.2.3;

1.632.2.14.2.3
date	2010.07.17.04.35.51;	author kensmith;	state Exp;
branches;
next	1.632.2.14.2.4;

1.632.2.14.2.4
date	2010.09.20.14.58.08;	author cperciva;	state Exp;
branches;
next	1.632.2.14.2.5;

1.632.2.14.2.5
date	2010.11.29.20.43.06;	author simon;	state Exp;
branches;
next	1.632.2.14.2.6;

1.632.2.14.2.6
date	2011.04.20.21.00.24;	author cperciva;	state Exp;
branches;
next	1.632.2.14.2.7;

1.632.2.14.2.7
date	2011.05.28.08.44.39;	author simon;	state Exp;
branches;
next	1.632.2.14.2.8;

1.632.2.14.2.8
date	2011.09.28.08.47.17;	author bz;	state Exp;
branches;
next	1.632.2.14.2.9;

1.632.2.14.2.9
date	2011.10.04.19.07.38;	author cperciva;	state Exp;
branches;
next	1.632.2.14.2.10;

1.632.2.14.2.10
date	2011.12.23.15.00.37;	author cperciva;	state Exp;
branches;
next	1.632.2.14.2.11;

1.632.2.14.2.11
date	2012.01.04.23.47.20;	author cperciva;	state Exp;
branches;
next	1.632.2.14.2.12;

1.632.2.14.2.12
date	2012.05.03.15.25.11;	author bz;	state Exp;
branches;
next	1.632.2.14.2.13;

1.632.2.14.2.13
date	2012.05.30.12.01.28;	author bz;	state Exp;
branches;
next	1.632.2.14.2.14;

1.632.2.14.2.14
date	2012.06.12.12.10.10;	author bz;	state Exp;
branches;
next	1.632.2.14.2.15;

1.632.2.14.2.15
date	2012.06.18.21.00.54;	author simon;	state Exp;
branches;
next	1.632.2.14.2.16;

1.632.2.14.2.16
date	2012.08.06.21.33.11;	author simon;	state Exp;
branches;
next	;

1.632.2.19.2.1
date	2010.12.21.17.09.25;	author kensmith;	state Exp;
branches;
next	1.632.2.19.2.2;

1.632.2.19.2.2
date	2011.02.16.14.28.04;	author kensmith;	state Exp;
branches;
next	1.632.2.19.2.3;

1.632.2.19.2.3
date	2011.04.20.21.00.24;	author cperciva;	state Exp;
branches;
next	1.632.2.19.2.4;

1.632.2.19.2.4
date	2011.05.28.08.44.39;	author simon;	state Exp;
branches;
next	1.632.2.19.2.5;

1.632.2.19.2.5
date	2011.09.28.08.47.17;	author bz;	state Exp;
branches;
next	1.632.2.19.2.6;

1.632.2.19.2.6
date	2011.10.04.19.07.38;	author cperciva;	state Exp;
branches;
next	1.632.2.19.2.7;

1.632.2.19.2.7
date	2011.12.23.15.00.37;	author cperciva;	state Exp;
branches;
next	1.632.2.19.2.8;

1.632.2.19.2.8
date	2012.01.04.23.47.20;	author cperciva;	state Exp;
branches;
next	1.632.2.19.2.9;

1.632.2.19.2.9
date	2012.05.03.15.25.11;	author bz;	state Exp;
branches;
next	1.632.2.19.2.10;

1.632.2.19.2.10
date	2012.05.30.12.01.28;	author bz;	state Exp;
branches;
next	1.632.2.19.2.11;

1.632.2.19.2.11
date	2012.06.12.12.10.10;	author bz;	state Exp;
branches;
next	1.632.2.19.2.12;

1.632.2.19.2.12
date	2012.08.06.21.33.11;	author simon;	state Exp;
branches;
next	;

1.632.2.26.2.1
date	2012.03.03.06.15.13;	author kensmith;	state Exp;
branches;
next	1.632.2.26.2.2;

1.632.2.26.2.2
date	2012.04.08.05.07.40;	author kensmith;	state Exp;
branches;
next	1.632.2.26.2.3;

1.632.2.26.2.3
date	2012.05.03.15.25.11;	author bz;	state Exp;
branches;
next	1.632.2.26.2.4;

1.632.2.26.2.4
date	2012.05.30.12.01.28;	author bz;	state Exp;
branches;
next	1.632.2.26.2.5;

1.632.2.26.2.5
date	2012.06.12.12.10.10;	author bz;	state Exp;
branches;
next	1.632.2.26.2.6;

1.632.2.26.2.6
date	2012.08.06.21.33.11;	author simon;	state Exp;
branches;
next	1.632.2.26.2.7;

1.632.2.26.2.7
date	2012.11.17.08.24.31;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.8;

1.632.2.26.2.8
date	2012.11.22.23.08.49;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.9;

1.632.2.26.2.9
date	2013.02.19.17.25.41;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.10;

1.632.2.26.2.10
date	2013.04.02.17.48.59;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.11;

1.632.2.26.2.11
date	2013.04.29.21.12.46;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.12;

1.632.2.26.2.12
date	2013.07.26.23.15.58;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.13;

1.632.2.26.2.13
date	2013.08.22.01.14.22;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.14;

1.632.2.26.2.14
date	2013.09.10.11.13.20;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.15;

1.632.2.26.2.15
date	2013.10.26.20.14.00;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.16;

1.632.2.26.2.16
date	2013.11.28.23.14.54;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.17;

1.632.2.26.2.17
date	2014.01.14.20.15.11;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.18;

1.632.2.26.2.18
date	2014.04.09.00.15.24;	author svnexp;	state Exp;
branches;
next	1.632.2.26.2.19;

1.632.2.26.2.19
date	2014.04.30.04.13.59;	author svnexp;	state Exp;
branches;
next	;

1.507.2.1
date	2007.10.11.06.20.26;	author kensmith;	state Exp;
branches;
next	1.507.2.2;

1.507.2.2
date	2007.10.28.17.31.51;	author marius;	state Exp;
branches;
next	1.507.2.3;

1.507.2.3
date	2007.11.26.20.07.19;	author marius;	state Exp;
branches
	1.507.2.3.2.1;
next	1.507.2.4;

1.507.2.4
date	2008.02.08.21.26.25;	author sam;	state Exp;
branches;
next	1.507.2.5;

1.507.2.5
date	2008.02.24.05.16.55;	author kensmith;	state Exp;
branches;
next	1.507.2.6;

1.507.2.6
date	2008.07.13.11.48.44;	author remko;	state Exp;
branches;
next	1.507.2.7;

1.507.2.7
date	2008.07.13.18.11.50;	author remko;	state Exp;
branches;
next	1.507.2.8;

1.507.2.8
date	2008.07.24.17.39.51;	author julian;	state Exp;
branches;
next	1.507.2.9;

1.507.2.9
date	2008.08.07.07.16.07;	author brueffer;	state Exp;
branches;
next	1.507.2.10;

1.507.2.10
date	2008.08.14.00.58.54;	author jfv;	state Exp;
branches;
next	1.507.2.11;

1.507.2.11
date	2008.08.27.06.59.01;	author jb;	state Exp;
branches;
next	1.507.2.12;

1.507.2.12
date	2008.09.01.23.53.55;	author des;	state Exp;
branches;
next	1.507.2.13;

1.507.2.13
date	2008.09.03.08.50.30;	author roberto;	state Exp;
branches
	1.507.2.13.2.1;
next	1.507.2.14;

1.507.2.14
date	2009.01.07.16.35.59;	author mav;	state Exp;
branches;
next	1.507.2.15;

1.507.2.15
date	2009.01.09.22.19.48;	author mav;	state Exp;
branches;
next	1.507.2.16;

1.507.2.16
date	2009.01.14.16.27.04;	author kensmith;	state Exp;
branches;
next	1.507.2.17;

1.507.2.17
date	2009.01.19.17.14.03;	author sobomax;	state Exp;
branches;
next	1.507.2.18;

1.507.2.18
date	2009.02.07.13.19.08;	author bz;	state Exp;
branches;
next	1.507.2.19;

1.507.2.19
date	2009.02.07.15.51.21;	author alc;	state Exp;
branches;
next	1.507.2.20;

1.507.2.20
date	2009.03.12.03.09.11;	author bms;	state Exp;
branches;
next	1.507.2.21;

1.507.2.21
date	2009.03.12.13.45.55;	author kib;	state Exp;
branches;
next	1.507.2.22;

1.507.2.22
date	2009.03.18.11.30.47;	author bz;	state Exp;
branches;
next	1.507.2.23;

1.507.2.23
date	2009.03.26.22.54.19;	author rwatson;	state Exp;
branches
	1.507.2.23.2.1;
next	1.507.2.24;

1.507.2.24
date	2009.05.01.02.16.05;	author kensmith;	state Exp;
branches;
next	1.507.2.25;

1.507.2.25
date	2009.05.20.23.34.59;	author kmacy;	state Exp;
branches;
next	1.507.2.26;

1.507.2.26
date	2009.05.21.02.18.10;	author brd;	state Exp;
branches;
next	1.507.2.27;

1.507.2.27
date	2009.05.21.10.03.50;	author ed;	state Exp;
branches;
next	1.507.2.28;

1.507.2.28
date	2009.05.21.17.12.13;	author rpaulo;	state Exp;
branches;
next	1.507.2.29;

1.507.2.29
date	2009.06.07.18.45.04;	author fabient;	state Exp;
branches;
next	1.507.2.30;

1.507.2.30
date	2009.06.14.21.11.39;	author kmacy;	state Exp;
branches;
next	1.507.2.31;

1.507.2.31
date	2009.07.18.21.50.53;	author brian;	state Exp;
branches;
next	1.507.2.32;

1.507.2.32
date	2009.07.31.20.32.55;	author jhb;	state Exp;
branches;
next	1.507.2.33;

1.507.2.33
date	2009.08.31.02.45.47;	author edwin;	state Exp;
branches;
next	1.507.2.34;

1.507.2.34
date	2009.11.29.17.27.58;	author bz;	state Exp;
branches
	1.507.2.34.2.1;
next	1.507.2.35;

1.507.2.35
date	2010.03.20.23.50.55;	author kensmith;	state Exp;
branches;
next	1.507.2.36;

1.507.2.36
date	2010.11.26.22.31.56;	author avg;	state Exp;
branches
	1.507.2.36.2.1;
next	1.507.2.37;

1.507.2.37
date	2011.02.16.15.18.28;	author kensmith;	state Exp;
branches;
next	1.507.2.38;

1.507.2.38
date	2011.02.25.16.08.31;	author netchild;	state Exp;
branches;
next	1.507.2.39;

1.507.2.39
date	2011.08.31.01.18.23;	author gjb;	state Exp;
branches;
next	1.507.2.40;

1.507.2.40
date	2011.11.07.13.46.16;	author marius;	state Exp;
branches;
next	1.507.2.41;

1.507.2.41
date	2012.11.17.08.00.43;	author svnexp;	state Exp;
branches;
next	1.507.2.42;

1.507.2.42
date	2013.03.23.08.33.04;	author svnexp;	state Exp;
branches;
next	;

1.507.2.3.2.1
date	2008.01.14.22.55.53;	author cperciva;	state Exp;
branches;
next	1.507.2.3.2.2;

1.507.2.3.2.2
date	2008.01.15.23.37.07;	author cperciva;	state Exp;
branches;
next	1.507.2.3.2.3;

1.507.2.3.2.3
date	2008.02.14.11.45.41;	author simon;	state Exp;
branches;
next	1.507.2.3.2.4;

1.507.2.3.2.4
date	2008.02.24.05.17.54;	author kensmith;	state Exp;
branches;
next	1.507.2.3.2.5;

1.507.2.3.2.5
date	2008.04.16.23.58.52;	author cperciva;	state Exp;
branches;
next	1.507.2.3.2.6;

1.507.2.3.2.6
date	2008.06.19.06.36.10;	author cperciva;	state Exp;
branches;
next	1.507.2.3.2.7;

1.507.2.3.2.7
date	2008.07.13.18.42.38;	author cperciva;	state Exp;
branches;
next	1.507.2.3.2.8;

1.507.2.3.2.8
date	2008.09.03.19.09.47;	author simon;	state Exp;
branches;
next	1.507.2.3.2.9;

1.507.2.3.2.9
date	2008.10.02.00.32.59;	author cperciva;	state Exp;
branches;
next	1.507.2.3.2.10;

1.507.2.3.2.10
date	2008.11.24.17.39.39;	author cperciva;	state Exp;
branches;
next	1.507.2.3.2.11;

1.507.2.3.2.11
date	2008.12.23.01.23.09;	author cperciva;	state Exp;
branches;
next	1.507.2.3.2.12;

1.507.2.3.2.12
date	2009.01.07.20.17.55;	author simon;	state Exp;
branches;
next	1.507.2.3.2.13;

1.507.2.3.2.13
date	2009.01.13.21.19.27;	author simon;	state Exp;
branches;
next	1.507.2.3.2.14;

1.507.2.3.2.14
date	2009.02.16.21.56.17;	author cperciva;	state Exp;
branches;
next	1.507.2.3.2.15;

1.507.2.3.2.15
date	2009.03.23.00.00.50;	author cperciva;	state Exp;
branches;
next	1.507.2.3.2.16;

1.507.2.3.2.16
date	2009.04.22.14.07.14;	author cperciva;	state Exp;
branches;
next	;

1.507.2.13.2.1
date	2008.11.25.02.59.29;	author kensmith;	state Exp;
branches;
next	1.507.2.13.2.2;

1.507.2.13.2.2
date	2008.12.23.01.23.09;	author cperciva;	state Exp;
branches;
next	1.507.2.13.2.3;

1.507.2.13.2.3
date	2008.12.31.17.17.36;	author kensmith;	state Exp;
branches;
next	1.507.2.13.2.4;

1.507.2.13.2.4
date	2009.01.07.20.17.55;	author simon;	state Exp;
branches;
next	1.507.2.13.2.5;

1.507.2.13.2.5
date	2009.01.13.21.19.27;	author simon;	state Exp;
branches;
next	1.507.2.13.2.6;

1.507.2.13.2.6
date	2009.02.16.21.56.17;	author cperciva;	state Exp;
branches;
next	1.507.2.13.2.7;

1.507.2.13.2.7
date	2009.03.23.00.00.50;	author cperciva;	state Exp;
branches;
next	1.507.2.13.2.8;

1.507.2.13.2.8
date	2009.04.22.14.07.14;	author cperciva;	state Exp;
branches;
next	1.507.2.13.2.9;

1.507.2.13.2.9
date	2009.06.10.10.31.11;	author cperciva;	state Exp;
branches;
next	1.507.2.13.2.10;

1.507.2.13.2.10
date	2009.07.29.00.14.14;	author simon;	state Exp;
branches;
next	1.507.2.13.2.11;

1.507.2.13.2.11
date	2009.10.02.18.09.56;	author simon;	state Exp;
branches;
next	1.507.2.13.2.12;

1.507.2.13.2.12
date	2009.12.03.09.18.40;	author cperciva;	state Exp;
branches;
next	1.507.2.13.2.13;

1.507.2.13.2.13
date	2010.01.06.21.45.30;	author simon;	state Exp;
branches;
next	1.507.2.13.2.14;

1.507.2.13.2.14
date	2010.02.27.10.55.43;	author cperciva;	state Exp;
branches;
next	1.507.2.13.2.15;

1.507.2.13.2.15
date	2010.05.27.03.15.04;	author cperciva;	state Exp;
branches;
next	1.507.2.13.2.16;

1.507.2.13.2.16
date	2010.07.13.02.45.17;	author cperciva;	state Exp;
branches;
next	1.507.2.13.2.17;

1.507.2.13.2.17
date	2010.09.20.14.58.08;	author cperciva;	state Exp;
branches;
next	1.507.2.13.2.18;

1.507.2.13.2.18
date	2010.11.10.23.36.13;	author cperciva;	state Exp;
branches;
next	1.507.2.13.2.19;

1.507.2.13.2.19
date	2010.11.29.20.43.06;	author simon;	state Exp;
branches;
next	;

1.507.2.23.2.1
date	2009.04.15.03.14.26;	author kensmith;	state Exp;
branches;
next	1.507.2.23.2.2;

1.507.2.23.2.2
date	2009.04.22.14.07.14;	author cperciva;	state Exp;
branches;
next	1.507.2.23.2.3;

1.507.2.23.2.3
date	2009.05.01.02.17.08;	author kensmith;	state Exp;
branches;
next	1.507.2.23.2.4;

1.507.2.23.2.4
date	2009.06.10.10.31.11;	author cperciva;	state Exp;
branches;
next	1.507.2.23.2.5;

1.507.2.23.2.5
date	2009.06.24.05.28.09;	author cperciva;	state Exp;
branches;
next	1.507.2.23.2.6;

1.507.2.23.2.6
date	2009.07.29.00.14.14;	author simon;	state Exp;
branches;
next	1.507.2.23.2.7;

1.507.2.23.2.7
date	2009.10.02.18.09.56;	author simon;	state Exp;
branches;
next	1.507.2.23.2.8;

1.507.2.23.2.8
date	2009.12.03.09.18.40;	author cperciva;	state Exp;
branches;
next	1.507.2.23.2.9;

1.507.2.23.2.9
date	2010.01.06.21.45.30;	author simon;	state Exp;
branches;
next	1.507.2.23.2.10;

1.507.2.23.2.10
date	2010.02.27.10.55.43;	author cperciva;	state Exp;
branches;
next	1.507.2.23.2.11;

1.507.2.23.2.11
date	2010.05.27.03.15.04;	author cperciva;	state Exp;
branches;
next	;

1.507.2.34.2.1
date	2010.02.10.00.26.20;	author kensmith;	state Exp;
branches;
next	1.507.2.34.2.2;

1.507.2.34.2.2
date	2010.03.21.00.05.29;	author kensmith;	state Exp;
branches;
next	1.507.2.34.2.3;

1.507.2.34.2.3
date	2010.05.27.03.15.04;	author cperciva;	state Exp;
branches;
next	1.507.2.34.2.4;

1.507.2.34.2.4
date	2010.07.13.02.45.17;	author cperciva;	state Exp;
branches;
next	1.507.2.34.2.5;

1.507.2.34.2.5
date	2010.09.20.14.58.08;	author cperciva;	state Exp;
branches;
next	1.507.2.34.2.6;

1.507.2.34.2.6
date	2010.11.29.20.43.06;	author simon;	state Exp;
branches;
next	1.507.2.34.2.7;

1.507.2.34.2.7
date	2011.04.20.21.00.24;	author cperciva;	state Exp;
branches;
next	1.507.2.34.2.8;

1.507.2.34.2.8
date	2011.05.28.08.44.39;	author simon;	state Exp;
branches;
next	1.507.2.34.2.9;

1.507.2.34.2.9
date	2011.09.28.08.47.17;	author bz;	state Exp;
branches;
next	1.507.2.34.2.10;

1.507.2.34.2.10
date	2011.10.04.19.07.38;	author cperciva;	state Exp;
branches;
next	1.507.2.34.2.11;

1.507.2.34.2.11
date	2011.12.23.15.00.37;	author cperciva;	state Exp;
branches;
next	1.507.2.34.2.12;

1.507.2.34.2.12
date	2012.01.04.23.47.20;	author cperciva;	state Exp;
branches;
next	;

1.507.2.36.2.1
date	2010.12.21.17.10.29;	author kensmith;	state Exp;
branches;
next	1.507.2.36.2.2;

1.507.2.36.2.2
date	2011.02.16.15.19.31;	author kensmith;	state Exp;
branches;
next	1.507.2.36.2.3;

1.507.2.36.2.3
date	2011.04.20.21.00.24;	author cperciva;	state Exp;
branches;
next	1.507.2.36.2.4;

1.507.2.36.2.4
date	2011.05.28.08.44.39;	author simon;	state Exp;
branches;
next	1.507.2.36.2.5;

1.507.2.36.2.5
date	2011.09.28.08.47.17;	author bz;	state Exp;
branches;
next	1.507.2.36.2.6;

1.507.2.36.2.6
date	2011.10.04.19.07.38;	author cperciva;	state Exp;
branches;
next	1.507.2.36.2.7;

1.507.2.36.2.7
date	2011.12.23.15.00.37;	author cperciva;	state Exp;
branches;
next	1.507.2.36.2.8;

1.507.2.36.2.8
date	2012.01.04.23.47.20;	author cperciva;	state Exp;
branches;
next	1.507.2.36.2.9;

1.507.2.36.2.9
date	2012.05.03.15.25.11;	author bz;	state Exp;
branches;
next	1.507.2.36.2.10;

1.507.2.36.2.10
date	2012.05.30.12.01.28;	author bz;	state Exp;
branches;
next	1.507.2.36.2.11;

1.507.2.36.2.11
date	2012.06.12.12.10.10;	author bz;	state Exp;
branches;
next	1.507.2.36.2.12;

1.507.2.36.2.12
date	2012.08.06.21.33.11;	author simon;	state Exp;
branches;
next	1.507.2.36.2.13;

1.507.2.36.2.13
date	2012.11.17.08.16.31;	author svnexp;	state Exp;
branches;
next	1.507.2.36.2.14;

1.507.2.36.2.14
date	2012.11.22.23.13.20;	author svnexp;	state Exp;
branches;
next	1.507.2.36.2.15;

1.507.2.36.2.15
date	2013.02.19.17.33.01;	author svnexp;	state Exp;
branches;
next	;

1.416.2.1
date	2005.07.11.16.02.28;	author kensmith;	state Exp;
branches;
next	1.416.2.2;

1.416.2.2
date	2005.07.22.20.21.50;	author ume;	state Exp;
branches;
next	1.416.2.3;

1.416.2.3
date	2005.10.07.14.00.02;	author glebius;	state Exp;
branches
	1.416.2.3.2.1;
next	1.416.2.4;

1.416.2.4
date	2005.10.23.03.34.43;	author delphij;	state Exp;
branches;
next	1.416.2.5;

1.416.2.5
date	2005.10.28.02.58.50;	author delphij;	state Exp;
branches;
next	1.416.2.6;

1.416.2.6
date	2005.11.01.23.40.10;	author scottl;	state Exp;
branches;
next	1.416.2.7;

1.416.2.7
date	2005.11.01.23.44.40;	author scottl;	state Exp;
branches;
next	1.416.2.8;

1.416.2.8
date	2005.12.07.20.52.35;	author dougb;	state Exp;
branches;
next	1.416.2.9;

1.416.2.9
date	2005.12.08.14.09.50;	author glebius;	state Exp;
branches;
next	1.416.2.10;

1.416.2.10
date	2005.12.21.07.11.33;	author dougb;	state Exp;
branches;
next	1.416.2.11;

1.416.2.11
date	2005.12.22.00.43.18;	author brooks;	state Exp;
branches;
next	1.416.2.12;

1.416.2.12
date	2005.12.30.19.55.51;	author netchild;	state Exp;
branches;
next	1.416.2.13;

1.416.2.13
date	2006.01.07.19.40.08;	author netchild;	state Exp;
branches;
next	1.416.2.14;

1.416.2.14
date	2006.01.21.22.51.40;	author yar;	state Exp;
branches;
next	1.416.2.15;

1.416.2.15
date	2006.01.24.15.58.10;	author pjd;	state Exp;
branches;
next	1.416.2.16;

1.416.2.16
date	2006.01.31.20.29.43;	author jhb;	state Exp;
branches;
next	1.416.2.17;

1.416.2.17
date	2006.02.11.08.19.37;	author ume;	state Exp;
branches;
next	1.416.2.18;

1.416.2.18
date	2006.02.22.11.51.57;	author yar;	state Exp;
branches;
next	1.416.2.19;

1.416.2.19
date	2006.02.28.19.12.38;	author emaste;	state Exp;
branches;
next	1.416.2.20;

1.416.2.20
date	2006.03.09.21.51.00;	author yar;	state Exp;
branches;
next	1.416.2.21;

1.416.2.21
date	2006.03.13.06.41.00;	author imp;	state Exp;
branches;
next	1.416.2.22;

1.416.2.22
date	2006.03.13.08.08.15;	author imp;	state Exp;
branches
	1.416.2.22.2.1;
next	1.416.2.23;

1.416.2.23
date	2006.05.06.07.44.54;	author scottl;	state Exp;
branches;
next	1.416.2.24;

1.416.2.24
date	2006.07.21.09.41.09;	author mlaier;	state Exp;
branches;
next	1.416.2.25;

1.416.2.25
date	2006.08.06.19.03.26;	author twinterg;	state Exp;
branches;
next	1.416.2.26;

1.416.2.26
date	2006.08.24.05.40.15;	author julian;	state Exp;
branches;
next	1.416.2.27;

1.416.2.27
date	2006.09.02.17.09.26;	author sam;	state Exp;
branches;
next	1.416.2.28;

1.416.2.28
date	2006.09.27.10.46.41;	author maxim;	state Exp;
branches;
next	1.416.2.29;

1.416.2.29
date	2006.10.04.21.09.12;	author marck;	state Exp;
branches
	1.416.2.29.2.1;
next	1.416.2.30;

1.416.2.30
date	2007.01.16.15.33.53;	author bmah;	state Exp;
branches;
next	1.416.2.31;

1.416.2.31
date	2007.04.14.16.26.40;	author gshapiro;	state Exp;
branches;
next	1.416.2.32;

1.416.2.32
date	2007.04.27.03.33.17;	author gshapiro;	state Exp;
branches;
next	1.416.2.33;

1.416.2.33
date	2007.08.06.10.16.01;	author thompsa;	state Exp;
branches;
next	1.416.2.34;

1.416.2.34
date	2007.10.21.04.17.29;	author julian;	state Exp;
branches;
next	1.416.2.35;

1.416.2.35
date	2007.10.21.04.22.46;	author julian;	state Exp;
branches;
next	1.416.2.36;

1.416.2.36
date	2007.10.25.06.45.29;	author rafan;	state Exp;
branches;
next	1.416.2.37;

1.416.2.37
date	2007.10.25.12.49.21;	author rafan;	state Exp;
branches
	1.416.2.37.2.1;
next	1.416.2.38;

1.416.2.38
date	2007.11.26.21.04.58;	author marius;	state Exp;
branches;
next	1.416.2.39;

1.416.2.39
date	2008.02.22.20.14.30;	author remko;	state Exp;
branches;
next	1.416.2.40;

1.416.2.40
date	2008.09.04.12.51.10;	author roberto;	state Exp;
branches
	1.416.2.40.2.1;
next	1.416.2.41;

1.416.2.41
date	2009.01.03.13.55.02;	author brueffer;	state Exp;
branches;
next	1.416.2.42;

1.416.2.42
date	2009.11.29.17.35.31;	author bz;	state Exp;
branches;
next	1.416.2.43;

1.416.2.43
date	2012.11.17.07.38.31;	author svnexp;	state Exp;
branches;
next	1.416.2.44;

1.416.2.44
date	2013.03.23.08.32.05;	author svnexp;	state Exp;
branches;
next	;

1.416.2.3.2.1
date	2005.10.11.11.53.02;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.2;

1.416.2.3.2.2
date	2005.10.23.03.36.03;	author delphij;	state Exp;
branches;
next	1.416.2.3.2.3;

1.416.2.3.2.3
date	2005.10.28.02.59.51;	author delphij;	state Exp;
branches;
next	1.416.2.3.2.4;

1.416.2.3.2.4
date	2005.11.01.23.40.38;	author scottl;	state Exp;
branches;
next	1.416.2.3.2.5;

1.416.2.3.2.5
date	2005.11.01.23.43.49;	author scottl;	state Exp;
branches;
next	1.416.2.3.2.6;

1.416.2.3.2.6
date	2005.12.19.10.58.56;	author delphij;	state Exp;
branches;
next	1.416.2.3.2.7;

1.416.2.3.2.7
date	2006.01.11.08.03.17;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.8;

1.416.2.3.2.8
date	2006.01.18.09.03.36;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.9;

1.416.2.3.2.9
date	2006.01.25.10.01.25;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.10;

1.416.2.3.2.10
date	2006.03.01.14.18.45;	author simon;	state Exp;
branches;
next	1.416.2.3.2.11;

1.416.2.3.2.11
date	2006.03.22.16.01.37;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.12;

1.416.2.3.2.12
date	2006.04.19.07.01.11;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.13;

1.416.2.3.2.13
date	2006.05.31.22.32.03;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.14;

1.416.2.3.2.14
date	2006.06.14.15.59.37;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.15;

1.416.2.3.2.15
date	2006.08.23.22.02.52;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.16;

1.416.2.3.2.16
date	2006.09.06.21.20.07;	author simon;	state Exp;
branches;
next	1.416.2.3.2.17;

1.416.2.3.2.17
date	2006.09.19.14.04.13;	author simon;	state Exp;
branches;
next	1.416.2.3.2.18;

1.416.2.3.2.18
date	2006.09.28.13.03.40;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.19;

1.416.2.3.2.19
date	2006.09.29.13.44.44;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.20;

1.416.2.3.2.20
date	2006.09.30.19.53.20;	author simon;	state Exp;
branches;
next	1.416.2.3.2.21;

1.416.2.3.2.21
date	2006.12.06.09.15.40;	author cperciva;	state Exp;
branches;
next	1.416.2.3.2.22;

1.416.2.3.2.22
date	2007.01.11.18.18.35;	author simon;	state Exp;
branches;
next	1.416.2.3.2.23;

1.416.2.3.2.23
date	2007.02.14.22.29.56;	author cperciva;	state Exp;
branches;
next	;

1.416.2.22.2.1
date	2006.04.19.07.00.49;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.2;

1.416.2.22.2.2
date	2006.05.06.07.41.02;	author scottl;	state Exp;
branches;
next	1.416.2.22.2.3;

1.416.2.22.2.3
date	2006.05.31.22.31.41;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.4;

1.416.2.22.2.4
date	2006.06.14.15.59.27;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.5;

1.416.2.22.2.5
date	2006.07.07.07.25.21;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.6;

1.416.2.22.2.6
date	2006.08.23.22.02.25;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.7;

1.416.2.22.2.7
date	2006.08.28.07.31.09;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.8;

1.416.2.22.2.8
date	2006.09.06.21.19.20;	author simon;	state Exp;
branches;
next	1.416.2.22.2.9;

1.416.2.22.2.9
date	2006.09.19.14.03.26;	author simon;	state Exp;
branches;
next	1.416.2.22.2.10;

1.416.2.22.2.10
date	2006.09.28.13.03.13;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.11;

1.416.2.22.2.11
date	2006.09.29.13.44.30;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.12;

1.416.2.22.2.12
date	2006.09.30.19.51.55;	author simon;	state Exp;
branches;
next	1.416.2.22.2.13;

1.416.2.22.2.13
date	2006.12.06.09.14.59;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.14;

1.416.2.22.2.14
date	2007.01.11.18.18.07;	author simon;	state Exp;
branches;
next	1.416.2.22.2.15;

1.416.2.22.2.15
date	2007.02.09.20.23.28;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.16;

1.416.2.22.2.16
date	2007.02.14.22.30.33;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.17;

1.416.2.22.2.17
date	2007.02.28.18.23.08;	author simon;	state Exp;
branches;
next	1.416.2.22.2.18;

1.416.2.22.2.18
date	2007.04.26.23.41.59;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.19;

1.416.2.22.2.19
date	2007.05.23.16.13.07;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.20;

1.416.2.22.2.20
date	2007.07.12.15.01.31;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.21;

1.416.2.22.2.21
date	2007.08.01.20.45.48;	author simon;	state Exp;
branches;
next	1.416.2.22.2.22;

1.416.2.22.2.22
date	2007.10.03.21.41.21;	author simon;	state Exp;
branches;
next	1.416.2.22.2.23;

1.416.2.22.2.23
date	2007.11.29.16.07.53;	author simon;	state Exp;
branches;
next	1.416.2.22.2.24;

1.416.2.22.2.24
date	2008.01.14.22.56.56;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.25;

1.416.2.22.2.25
date	2008.01.15.23.36.09;	author cperciva;	state Exp;
branches;
next	1.416.2.22.2.26;

1.416.2.22.2.26
date	2008.02.14.11.47.38;	author simon;	state Exp;
branches;
next	1.416.2.22.2.27;

1.416.2.22.2.27
date	2008.04.17.00.00.28;	author cperciva;	state Exp;
branches;
next	;

1.416.2.29.2.1
date	2006.12.06.09.14.23;	author cperciva;	state Exp;
branches;
next	1.416.2.29.2.2;

1.416.2.29.2.2
date	2007.01.11.18.27.07;	author simon;	state Exp;
branches;
next	1.416.2.29.2.3;

1.416.2.29.2.3
date	2007.01.11.21.47.14;	author kensmith;	state Exp;
branches;
next	1.416.2.29.2.4;

1.416.2.29.2.4
date	2007.02.09.20.24.14;	author cperciva;	state Exp;
branches;
next	1.416.2.29.2.5;

1.416.2.29.2.5
date	2007.02.28.18.24.36;	author simon;	state Exp;
branches;
next	1.416.2.29.2.6;

1.416.2.29.2.6
date	2007.03.15.08.06.10;	author cperciva;	state Exp;
branches;
next	1.416.2.29.2.7;

1.416.2.29.2.7
date	2007.04.26.23.42.22;	author cperciva;	state Exp;
branches;
next	1.416.2.29.2.8;

1.416.2.29.2.8
date	2007.05.23.16.13.20;	author cperciva;	state Exp;
branches;
next	1.416.2.29.2.9;

1.416.2.29.2.9
date	2007.07.12.15.01.13;	author cperciva;	state Exp;
branches;
next	1.416.2.29.2.10;

1.416.2.29.2.10
date	2007.08.01.20.44.57;	author simon;	state Exp;
branches;
next	1.416.2.29.2.11;

1.416.2.29.2.11
date	2007.10.03.21.40.35;	author simon;	state Exp;
branches;
next	1.416.2.29.2.12;

1.416.2.29.2.12
date	2007.11.29.16.07.29;	author simon;	state Exp;
branches;
next	1.416.2.29.2.13;

1.416.2.29.2.13
date	2008.01.14.22.56.43;	author cperciva;	state Exp;
branches;
next	1.416.2.29.2.14;

1.416.2.29.2.14
date	2008.01.15.23.36.53;	author cperciva;	state Exp;
branches;
next	1.416.2.29.2.15;

1.416.2.29.2.15
date	2008.02.14.11.47.05;	author simon;	state Exp;
branches;
next	1.416.2.29.2.16;

1.416.2.29.2.16
date	2008.04.17.00.00.03;	author cperciva;	state Exp;
branches;
next	;

1.416.2.37.2.1
date	2007.11.27.20.48.12;	author marius;	state Exp;
branches;
next	1.416.2.37.2.2;

1.416.2.37.2.2
date	2007.11.29.16.06.54;	author simon;	state Exp;
branches;
next	1.416.2.37.2.3;

1.416.2.37.2.3
date	2008.01.14.22.56.18;	author cperciva;	state Exp;
branches;
next	1.416.2.37.2.4;

1.416.2.37.2.4
date	2008.01.15.15.45.07;	author kensmith;	state Exp;
branches;
next	1.416.2.37.2.5;

1.416.2.37.2.5
date	2008.02.14.11.46.40;	author simon;	state Exp;
branches;
next	1.416.2.37.2.6;

1.416.2.37.2.6
date	2008.04.16.23.59.47;	author cperciva;	state Exp;
branches;
next	1.416.2.37.2.7;

1.416.2.37.2.7
date	2008.04.17.00.02.19;	author cperciva;	state Exp;
branches;
next	1.416.2.37.2.8;

1.416.2.37.2.8
date	2008.07.13.18.42.38;	author cperciva;	state Exp;
branches;
next	1.416.2.37.2.9;

1.416.2.37.2.9
date	2008.09.03.19.09.47;	author simon;	state Exp;
branches;
next	1.416.2.37.2.10;

1.416.2.37.2.10
date	2008.10.02.00.32.59;	author cperciva;	state Exp;
branches;
next	1.416.2.37.2.11;

1.416.2.37.2.11
date	2008.11.24.17.39.39;	author cperciva;	state Exp;
branches;
next	1.416.2.37.2.12;

1.416.2.37.2.12
date	2008.12.23.01.23.09;	author cperciva;	state Exp;
branches;
next	1.416.2.37.2.13;

1.416.2.37.2.13
date	2009.01.07.20.17.55;	author simon;	state Exp;
branches;
next	1.416.2.37.2.14;

1.416.2.37.2.14
date	2009.01.13.21.19.27;	author simon;	state Exp;
branches;
next	1.416.2.37.2.15;

1.416.2.37.2.15
date	2009.04.22.14.07.14;	author cperciva;	state Exp;
branches;
next	1.416.2.37.2.16;

1.416.2.37.2.16
date	2009.06.10.10.31.11;	author cperciva;	state Exp;
branches;
next	1.416.2.37.2.17;

1.416.2.37.2.17
date	2009.07.29.00.14.14;	author simon;	state Exp;
branches;
next	1.416.2.37.2.18;

1.416.2.37.2.18
date	2009.10.02.18.09.56;	author simon;	state Exp;
branches;
next	1.416.2.37.2.19;

1.416.2.37.2.19
date	2009.12.03.09.18.40;	author cperciva;	state Exp;
branches;
next	1.416.2.37.2.20;

1.416.2.37.2.20
date	2010.01.06.21.45.30;	author simon;	state Exp;
branches;
next	;

1.416.2.40.2.1
date	2008.10.02.02.57.24;	author kensmith;	state Exp;
branches;
next	1.416.2.40.2.2;

1.416.2.40.2.2
date	2008.11.24.17.39.39;	author cperciva;	state Exp;
branches;
next	1.416.2.40.2.3;

1.416.2.40.2.3
date	2008.11.25.01.40.25;	author kensmith;	state Exp;
branches;
next	1.416.2.40.2.4;

1.416.2.40.2.4
date	2008.12.23.01.23.09;	author cperciva;	state Exp;
branches;
next	1.416.2.40.2.5;

1.416.2.40.2.5
date	2009.01.07.20.17.55;	author simon;	state Exp;
branches;
next	1.416.2.40.2.6;

1.416.2.40.2.6
date	2009.01.13.21.19.27;	author simon;	state Exp;
branches;
next	1.416.2.40.2.7;

1.416.2.40.2.7
date	2009.01.21.18.47.52;	author cperciva;	state Exp;
branches;
next	1.416.2.40.2.8;

1.416.2.40.2.8
date	2009.04.22.14.07.14;	author cperciva;	state Exp;
branches;
next	1.416.2.40.2.9;

1.416.2.40.2.9
date	2009.06.10.10.31.11;	author cperciva;	state Exp;
branches;
next	1.416.2.40.2.10;

1.416.2.40.2.10
date	2009.07.29.00.14.14;	author simon;	state Exp;
branches;
next	1.416.2.40.2.11;

1.416.2.40.2.11
date	2009.10.02.18.09.56;	author simon;	state Exp;
branches;
next	1.416.2.40.2.12;

1.416.2.40.2.12
date	2009.12.03.09.18.40;	author cperciva;	state Exp;
branches;
next	1.416.2.40.2.13;

1.416.2.40.2.13
date	2010.01.06.21.45.30;	author simon;	state Exp;
branches;
next	1.416.2.40.2.14;

1.416.2.40.2.14
date	2010.05.27.03.15.04;	author cperciva;	state Exp;
branches;
next	1.416.2.40.2.15;

1.416.2.40.2.15
date	2010.09.20.14.58.08;	author cperciva;	state Exp;
branches;
next	;

1.342.2.1
date	2004.08.20.00.30.59;	author kensmith;	state Exp;
branches;
next	1.342.2.2;

1.342.2.2
date	2004.08.26.20.58.46;	author julian;	state Exp;
branches;
next	1.342.2.3;

1.342.2.3
date	2004.09.03.03.17.14;	author rwatson;	state Exp;
branches;
next	1.342.2.4;

1.342.2.4
date	2004.09.08.04.48.21;	author scottl;	state Exp;
branches;
next	1.342.2.5;

1.342.2.5
date	2004.09.14.02.45.13;	author mlaier;	state Exp;
branches;
next	1.342.2.6;

1.342.2.6
date	2004.09.14.03.51.21;	author jmg;	state Exp;
branches;
next	1.342.2.7;

1.342.2.7
date	2004.09.22.20.41.31;	author andre;	state Exp;
branches;
next	1.342.2.8;

1.342.2.8
date	2004.09.28.06.54.02;	author cperciva;	state Exp;
branches;
next	1.342.2.9;

1.342.2.9
date	2004.09.30.23.36.06;	author dougb;	state Exp;
branches;
next	1.342.2.10;

1.342.2.10
date	2004.10.01.16.32.05;	author kensmith;	state Exp;
branches;
next	1.342.2.11;

1.342.2.11
date	2004.10.03.17.04.38;	author mlaier;	state Exp;
branches;
next	1.342.2.12;

1.342.2.12
date	2004.10.09.15.58.51;	author mtm;	state Exp;
branches;
next	1.342.2.13;

1.342.2.13
date	2004.10.10.16.16.31;	author mtm;	state Exp;
branches
	1.342.2.13.2.1;
next	1.342.2.14;

1.342.2.14
date	2004.10.24.18.28.08;	author scottl;	state Exp;
branches;
next	1.342.2.15;

1.342.2.15
date	2004.10.25.16.03.56;	author kensmith;	state Exp;
branches;
next	1.342.2.16;

1.342.2.16
date	2004.11.26.11.19.12;	author glebius;	state Exp;
branches;
next	1.342.2.17;

1.342.2.17
date	2005.02.03.13.33.25;	author brian;	state Exp;
branches;
next	1.342.2.18;

1.342.2.18
date	2005.02.15.21.15.31;	author marcel;	state Exp;
branches;
next	1.342.2.19;

1.342.2.19
date	2005.02.25.21.47.13;	author njl;	state Exp;
branches;
next	1.342.2.20;

1.342.2.20
date	2005.02.28.22.03.12;	author brooks;	state Exp;
branches;
next	1.342.2.21;

1.342.2.21
date	2005.03.02.16.35.10;	author delphij;	state Exp;
branches;
next	1.342.2.22;

1.342.2.22
date	2005.03.02.19.50.11;	author andre;	state Exp;
branches;
next	1.342.2.23;

1.342.2.23
date	2005.03.02.20.59.08;	author obrien;	state Exp;
branches;
next	1.342.2.24;

1.342.2.24
date	2005.03.07.21.37.30;	author maxim;	state Exp;
branches
	1.342.2.24.2.1;
next	1.342.2.25;

1.342.2.25
date	2005.04.08.23.02.23;	author imp;	state Exp;
branches;
next	1.342.2.26;

1.342.2.26
date	2005.04.08.23.30.08;	author imp;	state Exp;
branches;
next	1.342.2.27;

1.342.2.27
date	2005.05.10.17.28.52;	author kensmith;	state Exp;
branches;
next	1.342.2.28;

1.342.2.28
date	2005.06.02.08.27.26;	author imp;	state Exp;
branches;
next	1.342.2.29;

1.342.2.29
date	2005.06.02.09.04.00;	author imp;	state Exp;
branches;
next	1.342.2.30;

1.342.2.30
date	2005.06.11.00.08.45;	author cperciva;	state Exp;
branches;
next	1.342.2.31;

1.342.2.31
date	2005.10.03.22.04.08;	author thompsa;	state Exp;
branches;
next	1.342.2.32;

1.342.2.32
date	2005.10.15.13.37.04;	author kensmith;	state Exp;
branches;
next	1.342.2.33;

1.342.2.33
date	2005.12.19.14.53.30;	author glebius;	state Exp;
branches;
next	1.342.2.34;

1.342.2.34
date	2006.01.11.06.41.30;	author brooks;	state Exp;
branches;
next	1.342.2.35;

1.342.2.35
date	2006.02.28.19.15.36;	author emaste;	state Exp;
branches
	1.342.2.35.2.1;
next	1.342.2.36;

1.342.2.36
date	2006.05.26.13.14.46;	author kensmith;	state Exp;
branches;
next	1.342.2.37;

1.342.2.37
date	2007.04.14.16.26.59;	author gshapiro;	state Exp;
branches;
next	1.342.2.38;

1.342.2.38
date	2007.04.27.03.33.34;	author gshapiro;	state Exp;
branches;
next	;

1.342.2.13.2.1
date	2004.10.24.18.28.47;	author scottl;	state Exp;
branches;
next	1.342.2.13.2.2;

1.342.2.13.2.2
date	2004.11.04.18.52.55;	author scottl;	state Exp;
branches;
next	1.342.2.13.2.3;

1.342.2.13.2.3
date	2004.11.04.19.12.41;	author scottl;	state Exp;
branches;
next	1.342.2.13.2.4;

1.342.2.13.2.4
date	2004.11.18.12.03.04;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.5;

1.342.2.13.2.5
date	2004.12.01.21.34.22;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.6;

1.342.2.13.2.6
date	2005.01.05.03.34.59;	author kensmith;	state Exp;
branches;
next	1.342.2.13.2.7;

1.342.2.13.2.7
date	2005.01.06.17.54.46;	author nectar;	state Exp;
branches;
next	1.342.2.13.2.8;

1.342.2.13.2.8
date	2005.01.16.08.29.12;	author kensmith;	state Exp;
branches;
next	1.342.2.13.2.9;

1.342.2.13.2.9
date	2005.03.28.15.50.17;	author nectar;	state Exp;
branches;
next	1.342.2.13.2.10;

1.342.2.13.2.10
date	2005.04.04.23.53.23;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.11;

1.342.2.13.2.11
date	2005.04.06.01.06.44;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.12;

1.342.2.13.2.12
date	2005.04.15.01.52.24;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.13;

1.342.2.13.2.13
date	2005.04.22.18.07.09;	author simon;	state Exp;
branches;
next	1.342.2.13.2.14;

1.342.2.13.2.14
date	2005.05.06.02.34.00;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.15;

1.342.2.13.2.15
date	2005.05.06.02.40.32;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.16;

1.342.2.13.2.16
date	2005.05.06.02.50.34;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.17;

1.342.2.13.2.17
date	2005.05.08.10.23.51;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.18;

1.342.2.13.2.18
date	2005.05.13.00.02.46;	author nectar;	state Exp;
branches;
next	1.342.2.13.2.19;

1.342.2.13.2.19
date	2005.06.08.21.29.14;	author simon;	state Exp;
branches;
next	1.342.2.13.2.20;

1.342.2.13.2.20
date	2005.06.29.21.42.32;	author simon;	state Exp;
branches;
next	1.342.2.13.2.21;

1.342.2.13.2.21
date	2005.07.06.14.01.52;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.22;

1.342.2.13.2.22
date	2005.07.20.13.37.27;	author simon;	state Exp;
branches;
next	1.342.2.13.2.23;

1.342.2.13.2.23
date	2005.07.27.08.42.37;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.24;

1.342.2.13.2.24
date	2005.09.07.13.43.49;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.25;

1.342.2.13.2.25
date	2005.09.09.19.26.18;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.26;

1.342.2.13.2.26
date	2005.10.11.11.52.13;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.27;

1.342.2.13.2.27
date	2006.01.11.08.05.53;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.28;

1.342.2.13.2.28
date	2006.01.25.10.02.26;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.29;

1.342.2.13.2.29
date	2006.02.01.19.43.35;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.30;

1.342.2.13.2.30
date	2006.03.01.14.24.51;	author simon;	state Exp;
branches;
next	1.342.2.13.2.31;

1.342.2.13.2.31
date	2006.03.22.16.02.33;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.32;

1.342.2.13.2.32
date	2006.04.19.07.02.23;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.33;

1.342.2.13.2.33
date	2006.05.31.22.33.40;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.34;

1.342.2.13.2.34
date	2006.06.14.16.00.56;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.35;

1.342.2.13.2.35
date	2006.08.23.22.05.48;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.36;

1.342.2.13.2.36
date	2006.09.06.21.23.16;	author simon;	state Exp;
branches;
next	1.342.2.13.2.37;

1.342.2.13.2.37
date	2006.09.19.14.09.08;	author simon;	state Exp;
branches;
next	1.342.2.13.2.38;

1.342.2.13.2.38
date	2006.09.28.13.05.07;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.39;

1.342.2.13.2.39
date	2006.09.29.13.46.10;	author cperciva;	state Exp;
branches;
next	1.342.2.13.2.40;

1.342.2.13.2.40
date	2006.09.30.19.56.37;	author simon;	state Exp;
branches;
next	;

1.342.2.24.2.1
date	2005.04.04.23.52.34;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.2;

1.342.2.24.2.2
date	2005.04.06.01.06.14;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.3;

1.342.2.24.2.3
date	2005.04.15.01.52.03;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.4;

1.342.2.24.2.4
date	2005.04.22.18.03.17;	author simon;	state Exp;
branches;
next	1.342.2.24.2.5;

1.342.2.24.2.5
date	2005.05.06.02.34.18;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.6;

1.342.2.24.2.6
date	2005.05.06.02.40.48;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.7;

1.342.2.24.2.7
date	2005.05.06.02.51.09;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.8;

1.342.2.24.2.8
date	2005.05.06.03.43.10;	author kensmith;	state Exp;
branches;
next	1.342.2.24.2.9;

1.342.2.24.2.9
date	2005.05.07.03.58.25;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.10;

1.342.2.24.2.10
date	2005.05.13.00.03.01;	author nectar;	state Exp;
branches;
next	1.342.2.24.2.11;

1.342.2.24.2.11
date	2005.06.08.21.27.44;	author simon;	state Exp;
branches;
next	1.342.2.24.2.12;

1.342.2.24.2.12
date	2005.06.29.21.41.03;	author simon;	state Exp;
branches;
next	1.342.2.24.2.13;

1.342.2.24.2.13
date	2005.07.06.14.01.30;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.14;

1.342.2.24.2.14
date	2005.07.20.13.36.32;	author simon;	state Exp;
branches;
next	1.342.2.24.2.15;

1.342.2.24.2.15
date	2005.07.27.08.42.15;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.16;

1.342.2.24.2.16
date	2005.09.07.13.43.35;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.17;

1.342.2.24.2.17
date	2005.10.11.11.52.27;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.18;

1.342.2.24.2.18
date	2006.01.11.08.04.32;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.19;

1.342.2.24.2.19
date	2006.01.25.10.02.07;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.20;

1.342.2.24.2.20
date	2006.02.01.19.43.09;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.21;

1.342.2.24.2.21
date	2006.03.01.14.21.00;	author simon;	state Exp;
branches;
next	1.342.2.24.2.22;

1.342.2.24.2.22
date	2006.03.22.16.02.15;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.23;

1.342.2.24.2.23
date	2006.04.19.07.01.52;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.24;

1.342.2.24.2.24
date	2006.05.31.22.33.16;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.25;

1.342.2.24.2.25
date	2006.06.14.16.00.42;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.26;

1.342.2.24.2.26
date	2006.08.23.22.04.57;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.27;

1.342.2.24.2.27
date	2006.09.06.21.22.38;	author simon;	state Exp;
branches;
next	1.342.2.24.2.28;

1.342.2.24.2.28
date	2006.09.19.14.08.09;	author simon;	state Exp;
branches;
next	1.342.2.24.2.29;

1.342.2.24.2.29
date	2006.09.28.13.04.46;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.30;

1.342.2.24.2.30
date	2006.09.29.13.45.58;	author cperciva;	state Exp;
branches;
next	1.342.2.24.2.31;

1.342.2.24.2.31
date	2006.09.30.19.55.51;	author simon;	state Exp;
branches;
next	;

1.342.2.35.2.1
date	2006.05.31.22.32.48;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.2;

1.342.2.35.2.2
date	2006.06.14.16.00.21;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.3;

1.342.2.35.2.3
date	2006.08.23.22.04.28;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.4;

1.342.2.35.2.4
date	2006.09.06.21.21.49;	author simon;	state Exp;
branches;
next	1.342.2.35.2.5;

1.342.2.35.2.5
date	2006.09.19.14.07.13;	author simon;	state Exp;
branches;
next	1.342.2.35.2.6;

1.342.2.35.2.6
date	2006.09.28.13.04.14;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.7;

1.342.2.35.2.7
date	2006.09.29.13.45.43;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.8;

1.342.2.35.2.8
date	2006.09.30.19.54.57;	author simon;	state Exp;
branches;
next	1.342.2.35.2.9;

1.342.2.35.2.9
date	2006.12.06.09.16.40;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.10;

1.342.2.35.2.10
date	2007.01.11.18.19.32;	author simon;	state Exp;
branches;
next	1.342.2.35.2.11;

1.342.2.35.2.11
date	2007.02.09.20.22.43;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.12;

1.342.2.35.2.12
date	2007.04.26.23.41.26;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.13;

1.342.2.35.2.13
date	2007.05.23.16.12.35;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.14;

1.342.2.35.2.14
date	2007.07.12.15.01.55;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.15;

1.342.2.35.2.15
date	2007.08.01.20.48.18;	author simon;	state Exp;
branches;
next	1.342.2.35.2.16;

1.342.2.35.2.16
date	2007.10.03.21.42.32;	author simon;	state Exp;
branches;
next	1.342.2.35.2.17;

1.342.2.35.2.17
date	2007.11.29.16.09.25;	author simon;	state Exp;
branches;
next	1.342.2.35.2.18;

1.342.2.35.2.18
date	2008.01.14.22.57.19;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.19;

1.342.2.35.2.19
date	2008.01.15.23.35.45;	author cperciva;	state Exp;
branches;
next	1.342.2.35.2.20;

1.342.2.35.2.20
date	2008.02.14.11.50.28;	author simon;	state Exp;
branches;
next	1.342.2.35.2.21;

1.342.2.35.2.21
date	2008.04.17.00.00.53;	author cperciva;	state Exp;
branches;
next	;

1.282.2.1
date	2003.12.07.04.25.21;	author scottl;	state Exp;
branches;
next	1.282.2.2;

1.282.2.2
date	2003.12.11.19.56.40;	author jhb;	state Exp;
branches;
next	1.282.2.3;

1.282.2.3
date	2003.12.16.16.19.52;	author jhb;	state Exp;
branches;
next	1.282.2.4;

1.282.2.4
date	2004.01.29.22.54.31;	author nectar;	state Exp;
branches;
next	1.282.2.5;

1.282.2.5
date	2004.02.05.18.00.48;	author nectar;	state Exp;
branches;
next	1.282.2.6;

1.282.2.6
date	2004.02.10.14.11.32;	author nectar;	state Exp;
branches;
next	1.282.2.7;

1.282.2.7
date	2004.02.10.21.08.01;	author nectar;	state Exp;
branches;
next	1.282.2.8;

1.282.2.8
date	2004.02.23.05.11.00;	author scottl;	state Exp;
branches;
next	1.282.2.9;

1.282.2.9
date	2004.03.02.17.24.45;	author nectar;	state Exp;
branches;
next	1.282.2.10;

1.282.2.10
date	2004.03.16.13.47.33;	author nectar;	state Exp;
branches;
next	1.282.2.11;

1.282.2.11
date	2004.03.17.12.14.12;	author nectar;	state Exp;
branches;
next	1.282.2.12;

1.282.2.12
date	2004.03.29.14.01.31;	author nectar;	state Exp;
branches;
next	1.282.2.13;

1.282.2.13
date	2004.04.15.15.42.48;	author nectar;	state Exp;
branches;
next	1.282.2.14;

1.282.2.14
date	2004.05.05.19.55.44;	author nectar;	state Exp;
branches;
next	1.282.2.15;

1.282.2.15
date	2004.05.19.06.40.51;	author des;	state Exp;
branches;
next	1.282.2.16;

1.282.2.16
date	2004.05.26.06.44.34;	author des;	state Exp;
branches;
next	1.282.2.17;

1.282.2.17
date	2004.06.30.17.34.37;	author cperciva;	state Exp;
branches;
next	1.282.2.18;

1.282.2.18
date	2004.09.19.22.37.10;	author nectar;	state Exp;
branches;
next	1.282.2.19;

1.282.2.19
date	2004.10.04.17.04.24;	author nectar;	state Exp;
branches;
next	1.282.2.20;

1.282.2.20
date	2004.11.18.12.04.28;	author cperciva;	state Exp;
branches;
next	1.282.2.21;

1.282.2.21
date	2004.12.01.21.34.43;	author cperciva;	state Exp;
branches;
next	1.282.2.22;

1.282.2.22
date	2005.04.06.02.10.53;	author peter;	state Exp;
branches;
next	;

1.251.2.1
date	2003.06.04.05.35.03;	author scottl;	state Exp;
branches;
next	1.251.2.2;

1.251.2.2
date	2003.08.10.23.14.08;	author nectar;	state Exp;
branches;
next	1.251.2.3;

1.251.2.3
date	2003.08.10.23.28.15;	author nectar;	state Exp;
branches;
next	1.251.2.4;

1.251.2.4
date	2003.09.16.16.27.57;	author nectar;	state Exp;
branches;
next	1.251.2.5;

1.251.2.5
date	2003.09.17.14.46.58;	author nectar;	state Exp;
branches;
next	1.251.2.6;

1.251.2.6
date	2003.09.17.20.19.00;	author gshapiro;	state Exp;
branches;
next	1.251.2.7;

1.251.2.7
date	2003.09.23.20.08.42;	author bms;	state Exp;
branches;
next	1.251.2.8;

1.251.2.8
date	2003.09.23.22.12.40;	author nectar;	state Exp;
branches;
next	1.251.2.9;

1.251.2.9
date	2003.09.24.21.06.28;	author des;	state Exp;
branches;
next	1.251.2.10;

1.251.2.10
date	2003.09.25.13.33.01;	author nectar;	state Exp;
branches;
next	1.251.2.11;

1.251.2.11
date	2003.10.03.13.02.16;	author nectar;	state Exp;
branches;
next	1.251.2.12;

1.251.2.12
date	2003.10.03.18.13.19;	author nectar;	state Exp;
branches;
next	1.251.2.13;

1.251.2.13
date	2003.11.27.00.54.52;	author nectar;	state Exp;
branches;
next	1.251.2.14;

1.251.2.14
date	2004.01.27.21.42.15;	author des;	state Exp;
branches;
next	1.251.2.15;

1.251.2.15
date	2004.02.05.18.00.56;	author nectar;	state Exp;
branches;
next	1.251.2.16;

1.251.2.16
date	2004.02.25.20.03.35;	author nectar;	state Exp;
branches;
next	1.251.2.17;

1.251.2.17
date	2004.03.15.20.02.06;	author fjoe;	state Exp;
branches;
next	1.251.2.18;

1.251.2.18
date	2004.03.17.12.14.56;	author nectar;	state Exp;
branches;
next	1.251.2.19;

1.251.2.19
date	2004.05.19.06.40.51;	author des;	state Exp;
branches;
next	1.251.2.20;

1.251.2.20
date	2004.11.18.12.05.35;	author cperciva;	state Exp;
branches;
next	;

1.229.2.1
date	2002.12.19.07.20.58;	author mbr;	state Exp;
branches;
next	1.229.2.2;

1.229.2.2
date	2002.12.22.07.06.28;	author kan;	state Exp;
branches;
next	1.229.2.3;

1.229.2.3
date	2003.01.16.05.54.38;	author scottl;	state Exp;
branches;
next	1.229.2.4;

1.229.2.4
date	2003.01.31.12.48.07;	author nectar;	state Exp;
branches;
next	1.229.2.5;

1.229.2.5
date	2003.02.04.18.05.07;	author nectar;	state Exp;
branches;
next	1.229.2.6;

1.229.2.6
date	2003.02.04.20.20.31;	author nectar;	state Exp;
branches;
next	1.229.2.7;

1.229.2.7
date	2003.02.20.17.14.09;	author nectar;	state Exp;
branches;
next	1.229.2.8;

1.229.2.8
date	2003.02.23.20.18.47;	author nectar;	state Exp;
branches;
next	1.229.2.9;

1.229.2.9
date	2003.03.03.17.19.49;	author gshapiro;	state Exp;
branches;
next	1.229.2.10;

1.229.2.10
date	2003.03.20.13.04.45;	author jedgar;	state Exp;
branches;
next	1.229.2.11;

1.229.2.11
date	2003.03.21.16.13.06;	author jedgar;	state Exp;
branches;
next	1.229.2.12;

1.229.2.12
date	2003.03.29.20.13.35;	author gshapiro;	state Exp;
branches;
next	1.229.2.13;

1.229.2.13
date	2003.03.29.21.58.11;	author gshapiro;	state Exp;
branches;
next	1.229.2.14;

1.229.2.14
date	2003.08.03.23.46.24;	author nectar;	state Exp;
branches;
next	1.229.2.15;

1.229.2.15
date	2003.08.10.23.17.48;	author nectar;	state Exp;
branches;
next	1.229.2.16;

1.229.2.16
date	2003.08.10.23.29.09;	author nectar;	state Exp;
branches;
next	1.229.2.17;

1.229.2.17
date	2003.08.25.22.33.13;	author nectar;	state Exp;
branches;
next	1.229.2.18;

1.229.2.18
date	2003.09.16.17.34.32;	author nectar;	state Exp;
branches;
next	1.229.2.19;

1.229.2.19
date	2003.09.17.14.50.14;	author nectar;	state Exp;
branches;
next	1.229.2.20;

1.229.2.20
date	2003.09.17.20.19.21;	author gshapiro;	state Exp;
branches;
next	1.229.2.21;

1.229.2.21
date	2003.09.23.20.07.05;	author bms;	state Exp;
branches;
next	1.229.2.22;

1.229.2.22
date	2003.09.25.13.33.28;	author nectar;	state Exp;
branches;
next	1.229.2.23;

1.229.2.23
date	2003.10.03.13.02.48;	author nectar;	state Exp;
branches;
next	1.229.2.24;

1.229.2.24
date	2003.10.03.20.22.27;	author nectar;	state Exp;
branches;
next	1.229.2.25;

1.229.2.25
date	2003.11.27.16.54.00;	author nectar;	state Exp;
branches;
next	1.229.2.26;

1.229.2.26
date	2004.02.05.18.01.03;	author nectar;	state Exp;
branches;
next	1.229.2.27;

1.229.2.27
date	2004.05.19.06.40.51;	author des;	state Exp;
branches;
next	1.229.2.28;

1.229.2.28
date	2004.11.18.12.05.50;	author cperciva;	state Exp;
branches;
next	;

1.73.2.1
date	2000.03.22.01.24.11;	author imp;	state Exp;
branches;
next	1.73.2.2;

1.73.2.2
date	2000.03.23.05.58.28;	author imp;	state Exp;
branches;
next	1.73.2.3;

1.73.2.3
date	2000.04.04.17.05.18;	author imp;	state Exp;
branches;
next	1.73.2.4;

1.73.2.4
date	2000.05.16.07.47.22;	author imp;	state Exp;
branches;
next	1.73.2.5;

1.73.2.5
date	2000.05.27.21.24.09;	author imp;	state Exp;
branches;
next	1.73.2.6;

1.73.2.6
date	2000.06.25.08.27.08;	author imp;	state Exp;
branches;
next	1.73.2.7;

1.73.2.7
date	2000.07.11.05.59.02;	author imp;	state Exp;
branches;
next	1.73.2.8;

1.73.2.8
date	2000.07.16.06.04.43;	author imp;	state Exp;
branches;
next	1.73.2.9;

1.73.2.9
date	2000.07.17.22.26.16;	author imp;	state Exp;
branches;
next	1.73.2.10;

1.73.2.10
date	2000.07.23.03.05.37;	author imp;	state Exp;
branches;
next	1.73.2.11;

1.73.2.11
date	2000.08.06.21.11.00;	author imp;	state Exp;
branches;
next	1.73.2.12;

1.73.2.12
date	2000.08.10.03.31.28;	author imp;	state Exp;
branches;
next	1.73.2.13;

1.73.2.13
date	2000.08.10.05.17.27;	author imp;	state Exp;
branches;
next	1.73.2.14;

1.73.2.14
date	2000.08.24.18.46.51;	author imp;	state Exp;
branches;
next	1.73.2.15;

1.73.2.15
date	2000.08.26.05.05.18;	author imp;	state Exp;
branches;
next	1.73.2.16;

1.73.2.16
date	2000.08.28.00.11.35;	author imp;	state Exp;
branches;
next	1.73.2.17;

1.73.2.17
date	2000.09.08.04.43.05;	author imp;	state Exp;
branches;
next	1.73.2.18;

1.73.2.18
date	2000.09.13.18.50.54;	author imp;	state Exp;
branches;
next	1.73.2.19;

1.73.2.19
date	2000.10.09.04.06.57;	author imp;	state Exp;
branches;
next	1.73.2.20;

1.73.2.20
date	2000.10.09.04.10.35;	author imp;	state Exp;
branches;
next	1.73.2.21;

1.73.2.21
date	2000.10.09.04.31.07;	author imp;	state Exp;
branches;
next	1.73.2.22;

1.73.2.22
date	2000.11.05.04.55.19;	author imp;	state Exp;
branches;
next	1.73.2.23;

1.73.2.23
date	2000.11.16.19.49.09;	author imp;	state Exp;
branches;
next	1.73.2.24;

1.73.2.24
date	2000.11.16.20.18.45;	author marko;	state Exp;
branches;
next	1.73.2.25;

1.73.2.25
date	2001.01.17.18.00.17;	author imp;	state Exp;
branches;
next	1.73.2.26;

1.73.2.26
date	2001.02.28.05.49.40;	author imp;	state Exp;
branches;
next	1.73.2.27;

1.73.2.27
date	2001.03.02.00.37.32;	author imp;	state Exp;
branches;
next	1.73.2.28;

1.73.2.28
date	2001.03.25.20.35.17;	author imp;	state Exp;
branches
	1.73.2.28.2.1;
next	1.73.2.29;

1.73.2.29
date	2001.05.14.05.18.12;	author imp;	state Exp;
branches;
next	1.73.2.30;

1.73.2.30
date	2001.05.14.05.29.34;	author imp;	state Exp;
branches;
next	1.73.2.31;

1.73.2.31
date	2001.05.14.05.38.19;	author imp;	state Exp;
branches;
next	1.73.2.32;

1.73.2.32
date	2001.05.19.06.30.15;	author imp;	state Exp;
branches;
next	1.73.2.33;

1.73.2.33
date	2001.06.04.16.20.22;	author imp;	state Exp;
branches;
next	1.73.2.34;

1.73.2.34
date	2001.06.22.04.47.40;	author imp;	state Exp;
branches;
next	1.73.2.35;

1.73.2.35
date	2001.06.29.22.23.59;	author imp;	state Exp;
branches;
next	1.73.2.36;

1.73.2.36
date	2001.07.24.19.23.07;	author brooks;	state Exp;
branches;
next	1.73.2.37;

1.73.2.37
date	2001.07.25.22.54.25;	author imp;	state Exp;
branches;
next	1.73.2.38;

1.73.2.38
date	2001.08.11.02.07.17;	author imp;	state Exp;
branches;
next	1.73.2.39;

1.73.2.39
date	2001.08.11.03.08.18;	author imp;	state Exp;
branches;
next	1.73.2.40;

1.73.2.40
date	2001.08.15.03.56.21;	author imp;	state Exp;
branches;
next	1.73.2.41;

1.73.2.41
date	2001.08.15.07.17.56;	author imp;	state Exp;
branches;
next	1.73.2.42;

1.73.2.42
date	2001.08.23.15.39.27;	author imp;	state Exp;
branches;
next	1.73.2.43;

1.73.2.43
date	2001.08.23.16.27.41;	author imp;	state Exp;
branches
	1.73.2.43.2.1;
next	1.73.2.44;

1.73.2.44
date	2001.11.03.03.23.39;	author imp;	state Exp;
branches;
next	1.73.2.45;

1.73.2.45
date	2001.11.03.03.39.05;	author imp;	state Exp;
branches;
next	1.73.2.46;

1.73.2.46
date	2001.11.19.03.48.43;	author imp;	state Exp;
branches;
next	1.73.2.47;

1.73.2.47
date	2001.11.20.06.02.22;	author imp;	state Exp;
branches;
next	1.73.2.48;

1.73.2.48
date	2001.12.03.13.14.15;	author nectar;	state Exp;
branches;
next	1.73.2.49;

1.73.2.49
date	2002.01.05.17.26.52;	author imp;	state Exp;
branches;
next	1.73.2.50;

1.73.2.50
date	2002.01.06.20.18.43;	author imp;	state Exp;
branches
	1.73.2.50.2.1;
next	1.73.2.51;

1.73.2.51
date	2002.01.27.06.32.11;	author imp;	state Exp;
branches;
next	1.73.2.52;

1.73.2.52
date	2002.01.27.06.53.43;	author imp;	state Exp;
branches;
next	1.73.2.53;

1.73.2.53
date	2002.01.29.05.19.18;	author imp;	state Exp;
branches;
next	1.73.2.54;

1.73.2.54
date	2002.03.25.21.59.21;	author imp;	state Exp;
branches;
next	1.73.2.55;

1.73.2.55
date	2002.04.05.07.45.56;	author gshapiro;	state Exp;
branches;
next	1.73.2.56;

1.73.2.56
date	2002.04.09.18.16.37;	author silby;	state Exp;
branches;
next	1.73.2.57;

1.73.2.57
date	2002.04.11.03.09.51;	author silby;	state Exp;
branches;
next	1.73.2.58;

1.73.2.58
date	2002.04.13.16.38.03;	author gshapiro;	state Exp;
branches;
next	1.73.2.59;

1.73.2.59
date	2002.04.21.03.28.41;	author dougb;	state Exp;
branches;
next	1.73.2.60;

1.73.2.60
date	2002.04.21.04.26.43;	author dougb;	state Exp;
branches;
next	1.73.2.61;

1.73.2.61
date	2002.04.21.17.50.07;	author imp;	state Exp;
branches;
next	1.73.2.62;

1.73.2.62
date	2002.04.21.22.33.06;	author dougb;	state Exp;
branches;
next	1.73.2.63;

1.73.2.63
date	2002.04.25.14.41.56;	author nectar;	state Exp;
branches;
next	1.73.2.64;

1.73.2.64
date	2002.05.01.02.35.03;	author gshapiro;	state Exp;
branches;
next	1.73.2.65;

1.73.2.65
date	2002.05.02.02.38.18;	author silby;	state Exp;
branches;
next	1.73.2.66;

1.73.2.66
date	2002.05.06.19.36.05;	author silby;	state Exp;
branches;
next	1.73.2.67;

1.73.2.67
date	2002.05.15.12.51.23;	author nectar;	state Exp;
branches;
next	1.73.2.68;

1.73.2.68
date	2002.05.16.17.21.01;	author bmah;	state Exp;
branches
	1.73.2.68.2.1;
next	1.73.2.69;

1.73.2.69
date	2002.06.08.05.34.48;	author bmah;	state Exp;
branches;
next	1.73.2.70;

1.73.2.70
date	2002.06.16.00.26.45;	author bmah;	state Exp;
branches;
next	1.73.2.71;

1.73.2.71
date	2002.07.03.11.26.31;	author des;	state Exp;
branches;
next	1.73.2.72;

1.73.2.72
date	2002.07.05.12.48.52;	author des;	state Exp;
branches;
next	1.73.2.73;

1.73.2.73
date	2002.08.05.07.47.06;	author dougb;	state Exp;
branches;
next	1.73.2.74;

1.73.2.74
date	2002.08.07.16.29.44;	author ru;	state Exp;
branches
	1.73.2.74.2.1;
next	1.73.2.75;

1.73.2.75
date	2002.10.10.16.20.52;	author bmah;	state Exp;
branches;
next	1.73.2.76;

1.73.2.76
date	2002.11.20.16.56.45;	author bmah;	state Exp;
branches;
next	1.73.2.77;

1.73.2.77
date	2003.01.15.14.23.52;	author hrs;	state Exp;
branches;
next	1.73.2.78;

1.73.2.78
date	2003.01.29.06.38.07;	author fenner;	state Exp;
branches;
next	1.73.2.79;

1.73.2.79
date	2003.02.13.18.03.13;	author gshapiro;	state Exp;
branches;
next	1.73.2.80;

1.73.2.80
date	2003.02.14.22.37.36;	author nectar;	state Exp;
branches
	1.73.2.80.2.1;
next	1.73.2.81;

1.73.2.81
date	2003.04.04.06.25.18;	author murray;	state Exp;
branches;
next	1.73.2.82;

1.73.2.82
date	2003.08.07.04.34.46;	author njl;	state Exp;
branches;
next	1.73.2.83;

1.73.2.83
date	2003.08.25.21.52.08;	author silby;	state Exp;
branches;
next	1.73.2.84;

1.73.2.84
date	2003.08.26.05.47.54;	author silby;	state Exp;
branches;
next	1.73.2.85;

1.73.2.85
date	2003.08.29.04.38.28;	author silby;	state Exp;
branches;
next	1.73.2.86;

1.73.2.86
date	2003.09.04.05.06.58;	author silby;	state Exp;
branches;
next	1.73.2.87;

1.73.2.87
date	2003.09.07.18.47.14;	author dougb;	state Exp;
branches;
next	1.73.2.88;

1.73.2.88
date	2003.09.23.16.42.59;	author bms;	state Exp;
branches;
next	1.73.2.89;

1.73.2.89
date	2003.10.22.20.36.27;	author jhb;	state Exp;
branches
	1.73.2.89.2.1;
next	1.73.2.90;

1.73.2.90
date	2003.10.31.16.40.39;	author simon;	state Exp;
branches
	1.73.2.90.2.1;
next	1.73.2.91;

1.73.2.91
date	2004.05.27.06.19.32;	author kensmith;	state Exp;
branches
	1.73.2.91.2.1;
next	1.73.2.92;

1.73.2.92
date	2005.01.27.16.43.26;	author kensmith;	state Exp;
branches;
next	1.73.2.93;

1.73.2.93
date	2005.02.07.09.19.16;	author ru;	state Exp;
branches;
next	1.73.2.94;

1.73.2.94
date	2005.06.11.00.17.00;	author cperciva;	state Exp;
branches;
next	1.73.2.95;

1.73.2.95
date	2007.04.14.16.27.16;	author gshapiro;	state Exp;
branches;
next	1.73.2.96;

1.73.2.96
date	2007.04.27.03.33.50;	author gshapiro;	state Exp;
branches;
next	1.73.2.97;

1.73.2.97
date	2012.11.17.07.21.59;	author svnexp;	state Exp;
branches;
next	1.73.2.98;

1.73.2.98
date	2013.03.23.08.29.50;	author svnexp;	state Exp;
branches;
next	;

1.73.2.28.2.1
date	2001.07.29.06.13.45;	author imp;	state Exp;
branches;
next	1.73.2.28.2.2;

1.73.2.28.2.2
date	2001.07.31.07.26.11;	author imp;	state Exp;
branches;
next	1.73.2.28.2.3;

1.73.2.28.2.3
date	2001.08.15.05.09.52;	author imp;	state Exp;
branches;
next	1.73.2.28.2.4;

1.73.2.28.2.4
date	2001.08.17.16.39.15;	author imp;	state Exp;
branches;
next	1.73.2.28.2.5;

1.73.2.28.2.5
date	2001.08.18.04.54.03;	author imp;	state Exp;
branches;
next	1.73.2.28.2.6;

1.73.2.28.2.6
date	2001.08.22.06.45.19;	author imp;	state Exp;
branches;
next	1.73.2.28.2.7;

1.73.2.28.2.7
date	2001.08.22.08.18.45;	author imp;	state Exp;
branches;
next	1.73.2.28.2.8;

1.73.2.28.2.8
date	2001.08.22.15.50.04;	author imp;	state Exp;
branches;
next	1.73.2.28.2.9;

1.73.2.28.2.9
date	2001.08.23.15.39.57;	author imp;	state Exp;
branches;
next	1.73.2.28.2.10;

1.73.2.28.2.10
date	2001.08.30.05.01.23;	author imp;	state Exp;
branches;
next	1.73.2.28.2.11;

1.73.2.28.2.11
date	2001.08.30.22.31.40;	author imp;	state Exp;
branches;
next	1.73.2.28.2.12;

1.73.2.28.2.12
date	2001.09.04.14.43.57;	author imp;	state Exp;
branches;
next	1.73.2.28.2.13;

1.73.2.28.2.13
date	2001.09.05.17.34.31;	author imp;	state Exp;
branches;
next	1.73.2.28.2.14;

1.73.2.28.2.14
date	2001.09.11.03.01.09;	author imp;	state Exp;
branches;
next	1.73.2.28.2.15;

1.73.2.28.2.15
date	2001.09.11.16.40.35;	author imp;	state Exp;
branches;
next	1.73.2.28.2.16;

1.73.2.28.2.16
date	2001.09.21.03.09.32;	author imp;	state Exp;
branches;
next	1.73.2.28.2.17;

1.73.2.28.2.17
date	2001.12.03.13.15.46;	author nectar;	state Exp;
branches;
next	1.73.2.28.2.18;

1.73.2.28.2.18
date	2001.12.21.19.47.49;	author nectar;	state Exp;
branches;
next	1.73.2.28.2.19;

1.73.2.28.2.19
date	2002.01.27.07.10.21;	author imp;	state Exp;
branches;
next	1.73.2.28.2.20;

1.73.2.28.2.20
date	2002.01.27.07.16.58;	author imp;	state Exp;
branches;
next	1.73.2.28.2.21;

1.73.2.28.2.21
date	2002.01.27.07.33.25;	author imp;	state Exp;
branches;
next	1.73.2.28.2.22;

1.73.2.28.2.22
date	2002.01.28.02.28.21;	author imp;	state Exp;
branches;
next	1.73.2.28.2.23;

1.73.2.28.2.23
date	2002.02.23.18.35.18;	author jedgar;	state Exp;
branches;
next	1.73.2.28.2.24;

1.73.2.28.2.24
date	2002.03.08.13.52.58;	author nectar;	state Exp;
branches;
next	1.73.2.28.2.25;

1.73.2.28.2.25
date	2002.04.30.08.55.19;	author asmodai;	state Exp;
branches;
next	1.73.2.28.2.26;

1.73.2.28.2.26
date	2002.05.02.20.37.12;	author bmah;	state Exp;
branches;
next	1.73.2.28.2.27;

1.73.2.28.2.27
date	2002.10.26.21.07.00;	author gshapiro;	state Exp;
branches;
next	1.73.2.28.2.28;

1.73.2.28.2.28
date	2002.10.26.21.08.42;	author gshapiro;	state Exp;
branches;
next	1.73.2.28.2.29;

1.73.2.28.2.29
date	2003.03.03.17.22.26;	author gshapiro;	state Exp;
branches;
next	1.73.2.28.2.30;

1.73.2.28.2.30
date	2003.03.29.20.10.34;	author gshapiro;	state Exp;
branches;
next	1.73.2.28.2.31;

1.73.2.28.2.31
date	2003.03.29.21.57.36;	author gshapiro;	state Exp;
branches;
next	1.73.2.28.2.32;

1.73.2.28.2.32
date	2003.08.03.23.46.02;	author nectar;	state Exp;
branches;
next	1.73.2.28.2.33;

1.73.2.28.2.33
date	2003.08.10.23.23.56;	author nectar;	state Exp;
branches;
next	1.73.2.28.2.34;

1.73.2.28.2.34
date	2003.08.10.23.33.49;	author nectar;	state Exp;
branches;
next	1.73.2.28.2.35;

1.73.2.28.2.35
date	2003.09.16.17.46.37;	author nectar;	state Exp;
branches;
next	1.73.2.28.2.36;

1.73.2.28.2.36
date	2003.09.17.14.58.56;	author nectar;	state Exp;
branches;
next	1.73.2.28.2.37;

1.73.2.28.2.37
date	2003.09.17.20.21.40;	author gshapiro;	state Exp;
branches;
next	1.73.2.28.2.38;

1.73.2.28.2.38
date	2003.09.23.16.54.39;	author bms;	state Exp;
branches;
next	1.73.2.28.2.39;

1.73.2.28.2.39
date	2003.09.25.13.35.48;	author nectar;	state Exp;
branches;
next	1.73.2.28.2.40;

1.73.2.28.2.40
date	2003.10.02.16.05.44;	author nectar;	state Exp;
branches;
next	1.73.2.28.2.41;

1.73.2.28.2.41
date	2003.10.03.13.07.36;	author nectar;	state Exp;
branches;
next	;

1.73.2.43.2.1
date	2001.09.14.17.46.19;	author imp;	state Exp;
branches;
next	1.73.2.43.2.2;

1.73.2.43.2.2
date	2001.12.03.13.15.20;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.3;

1.73.2.43.2.3
date	2001.12.21.19.47.39;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.4;

1.73.2.43.2.4
date	2002.01.27.07.17.59;	author imp;	state Exp;
branches;
next	1.73.2.43.2.5;

1.73.2.43.2.5
date	2002.01.28.02.30.13;	author imp;	state Exp;
branches;
next	1.73.2.43.2.6;

1.73.2.43.2.6
date	2002.02.23.18.34.20;	author jedgar;	state Exp;
branches;
next	1.73.2.43.2.7;

1.73.2.43.2.7
date	2002.03.07.14.40.07;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.8;

1.73.2.43.2.8
date	2002.04.16.20.59.37;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.9;

1.73.2.43.2.9
date	2002.04.25.14.42.26;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.10;

1.73.2.43.2.10
date	2002.04.30.08.55.22;	author asmodai;	state Exp;
branches;
next	1.73.2.43.2.11;

1.73.2.43.2.11
date	2002.05.02.20.36.26;	author bmah;	state Exp;
branches;
next	1.73.2.43.2.12;

1.73.2.43.2.12
date	2002.05.15.13.03.57;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.13;

1.73.2.43.2.13
date	2002.05.15.16.07.38;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.14;

1.73.2.43.2.14
date	2002.05.29.19.00.04;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.15;

1.73.2.43.2.15
date	2002.06.26.21.57.43;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.16;

1.73.2.43.2.16
date	2002.07.11.16.56.04;	author des;	state Exp;
branches;
next	1.73.2.43.2.17;

1.73.2.43.2.17
date	2002.07.12.13.31.43;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.18;

1.73.2.43.2.18
date	2002.07.18.09.16.21;	author dougb;	state Exp;
branches;
next	1.73.2.43.2.19;

1.73.2.43.2.19
date	2002.07.18.22.31.10;	author bmah;	state Exp;
branches;
next	1.73.2.43.2.20;

1.73.2.43.2.20
date	2002.07.30.15.43.14;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.21;

1.73.2.43.2.21
date	2002.07.30.19.17.23;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.22;

1.73.2.43.2.22
date	2002.07.31.13.17.38;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.23;

1.73.2.43.2.23
date	2002.07.31.13.19.01;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.24;

1.73.2.43.2.24
date	2002.07.31.13.21.13;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.25;

1.73.2.43.2.25
date	2002.07.31.16.40.29;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.26;

1.73.2.43.2.26
date	2002.07.31.17.55.22;	author jedgar;	state Exp;
branches;
next	1.73.2.43.2.27;

1.73.2.43.2.27
date	2002.08.01.12.24.20;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.28;

1.73.2.43.2.28
date	2002.08.01.22.06.02;	author des;	state Exp;
branches;
next	1.73.2.43.2.29;

1.73.2.43.2.29
date	2002.08.04.23.49.16;	author bmah;	state Exp;
branches;
next	1.73.2.43.2.30;

1.73.2.43.2.30
date	2002.08.05.15.13.41;	author des;	state Exp;
branches;
next	1.73.2.43.2.31;

1.73.2.43.2.31
date	2002.08.05.16.28.53;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.32;

1.73.2.43.2.32
date	2002.08.06.17.50.45;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.33;

1.73.2.43.2.33
date	2002.08.13.12.13.47;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.34;

1.73.2.43.2.34
date	2002.09.05.15.40.31;	author bmah;	state Exp;
branches;
next	1.73.2.43.2.35;

1.73.2.43.2.35
date	2002.09.13.15.09.04;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.36;

1.73.2.43.2.36
date	2002.10.23.14.11.45;	author jedgar;	state Exp;
branches;
next	1.73.2.43.2.37;

1.73.2.43.2.37
date	2002.10.26.21.10.22;	author gshapiro;	state Exp;
branches;
next	1.73.2.43.2.38;

1.73.2.43.2.38
date	2002.11.14.05.11.55;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.39;

1.73.2.43.2.39
date	2003.01.07.15.17.40;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.40;

1.73.2.43.2.40
date	2003.03.03.17.22.16;	author gshapiro;	state Exp;
branches;
next	1.73.2.43.2.41;

1.73.2.43.2.41
date	2003.03.05.03.33.29;	author julian;	state Exp;
branches;
next	1.73.2.43.2.42;

1.73.2.43.2.42
date	2003.03.29.20.11.18;	author gshapiro;	state Exp;
branches;
next	1.73.2.43.2.43;

1.73.2.43.2.43
date	2003.03.29.21.57.45;	author gshapiro;	state Exp;
branches;
next	1.73.2.43.2.44;

1.73.2.43.2.44
date	2003.04.04.19.09.45;	author julian;	state Exp;
branches;
next	1.73.2.43.2.45;

1.73.2.43.2.45
date	2003.08.03.23.45.41;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.46;

1.73.2.43.2.46
date	2003.08.10.23.23.05;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.47;

1.73.2.43.2.47
date	2003.08.10.23.33.18;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.48;

1.73.2.43.2.48
date	2003.09.16.17.46.02;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.49;

1.73.2.43.2.49
date	2003.09.17.14.57.32;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.50;

1.73.2.43.2.50
date	2003.09.17.20.21.14;	author gshapiro;	state Exp;
branches;
next	1.73.2.43.2.51;

1.73.2.43.2.51
date	2003.09.23.16.52.45;	author bms;	state Exp;
branches;
next	1.73.2.43.2.52;

1.73.2.43.2.52
date	2003.09.25.13.35.33;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.53;

1.73.2.43.2.53
date	2003.10.02.15.58.52;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.54;

1.73.2.43.2.54
date	2003.10.03.13.06.31;	author nectar;	state Exp;
branches;
next	1.73.2.43.2.55;

1.73.2.43.2.55
date	2003.11.27.16.40.02;	author nectar;	state Exp;
branches;
next	;

1.73.2.50.2.1
date	2002.01.27.06.34.33;	author imp;	state Exp;
branches;
next	1.73.2.50.2.2;

1.73.2.50.2.2
date	2002.01.27.06.54.27;	author imp;	state Exp;
branches;
next	1.73.2.50.2.3;

1.73.2.50.2.3
date	2002.01.27.07.20.00;	author imp;	state Exp;
branches;
next	1.73.2.50.2.4;

1.73.2.50.2.4
date	2002.01.28.10.30.58;	author murray;	state Exp;
branches;
next	1.73.2.50.2.5;

1.73.2.50.2.5
date	2002.02.23.18.30.37;	author jedgar;	state Exp;
branches;
next	1.73.2.50.2.6;

1.73.2.50.2.6
date	2002.03.07.14.40.56;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.7;

1.73.2.50.2.7
date	2002.04.16.21.00.14;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.8;

1.73.2.50.2.8
date	2002.04.25.14.42.11;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.9;

1.73.2.50.2.9
date	2002.04.30.08.55.29;	author asmodai;	state Exp;
branches;
next	1.73.2.50.2.10;

1.73.2.50.2.10
date	2002.05.02.16.40.23;	author bmah;	state Exp;
branches;
next	1.73.2.50.2.11;

1.73.2.50.2.11
date	2002.05.02.20.34.44;	author bmah;	state Exp;
branches;
next	1.73.2.50.2.12;

1.73.2.50.2.12
date	2002.05.15.12.56.14;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.13;

1.73.2.50.2.13
date	2002.05.15.16.08.03;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.14;

1.73.2.50.2.14
date	2002.05.29.18.59.28;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.15;

1.73.2.50.2.15
date	2002.06.26.18.53.20;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.16;

1.73.2.50.2.16
date	2002.07.11.16.47.55;	author des;	state Exp;
branches;
next	1.73.2.50.2.17;

1.73.2.50.2.17
date	2002.07.11.16.57.35;	author des;	state Exp;
branches;
next	1.73.2.50.2.18;

1.73.2.50.2.18
date	2002.07.12.13.31.10;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.19;

1.73.2.50.2.19
date	2002.07.18.09.15.26;	author dougb;	state Exp;
branches;
next	1.73.2.50.2.20;

1.73.2.50.2.20
date	2002.07.18.22.30.09;	author bmah;	state Exp;
branches;
next	1.73.2.50.2.21;

1.73.2.50.2.21
date	2002.07.30.15.42.43;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.22;

1.73.2.50.2.22
date	2002.07.30.19.16.41;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.23;

1.73.2.50.2.23
date	2002.07.31.13.05.53;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.24;

1.73.2.50.2.24
date	2002.07.31.13.14.56;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.25;

1.73.2.50.2.25
date	2002.07.31.13.20.53;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.26;

1.73.2.50.2.26
date	2002.07.31.14.04.44;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.27;

1.73.2.50.2.27
date	2002.07.31.17.55.10;	author jedgar;	state Exp;
branches;
next	1.73.2.50.2.28;

1.73.2.50.2.28
date	2002.08.01.12.23.57;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.29;

1.73.2.50.2.29
date	2002.08.01.22.06.04;	author des;	state Exp;
branches;
next	1.73.2.50.2.30;

1.73.2.50.2.30
date	2002.08.04.23.49.40;	author bmah;	state Exp;
branches;
next	1.73.2.50.2.31;

1.73.2.50.2.31
date	2002.08.05.15.13.45;	author des;	state Exp;
branches;
next	1.73.2.50.2.32;

1.73.2.50.2.32
date	2002.08.05.16.28.37;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.33;

1.73.2.50.2.33
date	2002.08.06.17.50.36;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.34;

1.73.2.50.2.34
date	2002.08.13.12.13.02;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.35;

1.73.2.50.2.35
date	2002.09.05.15.39.45;	author bmah;	state Exp;
branches;
next	1.73.2.50.2.36;

1.73.2.50.2.36
date	2002.09.13.15.07.23;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.37;

1.73.2.50.2.37
date	2002.10.23.14.11.25;	author jedgar;	state Exp;
branches;
next	1.73.2.50.2.38;

1.73.2.50.2.38
date	2002.10.26.21.10.59;	author gshapiro;	state Exp;
branches;
next	1.73.2.50.2.39;

1.73.2.50.2.39
date	2002.11.14.04.05.11;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.40;

1.73.2.50.2.40
date	2003.01.07.15.17.16;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.41;

1.73.2.50.2.41
date	2003.03.03.17.22.07;	author gshapiro;	state Exp;
branches;
next	1.73.2.50.2.42;

1.73.2.50.2.42
date	2003.03.29.20.11.52;	author gshapiro;	state Exp;
branches;
next	1.73.2.50.2.43;

1.73.2.50.2.43
date	2003.03.29.21.57.52;	author gshapiro;	state Exp;
branches;
next	1.73.2.50.2.44;

1.73.2.50.2.44
date	2003.08.03.23.44.56;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.45;

1.73.2.50.2.45
date	2003.08.10.23.22.19;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.46;

1.73.2.50.2.46
date	2003.08.10.23.32.44;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.47;

1.73.2.50.2.47
date	2003.09.16.17.45.23;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.48;

1.73.2.50.2.48
date	2003.09.17.14.52.42;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.49;

1.73.2.50.2.49
date	2003.09.17.20.20.54;	author gshapiro;	state Exp;
branches;
next	1.73.2.50.2.50;

1.73.2.50.2.50
date	2003.09.23.16.51.24;	author bms;	state Exp;
branches;
next	1.73.2.50.2.51;

1.73.2.50.2.51
date	2003.09.25.13.35.18;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.52;

1.73.2.50.2.52
date	2003.10.02.15.57.48;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.53;

1.73.2.50.2.53
date	2003.10.03.13.05.43;	author nectar;	state Exp;
branches;
next	1.73.2.50.2.54;

1.73.2.50.2.54
date	2003.11.27.16.38.35;	author nectar;	state Exp;
branches;
next	;

1.73.2.68.2.1
date	2002.06.08.05.37.00;	author bmah;	state Exp;
branches;
next	1.73.2.68.2.2;

1.73.2.68.2.2
date	2002.06.16.00.26.30;	author bmah;	state Exp;
branches;
next	1.73.2.68.2.3;

1.73.2.68.2.3
date	2002.06.26.08.36.01;	author imp;	state Exp;
branches;
next	1.73.2.68.2.4;

1.73.2.68.2.4
date	2002.07.10.17.04.08;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.5;

1.73.2.68.2.5
date	2002.07.11.16.47.41;	author des;	state Exp;
branches;
next	1.73.2.68.2.6;

1.73.2.68.2.6
date	2002.07.12.13.29.47;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.7;

1.73.2.68.2.7
date	2002.07.18.09.14.16;	author dougb;	state Exp;
branches;
next	1.73.2.68.2.8;

1.73.2.68.2.8
date	2002.07.18.15.57.22;	author bmah;	state Exp;
branches;
next	1.73.2.68.2.9;

1.73.2.68.2.9
date	2002.07.30.15.42.07;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.10;

1.73.2.68.2.10
date	2002.07.30.19.15.34;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.11;

1.73.2.68.2.11
date	2002.07.31.02.54.36;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.12;

1.73.2.68.2.12
date	2002.07.31.13.04.14;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.13;

1.73.2.68.2.13
date	2002.07.31.13.04.54;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.14;

1.73.2.68.2.14
date	2002.07.31.13.20.33;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.15;

1.73.2.68.2.15
date	2002.07.31.17.54.57;	author jedgar;	state Exp;
branches;
next	1.73.2.68.2.16;

1.73.2.68.2.16
date	2002.08.01.12.23.39;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.17;

1.73.2.68.2.17
date	2002.08.01.22.06.04;	author des;	state Exp;
branches;
next	1.73.2.68.2.18;

1.73.2.68.2.18
date	2002.08.04.11.40.08;	author murray;	state Exp;
branches;
next	1.73.2.68.2.19;

1.73.2.68.2.19
date	2002.08.04.13.38.40;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.20;

1.73.2.68.2.20
date	2002.08.04.23.50.01;	author bmah;	state Exp;
branches;
next	1.73.2.68.2.21;

1.73.2.68.2.21
date	2002.08.05.15.13.49;	author des;	state Exp;
branches;
next	1.73.2.68.2.22;

1.73.2.68.2.22
date	2002.08.05.16.28.15;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.23;

1.73.2.68.2.23
date	2002.08.06.17.50.27;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.24;

1.73.2.68.2.24
date	2002.08.13.12.12.32;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.25;

1.73.2.68.2.25
date	2002.08.15.05.49.51;	author murray;	state Exp;
branches;
next	1.73.2.68.2.26;

1.73.2.68.2.26
date	2002.09.05.15.38.38;	author bmah;	state Exp;
branches;
next	1.73.2.68.2.27;

1.73.2.68.2.27
date	2002.09.09.20.07.20;	author bmah;	state Exp;
branches;
next	1.73.2.68.2.28;

1.73.2.68.2.28
date	2002.09.13.15.04.16;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.29;

1.73.2.68.2.29
date	2002.10.23.14.11.01;	author jedgar;	state Exp;
branches;
next	1.73.2.68.2.30;

1.73.2.68.2.30
date	2002.10.26.21.11.30;	author gshapiro;	state Exp;
branches;
next	1.73.2.68.2.31;

1.73.2.68.2.31
date	2002.11.14.03.18.40;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.32;

1.73.2.68.2.32
date	2003.01.06.12.38.21;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.33;

1.73.2.68.2.33
date	2003.01.31.12.47.04;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.34;

1.73.2.68.2.34
date	2003.02.04.18.08.26;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.35;

1.73.2.68.2.35
date	2003.02.21.16.32.47;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.36;

1.73.2.68.2.36
date	2003.02.23.20.19.42;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.37;

1.73.2.68.2.37
date	2003.03.03.17.21.57;	author gshapiro;	state Exp;
branches;
next	1.73.2.68.2.38;

1.73.2.68.2.38
date	2003.03.20.13.05.04;	author jedgar;	state Exp;
branches;
next	1.73.2.68.2.39;

1.73.2.68.2.39
date	2003.03.21.16.12.03;	author jedgar;	state Exp;
branches;
next	1.73.2.68.2.40;

1.73.2.68.2.40
date	2003.03.29.20.12.32;	author gshapiro;	state Exp;
branches;
next	1.73.2.68.2.41;

1.73.2.68.2.41
date	2003.03.29.21.57.58;	author gshapiro;	state Exp;
branches;
next	1.73.2.68.2.42;

1.73.2.68.2.42
date	2003.08.03.23.44.36;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.43;

1.73.2.68.2.43
date	2003.08.10.23.21.18;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.44;

1.73.2.68.2.44
date	2003.08.10.23.32.21;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.45;

1.73.2.68.2.45
date	2003.08.25.22.38.52;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.46;

1.73.2.68.2.46
date	2003.09.16.17.44.15;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.47;

1.73.2.68.2.47
date	2003.09.17.14.52.08;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.48;

1.73.2.68.2.48
date	2003.09.17.20.20.30;	author gshapiro;	state Exp;
branches;
next	1.73.2.68.2.49;

1.73.2.68.2.49
date	2003.09.23.16.49.45;	author bms;	state Exp;
branches;
next	1.73.2.68.2.50;

1.73.2.68.2.50
date	2003.09.23.22.15.32;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.51;

1.73.2.68.2.51
date	2003.09.24.21.05.59;	author des;	state Exp;
branches;
next	1.73.2.68.2.52;

1.73.2.68.2.52
date	2003.09.25.13.34.52;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.53;

1.73.2.68.2.53
date	2003.10.02.15.56.55;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.54;

1.73.2.68.2.54
date	2003.10.03.13.05.04;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.55;

1.73.2.68.2.55
date	2003.10.03.20.24.59;	author nectar;	state Exp;
branches;
next	1.73.2.68.2.56;

1.73.2.68.2.56
date	2003.11.27.16.36.59;	author nectar;	state Exp;
branches;
next	;

1.73.2.74.2.1
date	2002.10.10.16.22.29;	author bmah;	state Exp;
branches;
next	1.73.2.74.2.2;

1.73.2.74.2.2
date	2002.10.23.14.10.32;	author jedgar;	state Exp;
branches;
next	1.73.2.74.2.3;

1.73.2.74.2.3
date	2002.11.14.02.05.55;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.4;

1.73.2.74.2.4
date	2003.01.06.12.37.52;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.5;

1.73.2.74.2.5
date	2003.01.31.12.47.36;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.6;

1.73.2.74.2.6
date	2003.02.04.18.07.20;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.7;

1.73.2.74.2.7
date	2003.02.20.20.42.04;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.8;

1.73.2.74.2.8
date	2003.02.23.20.19.28;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.9;

1.73.2.74.2.9
date	2003.03.03.17.20.23;	author gshapiro;	state Exp;
branches;
next	1.73.2.74.2.10;

1.73.2.74.2.10
date	2003.03.20.13.05.27;	author jedgar;	state Exp;
branches;
next	1.73.2.74.2.11;

1.73.2.74.2.11
date	2003.03.21.16.12.34;	author jedgar;	state Exp;
branches;
next	1.73.2.74.2.12;

1.73.2.74.2.12
date	2003.03.29.20.13.05;	author gshapiro;	state Exp;
branches;
next	1.73.2.74.2.13;

1.73.2.74.2.13
date	2003.03.29.21.58.05;	author gshapiro;	state Exp;
branches;
next	1.73.2.74.2.14;

1.73.2.74.2.14
date	2003.08.03.23.44.12;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.15;

1.73.2.74.2.15
date	2003.08.10.23.20.30;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.16;

1.73.2.74.2.16
date	2003.08.10.23.31.50;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.17;

1.73.2.74.2.17
date	2003.08.25.22.36.08;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.18;

1.73.2.74.2.18
date	2003.09.16.16.45.15;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.19;

1.73.2.74.2.19
date	2003.09.17.14.51.36;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.20;

1.73.2.74.2.20
date	2003.09.17.20.20.07;	author gshapiro;	state Exp;
branches;
next	1.73.2.74.2.21;

1.73.2.74.2.21
date	2003.09.23.16.47.33;	author bms;	state Exp;
branches;
next	1.73.2.74.2.22;

1.73.2.74.2.22
date	2003.09.24.21.06.15;	author des;	state Exp;
branches;
next	1.73.2.74.2.23;

1.73.2.74.2.23
date	2003.09.25.13.34.31;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.24;

1.73.2.74.2.24
date	2003.10.02.15.55.54;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.25;

1.73.2.74.2.25
date	2003.10.03.13.04.18;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.26;

1.73.2.74.2.26
date	2003.10.03.20.24.30;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.27;

1.73.2.74.2.27
date	2003.11.27.16.35.05;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.28;

1.73.2.74.2.28
date	2004.02.02.17.43.37;	author des;	state Exp;
branches;
next	1.73.2.74.2.29;

1.73.2.74.2.29
date	2004.02.05.18.01.26;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.30;

1.73.2.74.2.30
date	2004.03.17.10.50.45;	author nectar;	state Exp;
branches;
next	1.73.2.74.2.31;

1.73.2.74.2.31
date	2004.05.19.06.40.50;	author des;	state Exp;
branches;
next	1.73.2.74.2.32;

1.73.2.74.2.32
date	2004.11.18.12.06.51;	author cperciva;	state Exp;
branches;
next	;

1.73.2.80.2.1
date	2003.03.30.20.39.52;	author murray;	state Exp;
branches;
next	1.73.2.80.2.2;

1.73.2.80.2.2
date	2003.04.04.06.40.44;	author murray;	state Exp;
branches;
next	1.73.2.80.2.3;

1.73.2.80.2.3
date	2003.08.03.23.43.43;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.4;

1.73.2.80.2.4
date	2003.08.10.23.19.35;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.5;

1.73.2.80.2.5
date	2003.08.10.23.31.11;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.6;

1.73.2.80.2.6
date	2003.08.25.22.35.22;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.7;

1.73.2.80.2.7
date	2003.09.16.16.24.02;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.8;

1.73.2.80.2.8
date	2003.09.17.14.51.08;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.9;

1.73.2.80.2.9
date	2003.09.17.20.19.52;	author gshapiro;	state Exp;
branches;
next	1.73.2.80.2.10;

1.73.2.80.2.10
date	2003.09.23.16.44.58;	author bms;	state Exp;
branches;
next	1.73.2.80.2.11;

1.73.2.80.2.11
date	2003.09.24.21.06.21;	author des;	state Exp;
branches;
next	1.73.2.80.2.12;

1.73.2.80.2.12
date	2003.09.25.13.34.14;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.13;

1.73.2.80.2.13
date	2003.10.02.15.54.48;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.14;

1.73.2.80.2.14
date	2003.10.03.13.03.44;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.15;

1.73.2.80.2.15
date	2003.10.03.18.14.26;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.16;

1.73.2.80.2.16
date	2003.11.27.16.34.21;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.17;

1.73.2.80.2.17
date	2004.02.02.17.43.38;	author des;	state Exp;
branches;
next	1.73.2.80.2.18;

1.73.2.80.2.18
date	2004.02.05.18.01.18;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.19;

1.73.2.80.2.19
date	2004.03.02.17.27.46;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.20;

1.73.2.80.2.20
date	2004.03.17.12.18.22;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.21;

1.73.2.80.2.21
date	2004.04.15.15.59.53;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.22;

1.73.2.80.2.22
date	2004.05.05.20.06.29;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.23;

1.73.2.80.2.23
date	2004.05.05.20.17.51;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.24;

1.73.2.80.2.24
date	2004.05.19.06.40.50;	author des;	state Exp;
branches;
next	1.73.2.80.2.25;

1.73.2.80.2.25
date	2004.05.26.06.44.31;	author des;	state Exp;
branches;
next	1.73.2.80.2.26;

1.73.2.80.2.26
date	2004.06.07.17.42.41;	author cperciva;	state Exp;
branches;
next	1.73.2.80.2.27;

1.73.2.80.2.27
date	2004.06.30.17.32.24;	author cperciva;	state Exp;
branches;
next	1.73.2.80.2.28;

1.73.2.80.2.28
date	2004.09.19.22.28.13;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.29;

1.73.2.80.2.29
date	2004.11.18.12.06.35;	author cperciva;	state Exp;
branches;
next	1.73.2.80.2.30;

1.73.2.80.2.30
date	2004.12.01.21.35.57;	author cperciva;	state Exp;
branches;
next	1.73.2.80.2.31;

1.73.2.80.2.31
date	2004.12.06.19.57.11;	author cperciva;	state Exp;
branches;
next	1.73.2.80.2.32;

1.73.2.80.2.32
date	2005.03.28.15.58.27;	author nectar;	state Exp;
branches;
next	1.73.2.80.2.33;

1.73.2.80.2.33
date	2005.04.04.23.54.32;	author cperciva;	state Exp;
branches;
next	1.73.2.80.2.34;

1.73.2.80.2.34
date	2005.04.21.18.13.15;	author maxim;	state Exp;
branches;
next	1.73.2.80.2.35;

1.73.2.80.2.35
date	2005.04.26.03.25.53;	author maxim;	state Exp;
branches;
next	1.73.2.80.2.36;

1.73.2.80.2.36
date	2005.05.12.15.24.29;	author maxim;	state Exp;
branches;
next	1.73.2.80.2.37;

1.73.2.80.2.37
date	2005.06.10.16.43.24;	author maxim;	state Exp;
branches;
next	1.73.2.80.2.38;

1.73.2.80.2.38
date	2005.07.02.08.28.04;	author maxim;	state Exp;
branches;
next	1.73.2.80.2.39;

1.73.2.80.2.39
date	2005.09.10.16.22.21;	author maxim;	state Exp;
branches;
next	1.73.2.80.2.40;

1.73.2.80.2.40
date	2005.10.13.08.56.49;	author maxim;	state Exp;
branches;
next	1.73.2.80.2.41;

1.73.2.80.2.41
date	2006.01.18.11.26.15;	author maxim;	state Exp;
branches;
next	1.73.2.80.2.42;

1.73.2.80.2.42
date	2006.03.02.05.48.21;	author maxim;	state Exp;
branches;
next	1.73.2.80.2.43;

1.73.2.80.2.43
date	2006.03.23.10.18.15;	author maxim;	state Exp;
branches;
next	1.73.2.80.2.44;

1.73.2.80.2.44
date	2006.04.21.18.48.35;	author maxim;	state Exp;
branches;
next	;

1.73.2.89.2.1
date	2003.11.04.02.22.13;	author imp;	state Exp;
branches;
next	1.73.2.89.2.2;

1.73.2.89.2.2
date	2003.11.27.00.56.06;	author nectar;	state Exp;
branches;
next	1.73.2.89.2.3;

1.73.2.89.2.3
date	2004.02.05.18.01.11;	author nectar;	state Exp;
branches;
next	1.73.2.89.2.4;

1.73.2.89.2.4
date	2004.03.02.17.26.32;	author nectar;	state Exp;
branches;
next	1.73.2.89.2.5;

1.73.2.89.2.5
date	2004.03.17.12.17.13;	author nectar;	state Exp;
branches;
next	1.73.2.89.2.6;

1.73.2.89.2.6
date	2004.04.15.15.59.03;	author nectar;	state Exp;
branches;
next	1.73.2.89.2.7;

1.73.2.89.2.7
date	2004.05.05.20.01.05;	author nectar;	state Exp;
branches;
next	1.73.2.89.2.8;

1.73.2.89.2.8
date	2004.05.05.20.15.56;	author nectar;	state Exp;
branches;
next	1.73.2.89.2.9;

1.73.2.89.2.9
date	2004.05.19.06.40.50;	author des;	state Exp;
branches;
next	1.73.2.89.2.10;

1.73.2.89.2.10
date	2004.05.26.06.44.33;	author des;	state Exp;
branches;
next	1.73.2.89.2.11;

1.73.2.89.2.11
date	2004.06.07.17.44.43;	author cperciva;	state Exp;
branches;
next	1.73.2.89.2.12;

1.73.2.89.2.12
date	2004.06.30.17.33.23;	author cperciva;	state Exp;
branches;
next	1.73.2.89.2.13;

1.73.2.89.2.13
date	2004.09.19.22.27.35;	author nectar;	state Exp;
branches;
next	1.73.2.89.2.14;

1.73.2.89.2.14
date	2004.11.18.12.06.21;	author cperciva;	state Exp;
branches;
next	1.73.2.89.2.15;

1.73.2.89.2.15
date	2005.04.08.11.59.18;	author maxim;	state Exp;
branches;
next	1.73.2.89.2.16;

1.73.2.89.2.16
date	2005.04.21.18.11.40;	author maxim;	state Exp;
branches;
next	1.73.2.89.2.17;

1.73.2.89.2.17
date	2005.04.26.03.26.54;	author maxim;	state Exp;
branches;
next	1.73.2.89.2.18;

1.73.2.89.2.18
date	2005.05.12.15.25.05;	author maxim;	state Exp;
branches;
next	1.73.2.89.2.19;

1.73.2.89.2.19
date	2005.06.10.16.41.29;	author maxim;	state Exp;
branches;
next	1.73.2.89.2.20;

1.73.2.89.2.20
date	2005.07.02.08.29.26;	author maxim;	state Exp;
branches;
next	1.73.2.89.2.21;

1.73.2.89.2.21
date	2005.09.10.16.23.58;	author maxim;	state Exp;
branches;
next	1.73.2.89.2.22;

1.73.2.89.2.22
date	2005.10.13.08.58.42;	author maxim;	state Exp;
branches;
next	1.73.2.89.2.23;

1.73.2.89.2.23
date	2006.01.18.11.27.45;	author maxim;	state Exp;
branches;
next	1.73.2.89.2.24;

1.73.2.89.2.24
date	2006.03.02.05.47.04;	author maxim;	state Exp;
branches;
next	1.73.2.89.2.25;

1.73.2.89.2.25
date	2006.03.23.10.19.35;	author maxim;	state Exp;
branches;
next	1.73.2.89.2.26;

1.73.2.89.2.26
date	2006.04.21.18.47.45;	author maxim;	state Exp;
branches;
next	;

1.73.2.90.2.1
date	2004.05.27.06.21.52;	author kensmith;	state Exp;
branches;
next	1.73.2.90.2.2;

1.73.2.90.2.2
date	2004.06.26.04.39.46;	author kensmith;	state Exp;
branches;
next	1.73.2.90.2.3;

1.73.2.90.2.3
date	2004.06.30.17.33.58;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.4;

1.73.2.90.2.4
date	2004.09.19.22.26.21;	author nectar;	state Exp;
branches;
next	1.73.2.90.2.5;

1.73.2.90.2.5
date	2004.11.18.12.06.06;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.6;

1.73.2.90.2.6
date	2004.12.01.21.35.10;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.7;

1.73.2.90.2.7
date	2005.03.28.15.56.52;	author nectar;	state Exp;
branches;
next	1.73.2.90.2.8;

1.73.2.90.2.8
date	2005.04.04.23.54.13;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.9;

1.73.2.90.2.9
date	2005.04.15.01.53.13;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.10;

1.73.2.90.2.10
date	2005.04.22.18.16.14;	author simon;	state Exp;
branches;
next	1.73.2.90.2.11;

1.73.2.90.2.11
date	2005.05.06.02.33.12;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.12;

1.73.2.90.2.12
date	2005.05.06.02.39.51;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.13;

1.73.2.90.2.13
date	2005.05.06.02.49.07;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.14;

1.73.2.90.2.14
date	2005.05.08.10.35.55;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.15;

1.73.2.90.2.15
date	2005.05.13.00.08.29;	author nectar;	state Exp;
branches;
next	1.73.2.90.2.16;

1.73.2.90.2.16
date	2005.06.08.21.31.16;	author simon;	state Exp;
branches;
next	1.73.2.90.2.17;

1.73.2.90.2.17
date	2005.06.29.21.46.14;	author simon;	state Exp;
branches;
next	1.73.2.90.2.18;

1.73.2.90.2.18
date	2005.09.07.13.44.36;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.19;

1.73.2.90.2.19
date	2005.09.09.19.24.22;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.20;

1.73.2.90.2.20
date	2005.10.11.11.51.19;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.21;

1.73.2.90.2.21
date	2006.01.11.08.08.07;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.22;

1.73.2.90.2.22
date	2006.03.01.14.23.07;	author simon;	state Exp;
branches;
next	1.73.2.90.2.23;

1.73.2.90.2.23
date	2006.03.22.16.03.23;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.24;

1.73.2.90.2.24
date	2006.04.19.07.03.13;	author cperciva;	state Exp;
branches;
next	1.73.2.90.2.25;

1.73.2.90.2.25
date	2006.05.31.22.35.31;	author cperciva;	state Exp;
branches;
next	;

1.73.2.91.2.1
date	2005.01.21.13.12.40;	author kensmith;	state Exp;
branches;
next	1.73.2.91.2.2;

1.73.2.91.2.2
date	2005.03.28.15.55.28;	author nectar;	state Exp;
branches;
next	1.73.2.91.2.3;

1.73.2.91.2.3
date	2005.04.04.23.53.56;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.4;

1.73.2.91.2.4
date	2005.04.15.01.52.57;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.5;

1.73.2.91.2.5
date	2005.04.22.18.17.21;	author simon;	state Exp;
branches;
next	1.73.2.91.2.6;

1.73.2.91.2.6
date	2005.05.06.02.33.28;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.7;

1.73.2.91.2.7
date	2005.05.06.02.40.04;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.8;

1.73.2.91.2.8
date	2005.05.06.02.49.34;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.9;

1.73.2.91.2.9
date	2005.05.08.10.29.54;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.10;

1.73.2.91.2.10
date	2005.05.13.00.02.11;	author nectar;	state Exp;
branches;
next	1.73.2.91.2.11;

1.73.2.91.2.11
date	2005.06.08.21.30.42;	author simon;	state Exp;
branches;
next	1.73.2.91.2.12;

1.73.2.91.2.12
date	2005.06.29.21.45.13;	author simon;	state Exp;
branches;
next	1.73.2.91.2.13;

1.73.2.91.2.13
date	2005.09.07.13.44.19;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.14;

1.73.2.91.2.14
date	2005.10.11.11.51.44;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.15;

1.73.2.91.2.15
date	2006.01.11.08.07.17;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.16;

1.73.2.91.2.16
date	2006.03.01.14.22.29;	author simon;	state Exp;
branches;
next	1.73.2.91.2.17;

1.73.2.91.2.17
date	2006.03.22.16.03.04;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.18;

1.73.2.91.2.18
date	2006.04.19.07.03.00;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.19;

1.73.2.91.2.19
date	2006.05.31.22.34.53;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.20;

1.73.2.91.2.20
date	2006.06.14.16.01.20;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.21;

1.73.2.91.2.21
date	2006.08.23.22.06.39;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.22;

1.73.2.91.2.22
date	2006.09.06.21.24.53;	author simon;	state Exp;
branches;
next	1.73.2.91.2.23;

1.73.2.91.2.23
date	2006.09.19.14.13.52;	author simon;	state Exp;
branches;
next	1.73.2.91.2.24;

1.73.2.91.2.24
date	2006.09.28.13.06.21;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.25;

1.73.2.91.2.25
date	2006.09.29.13.46.40;	author cperciva;	state Exp;
branches;
next	1.73.2.91.2.26;

1.73.2.91.2.26
date	2006.09.30.19.58.06;	author simon;	state Exp;
branches;
next	1.73.2.91.2.27;

1.73.2.91.2.27
date	2006.12.06.09.18.01;	author cperciva;	state Exp;
branches;
next	;

1.14.2.1
date	99.05.10.09.22.47;	author jkh;	state Exp;
branches;
next	1.14.2.2;

1.14.2.2
date	99.05.10.19.56.49;	author obrien;	state Exp;
branches;
next	1.14.2.3;

1.14.2.3
date	99.08.29.15.55.29;	author peter;	state Exp;
branches;
next	1.14.2.4;

1.14.2.4
date	2000.01.06.17.39.38;	author imp;	state Exp;
branches;
next	1.14.2.5;

1.14.2.5
date	2000.02.07.17.24.27;	author jkh;	state Exp;
branches;
next	1.14.2.6;

1.14.2.6
date	2000.10.09.04.13.41;	author imp;	state Exp;
branches;
next	;


desc
@@


1.778
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/253396
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@Updating Information for FreeBSD current users

This file is maintained and copyrighted by M. Warner Losh <imp@@freebsd.org>.
See end of file for further details.  For commonly done items, please see the
COMMON ITEMS: section later in the file.  These instructions assume that you
basically know what you are doing.  If not, then please consult the FreeBSD
handbook:

    http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html

Items affecting the ports and packages system can be found in
/usr/ports/UPDATING.  Please read that file before running portupgrade.

NOTE: FreeBSD has switched from gcc to clang. If you have trouble bootstrapping
from older versions of FreeBSD, try WITHOUT_CLANG to bootstrap to the tip of
head, and then rebuild without this option. The bootstrap process from
older version of current is a bit fragile.

NOTE TO PEOPLE WHO THINK THAT FreeBSD 10.x IS SLOW:
	FreeBSD 10.x has many debugging features turned on, in both the kernel
	and userland.  These features attempt to detect incorrect use of
	system primitives, and encourage loud failure through extra sanity
	checking and fail stop semantics.  They also substantially impact
	system performance.  If you want to do performance measurement,
	benchmarking, and optimization, you'll want to turn them off.  This
	includes various WITNESS- related kernel options, INVARIANTS, malloc
	debugging flags in userland, and various verbose features in the
	kernel.  Many developers choose to disable these features on build
	machines to maximize performance.  (To completely disable malloc
	debugging, define MALLOC_PRODUCTION in /etc/make.conf, or to merely
	disable the most expensive debugging functionality run
	"ln -s 'abort:false,junk:false' /etc/malloc.conf".)

20130716:
	The default ARM ABI has changed to the ARM EABI. The old ABI is
	incompatible with the ARM EABI and all programs and modules will
	need to be rebuilt to work with a new kernel.

	To keep using the old ABI ensure the WITHOUT_ARM_EABI knob is set.

	NOTE: Support for the old ABI will be removed in the future and
	users are advised to upgrade.

20130709:
	pkg_install has been disconnected from the build if you really need it
	you should add WITH_PKGTOOLS in your src.conf(5).

20130709:
	Most of network statistics structures were changed to be able
	keep 64-bits counters. Thus all tools, that work with networking
	statistics, must be rebuilt (netstat(1), bsnmpd(1), etc.)

20130629:
	Fix targets that run multiple make's to use && rather than ;
	so that subsequent steps depend on success of previous.

	NOTE: if building 'universe' with -j* on stable/8 or stable/9
	it would be better to start the build using bmake, to avoid
	overloading the machine.

20130618:
	Fix a bug that allowed a tracing process (e.g. gdb) to write
	to a memory-mapped file in the traced process's address space
	even if neither the traced process nor the tracing process had
	write access to that file.

20130615:
	CVS has been removed from the base system.  An exact copy
	of the code is available from the devel/cvs port.

20130613:
	Some people report the following error after the switch to bmake:

		make: illegal option -- J
		usage: make [-BPSXeiknpqrstv] [-C directory] [-D variable]
			...
		*** [buildworld] Error code 2

	this likely due to an old instance of make in
	${MAKEPATH} (${MAKEOBJDIRPREFIX}${.CURDIR}/make.${MACHINE})
	which src/Makefile will use that blindly, if it exists, so if
	you see the above error:

		rm -rf `make -V MAKEPATH`

	should resolve it.

20130516:
	Use bmake by default.
	Whereas before one could choose to build with bmake via
	-DWITH_BMAKE one must now use -DWITHOUT_BMAKE to use the old
	make. The goal is to remove these knobs for 10-RELEASE.

	It is worth noting that bmake (like gmake) treats the command
	line as the unit of failure, rather than statements within the
	command line.  Thus '(cd some/where && dosomething)' is safer
	than 'cd some/where; dosomething'. The '()' allows consistent
	behavior in parallel build.

20130429:
        Fix a bug that allows NFS clients to issue READDIR on files.

20130426:
	The WITHOUT_IDEA option has been removed because
	the IDEA patent expired.

20130426:
	The sysctl which controls TRIM support under ZFS has been renamed
	from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled and has been
	enabled by default.

20130425:
	The mergemaster command now uses the default MAKEOBJDIRPREFIX
	rather than creating it's own in the temporary directory in
	order allow access to bootstrapped versions of tools such as
	install and mtree.  When upgrading from version of FreeBSD where
	the install command does not support -l, you will need to
	install a new mergemaster command if mergemaster -p is required.
	This can be accomplished with the command (cd src/usr.sbin/mergemaster
	&& make install).

20130404:
	Legacy ATA stack, disabled and replaced by new CAM-based one since
	FreeBSD 9.0, completely removed from the sources.  Kernel modules
	atadisk and atapi*, user-level tools atacontrol and burncd are
	removed.  Kernel option `options ATA_CAM` is now permanently enabled
	and removed.

20130319:
	SOCK_CLOEXEC and SOCK_NONBLOCK flags have been added to socket(2)
	and socketpair(2). Software, in particular Kerberos, may
	automatically detect and use these during building. The resulting
	binaries will not work on older kernels.

20130308:
	CTL_DISABLE has also been added to the sparc64 GENERIC (for further
	information, see the respective 20130304 entry).

20130304:
	Recent commits to callout(9) changed the size of struct callout,
	so the KBI is probably heavily disturbed. Also, some functions
	in callout(9)/sleep(9)/sleepqueue(9)/condvar(9) KPIs were replaced
	by macros. Every kernel module using it won't load, so rebuild
	is requested.

	The ctl device has been re-enabled in GENERIC for i386 and amd64,
	but does not initialize by default (because of the new CTL_DISABLE
	option) to save memory.  To re-enable it, remove the CTL_DISABLE
	option from the kernel config file or set kern.cam.ctl.disable=0
	in /boot/loader.conf.

20130301:
	The ctl device has been disabled in GENERIC for i386 and amd64.
	This was done due to the extra memory being allocated at system
	initialisation time by the ctl driver which was only used if
	a CAM target device was created.  This makes a FreeBSD system
	unusable on 128MB or less of RAM.

20130208:
	A new compression method (lz4) has been merged to -HEAD.  Please
	refer to zpool-features(7) for more information.

	Please refer to the "ZFS notes" section of this file for information
	on upgrading boot ZFS pools.

20130129:
	A BSD-licensed patch(1) variant has been added and is installed
	as bsdpatch, being the GNU version the default patch.
	To inverse the logic and use the BSD-licensed one as default,
	while having the GNU version installed as gnupatch, rebuild
	and install world with the WITH_BSD_PATCH knob set.

20130121:
	Due to the use of the new -l option to install(1) during build
	and install, you must take care not to directly set the INSTALL
	make variable in your /etc/make.conf, /etc/src.conf, or on the
	command line.  If you wish to use the -C flag for all installs
	you may be able to add INSTALL+=-C to /etc/make.conf or
	/etc/src.conf.

20130118:
	The install(1) option -M has changed meaning and now takes an
	argument that is a file or path to append logs to.  In the
	unlikely event that -M was the last option on the command line
	and the command line contained at least two files and a target
	directory the first file will have logs appended to it.  The -M
	option served little practical purpose in the last decade so its
	use is expected to be extremely rare.

20121223:
	After switching to Clang as the default compiler some users of ZFS
	on i386 systems started to experience stack overflow kernel panics.
	Please consider using 'options KSTACK_PAGES=4' in such configurations.

20121222:
	GEOM_LABEL now mangles label names read from file system metadata.
	Mangling affect labels containing spaces, non-printable characters,
	'%' or '"'. Device names in /etc/fstab and other places may need to
	be updated.

20121217:
	By default, only the 10 most recent kernel dumps will be saved.  To
	restore the previous behaviour (no limit on the number of kernel dumps
	stored in the dump directory) add the following line to /etc/rc.conf:

		savecore_flags=""

20121201:
	With the addition of auditdistd(8), a new auditdistd user is now
	depended on during installworld.  "mergemaster -p" can be used to add
	the user prior to installworld, as documented in the handbook.

20121117:
	The sin6_scope_id member variable in struct sockaddr_in6 is now
	filled by the kernel before passing the structure to the userland via
	sysctl or routing socket.  This means the KAME-specific embedded scope
	id in sin6_addr.s6_addr[2] is always cleared in userland application.
	This behavior can be controlled by net.inet6.ip6.deembed_scopeid.
	__FreeBSD_version is bumped to 1000025.

20121105:
	On i386 and amd64 systems WITH_CLANG_IS_CC is now the default.
	This means that the world and kernel will be compiled with clang
	and that clang will be installed as /usr/bin/cc, /usr/bin/c++,
	and /usr/bin/cpp.  To disable this behavior and revert to building
	with gcc, compile with WITHOUT_CLANG_IS_CC. Really old versions
	of current may need to bootstrap WITHOUT_CLANG first if the clang
	build fails (its compatibility window doesn't extend to the 9 stable
	branch point).

20121102:
	The IPFIREWALL_FORWARD kernel option has been removed. Its
	functionality now turned on by default.

20121023:
	The ZERO_COPY_SOCKET kernel option has been removed and
	split into SOCKET_SEND_COW and SOCKET_RECV_PFLIP.
	NB: SOCKET_SEND_COW uses the VM page based copy-on-write
	mechanism which is not safe and may result in kernel crashes.
	NB: The SOCKET_RECV_PFLIP mechanism is useless as no current
	driver supports disposeable external page sized mbuf storage.
	Proper replacements for both zero-copy mechanisms are under
	consideration and will eventually lead to complete removal
	of the two kernel options.

20121023:
	The IPv4 network stack has been converted to network byte
	order. The following modules need to be recompiled together
	with kernel: carp(4), divert(4), gif(4), siftr(4), gre(4),
	pf(4), ipfw(4), ng_ipfw(4), stf(4).

20121022:
	Support for non-MPSAFE filesystems was removed from VFS. The
	VFS_VERSION was bumped, all filesystem modules shall be
	recompiled.

20121018:
	All the non-MPSAFE filesystems have been disconnected from
	the build. The full list includes: codafs, hpfs, ntfs, nwfs,
	portalfs, smbfs, xfs.

20121016:
	The interface cloning API and ABI has changed. The following
	modules need to be recompiled together with kernel:
	ipfw(4), pfsync(4), pflog(4), usb(4), wlan(4), stf(4),
	vlan(4), disc(4), edsc(4), if_bridge(4), gif(4), tap(4),
	faith(4), epair(4), enc(4), tun(4), if_lagg(4), gre(4).

20121015:
	The sdhci driver was split in two parts: sdhci (generic SD Host
	Controller logic) and sdhci_pci (actual hardware driver).
	No kernel config modifications are required, but if you
	load sdhc as a module you must switch to sdhci_pci instead.

20121014:
	Import the FUSE kernel and userland support into base system.

20121013:
	The GNU sort(1) program has been removed since the BSD-licensed
	sort(1) has been the default for quite some time and no serious
	problems have been reported.  The corresponding WITH_GNU_SORT
	knob has also gone.

20121006:
	The pfil(9) API/ABI for AF_INET family has been changed. Packet
	filtering modules: pf(4), ipfw(4), ipfilter(4) need to be recompiled
	with new kernel.

20121001:
	The net80211(4) ABI has been changed to allow for improved driver
	PS-POLL and power-save support.  All wireless drivers need to be
	recompiled to work with the new kernel.

20120913:
	The random(4) support for the VIA hardware random number
	generator (`PADLOCK') is no longer enabled unconditionally.
	Add the PADLOCK_RNG option in the custom kernel config if
	needed.  The GENERIC kernels on i386 and amd64 do include the
	option, so the change only affects the custom kernel
	configurations.

20120908:
	The pf(4) packet filter ABI has been changed. pfctl(8) and
	snmp_pf module need to be recompiled to work with new kernel.

20120828:
	A new ZFS feature flag "com.delphix:empty_bpobj" has been merged
	to -HEAD. Pools that have empty_bpobj in active state can not be
	imported read-write with ZFS implementations that do not support
	this feature. For more information read the zpool-features(5)
	manual page.

20120727:
	The sparc64 ZFS loader has been changed to no longer try to auto-
	detect ZFS providers based on diskN aliases but now requires these
	to be explicitly listed in the OFW boot-device environment variable. 

20120712:
	The OpenSSL has been upgraded to 1.0.1c.  Any binaries requiring
	libcrypto.so.6 or libssl.so.6 must be recompiled.  Also, there are
	configuration changes.  Make sure to merge /etc/ssl/openssl.cnf.

20120712:
	The following sysctls and tunables have been renamed for consistency
	with other variables:
	  kern.cam.da.da_send_ordered   -> kern.cam.da.send_ordered
	  kern.cam.ada.ada_send_ordered -> kern.cam.ada.send_ordered

20120628:
	The sort utility has been replaced with BSD sort.  For now, GNU sort
	is also available as "gnusort" or the default can be set back to
	GNU sort by setting WITH_GNU_SORT.  In this case, BSD sort will be
	installed as "bsdsort".

20120611:
	A new version of ZFS (pool version 5000) has been merged to -HEAD.
	Starting with this version the old system of ZFS pool versioning
	is superseded by "feature flags". This concept enables forward
	compatibility against certain future changes in functionality of ZFS
	pools. The first read-only compatible "feature flag" for ZFS pools
	is named "com.delphix:async_destroy". For more information
	read the new zpool-features(5) manual page.
	Please refer to the "ZFS notes" section of this file for information
	on upgrading boot ZFS pools.

20120417:
	The malloc(3) implementation embedded in libc now uses sources imported
	as contrib/jemalloc.  The most disruptive API change is to
	/etc/malloc.conf.  If your system has an old-style /etc/malloc.conf,
	delete it prior to installworld, and optionally re-create it using the
	new format after rebooting.  See malloc.conf(5) for details
	(specifically the TUNING section and the "opt.*" entries in the MALLCTL
	NAMESPACE section).

20120328:
	Big-endian MIPS TARGET_ARCH values no longer end in "eb".  mips64eb
	is now spelled mips64.  mipsn32eb is now spelled mipsn32.  mipseb is
	now spelled mips.  This is to aid compatibility with third-party
	software that expects this naming scheme in uname(3).  Little-endian
	settings are unchanged. If you are updating a big-endian mips64 machine
	from before this change, you may need to set MACHINE_ARCH=mips64 in
	your environment before the new build system will recognize your machine.

20120306:
	Disable by default the option VFS_ALLOW_NONMPSAFE for all supported
	platforms.

20120229:
	Now unix domain sockets behave "as expected" on	nullfs(5). Previously
	nullfs(5) did not pass through all behaviours to the underlying layer,
	as a result if we bound to a socket on the lower layer we could connect
	only to the lower path; if we bound to the upper layer we could connect
	only to	the upper path. The new behavior is one can connect to both the
	lower and the upper paths regardless what layer path one binds to.

20120211:
	The getifaddrs upgrade path broken with 20111215 has been restored.
	If you have upgraded in between 20111215 and 20120209 you need to
	recompile libc again with your kernel.  You still need to recompile
	world to be able to configure CARP but this restriction already
	comes from 20111215.

20120114:
	The set_rcvar() function has been removed from /etc/rc.subr.  All
	base and ports rc.d scripts have been updated, so if you have a
	port installed with a script in /usr/local/etc/rc.d you can either
	hand-edit the rcvar= line, or reinstall the port.

	An easy way to handle the mass-update of /etc/rc.d:
	rm /etc/rc.d/* && mergemaster -i

20120109:
	panic(9) now stops other CPUs in the SMP systems, disables interrupts
	on the current CPU and prevents other threads from running.
	This behavior can be reverted using the kern.stop_scheduler_on_panic
	tunable/sysctl.
	The new behavior can be incompatible with kern.sync_on_panic.

20111215:
	The carp(4) facility has been changed significantly. Configuration
	of the CARP protocol via ifconfig(8) has changed, as well as format
	of CARP events submitted to devd(8) has changed. See manual pages
	for more information. The arpbalance feature of carp(4) is currently
	not supported anymore.

	Size of struct in_aliasreq, struct in6_aliasreq has changed. User
	utilities using SIOCAIFADDR, SIOCAIFADDR_IN6, e.g. ifconfig(8),
	need to be recompiled.

20111122:
	The acpi_wmi(4) status device /dev/wmistat has been renamed to
	/dev/wmistat0.

20111108:
	The option VFS_ALLOW_NONMPSAFE option has been added in order to
	explicitely support non-MPSAFE filesystems.
	It is on by default for all supported platform at this present
	time.

20111101:
	The broken amd(4) driver has been replaced with esp(4) in the amd64,
	i386 and pc98 GENERIC kernel configuration files.

20110930:
	sysinstall has been removed

20110923:
	The stable/9 branch created in subversion.  This corresponds to the
	RELENG_9 branch in CVS.

20110913:
	This commit modifies vfs_register() so that it uses a hash
	calculation to set vfc_typenum, which is enabled by default.
	The first time a system is booted after this change, the
	vfc_typenum values will change for all file systems. The
	main effect of this is a change to the NFS server file handles
	for file systems that use vfc_typenum in their fsid, such as ZFS.
	It will, however, prevent vfc_typenum from changing when file
	systems are loaded in a different order for subsequent reboots.
	To disable this, you can set vfs.typenumhash=0 in /boot/loader.conf
	until you are ready to remount all NFS clients after a reboot.

20110828:
	Bump the shared library version numbers for libraries that
	do not use symbol versioning, have changed the ABI compared
	to stable/8 and which shared library version was not bumped.
	Done as part of 9.0-RELEASE cycle.

20110815:
	During the merge of Capsicum features, the fget(9) KPI was modified.
	This may require the rebuilding of out-of-tree device drivers --
	issues have been reported specifically with the nVidia device driver.
	__FreeBSD_version is bumped to 900041.

	Also, there is a period between 20110811 and 20110814 where the
	special devices /dev/{stdin,stdout,stderr} did not work correctly.
	Building world from a kernel during that window may not work.

20110628:
	The packet filter (pf) code has been updated to OpenBSD 4.5.
	You need to update userland tools to be in sync with kernel.
	This update breaks backward compatibility with earlier pfsync(4)
	versions.  Care must be taken when updating redundant firewall setups.

20110608:
	The following sysctls and tunables are retired on x86 platforms:
		machdep.hlt_cpus
		machdep.hlt_logical_cpus
	The following sysctl is retired:
		machdep.hyperthreading_allowed
	The sysctls were supposed to provide a way to dynamically offline and
	online selected CPUs on x86 platforms, but the implementation has not
	been reliable especially with SCHED_ULE scheduler.
	machdep.hyperthreading_allowed tunable is still available to ignore
	hyperthreading CPUs at OS level.
	Individual CPUs can be disabled using hint.lapic.X.disabled tunable,
	where X is an APIC ID of a CPU.  Be advised, though, that disabling
	CPUs in non-uniform fashion will result in non-uniform topology and
	may lead to sub-optimal system performance with SCHED_ULE, which is
	a default scheduler.

20110607:
	cpumask_t type is retired and cpuset_t is used in order to describe
	a mask of CPUs.

20110531:
	Changes to ifconfig(8) for dynamic address family detection mandate
	that you are running a kernel of 20110525 or later.  Make sure to
	follow the update procedure to boot a new kernel before installing
	world.

20110513:
	Support for sun4v architecture is officially dropped

20110503:
	Several KPI breaking changes have been committed to the mii(4) layer,
	the PHY drivers and consequently some Ethernet drivers using mii(4).
	This means that miibus.ko and the modules of the affected Ethernet
	drivers need to be recompiled.

	Note to kernel developers: Given that the OUI bit reversion problem
	was fixed as part of these changes all mii(4) commits related to OUIs,
	i.e. to sys/dev/mii/miidevs, PHY driver probing and vendor specific
	handling, no longer can be merged verbatim to stable/8 and previous
	branches.

20110430:
	Users of the Atheros AR71xx SoC code now need to add 'device ar71xx_pci'
	into their kernel configurations along with 'device pci'.

20110427:
	The default NFS client is now the new NFS client, so fstype "newnfs"
	is now "nfs" and the regular/old NFS client is now fstype "oldnfs".
	Although mounts via fstype "nfs" will usually work without userland
	changes, it is recommended that the mount(8) and mount_nfs(8)
	commands be rebuilt from sources and that a link to mount_nfs called
	mount_oldnfs be created. The new client is compiled into the
	kernel with "options NFSCL" and this is needed for diskless root
	file systems. The GENERIC kernel configs have been changed to use
	NFSCL and NFSD (the new server) instead of NFSCLIENT and NFSSERVER.
	To use the regular/old client, you can "mount -t oldnfs ...". For
	a diskless root file system, you must also include a line like:
	
	vfs.root.mountfrom="oldnfs:"

	in the boot/loader.conf on the root fs on the NFS server to make
	a diskless root fs use the old client.

20110424:
	The GENERIC kernels for all architectures now default to the new
	CAM-based ATA stack. It means that all legacy ATA drivers were
	removed and replaced by respective CAM drivers. If you are using
	ATA device names in /etc/fstab or other places, make sure to update
	them respectively (adX -> adaY, acdX -> cdY, afdX -> daY, astX -> saY,
	where 'Y's are the sequential numbers starting from zero for each type
	in order of detection, unless configured otherwise with tunables,
	see cam(4)). There will be symbolic links created in /dev/ to map
	old adX devices to the respective adaY. They should provide basic
	compatibility for file systems mounting in most cases, but they do
	not support old user-level APIs and do not have respective providers
	in GEOM. Consider using updated management tools with new device names.

	It is possible to load devices ahci, ata, siis and mvs as modules,
	but option ATA_CAM should remain in kernel configuration to make ata
	module work as CAM driver supporting legacy ATA controllers. Device ata
	still can be used in modular fashion (atacore + ...). Modules atadisk
	and atapi* are not used and won't affect operation in ATA_CAM mode.
	Note that to use CAM-based ATA kernel should include CAM devices
	scbus, pass, da (or explicitly ada), cd and optionally others. All of
	them are parts of the cam module.

	ataraid(4) functionality is now supported by the RAID GEOM class.
	To use it you can load geom_raid kernel module and use graid(8) tool
	for management. Instead of /dev/arX device names, use /dev/raid/rX.

	No kernel config options or code have been removed, so if a problem
	arises, please report it and optionally revert to the old ATA stack.
	In order to do it you can remove from the kernel config:
	    options        ATA_CAM
	    device         ahci
	    device         mvs
	    device         siis
	, and instead add back:
	    device         atadisk         # ATA disk drives
	    device         ataraid         # ATA RAID drives
	    device         atapicd         # ATAPI CDROM drives
	    device         atapifd         # ATAPI floppy drives
	    device         atapist         # ATAPI tape drives

20110423:
	The default NFS server has been changed to the new server, which
	was referred to as the experimental server. If you need to switch
	back to the old NFS server, you must now put the "-o" option on
	both the mountd and nfsd commands. This can be done using the
	mountd_flags and nfs_server_flags rc.conf variables until an
	update to the rc scripts is committed, which is coming soon.

20110418:
	The GNU Objective-C runtime library (libobjc), and other Objective-C
	related components have been removed from the base system.  If you
	require an Objective-C library, please use one of the available ports.

20110331:
	ath(4) has been split into bus- and device- modules. if_ath contains
	the HAL, the TX rate control and the network device code. if_ath_pci
	contains the PCI bus glue. For Atheros MIPS embedded systems, if_ath_ahb
	contains the AHB glue. Users need to load both if_ath_pci and if_ath
	in order to use ath on everything else.

	TO REPEAT: if_ath_ahb is not needed for normal users. Normal users only
	need to load if_ath and if_ath_pci for ath(4) operation.

20110314:
	As part of the replacement of sysinstall, the process of building
	release media has changed significantly. For details, please re-read
	release(7), which has been updated to reflect the new build process.

20110218:
	GNU binutils 2.17.50 (as of 2007-07-03) has been merged to -HEAD.  This
	is the last available version under GPLv2.  It brings a number of new
	features, such as support for newer x86 CPU's (with SSE-3, SSSE-3, SSE
	4.1 and SSE 4.2), better support for powerpc64, a number of new
	directives, and lots of other small improvements.  See the ChangeLog
	file in contrib/binutils for the full details.

20110218:
	IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868
	compliant, and will now use half of hash for authentication.
	This will break interoperability with all stacks (including all
	actual FreeBSD versions) who implement
	draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for
	authentication).
	The only workaround with such peers is to use another HMAC
	algorithm for IPsec ("phase 2") authentication.

20110207:
	Remove the uio_yield prototype and symbol.  This function has
	been misnamed since it was introduced and should not be
	globally exposed with this name.  The equivalent functionality
	is now available using kern_yield(curthread->td_user_pri).
	The function remains undocumented.

20110112:
	A SYSCTL_[ADD_]UQUAD was added for unsigned uint64_t pointers,
	symmetric with the existing SYSCTL_[ADD_]QUAD.  Type checking
	for scalar sysctls is defined but disabled.  Code that needs
	UQUAD to pass the type checking that must compile on older
	systems where the define is not present can check against
	__FreeBSD_version >= 900030.

	The system dialog(1) has been replaced with a new version previously
	in ports as devel/cdialog. dialog(1) is mostly command-line compatible
	with the previous version, but the libdialog associated with it has
	a largely incompatible API. As such, the original version of libdialog
	will be kept temporarily as libodialog, until its base system consumers
	are replaced or updated. Bump __FreeBSD_version to 900030.

20110103:
	If you are trying to run make universe on a -stable system, and you get
	the following warning:
	"Makefile", line 356: "Target architecture for i386/conf/GENERIC 
	unknown.  config(8) likely too old."
	or something similar to it, then you must upgrade your -stable system
	to 8.2-Release or newer (really, any time after r210146 7/15/2010 in
	stable/8) or build the config from the latest stable/8 branch and
	install it on your system.

	Prior to this date, building a current universe on 8-stable system from
	between 7/15/2010 and 1/2/2011 would result in a weird shell parsing
	error in the first kernel build phase.  A new config on those old 
	systems will fix that problem for older versions of -current.

20101228:
	The TCP stack has been modified to allow Khelp modules to interact with
	it via helper hook points and store per-connection data in the TCP
	control block. Bump __FreeBSD_version to 900029. User space tools that
	rely on the size of struct tcpcb in tcp_var.h (e.g. sockstat) need to
	be recompiled.

20101114:
	Generic IEEE 802.3 annex 31B full duplex flow control support has been
	added to mii(4) and bge(4), bce(4), msk(4), nfe(4) and stge(4) along
	with brgphy(4), e1000phy(4) as well as ip1000phy() have been converted
	to take advantage of it instead of using custom implementations.  This
	means that these drivers now no longer unconditionally advertise
	support for flow control but only do so if flow control is a selected
	media option.  This was implemented in the generic support that way in
	order to allow flow control to be switched on and off via ifconfig(8)
	with the PHY specific default to typically off in order to protect
	from unwanted effects.  Consequently, if you used flow control with
	one of the above mentioned drivers you now need to explicitly enable
	it, for example via:
		ifconfig bge0 media auto mediaopt flowcontrol

	Along with the above mentioned changes generic support for setting
	1000baseT master mode also has been added and brgphy(4), ciphy(4),
	e1000phy(4) as well as ip1000phy(4) have been converted to take
	advantage of it.  This means that these drivers now no longer take the
	link0 parameter for selecting master mode but the master media option
	has to be used instead, for example like in the following:
		ifconfig bge0 media 1000baseT mediaopt full-duplex,master

	Selection of master mode now is also available with all other PHY
	drivers supporting 1000baseT.

20101111:
	The TCP stack has received a significant update to add support for
	modularised congestion control and generally improve the clarity of
	congestion control decisions. Bump __FreeBSD_version to 900025. User
	space tools that rely on the size of struct tcpcb in tcp_var.h (e.g.
	sockstat) need to be recompiled.

20101002:
	The man(1) utility has been replaced by a new version that no longer
	uses /etc/manpath.config. Please consult man.conf(5) for how to
	migrate local entries to the new format.

20100928:
	The copyright strings printed by login(1) and sshd(8) at the time of a
	new connection have been removed to follow other operating systems and
	upstream sshd.

20100915:
	A workaround for a fixed ld bug has been removed in kernel code,
	so make sure that your system ld is built from sources after
	revision 210245 from 2010-07-19 (r211583 if building head kernel
	on stable/8, r211584 for stable/7; both from 2010-08-21).
	A symptom of incorrect ld version is different addresses for
	set_pcpu section and __start_set_pcpu symbol in kernel and/or modules.

20100913:
	The $ipv6_prefer variable in rc.conf(5) has been split into
	$ip6addrctl_policy and $ipv6_activate_all_interfaces.

	The $ip6addrctl_policy is a variable to choose a pre-defined
	address selection policy set by ip6addrctl(8).  A value
	"ipv4_prefer", "ipv6_prefer" or "AUTO" can be specified.  The
	default is "AUTO".

	The $ipv6_activate_all_interfaces specifies whether IFDISABLED
	flag (see an entry of 20090926) is set on an interface with no
	corresponding $ifconfig_IF_ipv6 line.  The default is "NO" for
	security reason.  If you want IPv6 link-local address on all
	interfaces by default, set this to "YES".

	The old ipv6_prefer="YES" is equivalent to
	ipv6_activate_all_interfaces="YES" and
	ip6addrctl_policy="ipv6_prefer".

20100913:
	DTrace has grown support for userland tracing. Due to this, DTrace is
	now i386 and amd64 only.
	dtruss(1) is now installed by default on those systems and a new
	kernel module is needed for userland tracing: fasttrap.
	No changes to your kernel config file are necessary to enable
	userland tracing, but you might consider adding 'STRIP=' and
	'CFLAGS+=-fno-omit-frame-pointer' to your make.conf if you want
	to have informative userland stack traces in DTrace (ustack).

20100725:
	The acpi_aiboost(4) driver has been removed in favor of the new
	aibs(4) driver. You should update your kernel configuration file.

20100722:
	BSD grep has been imported to the base system and it is built by
	default.  It is completely BSD licensed, highly GNU-compatible, uses
	less memory than its GNU counterpart and has a small codebase.
	However, it is slower than its GNU counterpart, which is mostly
	noticeable for larger searches, for smaller ones it is measurable
	but not significant.  The reason is complex, the most important factor
	is that we lack a modern and efficient regex library and GNU
	overcomes this by optimizing the searches internally.  Future work
	on improving the regex performance is planned, for the meantime,
	users that need better performance, can build GNU grep instead by
	setting the WITH_GNU_GREP knob.

20100713:
	Due to the import of powerpc64 support, all existing powerpc kernel
	configuration files must be updated with a machine directive like this:
	    machine powerpc powerpc

	In addition, an updated config(8) is required to build powerpc kernels
	after this change.

20100713:
	A new version of ZFS (version 15) has been merged to -HEAD.
	This version uses a python library for the following subcommands:
	zfs allow, zfs unallow, zfs groupspace, zfs userspace.
	For full functionality of these commands the following port must
	be installed: sysutils/py-zfs

20100429:
	'vm_page's are now hashed by physical address to an array of mutexes.
	Currently this is only used to serialize access to hold_count. Over 
	time the page queue mutex will be peeled away. This changes the size
	of pmap on every architecture. And requires all callers of vm_page_hold
	and vm_page_unhold to be updated. 
 
20100402:
	WITH_CTF can now be specified in src.conf (not recommended, there
	are some problems with static executables), make.conf (would also
	affect ports which do not use GNU make and do not override the
	compile targets) or in the kernel config (via "makeoptions
	WITH_CTF=yes").
	When WITH_CTF was specified there before this was silently ignored,
	so make sure that WITH_CTF is not used in places which could lead
	to unwanted behavior.

20100311:
	The kernel option COMPAT_IA32 has been replaced with COMPAT_FREEBSD32
	to allow 32-bit compatibility on non-x86 platforms. All kernel
	configurations on amd64 and ia64 platforms using these options must
	be modified accordingly.

20100113:
	The utmp user accounting database has been replaced with utmpx,
	the user accounting interface standardized by POSIX.
	Unfortunately the semantics of utmp and utmpx don't match,
	making it practically impossible to support both interfaces.
	The user accounting database is used by tools like finger(1),
	last(1), talk(1), w(1) and ac(8).

	All applications in the base system use utmpx.  This means only
	local binaries (e.g. from the ports tree) may still use these
	utmp database files.  These applications must be rebuilt to make
	use of utmpx.

	After the system has been upgraded, it is safe to remove the old
	log files (/var/run/utmp, /var/log/lastlog and /var/log/wtmp*),
	assuming their contents is of no importance anymore.  Old wtmp
	databases can only be used by last(1) and ac(8) after they have
	been converted to the new format using wtmpcvt(1).

20100108:
	Introduce the kernel thread "deadlock resolver" (which can be enabled
	via the DEADLKRES option, see NOTES for more details) and the
	sleepq_type() function for sleepqueues.

20091202:
	The rc.firewall and rc.firewall6 were unified, and
	rc.firewall6 and rc.d/ip6fw were removed.
	According to the removal of rc.d/ip6fw, ipv6_firewall_* rc
	variables are obsoleted.  Instead, the following new rc
	variables are added to rc.d/ipfw:

		firewall_client_net_ipv6, firewall_simple_iif_ipv6,
		firewall_simple_inet_ipv6, firewall_simple_oif_ipv6,
		firewall_simple_onet_ipv6, firewall_trusted_ipv6

	The meanings correspond to the relevant IPv4 variables.

20091125:
	8.0-RELEASE.

20091113:
	The default terminal emulation for syscons(4) has been changed
	from cons25 to xterm on all platforms except pc98.  This means
	that the /etc/ttys file needs to be updated to ensure correct
	operation of applications on the console.

	The terminal emulation style can be toggled per window by using
	vidcontrol(1)'s -T flag.  The TEKEN_CONS25 kernel configuration
	options can be used to change the compile-time default back to
	cons25.

	To prevent graphical artifacts, make sure the TERM environment
	variable is set to match the terminal emulation that is being
	performed by syscons(4).

20091109:
	The layout of the structure ieee80211req_scan_result has changed.
	Applications that require wireless scan results (e.g. ifconfig(8))
	from net80211 need to be recompiled.

	Applications such as wpa_supplicant(8) may require a full world
	build without using NO_CLEAN in order to get synchronized with the
	new structure.

20091025:
	The iwn(4) driver has been updated to support the 5000 and 5150 series.
	There's one kernel module for each firmware. Adding "device iwnfw"
	to the kernel configuration file means including all three firmware
	images inside the kernel. If you want to include just the one for
	your wireless card, use the devices iwn4965fw, iwn5000fw or
	iwn5150fw.

20090926:
	The rc.d/network_ipv6, IPv6 configuration script has been integrated
	into rc.d/netif.  The changes are the following:

	1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF
	   for IPv4.  For aliases, $ifconfig_IF_aliasN should be used.
	   Note that both variables need the "inet6" keyword at the head.

	   Do not set $ipv6_network_interfaces manually if you do not
	   understand what you are doing.  It is not needed in most cases. 

	   $ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but
	   they are obsolete.

	2. $ipv6_enable is obsolete.  Use $ipv6_prefer and
	   "inet6 accept_rtadv" keyword in ifconfig(8) instead.

	   If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and
	   all configured interfaces have "inet6 accept_rtadv" in the
	   $ifconfig_IF_ipv6.  These are for backward compatibility.

	3. A new variable $ipv6_prefer has been added.  If NO, IPv6
	   functionality of interfaces with no corresponding
	   $ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag,
	   and the default address selection policy of ip6addrctl(8) 
	   is the IPv4-preferred one (see rc.d/ip6addrctl for more details).
	   Note that if you want to configure IPv6 functionality on the
	   disabled interfaces after boot, first you need to clear the flag by
	   using ifconfig(8) like:

		ifconfig em0 inet6 -ifdisabled

	   If YES, the default address selection policy is set as
	   IPv6-preferred.

	   The default value of $ipv6_prefer is NO.

	4. If your system need to receive Router Advertisement messages,
	   define "inet6 accept_rtadv" in $ifconfig_IF_ipv6.  The rc(8)
	   scripts automatically invoke rtsol(8) when the interface becomes
	   UP.  The Router Advertisement messages are used for SLAAC
	   (State-Less Address AutoConfiguration).

20090922:
	802.11s D3.03 support was committed. This is incompatible with the
	previous code, which was based on D3.0.

20090912:
	A sysctl variable net.inet6.ip6.accept_rtadv now sets the default value
	of a per-interface flag ND6_IFF_ACCEPT_RTADV, not a global knob to
	control whether accepting Router Advertisement messages or not.
	Also, a per-interface flag ND6_IFF_AUTO_LINKLOCAL has been added and
	a sysctl variable net.inet6.ip6.auto_linklocal is its default value.
	The ifconfig(8) utility now supports these flags.

20090910:
	ZFS snapshots are now mounted with MNT_IGNORE flag. Use -v option for
	mount(8) and -a option for df(1) to see them.

20090825:
	The old tunable hw.bus.devctl_disable has been superseded by
	hw.bus.devctl_queue.  hw.bus.devctl_disable=1 in loader.conf should be
	replaced by hw.bus.devctl_queue=0.  The default for this new tunable
	is 1000.

20090813:
	Remove the option STOP_NMI.  The default action is now to use NMI only
	for KDB via the newly introduced function stop_cpus_hard() and
	maintain stop_cpus() to just use a normal IPI_STOP on ia32 and amd64.

20090803:
	The stable/8 branch created in subversion.  This corresponds to the
	RELENG_8 branch in CVS.

20090719:
	Bump the shared library version numbers for all libraries that do not
	use symbol versioning as part of the 8.0-RELEASE cycle.  Bump
	__FreeBSD_version to 800105.

20090714:
	Due to changes in the implementation of virtual network stack support,
	all network-related kernel modules must be recompiled.  As this change
	breaks the ABI, bump __FreeBSD_version to 800104.

20090713:
	The TOE interface to the TCP syncache has been modified to remove
	struct tcpopt (<netinet/tcp_var.h>) from the ABI of the network stack.
	The cxgb driver is the only TOE consumer affected by this change, and
	needs to be recompiled along with the kernel. As this change breaks
	the ABI, bump __FreeBSD_version to 800103.

20090712: 
	Padding has been added to struct tcpcb, sackhint and tcpstat in
	<netinet/tcp_var.h> to facilitate future MFCs and bug fixes whilst
	maintaining the ABI. However, this change breaks the ABI, so bump
	__FreeBSD_version to 800102. User space tools that rely on the size of
	any of these structs (e.g. sockstat) need to be recompiled.

20090630:
	The NFS_LEGACYRPC option has been removed along with the old kernel
	RPC implementation that this option selected. Kernel configurations
	may need to be adjusted.

20090629:
	The network interface device nodes at /dev/net/<interface> have been
	removed.  All ioctl operations can be performed the normal way using
	routing sockets.  The kqueue functionality can generally be replaced
	with routing sockets.

20090628:
	The documentation from the FreeBSD Documentation Project (Handbook,
	FAQ, etc.) is now installed via packages by sysinstall(8) and under
	the /usr/local/share/doc/freebsd directory instead of /usr/share/doc.

20090624:
	The ABI of various structures related to the SYSV IPC API have been
	changed.  As a result, the COMPAT_FREEBSD[456] and COMPAT_43 kernel
	options now all require COMPAT_FREEBSD7.  Bump __FreeBSD_version to
	800100.

20090622:
	Layout of struct vnet has changed as routing related variables were
	moved to their own Vimage module. Modules need to be recompiled.  Bump
	__FreeBSD_version to 800099.

20090619:
	NGROUPS_MAX and NGROUPS have been increased from 16 to 1023 and 1024
	respectively.  As long as no more than 16 groups per process are used,
	no changes should be visible.  When more than 16 groups are used, old
	binaries may fail if they call getgroups() or getgrouplist() with
	statically sized storage.  Recompiling will work around this, but
	applications should be modified to use dynamically allocated storage
	for group arrays as POSIX.1-2008 does not cap an implementation's
	number of supported groups at NGROUPS_MAX+1 as previous versions did.

	NFS and portalfs mounts may also be affected as the list of groups is
	truncated to 16.  Users of NFS who use more than 16 groups, should
	take care that negative group permissions are not used on the exported
	file systems as they will not be reliable unless a GSSAPI based
	authentication method is used.

20090616: 
	The compiling option ADAPTIVE_LOCKMGRS has been introduced.  This
	option compiles in the support for adaptive spinning for lockmgrs
	which want to enable it.  The lockinit() function now accepts the flag
	LK_ADAPTIVE in order to make the lock object subject to adaptive
	spinning when both held in write and read mode.

20090613:
	The layout of the structure returned by IEEE80211_IOC_STA_INFO has
	changed.  User applications that use this ioctl need to be rebuilt.

20090611:
	The layout of struct thread has changed.  Kernel and modules need to
	be rebuilt.

20090608:
	The layout of structs ifnet, domain, protosw and vnet_net has changed.
	Kernel modules need to be rebuilt.  Bump __FreeBSD_version to 800097.

20090602:
	window(1) has been removed from the base system. It can now be
	installed from ports. The port is called misc/window.

20090601:
	The way we are storing and accessing `routing table' entries has
	changed. Programs reading the FIB, like netstat, need to be
	re-compiled.

20090601:
	A new netisr implementation has been added for FreeBSD 8.  Network
	file system modules, such as igmp, ipdivert, and others, should be
	rebuilt.
	Bump __FreeBSD_version to 800096.

20090530:
	Remove the tunable/sysctl debug.mpsafevfs as its initial purpose is no
	more valid.

20090530:
	Add VOP_ACCESSX(9).  File system modules need to be rebuilt.
	Bump __FreeBSD_version to 800094.

20090529:
	Add mnt_xflag field to 'struct mount'.  File system modules need to be
	rebuilt.
	Bump __FreeBSD_version to 800093.

20090528:
	The compiling option ADAPTIVE_SX has been retired while it has been
	introduced the option NO_ADAPTIVE_SX which handles the reversed logic.
	The KPI for sx_init_flags() changes as accepting flags:
	SX_ADAPTIVESPIN flag has been retired while the SX_NOADAPTIVE flag has
	been introduced in order to handle the reversed logic.
	Bump __FreeBSD_version to 800092.

20090527:
	Add support for hierarchical jails.  Remove global securelevel.
	Bump __FreeBSD_version to 800091.

20090523:
	The layout of struct vnet_net has changed, therefore modules
	need to be rebuilt.
	Bump __FreeBSD_version to 800090.

20090523:
	The newly imported zic(8) produces a new format in the output. Please
	run tzsetup(8) to install the newly created data to /etc/localtime.

20090520:
	The sysctl tree for the usb stack has renamed from hw.usb2.* to
	hw.usb.* and is now consistent again with previous releases.

20090520:
	802.11 monitor mode support was revised and driver api's were changed.
	Drivers dependent on net80211 now support DLT_IEEE802_11_RADIO instead
	of DLT_IEEE802_11.  No user-visible data structures were changed but
	applications that use DLT_IEEE802_11 may require changes.
	Bump __FreeBSD_version to 800088.

20090430:
	The layout of the following structs has changed: sysctl_oid,
	socket, ifnet, inpcbinfo, tcpcb, syncache_head, vnet_inet,
	vnet_inet6 and vnet_ipfw.  Most modules need to be rebuild or
	panics may be experienced.  World rebuild is required for
	correctly checking networking state from userland.
	Bump __FreeBSD_version to 800085.

20090429:
	MLDv2 and Source-Specific Multicast (SSM) have been merged
	to the IPv6 stack. VIMAGE hooks are in but not yet used.
	The implementation of SSM within FreeBSD's IPv6 stack closely
	follows the IPv4 implementation.

	For kernel developers:

	* The most important changes are that the ip6_output() and
	  ip6_input() paths no longer take the IN6_MULTI_LOCK,
	  and this lock has been downgraded to a non-recursive mutex.

	* As with the changes to the IPv4 stack to support SSM, filtering
	  of inbound multicast traffic must now be performed by transport
	  protocols within the IPv6 stack. This does not apply to TCP and
	  SCTP, however, it does apply to UDP in IPv6 and raw IPv6.

	* The KPIs used by IPv6 multicast are similar to those used by
	  the IPv4 stack, with the following differences:
	   * im6o_mc_filter() is analogous to imo_multicast_filter().
	   * The legacy KAME entry points in6_joingroup and in6_leavegroup()
	     are shimmed to in6_mc_join() and in6_mc_leave() respectively.
	   * IN6_LOOKUP_MULTI() has been deprecated and removed.
	   * IPv6 relies on MLD for the DAD mechanism. KAME's internal KPIs
	     for MLDv1 have an additional 'timer' argument which is used to
	     jitter the initial membership report for the solicited-node
	     multicast membership on-link.
	   * This is not strictly needed for MLDv2, which already jitters
	     its report transmissions.  However, the 'timer' argument is
	     preserved in case MLDv1 is active on the interface.

	* The KAME linked-list based IPv6 membership implementation has
	  been refactored to use a vector similar to that used by the IPv4
	  stack.
	  Code which maintains a list of its own multicast memberships
	  internally, e.g. carp, has been updated to reflect the new
	  semantics.

	* There is a known Lock Order Reversal (LOR) due to in6_setscope()
	  acquiring the IF_AFDATA_LOCK and being called within ip6_output().
	  Whilst MLDv2 tries to avoid this otherwise benign LOR, it is an
	  implementation constraint which needs to be addressed in HEAD.

	For application developers:

	* The changes are broadly similar to those made for the IPv4
	  stack.

	* The use of IPv4 and IPv6 multicast socket options on the same
	  socket, using mapped addresses, HAS NOT been tested or supported.

	* There are a number of issues with the implementation of various
	  IPv6 multicast APIs which need to be resolved in the API surface
	  before the implementation is fully compatible with KAME userland
	  use, and these are mostly to do with interface index treatment.

	* The literature available discusses the use of either the delta / ASM
	  API with setsockopt(2)/getsockopt(2), or the full-state / ASM API
	  using setsourcefilter(3)/getsourcefilter(3). For more information
	  please refer to RFC 3768, 'Socket Interface Extensions for
	  Multicast Source Filters'.

	* Applications which use the published RFC 3678 APIs should be fine.

	For systems administrators:

	* The mtest(8) utility has been refactored to support IPv6, in
	  addition to IPv4. Interface addresses are no longer accepted
	  as arguments, their names must be used instead. The utility
	  will map the interface name to its first IPv4 address as
	  returned by getifaddrs(3).

	* The ifmcstat(8) utility has also been updated to print the MLDv2
	  endpoint state and source filter lists via sysctl(3).

	* The net.inet6.ip6.mcast.loop sysctl may be tuned to 0 to disable
	  loopback of IPv6 multicast datagrams by default; it defaults to 1
	  to preserve the existing behaviour. Disabling multicast loopback is
	  recommended for optimal system performance.

	* The IPv6 MROUTING code has been changed to examine this sysctl
	  instead of attempting to perform a group lookup before looping
	  back forwarded datagrams.

	Bump __FreeBSD_version to 800084.

20090422:
	Implement low-level Bluetooth HCI API.
	Bump __FreeBSD_version to 800083.

20090419:
	The layout of struct malloc_type, used by modules to register new
	memory allocation types, has changed.  Most modules will need to
	be rebuilt or panics may be experienced.
	Bump __FreeBSD_version to 800081.

20090415:
	Anticipate overflowing inp_flags - add inp_flags2.
	This changes most offsets in inpcb, so checking v4 connection
	state will require a world rebuild.
	Bump __FreeBSD_version to 800080.

20090415:
	Add an llentry to struct route and struct route_in6. Modules
	embedding a struct route will need to be recompiled.
	Bump __FreeBSD_version to 800079.

20090414:
	The size of rt_metrics_lite and by extension rtentry has changed.
	Networking administration apps will need to be recompiled.
	The route command now supports show as an alias for get, weighting
	of routes, sticky and nostick flags to alter the behavior of stateful
	load balancing.
	Bump __FreeBSD_version to 800078.

20090408:
	Do not use Giant for kbdmux(4) locking. This is wrong and
	apparently causing more problems than it solves. This will
	re-open the issue where interrupt handlers may race with
	kbdmux(4) in polling mode. Typical symptoms include (but
	not limited to) duplicated and/or missing characters when
	low level console functions (such as gets) are used while
	interrupts are enabled (for example geli password prompt,
	mountroot prompt etc.). Disabling kbdmux(4) may help.

20090407:
	The size of structs vnet_net, vnet_inet and vnet_ipfw has changed;
	kernel modules referencing any of the above need to be recompiled.
	Bump __FreeBSD_version to 800075.

20090320:
	GEOM_PART has become the default partition slicer for storage devices,
	replacing GEOM_MBR, GEOM_BSD, GEOM_PC98 and GEOM_GPT slicers. It
	introduces some changes:

	MSDOS/EBR: the devices created from MSDOS extended partition entries
	(EBR) can be named differently than with GEOM_MBR and are now symlinks
	to devices with offset-based names. fstabs may need to be modified.

	BSD: the "geometry does not match label" warning is harmless in most
	cases but it points to problems in file system misalignment with
	disk geometry. The "c" partition is now implicit, covers the whole
	top-level drive and cannot be (mis)used by users.

	General: Kernel dumps are now not allowed to be written to devices
	whose partition types indicate they are meant to be used for file
	systems (or, in case of MSDOS partitions, as something else than
	the "386BSD" type).

	Most of these changes date approximately from 200812.

20090319:
	The uscanner(4) driver has been removed from the kernel. This follows
	Linux removing theirs in 2.6 and making libusb the default interface
	(supported by sane).

20090319:
	The multicast forwarding code has been cleaned up. netstat(1)
	only relies on KVM now for printing bandwidth upcall meters.
	The IPv4 and IPv6 modules are split into ip_mroute_mod and
	ip6_mroute_mod respectively. The config(5) options for statically
	compiling this code remain the same, i.e. 'options MROUTING'.

20090315:
	Support for the IFF_NEEDSGIANT network interface flag has been
	removed, which means that non-MPSAFE network device drivers are no
	longer supported.  In particular, if_ar, if_sr, and network device
	drivers from the old (legacy) USB stack can no longer be built or
	used.

20090313:
	POSIX.1 Native Language Support (NLS) has been enabled in libc and
	a bunch of new language catalog files have also been added.
	This means that some common libc messages are now localized and
	they depend on the LC_MESSAGES environmental variable.

20090313:
	The k8temp(4) driver has been renamed to amdtemp(4) since
	support for Family 10 and Family 11 CPU families was added.

20090309:
	IGMPv3 and Source-Specific Multicast (SSM) have been merged
	to the IPv4 stack. VIMAGE hooks are in but not yet used.

	For kernel developers, the most important changes are that the
	ip_output() and ip_input() paths no longer take the IN_MULTI_LOCK(),
	and this lock has been downgraded to a non-recursive mutex.

	Transport protocols (UDP, Raw IP) are now responsible for filtering
	inbound multicast traffic according to group membership and source
	filters. The imo_multicast_filter() KPI exists for this purpose.
	Transports which do not use multicast (SCTP, TCP) already reject
	multicast by default. Forwarding and receive performance may improve
	as a mutex acquisition is no longer needed in the ip_input()
	low-level input path.  in_addmulti() and in_delmulti() are shimmed
	to new KPIs which exist to support SSM in-kernel.

	For application developers, it is recommended that loopback of
	multicast datagrams be disabled for best performance, as this
	will still cause the lock to be taken for each looped-back
	datagram transmission. The net.inet.ip.mcast.loop sysctl may
	be tuned to 0 to disable loopback by default; it defaults to 1
	to preserve the existing behaviour.

	For systems administrators, to obtain best performance with
	multicast reception and multiple groups, it is always recommended
	that a card with a suitably precise hash filter is used. Hash
	collisions will still result in the lock being taken within the
	transport protocol input path to check group membership.

	If deploying FreeBSD in an environment with IGMP snooping switches,
	it is recommended that the net.inet.igmp.sendlocal sysctl remain
	enabled; this forces 224.0.0.0/24 group membership to be announced
	via IGMP.

	The size of 'struct igmpstat' has changed; netstat needs to be
	recompiled to reflect this.
	Bump __FreeBSD_version to 800070.

20090309:
	libusb20.so.1 is now installed as libusb.so.1 and the ports system
	updated to use it. This requires a buildworld/installworld in order to
	update the library and dependencies (usbconfig, etc). Its advisable to
	rebuild all ports which uses libusb. More specific directions are given
	in the ports collection UPDATING file. Any /etc/libmap.conf entries for
	libusb are no longer required and can be removed.

20090302:
	A workaround is committed to allow the creation of System V shared
	memory segment of size > 2 GB on the 64-bit architectures.
	Due to a limitation of the existing ABI, the shm_segsz member
	of the struct shmid_ds, returned by shmctl(IPC_STAT) call is
	wrong for large segments. Note that limits must be explicitly
	raised to allow such segments to be created.

20090301:
	The layout of struct ifnet has changed, requiring a rebuild of all
	network device driver modules.

20090227:
	The /dev handling for the new USB stack has changed, a
	buildworld/installworld is required for libusb20.

20090223:
	The new USB2 stack has now been permanently moved in and all kernel and
	module names reverted to their previous values (eg, usb, ehci, ohci,
	ums, ...).  The old usb stack can be compiled in by prefixing the name
	with the letter 'o', the old usb modules have been removed.
	Updating entry 20090216 for xorg and 20090215 for libmap may still
	apply.

20090217:
	The rc.conf(5) option if_up_delay has been renamed to
	defaultroute_delay to better reflect its purpose. If you have
	customized this setting in /etc/rc.conf you need to update it to
	use the new name.

20090216:
	xorg 7.4 wants to configure its input devices via hald which does not
	yet work with USB2. If the keyboard/mouse does not work in xorg then
	add
		Option "AllowEmptyInput" "off"
	to your ServerLayout section.  This will cause X to use the configured
	kbd and mouse sections from your xorg.conf.

20090215:
	The GENERIC kernels for all architectures now default to the new USB2
	stack. No kernel config options or code have been removed so if a
	problem arises please report it and optionally revert to the old USB
	stack. If you are loading USB kernel modules or have a custom kernel
	that includes GENERIC then ensure that usb names are also changed over,
	eg uftdi -> usb2_serial_ftdi.

	Older programs linked against the ports libusb 0.1 need to be
	redirected to the new stack's libusb20.  /etc/libmap.conf can
	be used for this:
		# Map old usb library to new one for usb2 stack
		libusb-0.1.so.8	libusb20.so.1

20090209:
	All USB ethernet devices now attach as interfaces under the name ueN
	(eg. ue0). This is to provide a predictable name as vendors often
	change usb chipsets in a product without notice.

20090203:
	The ichsmb(4) driver has been changed to require SMBus slave
	addresses be left-justified (xxxxxxx0b) rather than right-justified.
	All of the other SMBus controller drivers require left-justified
	slave addresses, so this change makes all the drivers provide the
	same interface.

20090201:
	INET6 statistics (struct ip6stat) was updated.
	netstat(1) needs to be recompiled.

20090119:
	NTFS has been removed from GENERIC kernel on amd64 to match
	GENERIC on i386. Should not cause any issues since mount_ntfs(8)
	will load ntfs.ko module automatically when NTFS support is
	actually needed, unless ntfs.ko is not installed or security
	level prohibits loading kernel modules. If either is the case,
	"options NTFS" has to be added into kernel config.

20090115:
	TCP Appropriate Byte Counting (RFC 3465) support added to kernel.
	New field in struct tcpcb breaks ABI, so bump __FreeBSD_version to
	800061. User space tools that rely on the size of struct tcpcb in
	tcp_var.h (e.g. sockstat) need to be recompiled.

20081225:
	ng_tty(4) module updated to match the new TTY subsystem.
	Due to API change, user-level applications must be updated.
	New API support added to mpd5 CVS and expected to be present
	in next mpd5.3 release.

20081219:
	With __FreeBSD_version 800060 the makefs tool is part of
	the base system (it was a port).

20081216:
	The afdata and ifnet locks have been changed from mutexes to
	rwlocks, network modules will need to be re-compiled.

20081214:
	__FreeBSD_version 800059 incorporates the new arp-v2 rewrite.
	RTF_CLONING, RTF_LLINFO and RTF_WASCLONED flags are eliminated.
	The new code reduced struct rtentry{} by 16 bytes on 32-bit
	architecture and 40 bytes on 64-bit architecture. The userland
	applications "arp" and "ndp" have been updated accordingly.
	The output from "netstat -r" shows only routing entries and
	none of the L2 information.

20081130:
	__FreeBSD_version 800057 marks the switchover from the
	binary ath hal to source code. Users must add the line:

	options	AH_SUPPORT_AR5416

	to their kernel config files when specifying:

	device	ath_hal

	The ath_hal module no longer exists; the code is now compiled
	together with the driver in the ath module.  It is now
	possible to tailor chip support (i.e. reduce the set of chips
	and thereby the code size); consult ath_hal(4) for details.

20081121:
	__FreeBSD_version 800054 adds memory barriers to
	<machine/atomic.h>, new interfaces to ifnet to facilitate
	multiple hardware transmit queues for cards that support
	them, and a lock-less ring-buffer implementation to
	enable drivers to more efficiently manage queueing of
	packets.

20081117:
	A new version of ZFS (version 13) has been merged to -HEAD.
	This version has zpool attribute "listsnapshots" off by
	default, which means "zfs list" does not show snapshots,
	and is the same as Solaris behavior.

20081028:
	dummynet(4) ABI has changed. ipfw(8) needs to be recompiled.

20081009:
	The uhci, ohci, ehci and slhci USB Host controller drivers have
	been put into separate modules. If you load the usb module
	separately through loader.conf you will need to load the
	appropriate *hci module as well. E.g. for a UHCI-based USB 2.0
	controller add the following to loader.conf:

		uhci_load="YES"
		ehci_load="YES"

20081009:
	The ABI used by the PMC toolset has changed.  Please keep
	userland (libpmc(3)) and the kernel module (hwpmc(4)) in
	sync.

20081009:
	atapci kernel module now includes only generic PCI ATA
	driver. AHCI driver moved to ataahci kernel module.
	All vendor-specific code moved into separate kernel modules:
	ataacard, ataacerlabs, ataadaptec, ataamd, ataati, atacenatek,
	atacypress, atacyrix, atahighpoint, ataintel, ataite, atajmicron,
	atamarvell, atamicron, atanational, atanetcell, atanvidia,
	atapromise, ataserverworks, atasiliconimage, atasis, atavia

20080820:
	The TTY subsystem of the kernel has been replaced by a new
	implementation, which provides better scalability and an
	improved driver model. Most common drivers have been migrated to
	the new TTY subsystem, while others have not. The following
	drivers have not yet been ported to the new TTY layer:

	PCI/ISA:
		cy, digi, rc, rp, sio

	USB:
		ubser, ucycom

	Line disciplines:
		ng_h4, ng_tty, ppp, sl, snp

	Adding these drivers to your kernel configuration file shall
	cause compilation to fail.

20080818:
	ntpd has been upgraded to 4.2.4p5.

20080801:
	OpenSSH has been upgraded to 5.1p1.

	For many years, FreeBSD's version of OpenSSH preferred DSA
	over RSA for host and user authentication keys.  With this
	upgrade, we've switched to the vendor's default of RSA over
	DSA.  This may cause upgraded clients to warn about unknown
	host keys even for previously known hosts.  Users should
	follow the usual procedure for verifying host keys before
	accepting the RSA key.

	This can be circumvented by setting the "HostKeyAlgorithms"
	option to "ssh-dss,ssh-rsa" in ~/.ssh/config or on the ssh
	command line.

	Please note that the sequence of keys offered for
	authentication has been changed as well.  You may want to
	specify IdentityFile in a different order to revert this
	behavior.

20080713:
	The sio(4) driver has been removed from the i386 and amd64
	kernel configuration files. This means uart(4) is now the
	default serial port driver on those platforms as well.

	To prevent collisions with the sio(4) driver, the uart(4) driver
	uses different names for its device nodes. This means the
	onboard serial port will now most likely be called "ttyu0"
	instead of "ttyd0". You may need to reconfigure applications to
	use the new device names.

	When using the serial port as a boot console, be sure to update
	/boot/device.hints and /etc/ttys before booting the new kernel.
	If you forget to do so, you can still manually specify the hints
	at the loader prompt:

		set hint.uart.0.at="isa"
		set hint.uart.0.port="0x3F8"
		set hint.uart.0.flags="0x10"
		set hint.uart.0.irq="4"
		boot -s

20080609:
	The gpt(8) utility has been removed. Use gpart(8) to partition
	disks instead.

20080603:
	The version that Linuxulator emulates was changed from 2.4.2
	to 2.6.16. If you experience any problems with Linux binaries
	please try to set sysctl compat.linux.osrelease to 2.4.2 and
	if it fixes the problem contact emulation mailing list.

20080525:
	ISDN4BSD (I4B) was removed from the src tree. You may need to
	update a your kernel configuration and remove relevant entries.

20080509:
	I have checked in code to support multiple routing tables.
	See the man pages setfib(1) and setfib(2).
	This is a hopefully backwards compatible version,
	but to make use of it you need to compile your kernel
	with options ROUTETABLES=2 (or more up to 16).

20080420:
	The 802.11 wireless support was redone to enable multi-bss
	operation on devices that are capable.  The underlying device
	is no longer used directly but instead wlanX devices are
	cloned with ifconfig.  This requires changes to rc.conf files.
	For example, change:
		ifconfig_ath0="WPA DHCP"
	to
		wlans_ath0=wlan0
		ifconfig_wlan0="WPA DHCP"
	see rc.conf(5) for more details.  In addition, mergemaster of
	/etc/rc.d is highly recommended.  Simultaneous update of userland
	and kernel wouldn't hurt either.

	As part of the multi-bss changes the wlan_scan_ap and wlan_scan_sta
	modules were merged into the base wlan module.  All references
	to these modules (e.g. in kernel config files) must be removed.

20080408:
	psm(4) has gained write(2) support in native operation level.
	Arbitrary commands can be written to /dev/psm%d and status can
	be read back from it.  Therefore, an application is responsible
	for status validation and error recovery.  It is a no-op in
	other operation levels.

20080312:
	Support for KSE threading has been removed from the kernel.  To
	run legacy applications linked against KSE libmap.conf may
	be used.  The following libmap.conf may be used to ensure
	compatibility with any prior release:

	libpthread.so.1 libthr.so.1
	libpthread.so.2 libthr.so.2
	libkse.so.3 libthr.so.3

20080301:
	The layout of struct vmspace has changed. This affects libkvm
	and any executables that link against libkvm and use the
	kvm_getprocs() function. In particular, but not exclusively,
	it affects ps(1), fstat(1), pkill(1), systat(1), top(1) and w(1).
	The effects are minimal, but it's advisable to upgrade world
	nonetheless.

20080229:
	The latest em driver no longer has support in it for the
	82575 adapter, this is now moved to the igb driver. The
	split was done to make new features that are incompatible
	with older hardware easier to do.

20080220:
	The new geom_lvm(4) geom class has been renamed to geom_linux_lvm(4),
	likewise the kernel option is now GEOM_LINUX_LVM.

20080211:
	The default NFS mount mode has changed from UDP to TCP for
	increased reliability.  If you rely on (insecurely) NFS
	mounting across a firewall you may need to update your
	firewall rules.

20080208:
	Belatedly note the addition of m_collapse for compacting
	mbuf chains.

20080126:
	The fts(3) structures have been changed to use adequate
	integer types for their members and so to be able to cope
	with huge file trees.  The old fts(3) ABI is preserved
	through symbol versioning in libc, so third-party binaries
	using fts(3) should still work, although they will not take
	advantage of the extended types.  At the same time, some
	third-party software might fail to build after this change
	due to unportable assumptions made in its source code about
	fts(3) structure members.  Such software should be fixed
	by its vendor or, in the worst case, in the ports tree.
	FreeBSD_version 800015 marks this change for the unlikely
	case that a portable fix is impossible.

20080123:
	To upgrade to -current after this date, you must be running
	FreeBSD not older than 6.0-RELEASE.  Upgrading to -current
	from 5.x now requires a stop over at RELENG_6 or RELENG_7 systems.

20071128:
	The ADAPTIVE_GIANT kernel option has been retired because its
	functionality is the default now.

20071118:
	The AT keyboard emulation of sunkbd(4) has been turned on
	by default. In order to make the special symbols of the Sun
	keyboards driven by sunkbd(4) work under X these now have
	to be configured the same way as Sun USB keyboards driven
	by ukbd(4) (which also does AT keyboard emulation), f.e.:

	Option	"XkbLayout" "us"
	Option	"XkbRules" "xorg"
	Option	"XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us"

20071024:
	It has been decided that it is desirable to provide ABI
	backwards compatibility to the FreeBSD 4/5/6 versions of the
	PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was
	broken with the introduction of PCI domain support (see the
	20070930 entry). Unfortunately, this required the ABI of
	PCIOCGETCONF to be broken again in order to be able to
	provide backwards compatibility to the old version of that
	IOCTL. Thus consumers of PCIOCGETCONF have to be recompiled
	again. As for prominent ports this affects neither pciutils
	nor xorg-server this time, the hal port needs to be rebuilt
	however.

20071020:
	The misnamed kthread_create() and friends have been renamed
	to kproc_create() etc. Many of the callers already
	used kproc_start()..
	I will return kthread_create() and friends in a while
	with implementations that actually create threads, not procs.
	Renaming corresponds with version 800002.

20071010:
	RELENG_7 branched.

COMMON ITEMS:

	General Notes
	-------------
	Avoid using make -j when upgrading.  While generally safe, there are
	sometimes problems using -j to upgrade.  If your upgrade fails with
	-j, please try again without -j.  From time to time in the past there
	have been problems using -j with buildworld and/or installworld.  This
	is especially true when upgrading between "distant" versions (eg one
	that cross a major release boundary or several minor releases, or when
	several months have passed on the -current branch).

	Sometimes, obscure build problems are the result of environment
	poisoning.  This can happen because the make utility reads its
	environment when searching for values for global variables.  To run
	your build attempts in an "environmental clean room", prefix all make
	commands with 'env -i '.  See the env(1) manual page for more details.

	When upgrading from one major version to another it is generally best
	to upgrade to the latest code in the currently installed branch first,
	then do an upgrade to the new branch. This is the best-tested upgrade
	path, and has the highest probability of being successful.  Please try
	this approach before reporting problems with a major version upgrade.

	When upgrading a live system, having a root shell around before
	installing anything can help undo problems. Not having a root shell
	around can lead to problems if pam has changed too much from your
	starting point to allow continued authentication after the upgrade.

	ZFS notes
	---------
	When upgrading the boot ZFS pool to a new version, always follow
	these two steps:

	1.) recompile and reinstall the ZFS boot loader and boot block
	(this is part of "make buildworld" and "make installworld")

	2.) update the ZFS boot block on your boot drive

	The following example updates the ZFS boot block on the first
	partition (freebsd-boot) of a GPT partitioned drive ad0:
	"gpart bootcode -p /boot/gptzfsboot -i 1 ad0"

	Non-boot pools do not need these updates.

	To build a kernel
	-----------------
	If you are updating from a prior version of FreeBSD (even one just
	a few days old), you should follow this procedure.  It is the most
	failsafe as it uses a /usr/obj tree with a fresh mini-buildworld,

	make kernel-toolchain
	make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE
	make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE

	To test a kernel once
	---------------------
	If you just want to boot a kernel once (because you are not sure
	if it works, or if you want to boot a known bad kernel to provide
	debugging information) run
	make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel
	nextboot -k testkernel

	To just build a kernel when you know that it won't mess you up
	--------------------------------------------------------------
	This assumes you are already running a CURRENT system.  Replace
	${arch} with the architecture of your machine (e.g. "i386",
	"arm", "amd64", "ia64", "pc98", "sparc64", "powerpc", "mips", etc).

	cd src/sys/${arch}/conf
	config KERNEL_NAME_HERE
	cd ../compile/KERNEL_NAME_HERE
	make depend
	make
	make install

	If this fails, go to the "To build a kernel" section.

	To rebuild everything and install it on the current system.
	-----------------------------------------------------------
	# Note: sometimes if you are running current you gotta do more than
	# is listed here if you are upgrading from a really old current.

	<make sure you have good level 0 dumps>
	make buildworld
	make kernel KERNCONF=YOUR_KERNEL_HERE
							[1]
	<reboot in single user>				[3]
	mergemaster -p					[5]
	make installworld
	mergemaster -i					[4]
	make delete-old					[6]
	<reboot>

	To cross-install current onto a separate partition
	--------------------------------------------------
	# In this approach we use a separate partition to hold
	# current's root, 'usr', and 'var' directories.   A partition
	# holding "/", "/usr" and "/var" should be about 2GB in
	# size.

	<make sure you have good level 0 dumps>
	<boot into -stable>
	make buildworld
	make buildkernel KERNCONF=YOUR_KERNEL_HERE
	<maybe newfs current's root partition>
	<mount current's root partition on directory ${CURRENT_ROOT}>
	make installworld DESTDIR=${CURRENT_ROOT}
	make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
	make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
	cp /etc/fstab ${CURRENT_ROOT}/etc/fstab 		   # if newfs'd
	<edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
	<reboot into current>
	<do a "native" rebuild/install as described in the previous section>
	<maybe install compatibility libraries from ports/misc/compat*>
	<reboot>


	To upgrade in-place from stable to current
	----------------------------------------------
	<make sure you have good level 0 dumps>
	make buildworld					[9]
	make kernel KERNCONF=YOUR_KERNEL_HERE		[8]
							[1]
	<reboot in single user>				[3]
	mergemaster -p					[5]
	make installworld
	mergemaster -i					[4]
	make delete-old					[6]
	<reboot>

	Make sure that you've read the UPDATING file to understand the
	tweaks to various things you need.  At this point in the life
	cycle of current, things change often and you are on your own
	to cope.  The defaults can also change, so please read ALL of
	the UPDATING entries.

	Also, if you are tracking -current, you must be subscribed to
	freebsd-current@@freebsd.org.  Make sure that before you update
	your sources that you have read and understood all the recent
	messages there.  If in doubt, please track -stable which has
	much fewer pitfalls.

	[1] If you have third party modules, such as vmware, you
	should disable them at this point so they don't crash your
	system on reboot.

	[3] From the bootblocks, boot -s, and then do
		fsck -p
		mount -u /
		mount -a
		cd src
		adjkerntz -i		# if CMOS is wall time
	Also, when doing a major release upgrade, it is required that
	you boot into single user mode to do the installworld.

	[4] Note: This step is non-optional.  Failure to do this step
	can result in a significant reduction in the functionality of the
	system.  Attempting to do it by hand is not recommended and those
	that pursue this avenue should read this file carefully, as well
	as the archives of freebsd-current and freebsd-hackers mailing lists
	for potential gotchas.  The -U option is also useful to consider.
	See mergemaster(8) for more information.

	[5] Usually this step is a noop.  However, from time to time
	you may need to do this if you get unknown user in the following
	step.  It never hurts to do it all the time.  You may need to
	install a new mergemaster (cd src/usr.sbin/mergemaster && make
	install) after the buildworld before this step if you last updated
	from current before 20130425 or from -stable before 20130430.

	[6] This only deletes old files and directories. Old libraries
	can be deleted by "make delete-old-libs", but you have to make
	sure that no program is using those libraries anymore.

	[8] In order to have a kernel that can run the 4.x binaries needed to
	do an installworld, you must include the COMPAT_FREEBSD4 option in
	your kernel.  Failure to do so may leave you with a system that is
	hard to boot to recover. A similar kernel option COMPAT_FREEBSD5 is
	required to run the 5.x binaries on more recent kernels.  And so on
	for COMPAT_FREEBSD6 and COMPAT_FREEBSD7.

	Make sure that you merge any new devices from GENERIC since the
	last time you updated your kernel config file.

	[9] When checking out sources, you must include the -P flag to have
	cvs prune empty directories.

	If CPUTYPE is defined in your /etc/make.conf, make sure to use the
	"?=" instead of the "=" assignment operator, so that buildworld can
	override the CPUTYPE if it needs to.

	MAKEOBJDIRPREFIX must be defined in an environment variable, and
	not on the command line, or in /etc/make.conf.  buildworld will
	warn if it is improperly defined.
FORMAT:

This file contains a list, in reverse chronological order, of major
breakages in tracking -current.  It is not guaranteed to be a complete
list of such breakages, and only contains entries since October 10, 2007.
If you need to see UPDATING entries from before that date, you will need
to fetch an UPDATING file from an older FreeBSD release.

Copyright information:

Copyright 1998-2009 M. Warner Losh.  All Rights Reserved.

Redistribution, publication, translation and use, with or without
modification, in full or in part, in any form or format of this
document are permitted without further permission from the author.

THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED.  IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

Contact Warner Losh if you have any questions about your use of
this document.

$FreeBSD: head/UPDATING 253396 2013-07-16 19:15:19Z andrew $
@


1.777
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/253342
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d34 10
d1915 1
a1915 1
$FreeBSD: head/UPDATING 253342 2013-07-14 20:22:16Z rpaulo $
@


1.776
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/253305
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d41 1
a41 1
	statistics, must be rebuilded (netstat(1), bsnmpd(1), etc.)
d1905 1
a1905 1
$FreeBSD: head/UPDATING 253305 2013-07-12 23:11:17Z bapt $
@


1.775
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/253089
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d35 4
d1905 1
a1905 1
$FreeBSD: head/UPDATING 253089 2013-07-09 10:20:27Z ae $
@


1.774
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/252419
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d34 5
d1901 1
a1901 1
$FreeBSD: head/UPDATING 252419 2013-06-30 15:00:07Z sjg $
@


1.773
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/251901
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d34 8
d1896 1
a1896 1
$FreeBSD: head/UPDATING 251901 2013-06-18 07:02:35Z des $
@


1.772
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/251794
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d34 6
d1888 1
a1888 1
$FreeBSD: head/UPDATING 251794 2013-06-15 20:29:07Z eadler $
@


1.771
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/251693
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d34 4
d1882 1
a1882 1
$FreeBSD: head/UPDATING 251693 2013-06-13 18:39:17Z sjg $
@


1.770
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250867
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d34 17
d1878 1
a1878 1
$FreeBSD: head/UPDATING 250867 2013-05-21 18:38:09Z sjg $
@


1.769
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250568
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d34 12
d1861 1
a1861 1
$FreeBSD: head/UPDATING 250568 2013-05-12 16:07:23Z eadler $
@


1.768
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250139
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d111 1
a111 1
	command line.  If you with to use the -C flag for all installs
d1849 1
a1849 1
$FreeBSD: head/UPDATING 250139 2013-05-01 07:13:36Z imp $
@


1.767
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250119
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d294 3
a296 1
	settings are unchanged.
d1849 1
a1849 1
$FreeBSD: head/UPDATING 250119 2013-04-30 20:53:28Z brooks $
@


1.766
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250104
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d107 8
d1847 1
a1847 1
$FreeBSD: head/UPDATING 250104 2013-04-30 15:38:31Z des $
@


1.765
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249960
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d34 3
d1839 1
a1839 1
$FreeBSD: head/UPDATING 249960 2013-04-27 00:03:07Z eadler $
@


1.764
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249921
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d35 4
d1836 1
a1836 1
$FreeBSD: head/UPDATING 249921 2013-04-26 11:24:20Z smh $
@


1.763
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249906
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d34 5
d1832 1
a1832 1
$FreeBSD: head/UPDATING 249906 2013-04-25 21:19:50Z brooks $
@


1.762
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249735
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d34 10
d1770 1
a1770 1
	from current before 20020224 or from -stable before 20020408.
d1827 1
a1827 1
$FreeBSD: head/UPDATING 249735 2013-04-21 17:23:27Z imp $
@


1.761
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249714
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d15 1
a15 1
from older versions of FreeBSD, try WITHOUT_CLANG to bootstrap to tip of
d1615 1
a1615 1
	When upgrading a life system, having a root shell around before
d1817 1
a1817 1
$FreeBSD: head/UPDATING 249714 2013-04-20 23:33:51Z imp $
@


1.760
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249665
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d15 3
a17 3
from older versions of FreeBSD, try WITHOUT_CLANG and WITHOUT_CLANG_IS_CC to
bootstrap to tip of head, and then rebuild without those options. The bootstrap
process from older version of current is a bit fragile.
d130 4
a133 1
	with gcc, compile with WITHOUT_CLANG_IS_CC.
d1615 5
a1684 1

d1817 1
a1817 1
$FreeBSD: head/UPDATING 249665 2013-04-20 01:12:23Z imp $
@


1.759
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249219
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d14 5
d1810 1
a1810 1
$FreeBSD: head/UPDATING 249219 2013-04-06 22:28:19Z jilles $
@


1.758
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249201
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d36 6
d1805 1
a1805 1
$FreeBSD: head/UPDATING 249201 2013-04-06 13:47:44Z mav $
@


1.757
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/248055
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d29 7
d1799 1
a1799 1
$FreeBSD: head/UPDATING 248055 2013-03-08 13:11:45Z marius $
@


1.757.2.1
log
@file UPDATING was added on branch RELENG_8_4 on 2013-03-28 13:00:03 +0000
@
text
@d1 1792
@


1.757.2.2
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/248810
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a0 1858
Updating Information for FreeBSD current users

This file is maintained and copyrighted by M. Warner Losh
<imp@@village.org>.  See end of file for further details.  For commonly
done items, please see the COMMON ITEMS: section later in the file.

Items affecting the ports and packages system can be found in
/usr/ports/UPDATING.  Please read that file before running
portupgrade.

NOTE TO PEOPLE WHO THINK THAT FreeBSD 8.x IS SLOW ON IA64 OR SUN4V:
	For ia64 the INVARIANTS and INVARIANT_SUPPORT kernel options
	were left in the GENERIC kernel because the kernel does not
	work properly without them.  For sun4v all of the normal kernel
	debugging tools present in HEAD were left in place because
	sun4v support still needs work to become production ready.

20130225:
	A new compression method (lz4) has been merged.  Please refer to
	zpool-features(7) for more information.

	Please refer to the "ZFS notes" section of this file for information
	on upgrading boot ZFS pools.

20121130:
	A new version of ZFS (pool version 5000) has been merged to 8-STABLE.
	Starting with this version the old system of ZFS pool versioning
	is superseded by "feature flags". This concept enables forward
	compatibility against certain future changes in functionality of ZFS
	pools. The first two read-only compatible "feature flags" for ZFS
	pools are "com.delphix:async_destroy" and "com.delphix:empty_bpobj".
	For more information read the new zpool-features(7) manual page.
	Please refer to the "ZFS notes" section of this file for information
	on upgrading boot ZFS pools.

20121018:
	WITH_CTF can now be specified in src.conf (not recommended, there
	are some problems with static executables), make.conf (would also
	affect ports which do not use GNU make and do not override the
	compile targets) or in the kernel config (via "makeoptions
	WITH_CTF=yes").
	When WITH_CTF was specified there before this was silently ignored,
	so make sure that WITH_CTF is not used in places which could lead
	to unwanted behavior.

20120913:
	The random(4) support for the VIA hardware random number
	generator (`PADLOCK') is no longer enabled unconditionally.
	Add the PADLOCK_RNG option in the custom kernel config if
	needed.  The GENERIC kernels on i386 and amd64 do include the
	option, so the change only affects the custom kernel
	configurations.

20120727:
	The sparc64 ZFS loader has been changed to no longer try to auto-
	detect ZFS providers based on diskN aliases but now requires these
	to be explicitly listed in the OFW boot-device environment variable.

20120411:
	8.3-RELEASE.

20120106:
	A new VOP_ADVISE() was added to support posix_fadvise(2).  All
	filesystem modules must be recompiled.

20111116:
	A new VOP_ALLOCATE() was added to support posix_fallocate(2).  All
	filesystem modules must be recompiled.

20111101:
	The broken amd(4) driver has been replaced with esp(4) in the amd64,
	i386 and pc98 GENERIC kernel configuration files.

20110606:
	A new version of ZFS (version 28) has been merged.
	This version does not depend on a python library and the
	sysutils/py-zfs port is not used anymore.
	For upgrading your boot pool, please read "ZFS notes"
	in the COMMON ITEMS: section later in this file.

20110428:
	IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868
	compliant, and will now use half of hash for authentication.
	This will break interoperability with all stacks (including all
	older FreeBSD versions) who implement
	draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for
	authentication).
	The only workaround with such peers is to use another HMAC
	algorithm for IPsec ("phase 2") authentication.

20110221:
	8.2-RELEASE.

20101126:
	New version of minidump format for amd64 architecture was
	introduced in r215872.  To analyze vmcore files produced by
	kernels at or after this version you will need updated userland,
	libkvm actually, that is able to handle the new version.

20101022:
	A workaround for a fixed ld bug has been removed in kernel code,
	so make sure that your system ld is built from sources after
	revision 211583 from 2010-08-21 (r210245 from 2010-07-19 if
	building stable/8 kernel on head, r211584 from 2010-08-21 for
	stable/7).  A symptom of incorrect ld version is
	different addresses for set_pcpu section and __start_set_pcpu
	symbol in kernel and/or modules.

20100915:
	A new version of ZFS (version 15) has been merged.
	This version uses a python library for the following subcommands:
	zfs allow, zfs unallow, zfs groupspace, zfs userspace.
	For full functionality of these commands the following port must
	be installed: sysutils/py-zfs

20100720:
	8.1-RELEASE.

20100502:
	The config(8) command has been updated to maintain compatibility
	with config files from 8.0-RELEASE.  You will need a new version
	of config to build kernels (this version can be used from 8.0-RELEASE
	forward).  The buildworld target will generate it, so following
	the instructions in this file for updating will work glitch-free.
	Merely doing a make buildkernel without first doing a make buildworld
	(or kernel-toolchain), or attempting to build a kernel using
	traidtional methods will generate a config version warning, indicating
	you should update.

20100408:
	The rc.firewall and rc.firewall6 were unified, and
	rc.firewall6 and rc.d/ip6fw were removed.
	According to the removal of rc.d/ip6fw, ipv6_firewall_* rc
	variables are obsoleted.  Instead, the following new rc
	variables are added to rc.d/ipfw:

		firewall_client_net_ipv6, firewall_simple_iif_ipv6,
		firewall_simple_inet_ipv6, firewall_simple_oif_ipv6,
		firewall_simple_onet_ipv6

	The meanings correspond to the relevant IPv4 variables.

20100417:
	COMPAT_IA32 has been added as an alias for COMPAT_FREEBSD32.  A new
	version of config(8) is required.  The error message when you hit this
	condition is confusing (COMPAT_FREEBSD32 duplicate option), when it
	should really say "your config is too old to compile this new kernel."

20100406:
	The kernel option COMPAT_IA32 has been replaced with COMPAT_FREEBSD32
	to allow 32-bit compatibility on non-x86 platforms. All kernel
	configurations on amd64 and ia64 platforms using these options must
	be modified accordingly.

20100125:
	Introduce the kernel thread "deadlock resolver" (which can be enabled
	via the DEADLKRES option, see NOTES for more details) and the
	sleepq_type() function for sleepqueues.

20091125:
	8.0-RELEASE.

20090929:
	802.11s D3.03 support was committed. This is incompatible with
	the previous code, which was based on D3.0.

20090915:
	ZFS snapshots are now mounted with MNT_IGNORE flag. Use -v option for
	mount(8) and -a option for df(1) to see them.

20090813:
	Remove the option STOP_NMI.  The default action is now to use NMI
	only for KDB via the newly introduced function stop_cpus_hard()
	and maintain stop_cpus() to just use a normal IPI_STOP on ia32
	and amd64.

20090803:
	RELENG_8 branched.

20090719:
	Bump the shared library version numbers for all libraries that
	do not use symbol versioning as part of the 8.0-RELEASE cycle.
	Bump __FreeBSD_version to 800105.

20090714:
	Due to changes in the implementation of virtual network stack
	support, all network-related kernel modules must be recompiled.
	As this change breaks the ABI, bump __FreeBSD_version to 800104.

20090713:
	The TOE interface to the TCP syncache has been modified to remove struct
	tcpopt (<netinet/tcp_var.h>) from the ABI of the network stack.  The
	cxgb driver is the only TOE consumer affected by this change, and needs
	to be recompiled along with the kernel. As this change breaks the ABI,
	bump __FreeBSD_version to 800103.

20090712:
	Padding has been added to struct tcpcb, sackhint and tcpstat in
	<netinet/tcp_var.h> to facilitate future MFCs and bug fixes whilst
	maintainig the ABI. However, this change breaks the ABI, so bump
	__FreeBSD_version to 800102. User space tools that rely on the size of
	any of these structs (e.g. sockstat) need to be recompiled.

20090630:
	The NFS_LEGACYRPC option has been removed along with the old
	kernel RPC implementation that this option selected. Kernel
	configurations may need to be adjusted.

20090629:
	The network interface device nodes at /dev/net/<interface> have
	been removed.  All ioctl operations can be performed the normal
	way using routing sockets.  The kqueue functionality can
	generally be replaced with routing sockets.

20090628:
	The documentation from the FreeBSD Documentation Project
	(Handbook, FAQ, etc.) is now installed via packages by
	sysinstall(8) and under the /usr/local/share/doc/freebsd
	directory instead of /usr/share/doc.

20090624:
	The ABI of various structures related to the SYSV IPC API have
	been changed.  As a result, the COMPAT_FREEBSD[456] and COMPAT_43
	kernel options now all require COMPAT_FREEBSD7.
	Bump __FreeBSD_version to 800100.

20090622:
	Layout of struct vnet has changed as routing related variables
	were moved to their own Vimage module. Modules need to be
	recompiled.  Bump __FreeBSD_version to 800099.

20090619:
	NGROUPS_MAX and NGROUPS have been increased from 16 to 1023
	and 1024 respectively.  As long as no more than 16 groups per
	process are used, no changes should be visible.  When more
	than 16 groups are used, old binaries may fail if they call
	getgroups() or getgrouplist() with statically sized storage.
	Recompiling will work around this, but applications should be
	modified to use dynamically allocated storage for group arrays
	as POSIX.1-2008 does not cap an implementation's number of
	supported groups at NGROUPS_MAX+1 as previous versions did.

	NFS and portalfs mounts may also be affected as the list of
	groups is truncated to 16.  Users of NFS who use more than 16
	groups, should take care that negative group permissions are not
	used on the exported file systems as they will not be reliable
	unless a GSSAPI based authentication method is used.

20090616:
	The compiling option ADAPTIVE_LOCKMGRS has been introduced.
	This option compiles in the support for adaptive spinning for lockmgrs
	which want to enable it.  The lockinit() function now accepts the
	flag LK_ADAPTIVE in order to make the lock object subject to
	adaptive spinning when both held in write and read mode.

20090613:
	The layout of the structure returned by IEEE80211_IOC_STA_INFO
	has changed.  User applications that use this ioctl need to be
	rebuilt.

20090611:
	The layout of struct thread has changed.  Kernel and modules
	need to be rebuilt.

20090608:
	The layout of structs ifnet, domain, protosw and vnet_net has
	changed.  Kernel modules need to be rebuilt.
	Bump __FreeBSD_version to 800097.

20090602:
	window(1) has been removed from the base system. It can now be
	installed from ports. The port is called misc/window.

20090601:
	The way we are storing and accessing `routing table' entries
	has changed. Programs reading the FIB, like netstat, need to
	be re-compiled.

20090601:
	A new netisr implementation has been added for FreeBSD 8.  Network
	file system modules, such as igmp, ipdivert, and others, should be
	rebuilt.
	Bump __FreeBSD_version to 800096.

20090530:
	Remove the tunable/sysctl debug.mpsafevfs as its initial purpose
	is no more valid.

20090530:
	Add VOP_ACCESSX(9).  File system modules need to be rebuilt.
	Bump __FreeBSD_version to 800094.

20090529:
	Add mnt_xflag field to 'struct mount'.  File system modules
	need to be rebuilt.
	Bump __FreeBSD_version to 800093.

20090528:
	The compiling option ADAPTIVE_SX has been retired while it has been
	introduced the option NO_ADAPTIVE_SX which handles the reversed logic.
	The KPI for sx_init_flags() changes as accepting flags:
	SX_ADAPTIVESPIN flag has been retired while the SX_NOADAPTIVE flag
	has been introduced in order to handle the reversed logic.
	Bump __FreeBSD_version to 800092.

20090527:
	Add support for hierarchical jails.  Remove global securelevel.
	Bump __FreeBSD_version to 800091.

20090523:
	The layout of struct vnet_net has changed, therefore modules
	need to be rebuilt.
	Bump __FreeBSD_version to 800090.

20090523:
	The newly imported zic(8) produces a new format in the
	output. Please run tzsetup(8) to install the newly created
	data to /etc/localtime.

20090520:
	The sysctl tree for the usb stack has renamed from hw.usb2.* to
	hw.usb.* and is now consistent again with previous releases.

20090520:
	802.11 monitor mode support was revised and driver api's
	were changed.  Drivers dependent on net80211 now support
	DLT_IEEE802_11_RADIO instead of DLT_IEEE802_11.  No
	user-visible data structures were changed but applications
	that use DLT_IEEE802_11 may require changes.
	Bump __FreeBSD_version to 800088.

20090430:
	The layout of the following structs has changed: sysctl_oid,
	socket, ifnet, inpcbinfo, tcpcb, syncache_head, vnet_inet,
	vnet_inet6 and vnet_ipfw.  Most modules need to be rebuild or
	panics may be experienced.  World rebuild is required for
	correctly checking networking state from userland.
	Bump __FreeBSD_version to 800085.

20090429:
	MLDv2 and Source-Specific Multicast (SSM) have been merged
	to the IPv6 stack. VIMAGE hooks are in but not yet used.
	The implementation of SSM within FreeBSD's IPv6 stack closely
	follows the IPv4 implementation.

	For kernel developers:

	* The most important changes are that the ip6_output() and
	  ip6_input() paths no longer take the IN6_MULTI_LOCK,
	  and this lock has been downgraded to a non-recursive mutex.

	* As with the changes to the IPv4 stack to support SSM, filtering
	  of inbound multicast traffic must now be performed by transport
	  protocols within the IPv6 stack. This does not apply to TCP and
	  SCTP, however, it does apply to UDP in IPv6 and raw IPv6.

	* The KPIs used by IPv6 multicast are similar to those used by
	  the IPv4 stack, with the following differences:
	   * im6o_mc_filter() is analogous to imo_multicast_filter().
	   * The legacy KAME entry points in6_joingroup and in6_leavegroup()
	     are shimmed to in6_mc_join() and in6_mc_leave() respectively.
	   * IN6_LOOKUP_MULTI() has been deprecated and removed.
	   * IPv6 relies on MLD for the DAD mechanism. KAME's internal KPIs
	     for MLDv1 have an additional 'timer' argument which is used to
	     jitter the initial membership report for the solicited-node
	     multicast membership on-link.
	   * This is not strictly needed for MLDv2, which already jitters
	     its report transmissions.  However, the 'timer' argument is
	     preserved in case MLDv1 is active on the interface.

	* The KAME linked-list based IPv6 membership implementation has
	  been refactored to use a vector similar to that used by the IPv4
	  stack.
	  Code which maintains a list of its own multicast memberships
	  internally, e.g. carp, has been updated to reflect the new
	  semantics.

	* There is a known Lock Order Reversal (LOR) due to in6_setscope()
	  acquiring the IF_AFDATA_LOCK and being called within ip6_output().
	  Whilst MLDv2 tries to avoid this otherwise benign LOR, it is an
	  implementation constraint which needs to be addressed in HEAD.

	For application developers:

	* The changes are broadly similar to those made for the IPv4
	  stack.

	* The use of IPv4 and IPv6 multicast socket options on the same
	  socket, using mapped addresses, HAS NOT been tested or supported.

	* There are a number of issues with the implementation of various
	  IPv6 multicast APIs which need to be resolved in the API surface
	  before the implementation is fully compatible with KAME userland
	  use, and these are mostly to do with interface index treatment.

	* The literature available discusses the use of either the delta / ASM
	  API with setsockopt(2)/getsockopt(2), or the full-state / ASM API
	  using setsourcefilter(3)/getsourcefilter(3). For more information
	  please refer to RFC 3768, 'Socket Interface Extensions for
	  Multicast Source Filters'.

	* Applications which use the published RFC 3678 APIs should be fine.

	For systems administrators:

	* The mtest(8) utility has been refactored to support IPv6, in
	  addition to IPv4. Interface addresses are no longer accepted
	  as arguments, their names must be used instead. The utility
	  will map the interface name to its first IPv4 address as
	  returned by getifaddrs(3).

	* The ifmcstat(8) utility has also been updated to print the MLDv2
	  endpoint state and source filter lists via sysctl(3).

	* The net.inet6.ip6.mcast.loop sysctl may be tuned to 0 to disable
	  loopback of IPv6 multicast datagrams by default; it defaults to 1
	  to preserve the existing behaviour. Disabling multicast loopback is
	  recommended for optimal system performance.

	* The IPv6 MROUTING code has been changed to examine this sysctl
	  instead of attempting to perform a group lookup before looping
	  back forwarded datagrams.

	Bump __FreeBSD_version to 800084.

20090422:
	Implement low-level Bluetooth HCI API.
	Bump __FreeBSD_version to 800083.

20090419:
	The layout of struct malloc_type, used by modules to register new
	memory allocation types, has changed.  Most modules will need to
	be rebuilt or panics may be experienced.
	Bump __FreeBSD_version to 800081.

20090415:
	Anticipate overflowing inp_flags - add inp_flags2.
	This changes most offsets in inpcb, so checking v4 connection
	state will require a world rebuild.
	Bump __FreeBSD_version to 800080.

20090415:
	Add an llentry to struct route and struct route_in6. Modules
	embedding a struct route will need to be recompiled.
	Bump __FreeBSD_version to 800079.

20090414:
	The size of rt_metrics_lite and by extension rtentry has changed.
	Networking administration apps will need to be recompiled.
	The route command now supports show as an alias for get, weighting
	of routes, sticky and nostick flags to alter the behavior of stateful
	load balancing.
	Bump __FreeBSD_version to 800078.

20090408:
	Do not use Giant for kbdmux(4) locking. This is wrong and
	apparently causing more problems than it solves. This will
	re-open the issue where interrupt handlers may race with
	kbdmux(4) in polling mode. Typical symptoms include (but
	not limited to) duplicated and/or missing characters when
	low level console functions (such as gets) are used while
	interrupts are enabled (for example geli password prompt,
	mountroot prompt etc.). Disabling kbdmux(4) may help.

20090407:
	The size of structs vnet_net, vnet_inet and vnet_ipfw has changed;
	kernel modules referencing any of the above need to be recompiled.
	Bump __FreeBSD_version to 800075.

20090320:
	GEOM_PART has become the default partition slicer for storage devices,
	replacing GEOM_MBR, GEOM_BSD, GEOM_PC98 and GEOM_GPT slicers. It
	introduces some changes:

	MSDOS/EBR: the devices created from MSDOS extended partition entries
	(EBR) can be named differently than with GEOM_MBR and are now symlinks
	to devices with offset-based names. fstabs may need to be modified.

	BSD: the "geometry does not match label" warning is harmless in most
	cases but it points to problems in file system misalignment with
	disk geometry. The "c" partition is now implicit, covers the whole
	top-level drive and cannot be (mis)used by users.

	General: Kernel dumps are now not allowed to be written to devices
	whose partition types indicate they are meant to be used for file
	systems (or, in case of MSDOS partitions, as something else than
	the "386BSD" type).

	Most of these changes date approximately from 200812.

20090319:
	The uscanner(4) driver has been removed from the kernel. This follows
	Linux removing theirs in 2.6 and making libusb the default interface
	(supported by sane).

20090319:
	The multicast forwarding code has been cleaned up. netstat(1)
	only relies on KVM now for printing bandwidth upcall meters.
	The IPv4 and IPv6 modules are split into ip_mroute_mod and
	ip6_mroute_mod respectively. The config(5) options for statically
	compiling this code remain the same, i.e. 'options MROUTING'.

20090315:
	Support for the IFF_NEEDSGIANT network interface flag has been
	removed, which means that non-MPSAFE network device drivers are no
	longer supported.  In particular, if_ar, if_sr, and network device
	drivers from the old (legacy) USB stack can no longer be built or
	used.

20090313:
	POSIX.1 Native Language Support (NLS) has been enabled in libc and
	a bunch of new language catalog files have also been added.
	This means that some common libc messages are now localized and
	they depend on the LC_MESSAGES environmental variable.

20090313:
	The k8temp(4) driver has been renamed to amdtemp(4) since
	support for K10 and K11 CPU families was added.

20090309:
	IGMPv3 and Source-Specific Multicast (SSM) have been merged
	to the IPv4 stack. VIMAGE hooks are in but not yet used.

	For kernel developers, the most important changes are that the
	ip_output() and ip_input() paths no longer take the IN_MULTI_LOCK(),
	and this lock has been downgraded to a non-recursive mutex.

	Transport protocols (UDP, Raw IP) are now responsible for filtering
	inbound multicast traffic according to group membership and source
	filters. The imo_multicast_filter() KPI exists for this purpose.
	Transports which do not use multicast (SCTP, TCP) already reject
	multicast by default. Forwarding and receive performance may improve
	as a mutex acquisition is no longer needed in the ip_input()
	low-level input path.  in_addmulti() and in_delmulti() are shimmed
	to new KPIs which exist to support SSM in-kernel.

	For application developers, it is recommended that loopback of
	multicast datagrams be disabled for best performance, as this
	will still cause the lock to be taken for each looped-back
	datagram transmission. The net.inet.ip.mcast.loop sysctl may
	be tuned to 0 to disable loopback by default; it defaults to 1
	to preserve the existing behaviour.

	For systems administrators, to obtain best performance with
	multicast reception and multiple groups, it is always recommended
	that a card with a suitably precise hash filter is used. Hash
	collisions will still result in the lock being taken within the
	transport protocol input path to check group membership.

	If deploying FreeBSD in an environment with IGMP snooping switches,
	it is recommended that the net.inet.igmp.sendlocal sysctl remain
	enabled; this forces 224.0.0.0/24 group membership to be announced
	via IGMP.

	The size of 'struct igmpstat' has changed; netstat needs to be
	recompiled to reflect this.
	Bump __FreeBSD_version to 800070.

20090309:
	libusb20.so.1 is now installed as libusb.so.1 and the ports system
	updated to use it. This requires a buildworld/installworld in order to
	update the library and dependencies (usbconfig, etc). Its advisable to
	rebuild all ports which uses libusb. More specific directions are given
	in the ports collection UPDATING file. Any /etc/libmap.conf entries for
	libusb are no longer required and can be removed.

20090302:
	A workaround is committed to allow the creation of System V shared
	memory segment of size > 2 GB on the 64-bit architectures.
	Due to a limitation of the existing ABI, the shm_segsz member
	of the struct shmid_ds, returned by shmctl(IPC_STAT) call is
	wrong for large segments. Note that limits must be explicitly
	raised to allow such segments to be created.

20090301:
	The layout of struct ifnet has changed, requiring a rebuild of all
	network device driver modules.

20090227:
	The /dev handling for the new USB stack has changed, a
	buildworld/installworld is required for libusb20.

20090223:
	The new USB2 stack has now been permanently moved in and all kernel and
	module names reverted to their previous values (eg, usb, ehci, ohci,
	ums, ...).  The old usb stack can be compiled in by prefixing the name
	with the letter 'o', the old usb modules have been removed.
	Updating entry 20090216 for xorg and 20090215 for libmap may still
	apply.

20090217:
	The rc.conf(5) option if_up_delay has been renamed to
	defaultroute_delay to better reflect its purpose. If you have
	customized this setting in /etc/rc.conf you need to update it to
	use the new name.

20090216:
	xorg 7.4 wants to configure its input devices via hald which does not
	yet work with USB2. If the keyboard/mouse does not work in xorg then
	add
		Option "AllowEmptyInput" "off"
	to your ServerLayout section.  This will cause X to use the configured
	kbd and mouse sections from your xorg.conf.

20090215:
	The GENERIC kernels for all architectures now default to the new USB2
	stack. No kernel config options or code have been removed so if a
	problem arises please report it and optionally revert to the old USB
	stack. If you are loading USB kernel modules or have a custom kernel
	that includes GENERIC then ensure that usb names are also changed over,
	eg uftdi -> usb2_serial_ftdi.

	Older programs linked against the ports libusb 0.1 need to be
	redirected to the new stack's libusb20.  /etc/libmap.conf can
	be used for this:
		# Map old usb library to new one for usb2 stack
		libusb-0.1.so.8	libusb20.so.1

20090209:
	All USB ethernet devices now attach as interfaces under the name ueN
	(eg. ue0). This is to provide a predictable name as vendors often
	change usb chipsets in a product without notice.

20090203:
	The ichsmb(4) driver has been changed to require SMBus slave
	addresses be left-justified (xxxxxxx0b) rather than right-justified.
	All of the other SMBus controller drivers require left-justified
	slave addresses, so this change makes all the drivers provide the
	same interface.

20090201:
	INET6 statistics (struct ip6stat) was updated.
	netstat(1) needs to be recompiled.

20090119:
	NTFS has been removed from GENERIC kernel on amd64 to match
	GENERIC on i386. Should not cause any issues since mount_ntfs(8)
	will load ntfs.ko module automatically when NTFS support is
	actually needed, unless ntfs.ko is not installed or security
	level prohibits loading kernel modules. If either is the case,
	"options NTFS" has to be added into kernel config.

20090115:
	TCP Appropriate Byte Counting (RFC 3465) support added to kernel.
	New field in struct tcpcb breaks ABI, so bump __FreeBSD_version to
	800061. User space tools that rely on the size of struct tcpcb in
	tcp_var.h (e.g. sockstat) need to be recompiled.

20081225:
	ng_tty(4) module updated to match the new TTY subsystem.
	Due to API change, user-level applications must be updated.
	New API support added to mpd5 CVS and expected to be present
	in next mpd5.3 release.

20081219:
	With __FreeBSD_version 800060 the makefs tool is part of
	the base system (it was a port).

20081216:
	The afdata and ifnet locks have been changed from mutexes to
	rwlocks, network modules will need to be re-compiled.

20081214:
	__FreeBSD_version 800059 incorporates the new arp-v2 rewrite.
	RTF_CLONING, RTF_LLINFO and RTF_WASCLONED flags are eliminated.
	The new code reduced struct rtentry{} by 16 bytes on 32-bit
	architecture and 40 bytes on 64-bit architecture. The userland
	applications "arp" and "ndp" have been updated accordingly.
	The output from "netstat -r" shows only routing entries and
	none of the L2 information.

20081130:
	__FreeBSD_version 800057 marks the switchover from the
	binary ath hal to source code. Users must add the line:

	options	AH_SUPPORT_AR5416

	to their kernel config files when specifying:

	device	ath_hal

	The ath_hal module no longer exists; the code is now compiled
	together with the driver in the ath module.  It is now
	possible to tailor chip support (i.e. reduce the set of chips
	and thereby the code size); consult ath_hal(4) for details.

20081121:
	__FreeBSD_version 800054 adds memory barriers to
	<machine/atomic.h>, new interfaces to ifnet to facilitate
	multiple hardware transmit queues for cards that support
	them, and a lock-less ring-buffer implementation to
	enable drivers to more efficiently manage queueing of
	packets.

20081117:
	A new version of ZFS (version 13) has been merged to -HEAD.
	This version has zpool attribute "listsnapshots" off by
	default, which means "zfs list" does not show snapshots,
	and is the same as Solaris behavior.

20081028:
	dummynet(4) ABI has changed. ipfw(8) needs to be recompiled.

20081009:
	The uhci, ohci, ehci and slhci USB Host controller drivers have
	been put into separate modules. If you load the usb module
	separately through loader.conf you will need to load the
	appropriate *hci module as well. E.g. for a UHCI-based USB 2.0
	controller add the following to loader.conf:

		uhci_load="YES"
		ehci_load="YES"

20081009:
	The ABI used by the PMC toolset has changed.  Please keep
	userland (libpmc(3)) and the kernel module (hwpmc(4)) in
	sync.

20081009:
	atapci kernel module now includes only generic PCI ATA
	driver. AHCI driver moved to ataahci kernel module.
	All vendor-specific code moved into separate kernel modules:
	ataacard, ataacerlabs, ataadaptec, ataamd, ataati, atacenatek,
	atacypress, atacyrix, atahighpoint, ataintel, ataite, atajmicron,
	atamarvell, atamicron, atanational, atanetcell, atanvidia,
	atapromise, ataserverworks, atasiliconimage, atasis, atavia

20080820:
	The TTY subsystem of the kernel has been replaced by a new
	implementation, which provides better scalability and an
	improved driver model. Most common drivers have been migrated to
	the new TTY subsystem, while others have not. The following
	drivers have not yet been ported to the new TTY layer:

	PCI/ISA:
		cy, digi, rc, rp, sio

	USB:
		ubser, ucycom

	Line disciplines:
		ng_h4, ng_tty, ppp, sl, snp

	Adding these drivers to your kernel configuration file shall
	cause compilation to fail.

20080818:
	ntpd has been upgraded to 4.2.4p5.

20080801:
	OpenSSH has been upgraded to 5.1p1.

	For many years, FreeBSD's version of OpenSSH preferred DSA
	over RSA for host and user authentication keys.  With this
	upgrade, we've switched to the vendor's default of RSA over
	DSA.  This may cause upgraded clients to warn about unknown
	host keys even for previously known hosts.  Users should
	follow the usual procedure for verifying host keys before
	accepting the RSA key.

	This can be circumvented by setting the "HostKeyAlgorithms"
	option to "ssh-dss,ssh-rsa" in ~/.ssh/config or on the ssh
	command line.

	Please note that the sequence of keys offered for
	authentication has been changed as well.  You may want to
	specify IdentityFile in a different order to revert this
	behavior.

20080713:
	The sio(4) driver has been removed from the i386 and amd64
	kernel configuration files. This means uart(4) is now the
	default serial port driver on those platforms as well.

	To prevent collisions with the sio(4) driver, the uart(4) driver
	uses different names for its device nodes. This means the
	onboard serial port will now most likely be called "ttyu0"
	instead of "ttyd0". You may need to reconfigure applications to
	use the new device names.

	When using the serial port as a boot console, be sure to update
	/boot/device.hints and /etc/ttys before booting the new kernel.
	If you forget to do so, you can still manually specify the hints
	at the loader prompt:

		set hint.uart.0.at="isa"
		set hint.uart.0.port="0x3F8"
		set hint.uart.0.flags="0x10"
		set hint.uart.0.irq="4"
		boot -s

20080609:
	The gpt(8) utility has been removed. Use gpart(8) to partition
	disks instead.

20080603:
	The version that Linuxulator emulates was changed from 2.4.2
	to 2.6.16. If you experience any problems with Linux binaries
	please try to set sysctl compat.linux.osrelease to 2.4.2 and
	if it fixes the problem contact emulation mailing list.

20080525:
	ISDN4BSD (I4B) was removed from the src tree. You may need to
	update a your kernel configuration and remove relevant entries.

20080509:
	I have checked in code to support multiple routing tables.
	See the man pages setfib(1) and setfib(2).
	This is a hopefully backwards compatible version,
	but to make use of it you need to compile your kernel
	with options ROUTETABLES=2 (or more up to 16).

20080420:
	The 802.11 wireless support was redone to enable multi-bss
	operation on devices that are capable.  The underlying device
	is no longer used directly but instead wlanX devices are
	cloned with ifconfig.  This requires changes to rc.conf files.
	For example, change:
		ifconfig_ath0="WPA DHCP"
	to
		wlans_ath0=wlan0
		ifconfig_wlan0="WPA DHCP"
	see rc.conf(5) for more details.  In addition, mergemaster of
	/etc/rc.d is highly recommended.  Simultaneous update of userland
	and kernel wouldn't hurt either.

	As part of the multi-bss changes the wlan_scan_ap and wlan_scan_sta
	modules were merged into the base wlan module.  All references
	to these modules (e.g. in kernel config files) must be removed.

20080408:
	psm(4) has gained write(2) support in native operation level.
	Arbitrary commands can be written to /dev/psm%d and status can
	be read back from it.  Therefore, an application is responsible
	for status validation and error recovery.  It is a no-op in
	other operation levels.

20080312:
	Support for KSE threading has been removed from the kernel.  To
	run legacy applications linked against KSE libmap.conf may
	be used.  The following libmap.conf may be used to ensure
	compatibility with any prior release:

	libpthread.so.1 libthr.so.1
	libpthread.so.2 libthr.so.2
	libkse.so.3 libthr.so.3

20080301:
	The layout of struct vmspace has changed. This affects libkvm
	and any executables that link against libkvm and use the
	kvm_getprocs() function. In particular, but not exclusively,
	it affects ps(1), fstat(1), pkill(1), systat(1), top(1) and w(1).
	The effects are minimal, but it's advisable to upgrade world
	nonetheless.

20080229:
	The latest em driver no longer has support in it for the
	82575 adapter, this is now moved to the igb driver. The
	split was done to make new features that are incompatible
	with older hardware easier to do.

20080220:
	The new geom_lvm(4) geom class has been renamed to geom_linux_lvm(4),
	likewise the kernel option is now GEOM_LINUX_LVM.

20080211:
	The default NFS mount mode has changed from UDP to TCP for
	increased reliability.  If you rely on (insecurely) NFS
	mounting across a firewall you may need to update your
	firewall rules.

20080208:
	Belatedly note the addition of m_collapse for compacting
	mbuf chains.

20080126:
	The fts(3) structures have been changed to use adequate
	integer types for their members and so to be able to cope
	with huge file trees.  The old fts(3) ABI is preserved
	through symbol versioning in libc, so third-party binaries
	using fts(3) should still work, although they will not take
	advantage of the extended types.  At the same time, some
	third-party software might fail to build after this change
	due to unportable assumptions made in its source code about
	fts(3) structure members.  Such software should be fixed
	by its vendor or, in the worst case, in the ports tree.
	FreeBSD_version 800015 marks this change for the unlikely
	case that a portable fix is impossible.

20080123:
	To upgrade to -current after this date, you must be running
	FreeBSD not older than 6.0-RELEASE.  Upgrading to -current
	from 5.x now requires a stop over at RELENG_6 or RELENG_7 systems.

20071128:
	The ADAPTIVE_GIANT kernel option has been retired because its
	functionality is the default now.

20071118:
	The AT keyboard emulation of sunkbd(4) has been turned on
	by default. In order to make the special symbols of the Sun
	keyboards driven by sunkbd(4) work under X these now have
	to be configured the same way as Sun USB keyboards driven
	by ukbd(4) (which also does AT keyboard emulation), f.e.:

	Option	"XkbLayout" "us"
	Option	"XkbRules" "xorg"
	Option	"XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us"

20071024:
	It has been decided that it is desirable to provide ABI
	backwards compatibility to the FreeBSD 4/5/6 versions of the
	PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was
	broken with the introduction of PCI domain support (see the
	20070930 entry). Unfortunately, this required the ABI of
	PCIOCGETCONF to be broken again in order to be able to
	provide backwards compatibility to the old version of that
	IOCTL. Thus consumers of PCIOCGETCONF have to be recompiled
	again. As for prominent ports this affects neither pciutils
	nor xorg-server this time, the hal port needs to be rebuilt
	however.

20071020:
	The misnamed kthread_create() and friends have been renamed
	to kproc_create() etc. Many of the callers already
	used kproc_start()..
	I will return kthread_create() and friends in a while
	with implementations that actually create threads, not procs.
	Renaming corresponds with version 800002.

20071010:
	RELENG_7 branched.

20071009:
	Setting WITHOUT_LIBPTHREAD now means WITHOUT_LIBKSE and
	WITHOUT_LIBTHR are set.

20070930:
	The PCI code has been made aware of PCI domains. This means that
	the location strings as used by pciconf(8) etc are now in the
	following format: pci<domain>:<bus>:<device>[:<function>]. It
	also means that consumers of <sys/pciio.h> potentially need to
	be recompiled; this includes the hal and xorg-server ports.

20070928:
	The caching daemon (cached) was renamed to nscd. nscd.conf
	configuration file should be used instead of cached.conf and
	nscd_enable, nscd_pidfile and nscd_flags options should be used
	instead of cached_enable, cached_pidfile and cached_flags in
	rc.conf.

20070921:
	The getfacl(1) utility now prints owning user and group name
	instead of owning uid and gid in the three line comment header.
	This is the same behavior as getfacl(1) on Solaris and Linux.

20070704:
	The new IPsec code is now compiled in using the IPSEC option.  The
	IPSEC option now requires "device crypto" be defined in your kernel
	configuration.  The FAST_IPSEC kernel option is now deprecated.

20070702:
	The packet filter (pf) code has been updated to OpenBSD 4.1 Please
	note the changed syntax - keep state is now on by default.  Also
	note the fact that ftp-proxy(8) has been changed from bottom up and
	has been moved from libexec to usr/sbin.  Changes in the ALTQ
	handling also affect users of IPFW's ALTQ capabilities.

20070701:
	Remove KAME IPsec in favor of FAST_IPSEC, which is now the
	only IPsec supported by FreeBSD.  The new IPsec stack
	supports both IPv4 and IPv6. The kernel option will change
	after the code changes have settled in.  For now the kernel
	option IPSEC is deprecated and FAST_IPSEC is the only option, that
	will change after some settling time.

20070701:
	The wicontrol(8) utility has been removed from the base system. wi(4)
	cards should be configured using ifconfig(8), see the man page for more
	information.

20070612:
	The i386/amd64 GENERIC kernel now defaults to the nfe(4) driver
	instead of the nve(4) driver. Please update your configuration
	accordingly.

20070612:
	By default, /etc/rc.d/sendmail no longer rebuilds the aliases
	database if it is missing or older than the aliases file.  If
	desired, set the new rc.conf option sendmail_rebuild_aliases
	to "YES" to restore that functionality.

20070612:
	The IPv4 multicast socket code has been considerably modified, and
	moved to the file sys/netinet/in_mcast.c. Initial support for the
	RFC 3678 Source-Specific Multicast Socket API has been added to
	the IPv4 network stack.

	Strict multicast and broadcast reception is now the default for
	UDP/IPv4 sockets; the net.inet.udp.strict_mcast_mship sysctl variable
	has now been removed.

	The RFC 1724 hack for interface selection has been removed; the use
	of the Linux-derived ip_mreqn structure with IP_MULTICAST_IF has
	been added to replace it. Consumers such as routed will soon be
	updated to reflect this.

	These changes affect users who are running routed(8) or rdisc(8)
	from the FreeBSD base system on point-to-point or unnumbered
	interfaces.

20070610:
	The net80211 layer has changed significantly and all wireless
	drivers that depend on it need to be recompiled.  Further these
	changes require that any program that interacts with the wireless
	support in the kernel be recompiled; this includes: ifconfig,
	wpa_supplicant, hostapd, and wlanstats.  Users must also, for
	the moment, kldload the wlan_scan_sta and/or wlan_scan_ap modules
	if they use modules for wireless support.  These modules implement
	scanning support for station and ap modes, respectively.  Failure
	to load the appropriate module before marking a wireless interface
	up will result in a message to the console and the device not
	operating properly.

20070610:
	The pam_nologin(8) module ceases to provide an authentication
	function and starts providing an account management function.
	Consequent changes to /etc/pam.d should be brought in using
	mergemaster(8).  Third-party files in /usr/local/etc/pam.d may
	need manual editing as follows.  Locate this line (or similar):

		auth	required	pam_nologin.so	no_warn

	and change it according to this example:

		account	required	pam_nologin.so	no_warn

	That is, the first word needs to be changed from "auth" to
	"account".  The new line can be moved to the account section
	within the file for clarity.  Not updating pam.conf(5) files
	will result in nologin(5) ignored by the respective services.

20070529:
	The ether_ioctl() function has been synchronized with ioctl(2)
	and ifnet.if_ioctl.  Due to that, the size of one of its arguments
	has changed on 64-bit architectures.  All kernel modules using
	ether_ioctl() need to be rebuilt on such architectures.

20070516:
	Improved INCLUDE_CONFIG_FILE support has been introduced to the
	config(8) utility. In order to take advantage of this new
	functionality, you are expected to recompile and install
	src/usr.sbin/config. If you don't rebuild config(8), and your
	kernel configuration depends on INCLUDE_CONFIG_FILE, the kernel
	build will be broken because of a missing "kernconfstring"
	symbol.

20070513:
	Symbol versioning is enabled by default.  To disable it, use
	option WITHOUT_SYMVER.  It is not advisable to attempt to
	disable symbol versioning once it is enabled; your installworld
	will break because a symbol version-less libc will get installed
	before the install tools.  As a result, the old install tools,
	which previously had symbol dependencies to FBSD_1.0, will fail
	because the freshly installed libc will not have them.

	The default threading library (providing "libpthread") has been
	changed to libthr.  If you wish to have libkse as your default,
	use option DEFAULT_THREAD_LIB=libkse for the buildworld.

20070423:
	The ABI breakage in sendmail(8)'s libmilter has been repaired
	so it is no longer necessary to recompile mail filters (aka,
	milters).  If you recompiled mail filters after the 20070408
	note, it is not necessary to recompile them again.

20070417:
	The new trunk(4) driver has been renamed to lagg(4) as it better
	reflects its purpose. ifconfig will need to be recompiled.

20070408:
	sendmail(8) has been updated to version 8.14.1.  Mail filters
	(aka, milters) compiled against the libmilter included in the
	base operating system should be recompiled.

20070302:
	Firmwares for ipw(4) and iwi(4) are now included in the base tree.
	In order to use them one must agree to the respective LICENSE in
	share/doc/legal and define legal.intel_<name>.license_ack=1 via
	loader.conf(5) or kenv(1).  Make sure to deinstall the now
	deprecated modules from the respective firmware ports.

20070228:
	The name resolution/mapping functions addr2ascii(3) and ascii2addr(3)
	were removed from FreeBSD's libc. These originally came from INRIA
	IPv6. Nothing in FreeBSD ever used them. They may be regarded as
	deprecated in previous releases.
	The AF_LINK support for getnameinfo(3) was merged from NetBSD to
	replace it as a more portable (and re-entrant) API.

20070224:
	To support interrupt filtering a modification to the newbus API
	has occurred, ABI was broken and __FreeBSD_version was bumped
	to 700031. Please make sure that your kernel and modules are in
	sync. For more info:
	http://docs.freebsd.org/cgi/mid.cgi?20070221233124.GA13941

20070224:
	The IPv6 multicast forwarding code may now be loaded into GENERIC
	kernels by loading the ip_mroute.ko module. This is built into the
	module unless WITHOUT_INET6 or WITHOUT_INET6_SUPPORT options are
	set; see src.conf(5) for more information.

20070214:
	The output of netstat -r has changed. Without -n, we now only
	print a "network name" without the prefix length if the network
	address and mask exactly match a Class A/B/C network, and an entry
	exists in the nsswitch "networks" map.
	With -n, we print the full unabbreviated CIDR network prefix in
	the form "a.b.c.d/p". 0.0.0.0/0 is always printed as "default".
	This change is in preparation for changes such as equal-cost
	multipath, and to more generally assist operational deployment
	of FreeBSD as a modern IPv4 router.

20070210:
	PIM has been turned on by default in the IPv4 multicast
	routing code. The kernel option 'PIM' has now been removed.
	PIM is now built by default if option 'MROUTING' is specified.
	It may now be loaded into GENERIC kernels by loading the
	ip_mroute.ko module.

20070207:
	Support for IPIP tunnels (VIFF_TUNNEL) in IPv4 multicast routing
	has been removed. Its functionality may be achieved by explicitly
	configuring gif(4) interfaces and using the 'phyint' keyword in
	mrouted.conf.
	XORP does not support source-routed IPv4 multicast tunnels nor the
	integrated IPIP tunneling, therefore it is not affected by this
	change. The __FreeBSD_version macro has been bumped to 700030.

20061221:
	Support for PCI Message Signalled Interrupts has been
	re-enabled in the bge driver, only for those chips which are
	believed to support it properly.  If there are any problems,
	MSI can be disabled completely by setting the
	'hw.pci.enable_msi' and 'hw.pci.enable_msix' tunables to 0
	in the loader.

20061214:
	Support for PCI Message Signalled Interrupts has been
	disabled again in the bge driver.  Many revisions of the
	hardware fail to support it properly.  Support can be
	re-enabled by removing the #define of BGE_DISABLE_MSI in
	"src/sys/dev/bge/if_bge.c".

20061214:
	Support for PCI Message Signalled Interrupts has been added
	to the bge driver.  If there are any problems, MSI can be
	disabled completely by setting the 'hw.pci.enable_msi' and
	'hw.pci.enable_msix' tunables to 0 in the loader.

20061205:
	The removal of several facets of the experimental Threading
	system from the kernel means that the proc and thread structures
	have changed quite a bit. I suggest all kernel modules that might
	reference these structures be recompiled.. Especially the
	linux module.

20061126:
	Sound infrastructure has been updated with various fixes and
	improvements. Most of the changes are pretty much transparent,
	with exceptions of followings:
	1) All sound driver specific sysctls (hw.snd.pcm%d.*) have been
	   moved to their own dev sysctl nodes, for example:
		hw.snd.pcm0.vchans -> dev.pcm.0.vchans
	2) /dev/dspr%d.%d has been deprecated. Each channel now has its
	   own chardev in the form of "dsp%d.<function>%d", where <function>
	   is p = playback, r = record and v = virtual, respectively. Users
	   are encouraged to use these devs instead of (old) "/dev/dsp%d.%d".
	   This does not affect those who are using "/dev/dsp".

20061122:
	geom(4)'s gmirror(8) class metadata structure has been
	rev'd from v3 to v4. If you update across this point and
	your metadata is converted for you, you will not be easily
	able to downgrade since the /boot/kernel.old/geom_mirror.ko
	kernel module will be unable to read the v4 metadata.  You
	can resolve this by doing from the loader(8) prompt:

		set vfs.root.mountfrom="ufs:/dev/XXX"

	where XXX is the root slice of one of the disks that composed
	the mirror (i.e.: /dev/ad0s1a). You can then rebuild
	the array the same way you built it originally.

20061122:
	The following binaries have been disconnected from the build:
	mount_devfs, mount_ext2fs, mount_fdescfs, mount_procfs, mount_linprocfs,
	and mount_std.  The functionality of these programs has been
	moved into the mount program.  For example, to mount a devfs
	filesystem, instead of using mount_devfs, use: "mount -t devfs".
	This does not affect entries in /etc/fstab, since entries in
	/etc/fstab are always processed with "mount -t fstype".

20061113:
	Support for PCI Message Signalled Interrupts on i386 and amd64
	has been added to the kernel and various drivers will soon be
	updated to use MSI when it is available.  If there are any problems,
	MSI can be disabled completely by setting the 'hw.pci.enable_msi'
	and 'hw.pci.enable_msix' tunables to 0 in the loader.

20061110:
	The MUTEX_PROFILING option has been renamed to LOCK_PROFILING.
	The lockmgr object layout has been changed as a result of having
	a lock_object embedded in it. As a consequence all file system
	kernel modules must be re-compiled. The mutex profiling man page
	has not yet been updated to reflect this change.

20061026:
	KSE in the kernel has now been made optional and turned on by
	default. Use 'nooption KSE' in your kernel config to turn it
	off. All kernel modules *must* be recompiled after this change.
	There-after, modules from a KSE kernel should be compatible with
	modules from a NOKSE kernel due to the temporary padding fields
	added to 'struct proc'.

20060929:
	mrouted and its utilities have been removed from the base system.

20060927:
	Some ioctl(2) command codes have changed.  Full backward ABI
	compatibility is provided if the "options COMPAT_FREEBSD6" is
	present in the kernel configuration file.  Make sure to add
	this option to your kernel config file, or recompile X.Org
	and the rest of ports; otherwise they may refuse to work.

20060924:
	tcpslice has been removed from the base system.

20060913:
	The sizes of struct tcpcb (and struct xtcpcb) have changed due to
	the rewrite of TCP syncookies.  Tools like netstat, sockstat, and
	systat needs to be rebuilt.

20060903:
	libpcap updated to v0.9.4 and tcpdump to v3.9.4

20060816:
	The IPFIREWALL_FORWARD_EXTENDED option is gone and the behaviour
	for IPFIREWALL_FORWARD is now as it was before when it was first
	committed and for years after. The behaviour is now ON.

20060725:
	enigma(1)/crypt(1) utility has been changed on 64 bit architectures.
	Now it can decrypt files created from different architectures.
	Unfortunately, it is no longer able to decrypt a cipher text
	generated with an older version on 64 bit architectures.
	If you have such a file, you need old utility to decrypt it.

20060709:
	The interface version of the i4b kernel part has changed. So
	after updating the kernel sources and compiling a new kernel,
	the i4b user space tools in "/usr/src/usr.sbin/i4b" must also
	be rebuilt, and vice versa.

20060627:
	The XBOX kernel now defaults to the nfe(4) driver instead of
	the nve(4) driver. Please update your configuration
	accordingly.

20060514:
	The i386-only lnc(4) driver for the AMD Am7900 LANCE and Am79C9xx
	PCnet family of NICs has been removed. The new le(4) driver serves
	as an equivalent but cross-platform replacement with the pcn(4)
	driver still providing performance-optimized support for the subset
	of AMD Am79C971 PCnet-FAST and greater chips as before.

20060511:
	The machdep.* sysctls and the adjkerntz utility have been
	modified a bit.  The new adjkerntz utility uses the new
	sysctl names and sysctlbyname() calls, so it may be impossible
	to run an old /sbin/adjkerntz utility in single-user mode
	with a new kernel.  Replace the `adjkerntz -i' step before
	`make installworld' with:

	    /usr/obj/usr/src/sbin/adjkerntz/adjkerntz -i

	and proceed as usual with the rest of the installworld-stage
	steps.  Otherwise, you risk installing binaries with their
	timestamp set several hours in the future, especially if
	you are running with local time set to GMT+X hours.

20060412:
	The ip6fw utility has been removed.  The behavior provided by
	ip6fw has been in ipfw2 for a good while and the rc.d scripts
	have been updated to deal with it.  There are some rules that
	might not migrate cleanly.  Use rc.firewall6 as a template to
	rewrite rules.

20060428:
	The puc(4) driver has been overhauled. The ebus(4) and sbus(4)
	attachments have been removed. Make sure to configure scc(4)
	on sparc64. Note also that by default puc(4) will use uart(4)
	and not sio(4) for serial ports because interrupt handling has
	been optimized for multi-port serial cards and only uart(4)
	implements the interface to support it.

20060330:
	The scc(4) driver replaces puc(4) for Serial Communications
	Controllers (SCCs) like the Siemens SAB82532 and the Zilog
	Z8530. On sparc64, it is advised to add scc(4) to the kernel
	configuration to make sure that the serial ports remain
	functional.

20060317:
	Most world/kernel related NO_* build options changed names.
	New knobs have common prefixes WITHOUT_*/WITH_* (modelled
	after FreeBSD ports) and should be set in /etc/src.conf
	(the src.conf(5) manpage is provided).  Full backwards
	compatibility is maintained for the time being though it's
	highly recommended to start moving old options out of the
	system-wide /etc/make.conf file into the new /etc/src.conf
	while also properly renaming them.  More conversions will
	likely follow.  Posting to current@@:

	http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

20060305:
	The NETSMBCRYPTO kernel option has been retired because its
	functionality is always included in NETSMB and smbfs.ko now.

20060303:
	The TDFX_LINUX kernel option was retired and replaced by the
	tdfx_linux device.  The latter can be loaded as the 3dfx_linux.ko
	kernel module.  Loading it alone should suffice to get 3dfx support
	for Linux apps because it will pull in 3dfx.ko and linux.ko through
	its dependencies.

20060204:
	The 'audit' group was added to support the new auditing functionality
	in the base system.  Be sure to follow the directions for updating,
	including the requirement to run mergemaster -p.

20060201:
	The kernel ABI to file system modules was changed on i386.
	Please make sure that your kernel and modules are in sync.

20060118:
	This actually occured some time ago, but installing the kernel
	now also installs a bunch of symbol files for the kernel modules.
	This increases the size of /boot/kernel to about 67Mbytes. You
	will need twice this if you will eventually back this up to kernel.old
	on your next install.
	If you have a shortage of room in your root partition, you should add
	-DINSTALL_NODEBUG to your make arguments or add INSTALL_NODEBUG="yes"
	to your /etc/make.conf.

20060113:
	libc's malloc implementation has been replaced.  This change has the
	potential to uncover application bugs that previously went unnoticed.
	See the malloc(3) manual page for more details.

20060112:
	The generic netgraph(4) cookie has been changed. If you upgrade
	kernel passing this point, you also need to upgrade userland
	and netgraph(4) utilities like ports/net/mpd or ports/net/mpd4.

20060106:
	si(4)'s device files now contain the unit number.
	Uses of {cua,tty}A[0-9a-f] should be replaced by {cua,tty}A0[0-9a-f].

20060106:
	The kernel ABI was mostly destroyed due to a change in the size
	of struct lock_object which is nested in other structures such
	as mutexes which are nested in all sorts of other structures.
	Make sure your kernel and modules are in sync.

20051231:
	The page coloring algorithm in the VM subsystem was converted
	from tuning with kernel options to autotuning. Please remove
	any PQ_* option except PQ_NOOPT from your kernel config.

20051211:
	The net80211-related tools in the tools/tools/ath directory
	have been moved to tools/tools/net80211 and renamed with a
	"wlan" prefix.  Scripts that use them should be adjusted
	accordingly.

20051202:
	Scripts in the local_startup directories (as defined in
	/etc/defaults/rc.conf) that have the new rc.d semantics will
	now be run as part of the base system rcorder. If there are
	errors or problems with one of these local scripts, it could
	cause boot problems. If you encounter such problems, boot in
	single user mode, remove that script from the */rc.d directory.
	Please report the problem to the port's maintainer, and the
	freebsd-ports@@freebsd.org mailing list.

20051129:
	The nodev mount option was deprecated in RELENG_6 (where it
	was a no-op), and is now unsupported.  If you have nodev or dev listed
	in /etc/fstab, remove it, otherwise it will result in a mount error.

20051129:
	ABI between ipfw(4) and ipfw(8) has been changed. You need
	to rebuild ipfw(8) when rebuilding kernel.

20051108:
	rp(4)'s device files now contain the unit number.
	Uses of {cua,tty}R[0-9a-f] should be replaced by {cua,tty}R0[0-9a-f].

20051029:
	/etc/rc.d/ppp-user has been renamed to /etc/rc.d/ppp.
	Its /etc/rc.conf.d configuration file has been `ppp' from
	the beginning, and hence there is no need to touch it.

20051014:
	Now most modules get their build-time options from the kernel
	configuration file.  A few modules still have fixed options
	due to their non-conformant implementation, but they will be
	corrected eventually.  You may need to review the options of
	the modules in use, explicitly specify the non-default options
	in the kernel configuration file, and rebuild the kernel and
	modules afterwards.

20051001:
	kern.polling.enable sysctl MIB is now deprecated. Use ifconfig(8)
	to turn polling(4) on your interfaces.

20050927:
	The old bridge(4) implementation was retired.  The new
	if_bridge(4) serves as a full functional replacement.

20050722:
	The ai_addrlen of a struct addrinfo was changed to a socklen_t
	to conform to POSIX-2001.  This change broke an ABI
	compatibility on 64 bit architecture.  You have to recompile
	userland programs that use getaddrinfo(3) on 64 bit
	architecture.

20050711:
	RELENG_6 branched here.

20050629:
	The pccard_ifconfig rc.conf variable has been removed and a new
	variable, ifconfig_DEFAULT has been introduced.  Unlike
	pccard_ifconfig, ifconfig_DEFAULT applies to ALL interfaces that
	do not have ifconfig_ifn entries rather than just those in
	removable_interfaces.

20050616:
	Some previous versions of PAM have permitted the use of
	non-absolute paths in /etc/pam.conf or /etc/pam.d/* when referring
	to third party PAM modules in /usr/local/lib.  A change has been
	made to require the use of absolute paths in order to avoid
	ambiguity and dependence on library path configuration, which may
	affect existing configurations.

20050610:
	Major changes to network interface API.  All drivers must be
	recompiled.  Drivers not in the base system will need to be
	updated to the new APIs.

20050609:
	Changes were made to kinfo_proc in sys/user.h.  Please recompile
	userland, or commands like `fstat', `pkill', `ps', `top' and `w'
	will not behave correctly.

	The API and ABI for hwpmc(4) have changed with the addition
	of sampling support.  Please recompile lib/libpmc(3) and
	usr.sbin/{pmcstat,pmccontrol}.

20050606:
	The OpenBSD dhclient was imported in place of the ISC dhclient
	and the network interface configuration scripts were updated
	accordingly.  If you use DHCP to configure your interfaces, you
	must now run devd.  Also, DNS updating was lost so you will need
	to find a workaround if you use this feature.

	The '_dhcp' user was added to support the OpenBSD dhclient.  Be
	sure to run mergemaster -p (like you are supposed to do every time
	anyway).

20050605:
	if_bridge was added to the tree. This has changed struct ifnet.
	Please recompile userland and all network related modules.

20050603:
	The n_net of a struct netent was changed to an uint32_t, and
	1st argument of getnetbyaddr() was changed to an uint32_t, to
	conform to POSIX-2001.  These changes broke an ABI
	compatibility on 64 bit architecture.  With these changes,
	shlib major of libpcap was bumped.  You have to recompile
	userland programs that use getnetbyaddr(3), getnetbyname(3),
	getnetent(3) and/or libpcap on 64 bit architecture.

20050528:
	Kernel parsing of extra options on '#!' first lines of shell
	scripts has changed.  Lines with multiple options likely will
	fail after this date.  For full details, please see
		http://people.freebsd.org/~gad/Updating-20050528.txt

20050503:
	The packet filter (pf) code has been updated to OpenBSD 3.7
	Please note the changed anchor syntax and the fact that
	authpf(8) now needs a mounted fdescfs(5) to function.

20050415:
	The NO_MIXED_MODE kernel option has been removed from the i386
	amd64 platforms as its use has been superceded by the new local
	APIC timer code.  Any kernel config files containing this option
	should be updated.

20050227:
	The on-disk format of LC_CTYPE files was changed to be machine
	independent.  Please make sure NOT to use NO_CLEAN buildworld
	when crossing this point. Crossing this point also requires
	recompile or reinstall of all locale depended packages.

20050225:
	The ifi_epoch member of struct if_data has been changed to
	contain the uptime at which the interface was created or the
	statistics zeroed rather then the wall clock time because
	wallclock time may go backwards.  This should have no impact
	unless an snmp implementation is using this value (I know of
	none at this point.)

20050224:
	The acpi_perf and acpi_throttle drivers are now part of the
	acpi(4) main module.  They are no longer built separately.

20050223:
	The layout of struct image_params has changed. You have to
	recompile all compatibility modules (linux, svr4, etc) for use
	with the new kernel.

20050223:
	The p4tcc driver has been merged into cpufreq(4).  This makes
	"options CPU_ENABLE_TCC" obsolete.  Please load cpufreq.ko or
	compile in "device cpufreq" to restore this functionality.

20050220:
	The responsibility of recomputing the file system summary of
	a SoftUpdates-enabled dirty volume has been transferred to the
	background fsck.  A rebuild of fsck(8) utility is recommended
	if you have updated the kernel.

	To get the old behavior (recompute file system summary at mount
	time), you can set vfs.ffs.compute_summary_at_mount=1 before
	mounting the new volume.

20050206:
	The cpufreq import is complete.  As part of this, the sysctls for
	acpi(4) throttling have been removed.  The power_profile script
	has been updated, so you can use performance/economy_cpu_freq in
	rc.conf(5) to set AC on/offline cpu frequencies.

20050206:
	NG_VERSION has been increased. Recompiling kernel (or ng_socket.ko)
	requires recompiling libnetgraph and userland netgraph utilities.

20050114:
	Support for abbreviated forms of a number of ipfw options is
	now deprecated.  Warnings are printed to stderr indicating the
	correct full form when a match occurs.  Some abbreviations may
	be supported at a later date based on user feedback.  To be
	considered for support, abbreviations must be in use prior to
	this commit and unlikely to be confused with current key words.

20041221:
	By a popular demand, a lot of NOFOO options were renamed
	to NO_FOO (see bsd.compat.mk for a full list).  The old
	spellings are still supported, but will cause annoying
	warnings on stderr.  Make sure you upgrade properly (see
	the COMMON ITEMS: section later in this file).

20041219:
	Auto-loading of ancillary wlan modules such as wlan_wep has
	been temporarily disabled; you need to statically configure
	the modules you need into your kernel or explicitly load them
	prior to use.  Specifically, if you intend to use WEP encryption
	with an 802.11 device load/configure wlan_wep; if you want to
	use WPA with the ath driver load/configure wlan_tkip, wlan_ccmp,
	and wlan_xauth as required.

20041213:
	The behaviour of ppp(8) has changed slightly.  If lqr is enabled
	(``enable lqr''), older versions would revert to LCP ECHO mode on
	negotiation failure.  Now, ``enable echo'' is required for this
	behaviour.  The ppp version number has been bumped to 3.4.2 to
	reflect the change.

20041201:
	The wlan support has been updated to split the crypto support
	into separate modules.  For static WEP you must configure the
	wlan_wep module in your system or build and install the module
	in place where it can be loaded (the kernel will auto-load
	the module when a wep key is configured).

20041201:
	The ath driver has been updated to split the tx rate control
	algorithm into a separate module.  You need to include either
	ath_rate_onoe or ath_rate_amrr when configuring the kernel.

20041116:
	Support for systems with an 80386 CPU has been removed.  Please
	use FreeBSD 5.x or earlier on systems with an 80386.

20041110:
	We have had a hack which would mount the root filesystem
	R/W if the device were named 'md*'.  As part of the vnode
	work I'm doing I have had to remove this hack.  People
	building systems which use preloaded MD root filesystems
	may need to insert a "/sbin/mount -u -o rw /dev/md0 /" in
	their /etc/rc scripts.

20041104:
	FreeBSD 5.3 shipped here.

20041102:
	The size of struct tcpcb has changed again due to the removal
	of RFC1644 T/TCP.  You have to recompile userland programs that
	read kmem for tcp sockets directly (netstat, sockstat, etc.)

20041022:
	The size of struct tcpcb has changed.  You have to recompile
	userland programs that read kmem for tcp sockets directly
	(netstat, sockstat, etc.)

20041016:
	RELENG_5 branched here.  For older entries, please see updating
	in the RELENG_5 branch.

COMMON ITEMS:

	General Notes
	-------------
	Avoid using make -j when upgrading.  From time to time in the
	past there have been problems using -j with buildworld and/or
	installworld.  This is especially true when upgrading between
	"distant" versions (eg one that cross a major release boundary
	or several minor releases, or when several months have passed
	on the -current branch).

	Sometimes, obscure build problems are the result of environment
	poisoning.  This can happen because the make utility reads its
	environment when searching for values for global variables.
	To run your build attempts in an "environmental clean room",
	prefix all make commands with 'env -i '.  See the env(1) manual
	page for more details.

	When upgrading from one major version to another it is generally
	best to upgrade to the latest code in the currently installed branch
	first, then do an upgrade to the new branch. This is the best-tested
	upgrade path, and has the highest probability of being successful.
	Please try this approach before reporting problems with a major
	version upgrade.

	ZFS notes
	---------
	When upgrading the boot ZFS pool to a new version, always follow
	these two steps:

	1.) recompile and reinstall the ZFS boot loader and boot block
	(this is part of "make buildworld" and "make installworld")

	2.) update the ZFS boot block on your boot drive

	The following example updates the ZFS boot block on the first
	partition (freebsd-boot) of a GPT partitioned drive ad0:
	"gpart bootcode -p /boot/gptzfsboot -i 1 ad0"

	Non-boot pools do not need these updates.

	To build a kernel
	-----------------
	If you are updating from a prior version of FreeBSD (even one just
	a few days old), you should follow this procedure.  It is the most
	failsafe as it uses a /usr/obj tree with a fresh mini-buildworld,

	make kernel-toolchain
	make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE
	make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE

	To test a kernel once
	---------------------
	If you just want to boot a kernel once (because you are not sure
	if it works, or if you want to boot a known bad kernel to provide
	debugging information) run
	make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel
	nextboot -k testkernel

	To just build a kernel when you know that it won't mess you up
	--------------------------------------------------------------
	This assumes you are already running a 5.X system.  Replace
	${arch} with the architecture of your machine (e.g. "i386",
	"alpha", "amd64", "ia64", "pc98", "sparc64", etc).

	cd src/sys/${arch}/conf
	config KERNEL_NAME_HERE
	cd ../compile/KERNEL_NAME_HERE
	make depend
	make
	make install

	If this fails, go to the "To build a kernel" section.

	To rebuild everything and install it on the current system.
	-----------------------------------------------------------
	# Note: sometimes if you are running current you gotta do more than
	# is listed here if you are upgrading from a really old current.

	<make sure you have good level 0 dumps>
	make buildworld
	make kernel KERNCONF=YOUR_KERNEL_HERE
							[1]
	<reboot in single user>				[3]
	mergemaster -p					[5]
	make installworld
	mergemaster					[4]
	make delete-old					[6]
	<reboot>


	To cross-install current onto a separate partition
	--------------------------------------------------
	# In this approach we use a separate partition to hold
	# current's root, 'usr', and 'var' directories.   A partition
	# holding "/", "/usr" and "/var" should be about 2GB in
	# size.

	<make sure you have good level 0 dumps>
	<boot into -stable>
	make buildworld
	make buildkernel KERNCONF=YOUR_KERNEL_HERE
	<maybe newfs current's root partition>
	<mount current's root partition on directory ${CURRENT_ROOT}>
	make installworld DESTDIR=${CURRENT_ROOT}
	make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
	make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
	cp /etc/fstab ${CURRENT_ROOT}/etc/fstab 		   # if newfs'd
	<edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
	<reboot into current>
	<do a "native" rebuild/install as described in the previous section>
	<maybe install compatibility libraries from ports/misc/compat*>
	<reboot>


	To upgrade in-place from 5.x-stable to current
	----------------------------------------------
	<make sure you have good level 0 dumps>
	make buildworld					[9]
	make kernel KERNCONF=YOUR_KERNEL_HERE		[8]
							[1]
	<reboot in single user>				[3]
	mergemaster -p					[5]
	make installworld
	mergemaster -i					[4]
	make delete-old					[6]
	<reboot>

	Make sure that you've read the UPDATING file to understand the
	tweaks to various things you need.  At this point in the life
	cycle of current, things change often and you are on your own
	to cope.  The defaults can also change, so please read ALL of
	the UPDATING entries.

	Also, if you are tracking -current, you must be subscribed to
	freebsd-current@@freebsd.org.  Make sure that before you update
	your sources that you have read and understood all the recent
	messages there.  If in doubt, please track -stable which has
	much fewer pitfalls.

	[1] If you have third party modules, such as vmware, you
	should disable them at this point so they don't crash your
	system on reboot.

	[3] From the bootblocks, boot -s, and then do
		fsck -p
		mount -u /
		mount -a
		cd src
		adjkerntz -i		# if CMOS is wall time
	Also, when doing a major release upgrade, it is required that
	you boot into single user mode to do the installworld.

	[4] Note: This step is non-optional.  Failure to do this step
	can result in a significant reduction in the functionality of the
	system.  Attempting to do it by hand is not recommended and those
	that pursue this avenue should read this file carefully, as well
	as the archives of freebsd-current and freebsd-hackers mailing lists
	for potential gotchas.

	[5] Usually this step is a noop.  However, from time to time
	you may need to do this if you get unknown user in the following
	step.  It never hurts to do it all the time.  You may need to
	install a new mergemaster (cd src/usr.sbin/mergemaster && make
	install) after the buildworld before this step if you last updated
	from current before 20020224 or from -stable before 20020408.

	[6] This only deletes old files and directories. Old libraries
	can be deleted by "make delete-old-libs", but you have to make
	sure that no program is using those libraries anymore.

	[8] In order to have a kernel that can run the 4.x binaries
	needed to do an installworld, you must include the COMPAT_FREEBSD4
	option in your kernel.  Failure to do so may leave you with a system
	that is hard to boot to recover. A similar kernel option COMPAT_FREEBSD5
	is required to run the 5.x binaries on more recent kernels.

	Make sure that you merge any new devices from GENERIC since the
	last time you updated your kernel config file.

	[9] When checking out sources, you must include the -P flag to have
	cvs prune empty directories.

	If CPUTYPE is defined in your /etc/make.conf, make sure to use the
	"?=" instead of the "=" assignment operator, so that buildworld can
	override the CPUTYPE if it needs to.

	MAKEOBJDIRPREFIX must be defined in an environment variable, and
	not on the command line, or in /etc/make.conf.  buildworld will
	warn if it is improperly defined.
FORMAT:

This file contains a list, in reverse chronological order, of major
breakages in tracking -current.  It is not guaranteed to be a complete
list of such breakages, and only contains entries since October 16, 2004.
If you need to see UPDATING entries from before that date, you will need
to fetch an UPDATING file from an older FreeBSD release.

Copyright information:

Copyright 1998-2005 M. Warner Losh.  All Rights Reserved.

Redistribution, publication, translation and use, with or without
modification, in full or in part, in any form or format of this
document are permitted without further permission from the author.

THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED.  IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

If you find this document useful, and you want to, you may buy the
author a beer.

Contact Warner Losh if you have any questions about your use of
this document.

$FreeBSD: releng/8.4/UPDATING 247607 2013-03-02 01:04:02Z delphij $
@


1.757.2.3
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250073
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 3
20130429:
	Fix a bug that allows NFS clients to issue READDIR on files.

d1858 1
a1858 1
$FreeBSD: releng/8.4/UPDATING 250073 2013-04-29 21:11:31Z des $
@


1.757.2.4
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/252334
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 9
20130628:	p1	FreeBSD-EN-13:01.fxp
			FreeBSD-EN-13:02.vtnet
	Fix a problem where dhclient(8) utility tries to initilaize an
	fxp(4) forever because the driver resets the controller chip
	twice upon initialization. [EN-13:01]

	Fix a problem where frames sent to additional MAC addresses are
	not forwarded to the vtnet(4) interface. [EN-13:02]

d1861 1
a1861 1
$FreeBSD: releng/8.4/UPDATING 252334 2013-06-28 05:21:59Z delphij $
@


1.757.2.5
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/253692
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 3
20130726:	p2	FreeBSD-SA-13:07.bind
	Fix Denial of Service vulnerability in named(8).

d1870 1
a1870 1
$FreeBSD: releng/8.4/UPDATING 253692 2013-07-26 22:40:17Z delphij $
@


1.757.2.6
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/254632
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 9
20130822:	p3	FreeBSD-SA-13:09.ip_multicast
			FreeBSD-SA-13:10.sctp
	Fix an integer overflow in computing the size of a temporary buffer
	can result in a buffer which is too small for the requested
	operation. [13:09]

	Fix a bug that could lead to kernel memory disclosure with
	SCTP state cookie. [13:10]

d1873 1
a1873 1
$FreeBSD: releng/8.4/UPDATING 254632 2013-08-22 00:51:56Z delphij $
@


1.757.2.7
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/255447
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 11
20130910:	p4	FreeBSD-SA-13:12.ifioctl
			FreeBSD-SA-13:13.nullfs

	In IPv6 and NetATM, stop SIOCSIFADDR, SIOCSIFBRDADDR,
	SIOCSIFDSTADDR and SIOCSIFNETMASK at the socket layer rather
	than pass them on to the link layer without validation or
	credential checks.  [SA-13:12]

	Prevent cross-mount hardlinks between different nullfs mounts
	of the same underlying filesystem.  [SA-13:13]

d1882 1
a1882 1
$FreeBSD: releng/8.4/UPDATING 255447 2013-09-10 10:14:19Z des $
@


1.757.2.8
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/257194
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 4
20131026:	p5	FreeBSD-EN-13:04.freebsd-update
	Fix multiple freebsd-update bugs that break upgrading to
	FreeBSD 10.0.

d1893 1
a1893 1
$FreeBSD: releng/8.4/UPDATING 257194 2013-10-26 20:01:00Z delphij $
@


1.757.2.9
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/258725
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 3
20131128:	p6	FreeBSD-EN-13:05.freebsd-update
	Fix error in patch for FreeBSD-EN-13:04.freebsd-update.

d1897 1
a1897 1
$FreeBSD: releng/8.4/UPDATING 258725 2013-11-28 22:12:48Z delphij $
@


1.757.2.10
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/260647
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 16
20140114:	p7	FreeBSD-SA-14:01.bsnmpd
			FreeBSD-SA-14:02.ntpd
			FreeBSD-SA-14:04.bind
			FreeBSD-EN-14:01.random
			FreeBSD-EN-14:02.mmap
	Fix bsnmpd remote denial of service vulnerability. [SA-14:01]

	Fix ntpd distributed reflection Denial of Service
	vulnerability. [SA-14:02]

	Fix BIND remote denial of service vulnerability. [SA-14:04]

	Disable hardware RNGs by default. [EN-14:01]

	Fix incorrect coalescing of stack entry with mmap. [EN-14:02]

d1900 1
a1900 1
$FreeBSD: releng/8.4/UPDATING 260647 2014-01-14 19:42:28Z delphij $
@


1.757.2.11
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/264284
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 6
20140408:	p8	FreeBSD-SA-14:05.nfsserver
			FreeBSD-SA-14:06.openssl
	Fix deadlock in the NFS server. [SA-14:05]

	Fix for ECDSA Cache Side-channel Attack in OpenSSL. [SA-14:06]

d1916 1
a1916 1
$FreeBSD: releng/8.4/UPDATING 264284 2014-04-08 23:16:05Z delphij $
@


1.757.2.12
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/265125
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 4
20140430:	p9	FreeBSD-SA-14:08.tcp

        Fix TCP reassembly vulnerability. [SA-14:08]

d1922 1
a1922 1
$FreeBSD: releng/8.4/UPDATING 265125 2014-04-30 04:05:47Z delphij $
@


1.757.2.13
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/265989
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 7
20140513:	p10	FreeBSD-EN-14:03.pkg
			FreeBSD-EN-14:04.kldxref

	Add pkg bootstrapping, configuration and public keys. [EN-14:03]

	Improve build repeatability for kldxref(8). [EN-14:04]

d1926 1
a1926 1
$FreeBSD: releng/8.4/UPDATING 265989 2014-05-13 23:24:32Z delphij $
@


1.756
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/247821
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d29 4
d1792 1
a1792 1
$FreeBSD: head/UPDATING 247821 2013-03-04 22:41:49Z davide $
@


1.755
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/247814
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d30 6
d1788 1
a1788 1
$FreeBSD: head/UPDATING 247814 2013-03-04 21:18:45Z ken $
@


1.754
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/247615
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d29 7
d1782 1
a1782 1
$FreeBSD: head/UPDATING 247615 2013-03-02 08:12:41Z adrian $
@


1.753
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/247509
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d29 7
d1775 1
a1775 1
$FreeBSD: head/UPDATING 247509 2013-02-28 23:45:41Z gjb $
@


1.752
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/247422
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d49 2
a50 2
	option served little practical purpose in the last decade so it's
	used expected to be extremely rare.
d1768 1
a1768 1
$FreeBSD: head/UPDATING 247422 2013-02-27 21:58:06Z delphij $
@


1.751
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/246114
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d29 7
d1768 1
a1768 1
$FreeBSD: head/UPDATING 246114 2013-01-30 10:23:38Z gabor $
@


1.750
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/246074
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d34 1
a34 1
	ans install world with the WITH_BSD_PATCH knob set.
d1761 1
a1761 1
$FreeBSD: head/UPDATING 246074 2013-01-29 17:03:18Z gabor $
@


1.749
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/245617
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d29 7
d1761 1
a1761 1
$FreeBSD: head/UPDATING 245617 2013-01-18 20:57:50Z brooks $
@


1.748
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/244629
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d29 9
d1754 1
a1754 1
$FreeBSD: head/UPDATING 244629 2012-12-23 13:04:04Z avg $
@


1.747
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/244585
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d29 5
d1745 1
a1745 1
$FreeBSD: head/UPDATING 244585 2012-12-22 13:43:12Z jh $
@


1.746
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/244323
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d29 6
d1740 1
a1740 1
$FreeBSD: head/UPDATING 244323 2012-12-16 23:29:56Z pjd $
@


1.745
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/243800
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d29 7
d1734 1
a1734 1
$FreeBSD: head/UPDATING 243800 2012-12-02 22:09:16Z rwatson $
@


1.744
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 243443
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r243443 | hrs | 2012-11-23 12:12:06 +0000 (Fri, 23 Nov 2012) | 2 lines
## SVN ##
## SVN ## Document sin6_scope_id handling change and bump FreeBSD_version to 1000025.
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d7 3
a9 1
handbook.
d29 5
d1727 1
a1727 1
$FreeBSD: head/UPDATING 243443 2012-11-23 12:12:06Z hrs $
@


1.743
log
@Switching exporter and resync
@
text
@d27 8
d1720 1
a1720 1
$FreeBSD: head/UPDATING 242626 2012-11-05 19:20:18Z brooks $
@


1.742
log
@SVN rev 242626 on 2012-11-05 19:20:18Z by brooks

Fix a minor error in the clang update note.

Reported by:	emaste
@
text
@d1712 1
a1712 1
$FreeBSD$
@


1.741
log
@SVN rev 242624 on 2012-11-05 19:08:18Z by brooks

After years of hard work by many FreeBSD and LLVM developers, make
clang the default compiler on i386 and amd64 systems.

Special thanks to:	dim, ed, rdivacky
@
text
@d32 1
a32 1
	with gcc, compiler with WITHOUT_CLANG_IS_CC.
@


1.740
log
@SVN rev 242463 on 2012-11-02 01:20:55Z by ae

Remove the recently added sysctl variable net.pfil.forward.
Instead, add protocol specific mbuf flags M_IP_NEXTHOP and
M_IP6_NEXTHOP. Use them to indicate that the mbuf's chain
contains the PACKET_TAG_IPFORWARD tag. And do a tag lookup
only when this flag is set.

Suggested by:	andre
@
text
@d27 7
@


1.739
log
@SVN rev 242396 on 2012-10-31 13:52:03Z by gavin

Genericise the (out of date) instructions from moving from stable to
current.

MFC after:	3 days
@
text
@d27 1
a27 1
20121025:
d29 1
a29 2
	functionality now can be turned on using the net.pfil.forward
	sysctl variable.
@


1.738
log
@SVN rev 242082 on 2012-10-25 10:35:08Z by ae

Note the removal of the IPFIREWALL_FORWARD kernel option.
@
text
@d1598 1
a1598 1
	To upgrade in-place from 8.x-stable to current
@


1.737
log
@SVN rev 241955 on 2012-10-23 16:33:43Z by andre

Note the removal of the ZERO_COPY_SOCKETS kernel option in r241931
and provide a proper explanation.
@
text
@d27 5
@


1.736
log
@SVN rev 241913 on 2012-10-22 21:09:03Z by glebius

  Switch the entire IPv4 stack to keep the IP packet header
in network byte order. Any host byte order processing is
done in local variables and host byte order values are
never[1] written to a packet.

  After this change a packet processed by the stack isn't
modified at all[2] except for TTL.

  After this change a network stack hacker doesn't need to
scratch his head trying to figure out what is the byte order
at the given place in the stack.

[1] One exception still remains. The raw sockets convert host
byte order before pass a packet to an application. Probably
this would remain for ages for compatibility.

[2] The ip_input() still subtructs header len from ip->ip_len,
but this is planned to be fixed soon.

Reviewed by:	luigi, Maxim Dounin <mdounin mdounin.ru>
Tested by:	ray, Olivier Cochard-Labbe <olivier cochard.me>
@
text
@d28 11
@


1.735
log
@SVN rev 241897 on 2012-10-22 17:54:32Z by kib

Bump __FreeBSD_version and make a note in UPDATING about removal of
the support for non-MPSAFE filesystems.
@
text
@d27 6
@


1.734
log
@SVN rev 241682 on 2012-10-18 12:11:13Z by attilio

Record the full non-MPSAFE pack filesystem disconnect.
@
text
@d27 5
@


1.733
log
@SVN rev 241610 on 2012-10-16 13:37:54Z by glebius

Make the "struct if_clone" opaque to users of the cloning API. Users
now use function calls:

  if_clone_simple()
  if_clone_advanced()

to initialize a cloner, instead of macros that initialize if_clone
structure.

Discussed with:		brooks, bz, 1 year ago
@
text
@d27 5
@


1.732
log
@SVN rev 241600 on 2012-10-16 01:10:43Z by gonzo

Split sdhci driver in two parts: sdhci and sdhci_pci.
sdchi encapsulates a generic SD Host Controller logic that relies on
actual hardware driver for register access.

sdhci_pci implements driver for PCI SDHC controllers using new SDHCI
interface

No kernel config modifications are required, but if you load sdhc
as a module you must switch to sdhci_pci instead.
@
text
@d27 7
@


1.731
log
@SVN rev 241519 on 2012-10-13 23:54:26Z by attilio

Import a FreeBSD port of the FUSE Linux module.
This has been developed during 2 summer of code mandates and being revived
by gnn recently.
The functionality in this commit mirrors entirely content of fusefs-kmod
port, which doesn't need to be installed anymore for -CURRENT setups.

In order to get some sparse technical notes, please refer to:
http://lists.freebsd.org/pipermail/freebsd-fs/2012-March/013876.html

or to the project branch:
svn://svn.freebsd.org/base/projects/fuse/

which also contains granular history of changes happened during port
refinements. This commit does not came from the branch reintegration
itself because it seems svn is not behaving properly for this functionaly
at the moment.

Partly Sponsored by:		Google, Summer of Code program 2005, 2011
Originally submitted by:	ilya, Csaba Henk <csaba-ml AT creo DOT hu >
In collabouration with:		pho
Tested by:			flo, gnn, Gustau Perez,
				Kevin Oberman <rkoberman AT gmail DOT com>
MFC after:			2 months
@
text
@d27 6
@


1.730
log
@SVN rev 241515 on 2012-10-13 19:37:58Z by gabor

- Fix typo

Spotted by:	glebius
@
text
@d27 3
@


1.729
log
@SVN rev 241511 on 2012-10-13 18:40:39Z by gabor

- Remove GNU sort and the WITH_GNU_SORT knob
@
text
@d31 1
a31 1
	knob has als gone.
@


1.728
log
@SVN rev 241245 on 2012-10-06 10:02:11Z by glebius

  A step in resolving mess with byte ordering for AF_INET. After this change:

  - All packets in NETISR_IP queue are in net byte order.
  - ip_input() is entered in net byte order and converts packet
    to host byte order right _after_ processing pfil(9) hooks.
  - ip_output() is entered in host byte order and converts packet
    to net byte order right _before_ processing pfil(9) hooks.
  - ip_fragment() accepts and emits packet in net byte order.
  - ip_forward(), ip_mloopback() use host byte order (untouched actually).
  - ip_fastforward() no longer modifies packet at all (except ip_ttl).
  - Swapping of byte order there and back removed from the following modules:
    pf(4), ipfw(4), enc(4), if_bridge(4).
  - Swapping of byte order added to ipfilter(4), based on __FreeBSD_version
  - __FreeBSD_version bumped.
  - pfil(9) manual page updated.

Reviewed by:	ray, luigi, eri, melifaro
Tested by:	glebius (LE), ray (BE)
@
text
@d27 6
@


1.727
log
@SVN rev 241139 on 2012-10-02 17:46:32Z by adrian

Update UPDATING with the ABI change for net80211.
@
text
@d27 5
@


1.726
log
@SVN rev 241092 on 2012-10-01 10:46:35Z by kib

Add the UPDATING note about padlock rng support requiring the config change.

Requested by:	Dewayne Geraghty <dewayne.geraghty@@heuristicsystems.com.au>
MFC after:	3 days
@
text
@d27 5
@


1.725
log
@SVN rev 240233 on 2012-09-08 06:41:54Z by glebius

Merge the projects/pf/head branch, that was worked on for last six months,
into head. The most significant achievements in the new code:

 o Fine grained locking, thus much better performance.
 o Fixes to many problems in pf, that were specific to FreeBSD port.

New code doesn't have that many ifdefs and much less OpenBSDisms, thus
is more attractive to our developers.

  Those interested in details, can browse through SVN log of the
projects/pf/head branch. And for reference, here is exact list of
revisions merged:

r232043, r232044, r232062, r232148, r232149, r232150, r232298, r232330,
r232332, r232340, r232386, r232390, r232391, r232605, r232655, r232656,
r232661, r232662, r232663, r232664, r232673, r232691, r233309, r233782,
r233829, r233830, r233834, r233835, r233836, r233865, r233866, r233868,
r233873, r234056, r234096, r234100, r234108, r234175, r234187, r234223,
r234271, r234272, r234282, r234307, r234309, r234382, r234384, r234456,
r234486, r234606, r234640, r234641, r234642, r234644, r234651, r235505,
r235506, r235535, r235605, r235606, r235826, r235991, r235993, r236168,
r236173, r236179, r236180, r236181, r236186, r236223, r236227, r236230,
r236252, r236254, r236298, r236299, r236300, r236301, r236397, r236398,
r236399, r236499, r236512, r236513, r236525, r236526, r236545, r236548,
r236553, r236554, r236556, r236557, r236561, r236570, r236630, r236672,
r236673, r236679, r236706, r236710, r236718, r237154, r237155, r237169,
r237314, r237363, r237364, r237368, r237369, r237376, r237440, r237442,
r237751, r237783, r237784, r237785, r237788, r237791, r238421, r238522,
r238523, r238524, r238525, r239173, r239186, r239644, r239652, r239661,
r239773, r240125, r240130, r240131, r240136, r240186, r240196, r240212.

I'd like to thank people who participated in early testing:

Tested by:	Florian Smeets <flo freebsd.org>
Tested by:	Chekaluk Vitaly <artemrts ukr.net>
Tested by:	Ben Wilber <ben desync.com>
Tested by:	Ian FREISLICH <ianf cloudseed.co.za>
@
text
@d27 8
@


1.724
log
@SVN rev 239774 on 2012-08-28 12:25:37Z by mm

Merge recent vendor changes:
3100 zvol rename fails with EBUSY when dirty
3104 eliminate empty bpobjs
3120 zinject hangs in zfsdev_ioctl() due to uninitialized zc

References:
  https://www.illumos.org/issues/3100
  https://www.illumos.org/issues/3104
  https://www.illumos.org/issues/3120

Obtained from:	illumos (vendor/illumos, vendor/illumos-sys)
MFC after:	2 weeks
@
text
@d27 4
@


1.723
log
@SVN rev 238851 on 2012-07-27 18:23:11Z by marius

Pull the tier-2 card and change the sparc64 ZFS loader to no longer probe
all diskN aliases for providers (which more or less corresponds to how the
x86 version behaves) but instead probe only those listed in the boot-device
OFW environment variable. This has the following advantages:
- avoids otherwise unavoidable OFW warnings about failures to open disks
  for which aliases exist but no actual hardware is connected
- avoids issues due to different diskN naming schemes
- aligns us with Solaris

MFC after:	3 days
@
text
@d27 7
@


1.722
log
@SVN rev 238405 on 2012-07-12 19:30:53Z by jkim

Merge OpenSSL 1.0.1c.

Approved by:	benl (maintainer)
@
text
@d27 5
@


1.721
log
@SVN rev 238392 on 2012-07-12 07:34:09Z by brueffer

Document the sysctl/tunable changes in r238379 and r238382.

Suggested by:	mjacob
@
text
@d28 5
@


1.720
log
@SVN rev 237696 on 2012-06-28 08:22:00Z by gabor

- Add UPDATING entry for BSD sort
@
text
@d27 6
@


1.719
log
@SVN rev 236884 on 2012-06-11 11:35:22Z by mm

Introduce "feature flags" for ZFS pools (bump SPA version to 5000).
Add first feature "com.delphix:async_destroy" (asynchronous destroy
of ZFS datasets).
Implement features support in ZFS boot code.

Illumos revisions merged:
13700:2889e2596bd6
13701:1949b688d5fb
2619 asynchronous destruction of ZFS file systems
2747 SPA versioning with zfs feature flags

References:
https://www.illumos.org/issues/2619
https://www.illumos.org/issues/2747

Obtained from:	illumos (issue #2619, #2747)
MFC after:	1 month
@
text
@d27 6
@


1.718
log
@SVN rev 234396 on 2012-04-17 20:35:54Z by jasone

Update directions on how to disable malloc debugging.
@
text
@d27 11
@


1.717
log
@SVN rev 234395 on 2012-04-17 20:21:04Z by jasone

Add an UPDATING entry for the contrib/jemalloc import.
@
text
@d22 4
a25 2
	machines to maximize performance.  (To disable malloc debugging, run
	ln -s aj /etc/malloc.conf.)
@


1.716
log
@SVN rev 233644 on 2012-03-29 02:54:35Z by jmallett

Assume a big-endian default on MIPS and drop the "eb" suffix from MACHINE_ARCH.
This makes our naming scheme more closely match other systems and the
expectations of much third-party software.  MIPS builds which are little-endian
should require and exhibit no changes.  Big-endian TARGET_ARCHes must be
changed:
	From:		To:
	mipseb		mips
	mipsn32eb	mipsn32
	mips64eb	mips64

An entry has been added to UPDATING and some foot-shooting protection (complete
with warnings which should become errors in the near future) to the top-level
base system Makefile.
@
text
@d25 9
@


1.715
log
@SVN rev 232619 on 2012-03-06 20:01:25Z by attilio

Disable the option VFS_ALLOW_NONMPSAFE by default on all the supported
platforms.
This will make every attempt to mount a non-mpsafe filesystem to the
kernel forbidden, unless it is expressely compiled with
VFS_ALLOW_NONMPSAFE option.

This patch is part of the effort of killing non-MPSAFE filesystems
from the tree.

No MFC is expected for this patch.
@
text
@d25 7
@


1.714
log
@SVN rev 232317 on 2012-02-29 21:38:31Z by trociny

Introduce VOP_UNP_BIND(), VOP_UNP_CONNECT(), and VOP_UNP_DETACH()
operations for setting and accessing vnode's v_socket field.

The operations are necessary to implement proper unix socket handling
on layered file systems like nullfs(5).

This change fixes the long standing issue with nullfs(5) being in that
unix sockets did not work between lower and upper layers: if we bound
to a socket on the lower layer we could connect only to the lower
path; if we bound to the upper layer we could connect only to the
upper path. The new behavior is one can connect to both the lower and
the upper paths regardless what layer path one binds to.

PR:		kern/51583, kern/159663
Suggested by:	kib
Reviewed by:	arch
MFC after:	2 weeks
@
text
@d25 4
@


1.713
log
@SVN rev 231506 on 2012-02-11 06:05:40Z by bz

Switch getifaddrs(3) to the new API introduced in r231505.  Also remove
conditional code parts not used by or applicable to FreeBSD.

The new implementation is supposed to be able to cope with changes to
the 'l' versions of the msghdr structs now used as well as to if_data
allowing future changes without breaking things.

This restores carp(4) config support in HEAD after r231504.

Reviewed by:	glebius, brooks
MFC After:	3 months
@
text
@d25 8
@


1.712
log
@SVN rev 230122 on 2012-01-14 23:19:10Z by dougb

For the mass rc.d changes, add a command line to make the update easier
@
text
@d25 7
@


1.711
log
@SVN rev 230105 on 2012-01-14 09:32:58Z by dougb

Add an entry detailing the removal of set_rcvar() from /etc/rc.subr

Requested by:   Garrett Cooper <yanegomi@@gmail.com>
@
text
@d31 3
@


1.710
log
@SVN rev 229854 on 2012-01-09 12:06:09Z by avg

enable stop_scheduler_on_panic by default

My plan is to make this behavior unconditional before 10.0 release.

X-MFC after:	r228424 (if ever)
@
text
@d25 6
@


1.709
log
@SVN rev 228571 on 2011-12-16 12:16:56Z by glebius

A major overhaul of the CARP implementation. The ip_carp.c was started
from scratch, copying needed functionality from the old implemenation
on demand, with a thorough review of all code. The main change is that
interface layer has been removed from the CARP. Now redundant addresses
are configured exactly on the interfaces, they run on.

The CARP configuration itself is, as before, configured and read via
SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or
SIOCAIFADDR_IN6 may now be configured to a particular virtual host id,
which makes the prefix redundant.

ifconfig(8) semantics has been changed too: now one doesn't need
to clone carpXX interface, he/she should directly configure a vhid
on a Ethernet interface.

To supply vhid data from the kernel to an application the getifaddrs(8)
function had been changed to pass ifam_data with each address. [1]

The new implementation definitely closes all PRs related to carp(4)
being an interface, and may close several others. It also allows
to run a single redundant IP per interface.

Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for
idea on using ifam_data and for several rounds of reviewing!

PR:		kern/117000, kern/126945, kern/126714, kern/120130, kern/117448
Reviewed by:	bz
Submitted by:	bz [1]
@
text
@d25 7
@


1.708
log
@SVN rev 228163 on 2011-11-30 20:08:30Z by jh

Add an entry for r227823.
@
text
@d25 11
@


1.707
log
@SVN rev 227333 on 2011-11-08 10:18:07Z by attilio

Introduce the option VFS_ALLOW_NONMPSAFE and turn it on by default on
all the architectures.
The option allows to mount non-MPSAFE filesystem. Without it, the
kernel will refuse to mount a non-MPSAFE filesytem.

This patch is part of the effort of killing non-MPSAFE filesystems
from the tree.

No MFC is expected for this patch.

Tested by:	gianni
Reviewed by:	kib
@
text
@d25 4
@


1.706
log
@SVN rev 227006 on 2011-11-01 21:26:57Z by marius

Add a PCI front-end to esp(4) allowing it to support AMD Am53C974 and
replace amd(4) with the former in the amd64, i386 and pc98 GENERIC kernel
configuration files. Besides duplicating functionality, amd(4), which
previously also supported the AMD Am53C974, unlike esp(4) is no longer
maintained and has accumulated enough bit rot over time to always cause
a panic during boot as long as at least one target is attached to it
(see PR 124667).

PR:		124667
Obtained from:	NetBSD (based on)
MFC after:	3 days
@
text
@d25 6
@


1.705
log
@SVN rev 226436 on 2011-10-16 14:30:28Z by eadler

- change "is is" to "is" or "it is"
- change "the the" to "the"

Approved by:	lstewart
Approved by:	sahil (mentor)
MFC after:	3 days
@
text
@d25 4
@


1.704
log
@SVN rev 225937 on 2011-10-03 15:13:09Z by nwhitehorn

Farewall, sysinstall! You served us well for many years, but 10.0 is one
digit beyond your time.

Various sysinstall dependencies (e.g. libftpio, libdisk, libodialog, etc.)
will be cleaned up in coming days. Some will take longer than others due to
a few other consumers (tzsetup and sade).
@
text
@d465 1
a465 1
	your wireless card, use the the devices iwn4965fw, iwn5000fw or
@


1.703
log
@SVN rev 225757 on 2011-09-26 02:27:04Z by kensmith

Shift head from 9.0-CURRENT to 10.0-CURRENT in preparation for releasing
it from the 9.0-RELEASE release cycle code freeze.

Approved by:	re (implicit)
@
text
@d25 3
@


1.702
log
@SVN rev 225537 on 2011-09-13 21:01:26Z by rmacklem

Modify vfs_register() to use a hash calculation
on vfc_name to set vfc_typenum, so that vfc_typenum doesn't
change when file systems are loaded in different orders. This
keeps NFS file handles from changing, for file systems that
use vfc_typenum in their fsid. This change is controlled via
a loader.conf variable called vfs.typenumhash, since vfc_typenum
will change once when this is enabled. It defaults to 1 for
9.0, but will default to 0 when MFC'd to stable/8.

Tested by:	hrs
Reviewed by:	jhb, pjd (earlier version)
Approved by:	re (kib)
MFC after:	1 month
@
text
@d12 2
a13 2
NOTE TO PEOPLE WHO THINK THAT FreeBSD 9.x IS SLOW:
	FreeBSD 9.x has many debugging features turned on, in both the kernel
d25 4
@


1.702.2.1
log
@SVN rev 225736 on 2011-09-23 00:51:37Z by kensmith

Copy head to stable/9 as part of 9.0-RELEASE release cycle.

Approved by:	re (implicit)
@
text
@@


1.702.2.2
log
@SVN rev 226405 on 2011-10-15 21:23:04Z by kensmith

Remove extra debuggin gsupport that is turned on for head but turned off
for stable branches:

	- shift to MALLOC_PRODUCTION
	- turn off automatic crash dumps
	- remove kernel debuggers, INVARIANT*[1], WITNESS* from GENERIC
	  kernel config files

[1] INVARIANT* left on for ia64 at least temporarily, marcel@@ will test
    to see if they are still required as they had been for stable/8.

Approved by:	re (implicit)
@
text
@d12 12
a23 4
NOTE TO PEOPLE WHO THINK THAT FreeBSD 9.x IS SLOW ON IA64:
	For ia64 the INVARIANTS and INVARIANT_SUPPORT kernel options
	were left in the GENERIC kernel because the kernel does not
	work properly without them.
@


1.702.2.3
log
@SVN rev 226548 on 2011-10-19 23:02:57Z by kensmith

Remove the last of the debugging support (INVARIANT*) from the ia64
GENERIC config file, the ia64 kernel runs OK without it.

Reviewed by:	marcel
Approved by:	re (implicit)
@
text
@d12 5
@


1.702.2.4
log
@SVN rev 227305 on 2011-11-07 13:40:54Z by marius

MFC: r227006, r227281, r227282

Add a PCI front-end to esp(4) allowing it to support AMD Am53C974 and
replace amd(4) with the former in the amd64, i386 and pc98 GENERIC kernel
configuration files. Besides duplicating functionality, amd(4), which
previously also supported the AMD Am53C974, unlike esp(4) is no longer
maintained and has accumulated enough bit rot over time to always cause
a panic during boot as long as at least one target is attached to it
(see PR 124667).

PR:		124667
Approved by:	re (kib)
Obtained from:	NetBSD (based on)
@
text
@a11 4
20111101:
	The broken amd(4) driver has been replaced with esp(4) in the amd64,
	i386 and pc98 GENERIC kernel configuration files.

@


1.702.2.5
log
@SVN rev 229281 on 2012-01-02 14:43:33Z by kensmith

Guess when we'll be ready to announce 9.0-RELEASE.
@
text
@a11 3
20120106:
	9.0-RELEASE.

@


1.702.2.6
log
@SVN rev 229461 on 2012-01-04 03:37:41Z by eadler

MFC r227458, r226436:

- change "is is" to "is" or "it is"
- change "the the" to "the"
- other typo fixes

Approved by:	lstewart
@
text
@d452 1
a452 1
	your wireless card, use the devices iwn4965fw, iwn5000fw or
@


1.702.2.7
log
@SVN rev 229703 on 2012-01-06 15:07:28Z by kib

MFC r227697:
Change the interface for VOP_VPTOCNP(), now the dvp must be
referenced. Convert all in-tree implementations of VOP_VPTOCNP().
This fixes VOP_VPTOCNP bypass for nullfs.

Approved by:	re (bz)
@
text
@a12 5
	The interface of the VOP_VPTOCNP(9) changed, now the returned
	vnode shall be referenced, previously it was required to be
	only held.  All in-tree filesystems are converted.

20120106:
@


1.702.2.8
log
@SVN rev 229723 on 2012-01-06 19:29:16Z by jhb

MFC 227070,227341,227502:
Add the posix_fadvise(2) system call.  It is somewhat similar to
madvise(2) except that it operates on a file descriptor instead of a
memory region.  It is currently only supported on regular files.

Note that this adds a new VOP, so all filesystem modules must be
recompiled.

Approved by:	re (kib)
@
text
@a12 4
	A new VOP_ADVISE() was added to support posix_fadvise(2).  All
	filesystem modules must be recompiled.

20120106:
@


1.702.2.9
log
@SVN rev 229858 on 2012-01-09 15:56:33Z by jh

MFC r227823, r228163:

Append unit number to the WMI status device name to allow attaching
multiple acpi_wmi(4) instances.

PR:		kern/162491
@
text
@a11 4
20120109:
	The acpi_wmi(4) status device /dev/wmistat has been renamed to
	/dev/wmistat0.

@


1.702.2.10
log
@SVN rev 234660 on 2012-04-24 19:08:40Z by trociny

MFC r232317:

Introduce VOP_UNP_BIND(), VOP_UNP_CONNECT(), and VOP_UNP_DETACH()
operations for setting and accessing vnode's v_socket field.

The operations are necessary to implement proper unix socket handling
on layered file systems like nullfs(5).

This change fixes the long standing issue with nullfs(5) being in that
unix sockets did not work between lower and upper layers: if we bound
to a socket on the lower layer we could connect only to the lower
path; if we bound to the upper layer we could connect only to the
upper path. The new behavior is one can connect to both the lower and
the upper paths regardless what layer path one binds to.

PR:		kern/51583, kern/159663
Suggested by:	kib
Reviewed by:	arch
@
text
@a11 8
20120422:
	Now unix domain sockets behave "as expected" on	nullfs(5). Previously
	nullfs(5) did not pass through all behaviours to the underlying layer,
	as a result if we bound to a socket on the lower layer we could connect
	only to the lower path; if we bound to the upper layer we could connect
	only to	the upper path. The new behavior is one can connect to both the
	lower and the upper paths regardless what layer path one binds to.

@


1.702.2.11
log
@SVN rev 238904 on 2012-07-30 11:11:05Z by marius

Pull the tier-2 card and change the sparc64 ZFS loader to no longer probe
all diskN aliases for providers (which more or less corresponds to how the
x86 version behaves) but instead probe only those listed in the boot-device
OFW environment variable. This has the following advantages:
- avoids otherwise unavoidable OFW warnings about failures to open disks
  for which aliases exist but no actual hardware is connected
- avoids issues due to different diskN naming schemes
- aligns us with Solaris

Approved by:	re (kib)
@
text
@a11 5
20120727:
	The sparc64 ZFS loader has been changed to no longer try to auto-
	detect ZFS providers based on diskN aliases but now requires these
	to be explicitly listed in the OFW boot-device environment variable.

@


1.702.2.12
log
@SVN rev 241189 on 2012-10-04 08:49:41Z by kib

MFC r241092:
Add the UPDATING note about padlock rng support requiring the config change.
@
text
@a11 9

20120913:
	The random(4) support for the VIA hardware random number
	generator (`PADLOCK') is no longer enabled unconditionally.
	Add the PADLOCK_RNG option in the custom kernel config if
	needed.  The GENERIC kernels on i386 and amd64 do include the
	option, so the change only affects the custom kernel
	configurations.

@


1.702.2.13
log
@SVN rev 242674 on 2012-11-06 21:16:45Z by gavin

Merge r242396 from head:

  Genericise the (out of date) instructions from moving from stable to
  current.
@
text
@d1426 1
a1426 1
	To upgrade in-place from stable to current
@


1.702.2.14
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 242902
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r242902 | dteske | 2012-11-11 23:29:45 +0000 (Sun, 11 Nov 2012) | 10 lines
## SVN ##
## SVN ## Fix a regression introduced by SVN r211417 that saw the breakage of a feature
## SVN ## documented in usr.sbin/sysinstall/help/shortcuts.hlp (reproduced below):
## SVN ##
## SVN ## If /usr/sbin/sysinstall is linked to another filename, say
## SVN ## `/usr/local/bin/configPackages', then the basename will be used
## SVN ## as an implicit command name.
## SVN ##
## SVN ## Reviewed by:	adrian (co-mentor)
## SVN ## Approved by:	adrian (co-mentor)
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d1534 1
a1534 1
$FreeBSD: stable/9/UPDATING 242674 2012-11-06 21:16:45Z gavin $
@


1.702.2.15
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 243586
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r243586 | ae | 2012-11-27 01:59:51 +0000 (Tue, 27 Nov 2012) | 15 lines
## SVN ##
## SVN ## MFC r242079:
## SVN ##   Remove the IPFIREWALL_FORWARD kernel option and make possible to turn
## SVN ##   on the related functionality in the runtime via the sysctl variable
## SVN ##   net.pfil.forward. It is turned off by default.
## SVN ##
## SVN ## MFC r242082:
## SVN ##   Note the removal of the IPFIREWALL_FORWARD kernel option.
## SVN ##
## SVN ## MFC r242463:
## SVN ##   Remove the recently added sysctl variable net.pfil.forward.
## SVN ##   Instead, add protocol specific mbuf flags M_IP_NEXTHOP and
## SVN ##   M_IP6_NEXTHOP. Use them to indicate that the mbuf's chain
## SVN ##   contains the PACKET_TAG_IPFORWARD tag. And do a tag lookup
## SVN ##   only when this flag is set.
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@a12 4
20121102:
	The IPFIREWALL_FORWARD kernel option has been removed. Its
	functionality now turned on by default.

d1534 1
a1534 1
$FreeBSD: stable/9/UPDATING 243586 2012-11-27 01:59:51Z ae $
@


1.702.2.16
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/243674
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r243674 | mm | 2012-11-29 14:05:04 +0000 (Thu, 29 Nov 2012) | 223 lines
## SVN ##
## SVN ## Merge ZFS feature flags support and related bugfixes:
## SVN ## 236884, 237001, 237119, 237458, 237972, 238113, 238391, 238422, 238926,
## SVN ## 238950, 238951, 239389, 239394, 239620, 239774, 239953, 239958, 239967,
## SVN ## 239968, 240063, 240133, 240153, 240303, 240345, 240415, 240955, 241655,
## SVN ## 243014, 243505, 243506
## SVN ##
## SVN ## MFC r236884:
## SVN ## Introduce "feature flags" for ZFS pools (bump SPA version to 5000).
## SVN ## Add first feature "com.delphix:async_destroy" (asynchronous destroy
## SVN ## of ZFS datasets).
## SVN ## Implement features support in ZFS boot code.
## SVN ##
## SVN ## Illumos revisions merged:
## SVN ## 13700:2889e2596bd6
## SVN ## 13701:1949b688d5fb
## SVN ## 2619 asynchronous destruction of ZFS file systems
## SVN ## 2747 SPA versioning with zfs feature flags
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/2619
## SVN ##   https://www.illumos.org/issues/2747
## SVN ##
## SVN ## MFC r237001:
## SVN ## Fix ZFS boot with pre-features pools (version <= 28) broken in r236884
## SVN ##
## SVN ## MFC r237119 [1]:
## SVN ## Do not remount ZFS dataset if changing canmount property to "on" and
## SVN ## dataset is already mounted.
## SVN ##
## SVN ## MFC r237458:
## SVN ## Import Illumos revision 13736:9f1d48e1681f
## SVN ## 2901 ZFS receive fails for exabyte sparse files
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/2901
## SVN ##
## SVN ## MFC r237972:
## SVN ## Expose scrub and resilver tunables.
## SVN ## This allows the user to tune the priority trade-off between scrub/resilver
## SVN ## and other ZFS I/O.
## SVN ##
## SVN ## MFC r238113 (pjd):
## SVN ## vdev_io_done stage is not used for ioctls.
## SVN ##
## SVN ## MFC r238391:
## SVN ## Change behavior introduced in r237119 to vendor solution
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/2883
## SVN ##
## SVN ## MFC r238422:
## SVN ## Merge illumos commit 13749:df4cd82e2b60
## SVN ##
## SVN ## 1796 "ZFS HOLD" should not be used when doing "ZFS SEND" froma read-only pool
## SVN ## 2871 support for __ZFS_POOL_RESTRICT used by ZFS test suite
## SVN ## 2903 zfs destroy -d does not work
## SVN ## 2957 zfs destroy -R/r sometimes fails when removing defer-destroyed snapshot
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/1796
## SVN ##   https://www.illumos.org/issues/2871
## SVN ##   https://www.illumos.org/issues/2903
## SVN ##   https://www.illumos.org/issues/2957
## SVN ##
## SVN ## MFC r238926:
## SVN ## Partial MFV (illumos-gate 13753:2aba784c276b)
## SVN ## 2762 zpool command should have better support for feature flags
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/2762
## SVN ##
## SVN ## MFC r238950:
## SVN ## Fix reporting of root pool upgrade notice.
## SVN ##
## SVN ## MFC r238951:
## SVN ## Fix wrong indent according to style(9)
## SVN ##
## SVN ## MFC r239389:
## SVN ## Backport fix for vendor issue #3085
## SVN ## 3085 zfs diff panics, then panics in a loop on booting
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/3085
## SVN ##
## SVN ## MFC r239394:
## SVN ## Update zfs(8) manpage with illumos version of "zfs diff"
## SVN ##
## SVN ## Illumos issue:
## SVN ##   2399 zfs manual page does not document use of "zfs diff"
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/2399
## SVN ##
## SVN ## MFC r239620 [2]:
## SVN ## Merge recent vendor changes:
## SVN ## 3086 unnecessarily setting DS_FLAG_INCONSISTENT on async destroyed datasets
## SVN ## 3090 vdev_reopen() during reguid causes vdev to be treated as corrupt
## SVN ## 3102 vdev_uberblock_load() and vdev_validate() may read the wrong label
## SVN ##
## SVN ## Referenes:
## SVN ##   https://www.illumos.org/issues/3086
## SVN ##   https://www.illumos.org/issues/3090
## SVN ##   https://www.illumos.org/issues/3102
## SVN ##
## SVN ## MFC r239774:
## SVN ## Merge recent vendor changes:
## SVN ## 3100 zvol rename fails with EBUSY when dirty
## SVN ## 3104 eliminate empty bpobjs
## SVN ## 3120 zinject hangs in zfsdev_ioctl() due to uninitialized zc
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/3100
## SVN ##   https://www.illumos.org/issues/3104
## SVN ##   https://www.illumos.org/issues/3120
## SVN ##
## SVN ## MFC r239953 (joel):
## SVN ## Mdoc fixes.
## SVN ##
## SVN ## MFC r239958 (joel):
## SVN ## Minor mdoc fixes.
## SVN ##
## SVN ## MFC r239967 (joel):
## SVN ## Mdoc fixes.
## SVN ##
## SVN ## MFC r239968 (joel):
## SVN ## Remove trailing whitespace.
## SVN ##
## SVN ## MFC r240063 (gjb):
## SVN ## Add myself to copyright sections, per CDDL license.
## SVN ##
## SVN ## MFC r240133:
## SVN ## Merge recent vendor changes and sync code:
## SVN ## 1862 incremental zfs receive fails for sparse file > 8PB
## SVN ## 3112 ztest does not honor ZFS_DEBUG
## SVN ## 3122 zfs destroy filesystem should prefetch blocks
## SVN ## 3129 'zpool reopen' restarts resilvers
## SVN ## 3130 ztest failure: Assertion failed:
## SVN ##        0 == dmu_objset_destroy(name, B_FALSE) (0x0 == 0x10)
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/1862
## SVN ##   https://www.illumos.org/issues/3112
## SVN ##   https://www.illumos.org/issues/3122
## SVN ##   https://www.illumos.org/issues/3129
## SVN ##   https://www.illumos.org/issues/3130
## SVN ##
## SVN ## MFC r240153 (gjb) [3]:
## SVN ## Typo fix and minor word swap.
## SVN ##
## SVN ## MFC r240303:
## SVN ## Add assfail() and assfail3() to the opensolaris module.
## SVN ## Remove obsoleted intermediate cddl/compat/opensolaris/sys/debug.h.
## SVN ##
## SVN ## MFC r240345 (avg):
## SVN ## zfs: fix sa_modify_attrs handling of variable-sized attributes
## SVN ##
## SVN ## - skip length_idx index for a replaced variable-sized attribute
## SVN ## - skip length_idx index for a removed variable-sized attribute
## SVN ## - also re-arranged code to make sure that length_idx is always
## SVN ##   incremented for variable-sized attributes
## SVN ## - additionally add an assertion that the number of actually produced
## SVN ##   attributes is the same as the expected number of resulting
## SVN ##   attributes
## SVN ##
## SVN ## MFC r240415:
## SVN ## Merge recent zfs vendor changes, sync code and adjust userland DEBUG.
## SVN ##
## SVN ## Illumos issued covered:
## SVN ## 1884 Empty "used" field for zfs *space commands
## SVN ## 3006 VERIFY[S,U,P] and ASSERT[S,U,P] frequently check if first argument
## SVN ##      is zero
## SVN ## 3028 zfs {group,user}space -n prints (null) instead of numeric GID/UID
## SVN ## 3048 zfs {user,group}space [-s|-S] is broken
## SVN ## 3049 zfs {user,group}space -t doesn't really filter the results
## SVN ## 3060 zfs {user,group}space -H output isn't tab-delimited
## SVN ## 3061 zfs {user,group}space -o doesn't use specified fields order
## SVN ## 3064 usr/src/cmd/zpool/zpool_main.c misspells "successful"
## SVN ## 3093 zfs {user,group}space's -i is noop
## SVN ## 3098 zfs userspace/groupspace fail without saying why when run as non-root
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/ + [issue_id]
## SVN ##
## SVN ## MFC r240955 (partial):
## SVN ## Merge recent vendor changes in ZFS.
## SVN ##
## SVN ## Illumos issued covered:
## SVN ## 3139 zdb dies when it tries to determine path of unlinked file
## SVN ## 3189 kernel panic in ZFS test suite during hotspare_onoffline_004_neg
## SVN ## 3208 moving zpool cross-endian results in incorrect user/group accounting
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/ + [issue_id]
## SVN ##
## SVN ## MFC r241655:
## SVN ## Add missing initialization for do_prefix.
## SVN ## Corrects porting error in r238391
## SVN ##
## SVN ## Vendor issue and changeset reference:
## SVN ## 2883 changing "canmount" property to "on" should not always remount dataset
## SVN ## https://www.illumos.org/issues/2883
## SVN ## Changeset 13743:95aba6e49b9f
## SVN ##
## SVN ## MFC r243014:
## SVN ## Move zpool-features manual page from section 5 to section 7
## SVN ## and fix references
## SVN ##
## SVN ## Reported by:	pluknet
## SVN ##
## SVN ## MFC r243505:
## SVN ## Illumos 13886:e3261d03efbf
## SVN ##
## SVN ## 3349 zpool upgrade -V bumps the on disk version number, but leaves
## SVN ##      the in core version
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/3349
## SVN ##
## SVN ## MFC r243506:
## SVN ## zfs sha256 checksum is missing in zfs.8 manpage
## SVN ##
## SVN ## PR:	kern/167905 [1], kern/170912 [2], kern/170914 [2], doc/171356 [3]
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@a11 10
20121129:
	A new version of ZFS (pool version 5000) has been merged to 9-STABLE.
	Starting with this version the old system of ZFS pool versioning
	is superseded by "feature flags". This concept enables forward
	compatibility against certain future changes in functionality of ZFS
	pools. The first two read-only compatible "feature flags" for ZFS
	pools are "com.delphix:async_destroy" and "com.delphix:empty_bpobj".
	For more information read the new zpool-features(7) manual page.
        Please refer to the "ZFS notes" section of this file for information
        on upgrading boot ZFS pools.
d1538 1
a1538 1
$FreeBSD: stable/9/UPDATING 243674 2012-11-29 14:05:04Z mm $
@


1.702.2.17
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/243708
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r243708 | kensmith | 2012-11-30 19:27:31 +0000 (Fri, 30 Nov 2012) | 2 lines
## SVN ##
## SVN ## Guess when we'll be ready to announce 9.1-RELEASE.
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@a11 3
20121205:
	9.1-RELEASE.

d1548 1
a1548 1
$FreeBSD: stable/9/UPDATING 243708 2012-11-30 19:27:31Z kensmith $
@


1.702.2.18
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/244393
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r244393 | rwatson | 2012-12-18 10:34:18 +0000 (Tue, 18 Dec 2012) | 9 lines
## SVN ##
## SVN ## Merge r243800 from head to stable/9:
## SVN ##
## SVN ##   Specifically point at the Handbook instructions for world updates in
## SVN ##   UPDATING by URL.
## SVN ##
## SVN ##   As there has been some confusion over the need to run "mergemaster -p",
## SVN ##   part of our standard upgrade procedure, following the recent addition of
## SVN ##   an "auditdistd" user, add a note about it to UPDATING explicitly.
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d7 1
a7 3
handbook:

    http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
a11 5
20121218:
	With the addition of auditdistd(8), a new auditdistd user is now
	depended on during installworld.  "mergemaster -p" can be used to add
	the user prior to installworld, as documented in the handbook.

d1551 1
a1551 1
$FreeBSD: stable/9/UPDATING 244393 2012-12-18 10:34:18Z rwatson $
@


1.702.2.19
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/244663
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r244663 | kib | 2012-12-24 14:22:52 +0000 (Mon, 24 Dec 2012) | 2 lines
## SVN ##
## SVN ## Note that filesystem modules must be recompiled.
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@a13 5
20121224:
	The VFS KBI was changed with the merge of several nullfs
	optimizations and fixes.  All filesystem modules must be
	recompiled.

d1558 1
a1558 1
$FreeBSD: stable/9/UPDATING 244663 2012-12-24 14:22:52Z kib $
@


1.702.2.20
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/246043
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a37 7
20121114:
	The commit introducing bsd.compiler.mk breaks the traditional
	building of kernels before this point. Add -m ${SRC}/share/mk
	(for the right value of SRC) to your command lines to work
	around; update your useland to a point after this; or use the
	buildkernel/installkernel top-level targets.

a49 6
20120829:
	The amd64 kernel now uses xsetbv, xrstor instructions. To compile with
	the traditional method, you must update your system with an installworld
	before the kernel will build. The documented make buildkernel/installkernel
	interfaces (coupled with fresh make kernel-toolchain) continue to work.

d1563 1
a1563 1
$FreeBSD: stable/9/UPDATING 246043 2013-01-28 22:50:54Z imp $
@


1.702.2.21
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/246044
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d43 1
a43 1
	buildkernel/installkernel top-level targets. See also 20120829.
d1576 1
a1576 1
$FreeBSD: stable/9/UPDATING 246044 2013-01-28 22:53:08Z imp $
@


1.702.2.22
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/247607
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 7
20130225:
	A new compression method (lz4) has been merged to.  Please refer to
	zpool-features(7) for more information.

	Please refer to the "ZFS notes" section of this file for information
	on upgrading boot ZFS pools.

d1576 1
a1576 1
$FreeBSD: stable/9/UPDATING 247607 2013-03-02 01:04:02Z delphij $
@


1.702.2.23
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/248331
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 9
20130315:
	The install(1) option -M has changed meaning and now takes an
	argument that is a file or path to append logs to.  In the
	unlikely event that -M was the last option on the command line
	and the command line contained at least two files and a target
	directory the first file will have logs appended to it.  The -M
	option served little practical purpose in the last decade so it's
	used expected to be extremely rare.

d1583 1
a1583 1
$FreeBSD: stable/9/UPDATING 248331 2013-03-15 15:19:33Z brooks $
@


1.702.2.24
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250070
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 3
20130429:
	Fix a bug that allows NFS clients to issue READDIR on files.

d1592 1
a1592 1
$FreeBSD: stable/9/UPDATING 250070 2013-04-29 21:11:01Z des $
@


1.702.2.25
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250118
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 10
20130430:
	The mergemaster command now uses the default MAKEOBJDIRPREFIX
	rather than creating it's own in the temporary directory in
	order allow access to bootstrapped versions of tools such as
	install and mtree.  When upgrading from version of FreeBSD where
	the install command does not support -l, you will need to
	install a new mergemaster command if mergemaster -p is required.
	This can be accomplished with the command (cd src/usr.sbin/mergemaster
	&& make install).

d1538 1
a1538 1
	from [78]-stable or 9-stable before 20130430.
d1595 1
a1595 1
$FreeBSD: stable/9/UPDATING 250118 2013-04-30 20:15:53Z brooks $
@


1.702.2.26
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250121
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a23 7
	Due to the use of the new -l option to install(1) during build
	and install, you must take care not to directly set the INSTALL
	make variable in your /etc/make.conf, /etc/src.conf, or on the
	command line.  If you with to use the -C flag for all installs
	you may be able to add INSTALL+=-C to /etc/make.conf or
	/etc/src.conf.

d1605 1
a1605 1
$FreeBSD: stable/9/UPDATING 250121 2013-04-30 22:13:55Z brooks $
@


1.702.2.27
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250935
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d27 1
a27 1
	command line.  If you wish to use the -C flag for all installs
d71 2
a72 2
	Please refer to the "ZFS notes" section of this file for information
	on upgrading boot ZFS pools.
d1612 1
a1612 1
$FreeBSD: stable/9/UPDATING 250935 2013-05-23 15:41:09Z schweikh $
@


1.702.2.28
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/251025
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 7
20130524:
	`list' command has been added to hastctl(8).  For now, it is full
	equivalent of `status' command.
	WARNING: in the near future the output of hastctl's status command
	will change to more terse format.  If you use `hastctl status'
	for parsing in your scripts, switch to `hastctl list'.

d1612 1
a1612 1
$FreeBSD: stable/9/UPDATING 251025 2013-05-27 13:49:55Z marck $
@


1.702.2.29
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/251419
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 16
20130605:
	Added ZFS TRIM support which is enabled by default. To disable
	ZFS TRIM support set vfs.zfs.trim.enabled=0 in loader.conf.

	Creating new ZFS pools and adding new devices to existing pools
	first performs a full device level TRIM which can take a significant
	amount of time. The sysctl vfs.zfs.vdev.trim_on_init can be set to 0
	to disable this behaviour.

	ZFS TRIM requires the underlying device support BIO_DELETE which
	is currently provided by methods such as ATA TRIM and SCSI UNMAP
	via CAM, which are typically supported by SSD's.

	Stats for ZFS TRIM can be monitored by looking at the sysctl's
	under kstat.zfs.misc.zio_trim.

d1619 1
a1619 1
$FreeBSD: stable/9/UPDATING 251419 2013-06-05 13:03:47Z smh $
@


1.702.2.30
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/251902
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 6
20130618:
        Fix a bug that allowed a tracing process (e.g. gdb) to write
        to a memory-mapped file in the traced process's address space
        even if neither the traced process nor the tracing process had
        write access to that file.

d1635 1
a1635 1
$FreeBSD: stable/9/UPDATING 251902 2013-06-18 07:04:19Z des $
@


1.702.2.31
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/252776
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 4
20130705:
	hastctl(8)'s `status' command output changed to terse one-liner format.
	Scripts using this should switch to `list' command or be rewritten.

d1641 1
a1641 1
$FreeBSD: stable/9/UPDATING 252776 2013-07-05 08:16:40Z marck $
@


1.702.2.32
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/254707
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 7
20130823:
	Behavior of devfs rules path matching has been changed.
	Pattern is now always matched against fully qualified devfs
	path and slash characters must be explicitly matched by
	slashes in pattern (FNM_PATHNAME). Rulesets involving devfs
	subdirectories must be reviewed.

d1645 1
a1645 1
$FreeBSD: stable/9/UPDATING 254707 2013-08-23 14:24:46Z avg $
@


1.702.2.33
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/255900
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 3
20130930:
	9.2-RELEASE.

d1652 1
a1652 1
$FreeBSD: stable/9/UPDATING 255900 2013-09-26 18:32:51Z gjb $
@


1.702.2.34
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/259448
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 11
20131216:
	The behavior of gss_pseudo_random() for the krb5 mechanism
	has changed, for applications requesting a longer random string
	than produced by the underlying enctype's pseudo-random() function.
	In particular, the random string produced from a session key of
	enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will
	be different at the 17th octet and later, after this change.
	The counter used in the PRF+ construction is now encoded as a
	big-endian integer in accordance with RFC 4402.
	__FreeBSD_version is bumped to 902505.

d1655 1
a1655 1
$FreeBSD: stable/9/UPDATING 259448 2013-12-16 02:25:28Z bjk $
@


1.702.2.35
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/261990
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 6
20140216:
	The nve(4) driver for NVIDIA nForce MCP Ethernet adapters has
	been deprecated and will not be part of FreeBSD 11.0 and later
	releases.  If you use this driver, please consider switching to
	the nfe(4) driver instead.

d1666 1
a1666 1
$FreeBSD: stable/9/UPDATING 261990 2014-02-16 19:41:44Z brueffer $
@


1.702.2.36
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/263509
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a13 3
20140321:
	Clang and llvm have been upgraded to 3.4 release.

d1672 1
a1672 1
$FreeBSD: stable/9/UPDATING 263509 2014-03-21 17:56:32Z dim $
@


1.702.2.37
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/263838
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d15 1
a15 10
	Clang and llvm have been upgraded to 3.4 release.  Please note that
	clang 3.4 now defaults to DWARF4 debug information format when you
	specify -g.  Since kgdb(1) only supports DWARF2, you should update any
	customized kernel configurations which include debug information to
	explicitly use -gdwarf-2, e.g:

	  makeoptions	DEBUG=-gdwarf-2

	This has already been applied to the appropriate GENERIC configuration
	files, so if you inherit from those, no changes are required.
d1675 1
a1675 1
$FreeBSD: stable/9/UPDATING 263838 2014-03-27 20:32:58Z dim $
@


1.702.2.38
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/264464
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d15 10
a24 1
	Clang and llvm have been upgraded to 3.4 release.
d1684 1
a1684 1
$FreeBSD: stable/9/UPDATING 264464 2014-04-14 17:54:01Z dim $
@


1.702.2.11.2.1
log
@SVN rev 239080 on 2012-08-05 23:54:33Z by kensmith

Copy stable/9 to releng/9.1 as part of the 9.1-RELEASE release process.

Approved by:	re (implicit)
@
text
@@


1.702.2.11.2.2
log
@Switch importer
@
text
@d1525 1
a1525 1
$FreeBSD: releng/9.1/UPDATING 238904 2012-07-30 11:11:05Z marius $
@


1.702.2.11.2.3
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/243709
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r243709 | kensmith | 2012-11-30 19:35:01 +0000 (Fri, 30 Nov 2012) | 5 lines
## SVN ##
## SVN ## Merge r243708:
## SVN ## 	Guess when we'll be ready to announce 9.1-RELEASE.
## SVN ##
## SVN ## Approved by:	re (implicit)
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@a11 3
20121205:
	9.1-RELEASE.

d1525 1
a1525 1
$FreeBSD: releng/9.1/UPDATING 243709 2012-11-30 19:35:01Z kensmith $
@


1.702.2.11.2.4
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/246989
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 5
20130218:	p1	FreeBSD-SA-13:01.bind FreeBSD-SA-13:02.libc
	Fix Denial of Service vulnerability in named(8) with DNS64.

	Fix Denial of Service vulnerability in libc's glob(3) functionality.

d1528 1
a1528 1
$FreeBSD: releng/9.1/UPDATING 246989 2013-02-19 13:27:20Z bz $
@


1.702.2.11.2.5
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249029
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 5
20130402:	p2	FreeBSD-SA-13:03.openssl FreeBSD-SA-13:04.bind
	Fix multiple vulnerabilities in OpenSSL.

	Fix Denial of Service vulnerability in named(8).

d1533 1
a1533 1
$FreeBSD: releng/9.1/UPDATING 249029 2013-04-02 17:34:42Z delphij $
@


1.702.2.11.2.6
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250071
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 3
20130429:	p3	FreeBSD-SA-13:05.nfsserver
	Fix a bug that allows NFS clients to issue READDIR on files.

d1538 1
a1538 1
$FreeBSD: releng/9.1/UPDATING 250071 2013-04-29 21:11:05Z des $
@


1.702.2.11.2.7
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/251903
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 6
20130618:	p4	FreeBSD-SA-13:06.mmap
        Fix a bug that allowed a tracing process (e.g. gdb) to write
        to a memory-mapped file in the traced process's address space
        even if neither the traced process nor the tracing process had
        write access to that file.

d1541 1
a1541 1
$FreeBSD: releng/9.1/UPDATING 251903 2013-06-18 07:05:51Z des $
@


1.702.2.11.2.8
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/253693
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 7
20130726:	p5	FreeBSD-SA-13:07.bind FreeBSD-SA-13:08.nfsserver
	Fix Denial of Service vulnerability in named(8). [13:07]

	Fix a bug that allows remote client bypass the normal
	access checks when when -network or -host restrictions are
	used at the same time with -mapall. [13:08]

d1547 1
a1547 1
$FreeBSD: releng/9.1/UPDATING 253693 2013-07-26 22:40:23Z delphij $
@


1.702.2.11.2.9
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/254631
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 13
20130822:	p6	FreeBSD-SA-13:09.ip_multicast
			FreeBSD-SA-13:10.sctp
			FreeBSD-EN-13:03.mfi
	Fix an integer overflow in computing the size of a temporary buffer
	can result in a buffer which is too small for the requested
	operation. [13:09]

	Fix a bug that could lead to kernel memory disclosure with
	SCTP state cookie. [13:10]

	Fix a data corruption problem with mfi(4) operating on > 2TB
	disks in a JBOD. [EN-13:03]

d1554 1
a1554 1
$FreeBSD: releng/9.1/UPDATING 254631 2013-08-22 00:51:48Z delphij $
@


1.702.2.11.2.10
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/255448
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 11
20130910:	p7	FreeBSD-SA-13:12.ifioctl
			FreeBSD-SA-13:13.nullfs

	In IPv6 and NetATM, stop SIOCSIFADDR, SIOCSIFBRDADDR,
	SIOCSIFDSTADDR and SIOCSIFNETMASK at the socket layer rather
	than pass them on to the link layer without validation or
	credential checks.  [SA-13:12]

	Prevent cross-mount hardlinks between different nullfs mounts
	of the same underlying filesystem.  [SA-13:13]

d1567 1
a1567 1
$FreeBSD: releng/9.1/UPDATING 255448 2013-09-10 10:15:33Z des $
@


1.702.2.11.2.11
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/257194
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 4
20131026:	p8	FreeBSD-EN-13:04.freebsd-update
	Fix multiple freebsd-update bugs that break upgrading to
	FreeBSD 10.0.

d1578 1
a1578 1
$FreeBSD: releng/9.1/UPDATING 257194 2013-10-26 20:01:00Z delphij $
@


1.702.2.11.2.12
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/258725
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 3
20131128:	p9	FreeBSD-EN-13:05.freebsd-update
	Fix error in patch for FreeBSD-EN-13:04.freebsd-update.

d1582 1
a1582 1
$FreeBSD: releng/9.1/UPDATING 258725 2013-11-28 22:12:48Z delphij $
@


1.702.2.11.2.13
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/260647
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 16
20140114:	p10	FreeBSD-SA-14:01.bsnmpd
			FreeBSD-SA-14:02.ntpd
			FreeBSD-SA-14:04.bind
			FreeBSD-EN-14:01.random
			FreeBSD-EN-14:02.mmap
	Fix bsnmpd remote denial of service vulnerability. [SA-14:01]

	Fix ntpd distributed reflection Denial of Service
	vulnerability. [SA-14:02]

	Fix BIND remote denial of service vulnerability. [SA-14:04]

	Disable hardware RNGs by default. [EN-14:01]

	Fix incorrect coalescing of stack entry with mmap. [EN-14:02]

d1585 1
a1585 1
$FreeBSD: releng/9.1/UPDATING 260647 2014-01-14 19:42:28Z delphij $
@


1.702.2.11.2.14
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/264284
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 6
20140408:	p11	FreeBSD-SA-14:05.nfsserver
			FreeBSD-SA-14:06.openssl
	Fix deadlock in the NFS server. [SA-14:05]

	Fix for ECDSA Cache Side-channel Attack in OpenSSL. [SA-14:06]

d1601 1
a1601 1
$FreeBSD: releng/9.1/UPDATING 264284 2014-04-08 23:16:05Z delphij $
@


1.702.2.11.2.15
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/265125
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 4
20140430:	p12	FreeBSD-SA-14:08.tcp

        Fix TCP reassembly vulnerability. [SA-14:08]

d1607 1
a1607 1
$FreeBSD: releng/9.1/UPDATING 265125 2014-04-30 04:05:47Z delphij $
@


1.702.2.11.2.16
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/265988
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 10
20140513:	p13	FreeBSD-EN-14:03.pkg
			FreeBSD-EN-14:04.kldxref
			FreeBSD-EN-14:05.ciss

	Add pkg bootstrapping, configuration and public keys. [EN-14:03]

	Improve build repeatability for kldxref(8). [EN-14:04]

	Fix data corruption with ciss(4). [EN-14:05]

d1611 1
a1611 1
$FreeBSD: releng/9.1/UPDATING 265988 2014-05-13 23:24:14Z delphij $
@


1.702.2.4.2.1
log
@SVN rev 227445 on 2011-11-11 04:20:22Z by kensmith

Copy stable/9 to releng/9.0 as part of the FreeBSD 9.0-RELEASE release
cycle.

Approved by:	re (implicit)
@
text
@@


1.702.2.4.2.2
log
@SVN rev 229282 on 2012-01-02 14:44:28Z by kensmith

Guess when we'll be ready to announce 9.0-RELEASE.

Approved by:	re (implicit)
@
text
@a11 3
20120106:
	9.0-RELEASE.

@


1.702.2.4.2.3
log
@SVN rev 234954 on 2012-05-03 15:25:11Z by bz

Fix multiple OpenSSL vulnerabilities.

Security:	CVE-2011-4576, CVE-2011-4619, CVE-2011-4109
Security:	CVE-2012-0884, CVE-2012-2110
Security:	FreeBSD-SA-12:01.openssl
Approved by:	so (bz,simon)
@
text
@a11 3
20120503:	p1	FreeBSD-SA-12:01.openssl
	Fix multiple OpenSSL vulnerabilities.

@


1.702.2.4.2.4
log
@SVN rev 236304 on 2012-05-30 12:01:28Z by bz

Update the previous openssl fix. [12:01]

Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

Security:	FreeBSD-SA-12:01.openssl (revised)
Security:	FreeBSD-SA-12:02.crypt
Approved by:	so (bz, simon)
@
text
@a11 6
20120530:	p2	FreeBSD-SA-12:01.openssl (revised),
			FreeBSD-SA-12:02.crypt
	Update the previous openssl fix. [12:01]

	Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

@


1.702.2.4.2.5
log
@SVN rev 236953 on 2012-06-12 12:10:10Z by bz

Fix a problem where zero-length RDATA fields can cause named(8) to crash.
[12:03]

Correct a privilege escalation when returning from kernel if
running FreeBSD/amd64 on non-AMD processors. [12:04]

Fix reference count errors in IPv6 code. [EN-12:02]

Security:	CVE-2012-1667
Security:	FreeBSD-SA-12:03.bind
Security:	CVE-2012-0217
Security:	FreeBSD-SA-12:04.sysret
Security:	FreeBSD-EN-12:02.ipv6refcount
Approved by:	so (simon, bz)
@
text
@a11 11
20120612:	p3	FreeBSD-SA-12:03.bind
			FreeBSD-SA-12:04.sysret
			FreeBSD-EN-12:02.ipv6refcount
	Fix a problem where zero-length RDATA fields can cause named to crash.
	[12:03]

	Correct a privilege escalation when returning from kernel if
	running FreeBSD/amd64 on non-AMD processors. [12:04]

	Fix reference count errors in IPv6 code. [EN-12:02]

@


1.702.2.4.2.6
log
@SVN rev 239108 on 2012-08-06 21:33:11Z by simon

Fix named(8) DNSSEC validation Denial of Service.

Security:	FreeBSD-SA-12:05.bind
Security:	CVE-2012-3817
Obtained from:	ISC
Approved by:	so (simon)
@
text
@a11 3
20120806:	p4	FreeBSD-SA-12:05.bind
	Fix named(8) DNSSEC validation Denial of Service.

@


1.702.2.4.2.7
log
@Switch importer
@
text
@d1522 1
a1522 1
$FreeBSD: releng/9.0/UPDATING 239108 2012-08-06 21:33:11Z simon $
@


1.702.2.4.2.8
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 243417
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r243417 | simon | 2012-11-22 22:52:15 +0000 (Thu, 22 Nov 2012) | 13 lines
## SVN ##
## SVN ## Fix multiple Denial of Service vulnerabilities with named(8).
## SVN ##
## SVN ## Fix insufficient message length validation for EAP-TLS messages.
## SVN ##
## SVN ## Fix Linux compatibility layer input validation error.
## SVN ##
## SVN ## Security:	FreeBSD-SA-12:06.bind
## SVN ## Security:	FreeBSD-SA-12:07.hostapd
## SVN ## Security:	FreeBSD-SA-12:08.linux
## SVN ## Security:	CVE-2012-4244, CVE-2012-5166, CVE-2012-4445, CVE-2012-4576
## SVN ## Approved by:	re
## SVN ## Approved by:	security-officer
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@a11 8
20121122:	p5	FreeBSD-SA-12:06.bind FreeBSD-SA-12:07.hostapd
			FreeBSD-SA-12:08.linux
	Fix multiple Denial of Service vulnerabilities with named(8).

	Fix insufficient message length validation for EAP-TLS messages.

	Fix Linux compatibility layer input validation error.

d1522 1
a1522 1
$FreeBSD: releng/9.0/UPDATING 243417 2012-11-22 22:52:15Z simon $
@


1.702.2.4.2.9
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/246989
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 5
20130218:	p6	FreeBSD-SA-13:01.bind FreeBSD-SA-13:02.libc
	Fix Denial of Service vulnerability in named(8) with DNS64.

	Fix Denial of Service vulnerability in libc's glob(3) functionality.

d1530 1
a1530 1
$FreeBSD: releng/9.0/UPDATING 246989 2013-02-19 13:27:20Z bz $
@


1.702.2.4.2.10
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249029
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a11 5
20130402:	p7	FreeBSD-SA-13:03.openssl FreeBSD-SA-13:04.bind
	Fix multiple vulnerabilities in OpenSSL.

	Fix Denial of Service vulnerability in named(8).

d1535 1
a1535 1
$FreeBSD: releng/9.0/UPDATING 249029 2013-04-02 17:34:42Z delphij $
@


1.701
log
@SVN rev 225227 on 2011-08-28 09:26:48Z by kib

Bump shared libraries version numbers in preparation for 9.0.
This time, only libraries which ABI has been changed compared to
stable/8, are bumped.

ABI analysis done by:	Gleb Kurtsou
Approved by:	re (kensmith)
@
text
@d25 12
@


1.700
log
@SVN rev 225142 on 2011-08-24 12:18:29Z by gjb

Reword sentence noting UPDATING entries prior to October 2007 are
only available in older FreeBSD releases.

PR:		159220
Submitted by:	arundel
Patch by:	Benjamin Kaduk (kaduk % mit ! edu)
OK'd by:	imp (via -doc@@)
MFC after:	1 week
Approved by:	re (kib)
@
text
@d25 6
@


1.699
log
@SVN rev 224875 on 2011-08-15 07:30:48Z by rwatson

Bump __FreeBSD_version to reflect the availability of capabilities, but
also capability-related changes to fget(9).  This is likely not part of
a formal KPI, but the nvidia driver (at least) uses it.

Mention /dev/{stdin,stdout,stderr} breakage that appears in certain
kernel revisions as best avoided!

Approved by:  re (xxx)
@
text
@d1459 4
a1462 3
breakages in tracking -current.  Not all things will be listed here,
and it only starts on October 16, 2004.  Updating files can found in
previous releases if your system is older than this.
@


1.698
log
@SVN rev 223670 on 2011-06-29 13:12:15Z by bz

Clarify that we broke pfsync(4) backward compat with the pf commit r223637.

Suggested by:	Anton Yuzhaninov (citrin citrin.ru)
@
text
@d25 10
@


1.697
log
@SVN rev 223637 on 2011-06-28 11:57:25Z by bz

Update packet filter (pf) code to OpenBSD 4.5.

You need to update userland (world and ports) tools
to be in sync with the kernel.

Submitted by:	mlaier
Submitted by:	eri
@
text
@d28 2
@


1.696
log
@SVN rev 223226 on 2011-06-18 10:48:00Z by marius

Add an entry for r221407 forgotten in said revision.
@
text
@d25 4
@


1.695
log
@SVN rev 222853 on 2011-06-08 08:12:15Z by avg

remove code for dynamic offlining/onlining of CPUs on x86

The code has definitely been broken for SCHED_ULE, which is a default
scheduler.  It may have been broken for SCHED_4BSD in more subtle ways,
e.g. with manually configured CPU affinities and for interrupt devilery
purposes.
We still provide a way to disable individual CPUs or all hyperthreading
"twin" CPUs before SMP startup.  See the UPDATING entry for details.

Interaction between building CPU topology and disabling CPUs still
remains fuzzy: topology is first built using all availble CPUs and then
the disabled CPUs should be "subtracted" from it.  That doesn't work
well if the resulting topology becomes non-uniform.

This work is done in cooperation with Attilio Rao who in addition to
reviewing also provided parts of code.

PR:		kern/145385
Discussed with:	gcooper, ambrisko, mdf, sbruno
Reviewed by:	attilio
Tested by:	pho, pluknet
X-MFC after:	never
@
text
@d55 12
@


1.694
log
@SVN rev 222833 on 2011-06-07 19:39:34Z by bz

For the moment document the possible problem introduced with dynamic address
family detection in world, mostly noticed by ifconfig(8), when running with
an old kernel.

Reported by:	Andrzej Tobola (ato iem.pw.edu.pl)
Reported by:	gcooper
@
text
@d25 17
@


1.693
log
@SVN rev 222813 on 2011-06-07 08:46:13Z by attilio

etire the cpumask_t type and replace it with cpuset_t usage.

This is intended to fix the bug where cpu mask objects are
capped to 32.  MAXCPU, then, can now arbitrarely bumped to whatever
value.  Anyway, as long as several structures in the kernel are
statically allocated and sized as MAXCPU, it is suggested to keep it
as low as possible for the time being.

Technical notes on this commit itself:
- More functions to handle with cpuset_t objects are introduced.
  The most notable are cpusetobj_ffs() (which calculates a ffs(3)
  for a cpuset_t object), cpusetobj_strprint() (which prepares a string
  representing a cpuset_t object) and cpusetobj_strscan() (which
  creates a valid cpuset_t starting from a string representation).
- pc_cpumask and pc_other_cpus are target to be removed soon.
  With the moving from cpumask_t to cpuset_t they are now inefficient
  and not really useful.  Anyway, for the time being, please note that
  access to pcpu datas is protected by sched_pin() in order to avoid
  migrating the CPU while reading more than one (possible) word
- Please note that size of cpuset_t objects may differ between kernel
  and userland.  While this is not directly related to the patch itself,
  it is good to understand that concept and possibly use the patch
  as a reference on how to deal with cpuset_t objects in userland, when
  accessing kernland members.
- KTR_CPUMASK is changed and now is represented through a string, to be
  set as the example reported in NOTES.

Please additively note that no MAXCPU is bumped in this patch, but
private testing has been done until to MAXCPU=128 on a real 8x8x2(htt)
machine (amd64).

Please note that the FreeBSD version is not yet bumped because of
the upcoming pcpu changes.  However, note that this patch is not
targeted for MFC.

People to thank for the time spent on this patch:
- sbruno, pluknet and Nicholas Esborn (nick AT desert DOT net) tested
  several revision of the patches and really helped in improving
  stability of this work.
- marius fixed several bugs in the sparc64 implementation and reviewed
  patches related to ktr.
- jeff and jhb discussed the basic approach followed.
- kib and marcel made targeted review on some specific part of the
  patch.
- marius, art, nwhitehorn and andreast reviewed MD specific part of
  the patch.
- marius, andreast, gonzo, nwhitehorn and jceel tested MD specific
  implementations of the patch.
- Other people have made contributions on other patches that have been
  already committed and have been listed separately.

Companies that should be mentioned for having participated at several
degrees:
- Yahoo! for having offered the machines used for testing on big
  count of CPUs.
- The FreeBSD Foundation for having sponsored my devsummit attendance,
  which has been instrumental.
- Sandvine for having offered offices and infrastructure during
  development.

(I really hope I didn't forget anyone, if it happened I apologize in
advance).
@
text
@d29 6
@


1.692
log
@SVN rev 221869 on 2011-05-14 01:53:38Z by attilio

Disconnect sun4v architecture from the three.

Some files keep the SUN4V tags as a code reference, for the future,
if any rewamped sun4v support wants to be added again.

Reviewed by:	marius
Tested by:	sbruno
Approved by:	re
@
text
@d25 4
@


1.691
log
@SVN rev 221253 on 2011-04-30 11:30:42Z by adrian

Add UPDATING entry for the AR71xx config changes
@
text
@d25 3
@


1.690
log
@SVN rev 221124 on 2011-04-27 17:51:51Z by rmacklem

This patch changes head so that the default NFS client is now the new
NFS client (which I guess is no longer experimental). The fstype "newnfs"
is now "nfs" and the regular/old NFS client is now fstype "oldnfs".
Although mounts via fstype "nfs" will usually work without userland
changes, an updated mount_nfs(8) binary is needed for kernels built with
"options NFSCL" but not "options NFSCLIENT". Updated mount_nfs(8) and
mount(8) binaries are needed to do mounts for fstype "oldnfs".
The GENERIC kernel configs have been changed to use options
NFSCL and NFSD (the new client and server) instead of NFSCLIENT and NFSSERVER.
For kernels being used on diskless NFS root systems, "options NFSCL"
must be in the kernel config.
Discussed on freebsd-fs@@.
@
text
@d25 4
@


1.689
log
@SVN rev 221114 on 2011-04-27 08:53:52Z by mav

Add obvious note that CAM drivers are required for using CAM ATA.
@
text
@d25 18
@


1.688
log
@SVN rev 221071 on 2011-04-26 17:01:49Z by mav

 - Add shim to simplify migration to the CAM-based ATA. For each new adaX
device in /dev/ create symbolic link with adY name, trying to mimic old ATA
numbering. Imitation is not complete, but should be enough in most cases to
mount file systems without touching /etc/fstab.
 - To know what behavior to mimic, restore ATA_STATIC_ID option in cases
where it was present before.
 - Add some more details to UPDATING.
@
text
@d44 3
@


1.687
log
@SVN rev 220983 on 2011-04-24 09:23:08Z by mav

Explicitly note that device numbers are starting from zero.
@
text
@d33 11
a43 1
	see cam(4)).
a61 1
	    options        ATA_STATIC_ID   # Static device numbering
@


1.686
log
@SVN rev 220982 on 2011-04-24 08:58:58Z by mav

Switch the GENERIC kernels for all architectures to the new CAM-based ATA
stack. It means that all legacy ATA drivers are disabled and replaced by
respective CAM drivers. If you are using ATA device names in /etc/fstab or
other places, make sure to update them respectively (adX -> adaY,
acdX -> cdY, afdX -> daY, astX -> saY, where 'Y's are the sequential
numbers for each type in order of detection, unless configured otherwise
with tunables, see cam(4)).

ataraid(4) functionality is now supported by the RAID GEOM class.
To use it you can load geom_raid kernel module and use graid(8) tool
for management. Instead of /dev/arX device names, use /dev/raid/rX.
@
text
@d31 3
a33 2
	where 'Y's are the sequential numbers for each type in order of
	detection, unless configured otherwise with tunables, see cam(4)).
@


1.685
log
@SVN rev 220980 on 2011-04-24 00:06:56Z by rmacklem

This patch changes the default NFS server to the new one, which was
referred to as the experimental server. It also adds a new command
line option "-o" to both mountd and nfsd that forces them to use the
old/regular NFS server. The "-e" option for these commands is now
a no-op, since the new server is the default. I will be committing rc
script and man changes soon. Discussed on freebsd-fs@@.
@
text
@d25 28
@


1.684
log
@SVN rev 220770 on 2011-04-18 10:25:54Z by dim

After removing libobjc and other Objective-C components in r220755,
belatedly bump __FreeBSD_version, and add a note to UPDATING.

Reminded by:	rdivacky
@
text
@d25 8
@


1.683
log
@SVN rev 220626 on 2011-04-14 15:44:44Z by nwhitehorn

Provide a (belated) UPDATING note related to the new release-building
process so that fewer people will be caught unaware.

Requested by:	emaste
@
text
@d25 5
@


1.682
log
@SVN rev 220187 on 2011-03-31 08:32:53Z by adrian

Document the ath glue changes.
@
text
@d35 5
@


1.681
log
@SVN rev 218822 on 2011-02-18 20:54:12Z by dim

Merge binutils 2.17.50 to head.  This brings a number of improvements to
x86 CPU support, better support for powerpc64, some new directives, and
many other things.  Bump __FreeBSD_version, and add a note to UPDATING.

Thanks to the many people that have helped to test this.

Obtained from:	projects/binutils-2.17
@
text
@d25 10
@


1.680
log
@SVN rev 218796 on 2011-02-18 13:21:30Z by vanhu

Moved the general note about FreeBSD 9.x at the beginning of the list.
@
text
@d26 8
@


1.679
log
@SVN rev 218794 on 2011-02-18 09:40:13Z by vanhu

Fixed IPsec's HMAC_SHA256-512 support to be RFC4868 compliant.
This will break interoperability with all older versions of
FreeBSD for those algorithms.

Reviewed by:	bz, gnn
Obtained from:	NETASQ
MFC after:	1w
@
text
@a11 10
20110218:
	IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868
	compliant, and will now use half of hash for authentication.
	This will break interoperability with all stacks (including all
	actual FreeBSD versions) who implement
	draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for
	authentication).
	The only workaround with such peers is to use another HMAC
	algorithm for IPsec ("phase 2") authentication.

d25 10
@


1.678
log
@SVN rev 218425 on 2011-02-08 00:36:46Z by mdf

Remove the uio_yield prototype and symbol.  This function has been
misnamed since it was introduced and should not be globally exposed
with this name.  The equivalent functionality is now available using
kern_yield(curthread->td_user_pri).  The function remains
undocumented.

Bump __FreeBSD_version.
@
text
@d12 10
@


1.677
log
@SVN rev 217317 on 2011-01-12 19:28:52Z by brucec

Fix wrapping of 20110103 entry.
@
text
@d25 7
@


1.676
log
@SVN rev 217313 on 2011-01-12 17:52:48Z by mdf

Add type checking for static and dynamic sysctls using scalar types.
The code is turned off until the tree is fixed up so it compiles.
__FreeBSD_version was already bumped once today, so skip the bump, but
add an entry to UPDATING.

Note that __DESCR() is used in the SYSCTL_OID() macro and so is not
needed in macros that invoke it.  This use was inconsistent in the
file and I have made it consistent any lines already being changed.

Reviewed by:	bde (previous version), -arch (previous version)
@
text
@d43 2
a44 1
"Makefile", line 356: "Target architecture for i386/conf/GENERIC unknown.  config(8) likely too old."
d52 2
a53 2
	error in the first kernel build phase.  A new config on those old systems
	will fix that problem for older versions of -current.
@


1.675
log
@SVN rev 217309 on 2011-01-12 14:55:02Z by nwhitehorn

Update dialog to version 20100428. This changes the license under which
dialog is distributed from GPLv2 to LGPLv2 and introduces a number of new
features and a new and better libdialog API. The existing libdialog will
be kept temporarily as libodialog for compatibility purposes until sade,
sysinstall and tzsetup have been either updated or replaced.

__FreeBSD_version is now 900030.

Discussed on:	-current
Approved by:	core
Obtained from:	http://invisible-island.net/dialog
@
text
@d26 7
@


1.674
log
@SVN rev 216938 on 2011-01-03 23:05:20Z by imp

Note compatibility issues with make universe and stable systems.
@
text
@d25 8
@


1.673
log
@SVN rev 216758 on 2010-12-28 12:13:30Z by lstewart

- Add some helper hook points to the TCP stack. The hooks allow Khelp modules to
  access inbound/outbound events and associated data for established TCP
  connections. The hooks only run if at least one hook function is registered
  for the hook point, ensuring the impact on the stack is effectively nil when
  no TCP Khelp modules are loaded. struct tcp_hhook_data is passed as contextual
  data to any registered Khelp module hook functions.

- Add an OSD (Object Specific Data) pointer to struct tcpcb to allow Khelp
  modules to associate per-connection data with the TCP control block.

- Bump __FreeBSD_version and add a note to UPDATING regarding to ABI changes
  introduced by this commit and r216753.

In collaboration with:	David Hayes <dahayes at swin edu au> and
				Grenville Armitage <garmitage at swin edu au>
Sponsored by:	FreeBSD Foundation
Reviewed by:	bz, others along the way
MFC after:	3 months
@
text
@d25 14
@


1.672
log
@SVN rev 216591 on 2010-12-20 15:17:34Z by netchild

Suggest to run the delete-old target after the second mergemaster. If you run
it before, your rc scripts may still reference old files/directories and
if you are in the unlucky situation to have triggered a reboot (intentionally
or not) between the delete-old run and the mergemaster, your system may not
start anymore.

While I'm here, give a hint about delete-old-libs.

Noticed by:	bcr (luckily in a discussion and not by getting hit by this)
MFC after:	1 week
@
text
@d25 7
@


1.671
log
@SVN rev 215297 on 2010-11-14 13:26:10Z by marius

o Flesh out the generic IEEE 802.3 annex 31B full duplex flow control
  support in mii(4):
  - Merge generic flow control advertisement (which can be enabled by
    passing by MIIF_DOPAUSE to mii_attach(9)) and parsing support from
    NetBSD into mii_physubr.c and ukphy_subr.c. Unlike as in NetBSD,
    IFM_FLOW isn't implemented as a global option via the "don't care
    mask" but instead as a media specific option this. This has the
    following advantages:
    o allows flow control advertisement with autonegotiation to be
      turned on and off via ifconfig(8) with the default typically
      being off (though MIIF_FORCEPAUSE has been added causing flow
      control to be always advertised, allowing to easily MFC this
      changes for drivers that previously used home-grown support for
      flow control that behaved that way without breaking POLA)
    o allows to deal with PHY drivers where flow control advertisement
      with manual selection doesn't work or at least isn't implemented,
      like it's the case with brgphy(4), e1000phy(4) and ip1000phy(4),
      by setting MIIF_NOMANPAUSE
    o the available combinations of media options are readily available
      from the `ifconfig -m` output
  - Add IFM_FLOW to IFM_SHARED_OPTION_DESCRIPTIONS and IFM_ETH_RXPAUSE
    and IFM_ETH_TXPAUSE to IFM_SUBTYPE_ETHERNET_OPTION_DESCRIPTIONS so
    these are understood by ifconfig(8).
o Make the master/slave support in mii(4) actually usable:
  - Change IFM_ETH_MASTER from being implemented as a global option via
    the "don't care mask" to a media specific one as it actually is only
    applicable to IFM_1000_T to date.
  - Let mii_phy_setmedia() set GTCR_MAN_MS in IFM_1000_T slave mode to
    actually configure manually selected slave mode (like we also do in
    the PHY specific implementations).
  - Add IFM_ETH_MASTER to IFM_SUBTYPE_ETHERNET_OPTION_DESCRIPTIONS so it
    is understood by ifconfig(8).
o Switch bge(4), bce(4), msk(4), nfe(4) and stge(4) along with brgphy(4),
  e1000phy(4) and ip1000phy(4) to use the generic flow control support
  instead of home-grown solutions via IFM_FLAGs. This includes changing
  these PHY drivers and smcphy(4) to no longer unconditionally advertise
  support for flow control but only if the selected media has IFM_FLOW
  set (or MIIF_FORCEPAUSE is set) and implemented for these media variants,
  i.e. typically only for copper.
o Switch brgphy(4), ciphy(4), e1000phy(4) and ip1000phy(4) to report and
  set IFM_1000_T master mode via IFM_ETH_MASTER instead of via IFF_LINK0
  and some IFM_FLAGn.
o Switch brgphy(4) to add at least the the supported copper media based on
  the contents of the BMSR via mii_phy_add_media() instead of hardcoding
  them. The latter approach seems to have developed historically, besides
  causing unnecessary code duplication it was also undesirable because
  brgphy_mii_phy_auto() already based the capability advertisement on the
  contents of the BMSR though.
o Let brgphy(4) set IFM_1000_T master mode on all supported PHY and not
  just BCM5701. Apparently this was a misinterpretation of a workaround
  in the Linux tg3 driver; BCM5701 seem to require RGPHY_1000CTL_MSE and
  BRGPHY_1000CTL_MSC to be set when configuring autonegotiation but
  this doesn't mean we can't set these as well on other PHYs for manual
  media selection.
o Let ukphy_status() report IFM_1000_T master mode via IFM_ETH_MASTER so
  IFM_1000_T master mode support now is generally available with all PHY
  drivers.
o Don't let e1000phy(4) set master/slave bits for IFM_1000_SX as it's
  not applicable there.

Reviewed by:	yongari (plus additional testing)
Obtained from:	NetBSD (partially), OpenBSD (partially)
MFC after:	2 weeks
@
text
@a1138 1
	make delete-old
d1140 1
a1176 1
	make delete-old
d1178 1
d1221 4
@


1.670
log
@SVN rev 215166 on 2010-11-12 06:41:55Z by lstewart

This commit marks the first formal contribution of the "Five New TCP Congestion
Control Algorithms for FreeBSD" FreeBSD Foundation funded project. More details
about the project are available at: http://caia.swin.edu.au/freebsd/5cc/

- Add a KPI and supporting infrastructure to allow modular congestion control
  algorithms to be used in the net stack. Algorithms can maintain per-connection
  state if required, and connections maintain their own algorithm pointer, which
  allows different connections to concurrently use different algorithms. The
  TCP_CONGESTION socket option can be used with getsockopt()/setsockopt() to
  programmatically query or change the congestion control algorithm respectively
  from within an application at runtime.

- Integrate the framework with the TCP stack in as least intrusive a manner as
  possible. Care was also taken to develop the framework in a way that should
  allow integration with other congestion aware transport protocols (e.g. SCTP)
  in the future. The hope is that we will one day be able to share a single set
  of congestion control algorithm modules between all congestion aware transport
  protocols.

- Introduce a new congestion recovery (TF_CONGRECOVERY) state into the TCP stack
  and use it to decouple the meaning of recovery from a congestion event and
  recovery from packet loss (TF_FASTRECOVERY) a la RFC2581. ECN and delay based
  congestion control protocols don't generally need to recover from packet loss
  and need a different way to note a congestion recovery episode within the
  stack.

- Remove the net.inet.tcp.newreno sysctl, which simplifies some portions of code
  and ensures the stack always uses the appropriate mechanisms for recovering
  from packet loss during a congestion recovery episode.

- Extract the NewReno congestion control algorithm from the TCP stack and
  massage it into module form. NewReno is always built into the kernel and will
  remain the default algorithm for the forseeable future. Implementations of
  additional different algorithms will become available in the near future.

- Bump __FreeBSD_version to 900025 and note in UPDATING that rebuilding code
  that relies on the size of "struct tcpcb" is required.

Many thanks go to the Cisco University Research Program Fund at Community
Foundation Silicon Valley and the FreeBSD Foundation. Their support of our work
at the Centre for Advanced Internet Architectures, Swinburne University of
Technology is greatly appreciated.

In collaboration with:	David Hayes <dahayes at swin edu au> and
			Grenville Armitage <garmitage at swin edu au>
Sponsored by:	Cisco URP, FreeBSD Foundation
Reviewed by:	rpaulo
Tested by:	David Hayes (and many others over the years)
MFC after:	3 months
@
text
@d25 26
@


1.669
log
@SVN rev 214324 on 2010-10-25 07:39:05Z by avg

add dates along with revision numbers in UPDATING entry for 20100915
@
text
@d25 7
@


1.668
log
@SVN rev 213523 on 2010-10-07 17:26:22Z by emaste

Add a note on the removal of copyright strings from login(1) and sshd(8).
@
text
@d38 4
a41 4
	revision 210245 (r211583 if building head kernel on stable/8,
	r211584 for stable/7).  A symptom of incorrect ld version is
	different addresses for set_pcpu section and __start_set_pcpu
	symbol in kernel and/or modules.
@


1.667
log
@SVN rev 213404 on 2010-10-04 15:39:53Z by gordon

Add updating entry for manpath.config deprecation.

Approved by:	wes (mentor)
@
text
@d30 5
@


1.666
log
@SVN rev 212648 on 2010-09-15 10:04:41Z by avg

UPDATING entry for r212647
@
text
@d25 5
@


1.665
log
@SVN rev 212579 on 2010-09-13 19:55:40Z by hrs

Split $ipv6_prefer into $ip6addrctl_policy and $ipv6_activate_all_interfaces.

The $ip6addrctl_policy is a variable to choose a pre-defined address
selection policy set by ip6addrctl(8).
The keyword "ipv4_prefer" sets IPv4-preferred one described in Section 10.3,
the keyword "ipv6_prefer" sets IPv6-preferred one in Section 2.1 in RFC 3484,
respectively.  When "AUTO" is specified, it attempts to read
/etc/ip6addrctl.conf first.  If it is found, it reads and installs it as
a policy table.  If not, either of the two pre-defined policy tables is
chosen automatically according to $ipv6_activate_all_interfaces.

When $ipv6_activate_all_interfaces=NO, interfaces which have no corresponding
$ifconfig_IF_ipv6 is marked as IFDISABLED for security reason.

The default values are ip6addrctl_policy=AUTO and
ipv6_activate_all_interfaces=NO.

Discussed with:	ume and bz
@
text
@d25 8
@


1.664
log
@SVN rev 212567 on 2010-09-13 17:49:39Z by rpaulo

Add a note about userland DTracing.

Sponsored by:	The FreeBSD Foundation
> Description of fields to fill in above:                     76 columns --|
> PR:            If a GNATS PR is affected by the change.
> Submitted by:  If someone else sent in the change.
> Reviewed by:   If someone else reviewed your modification.
> Approved by:   If you needed approval for this commit.
> Obtained from: If the change is from a third party.
> MFC after:     N [day[s]|week[s]|month[s]].  Request a reminder email.
> Security:      Vulnerability reference (one per line) or description.
> Empty fields above will be automatically removed.

M    UPDATING
@
text
@d26 19
@


1.663
log
@SVN rev 210478 on 2010-07-25 18:32:59Z by rpaulo

Mention the removal of acpi_aiboost.
@
text
@d25 10
@


1.662
log
@SVN rev 210389 on 2010-07-22 19:11:57Z by gabor

Add BSD grep to the base system and make it our default grep.

Deliverables: Small and clean code (1,4 KSLOC vs GNU's 8,5 KSLOC),
              lower memory usage than GNU grep, GNU compatibility,
              BSD license.

TODO:         Performance is somewhat behind GNU grep but it is only
              significant for bigger searches.  The reason is complex, the
              most important factor is that GNU grep uses lots of
              optimizations to improve the speed of the regex library.
              First, we need a modern regex library (practically by adopting
              TRE), add support for GNU-style non-standard regexes and then
              reevalute the performance issues and look for bottlenecks.  In
              the meantime, for those, who need better performance, it is
              possible to build GNU grep by setting WITH_GNU_GREP.

Approved by:            delphij (mentor)
Obtained from:          OpenBSD (http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/grep/),
                        freegrep (http://github.com/howardjp/freegrep)
Sponsored by:           Google SoC 2008
Portbuild tests run by: kris, pav, erwin
Acknowledgements to:    fjoe (as SoC 2008 mentor),
                        everyone who helped in reviewing and testing
@
text
@d25 4
@


1.661
log
@SVN rev 209975 on 2010-07-13 05:32:19Z by nwhitehorn

MFppc64:

Kernel sources for 64-bit PowerPC, along with build-system changes to keep
32-bit kernels compiling (build system changes for 64-bit kernels are
coming later). Existing 32-bit PowerPC kernel configurations must be
updated after this change to specify their architecture.
@
text
@d25 12
@


1.660
log
@SVN rev 209962 on 2010-07-12 23:49:04Z by mm

Merge ZFS version 15 and almost all OpenSolaris bugfixes referenced
in Solaris 10 updates 141445-09 and 142901-14.

Detailed information:
(OpenSolaris revisions and Bug IDs, Solaris 10 patch numbers)

7844:effed23820ae
6755435	zfs_open() and zfs_close() needs to use ZFS_ENTER/ZFS_VERIFY_ZP (141445-01)

7897:e520d8258820
6748436	inconsistent zpool.cache in boot_archive could panic a zfs root filesystem upon boot-up (141445-01)

7965:b795da521357
6740164	zpool attach can create an illegal root pool (141909-02)

8084:b811cc60d650
6769612	zpool_import() will continue to write to cachefile even if altroot is set (N/A)

8121:7fd09d4ebd9c
6757430	want an option for zdb to disable space map loading and leak tracking (141445-01)

8129:e4f45a0bfbb0
6542860	ASSERT: reason != VDEV_LABEL_REMOVE||vdev_inuse(vd, crtxg, reason, 0) (141445-01)

8188:fd00c0a81e80
6761100	want zdb option to select older uberblocks (141445-01)

8190:6eeea43ced42
6774886	zfs_setattr() won't allow ndmp to restore SUNWattr_rw (141445-01)

8225:59a9961c2aeb
6737463	panic while trying to write out config file if root pool import fails (141445-01)

8227:f7d7be9b1f56
6765294	Refactor replay (141445-01)

8228:51e9ca9ee3a5
6572357	libzfs should do more to avoid mnttab lookups (141909-01)
6572376	zfs_iter_filesystems and zfs_iter_snapshots get objset stats twice (141909-01)

8241:5a60f16123ba
6328632	zpool offline is a bit too conservative (141445-01)
6739487	ASSERT: txg <= spa_final_txg due to scrub/export race (141445-01)
6767129	ASSERT: cvd->vdev_isspare, in spa_vdev_detach() (141445-01)
6747698	checksum failures after offline -t / export / import / scrub (141445-01)
6745863	ZFS writes to disk after it has been offlined (141445-01)
6722540	50% slowdown on scrub/resilver with certain vdev configurations (141445-01)
6759999	resilver logic rewrites ditto blocks on both source and destination (141445-01)
6758107	I/O should never suspend during spa_load() (141445-01)
6776548	codereview(1) runs off the page when faced with multi-line comments (N/A)
6761406	AMD errata 91 workaround doesn't work on 64-bit systems (141445-01)

8242:e46e4b2f0a03
6770866	GRUB/ZFS should require physical path or devid, but not both (141445-01)

8269:03a7e9050cfd
6674216	"zfs share" doesn't work, but "zfs set sharenfs=on" does (141445-01)
6621164	$SRC/cmd/zfs/zfs_main.c seems to have a syntax error in the translation note (141445-01)
6635482	i18n problems in libzfs_dataset.c and zfs_main.c (141445-01)
6595194	"zfs get" VALUE column is as wide as NAME (141445-01)
6722991	vdev_disk.c: error checking for ddi_pathname_to_dev_t() must test for NODEV (141445-01)
6396518	ASSERT strings shouldn't be pre-processed (141445-01)

8274:846b39508aff
6713916	scrub/resilver needlessly decompress data (141445-01)

8343:655db2375fed
6739553	libzfs_status msgid table is out of sync (141445-01)
6784104	libzfs unfairly rejects numerical values greater than 2^63 (141445-01)
6784108	zfs_realloc() should not free original memory on failure (141445-01)

8525:e0e0e525d0f8
6788830	set large value to reservation cause core dump (141445-01)
6791064	want sysevents for ZFS scrub (141445-01)
6791066	need to be able to set cachefile on faulted pools (141445-01)
6791071	zpool_do_import() should not enable datasets on faulted pools (141445-01)
6792134	getting multiple properties on a faulted pool leads to confusion (141445-01)

8547:bcc7b46e5ff7
6792884	Vista clients cannot access .zfs (141445-01)

8632:36ef517870a3
6798384	It can take a village to raise a zio (141445-01)

8636:7e4ce9158df3
6551866	deadlock between zfs_write(), zfs_freesp(), and zfs_putapage() (141909-01)
6504953	zfs_getpage() misunderstands VOP_GETPAGE() interface (141909-01)
6702206	ZFS read/writer lock contention throttles sendfile() benchmark (141445-01)
6780491	Zone on a ZFS filesystem has poor fork/exec performance (141445-01)
6747596	assertion failed: DVA_EQUAL(BP_IDENTITY(&zio->io_bp_orig), BP_IDENTITY(zio->io_bp))); (141445-01)

8692:692d4668b40d
6801507	ZFS read aggregation should not mind the gap (141445-01)

8697:e62d2612c14d
6633095	creating a filesystem with many properties set is slow (141445-01)

8768:dfecfdbb27ed
6775697	oracle crashes when overwriting after hitting quota on zfs (141909-01)

8811:f8deccf701cf
6790687	libzfs mnttab caching ignores external changes (141445-01)
6791101	memory leak from libzfs_mnttab_init (141445-01)

8845:91af0d9c0790
6800942	smb_session_create() incorrectly stores IP addresses (N/A)
6582163	Access Control List (ACL) for shares (141445-01)
6804954	smb_search - shortname field should be space padded following the NULL terminator (N/A)
6800184	Panic at smb_oplock_conflict+0x35() (N/A)

8876:59d2e67b4b65
6803822	Reboot after replacement of system disk in a ZFS mirror drops to grub> prompt (141445-01)

8924:5af812f84759
6789318	coredump when issue zdb -uuuu poolname/ (141445-01)
6790345 zdb -dddd -e poolname coredump (141445-01)
6797109 zdb: 'zdb -dddddd pool_name/fs_name inode' coredump if the file with inode was deleted (141445-01)
6797118 zdb: 'zdb -dddddd poolname inum' coredump if I miss the fs name (141445-01)
6803343 shareiscsi=on failed, iscsitgtd failed request to share (141445-01)

9030:243fd360d81f
6815893	hang mounting a dataset after booting into a new boot environment (141445-01)

9056:826e1858a846
6809691	'zpool create -f' no longer overwrites ufs infomation (141445-01)

9179:d8fbd96b79b3
6790064	zfs needs to determine uid and gid earlier in create process (141445-01)

9214:8d350e5d04aa
6604992	forced unmount + being in .zfs/snapshot/<snap1> = not happy (141909-01)
6810367	assertion failed: dvp->v_flag & VROOT, file: ../../common/fs/gfs.c, line: 426 (141909-01)

9229:e3f8b41e5db4
6807765	ztest_dsl_dataset_promote_busy needs to clean up after ENOSPC (141445-01)

9230:e4561e3eb1ef
6821169	offlining a device results in checksum errors (141445-01)
6821170	ZFS should not increment error stats for unavailable devices (141445-01)
6824006	need to increase issue and interrupt taskqs threads in zfs (141445-01)

9234:bffdc4fc05c4
6792139	recovering from a suspended pool needs some work (141445-01)
6794830	reboot command hangs on a failed zfs pool (141445-01)

9246:67c03c93c071
6824062	System panicked in zfs_mount due to NULL pointer dereference when running btts and svvs tests (141909-01)

9276:a8a7fc849933
6816124	System crash running zpool destroy on broken zpool (141445-03)

9355:09928982c591
6818183	zfs snapshot -r is slow due to set_snap_props() doing txg_wait_synced() for each new snapshot (141445-03)

9391:413d0661ef33
6710376	log device can show incorrect status when other parts of pool are degraded (141445-03)

9396:f41cf682d0d3 (part already merged)
6501037	want user/group quotas on ZFS (141445-03)
6827260	assertion failed in arc_read(): hdr == pbuf->b_hdr (141445-03)
6815592	panic: No such hold X on refcount Y from zfs_znode_move (141445-03)
6759986	zfs list shows temporary %clone when doing online zfs recv (141445-03)

9404:319573cd93f8
6774713	zfs ignores canmount=noauto when sharenfs property != off (141445-03)

9412:4aefd8704ce0
6717022	ZFS DMU needs zero-copy support (141445-03)

9425:e7ffacaec3a8
6799895	spa_add_spares() needs to be protected by config lock (141445-03)
6826466	want to post sysevents on hot spare activation (141445-03)
6826468	spa 'allowfaulted' needs some work (141445-03)
6826469	kernel support for storing vdev FRU information (141445-03)
6826470	skip posting checksum errors from DTL regions of leaf vdevs (141445-03)
6826471	I/O errors after device remove probe can confuse FMA (141445-03)
6826472	spares should enjoy some of the benefits of cache devices (141445-03)

9443:2a96d8478e95
6833711	gang leaders shouldn't have to be logical (141445-03)

9463:d0bd231c7518
6764124	want zdb to be able to checksum metadata blocks only (141445-03)

9465:8372081b8019
6830237	zfs panic in zfs_groupmember() (141445-03)

9466:1fdfd1fed9c4
6833162	phantom log device in zpool status (141445-03)

9469:4f68f041ddcd
6824968	add ZFS userquota support to rquotad (141445-03)

9470:6d827468d7b5
6834217	godfather I/O should reexecute (141445-03)

9480:fcff33da767f
6596237	Stop looking and start ganging (141909-02)

9493:9933d599bc93
6623978	lwb->lwb_buf != NULL, file ../../../uts/common/fs/zfs/zil.c, line 787, function zil_lwb_commit (141445-06)

9512:64cafcbcc337
6801810	Commit of aligned streaming rewrites to ZIL device causes unwanted disk reads (N/A)

9515:d3b739d9d043
6586537	async zio taskqs can block out userland commands (142901-09)

9554:787363635b6a
6836768	zfs_userspace() callback has no way to indicate failure (N/A)

9574:1eb6a6ab2c57
6838062	zfs panics when an error is encountered in space_map_load() (141909-02)

9583:b0696cd037cc
6794136	Panic BAD TRAP: type=e when importing degraded zraid pool. (141909-03)

9630:e25a03f552e0
6776104	"zfs import" deadlock between spa_unload() and spa_async_thread() (141445-06)

9653:a70048a304d1
6664765	Unable to remove files when using fat-zap and quota exceeded on ZFS filesystem (141445-06)

9688:127be1845343
6841321	zfs userspace / zfs get userused@@ doesn't work on mounted snapshot (N/A)
6843069	zfs get userused@@S-1-... doesn't work (N/A)

9873:8ddc892eca6e
6847229	assertion failed: refcount_count(&tx->tx_space_written) + delta <= tx->tx_space_towrite in dmu_tx.c (141445-06)

9904:d260bd3fd47c
6838344	kernel heap corruption detected on zil while stress testing (141445-06)

9951:a4895b3dd543
6844900	zfs_ioc_userspace_upgrade leaks (N/A)

10040:38b25aeeaf7a
6857012	zfs panics on zpool import (141445-06)

10000:241a51d8720c
6848242	zdb -e no longer works as expected (N/A)

10100:4a6965f6bef8
6856634	snv_117 not booting: zfs_parse_bootfs: error2 (141445-07)

10160:a45b03783d44
6861983	zfs should use new name <-> SID interfaces (N/A)
6862984	userquota commands can hang (141445-06)

10299:80845694147f
6696858	zfs receive of incremental replication stream can dereference NULL pointer and crash (N/A)

10302:a9e3d1987706
6696858	zfs receive of incremental replication stream can dereference NULL pointer and crash (fix lint) (N/A)

10575:2a8816c5173b (partial merge)
6882227 spa_async_remove() shouldn't do a full clear (142901-14)

10800:469478b180d9
6880764	fsync on zfs is broken if writes are greater than 32kb on a hard crash and no log attached (142901-09)
6793430 zdb -ivvvv assertion failure: bp->blk_cksum.zc_word[2] == dmu_objset_id(zilog->zl_os) (N/A)

10801:e0bf032e8673 (partial merge)
6822816 assertion failed: zap_remove_int(ds_next_clones_obj) returns ENOENT (142901-09)

10810:b6b161a6ae4a
6892298 buf->b_hdr->b_state != arc_anon, file: ../../common/fs/zfs/arc.c, line: 2849 (142901-09)

10890:499786962772
6807339	spurious checksum errors when replacing a vdev (142901-13)

11249:6c30f7dfc97b
6906110 bad trap panic in zil_replay_log_record (142901-13)
6906946 zfs replay isn't handling uid/gid correctly (142901-13)

11454:6e69bacc1a5a
6898245 suspended zpool should not cause rest of the zfs/zpool commands to hang (142901-10)

11546:42ea6be8961b (partial merge)
6833999 3-way deadlock in dsl_dataset_hold_ref() and dsl_sync_task_group_sync() (142901-09)

Discussed with:	pjd
Approved by:	delphij (mentor)
Obtained from:	OpenSolaris (multiple Bug IDs)
MFC after:	2 months
@
text
@d27 8
@


1.659
log
@SVN rev 208002 on 2010-05-12 21:20:04Z by brueffer

Note 8.0-RELEASE.

PR:		143824
Submitted by:	pluknet <pluknet@@gmail.com>
@
text
@d26 7
d974 16
@


1.658
log
@SVN rev 207410 on 2010-04-30 00:46:43Z by kmacy

On Alan's advice, rather than do a wholesale conversion on a single
architecture from page queue lock to a hashed array of page locks
(based on a patch by Jeff Roberson), I've implemented page lock
support in the MI code and have only moved vm_page's hold_count
out from under page queue mutex to page lock. This changes
pmap_extract_and_hold on all pmaps.

Supported by: Bitgravity Inc.

Discussed with: alc, jeffr, and kib
@
text
@d86 3
@


1.657
log
@SVN rev 206082 on 2010-04-02 06:55:31Z by netchild

WITH_CTF can now be specified in src.conf (not recommended, there
are some problems with static executables), make.conf (would also
affect ports which do not use GNU make and do not override the
compile targets) or in the kernel config (via "makeoptions
WITH_CTF=yes").

Additional (related) changes:
 - propagate WITH_CTF to module builds
 - do not add -g to the linker flags, it's a noop there anyway
   (at least according to the man page of ld)
 - do not add -g to CFLAGS unconditionally
   we need to have a look if it is really needed (IMO not) or if there
   is a way to add it only when WITH_CTF is used

Note: ctfconvert / ctfmerge lines will not appear in the build output,
to protect the innocent (those which do not build with WITH_CTF would
see the shell-test and may think WITH_CTF is used).

Reviewed by:	imp, jhb, scottl (earlier version)
Discussed on:	arch@@
@
text
@d25 8
@


1.656
log
@SVN rev 205014 on 2010-03-11 14:49:06Z by nwhitehorn

Provide groundwork for 32-bit binary compatibility on non-x86 platforms,
for upcoming 64-bit PowerPC and MIPS support. This renames the COMPAT_IA32
option to COMPAT_FREEBSD32, removes some IA32-specific code from MI parts
of the kernel and enhances the freebsd32 compatibility code to support
big-endian platforms.

Reviewed by:	kib, jhb
@
text
@d25 10
@


1.655
log
@SVN rev 204943 on 2010-03-10 06:10:39Z by obrien

Use more proper terms (from official documents) for AMD CPU's.

Reviewed by:	imp
@
text
@d25 6
@


1.654
log
@SVN rev 204942 on 2010-03-10 05:44:57Z by dougb

Add -i to the first post-install mergemaster example to make
it consistent with the other. [1]

Add a note about -U to the mergemaster footnote.

Submitted by:	obrien [1]
@
text
@d500 1
a500 1
	support for K10 and K11 CPU families was added.
@


1.653
log
@SVN rev 202301 on 2010-01-14 20:58:45Z by ed

Add wtmpcvt(1).

This utility allows users to convert their wtmp databases to the new
format. It makes no sense for users to keep their wtmp log files if they
are unable to view them.

It basically copies ut_line into ut_id as well. This makes it possible
for last(1) and ac(8) to match login records with their corresponding
logout record.
@
text
@d986 1
a986 1
	mergemaster					[4]
d1057 2
a1058 1
	for potential gotchas.
@


1.652
log
@SVN rev 202219 on 2010-01-13 19:25:03Z by ed

Complete the migration towards utmpx.

- Add a notice to UPDATING, explaining users may need to recompile
  applications that use the old database.
- Bump __FreeBSD_version.
@
text
@d40 3
a42 1
	assuming their contents is of no importance anymore.
@


1.651
log
@SVN rev 201879 on 2010-01-09 01:46:38Z by attilio

Introduce the new kernel thread called "deadlock resolver".
While the name is pretentious, a good explanation of its targets is
reported in this 17 months old presentation e-mail:
http://lists.freebsd.org/pipermail/freebsd-arch/2008-August/008452.html

In order to implement it, the sq_type in sleepqueues is mandatory and not
only compiled along with INVARIANTS option. Additively, a new sleepqueue
function, sleepq_type() is added, returning the type of the sleepqueue
linked to a wchan.
Three new sysctls are added in order to configure the thread:
debug.deadlkres.slptime_threshold
debug.deadlkres.blktime_threshold
debug.deadlkres.sleepfreq

rappresenting the thresholds for sleep and block time that will lead to
a deadlock matching (when exceeded), while the sleepfreq rappresents the
number of seconds between 2 consecutive thread runnings.
In order to enable the deadlock resolver thread recompile your kernel
with the option DEADLKRES.

Reviewed by:	jeff
Tested by:	pho, Giovanni Trematerra
Sponsored by:	Nokia Incorporated, Sandvine Incorporated
MFC after:	2 weeks
@
text
@d25 17
@


1.650
log
@SVN rev 201001 on 2009-12-25 21:14:34Z by ru

Fixed two typos.

Submitted by:	Maxim Dounin <mdounin@@mdounin.ru>
@
text
@d25 5
@


1.649
log
@SVN rev 200672 on 2009-12-18 16:35:28Z by ume

Mention the unification of rc.firewall and rc.firewall6.

Suggested by:	David Horn <dhorn2000__at__gmail.com>
@
text
@d164 1
a164 1
	maintainig the ABI. However, this change breaks the ABI, so bump
d898 1
a898 1
	-j, please try again wtihout -j.  From time to time in the past there
@


1.648
log
@SVN rev 199621 on 2009-11-21 01:43:22Z by dougb

Add a note that wpa_supplicant(8) may require a full world build to
sync up with 20091109.
@
text
@d25 13
@


1.647
log
@SVN rev 199250 on 2009-11-13 11:28:54Z by ed

Convert syscons on i386 to TERM=xterm.

TEKEN_XTERM is now gone. Because we always use xterm mode now, we only
need a TEKEN_CONS25 switch to go back to cons25.
@
text
@d45 4
@


1.646
log
@SVN rev 199243 on 2009-11-13 05:54:55Z by ed

Switch the default terminal emulation style to xterm for most platforms.

Right now syscons(4) uses a cons25-style terminal emulator. The
disadvantages of that are:

- Little compatibility with embedded devices with serial interfaces.
- Bad bandwidth efficiency, mainly because of the lack of scrolling
  regions.
- A very hard transition path to support for modern character sets like
  UTF-8.

Our terminal emulation library, libteken, has been supporting
xterm-style terminal emulation for months, so flip the switch and make
everyone use an xterm-style console driver.

I still have to enable this on i386. Right now pc98 and i386 share the
same /etc/ttys file. I'm not going to switch pc98, because it uses its
own Kanji-capable cons25 emulator.

IMPORTANT: What to do if things go wrong (i.e. graphical artifacts):

- Run the application inside script(1), try to reduce the problem and
  send me the log file.
- In the mean time, you can run `vidcontrol -T cons25' and `export
  TERM=cons25' so you can run applications the same way you did before.
  You can also build your kernel with `options TEKEN_CONS25' to make all
  virtual terminals use the cons25 emulator by default.

Discussed on:	current@@
@
text
@d27 3
a29 3
	from cons25 to xterm on all platforms except i386 and pc98.
	This means that the /etc/ttys file needs to be updated to ensure
	correct operation of applications on the console.
d32 3
a34 3
	vidcontrol(1)'s -T flag.  The TEKEN_XTERM and TEKEN_CONS25
	kernel configuration options can be used to change the
	compile-time default.
@


1.645
log
@SVN rev 199087 on 2009-11-09 16:05:32Z by rpaulo

Mention the layout change of ieee80211req_scan_result.
@
text
@d25 15
@


1.644
log
@SVN rev 198859 on 2009-11-03 21:06:19Z by thompsa

Belatedly add an UPDATING message for the usb ethernet ifnet naming in r188412.

MFC after:	3 days
@
text
@d25 5
@


1.643
log
@SVN rev 198480 on 2009-10-26 09:16:08Z by mav

Document atapci kernel module split.

PR:		amd64/139859
MFC after:	3 days
@
text
@d540 5
@


1.642
log
@SVN rev 198469 on 2009-10-25 10:29:37Z by rpaulo

Explain that iwn was updated and the firmware images are now split.
@
text
@d635 9
@


1.641
log
@SVN rev 197526 on 2009-09-26 18:59:00Z by hrs

Fix several logic bugs in the previous IPv6 variable change and
re-add $ipv6_enable support for backward compatibility.  From
UPDATING:

 1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF
    for IPv4.  For aliases, $ifconfig_IF_aliasN should be used.
    Note that both variables need the "inet6" keyword at the head.

    Do not set $ipv6_network_interfaces manually if you do not
    understand what you are doing.  It is not needed in most cases.

    $ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but
    they are obsolete.

 2. $ipv6_enable is obsolete.  Use $ipv6_prefer and/or
    "inet6 accept_rtadv" keyword in ifconfig(8) instead.

    If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and
    all configured interfaces have "inet6 accept_rtadv" in the
    $ifconfig_IF_ipv6.  These are for backward compatibility.

 3. A new variable $ipv6_prefer has been added.  If NO, IPv6
    functionality of interfaces with no corresponding
    $ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag,
    and the default address selection policy of ip6addrctl(8)
    is the IPv4-preferred one (see rc.d/ip6addrctl for more details).
    Note that if you want to configure IPv6 functionality on the
    disabled interfaces after boot, first you need to clear the flag by
    using ifconfig(8) like:

         ifconfig em0 inet6 -ifdisabled

    If YES, the default address selection policy is set as
    IPv6-preferred.

    The default value of $ipv6_prefer is NO.

 4. If your system need to receive Router Advertisement messages,
    define "inet6 accept_rtadv" in $ifconfig_IF_ipv6.  The rc(8)
    scripts automatically invoke rtsol(8) when the interface becomes
    UP.  The Router Advertisement messages are used for SLAAC
    (State-Less Address AutoConfiguration).
@
text
@d25 8
@


1.640
log
@SVN rev 197414 on 2009-09-22 18:19:18Z by rpaulo

Note the D3.03 mesh changes.

MFC after:	1 week
@
text
@d25 43
d72 8
@


1.639
log
@SVN rev 197201 on 2009-09-14 21:10:40Z by pjd

- Mount ZFS snapshots with MNT_IGNORE flag, so they are not visible in regular
  df(1) and mount(8) output. This is a bit smilar to OpenSolaris and follows
  ZFS route of not listing snapshots by default with 'zfs list' command.
- Add UPDATING entry to note that ZFS snapshots are no longer visible in
  mount(8) and df(1) output by default.

Reviewed by:	kib
MFC after:	3 days
@
text
@d25 4
@


1.638
log
@SVN rev 196857 on 2009-09-05 08:09:35Z by imp

Go ahead and mention the CVS branch name as well as the svn branch name.
@
text
@d25 4
@


1.637
log
@SVN rev 196856 on 2009-09-05 08:08:14Z by imp

Note migration of tunable from hw.bus.devctl_disable to
hw.bus.devctl_queue.  The sysctl interface provides legacys upport for
the latter sysctl, but the tunable support was removed.

MFC after:	1 day
@
text
@d37 2
a38 1
	stable/8 branch created in subversion.
@


1.636
log
@SVN rev 196791 on 2009-09-03 17:13:54Z by imp

Actually, stable/8 is what was created...
@
text
@d25 6
@


1.635
log
@SVN rev 196789 on 2009-09-03 17:04:42Z by imp

Time for house-cleaning:
o remove all entries before RELENG_7 was branched, as is tradition[*].
o Update examples...  nobody cares about 5.x upgrades.
o minor format tweaking in a few places.
o update copyright (although at best I hold an editors copyright these days).
o Remove giving people permission to buy me beer.  I don't do enough for
  this document for that anymore...
@
text
@d31 1
a31 1
	RELENG_8 branched.
@


1.634
log
@SVN rev 196432 on 2009-08-22 23:44:37Z by kensmith

Make head 9.0-CURRENT in preparation for lifting code freeze.

Approved by:	re (implicit)
@
text
@d3 5
a7 3
This file is maintained and copyrighted by M. Warner Losh
<imp@@village.org>.  See end of file for further details.  For commonly
done items, please see the COMMON ITEMS: section later in the file.
d10 1
a10 2
/usr/ports/UPDATING.  Please read that file before running
portupgrade.
d13 10
a22 11
	FreeBSD 9.x has many debugging features turned on, in
	both the kernel and userland.  These features attempt to detect
	incorrect use of system primitives, and encourage loud failure
	through extra sanity checking and fail stop semantics.  They
	also substantially impact system performance.  If you want to
	do performance measurement, benchmarking, and optimization,
	you'll want to turn them off.  This includes various WITNESS-
	related kernel options, INVARIANTS, malloc debugging flags
	in userland, and various verbose features in the kernel.  Many
	developers choose to disable these features on build machines
	to maximize performance.  (To disable malloc debugging, run
d26 6
a31 4
	Remove the option STOP_NMI.  The default action is now to use NMI
	only for KDB via the newly introduced function stop_cpus_hard()
	and maintain stop_cpus() to just use a normal IPI_STOP on ia32
	and amd64.
d34 3
a36 3
	Bump the shared library version numbers for all libraries that
	do not use symbol versioning as part of the 8.0-RELEASE cycle.
	Bump __FreeBSD_version to 800105.
d39 3
a41 3
	Due to changes in the implementation of virtual network stack
	support, all network-related kernel modules must be recompiled.
	As this change breaks the ABI, bump __FreeBSD_version to 800104.
d44 5
a48 5
	The TOE interface to the TCP syncache has been modified to remove struct
	tcpopt (<netinet/tcp_var.h>) from the ABI of the network stack.  The
	cxgb driver is the only TOE consumer affected by this change, and needs
	to be recompiled along with the kernel. As this change breaks the ABI,
	bump __FreeBSD_version to 800103.
d50 1
a50 1
20090712:
d58 3
a60 3
	The NFS_LEGACYRPC option has been removed along with the old
	kernel RPC implementation that this option selected. Kernel
	configurations may need to be adjusted.
d63 4
a66 4
	The network interface device nodes at /dev/net/<interface> have
	been removed.  All ioctl operations can be performed the normal
	way using routing sockets.  The kqueue functionality can
	generally be replaced with routing sockets.
d69 3
a71 4
	The documentation from the FreeBSD Documentation Project
	(Handbook, FAQ, etc.) is now installed via packages by
	sysinstall(8) and under the /usr/local/share/doc/freebsd
	directory instead of /usr/share/doc.
d74 4
a77 4
	The ABI of various structures related to the SYSV IPC API have
	been changed.  As a result, the COMPAT_FREEBSD[456] and COMPAT_43
	kernel options now all require COMPAT_FREEBSD7.
	Bump __FreeBSD_version to 800100.
d80 3
a82 3
	Layout of struct vnet has changed as routing related variables
	were moved to their own Vimage module. Modules need to be
	recompiled.  Bump __FreeBSD_version to 800099.
d85 21
a105 22
	NGROUPS_MAX and NGROUPS have been increased from 16 to 1023
	and 1024 respectively.  As long as no more than 16 groups per
	process are used, no changes should be visible.  When more
	than 16 groups are used, old binaries may fail if they call
	getgroups() or getgrouplist() with statically sized storage.
	Recompiling will work around this, but applications should be
	modified to use dynamically allocated storage for group arrays
	as POSIX.1-2008 does not cap an implementation's number of
	supported groups at NGROUPS_MAX+1 as previous versions did.

	NFS and portalfs mounts may also be affected as the list of
	groups is truncated to 16.  Users of NFS who use more than 16
	groups, should take care that negative group permissions are not
	used on the exported file systems as they will not be reliable
	unless a GSSAPI based authentication method is used.

20090616:
	The compiling option ADAPTIVE_LOCKMGRS has been introduced.
	This option compiles in the support for adaptive spinning for lockmgrs
	which want to enable it.  The lockinit() function now accepts the
	flag LK_ADAPTIVE in order to make the lock object subject to
	adaptive spinning when both held in write and read mode.
d108 2
a109 3
	The layout of the structure returned by IEEE80211_IOC_STA_INFO
	has changed.  User applications that use this ioctl need to be
	rebuilt.
d112 2
a113 2
	The layout of struct thread has changed.  Kernel and modules
	need to be rebuilt.
d116 2
a117 3
	The layout of structs ifnet, domain, protosw and vnet_net has
	changed.  Kernel modules need to be rebuilt.
	Bump __FreeBSD_version to 800097.
d124 3
a126 3
	The way we are storing and accessing `routing table' entries
	has changed. Programs reading the FIB, like netstat, need to
	be re-compiled.
d135 2
a136 2
	Remove the tunable/sysctl debug.mpsafevfs as its initial purpose
	is no more valid.
d143 2
a144 2
	Add mnt_xflag field to 'struct mount'.  File system modules
	need to be rebuilt.
d151 2
a152 2
	SX_ADAPTIVESPIN flag has been retired while the SX_NOADAPTIVE flag
	has been introduced in order to handle the reversed logic.
d165 2
a166 3
	The newly imported zic(8) produces a new format in the
	output. Please run tzsetup(8) to install the newly created
	data to /etc/localtime.
d173 4
a176 5
	802.11 monitor mode support was revised and driver api's
	were changed.  Drivers dependent on net80211 now support
	DLT_IEEE802_11_RADIO instead of DLT_IEEE802_11.  No
	user-visible data structures were changed but applications
	that use DLT_IEEE802_11 may require changes.
a766 700
20071009:
	Setting WITHOUT_LIBPTHREAD now means WITHOUT_LIBKSE and
	WITHOUT_LIBTHR are set.

20070930:
	The PCI code has been made aware of PCI domains. This means that
	the location strings as used by pciconf(8) etc are now in the
	following format: pci<domain>:<bus>:<device>[:<function>]. It
	also means that consumers of <sys/pciio.h> potentially need to
	be recompiled; this includes the hal and xorg-server ports.

20070928:
	The caching daemon (cached) was renamed to nscd. nscd.conf
	configuration file should be used instead of cached.conf and
	nscd_enable, nscd_pidfile and nscd_flags options should be used
	instead of cached_enable, cached_pidfile and cached_flags in
	rc.conf.

20070921:
	The getfacl(1) utility now prints owning user and group name
	instead of owning uid and gid in the three line comment header.
	This is the same behavior as getfacl(1) on Solaris and Linux.

20070704:
	The new IPsec code is now compiled in using the IPSEC option.  The
	IPSEC option now requires "device crypto" be defined in your kernel
	configuration.  The FAST_IPSEC kernel option is now deprecated.

20070702:
	The packet filter (pf) code has been updated to OpenBSD 4.1 Please
	note the changed syntax - keep state is now on by default.  Also
	note the fact that ftp-proxy(8) has been changed from bottom up and
	has been moved from libexec to usr/sbin.  Changes in the ALTQ
	handling also affect users of IPFW's ALTQ capabilities.

20070701:
	Remove KAME IPsec in favor of FAST_IPSEC, which is now the
	only IPsec supported by FreeBSD.  The new IPsec stack
	supports both IPv4 and IPv6. The kernel option will change
	after the code changes have settled in.  For now the kernel
	option IPSEC is deprecated and FAST_IPSEC is the only option, that
	will change after some settling time.

20070701:
	The wicontrol(8) utility has been removed from the base system. wi(4)
	cards should be configured using ifconfig(8), see the man page for more
	information.

20070612:
	The i386/amd64 GENERIC kernel now defaults to the nfe(4) driver
	instead of the nve(4) driver. Please update your configuration
	accordingly.

20070612:
	By default, /etc/rc.d/sendmail no longer rebuilds the aliases
	database if it is missing or older than the aliases file.  If
	desired, set the new rc.conf option sendmail_rebuild_aliases
	to "YES" to restore that functionality.

20070612:
	The IPv4 multicast socket code has been considerably modified, and
	moved to the file sys/netinet/in_mcast.c. Initial support for the
	RFC 3678 Source-Specific Multicast Socket API has been added to
	the IPv4 network stack.

	Strict multicast and broadcast reception is now the default for
	UDP/IPv4 sockets; the net.inet.udp.strict_mcast_mship sysctl variable
	has now been removed.

	The RFC 1724 hack for interface selection has been removed; the use
	of the Linux-derived ip_mreqn structure with IP_MULTICAST_IF has
	been added to replace it. Consumers such as routed will soon be
	updated to reflect this.

	These changes affect users who are running routed(8) or rdisc(8)
	from the FreeBSD base system on point-to-point or unnumbered
	interfaces.

20070610:
	The net80211 layer has changed significantly and all wireless
	drivers that depend on it need to be recompiled.  Further these
	changes require that any program that interacts with the wireless
	support in the kernel be recompiled; this includes: ifconfig,
	wpa_supplicant, hostapd, and wlanstats.  Users must also, for
	the moment, kldload the wlan_scan_sta and/or wlan_scan_ap modules
	if they use modules for wireless support.  These modules implement
	scanning support for station and ap modes, respectively.  Failure
	to load the appropriate module before marking a wireless interface
	up will result in a message to the console and the device not
	operating properly.

20070610:
	The pam_nologin(8) module ceases to provide an authentication
	function and starts providing an account management function.
	Consequent changes to /etc/pam.d should be brought in using
	mergemaster(8).  Third-party files in /usr/local/etc/pam.d may
	need manual editing as follows.  Locate this line (or similar):

		auth	required	pam_nologin.so	no_warn

	and change it according to this example:

		account	required	pam_nologin.so	no_warn

	That is, the first word needs to be changed from "auth" to
	"account".  The new line can be moved to the account section
	within the file for clarity.  Not updating pam.conf(5) files
	will result in nologin(5) ignored by the respective services.

20070529:
	The ether_ioctl() function has been synchronized with ioctl(2)
	and ifnet.if_ioctl.  Due to that, the size of one of its arguments
	has changed on 64-bit architectures.  All kernel modules using
	ether_ioctl() need to be rebuilt on such architectures.

20070516:
	Improved INCLUDE_CONFIG_FILE support has been introduced to the
	config(8) utility. In order to take advantage of this new
	functionality, you are expected to recompile and install
	src/usr.sbin/config. If you don't rebuild config(8), and your
	kernel configuration depends on INCLUDE_CONFIG_FILE, the kernel
	build will be broken because of a missing "kernconfstring"
	symbol.

20070513:
	Symbol versioning is enabled by default.  To disable it, use
	option WITHOUT_SYMVER.  It is not advisable to attempt to
	disable symbol versioning once it is enabled; your installworld
	will break because a symbol version-less libc will get installed
	before the install tools.  As a result, the old install tools,
	which previously had symbol dependencies to FBSD_1.0, will fail
	because the freshly installed libc will not have them.

	The default threading library (providing "libpthread") has been
	changed to libthr.  If you wish to have libkse as your default,
	use option DEFAULT_THREAD_LIB=libkse for the buildworld.

20070423:
	The ABI breakage in sendmail(8)'s libmilter has been repaired
	so it is no longer necessary to recompile mail filters (aka,
	milters).  If you recompiled mail filters after the 20070408
	note, it is not necessary to recompile them again.

20070417:
	The new trunk(4) driver has been renamed to lagg(4) as it better
	reflects its purpose. ifconfig will need to be recompiled.

20070408:
	sendmail(8) has been updated to version 8.14.1.  Mail filters
	(aka, milters) compiled against the libmilter included in the
	base operating system should be recompiled.

20070302:
	Firmwares for ipw(4) and iwi(4) are now included in the base tree.
	In order to use them one must agree to the respective LICENSE in
	share/doc/legal and define legal.intel_<name>.license_ack=1 via
	loader.conf(5) or kenv(1).  Make sure to deinstall the now
	deprecated modules from the respective firmware ports.

20070228:
	The name resolution/mapping functions addr2ascii(3) and ascii2addr(3)
	were removed from FreeBSD's libc. These originally came from INRIA
	IPv6. Nothing in FreeBSD ever used them. They may be regarded as
	deprecated in previous releases.
	The AF_LINK support for getnameinfo(3) was merged from NetBSD to
	replace it as a more portable (and re-entrant) API.

20070224:
	To support interrupt filtering a modification to the newbus API
	has occurred, ABI was broken and __FreeBSD_version was bumped
	to 700031. Please make sure that your kernel and modules are in
	sync. For more info:
	http://docs.freebsd.org/cgi/mid.cgi?20070221233124.GA13941

20070224:
	The IPv6 multicast forwarding code may now be loaded into GENERIC
	kernels by loading the ip_mroute.ko module. This is built into the
	module unless WITHOUT_INET6 or WITHOUT_INET6_SUPPORT options are
	set; see src.conf(5) for more information.

20070214:
	The output of netstat -r has changed. Without -n, we now only
	print a "network name" without the prefix length if the network
	address and mask exactly match a Class A/B/C network, and an entry
	exists in the nsswitch "networks" map.
	With -n, we print the full unabbreviated CIDR network prefix in
	the form "a.b.c.d/p". 0.0.0.0/0 is always printed as "default".
	This change is in preparation for changes such as equal-cost
	multipath, and to more generally assist operational deployment
	of FreeBSD as a modern IPv4 router.

20070210:
	PIM has been turned on by default in the IPv4 multicast
	routing code. The kernel option 'PIM' has now been removed.
	PIM is now built by default if option 'MROUTING' is specified.
	It may now be loaded into GENERIC kernels by loading the
	ip_mroute.ko module.

20070207:
	Support for IPIP tunnels (VIFF_TUNNEL) in IPv4 multicast routing
	has been removed. Its functionality may be achieved by explicitly
	configuring gif(4) interfaces and using the 'phyint' keyword in
	mrouted.conf.
	XORP does not support source-routed IPv4 multicast tunnels nor the
	integrated IPIP tunneling, therefore it is not affected by this
	change. The __FreeBSD_version macro has been bumped to 700030.

20061221:
	Support for PCI Message Signalled Interrupts has been
	re-enabled in the bge driver, only for those chips which are
	believed to support it properly.  If there are any problems,
	MSI can be disabled completely by setting the
	'hw.pci.enable_msi' and 'hw.pci.enable_msix' tunables to 0
	in the loader.

20061214:
	Support for PCI Message Signalled Interrupts has been
	disabled again in the bge driver.  Many revisions of the
	hardware fail to support it properly.  Support can be
	re-enabled by removing the #define of BGE_DISABLE_MSI in
	"src/sys/dev/bge/if_bge.c".

20061214:
	Support for PCI Message Signalled Interrupts has been added
	to the bge driver.  If there are any problems, MSI can be
	disabled completely by setting the 'hw.pci.enable_msi' and
	'hw.pci.enable_msix' tunables to 0 in the loader.

20061205:
	The removal of several facets of the experimental Threading
	system from the kernel means that the proc and thread structures
	have changed quite a bit. I suggest all kernel modules that might
	reference these structures be recompiled.. Especially the
	linux module.

20061126:
	Sound infrastructure has been updated with various fixes and
	improvements. Most of the changes are pretty much transparent,
	with exceptions of followings:
	1) All sound driver specific sysctls (hw.snd.pcm%d.*) have been
	   moved to their own dev sysctl nodes, for example:
		hw.snd.pcm0.vchans -> dev.pcm.0.vchans
	2) /dev/dspr%d.%d has been deprecated. Each channel now has its
	   own chardev in the form of "dsp%d.<function>%d", where <function>
	   is p = playback, r = record and v = virtual, respectively. Users
	   are encouraged to use these devs instead of (old) "/dev/dsp%d.%d".
	   This does not affect those who are using "/dev/dsp".

20061122:
	geom(4)'s gmirror(8) class metadata structure has been
	rev'd from v3 to v4. If you update across this point and
	your metadata is converted for you, you will not be easily
	able to downgrade since the /boot/kernel.old/geom_mirror.ko
	kernel module will be unable to read the v4 metadata.  You
	can resolve this by doing from the loader(8) prompt:

		set vfs.root.mountfrom="ufs:/dev/XXX"

	where XXX is the root slice of one of the disks that composed
	the mirror (i.e.: /dev/ad0s1a). You can then rebuild
	the array the same way you built it originally.

20061122:
	The following binaries have been disconnected from the build:
	mount_devfs, mount_ext2fs, mount_fdescfs, mount_procfs, mount_linprocfs,
	and mount_std.  The functionality of these programs has been
	moved into the mount program.  For example, to mount a devfs
	filesystem, instead of using mount_devfs, use: "mount -t devfs".
	This does not affect entries in /etc/fstab, since entries in
	/etc/fstab are always processed with "mount -t fstype".

20061113:
	Support for PCI Message Signalled Interrupts on i386 and amd64
	has been added to the kernel and various drivers will soon be
	updated to use MSI when it is available.  If there are any problems,
	MSI can be disabled completely by setting the 'hw.pci.enable_msi'
	and 'hw.pci.enable_msix' tunables to 0 in the loader.

20061110:
	The MUTEX_PROFILING option has been renamed to LOCK_PROFILING.
	The lockmgr object layout has been changed as a result of having
	a lock_object embedded in it. As a consequence all file system
	kernel modules must be re-compiled. The mutex profiling man page
	has not yet been updated to reflect this change.

20061026:
	KSE in the kernel has now been made optional and turned on by
	default. Use 'nooption KSE' in your kernel config to turn it
	off. All kernel modules *must* be recompiled after this change.
	There-after, modules from a KSE kernel should be compatible with
	modules from a NOKSE kernel due to the temporary padding fields
	added to 'struct proc'.

20060929:
	mrouted and its utilities have been removed from the base system.

20060927:
	Some ioctl(2) command codes have changed.  Full backward ABI
	compatibility is provided if the "options COMPAT_FREEBSD6" is
	present in the kernel configuration file.  Make sure to add
	this option to your kernel config file, or recompile X.Org
	and the rest of ports; otherwise they may refuse to work.

20060924:
	tcpslice has been removed from the base system.

20060913:
	The sizes of struct tcpcb (and struct xtcpcb) have changed due to
	the rewrite of TCP syncookies.  Tools like netstat, sockstat, and
	systat needs to be rebuilt.

20060903:
	libpcap updated to v0.9.4 and tcpdump to v3.9.4

20060816:
	The IPFIREWALL_FORWARD_EXTENDED option is gone and the behaviour
	for IPFIREWALL_FORWARD is now as it was before when it was first
	committed and for years after. The behaviour is now ON.

20060725:
	enigma(1)/crypt(1) utility has been changed on 64 bit architectures.
	Now it can decrypt files created from different architectures.
	Unfortunately, it is no longer able to decrypt a cipher text
	generated with an older version on 64 bit architectures.
	If you have such a file, you need old utility to decrypt it.

20060709:
	The interface version of the i4b kernel part has changed. So
	after updating the kernel sources and compiling a new kernel,
	the i4b user space tools in "/usr/src/usr.sbin/i4b" must also
	be rebuilt, and vice versa.

20060627:
	The XBOX kernel now defaults to the nfe(4) driver instead of
	the nve(4) driver. Please update your configuration
	accordingly.

20060514:
	The i386-only lnc(4) driver for the AMD Am7900 LANCE and Am79C9xx
	PCnet family of NICs has been removed. The new le(4) driver serves
	as an equivalent but cross-platform replacement with the pcn(4)
	driver still providing performance-optimized support for the subset
	of AMD Am79C971 PCnet-FAST and greater chips as before.

20060511:
	The machdep.* sysctls and the adjkerntz utility have been
	modified a bit.  The new adjkerntz utility uses the new
	sysctl names and sysctlbyname() calls, so it may be impossible
	to run an old /sbin/adjkerntz utility in single-user mode
	with a new kernel.  Replace the `adjkerntz -i' step before
	`make installworld' with:

	    /usr/obj/usr/src/sbin/adjkerntz/adjkerntz -i

	and proceed as usual with the rest of the installworld-stage
	steps.  Otherwise, you risk installing binaries with their
	timestamp set several hours in the future, especially if
	you are running with local time set to GMT+X hours.

20060412:
	The ip6fw utility has been removed.  The behavior provided by
	ip6fw has been in ipfw2 for a good while and the rc.d scripts
	have been updated to deal with it.  There are some rules that
	might not migrate cleanly.  Use rc.firewall6 as a template to
	rewrite rules.

20060428:
	The puc(4) driver has been overhauled. The ebus(4) and sbus(4)
	attachments have been removed. Make sure to configure scc(4)
	on sparc64. Note also that by default puc(4) will use uart(4)
	and not sio(4) for serial ports because interrupt handling has
	been optimized for multi-port serial cards and only uart(4)
	implements the interface to support it.

20060330:
	The scc(4) driver replaces puc(4) for Serial Communications
	Controllers (SCCs) like the Siemens SAB82532 and the Zilog
	Z8530. On sparc64, it is advised to add scc(4) to the kernel
	configuration to make sure that the serial ports remain
	functional.

20060317:
	Most world/kernel related NO_* build options changed names.
	New knobs have common prefixes WITHOUT_*/WITH_* (modelled
	after FreeBSD ports) and should be set in /etc/src.conf
	(the src.conf(5) manpage is provided).  Full backwards
	compatibility is maintained for the time being though it's
	highly recommended to start moving old options out of the
	system-wide /etc/make.conf file into the new /etc/src.conf
	while also properly renaming them.  More conversions will
	likely follow.  Posting to current@@:

	http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

20060305:
	The NETSMBCRYPTO kernel option has been retired because its
	functionality is always included in NETSMB and smbfs.ko now.

20060303:
	The TDFX_LINUX kernel option was retired and replaced by the
	tdfx_linux device.  The latter can be loaded as the 3dfx_linux.ko
	kernel module.  Loading it alone should suffice to get 3dfx support
	for Linux apps because it will pull in 3dfx.ko and linux.ko through
	its dependencies.

20060204:
	The 'audit' group was added to support the new auditing functionality
	in the base system.  Be sure to follow the directions for updating,
	including the requirement to run mergemaster -p.

20060201:
	The kernel ABI to file system modules was changed on i386.
	Please make sure that your kernel and modules are in sync.

20060118:
	This actually occured some time ago, but installing the kernel
	now also installs a bunch of symbol files for the kernel modules.
	This increases the size of /boot/kernel to about 67Mbytes. You
	will need twice this if you will eventually back this up to kernel.old
	on your next install.
	If you have a shortage of room in your root partition, you should add
	-DINSTALL_NODEBUG to your make arguments or add INSTALL_NODEBUG="yes"
	to your /etc/make.conf.

20060113:
	libc's malloc implementation has been replaced.  This change has the
	potential to uncover application bugs that previously went unnoticed.
	See the malloc(3) manual page for more details.

20060112:
	The generic netgraph(4) cookie has been changed. If you upgrade
	kernel passing this point, you also need to upgrade userland
	and netgraph(4) utilities like ports/net/mpd or ports/net/mpd4.

20060106:
	si(4)'s device files now contain the unit number.
	Uses of {cua,tty}A[0-9a-f] should be replaced by {cua,tty}A0[0-9a-f].

20060106:
	The kernel ABI was mostly destroyed due to a change in the size
	of struct lock_object which is nested in other structures such
	as mutexes which are nested in all sorts of other structures.
	Make sure your kernel and modules are in sync.

20051231:
	The page coloring algorithm in the VM subsystem was converted
	from tuning with kernel options to autotuning. Please remove
	any PQ_* option except PQ_NOOPT from your kernel config.

20051211:
	The net80211-related tools in the tools/tools/ath directory
	have been moved to tools/tools/net80211 and renamed with a
	"wlan" prefix.  Scripts that use them should be adjusted
	accordingly.

20051202:
	Scripts in the local_startup directories (as defined in
	/etc/defaults/rc.conf) that have the new rc.d semantics will
	now be run as part of the base system rcorder. If there are
	errors or problems with one of these local scripts, it could
	cause boot problems. If you encounter such problems, boot in
	single user mode, remove that script from the */rc.d directory.
	Please report the problem to the port's maintainer, and the
	freebsd-ports@@freebsd.org mailing list.

20051129:
	The nodev mount option was deprecated in RELENG_6 (where it
	was a no-op), and is now unsupported.  If you have nodev or dev listed
	in /etc/fstab, remove it, otherwise it will result in a mount error.

20051129:
	ABI between ipfw(4) and ipfw(8) has been changed. You need
	to rebuild ipfw(8) when rebuilding kernel.

20051108:
	rp(4)'s device files now contain the unit number.
	Uses of {cua,tty}R[0-9a-f] should be replaced by {cua,tty}R0[0-9a-f].

20051029:
	/etc/rc.d/ppp-user has been renamed to /etc/rc.d/ppp.
	Its /etc/rc.conf.d configuration file has been `ppp' from
	the beginning, and hence there is no need to touch it.

20051014:
	Now most modules get their build-time options from the kernel
	configuration file.  A few modules still have fixed options
	due to their non-conformant implementation, but they will be
	corrected eventually.  You may need to review the options of
	the modules in use, explicitly specify the non-default options
	in the kernel configuration file, and rebuild the kernel and
	modules afterwards.

20051001:
	kern.polling.enable sysctl MIB is now deprecated. Use ifconfig(8)
	to turn polling(4) on your interfaces.

20050927:
	The old bridge(4) implementation was retired.  The new
	if_bridge(4) serves as a full functional replacement.

20050722:
	The ai_addrlen of a struct addrinfo was changed to a socklen_t
	to conform to POSIX-2001.  This change broke an ABI
	compatibility on 64 bit architecture.  You have to recompile
	userland programs that use getaddrinfo(3) on 64 bit
	architecture.

20050711:
	RELENG_6 branched here.

20050629:
	The pccard_ifconfig rc.conf variable has been removed and a new
	variable, ifconfig_DEFAULT has been introduced.  Unlike
	pccard_ifconfig, ifconfig_DEFAULT applies to ALL interfaces that
	do not have ifconfig_ifn entries rather than just those in
	removable_interfaces.

20050616:
	Some previous versions of PAM have permitted the use of
	non-absolute paths in /etc/pam.conf or /etc/pam.d/* when referring
	to third party PAM modules in /usr/local/lib.  A change has been
	made to require the use of absolute paths in order to avoid
	ambiguity and dependence on library path configuration, which may
	affect existing configurations.

20050610:
	Major changes to network interface API.  All drivers must be
	recompiled.  Drivers not in the base system will need to be
	updated to the new APIs.

20050609:
	Changes were made to kinfo_proc in sys/user.h.  Please recompile
	userland, or commands like `fstat', `pkill', `ps', `top' and `w'
	will not behave correctly.

	The API and ABI for hwpmc(4) have changed with the addition
	of sampling support.  Please recompile lib/libpmc(3) and
	usr.sbin/{pmcstat,pmccontrol}.

20050606:
	The OpenBSD dhclient was imported in place of the ISC dhclient
	and the network interface configuration scripts were updated
	accordingly.  If you use DHCP to configure your interfaces, you
	must now run devd.  Also, DNS updating was lost so you will need
	to find a workaround if you use this feature.

	The '_dhcp' user was added to support the OpenBSD dhclient.  Be
	sure to run mergemaster -p (like you are supposed to do every time
	anyway).

20050605:
	if_bridge was added to the tree. This has changed struct ifnet.
	Please recompile userland and all network related modules.

20050603:
	The n_net of a struct netent was changed to an uint32_t, and
	1st argument of getnetbyaddr() was changed to an uint32_t, to
	conform to POSIX-2001.  These changes broke an ABI
	compatibility on 64 bit architecture.  With these changes,
	shlib major of libpcap was bumped.  You have to recompile
	userland programs that use getnetbyaddr(3), getnetbyname(3),
	getnetent(3) and/or libpcap on 64 bit architecture.

20050528:
	Kernel parsing of extra options on '#!' first lines of shell
	scripts has changed.  Lines with multiple options likely will
	fail after this date.  For full details, please see
		http://people.freebsd.org/~gad/Updating-20050528.txt

20050503:
	The packet filter (pf) code has been updated to OpenBSD 3.7
	Please note the changed anchor syntax and the fact that
	authpf(8) now needs a mounted fdescfs(5) to function.

20050415:
	The NO_MIXED_MODE kernel option has been removed from the i386
	amd64 platforms as its use has been superceded by the new local
	APIC timer code.  Any kernel config files containing this option
	should be updated.

20050227:
	The on-disk format of LC_CTYPE files was changed to be machine
	independent.  Please make sure NOT to use NO_CLEAN buildworld
	when crossing this point. Crossing this point also requires
	recompile or reinstall of all locale depended packages.

20050225:
	The ifi_epoch member of struct if_data has been changed to
	contain the uptime at which the interface was created or the
	statistics zeroed rather then the wall clock time because
	wallclock time may go backwards.  This should have no impact
	unless an snmp implementation is using this value (I know of
	none at this point.)

20050224:
	The acpi_perf and acpi_throttle drivers are now part of the
	acpi(4) main module.  They are no longer built separately.

20050223:
	The layout of struct image_params has changed. You have to
	recompile all compatibility modules (linux, svr4, etc) for use
	with the new kernel.

20050223:
	The p4tcc driver has been merged into cpufreq(4).  This makes
	"options CPU_ENABLE_TCC" obsolete.  Please load cpufreq.ko or
	compile in "device cpufreq" to restore this functionality.

20050220:
	The responsibility of recomputing the file system summary of
	a SoftUpdates-enabled dirty volume has been transferred to the
	background fsck.  A rebuild of fsck(8) utility is recommended
	if you have updated the kernel.

	To get the old behavior (recompute file system summary at mount
	time), you can set vfs.ffs.compute_summary_at_mount=1 before
	mounting the new volume.

20050206:
	The cpufreq import is complete.  As part of this, the sysctls for
	acpi(4) throttling have been removed.  The power_profile script
	has been updated, so you can use performance/economy_cpu_freq in
	rc.conf(5) to set AC on/offline cpu frequencies.

20050206:
	NG_VERSION has been increased. Recompiling kernel (or ng_socket.ko)
	requires recompiling libnetgraph and userland netgraph utilities.

20050114:
	Support for abbreviated forms of a number of ipfw options is
	now deprecated.  Warnings are printed to stderr indicating the
	correct full form when a match occurs.  Some abbreviations may
	be supported at a later date based on user feedback.  To be
	considered for support, abbreviations must be in use prior to
	this commit and unlikely to be confused with current key words.

20041221:
	By a popular demand, a lot of NOFOO options were renamed
	to NO_FOO (see bsd.compat.mk for a full list).  The old
	spellings are still supported, but will cause annoying
	warnings on stderr.  Make sure you upgrade properly (see
	the COMMON ITEMS: section later in this file).

20041219:
	Auto-loading of ancillary wlan modules such as wlan_wep has
	been temporarily disabled; you need to statically configure
	the modules you need into your kernel or explicitly load them
	prior to use.  Specifically, if you intend to use WEP encryption
	with an 802.11 device load/configure wlan_wep; if you want to
	use WPA with the ath driver load/configure wlan_tkip, wlan_ccmp,
	and wlan_xauth as required.

20041213:
	The behaviour of ppp(8) has changed slightly.  If lqr is enabled
	(``enable lqr''), older versions would revert to LCP ECHO mode on
	negotiation failure.  Now, ``enable echo'' is required for this
	behaviour.  The ppp version number has been bumped to 3.4.2 to
	reflect the change.

20041201:
	The wlan support has been updated to split the crypto support
	into separate modules.  For static WEP you must configure the
	wlan_wep module in your system or build and install the module
	in place where it can be loaded (the kernel will auto-load
	the module when a wep key is configured).

20041201:
	The ath driver has been updated to split the tx rate control
	algorithm into a separate module.  You need to include either
	ath_rate_onoe or ath_rate_amrr when configuring the kernel.

20041116:
	Support for systems with an 80386 CPU has been removed.  Please
	use FreeBSD 5.x or earlier on systems with an 80386.

20041110:
	We have had a hack which would mount the root filesystem
	R/W if the device were named 'md*'.  As part of the vnode
	work I'm doing I have had to remove this hack.  People
	building systems which use preloaded MD root filesystems
	may need to insert a "/sbin/mount -u -o rw /dev/md0 /" in
	their /etc/rc scripts.

20041104:
	FreeBSD 5.3 shipped here.

20041102:
	The size of struct tcpcb has changed again due to the removal
	of RFC1644 T/TCP.  You have to recompile userland programs that
	read kmem for tcp sockets directly (netstat, sockstat, etc.)

20041022:
	The size of struct tcpcb has changed.  You have to recompile
	userland programs that read kmem for tcp sockets directly
	(netstat, sockstat, etc.)

20041016:
	RELENG_5 branched here.  For older entries, please see updating
	in the RELENG_5 branch.

d771 7
a777 6
	Avoid using make -j when upgrading.  From time to time in the
	past there have been problems using -j with buildworld and/or
	installworld.  This is especially true when upgrading between
	"distant" versions (eg one that cross a major release boundary
	or several minor releases, or when several months have passed
	on the -current branch).
d781 9
a789 11
	environment when searching for values for global variables.
	To run your build attempts in an "environmental clean room",
	prefix all make commands with 'env -i '.  See the env(1) manual
	page for more details.

	When upgrading from one major version to another it is generally
	best to upgrade to the latest code in the currently installed branch
	first, then do an upgrade to the new branch. This is the best-tested
	upgrade path, and has the highest probability of being successful.
	Please try this approach before reporting problems with a major
	version upgrade.
d811 1
a811 1
	This assumes you are already running a 5.X system.  Replace
d813 1
a813 1
	"alpha", "amd64", "ia64", "pc98", "sparc64", etc).
d865 1
a865 1
	To upgrade in-place from 5.x-stable to current
d917 6
a922 5
	[8] In order to have a kernel that can run the 4.x binaries
	needed to do an installworld, you must include the COMPAT_FREEBSD4
	option in your kernel.  Failure to do so may leave you with a system
	that is hard to boot to recover. A similar kernel option COMPAT_FREEBSD5
	is required to run the 5.x binaries on more recent kernels.
d946 1
a946 1
Copyright 1998-2005 M. Warner Losh.  All Rights Reserved.
a963 3
If you find this document useful, and you want to, you may buy the
author a beer.

@


1.633
log
@SVN rev 196196 on 2009-08-13 17:09:45Z by attilio

* Completely Remove the option STOP_NMI from the kernel.  This option
has proven to have a good effect when entering KDB by using a NMI,
but it completely violates all the good rules about interrupts
disabled while holding a spinlock in other occasions.  This can be the
cause of deadlocks on events where a normal IPI_STOP is expected.
* Adds an new IPI called IPI_STOP_HARD on all the supported architectures.
This IPI is responsible for sending a stop message among CPUs using a
privileged channel when disponible. In other cases it just does match a
normal IPI_STOP.
Right now the IPI_STOP_HARD functionality uses a NMI on ia32 and amd64
architectures, while on the other has a normal IPI_STOP effect. It is
responsibility of maintainers to eventually implement an hard stop
when necessary and possible.
* Use the new IPI facility in order to implement a new userend SMP kernel
function called stop_cpus_hard(). That is specular to stop_cpu() but
it does use the privileged channel for the stopping facility.
* Let KDB use the newly introduced function stop_cpus_hard() and leave
stop_cpus() for all the other cases
* Disable interrupts on CPU0 when starting the process of APs suspension.
* Style cleanup and comments adding

This patch should fix the reboot/shutdown deadlocks many users are
constantly reporting on mailing lists.

Please don't forget to update your config file with the STOP_NMI
option removal

Reviewed by:	jhb
Tested by:	pho, bz, rink
Approved by:	re (kib)
@
text
@d11 2
a12 2
NOTE TO PEOPLE WHO THINK THAT FreeBSD 8.x IS SLOW:
	FreeBSD 8.x has many debugging features turned on, in
@


1.632
log
@SVN rev 195896 on 2009-07-26 20:12:06Z by kib

Note that COMPAT_43 requires COMPAT_FREEBSD7 too.

Submitted by:	Steve Kargl
Approved by:	re (kensmith)
@
text
@d25 6
@


1.632.2.1
log
@SVN rev 196045 on 2009-08-03 08:13:06Z by kensmith

Copy head to stable/8 as part of 8.0 Release cycle.

Approved by:	re (Implicit)
@
text
@@


1.632.2.2
log
@SVN rev 196047 on 2009-08-03 09:42:11Z by kensmith

Note when RELENG_8 branch was created.

Approved by:	re (implicit)
@
text
@a24 3
20090803:
	RELENG_8 branched.

@


1.632.2.3
log
@SVN rev 196198 on 2009-08-13 17:54:11Z by attilio

MFC r196196:

* Completely remove the option STOP_NMI from the kernel.  This option
  has proven to have a good effect when entering KDB by using a NMI,
  but it completely violates all the good rules about interrupts
  disabled while holding a spinlock in other occasions.  This can be the
  cause of deadlocks on events where a normal IPI_STOP is expected.
* Add an new IPI called IPI_STOP_HARD on all the supported architectures.
  This IPI is responsible for sending a stop message among CPUs using a
  privileged channel when disponible. In other cases it just does match a
  normal IPI_STOP.
  Right now the IPI_STOP_HARD functionality uses a NMI on ia32 and amd64
  architectures, while on the other has a normal IPI_STOP effect. It is
  responsibility of maintainers to eventually implement an hard stop
  when necessary and possible.
* Use the new IPI facility in order to implement a new userend SMP kernel
  function called stop_cpus_hard(). That is specular to stop_cpu() but
  it does use the privileged channel for the stopping facility.
* Let KDB use the newly introduced function stop_cpus_hard() and leave
  stop_cpus() for all the other cases
* Disable interrupts on CPU0 when starting the process of APs suspension.
* Style cleanup and comments adding

This patch should fix the reboot/shutdown deadlocks many users are
constantly reporting on mailing lists.

Please don't forget to update your config file with the STOP_NMI
option removal

Reviewed by:  jhb
Tested by:    pho, bz, rink
Approved by:  re (kib)
@
text
@a24 6
20090813:
	Remove the option STOP_NMI.  The default action is now to use NMI
	only for KDB via the newly introduced function stop_cpus_hard()
	and maintain stop_cpus() to just use a normal IPI_STOP on ia32
	and amd64.

@


1.632.2.4
log
@SVN rev 197215 on 2009-09-15 11:13:40Z by pjd

MFC r196456,r196457,r196458,r196662,r196702,r196703,r196919,r196927,r196928,
r196943,r196944,r196947,r196950,r196953,r196954,r196965,r196978,r196979,
r196980,r196982,r196985,r196992,r197131,r197133,r197150,r197151,r197152,
r197153,r197167,r197172,r197177,r197200,r197201:

r196456:
- Give minclsyspri and maxclsyspri real values (consulted with kmacy).
- Honour 'pri' argument for thread_create().

r196457:
Set priority of vdev_geom threads and zvol threads to PRIBIO.

r196458:
- Hide ZFS kernel threads under zfskern process.
- Use better (shorter) threads names:
	'zvol:worker zvol/tank/vol00' -> 'zvol tank/vol00'
	'vdev:worker da0' -> 'vdev da0'

r196662:
Add missing mountpoint vnode locking.
This fixes panic on assertion with DEBUG_VFS_LOCKS and vfs.usermount=1 when
regular user tries to mount dataset owned by him.

r196702:
Remove empty directory.

r196703:
Backport the 'dirtying dbuf' panic fix from newer ZFS version.

Reported by:	Thomas Backman <serenity@@exscape.org>

r196919:
bzero() on-stack argument, so mutex_init() won't misinterpret that the
lock is already initialized if we have some garbage on the stack.

PR:	kern/135480
Reported by:	Emil Mikulic <emikulic@@gmail.com>

r196927:
Changing provider size is not really supported by GEOM, but doing so when
provider is closed should be ok.
When administrator requests to change ZVOL size do it immediately if ZVOL
is closed or do it on last ZVOL close.

PR:	kern/136942
Requested by:	Bernard Buri <bsd@@ask-us.at>

r196928:
Teach zdb(8) how to obtain GEOM provider size.

PR:	kern/133134
Reported by:	Philipp Wuensche <cryx-freebsd@@h3q.com>

r196943:
- Avoid holding mutex around M_WAITOK allocations.
- Add locking for mnt_opt field.

r196944:
Don't recheck ownership on update mount. This will eliminate LOR between
vfs_busy() and mount mutex. We check ownership in vfs_domount() anyway.

Noticed by:	kib
Reviewed by:	kib

r196947:
Defer thread start until we set priority.

Reviewed by:	kib

r196950:
Fix detection of file system being shared. Now zfs unshare/destroy/rename
command will properly remove exported file systems.

r196953:
When snapshot mount point is busy (for example we are still in it)
we will fail to unmount it, but it won't be removed from the tree,
so in that case there is no need to reinsert it.

Reported by:	trasz

r196954:
If we have to use avl_find(), optimize a bit and use avl_insert() instead of
avl_add() (the latter is actually a wrapper around avl_find() + avl_insert()).
Fix similar case in the code that is currently commented out.

r196965:
Fix reference count leak for a case where snapshot's mount point is updated.

r196978:
Call ZFS_EXIT() after locking the vnode.

r196979:
On FreeBSD we don't have to look for snapshot's mount point,
because fhtovp method is already called with proper mount point.

r196980:
When we automatically mount snapshot we want to return vnode of the mount point
from the lookup and not covered vnode. This is one of the fixes for using .zfs/
over NFS.

r196982:
We don't export individual snapshots, so mnt_export field in snapshot's
mount point is NULL. That's why when we try to access snapshots over NFS
use mnt_export field from the parent file system.

r196985:
Only log successful commands! Without this fix we log even unsuccessful
commands executed by unprivileged users. Action is not really taken, but it is
logged to pool history, which might be confusing.

Reported by:	Denis Ahrens <denis@@h3q.com>

r196992:
Implement __assert() for Solaris-specific code. Until now Solaris code was
using Solaris prototype for __assert(), but FreeBSD's implementation.
Both take different arguments, so we were either core-dumping in assert()
or printing garbage.

Reported by:	avg

r197131:
Tighten up the check for race in zfs_zget() - ZTOV(zp) can not only contain
NULL, but also can point to dead vnode, take that into account.

PR:	kern/132068
Reported by:	Edward Fisk <7ogcg7g02@@sneakemail.com>, kris
Fix based on patch from:	Jaakko Heinonen <jh@@saunalahti.fi>

r197133:
- Protect reclaim with z_teardown_inactive_lock.
- Be prepared for dbuf to disappear in zfs_reclaim_complete() and check if
  z_dbuf field is NULL - this might happen in case of rollback or forced
  unmount between zfs_freebsd_reclaim() and zfs_reclaim_complete().
- On forced unmount wait for all znodes to be destroyed - destruction can be
  done asynchronously via zfs_reclaim_complete().

r197150:
There is a bug where mze_insert() can trigger an assert() of inserting
the same entry twice. This bug is not fixed yet, but leads to situation
where when try to access corrupted directory the kernel will panic.
Until the bug is properly fixed, try to recover from it and log that it
happened.

Reported by:	marck
OpenSolaris bug:	6709336

r197151:
Be sure not to overflow struct fid.

r197152:
Extend scope of the z_teardown_lock lock for consistency and "just in case".

r197153:
When zfs.ko is compiled with debug, make sure that znode and vnode point at
each other.

r197167:
Work-around READDIRPLUS problem with .zfs/ and .zfs/snapshot/ directories
by just returning EOPNOTSUPP. This will allow NFS server to fall back to
regular READDIR.
Note that converting inode number to snapshot's vnode is expensive operation.
Snapshots are stored in AVL tree, but based on their names, not inode numbers,
so to convert inode to snapshot vnode we have to interate over all snalshots.
This is not a problem in OpenSolaris, because in their READDIRPLUS
implementation they use VOP_LOOKUP() on d_name, instead of VFS_VGET() on
d_fileno as we do.

PR:	kern/125149
Reported by:	Weldon Godfrey <wgodfrey@@ena.com>
Analysis by:	Jaakko Heinonen <jh@@saunalahti.fi>

r197172:
Add missing \n.

Reported by:	marck

r197177:
Support both case: when snapshot is already mounted and when it is not yet
mounted.

r197200:
Modify mount(8) to skip MNT_IGNORE file systems by default, just like df(1)
does. This is not POLA violation, because there is no single file system in the
base that use MNT_IGNORE currently, although ZFS snapshots will be mounted with
MNT_IGNORE after next commit.

Reviewed by:	kib

r197201:
- Mount ZFS snapshots with MNT_IGNORE flag, so they are not visible in regular
  df(1) and mount(8) output. This is a bit smilar to OpenSolaris and follows
  ZFS route of not listing snapshots by default with 'zfs list' command.
- Add UPDATING entry to note that ZFS snapshots are no longer visible in
  mount(8) and df(1) output by default.

Reviewed by:	kib

Approved by:	re (bz)
@
text
@a24 4
20090915:
	ZFS snapshots are now mounted with MNT_IGNORE flag. Use -v option for
	mount(8) and -a option for df(1) to see them.

@


1.632.2.5
log
@SVN rev 197615 on 2009-09-29 12:20:10Z by rpaulo

Mention 802.11s D3.03 support.

Approved by:	re (implicit)
@
text
@a24 4
20090929:
	802.11s D3.03 support was committed. This is incompatible with
	the previous code, which was based on D3.0.

@


1.632.2.6
log
@SVN rev 197623 on 2009-09-29 19:57:06Z by kensmith

Update description of debugging support.

Submitted by:	ivoras (but heavily modified)
Pointy hat:	me
Approved by:	re (implicit)
@
text
@d11 13
a23 6
NOTE TO PEOPLE WHO THINK THAT FreeBSD 8.x IS SLOW ON IA64 OR SUN4V:
	For ia64 the INVARIANTS and INVARIANTS_SUPPORT kernel options
	were left in the GENERIC kernel because the kernel does not
	work properly without them.  For sun4v all of the normal kernel
	debugging tools present in HEAD were left in place because
	sun4v support still needs work to become production ready.
@


1.632.2.7
log
@SVN rev 197642 on 2009-09-30 12:53:21Z by kensmith

Remove an extra 'S' that snuck in.

Submitted by:	danfe
Approved by:	re (implicit)
@
text
@d12 1
a12 1
	For ia64 the INVARIANTS and INVARIANT_SUPPORT kernel options
@


1.632.2.8
log
@SVN rev 198574 on 2009-10-29 09:58:16Z by mav

MFC rev. 198480, 198483:
Document new modularised ATA kernel modules and options.

PR:             kern/133162, amd64/139859
@
text
@a568 9
20081009:
	atapci kernel module now includes only generic PCI ATA
	driver. AHCI driver moved to ataahci kernel module.
	All vendor-specific code moved into separate kernel modules:
	ataacard, ataacerlabs, ataadaptec, ataamd, ataati, atacenatek,
	atacypress, atacyrix, atahighpoint, ataintel, ataite, atajmicron,
	atamarvell, atamicron, atanational, atanetcell, atanvidia,
	atapromise, ataserverworks, atasiliconimage, atasis, atavia

@


1.632.2.9
log
@SVN rev 199167 on 2009-11-11 02:07:01Z by thompsa

MFC r198859

 Belatedly add an UPDATING message for the usb ethernet ifnet naming in r188412.
@
text
@a473 5
20090209:
	All USB ethernet devices now attach as interfaces under the name ueN
	(eg. ue0). This is to provide a predictable name as vendors often
	change usb chipsets in a product without notice.

@


1.632.2.10
log
@SVN rev 202966 on 2010-01-25 12:05:51Z by attilio

MFC r201879:
Introduce the new kernel thread called "deadlock resolver".
It is used in order to seek within the threads state and heuristically
understand if there is any deadlock happening.

In order to implement it, the sq_type in sleepqueues is mandatory and not
only compiled along with INVARIANTS option. Additively, a new sleepqueue
function, sleepq_type() is added, returning the type of the sleepqueue
linked to a wchan.
Three new sysctls are added in order to configure the thread:
debug.deadlkres.slptime_threshold
debug.deadlkres.blktime_threshold
debug.deadlkres.sleepfreq

rappresenting the thresholds for sleep and block time that will lead to
a deadlock matching (when exceeded), while the sleepfreq rappresents the
number of seconds between 2 consecutive thread runnings.
In order to enable the deadlock resolver thread recompile your kernel
with the option DEADLKRES.

Sponsored by:	Sandvine Incorporated
@
text
@a17 5
20100125:
	Introduce the kernel thread "deadlock resolver" (which can be enabled
	via the DEADLKRES option, see NOTES for more details) and the
	sleepq_type() function for sleepqueues.

@


1.632.2.11
log
@SVN rev 206336 on 2010-04-07 02:24:41Z by nwhitehorn

MFC r205014,205015:

Provide groundwork for 32-bit binary compatibility on non-x86 platforms,
for upcoming 64-bit PowerPC and MIPS support. This renames the COMPAT_IA32
option to COMPAT_FREEBSD32, removes some IA32-specific code from MI parts
of the kernel and enhances the freebsd32 compatibility code to support
big-endian platforms.

This MFC is required for MFCs of later changes to the freebsd32
compatibility from HEAD.

Requested by:	kib
@
text
@a17 6
20100406:
	The kernel option COMPAT_IA32 has been replaced with COMPAT_FREEBSD32
	to allow 32-bit compatibility on non-x86 platforms. All kernel
	configurations on amd64 and ia64 platforms using these options must
	be modified accordingly.

@


1.632.2.12
log
@SVN rev 206382 on 2010-04-07 19:04:36Z by ume

MFC r200028, r201193, r201752, r201930, r202460, r200672, r206375:
Unify rc.firewall and rc.firewall6, and obsolete rc.firewall6 and
rc.d/ip6fw.
@
text
@a17 13
20100408:
	The rc.firewall and rc.firewall6 were unified, and
	rc.firewall6 and rc.d/ip6fw were removed.
	According to the removal of rc.d/ip6fw, ipv6_firewall_* rc
	variables are obsoleted.  Instead, the following new rc
	variables are added to rc.d/ipfw:

		firewall_client_net_ipv6, firewall_simple_iif_ipv6,
		firewall_simple_inet_ipv6, firewall_simple_oif_ipv6,
		firewall_simple_onet_ipv6

	The meanings correspond to the relevant IPv4 variables.

@


1.632.2.13
log
@SVN rev 207497 on 2010-05-02 06:34:13Z by imp

Comment on new config version that's now required for amd64 and ia64.
Comment on the confusing error message from Apr 17th-May 2nd generated
by config(8) as well.
@
text
@a17 11
20100502:
	The config(8) command has been updated to maintain compatibility
	with config files from 8.0-RELEASE.  You will need a new version
	of config to build kernels (this version can be used from 8.0-RELEASE
	forward).  The buildworld target will generate it, so following
	the instructions in this file for updating will work glitch-free.
	Merely doing a make buildkernel without first doing a make buildworld
	(or kernel-toolchain), or attempting to build a kernel using
	traidtional methods will generate a config version warning, indicating
	you should update.

a30 6
20100417:
	COMPAT_IA32 has been added as an alias for COMPAT_FREEBDS32.  A new
	version of config(8) is required.  The error message when you hit this
	condition is confusing (COMPAT_FREEBSD32 duplicate option), when it
	should really say "your config is too old to compile this new kernel."

@


1.632.2.14
log
@SVN rev 208848 on 2010-06-05 18:30:42Z by gavin

Fix typo (COMPAT_FREEBDS32 -> COMPAT_FREEBSD32)

Direct commit to stable/8 as this text isn't in head.

PR:		docs/147497
Submitted by:	Jack Low <xxjack12xx gmail.com>
Approved by:	re (kib)
@
text
@d43 1
a43 1
	COMPAT_IA32 has been added as an alias for COMPAT_FREEBSD32.  A new
@


1.632.2.15
log
@SVN rev 210185 on 2010-07-17 04:35:02Z by kensmith

Predict the date we'll be ready to announce 8.1-RELEASE.  While here
add the entry for 8.0-RELEASE which was added to releng/8.0/UPDATING
during the 8.0-RELEASE cycle but not to stable/8/UPDATING at that time.
@
text
@a17 3
20100720:
	8.1-RELEASE.

a58 3
20091125:
	8.0-RELEASE.

@


1.632.2.16
log
@SVN rev 212668 on 2010-09-15 16:05:40Z by mm

MFC r209962, r211970-r211972, r212050, r212605, r212611

MFC r209962:

Merge ZFS version 15 and almost all OpenSolaris bugfixes referenced
in Solaris 10 updates 141445-09 and 142901-14.

Detailed information:
(OpenSolaris revisions and Bug IDs, Solaris 10 patch numbers)

7844:effed23820ae
6755435 zfs_open() and zfs_close() needs to use ZFS_ENTER/ZFS_VERIFY_ZP (141445-01)

7897:e520d8258820
6748436 inconsistent zpool.cache in boot_archive could panic a zfs root filesystem upon boot-up (141445-01)

7965:b795da521357
6740164 zpool attach can create an illegal root pool (141909-02)

8084:b811cc60d650
6769612 zpool_import() will continue to write to cachefile even if altroot is set (N/A)

8121:7fd09d4ebd9c
6757430 want an option for zdb to disable space map loading and leak tracking (141445-01)

8129:e4f45a0bfbb0
6542860 ASSERT: reason != VDEV_LABEL_REMOVE||vdev_inuse(vd, crtxg, reason, 0) (141445-01)

8188:fd00c0a81e80
6761100 want zdb option to select older uberblocks (141445-01)

8190:6eeea43ced42
6774886 zfs_setattr() won't allow ndmp to restore SUNWattr_rw (141445-01)

8225:59a9961c2aeb
6737463 panic while trying to write out config file if root pool import fails (141445-01)

8227:f7d7be9b1f56
6765294 Refactor replay (141445-01)

8228:51e9ca9ee3a5
6572357 libzfs should do more to avoid mnttab lookups (141909-01)
6572376 zfs_iter_filesystems and zfs_iter_snapshots get objset stats twice (141909-01)

8241:5a60f16123ba
6328632 zpool offline is a bit too conservative (141445-01)
6739487 ASSERT: txg <= spa_final_txg due to scrub/export race (141445-01)
6767129 ASSERT: cvd->vdev_isspare, in spa_vdev_detach() (141445-01)
6747698 checksum failures after offline -t / export / import / scrub (141445-01)
6745863 ZFS writes to disk after it has been offlined (141445-01)
6722540 50% slowdown on scrub/resilver with certain vdev configurations (141445-01)
6759999 resilver logic rewrites ditto blocks on both source and destination (141445-01)
6758107 I/O should never suspend during spa_load() (141445-01)
6776548 codereview(1) runs off the page when faced with multi-line comments (N/A)
6761406 AMD errata 91 workaround doesn't work on 64-bit systems (141445-01)

8242:e46e4b2f0a03
6770866 GRUB/ZFS should require physical path or devid, but not both (141445-01)

8269:03a7e9050cfd
6674216 "zfs share" doesn't work, but "zfs set sharenfs=on" does (141445-01)
6621164 $SRC/cmd/zfs/zfs_main.c seems to have a syntax error in the translation note (141445-01)
6635482 i18n problems in libzfs_dataset.c and zfs_main.c (141445-01)
6595194 "zfs get" VALUE column is as wide as NAME (141445-01)
6722991 vdev_disk.c: error checking for ddi_pathname_to_dev_t() must test for NODEV (141445-01)
6396518 ASSERT strings shouldn't be pre-processed (141445-01)

8274:846b39508aff
6713916 scrub/resilver needlessly decompress data (141445-01)

8343:655db2375fed
6739553 libzfs_status msgid table is out of sync (141445-01)
6784104 libzfs unfairly rejects numerical values greater than 2^63 (141445-01)
6784108 zfs_realloc() should not free original memory on failure (141445-01)

8525:e0e0e525d0f8
6788830 set large value to reservation cause core dump (141445-01)
6791064 want sysevents for ZFS scrub (141445-01)
6791066 need to be able to set cachefile on faulted pools (141445-01)
6791071 zpool_do_import() should not enable datasets on faulted pools (141445-01)
6792134 getting multiple properties on a faulted pool leads to confusion (141445-01)

8547:bcc7b46e5ff7
6792884 Vista clients cannot access .zfs (141445-01)

8632:36ef517870a3
6798384 It can take a village to raise a zio (141445-01)

8636:7e4ce9158df3
6551866 deadlock between zfs_write(), zfs_freesp(), and zfs_putapage() (141909-01)
6504953 zfs_getpage() misunderstands VOP_GETPAGE() interface (141909-01)
6702206 ZFS read/writer lock contention throttles sendfile() benchmark (141445-01)
6780491 Zone on a ZFS filesystem has poor fork/exec performance (141445-01)
6747596 assertion failed: DVA_EQUAL(BP_IDENTITY(&zio->io_bp_orig), BP_IDENTITY(zio->io_bp))); (141445-01)

8692:692d4668b40d
6801507 ZFS read aggregation should not mind the gap (141445-01)

8697:e62d2612c14d
6633095 creating a filesystem with many properties set is slow (141445-01)

8768:dfecfdbb27ed
6775697 oracle crashes when overwriting after hitting quota on zfs (141909-01)

8811:f8deccf701cf
6790687 libzfs mnttab caching ignores external changes (141445-01)
6791101 memory leak from libzfs_mnttab_init (141445-01)

8845:91af0d9c0790
6800942 smb_session_create() incorrectly stores IP addresses (N/A)
6582163 Access Control List (ACL) for shares (141445-01)
6804954 smb_search - shortname field should be space padded following the NULL terminator (N/A)
6800184 Panic at smb_oplock_conflict+0x35() (N/A)

8876:59d2e67b4b65
6803822 Reboot after replacement of system disk in a ZFS mirror drops to grub> prompt (141445-01)

8924:5af812f84759
6789318 coredump when issue zdb -uuuu poolname/ (141445-01)
6790345 zdb -dddd -e poolname coredump (141445-01)
6797109 zdb: 'zdb -dddddd pool_name/fs_name inode' coredump if the file with inode was deleted (141445-01)
6797118 zdb: 'zdb -dddddd poolname inum' coredump if I miss the fs name (141445-01)
6803343 shareiscsi=on failed, iscsitgtd failed request to share (141445-01)

9030:243fd360d81f
6815893 hang mounting a dataset after booting into a new boot environment (141445-01)

9056:826e1858a846
6809691 'zpool create -f' no longer overwrites ufs infomation (141445-01)

9179:d8fbd96b79b3
6790064 zfs needs to determine uid and gid earlier in create process (141445-01)

9214:8d350e5d04aa
6604992 forced unmount + being in .zfs/snapshot/<snap1> = not happy (141909-01)
6810367 assertion failed: dvp->v_flag & VROOT, file: ../../common/fs/gfs.c, line: 426 (141909-01)

9229:e3f8b41e5db4
6807765 ztest_dsl_dataset_promote_busy needs to clean up after ENOSPC (141445-01)

9230:e4561e3eb1ef
6821169 offlining a device results in checksum errors (141445-01)
6821170 ZFS should not increment error stats for unavailable devices (141445-01)
6824006 need to increase issue and interrupt taskqs threads in zfs (141445-01)

9234:bffdc4fc05c4
6792139 recovering from a suspended pool needs some work (141445-01)
6794830 reboot command hangs on a failed zfs pool (141445-01)

9246:67c03c93c071
6824062 System panicked in zfs_mount due to NULL pointer dereference when running btts and svvs tests (141909-01)

9276:a8a7fc849933
6816124 System crash running zpool destroy on broken zpool (141445-03)

9355:09928982c591
6818183 zfs snapshot -r is slow due to set_snap_props() doing txg_wait_synced() for each new snapshot (141445-03)

9391:413d0661ef33
6710376 log device can show incorrect status when other parts of pool are degraded (141445-03)

9396:f41cf682d0d3 (part already merged)
6501037 want user/group quotas on ZFS (141445-03)
6827260 assertion failed in arc_read(): hdr == pbuf->b_hdr (141445-03)
6815592 panic: No such hold X on refcount Y from zfs_znode_move (141445-03)
6759986 zfs list shows temporary %clone when doing online zfs recv (141445-03)

9404:319573cd93f8
6774713 zfs ignores canmount=noauto when sharenfs property != off (141445-03)

9412:4aefd8704ce0
6717022 ZFS DMU needs zero-copy support (141445-03)

9425:e7ffacaec3a8
6799895 spa_add_spares() needs to be protected by config lock (141445-03)
6826466 want to post sysevents on hot spare activation (141445-03)
6826468 spa 'allowfaulted' needs some work (141445-03)
6826469 kernel support for storing vdev FRU information (141445-03)
6826470 skip posting checksum errors from DTL regions of leaf vdevs (141445-03)
6826471 I/O errors after device remove probe can confuse FMA (141445-03)
6826472 spares should enjoy some of the benefits of cache devices (141445-03)

9443:2a96d8478e95
6833711 gang leaders shouldn't have to be logical (141445-03)

9463:d0bd231c7518
6764124 want zdb to be able to checksum metadata blocks only (141445-03)

9465:8372081b8019
6830237 zfs panic in zfs_groupmember() (141445-03)

9466:1fdfd1fed9c4
6833162 phantom log device in zpool status (141445-03)

9469:4f68f041ddcd
6824968 add ZFS userquota support to rquotad (141445-03)

9470:6d827468d7b5
6834217 godfather I/O should reexecute (141445-03)

9480:fcff33da767f
6596237 Stop looking and start ganging (141909-02)

9493:9933d599bc93
6623978 lwb->lwb_buf != NULL, file ../../../uts/common/fs/zfs/zil.c, line 787, function zil_lwb_commit (141445-06)

9512:64cafcbcc337
6801810 Commit of aligned streaming rewrites to ZIL device causes unwanted disk reads (N/A)

9515:d3b739d9d043
6586537 async zio taskqs can block out userland commands (142901-09)

9554:787363635b6a
6836768 zfs_userspace() callback has no way to indicate failure (N/A)

9574:1eb6a6ab2c57
6838062 zfs panics when an error is encountered in space_map_load() (141909-02)

9583:b0696cd037cc
6794136 Panic BAD TRAP: type=e when importing degraded zraid pool. (141909-03)

9630:e25a03f552e0
6776104 "zfs import" deadlock between spa_unload() and spa_async_thread() (141445-06)

9653:a70048a304d1
6664765 Unable to remove files when using fat-zap and quota exceeded on ZFS filesystem (141445-06)

9688:127be1845343
6841321 zfs userspace / zfs get userused@@ doesn't work on mounted snapshot (N/A)
6843069 zfs get userused@@S-1-... doesn't work (N/A)

9873:8ddc892eca6e
6847229 assertion failed: refcount_count(&tx->tx_space_written) + delta <= tx->tx_space_towrite in dmu_tx.c (141445-06)

9904:d260bd3fd47c
6838344 kernel heap corruption detected on zil while stress testing (141445-06)

9951:a4895b3dd543
6844900 zfs_ioc_userspace_upgrade leaks (N/A)

10040:38b25aeeaf7a
6857012 zfs panics on zpool import (141445-06)

10000:241a51d8720c
6848242 zdb -e no longer works as expected (N/A)

10100:4a6965f6bef8
6856634 snv_117 not booting: zfs_parse_bootfs: error2 (141445-07)

10160:a45b03783d44
6861983 zfs should use new name <-> SID interfaces (N/A)
6862984 userquota commands can hang (141445-06)

10299:80845694147f
6696858 zfs receive of incremental replication stream can dereference NULL pointer and crash (N/A)

10302:a9e3d1987706
6696858 zfs receive of incremental replication stream can dereference NULL pointer and crash (fix lint) (N/A)

10575:2a8816c5173b (partial merge)
6882227 spa_async_remove() shouldn't do a full clear (142901-14)

10800:469478b180d9
6880764 fsync on zfs is broken if writes are greater than 32kb on a hard crash and no log attached (142901-09)
6793430 zdb -ivvvv assertion failure: bp->blk_cksum.zc_word[2] == dmu_objset_id(zilog->zl_os) (N/A)

10801:e0bf032e8673 (partial merge)
6822816 assertion failed: zap_remove_int(ds_next_clones_obj) returns ENOENT (142901-09)

10810:b6b161a6ae4a
6892298 buf->b_hdr->b_state != arc_anon, file: ../../common/fs/zfs/arc.c, line: 2849 (142901-09)

10890:499786962772
6807339 spurious checksum errors when replacing a vdev (142901-13)

11249:6c30f7dfc97b
6906110 bad trap panic in zil_replay_log_record (142901-13)
6906946 zfs replay isn't handling uid/gid correctly (142901-13)

11454:6e69bacc1a5a
6898245 suspended zpool should not cause rest of the zfs/zpool commands to hang (142901-10)

11546:42ea6be8961b (partial merge)
6833999 3-way deadlock in dsl_dataset_hold_ref() and dsl_sync_task_group_sync() (142901-09)

MFC r211970:

Fix 'zfs allow' (maybe not only) returning:

        cannot access dataset system/usr/home: Operation not supported

by including libzfs_impl.h. What libzfs_impl.h does is to redefine ioctl() to
be compatible with OpenSolaris. More specifically OpenSolaris returns ENOMEM
when buffer is too small and sets field zc_nvlist_dst_size to the size that
will be big enough for the data. In FreeBSD case ioctl() doesn't copy data
structure back in case of a failure. We work-around it in kernel and libzfs by
returning 0 from ioctl() and always checking if zc_nvlist_dst_size hasn't
changed. For this work-around to work in pyzfs we need this compatible ioctl()
which is implemented in libzfs_impl.h.

MFC r211971:

Print errors on stderr.

MFC r211972:

Give user a hint what to do when /usr/lib/zfs/pyzfs.py is missing.

MFC r212050:

When upgrading a pool which contain root file system, give user a hint that
he should update boot code.

MFC r212605:

Add missing vop_vector zfsctl_ops_shares
Add missing locks around VOP_READDIR and VOP_GETATTR with z_shares_dir

MFC r212611:

Remove duplicated VFS_HOLD due to a mismerge.

Approved by:	delphij (mentor)
Obtained from:	OpenSolaris (multiple Bug IDs), Perforce (pjd)
@
text
@a17 7
20100915:
	A new version of ZFS (version 15) has been merged.
	This version uses a python library for the following subcommands:
	zfs allow, zfs unallow, zfs groupspace, zfs userspace.
	For full functionality of these commands the following port must
	be installed: sysutils/py-zfs

a1560 16
	ZFS notes
	---------
	When upgrading the boot ZFS pool to a new version, always follow
	these two steps:

	1.) recompile and reinstall the ZFS boot loader and boot block
	(this is part of "make buildworld" and "make installworld")

	2.) update the ZFS boot block on your boot drive

	The following example updates the ZFS boot block on the first
	partition (freebsd-boot) of a GPT partitioned drive ad0:
	"gpart bootcode -p /boot/gptzfsboot -i 1 ad0"

	Non-boot pools do not need these updates.

@


1.632.2.17
log
@SVN rev 214199 on 2010-10-22 08:46:22Z by avg

add UPDATING entry for r214198: removed ld bug workaround

This is a direct commit to the branch.
@
text
@a17 8
20101022:
	A workaround for a fixed ld bug has been removed in kernel code,
	so make sure that your system ld is built from sources after
	revision 211583 (r210245 if building stable/8 kernel on head,
	r211584 for stable/7).  A symptom of incorrect ld version is
	different addresses for set_pcpu section and __start_set_pcpu
	symbol in kernel and/or modules.

@


1.632.2.18
log
@SVN rev 214323 on 2010-10-25 07:36:39Z by avg

add dates along with revision numbers in UPDATING entry for 20101022

This is a direct commit.
@
text
@d21 2
a22 3
	revision 211583 from 2010-08-21 (r210245 from 2010-07-19 if
	building stable/8 kernel on head, r211584 from 2010-08-21 for
	stable/7).  A symptom of incorrect ld version is
@


1.632.2.19
log
@SVN rev 215909 on 2010-11-26 22:31:56Z by avg

add UPDATING entry for amd64 minidump version 2

This is a direct commit.
@
text
@a17 6
20101126:
	New version of minidump format for amd64 architecture was
	introduced in r215872.  To analyze vmcore files produced by
	kernels at or after this version you will need updated userland,
	libkvm actually, that is able to handle the new version.

@


1.632.2.20
log
@SVN rev 218731 on 2011-02-16 14:25:26Z by kensmith

Guess when all the bits will be in place for announcing 8.2-RELEASE.
@
text
@a17 3
20110221:
	8.2-RELEASE.

@


1.632.2.21
log
@SVN rev 219034 on 2011-02-25 15:32:44Z by netchild

MFC r216591:
  Suggest to run the delete-old target after the second mergemaster. If you run
  it before, your rc scripts may still reference old files/directories and
  if you are in the unlucky situation to have triggered a reboot (intentionally
  or not) between the delete-old run and the mergemaster, your system may not
  start anymore.

  While I'm here, give a hint about delete-old-libs.

  Noticed by:        bcr (luckily in a discussion and not by getting hit by
                          this)
@
text
@d1647 1
a1648 1
	make delete-old					[6]
d1685 1
a1686 1
	make delete-old					[6]
a1727 4
	[6] This only deletes old files and directories. Old libraries
	can be deleted by "make delete-old-libs", but you have to make
	sure that no program is using those libraries anymore.

@


1.632.2.22
log
@SVN rev 221157 on 2011-04-28 08:49:43Z by vanhu

MFC 218794, 219026:
Fixed IPsec's HMAC_SHA256-512 support to be RFC4868 compliant.
This will break interoperability with all older versions of
FreeBSD for those algorithms.

Reviewed by:	bz, gnn
Obtained from:	NETASQ
@
text
@a17 10
20110428:
	IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868
	compliant, and will now use half of hash for authentication.
	This will break interoperability with all stacks (including all
	older FreeBSD versions) who implement
	draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for
	authentication).
	The only workaround with such peers is to use another HMAC
	algorithm for IPsec ("phase 2") authentication.

@


1.632.2.23
log
@SVN rev 222741 on 2011-06-06 09:36:46Z by mm

MFC ZFS version 28 and related revisions:
208682, 211900, 212543, 213791, 216378, 218007, 218725, 219089, 219090,
219092, 219316, 219317, 219320, 219404, 219636, 219703, 219959, 219973,
220447, 220575, 221112, 221177, 221263, 221409, 222050, 222267, 222268

MFC r208682 (pjd):
Fix panic when reading label from provider with non power of 2 sector size.

MFC r211900 (pjd):
Use ZFS_CTLDIR_NAME instead of hardcoding ".zfs".

MFC r212543 (imp):
Simplify atomic selection

MFC r213791 (rpaulo):
Pass a format string to panic() and to taskqueue_start_threads().

Found with:	clang

MFC r216378 (pjd):
Remove redundant semicolon and empty like.

MFC r218007 (jchandra):
CDDL fixes for MIPS n32.

Provide 64 bit atomic ops, and use 32 bit pointer.

MFC r218725 (dim):
When building libzpool on ia64 or sparc64, don't add the .note.GNU-stack
section.

MFC r219089 (pjd):
Finally... Import the latest open-source ZFS version - (SPA) 28.

Few new things available from now on:

- Data deduplication.
- Triple parity RAIDZ (RAIDZ3).
- zfs diff.
- zpool split.
- Snapshot holds.
- zpool import -F. Allows to rewind corrupted pool to earlier
  transaction group.
- Possibility to import pool in read-only mode.

MFC r219090 (pjd):
Commit two more files missed in r219089.

MFC r219092 (pjd):
Use proper lock in assertion.

MFC r219316 (pjd):
Simplify zvol_remove_minors() a bit.

MFC r219317 (pjd):
Make renaming of a ZVOL, ZVOL's parent directory and ZVOL snapshot work.

MFC r219320 (pjd):
Fix libzpool build.

MFC r219404 (pjd):
Correct readdir over ZFS handling.

MFC r219636 (pjd):
Fix potential panic in dbuf_sync_list() relate to spill blocks handling.

MFC r219703 (ae):
The size of zfsboot2 grown up to 64 Kbytes in r219089.
Increase NSECT up to 128 sectors too.

MFC r219959 (pjd):
Properly print characters larger than 127.

MFC r219973 (pjd):
Checking file access on size change is bogus. The checks are done earlier by
VFS where we know if this is truncate(2) or ftruncate(2). If this is the
latter we should depend on the mode the file was opened and not on the current
permission.

MFC r220447 (mm):
Partially fix ZFS compat code for sparc64.
Some endianess bugs still need to be resolved.

MFC r220575 (pjd):
Fix 'zfs list <path>' handling. If the path was found, the 'ret' variable was
uninitialized.

MFC r221112 (marcel):
Fix copy-paste bug.

MFC r221177 (jhb):
Due to space constraints, the UFS boot2 and boot1 use an evil hack where
boot2 calls back into boot1 to perform disk reads.  The ZFS MBR boot blocks
do not have the same space constraints, so remove this hack for ZFS.
While here, remove commented out code to support C/H/S addressing from
zfsldr.  The ZFS and GPT bootstraps always just use EDD LBA addressing.

MFC r221263 (mm):
Fix deduplicated zfs receive
(dmu_recv_stream builds incomplete guid_to_ds_map)

Illumos-gate changeset: 13329:c48b8bf84ab7

MFC r221409 (marius):
Convert the last use of xcopyout() to ddi_copyout() and remove the now
unused xcopyin() as well as xcopyout().

MFC r222050 (mm):
Restore old (v15) behaviour for a recursive snapshot destroy.
(zfs destroy -r pool/dataset@@snapshot)

To destroy all descendent snapshots with the same name the top level
snapshot was not required to exist. So if the top level snapshot does
not exist, check permissions of the parent dataset instead.

Filed as Illumos Bug #1043

MFC r222267 (pjd):
Don't access task structure once we call task function.
The task structure might be no longer available.
This also allows to eliminates the need for two tasks in the zio structure.

MFC r222268 (pjd):
Don't pass pointer to name buffer which is on the stack to another thread,
because the stack might be paged out once the other thread tries to use the
data. Instead, just allocate memory.

Discussed with:		pjd
@
text
@a17 7
20110606:
	A new version of ZFS (version 28) has been merged.
	This version does not depend on a python library and the
	sysutils/py-zfs port is not used anymore.
	For upgrading your boot pool, please read "ZFS notes"
	in the COMMON ITEMS: section later in this file.

@


1.632.2.24
log
@SVN rev 225275 on 2011-08-31 01:17:49Z by gjb

MFC 225142:

Reword sentence noting UPDATING entries prior to October 2007[1] are
only available in older FreeBSD releases.

PR:		159220

[1] - October 2007 is specific to HEAD.  In stable/8 and stable/7,
the correct year is 2004, so that change is reflected here as well.
@
text
@d1771 3
a1773 4
breakages in tracking -current.  It is not guaranteed to be a complete
list of such breakages, and only contains entries since October 16, 2004.
If you need to see UPDATING entries from before that date, you will need
to fetch an UPDATING file from an older FreeBSD release.
@


1.632.2.25
log
@SVN rev 227306 on 2011-11-07 13:45:18Z by marius

MFC: r227006, r227281, r227282

Add a PCI front-end to esp(4) allowing it to support AMD Am53C974 and
replace amd(4) with the former in the amd64, i386 and pc98 GENERIC kernel
configuration files. Besides duplicating functionality, amd(4), which
previously also supported the AMD Am53C974, unlike esp(4) is no longer
maintained and has accumulated enough bit rot over time to always cause
a panic during boot as long as at least one target is attached to it
(see PR 124667).

PR:		124667
Obtained from:	NetBSD (based on)
@
text
@a17 4
20111101:
	The broken amd(4) driver has been replaced with esp(4) in the amd64,
	i386 and pc98 GENERIC kernel configuration files.

@


1.632.2.26
log
@SVN rev 229725 on 2012-01-06 19:32:39Z by jhb

MFC 226217,227070,227341,227502:
Add the posix_fadvise(2) system call.  It is somewhat similar to
madvise(2) except that it operates on a file descriptor instead of a
memory region.  It is currently only supported on regular files.

Note that this adds a new VOP, so all filesystem modules must be
recompiled.

Approved by:	re (kib)
@
text
@a17 8
20120106:
	A new VOP_ADVISE() was added to support posix_fadvise(2).  All
	filesystem modules must be recompiled.

20111116:
	A new VOP_ALLOCATE() was added to support posix_fallocate(2).  All
	filesystem modules must be recompiled.

@


1.632.2.27
log
@SVN rev 234020 on 2012-04-08 05:03:46Z by kensmith

Guess at when we will be able to announce 8.3-RELEASE.
@
text
@a17 3
20120411:
	8.3-RELEASE.

@


1.632.2.28
log
@SVN rev 238905 on 2012-07-30 11:29:05Z by marius

Pull the tier-2 card and change the sparc64 ZFS loader to no longer probe
all diskN aliases for providers (which more or less corresponds to how the
x86 version behaves) but instead probe only those listed in the boot-device
OFW environment variable. This has the following advantages:
- avoids otherwise unavoidable OFW warnings about failures to open disks
  for which aliases exist but no actual hardware is connected
- avoids issues due to different diskN naming schemes
- aligns us with Solaris
@
text
@a17 5
20120727:
	The sparc64 ZFS loader has been changed to no longer try to auto-
	detect ZFS providers based on diskN aliases but now requires these
	to be explicitly listed in the OFW boot-device environment variable.

@


1.632.2.29
log
@SVN rev 241191 on 2012-10-04 09:02:38Z by kib

MFC r241092:
Add the UPDATING note about padlock rng support requiring the config change.
@
text
@a17 8
20120913:
	The random(4) support for the VIA hardware random number
	generator (`PADLOCK') is no longer enabled unconditionally.
	Add the PADLOCK_RNG option in the custom kernel config if
	needed.  The GENERIC kernels on i386 and amd64 do include the
	option, so the change only affects the custom kernel
	configurations.

@


1.632.2.30
log
@SVN rev 241728 on 2012-10-19 11:01:39Z by jhb

MFC 206082,206179,207056,207057,210612,210636,210656,212423,212426,228121,
228124,228137,228140,228141,228147,228153,228158,228311,241395,241396:
Convert WITH_CTF into a normal build option where MK_CTF is set to yes/no
depending on WITH_CTF/WITHOUT_CTF.  In addition, WITH_CTF can now be
specified in src.conf (not recommended, there are some problems with
static executables), make.conf (would also affect ports which do not use
GNU make and do not override the compile targets) or in the kernel config
(via "makeoptions WITH_CTF=yes").

Eyeballed by:	netchild, fjoe
@
text
@a17 10
20121018:
	WITH_CTF can now be specified in src.conf (not recommended, there
	are some problems with static executables), make.conf (would also
	affect ports which do not use GNU make and do not override the
	compile targets) or in the kernel config (via "makeoptions
	WITH_CTF=yes").
	When WITH_CTF was specified there before this was silently ignored,
	so make sure that WITH_CTF is not used in places which could lead
	to unwanted behavior.

@


1.632.2.31
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 242909
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r242909 | dim | 2012-11-12 07:47:19 +0000 (Mon, 12 Nov 2012) | 20 lines
## SVN ##
## SVN ## MFC r242625:
## SVN ##
## SVN ## Remove duplicate const specifiers in many drivers (I hope I got all of
## SVN ## them, please let me know if not).  Most of these are of the form:
## SVN ##
## SVN ## static const struct bzzt_type {
## SVN ##       [...list of members...]
## SVN ## } const bzzt_devs[] = {
## SVN ##       [...list of initializers...]
## SVN ## };
## SVN ##
## SVN ## The second const is unnecessary, as arrays cannot be modified anyway,
## SVN ## and if the elements are const, the whole thing is const automatically
## SVN ## (e.g. it is placed in .rodata).
## SVN ##
## SVN ## I have verified this does not change the binary output of a full kernel
## SVN ## build (except for build timestamps embedded in the object files).
## SVN ##
## SVN ## Reviewed by:	yongari, marius
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d1840 1
a1840 1
$FreeBSD: stable/8/UPDATING 241728 2012-10-19 11:01:39Z jhb $
@


1.632.2.32
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/243717
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r243717 | mm | 2012-11-30 22:38:42 +0000 (Fri, 30 Nov 2012) | 223 lines
## SVN ##
## SVN ## Merge ZFS feature flags support and related bugfixes:
## SVN ## 236884, 237001, 237119, 237458, 237972, 238113, 238391, 238422, 238926,
## SVN ## 238950, 238951, 239389, 239394, 239620, 239774, 239953, 239958, 239967,
## SVN ## 239968, 240063, 240133, 240153, 240303, 240345, 240415, 240955, 241655,
## SVN ## 243014, 243505, 243506
## SVN ##
## SVN ## MFC r236884:
## SVN ## Introduce "feature flags" for ZFS pools (bump SPA version to 5000).
## SVN ## Add first feature "com.delphix:async_destroy" (asynchronous destroy
## SVN ## of ZFS datasets).
## SVN ## Implement features support in ZFS boot code.
## SVN ##
## SVN ## Illumos revisions merged:
## SVN ## 13700:2889e2596bd6
## SVN ## 13701:1949b688d5fb
## SVN ## 2619 asynchronous destruction of ZFS file systems
## SVN ## 2747 SPA versioning with zfs feature flags
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/2619
## SVN ##   https://www.illumos.org/issues/2747
## SVN ##
## SVN ## MFC r237001:
## SVN ## Fix ZFS boot with pre-features pools (version <= 28) broken in r236884
## SVN ##
## SVN ## MFC r237119 [1]:
## SVN ## Do not remount ZFS dataset if changing canmount property to "on" and
## SVN ## dataset is already mounted.
## SVN ##
## SVN ## MFC r237458:
## SVN ## Import Illumos revision 13736:9f1d48e1681f
## SVN ## 2901 ZFS receive fails for exabyte sparse files
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/2901
## SVN ##
## SVN ## MFC r237972:
## SVN ## Expose scrub and resilver tunables.
## SVN ## This allows the user to tune the priority trade-off between scrub/resilver
## SVN ## and other ZFS I/O.
## SVN ##
## SVN ## MFC r238113 (pjd):
## SVN ## vdev_io_done stage is not used for ioctls.
## SVN ##
## SVN ## MFC r238391:
## SVN ## Change behavior introduced in r237119 to vendor solution
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/2883
## SVN ##
## SVN ## MFC r238422:
## SVN ## Merge illumos commit 13749:df4cd82e2b60
## SVN ##
## SVN ## 1796 "ZFS HOLD" should not be used when doing "ZFS SEND" froma read-only pool
## SVN ## 2871 support for __ZFS_POOL_RESTRICT used by ZFS test suite
## SVN ## 2903 zfs destroy -d does not work
## SVN ## 2957 zfs destroy -R/r sometimes fails when removing defer-destroyed snapshot
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/1796
## SVN ##   https://www.illumos.org/issues/2871
## SVN ##   https://www.illumos.org/issues/2903
## SVN ##   https://www.illumos.org/issues/2957
## SVN ##
## SVN ## MFC r238926:
## SVN ## Partial MFV (illumos-gate 13753:2aba784c276b)
## SVN ## 2762 zpool command should have better support for feature flags
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/2762
## SVN ##
## SVN ## MFC r238950:
## SVN ## Fix reporting of root pool upgrade notice.
## SVN ##
## SVN ## MFC r238951:
## SVN ## Fix wrong indent according to style(9)
## SVN ##
## SVN ## MFC r239389:
## SVN ## Backport fix for vendor issue #3085
## SVN ## 3085 zfs diff panics, then panics in a loop on booting
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/3085
## SVN ##
## SVN ## MFC r239394:
## SVN ## Update zfs(8) manpage with illumos version of "zfs diff"
## SVN ##
## SVN ## Illumos issue:
## SVN ##   2399 zfs manual page does not document use of "zfs diff"
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/2399
## SVN ##
## SVN ## MFC r239620 [2]:
## SVN ## Merge recent vendor changes:
## SVN ## 3086 unnecessarily setting DS_FLAG_INCONSISTENT on async destroyed datasets
## SVN ## 3090 vdev_reopen() during reguid causes vdev to be treated as corrupt
## SVN ## 3102 vdev_uberblock_load() and vdev_validate() may read the wrong label
## SVN ##
## SVN ## Referenes:
## SVN ##   https://www.illumos.org/issues/3086
## SVN ##   https://www.illumos.org/issues/3090
## SVN ##   https://www.illumos.org/issues/3102
## SVN ##
## SVN ## MFC r239774:
## SVN ## Merge recent vendor changes:
## SVN ## 3100 zvol rename fails with EBUSY when dirty
## SVN ## 3104 eliminate empty bpobjs
## SVN ## 3120 zinject hangs in zfsdev_ioctl() due to uninitialized zc
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/3100
## SVN ##   https://www.illumos.org/issues/3104
## SVN ##   https://www.illumos.org/issues/3120
## SVN ##
## SVN ## MFC r239953 (joel):
## SVN ## Mdoc fixes.
## SVN ##
## SVN ## MFC r239958 (joel):
## SVN ## Minor mdoc fixes.
## SVN ##
## SVN ## MFC r239967 (joel):
## SVN ## Mdoc fixes.
## SVN ##
## SVN ## MFC r239968 (joel):
## SVN ## Remove trailing whitespace.
## SVN ##
## SVN ## MFC r240063 (gjb):
## SVN ## Add myself to copyright sections, per CDDL license.
## SVN ##
## SVN ## MFC r240133:
## SVN ## Merge recent vendor changes and sync code:
## SVN ## 1862 incremental zfs receive fails for sparse file > 8PB
## SVN ## 3112 ztest does not honor ZFS_DEBUG
## SVN ## 3122 zfs destroy filesystem should prefetch blocks
## SVN ## 3129 'zpool reopen' restarts resilvers
## SVN ## 3130 ztest failure: Assertion failed:
## SVN ##        0 == dmu_objset_destroy(name, B_FALSE) (0x0 == 0x10)
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/1862
## SVN ##   https://www.illumos.org/issues/3112
## SVN ##   https://www.illumos.org/issues/3122
## SVN ##   https://www.illumos.org/issues/3129
## SVN ##   https://www.illumos.org/issues/3130
## SVN ##
## SVN ## MFC r240153 (gjb) [3]:
## SVN ## Typo fix and minor word swap.
## SVN ##
## SVN ## MFC r240303:
## SVN ## Add assfail() and assfail3() to the opensolaris module.
## SVN ## Remove obsoleted intermediate cddl/compat/opensolaris/sys/debug.h.
## SVN ##
## SVN ## MFC r240345 (avg):
## SVN ## zfs: fix sa_modify_attrs handling of variable-sized attributes
## SVN ##
## SVN ## - skip length_idx index for a replaced variable-sized attribute
## SVN ## - skip length_idx index for a removed variable-sized attribute
## SVN ## - also re-arranged code to make sure that length_idx is always
## SVN ##   incremented for variable-sized attributes
## SVN ## - additionally add an assertion that the number of actually produced
## SVN ##   attributes is the same as the expected number of resulting
## SVN ##   attributes
## SVN ##
## SVN ## MFC r240415:
## SVN ## Merge recent zfs vendor changes, sync code and adjust userland DEBUG.
## SVN ##
## SVN ## Illumos issued covered:
## SVN ## 1884 Empty "used" field for zfs *space commands
## SVN ## 3006 VERIFY[S,U,P] and ASSERT[S,U,P] frequently check if first argument
## SVN ##      is zero
## SVN ## 3028 zfs {group,user}space -n prints (null) instead of numeric GID/UID
## SVN ## 3048 zfs {user,group}space [-s|-S] is broken
## SVN ## 3049 zfs {user,group}space -t doesn't really filter the results
## SVN ## 3060 zfs {user,group}space -H output isn't tab-delimited
## SVN ## 3061 zfs {user,group}space -o doesn't use specified fields order
## SVN ## 3064 usr/src/cmd/zpool/zpool_main.c misspells "successful"
## SVN ## 3093 zfs {user,group}space's -i is noop
## SVN ## 3098 zfs userspace/groupspace fail without saying why when run as non-root
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/ + [issue_id]
## SVN ##
## SVN ## MFC r240955 (partial):
## SVN ## Merge recent vendor changes in ZFS.
## SVN ##
## SVN ## Illumos issued covered:
## SVN ## 3139 zdb dies when it tries to determine path of unlinked file
## SVN ## 3189 kernel panic in ZFS test suite during hotspare_onoffline_004_neg
## SVN ## 3208 moving zpool cross-endian results in incorrect user/group accounting
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/ + [issue_id]
## SVN ##
## SVN ## MFC r241655:
## SVN ## Add missing initialization for do_prefix.
## SVN ## Corrects porting error in r238391
## SVN ##
## SVN ## Vendor issue and changeset reference:
## SVN ## 2883 changing "canmount" property to "on" should not always remount dataset
## SVN ## https://www.illumos.org/issues/2883
## SVN ## Changeset 13743:95aba6e49b9f
## SVN ##
## SVN ## MFC r243014:
## SVN ## Move zpool-features manual page from section 5 to section 7
## SVN ## and fix references
## SVN ##
## SVN ## Reported by:	pluknet
## SVN ##
## SVN ## MFC r243505:
## SVN ## Illumos 13886:e3261d03efbf
## SVN ##
## SVN ## 3349 zpool upgrade -V bumps the on disk version number, but leaves
## SVN ##      the in core version
## SVN ##
## SVN ## References:
## SVN ##   https://www.illumos.org/issues/3349
## SVN ##
## SVN ## MFC r243506:
## SVN ## zfs sha256 checksum is missing in zfs.8 manpage
## SVN ##
## SVN ## PR:	kern/167905 [1], kern/170912 [2], kern/170914 [2], doc/171356 [3]
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@a17 11
20121130:
	A new version of ZFS (pool version 5000) has been merged to 8-STABLE.
	Starting with this version the old system of ZFS pool versioning
	is superseded by "feature flags". This concept enables forward
	compatibility against certain future changes in functionality of ZFS
	pools. The first two read-only compatible "feature flags" for ZFS
	pools are "com.delphix:async_destroy" and "com.delphix:empty_bpobj".
	For more information read the new zpool-features(7) manual page.
	Please refer to the "ZFS notes" section of this file for information
	on upgrading boot ZFS pools.

d1840 1
a1840 1
$FreeBSD: stable/8/UPDATING 243717 2012-11-30 22:38:42Z mm $
@


1.632.2.33
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/247607
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 7
20130225:
	A new compression method (lz4) has been merged.  Please refer to
	zpool-features(7) for more information.

	Please refer to the "ZFS notes" section of this file for information
	on upgrading boot ZFS pools.

d1851 1
a1851 1
$FreeBSD: stable/8/UPDATING 247607 2013-03-02 01:04:02Z delphij $
@


1.632.2.34
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250068
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 3
20130429:
	Fix a bug that allows NFS clients to issue READDIR on files.

d1858 1
a1858 1
$FreeBSD: stable/8/UPDATING 250068 2013-04-29 21:10:49Z des $
@


1.632.2.35
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/251026
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 7
20130524:
	`list' command has been added to hastctl(8).  For now, it is full
	equivalent of `status' command.
	WARNING: in the near future the output of hastctl's status command
	will change to more terse format.  If you use `hastctl status'
	for parsing in your scripts, switch to `hastctl list'.

d1861 1
a1861 1
$FreeBSD: stable/8/UPDATING 251026 2013-05-27 13:51:57Z marck $
@


1.632.2.36
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/251500
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 3
20130607:
	8.4-RELEASE.

d1868 1
a1868 1
$FreeBSD: stable/8/UPDATING 251500 2013-06-07 15:52:33Z pluknet $
@


1.632.2.37
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/252162
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 16
20130624:
	Added ZFS TRIM support which is enabled by default. To disable
	ZFS TRIM support set vfs.zfs.trim.enabled=0 in loader.conf.

	Creating new ZFS pools and adding new devices to existing pools
	first performs a full device level TRIM, which can take a significant
	amount of time. Set the sysctl vfs.zfs.vdev.trim_on_init to 0 to
	disable this behaviour.

	ZFS TRIM requires the underlying device support BIO_DELETE which
	is currently provided by methods such as ATA TRIM and SCSI UNMAP
	via CAM, which are typically supported by SSD's.

	Stats for ZFS TRIM can be monitored by looking at the sysctl's
	under kstat.zfs.misc.zio_trim.

d1871 1
a1871 1
$FreeBSD: stable/8/UPDATING 252162 2013-06-24 15:35:42Z smh $
@


1.632.2.38
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/252777
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 4
20130705:
	hastctl(8)'s `status' command output changed to terse one-liner format.
	Scripts using this should switch to `list' command or be rewritten.

d1887 1
a1887 1
$FreeBSD: stable/8/UPDATING 252777 2013-07-05 08:17:48Z marck $
@


1.632.2.39
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/254708
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 7
20130823:
	Behavior of devfs rules path matching has been changed.
	Pattern is now always matched against fully qualified devfs
	path and slash characters must be explicitly matched by
	slashes in pattern (FNM_PATHNAME). Rulesets involving devfs
	subdirectories must be reviewed.

d1891 1
a1891 1
$FreeBSD: stable/8/UPDATING 254708 2013-08-23 14:25:04Z avg $
@


1.632.2.40
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/259449
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 11
20131216:
	The behavior of gss_pseudo_random() for the krb5 mechanism
	has changed, for applications requesting a longer random string
	than produced by the underlying enctype's pseudo-random() function.
	In particular, the random string produced from a session key of
	enctype aes256-cts-hmac-sha1-96 or aes256-cts-hmac-sha1-96 will
	be different at the 17th octet and later, after this change.
	The counter used in the PRF+ construction is now encoded as a
	big-endian integer in accordance with RFC 4402.
	__FreeBSD_version is bumped to 804501.

d1898 1
a1898 1
$FreeBSD: stable/8/UPDATING 259449 2013-12-16 02:30:56Z bjk $
@


1.632.2.41
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/261992
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 6
20140216:
	The nve(4) driver for NVIDIA nForce MCP Ethernet adapters has
	been deprecated and will not be part of FreeBSD 11.0 and later
	releases.  If you use this driver, please consider switching to
	the nfe(4) driver instead.

d1909 1
a1909 1
$FreeBSD: stable/8/UPDATING 261992 2014-02-16 19:44:30Z brueffer $
@


1.632.2.26.2.1
log
@SVN rev 232438 on 2012-03-03 06:15:13Z by kensmith

Copy stable/8 to releng/8.3 as part of 8.3-RELEASE release cycle.

Approved by:	re (implicit)
@
text
@@


1.632.2.26.2.2
log
@SVN rev 234021 on 2012-04-08 05:07:40Z by kensmith

MFS r234020:
> Guess at when we will be able to announce 8.3-RELEASE.

Approved by:	re (implicit)
@
text
@a17 3
20120411:
	8.3-RELEASE.

@


1.632.2.26.2.3
log
@SVN rev 234954 on 2012-05-03 15:25:11Z by bz

Fix multiple OpenSSL vulnerabilities.

Security:	CVE-2011-4576, CVE-2011-4619, CVE-2011-4109
Security:	CVE-2012-0884, CVE-2012-2110
Security:	FreeBSD-SA-12:01.openssl
Approved by:	so (bz,simon)
@
text
@a17 3
20120503:	p1	FreeBSD-SA-12:01.openssl
	Fix multiple OpenSSL vulnerabilities.

@


1.632.2.26.2.4
log
@SVN rev 236304 on 2012-05-30 12:01:28Z by bz

Update the previous openssl fix. [12:01]

Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

Security:	FreeBSD-SA-12:01.openssl (revised)
Security:	FreeBSD-SA-12:02.crypt
Approved by:	so (bz, simon)
@
text
@a17 6
20120530:	p2	FreeBSD-SA-12:01.openssl (revised),
			FreeBSD-SA-12:02.crypt
	Update the previous openssl fix. [12:01]

	Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

@


1.632.2.26.2.5
log
@SVN rev 236953 on 2012-06-12 12:10:10Z by bz

Fix a problem where zero-length RDATA fields can cause named(8) to crash.
[12:03]

Correct a privilege escalation when returning from kernel if
running FreeBSD/amd64 on non-AMD processors. [12:04]

Fix reference count errors in IPv6 code. [EN-12:02]

Security:	CVE-2012-1667
Security:	FreeBSD-SA-12:03.bind
Security:	CVE-2012-0217
Security:	FreeBSD-SA-12:04.sysret
Security:	FreeBSD-EN-12:02.ipv6refcount
Approved by:	so (simon, bz)
@
text
@a17 11
20120612:	p3	FreeBSD-SA-12:03.bind
			FreeBSD-SA-12:04.sysret
			FreeBSD-EN-12:02.ipv6refcount
	Fix a problem where zero-length RDATA fields can cause named to crash.
	[12:03]

	Correct a privilege escalation when returning from kernel if
	running FreeBSD/amd64 on non-AMD processors. [12:04]

	Fix reference count errors in IPv6 code. [EN-12:02]

@


1.632.2.26.2.6
log
@SVN rev 239108 on 2012-08-06 21:33:11Z by simon

Fix named(8) DNSSEC validation Denial of Service.

Security:	FreeBSD-SA-12:05.bind
Security:	CVE-2012-3817
Obtained from:	ISC
Approved by:	so (simon)
@
text
@a17 3
20120806:	p4	FreeBSD-SA-12:05.bind
	Fix named(8) DNSSEC validation Denial of Service.

@


1.632.2.26.2.7
log
@Switch importer
@
text
@d1840 1
a1840 1
$FreeBSD: releng/8.3/UPDATING 239108 2012-08-06 21:33:11Z simon $
@


1.632.2.26.2.8
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 243417
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r243417 | simon | 2012-11-22 22:52:15 +0000 (Thu, 22 Nov 2012) | 13 lines
## SVN ##
## SVN ## Fix multiple Denial of Service vulnerabilities with named(8).
## SVN ##
## SVN ## Fix insufficient message length validation for EAP-TLS messages.
## SVN ##
## SVN ## Fix Linux compatibility layer input validation error.
## SVN ##
## SVN ## Security:	FreeBSD-SA-12:06.bind
## SVN ## Security:	FreeBSD-SA-12:07.hostapd
## SVN ## Security:	FreeBSD-SA-12:08.linux
## SVN ## Security:	CVE-2012-4244, CVE-2012-5166, CVE-2012-4445, CVE-2012-4576
## SVN ## Approved by:	re
## SVN ## Approved by:	security-officer
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@a17 8
20121122:	p5	FreeBSD-SA-12:06.bind FreeBSD-SA-12:07.hostapd
			FreeBSD-SA-12:08.linux
	Fix multiple Denial of Service vulnerabilities with named(8).

	Fix insufficient message length validation for EAP-TLS messages.

	Fix Linux compatibility layer input validation error.

d1840 1
a1840 1
$FreeBSD: releng/8.3/UPDATING 243417 2012-11-22 22:52:15Z simon $
@


1.632.2.26.2.9
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/246989
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 3
20130218:	p6	FreeBSD-SA-13:02.libc
	Fix Denial of Service vulnerability in libc's glob(3) functionality.

d1848 1
a1848 1
$FreeBSD: releng/8.3/UPDATING 246989 2013-02-19 13:27:20Z bz $
@


1.632.2.26.2.10
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249029
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 3
20130402:	p7	FreeBSD-SA-13:03.openssl
	Fix multiple vulnerabilities in OpenSSL.

d1851 1
a1851 1
$FreeBSD: releng/8.3/UPDATING 249029 2013-04-02 17:34:42Z delphij $
@


1.632.2.26.2.11
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250069
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 3
20130429:	p8	FreeBSD-SA-13:05.nfsserver
	Fix a bug that allows NFS clients to issue READDIR on files.

d1854 1
a1854 1
$FreeBSD: releng/8.3/UPDATING 250069 2013-04-29 21:10:53Z des $
@


1.632.2.26.2.12
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/253694
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 5
20130429:	p9	FreeBSD-SA-13:08.nfsserver
	Fix a bug that allows remote client bypass the normal
	access checks when when -network or -host restrictions are
	used at the same time with -mapall.

d1857 1
a1857 1
$FreeBSD: releng/8.3/UPDATING 253694 2013-07-26 22:40:29Z delphij $
@


1.632.2.26.2.13
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/254632
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 9
20130822:	p10	FreeBSD-SA-13:09.ip_multicast
			FreeBSD-SA-13:10.sctp
	Fix an integer overflow in computing the size of a temporary buffer
	can result in a buffer which is too small for the requested
	operation. [13:09]

	Fix a bug that could lead to kernel memory disclosure with
	SCTP state cookie. [13:10]

d1862 1
a1862 1
$FreeBSD: releng/8.3/UPDATING 254632 2013-08-22 00:51:56Z delphij $
@


1.632.2.26.2.14
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/255446
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 11
20130910:	p11	FreeBSD-SA-13:12.ifioctl
			FreeBSD-SA-13:13.nullfs

	In IPv6 and NetATM, stop SIOCSIFADDR, SIOCSIFBRDADDR,
	SIOCSIFDSTADDR and SIOCSIFNETMASK at the socket layer rather
	than pass them on to the link layer without validation or
	credential checks.  [SA-13:12]

	Prevent cross-mount hardlinks between different nullfs mounts
	of the same underlying filesystem.  [SA-13:13]

d1871 1
a1871 1
$FreeBSD: releng/8.3/UPDATING 255446 2013-09-10 10:13:14Z des $
@


1.632.2.26.2.15
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/257194
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 4
20131026:	p12	FreeBSD-EN-13:04.freebsd-update
	Fix multiple freebsd-update bugs that break upgrading to
	FreeBSD 10.0.

d1882 1
a1882 1
$FreeBSD: releng/8.3/UPDATING 257194 2013-10-26 20:01:00Z delphij $
@


1.632.2.26.2.16
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/258725
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 3
20131128:	p13	FreeBSD-EN-13:05.freebsd-update
	Fix error in patch for FreeBSD-EN-13:04.freebsd-update.

d1886 1
a1886 1
$FreeBSD: releng/8.3/UPDATING 258725 2013-11-28 22:12:48Z delphij $
@


1.632.2.26.2.17
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/260647
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 16
20140114:	p14	FreeBSD-SA-14:01.bsnmpd
			FreeBSD-SA-14:02.ntpd
			FreeBSD-SA-14:04.bind
			FreeBSD-EN-14:01.random
			FreeBSD-EN-14:02.mmap
	Fix bsnmpd remote denial of service vulnerability. [SA-14:01]

	Fix ntpd distributed reflection Denial of Service
	vulnerability. [SA-14:02]

	Fix BIND remote denial of service vulnerability. [SA-14:04]

	Disable hardware RNGs by default. [EN-14:01]

	Fix incorrect coalescing of stack entry with mmap. [EN-14:02]

d1889 1
a1889 1
$FreeBSD: releng/8.3/UPDATING 260647 2014-01-14 19:42:28Z delphij $
@


1.632.2.26.2.18
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/264284
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 6
20140408:	p15	FreeBSD-SA-14:05.nfsserver
			FreeBSD-SA-14:06.openssl
	Fix deadlock in the NFS server. [SA-14:05]

	Fix for ECDSA Cache Side-channel Attack in OpenSSL. [SA-14:06]

d1905 1
a1905 1
$FreeBSD: releng/8.3/UPDATING 264284 2014-04-08 23:16:05Z delphij $
@


1.632.2.26.2.19
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/265125
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a17 4
20140430:	p16	FreeBSD-SA-14:08.tcp

        Fix TCP reassembly vulnerability. [SA-14:08]

d1911 1
a1911 1
$FreeBSD: releng/8.3/UPDATING 265125 2014-04-30 04:05:47Z delphij $
@


1.632.2.19.2.1
log
@SVN rev 216617 on 2010-12-21 17:09:25Z by kensmith

Copy stable/8 to releng/8.2 in preparation for FreeBSD-8.2 release.

Approved by:	re (implicit)
@
text
@@


1.632.2.19.2.2
log
@SVN rev 218733 on 2011-02-16 14:28:04Z by kensmith

Guess when all the bits will be in place for announcing 8.2-RELEASE.

Approved by:	re (implicit)
@
text
@a17 3
20110221:
	8.2-RELEASE.

@


1.632.2.19.2.3
log
@SVN rev 220901 on 2011-04-20 21:00:24Z by cperciva

Fix CIDR parsing bug in mountd ACLs.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-11:01.mountd
@
text
@a17 3
20110420:	p1	FreeBSD-SA-11:01.mountd
	Fix CIDR parsing bug in mountd ACLs.

@


1.632.2.19.2.4
log
@SVN rev 222416 on 2011-05-28 08:44:39Z by simon

Fix an off by one which can result in a assertion failure in BIND
related to large RRSIG RRsets and Negative Caching. This can cause
named to crash.

Security:	FreeBSD-SA-11:02.bind
Security:	CVE-2011-1910
Security:	https://www.isc.org/software/bind/advisories/cve-2011-1910
Obtained from:	ISC
Approved by:	so (simon)
@
text
@a17 4
20110528:	p2	FreeBSD-SA-11:02.bind
	Fix BIND remote DoS with large RRSIG RRsets and negative
	caching.

@


1.632.2.19.2.5
log
@SVN rev 225827 on 2011-09-28 08:47:17Z by bz

Fix handling of corrupt compress(1)ed data. [11:04]

Add missing length checks on unix socket addresses. [11:05]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-11:04.compress
Security:	CVE-2011-2895 [11:04]
Security:	FreeBSD-SA-11:05.unix
@
text
@a17 5
20110928:	p3	FreeBSD-SA-11:04.compress, FreeBSD-SA-11:05.unix
	Fix handling of corrupt compress(1)ed data. [11:04]

	Add missing length checks on unix socket addresses. [11:05]

@


1.632.2.19.2.6
log
@SVN rev 226023 on 2011-10-04 19:07:38Z by cperciva

Fix a bug in UNIX socket handling in the linux emulator which was
exposed by the security fix in FreeBSD-SA-11:05.unix.

Approved by:	so (cperciva)
Approved by:	re (kib)
Security:	Related to FreeBSD-SA-11:05.unix, but not actually
		a security fix.
@
text
@a17 4
20111004:	p4	FreeBSD-SA-11:05.unix (revised)
	Fix a bug in UNIX socket handling in the linux emulator which was
	exposed by the security fix in FreeBSD-SA-11:05.unix.

@


1.632.2.19.2.7
log
@SVN rev 228843 on 2011-12-23 15:00:37Z by cperciva

Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06]

Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]

Fix a buffer overflow in telnetd. [11:08]

Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]

Add sanity checking of service names in pam_start. [11:10]

Approved by:    so (cperciva)
Approved by:    re (bz)
Security:       FreeBSD-SA-11:06.bind
Security:       FreeBSD-SA-11:07.chroot
Security:       FreeBSD-SA-11:08.telnetd
Security:       FreeBSD-SA-11:09.pam_ssh
Security:       FreeBSD-SA-11:10.pam
@
text
@a17 16
20111223:	p5	FreeBSD-SA-11:06.bind, FreeBSD-SA-11:07.chroot
			FreeBSD-SA-11:08.telnetd, FreeBSD-SA-11:09.pam_ssh
			FreeBSD-SA-11:10.pam
	Fix a problem whereby a corrupt DNS record can cause named to crash.
	[11:06]

	Add an API for alerting internal libc routines to the presence of
	"unsafe" paths post-chroot, and use it in ftpd. [11:07]

	Fix a buffer overflow in telnetd. [11:08]

	Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
	specified. [11:09]

	Add sanity checking of service names in pam_start. [11:10]

@


1.632.2.19.2.8
log
@SVN rev 229539 on 2012-01-04 23:47:20Z by cperciva

Extend the character set accepted by freebsd-update(8) in file
names in order to allow upgrades to FreeBSD 9.0-RELEASE.

Approved by:	so (cperciva)
Errata Notice:	FreeBSD-EN-12:01.freebsd-update
@
text
@a17 4
20120104:	p6	FreeBSD-EN-12:01.freebsd-update
	Extend the character set accepted by freebsd-update(8) in file
	names in order to allow upgrades to FreeBSD 9.0-RELEASE.

@


1.632.2.19.2.9
log
@SVN rev 234954 on 2012-05-03 15:25:11Z by bz

Fix multiple OpenSSL vulnerabilities.

Security:	CVE-2011-4576, CVE-2011-4619, CVE-2011-4109
Security:	CVE-2012-0884, CVE-2012-2110
Security:	FreeBSD-SA-12:01.openssl
Approved by:	so (bz,simon)
@
text
@a17 3
20120503:	p7	FreeBSD-SA-12:01.openssl
	Fix multiple OpenSSL vulnerabilities.

@


1.632.2.19.2.10
log
@SVN rev 236304 on 2012-05-30 12:01:28Z by bz

Update the previous openssl fix. [12:01]

Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

Security:	FreeBSD-SA-12:01.openssl (revised)
Security:	FreeBSD-SA-12:02.crypt
Approved by:	so (bz, simon)
@
text
@a17 6
20120530:	p8	FreeBSD-SA-12:01.openssl (revised),
			FreeBSD-SA-12:02.crypt
	Update the previous openssl fix. [12:01]

	Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

@


1.632.2.19.2.11
log
@SVN rev 236953 on 2012-06-12 12:10:10Z by bz

Fix a problem where zero-length RDATA fields can cause named(8) to crash.
[12:03]

Correct a privilege escalation when returning from kernel if
running FreeBSD/amd64 on non-AMD processors. [12:04]

Fix reference count errors in IPv6 code. [EN-12:02]

Security:	CVE-2012-1667
Security:	FreeBSD-SA-12:03.bind
Security:	CVE-2012-0217
Security:	FreeBSD-SA-12:04.sysret
Security:	FreeBSD-EN-12:02.ipv6refcount
Approved by:	so (simon, bz)
@
text
@a17 11
20120612:	p9	FreeBSD-SA-12:03.bind
			FreeBSD-SA-12:04.sysret
			FreeBSD-EN-12:02.ipv6refcount
	Fix a problem where zero-length RDATA fields can cause named to crash.
	[12:03]

	Correct a privilege escalation when returning from kernel if
	running FreeBSD/amd64 on non-AMD processors. [12:04]

	Fix reference count errors in IPv6 code. [EN-12:02]

@


1.632.2.19.2.12
log
@SVN rev 239108 on 2012-08-06 21:33:11Z by simon

Fix named(8) DNSSEC validation Denial of Service.

Security:	FreeBSD-SA-12:05.bind
Security:	CVE-2012-3817
Obtained from:	ISC
Approved by:	so (simon)
@
text
@a17 3
20120806:	p10	FreeBSD-SA-12:05.bind
	Fix named(8) DNSSEC validation Denial of Service.

@


1.632.2.14.2.1
log
@SVN rev 209145 on 2010-06-14 02:09:06Z by kensmith

Copy stable/8 to releng/8.1 in preparation for 8.1-RC1.

Approved by:	re (implicit)
@
text
@@


1.632.2.14.2.2
log
@SVN rev 209964 on 2010-07-13 02:45:17Z by cperciva

Correctly copy the M_RDONLY flag when duplicating a reference
to an mbuf external buffer.

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:07.mbuf
@
text
@a17 4
20100713:		FreeBSD-SA-10:07.mbuf
	Correctly copy the M_RDONLY flag when duplicating a reference
	to an mbuf external buffer.

@


1.632.2.14.2.3
log
@SVN rev 210186 on 2010-07-17 04:35:51Z by kensmith

Predict the date we'll be ready to announce 8.1-RELEASE.  While here
add the entry for 8.0-RELEASE which was added to releng/8.0/UPDATING
during the 8.0-RELEASE cycle but not to stable/8/UPDATING at that time.

Approved by:	re (implicit)
@
text
@a17 3
20100720:
	8.1-RELEASE.

a62 3
20091125:
	8.0-RELEASE.

@


1.632.2.14.2.4
log
@SVN rev 212901 on 2010-09-20 14:58:08Z by cperciva

Fix an integer overflow in RLE length parsing when decompressing
corrupt bzip2 data.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-10:08.bzip2
@
text
@a17 4
20100920:	p1	FreeBSD-SA-10:08.bzip2
	Fix an integer overflow in RLE length parsing when decompressing
	corrupt bzip2 data.

@


1.632.2.14.2.5
log
@SVN rev 216063 on 2010-11-29 20:43:06Z by simon

Fix a race condition exists in the OpenSSL TLS server extension code and
a double free in the SSL client ECDH handling code.

Approved by:	so (simon)
Security:	CVE-2010-2939, CVE-2010-3864
Security:	FreeBSD-SA-10:10.openssl
@
text
@a17 3
20101129:	p2	FreeBSD-SA-10:10.openssl
	Fix OpenSSL multiple vulnerabilities.

@


1.632.2.14.2.6
log
@SVN rev 220901 on 2011-04-20 21:00:24Z by cperciva

Fix CIDR parsing bug in mountd ACLs.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-11:01.mountd
@
text
@a17 3
20110420:	p3	FreeBSD-SA-11:01.mountd
	Fix CIDR parsing bug in mountd ACLs.

@


1.632.2.14.2.7
log
@SVN rev 222416 on 2011-05-28 08:44:39Z by simon

Fix an off by one which can result in a assertion failure in BIND
related to large RRSIG RRsets and Negative Caching. This can cause
named to crash.

Security:	FreeBSD-SA-11:02.bind
Security:	CVE-2011-1910
Security:	https://www.isc.org/software/bind/advisories/cve-2011-1910
Obtained from:	ISC
Approved by:	so (simon)
@
text
@a17 4
20110528:	p4	FreeBSD-SA-11:02.bind
	Fix BIND remote DoS with large RRSIG RRsets and negative
	caching.

@


1.632.2.14.2.8
log
@SVN rev 225827 on 2011-09-28 08:47:17Z by bz

Fix handling of corrupt compress(1)ed data. [11:04]

Add missing length checks on unix socket addresses. [11:05]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-11:04.compress
Security:	CVE-2011-2895 [11:04]
Security:	FreeBSD-SA-11:05.unix
@
text
@a17 5
20110928:	p5	FreeBSD-SA-11:04.compress, FreeBSD-SA-11:05.unix
	Fix handling of corrupt compress(1)ed data. [11:04]

	Add missing length checks on unix socket addresses. [11:05]

@


1.632.2.14.2.9
log
@SVN rev 226023 on 2011-10-04 19:07:38Z by cperciva

Fix a bug in UNIX socket handling in the linux emulator which was
exposed by the security fix in FreeBSD-SA-11:05.unix.

Approved by:	so (cperciva)
Approved by:	re (kib)
Security:	Related to FreeBSD-SA-11:05.unix, but not actually
		a security fix.
@
text
@a17 4
20111004:	p6	FreeBSD-SA-11:05.unix (revised)
	Fix a bug in UNIX socket handling in the linux emulator which was
	exposed by the security fix in FreeBSD-SA-11:05.unix.

@


1.632.2.14.2.10
log
@SVN rev 228843 on 2011-12-23 15:00:37Z by cperciva

Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06]

Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]

Fix a buffer overflow in telnetd. [11:08]

Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]

Add sanity checking of service names in pam_start. [11:10]

Approved by:    so (cperciva)
Approved by:    re (bz)
Security:       FreeBSD-SA-11:06.bind
Security:       FreeBSD-SA-11:07.chroot
Security:       FreeBSD-SA-11:08.telnetd
Security:       FreeBSD-SA-11:09.pam_ssh
Security:       FreeBSD-SA-11:10.pam
@
text
@a17 16
20111223:	p7	FreeBSD-SA-11:06.bind, FreeBSD-SA-11:07.chroot
			FreeBSD-SA-11:08.telnetd, FreeBSD-SA-11:09.pam_ssh
			FreeBSD-SA-11:10.pam
	Fix a problem whereby a corrupt DNS record can cause named to crash.
	[11:06]

	Add an API for alerting internal libc routines to the presence of
	"unsafe" paths post-chroot, and use it in ftpd. [11:07]

	Fix a buffer overflow in telnetd. [11:08]

	Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
	specified. [11:09]

	Add sanity checking of service names in pam_start. [11:10]

@


1.632.2.14.2.11
log
@SVN rev 229539 on 2012-01-04 23:47:20Z by cperciva

Extend the character set accepted by freebsd-update(8) in file
names in order to allow upgrades to FreeBSD 9.0-RELEASE.

Approved by:	so (cperciva)
Errata Notice:	FreeBSD-EN-12:01.freebsd-update
@
text
@a17 4
20120104:	p8	FreeBSD-EN-12:01.freebsd-update
	Extend the character set accepted by freebsd-update(8) in file
	names in order to allow upgrades to FreeBSD 9.0-RELEASE.

@


1.632.2.14.2.12
log
@SVN rev 234954 on 2012-05-03 15:25:11Z by bz

Fix multiple OpenSSL vulnerabilities.

Security:	CVE-2011-4576, CVE-2011-4619, CVE-2011-4109
Security:	CVE-2012-0884, CVE-2012-2110
Security:	FreeBSD-SA-12:01.openssl
Approved by:	so (bz,simon)
@
text
@a17 3
20120503:	p9	FreeBSD-SA-12:01.openssl
	Fix multiple OpenSSL vulnerabilities.

@


1.632.2.14.2.13
log
@SVN rev 236304 on 2012-05-30 12:01:28Z by bz

Update the previous openssl fix. [12:01]

Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

Security:	FreeBSD-SA-12:01.openssl (revised)
Security:	FreeBSD-SA-12:02.crypt
Approved by:	so (bz, simon)
@
text
@a17 6
20120530:	p10	FreeBSD-SA-12:01.openssl (revised),
			FreeBSD-SA-12:02.crypt
	Update the previous openssl fix. [12:01]

	Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

@


1.632.2.14.2.14
log
@SVN rev 236953 on 2012-06-12 12:10:10Z by bz

Fix a problem where zero-length RDATA fields can cause named(8) to crash.
[12:03]

Correct a privilege escalation when returning from kernel if
running FreeBSD/amd64 on non-AMD processors. [12:04]

Fix reference count errors in IPv6 code. [EN-12:02]

Security:	CVE-2012-1667
Security:	FreeBSD-SA-12:03.bind
Security:	CVE-2012-0217
Security:	FreeBSD-SA-12:04.sysret
Security:	FreeBSD-EN-12:02.ipv6refcount
Approved by:	so (simon, bz)
@
text
@a17 11
20120612:	p11	FreeBSD-SA-12:03.bind
			FreeBSD-SA-12:04.sysret
			FreeBSD-EN-12:02.ipv6refcount
	Fix a problem where zero-length RDATA fields can cause named to crash.
	[12:03]

	Correct a privilege escalation when returning from kernel if
	running FreeBSD/amd64 on non-AMD processors. [12:04]

	Fix reference count errors in IPv6 code. [EN-12:02]

@


1.632.2.14.2.15
log
@SVN rev 237242 on 2012-06-18 21:00:54Z by simon

Add UPDATING and newvers.sh information for the FreeBSD-SA-12:04.sysret
correction.

Approved by:	so (simon)
@
text
@a17 4

20120618:	p12	FreeBSD-SA-12:04.sysret
	Correct patch for FreeBSD-SA-12:04.sysret.

@


1.632.2.14.2.16
log
@SVN rev 239108 on 2012-08-06 21:33:11Z by simon

Fix named(8) DNSSEC validation Denial of Service.

Security:	FreeBSD-SA-12:05.bind
Security:	CVE-2012-3817
Obtained from:	ISC
Approved by:	so (simon)
@
text
@a18 3
20120806:	p13	FreeBSD-SA-12:05.bind
	Fix named(8) DNSSEC validation Denial of Service.

@


1.632.2.7.2.1
log
@SVN rev 198460 on 2009-10-25 01:10:29Z by kensmith

Copy stable/8 to releng/8.0 as part of 8.0-RELEASE release procedure.

Approved by:	re (implicit)
@
text
@@


1.632.2.7.2.2
log
@SVN rev 198606 on 2009-10-29 15:42:50Z by mav

MFC rev. 198480, 198483:
Document new modularised ATA kernel modules and options.

PR:             kern/133162, amd64/139859
Approved by:    re (kib)
@
text
@a568 9
20081009:
	atapci kernel module now includes only generic PCI ATA
	driver. AHCI driver moved to ataahci kernel module.
	All vendor-specific code moved into separate kernel modules:
	ataacard, ataacerlabs, ataadaptec, ataamd, ataati, atacenatek,
	atacypress, atacyrix, atahighpoint, ataintel, ataite, atajmicron,
	atamarvell, atamicron, atanational, atanetcell, atanvidia,
	atapromise, ataserverworks, atasiliconimage, atasis, atavia

@


1.632.2.7.2.3
log
@SVN rev 199595 on 2009-11-20 16:00:40Z by kensmith

Predict when 8.0-RELEASE will be announced.

Approved by:	re (implicit)
@
text
@a17 3
20091125:
	8.0-RELEASE.

@


1.632.2.7.2.4
log
@SVN rev 200054 on 2009-12-03 09:18:40Z by cperciva

Disable SSL renegotiation in order to protect against a serious
protocol flaw. [09:15]

Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]

Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:15.ssl
Security:	FreeBSD-SA-09:16.rtld
Security:	FreeBSD-SA-09:17.freebsd-udpate
@
text
@a17 11
20091203:	p1	FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:16.rtld,
			FreeBSD-SA-09:17.freebsd-update
	Disable SSL renegotiation in order to protect against a serious
	protocol flaw. [09:15]

	Correctly handle failures from unsetenv resulting from a corrupt
	environment in rtld-elf. [09:16]

	Fix permissions in freebsd-update in order to prevent leakage of
	sensitive files. [09:17]

@


1.632.2.7.2.5
log
@SVN rev 201679 on 2010-01-06 21:45:30Z by simon

Fix BIND named(8) cache poisoning with DNSSEC validation.
[SA-10:01]

Fix ntpd mode 7 denial of service. [SA-10:02]

Fix ZFS ZIL playback with insecure permissions. [SA-10:03]

Various FreeBSD 8.0-RELEASE improvements. [EN-10:01]

Security:	FreeBSD-SA-10:01.bind
Security:	FreeBSD-SA-10:02.ntpd
Security:	FreeBSD-SA-10:03.zfs
Errata:		FreeBSD-EN-10:01.freebsd
Approved by:	so (simon)
@
text
@a17 11
20100106:	p2	FreeBSD-SA-10:01.bind, FreeBSD-SA-10:02.ntpd,
			FreeBSD-SA-10:03.zfs, FreeBSD-EN-10:01.freebsd
	Fix BIND named(8) cache poisoning with DNSSEC validation.
	[SA-10:01]

	Fix ntpd mode 7 denial of service. [SA-10:02]

	Fix ZFS ZIL playback with insecure permissions. [SA-10:03]

	Various FreeBSD 8.0-RELEASE improvements. [EN-10:01]

@


1.632.2.7.2.6
log
@SVN rev 208586 on 2010-05-27 03:15:04Z by cperciva

Change the current working directory to be inside the jail created by
the jail(8) command. [10:04]

Fix a one-NUL-byte buffer overflow in libopie. [10:05]

Correctly sanity-check a buffer length in nfs mount. [10:06]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:04.jail
Security:	FreeBSD-SA-10:05.opie
Security:	FreeBSD-SA-10:06.nfsclient
@
text
@a17 9
20100526:	p3	FreeBSD-SA-10:04.jail, FreeBSD-SA-10:05.opie,
			FreeBSD-SA-10:06.nfsclient
	Change the current working directory to be inside the jail created by
	the jail(8) command. [10:04]

	Fix a one-NUL-byte buffer overflow in libopie. [10:05]

	Correctly sanity-check a buffer length in nfs mount. [10:06]

@


1.632.2.7.2.7
log
@SVN rev 209964 on 2010-07-13 02:45:17Z by cperciva

Correctly copy the M_RDONLY flag when duplicating a reference
to an mbuf external buffer.

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:07.mbuf
@
text
@a17 4
20100713:	p4	FreeBSD-SA-10:07.mbuf
	Correctly copy the M_RDONLY flag when duplicating a reference
	to an mbuf external buffer.

@


1.632.2.7.2.8
log
@SVN rev 212901 on 2010-09-20 14:58:08Z by cperciva

Fix an integer overflow in RLE length parsing when decompressing
corrupt bzip2 data.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-10:08.bzip2
@
text
@a17 4
20100920:	p5	FreeBSD-SA-10:08.bzip2
	Fix an integer overflow in RLE length parsing when decompressing
	corrupt bzip2 data.

@


1.632.2.7.2.9
log
@SVN rev 216063 on 2010-11-29 20:43:06Z by simon

Fix a race condition exists in the OpenSSL TLS server extension code and
a double free in the SSL client ECDH handling code.

Approved by:	so (simon)
Security:	CVE-2010-2939, CVE-2010-3864
Security:	FreeBSD-SA-10:10.openssl
@
text
@a17 3
20101129:	p6	FreeBSD-SA-10:10.openssl
	Fix OpenSSL multiple vulnerabilities.

@


1.631
log
@SVN rev 195767 on 2009-07-19 17:25:24Z by kensmith

Bump the version of all non-symbol-versioned shared libraries in
preparation for 8.0-RELEASE.  Add the previous version of those
libraries to ObsoleteFiles.inc and bump __FreeBSD_Version.

Reviewed by:    kib
Approved by:    re (rwatson)
@
text
@d68 3
a70 3
	been changed.  As a result, the COMPAT_FREEBSD[456] kernel
	options now all require COMPAT_FREEBSD7.  Bump __FreeBSD_version
	to 800100.
@


1.630
log
@SVN rev 195699 on 2009-07-14 22:48:30Z by rwatson

Build on Jeff Roberson's linker-set based dynamic per-CPU allocator
(DPCPU), as suggested by Peter Wemm, and implement a new per-virtual
network stack memory allocator.  Modify vnet to use the allocator
instead of monolithic global container structures (vinet, ...).  This
change solves many binary compatibility problems associated with
VIMAGE, and restores ELF symbols for virtualized global variables.

Each virtualized global variable exists as a "reference copy", and also
once per virtual network stack.  Virtualized global variables are
tagged at compile-time, placing the in a special linker set, which is
loaded into a contiguous region of kernel memory.  Virtualized global
variables in the base kernel are linked as normal, but those in modules
are copied and relocated to a reserved portion of the kernel's vnet
region with the help of a the kernel linker.

Virtualized global variables exist in per-vnet memory set up when the
network stack instance is created, and are initialized statically from
the reference copy.  Run-time access occurs via an accessor macro, which
converts from the current vnet and requested symbol to a per-vnet
address.  When "options VIMAGE" is not compiled into the kernel, normal
global ELF symbols will be used instead and indirection is avoided.

This change restores static initialization for network stack global
variables, restores support for non-global symbols and types, eliminates
the need for many subsystem constructors, eliminates large per-subsystem
structures that caused many binary compatibility issues both for
monitoring applications (netstat) and kernel modules, removes the
per-function INIT_VNET_*() macros throughout the stack, eliminates the
need for vnet_symmap ksym(2) munging, and eliminates duplicate
definitions of virtualized globals under VIMAGE_GLOBALS.

Bump __FreeBSD_version and update UPDATING.

Portions submitted by:  bz
Reviewed by:            bz, zec
Discussed with:         gnn, jamie, jeff, jhb, julian, sam
Suggested by:           peter
Approved by:            re (kensmith)
@
text
@d25 5
@


1.629
log
@SVN rev 195654 on 2009-07-13 11:51:02Z by lstewart

Replace struct tcpopt with a proxy toeopt struct in the TOE driver interface to
the TCP syncache. This returns struct tcpopt to being private within the TCP
implementation, thus allowing it to be modified without ABI concerns.

The patch breaks the ABI. Bump __FreeBSD_version to 800103 accordingly. The cxgb
driver is the only TOE consumer affected by this change, and needs to be
recompiled along with the kernel.

Suggested by:	rwatson
Reviewed by:	rwatson, kmacy
Approved by:	re (kensmith), kensmith (mentor temporarily unavailable)
@
text
@d25 5
@


1.628
log
@SVN rev 195634 on 2009-07-12 09:14:28Z by lstewart

Pad the following TCP related structs to allow MFCs of upcoming features/fixes
back to the 8 branch:

tcp_var.h
- struct sackhint
- struct tcpcb
- struct tcpstat

The patch breaks the ABI. Bump __FreeBSD_version to 800102 accordingly. User
space tools that rely on the size of any of these structs (e.g. sockstat) need
to be recompiled.

Reviewed by:	rpaulo, sam, andre, rwatson
Approved by:	re & mentor (gnn)
@
text
@d25 7
@


1.627
log
@SVN rev 195251 on 2009-07-01 18:12:50Z by dfr

Clarify the node about removing NFS_LEGACYRPC

Approved by: re
@
text
@d25 7
@


1.626
log
@SVN rev 195229 on 2009-07-01 07:35:57Z by dfr

Add an entry documenting removal of the NFS_LEGACYRPC option.

Submitted by: Steve Kargl
Approved by: re
@
text
@d26 3
a28 2
	Remove the old kernel RPC implementation and the NFS_LEGACYRPC
	option.  Kernel configurations may need to be adjusted.
@


1.625
log
@SVN rev 195175 on 2009-06-29 19:46:29Z by brooks

Remove support for the /dev/net/* per-interface devices.  They serve
little purpose and are unused in the base system.

The IOCTL functionality is entirely duplicated and routing sockets
provide a richer interface than the kqueue functionality.

Further, it is not practical for these devices to be made sensible in
the face of VIMAGE.

Bump __FreeBSD_version on the off chance that there is any code out
there that actually uses this stuff.

Reviewed by:	rwatson
Discussed with:	bz, zec
Approved by:	re@@ (kensmith)
@
text
@d25 4
@


1.624
log
@SVN rev 195132 on 2009-06-28 08:59:46Z by blackend

- release/* update to use freebsd-doc-* packages instead of building
  FreeBSD docset during 'make release' this will speed up release
  builds;
- sysinstall(8) has also been updated to use these packages with a new
  menu allowing people to choose what localized doc to install;
- mention in UPDATING that docs from the FreeBSD Documentation project
  are now installed in /usr/local/share/doc/freebsd instead of
  /usr/share/doc.

Approved by:	re (kensmith)
@
text
@d25 6
@


1.623
log
@SVN rev 195064 on 2009-06-26 17:50:52Z by jhb

Note that as a result of the SYSV IPC changes, COMPAT_FREEBSD[456] now
require COMPAT_FREEBSD7.  Also, explicitly note in NOTES that any version
of COMPAT_FREEBSD<n> effectively requires for newer binaries (i.e.
COMPAT_FREEBSD<n+1>, etc.).  While this has been true in practice
previously, it used to compile ok before the commit earlier this week.

Discussed with:	peter
Approved by:	re (kensmith)
@
text
@d25 6
@


1.622
log
@SVN rev 195028 on 2009-06-26 01:10:10Z by dougb

Revert the entry about pf and ipfw starting before netif
@
text
@d25 6
@


1.621
log
@SVN rev 194640 on 2009-06-22 17:48:16Z by bz

Move virtualization of routing related variables into their own
Vimage module, which had been there already but now is stateful.

All variables are now file local; so this further limits the global
spreading of routing related things throughout the kernel.

Add a missing function local variable in case of MPATHing.

Reviewed by:	zec
@
text
@a82 6
20090531:
	For those who use ipfw and especially pf, those two firewalls
	are now started BEFORE the network is initialized (i.e., before
	rc.d/netif). Please review your rules to make sure that your
	interfaces will be properly described.

@


1.620
log
@SVN rev 194498 on 2009-06-19 17:10:35Z by brooks

Rework the credential code to support larger values of NGROUPS and
NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024
and 1023 respectively.  (Previously they were equal, but under a close
reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it
is the number of supplemental groups, not total number of groups.)

The bulk of the change consists of converting the struct ucred member
cr_groups from a static array to a pointer.  Do the equivalent in
kinfo_proc.

Introduce new interfaces crcopysafe() and crsetgroups() for duplicating
a process credential before modifying it and for setting group lists
respectively.  Both interfaces take care for the details of allocating
groups array. crsetgroups() takes care of truncating the group list
to the current maximum (NGROUPS) if necessary.  In the future,
crsetgroups() may be responsible for insuring invariants such as sorting
the supplemental groups to allow groupmember() to be implemented as a
binary search.

Because we can not change struct xucred without breaking application
ABIs, we leave it alone and introduce a new XU_NGROUPS value which is
always 16 and is to be used or NGRPS as appropriate for things such as
NFS which need to use no more than 16 groups.  When feasible, truncate
the group list rather than generating an error.

Minor changes:
  - Reduce the number of hand rolled versions of groupmember().
  - Do not assign to both cr_gid and cr_groups[0].
  - Modify ipfw to cache ucreds instead of part of their contents since
    they are immutable once referenced by more than one entity.

Submitted by:	Isilon Systems (initial implementation)
X-MFC after:	never
PR:		bin/113398 kern/133867
@
text
@d25 5
@


1.619
log
@SVN rev 194317 on 2009-06-17 01:55:42Z by attilio

Introduce support for adaptive spinning in lockmgr.
Actually, as it did receive few tuning, the support is disabled by
default, but it can opt-in with the option ADAPTIVE_LOCKMGRS.
Due to the nature of lockmgrs, adaptive spinning needs to be
selectively enabled for any interested lockmgr.
The support is bi-directional, or, in other ways, it will work in both
cases if the lock is held in read or write way.  In particular, the
read path is passible of further tunning using the sysctls
debug.lockmgr.retries and debug.lockmgr.loops .  Ideally, such sysctls
should be axed or compiled out before release.

Addictionally note that adaptive spinning doesn't cope well with
LK_SLEEPFAIL.  The reason is that many (and probabilly all) consumers
of LK_SLEEPFAIL are mainly interested in knowing if the interlock was
dropped or not in order to reacquire it and re-test initial conditions.
This directly interacts with adaptive spinning because lockmgr needs
to drop the interlock while spinning in order to avoid a deadlock
(further details in the comments inside the patch).

Final note: finding someone willing to help on tuning this with
relevant workloads would be either very important and appreciated.

Tested by:	jeff, pho
Requested by:	many
@
text
@d25 17
@


1.618
log
@SVN rev 194137 on 2009-06-13 23:44:56Z by sam

note abi change for IEEE80211_IOC_STA_INFO
@
text
@d25 7
@


1.617
log
@SVN rev 194012 on 2009-06-11 16:50:49Z by zec

Introduce a mechanism for detecting calls from outbound path of the
network stack when reentering the inbound path from netgraph, and
force queueing of mbufs at the outbound netgraph node.

The mechanism relies on two components.  First, in netgraph nodes
where outbound path of the network stack calls into netgraph, the
current thread has to be appropriately marked using the new
NG_OUTBOUND_THREAD_REF() macro before proceeding to call further
into the netgraph topology, and unmarked using the
NG_OUTBOUND_THREAD_UNREF() macro before returning to the caller.
Second, netgraph nodes which can potentially reenter the network
stack in the inbound path have to mark their inbound hooks using
NG_HOOK_SET_TO_INBOUND() macro.  The netgraph framework will then
detect when there is a danger of a call graph looping back from
outbound to inbound path via netgraph, and defer handing off the
mbufs to the "inbound" node to a worker thread with a clean stack.

In this first pass only the most obvious netgraph nodes have been
updated to ensure no outbound to inbound calls can occur.  Nodes
such as ng_ipfw, ng_gif etc. should be further examined whether a
potential for outbound to inbound call looping exists.

This commit changes the layout of struct thread, but due to
__FreeBSD_version number shortage a version bump has been omitted
at this time, nevertheless kernel and modules have to be rebuilt.

Reviewed by:	julian, rwatson, bz
Approved by:	julian (mentor)
@
text
@d25 5
@


1.616
log
@SVN rev 193731 on 2009-06-08 17:15:40Z by zec

Introduce an infrastructure for dismantling vnet instances.

Vnet modules and protocol domains may now register destructor
functions to clean up and release per-module state.  The destructor
mechanisms can be triggered by invoking "vimage -d", or a future
equivalent command which will be provided via the new jail framework.

While this patch introduces numerous placeholder destructor functions,
many of those are currently incomplete, thus leaking memory or (even
worse) failing to stop all running timers.  Many of such issues are
already known and will be incrementaly fixed over the next weeks in
smaller incremental commits.

Apart from introducing new fields in structs ifnet, domain, protosw
and vnet_net, which requires the kernel and modules to be rebuilt, this
change should have no impact on nooptions VIMAGE builds, since vnet
destructors can only be called in VIMAGE kernels.  Moreover,
destructor functions should be in general compiled in only in
options VIMAGE builds, except for kernel modules which can be safely
kldunloaded at run time.

Bump __FreeBSD_version to 800097.
Reviewed by:	bz, julian
Approved by:	rwatson, kib (re), julian (mentor)
@
text
@d25 4
@


1.615
log
@SVN rev 193308 on 2009-06-02 13:44:36Z by ed

Remove window(1) from the base system.

Some time ago Tom Rhodes sent me an email that he was willing to perform
various cleanups to the window(1) source code. After some discussion, we
both decided the best thing to do, was to move window(1) to the ports
tree. The application isn't used a lot nowadays, mainly because it has
been superseeded by screen, tmux, etc.

A couple of hours ago Tom committed window(1) to ports (misc/window), so
I'm removing it from the tree. I don't think people will really miss it,
but I'm describing the change in UPDATING anyway.

Discussed with:	trhodes, pav, kib
Approved by:	re
@
text
@d25 5
@


1.614
log
@SVN rev 193285 on 2009-06-01 22:47:59Z by dougb

Add a note about the change to rcorder for pf and ipfw.
@
text
@d25 4
@


1.613
log
@SVN rev 193241 on 2009-06-01 18:07:38Z by bz

Decrement __FreeBSD_version again to 96 as we are runing out of digits
and want to be conservative - so not more than one version bump per day.

Discussed with:	jhb, kensmith
@
text
@d36 6
@


1.612
log
@SVN rev 193233 on 2009-06-01 16:00:36Z by rwatson

Update UPDATING for NETISR2 merge, fix a typo in another UPDATING entry.
@
text
@a28 1
	Bump __FreeBSD_version to 800097.
@


1.611
log
@SVN rev 193232 on 2009-06-01 15:49:42Z by bz

Convert the two dimensional array to be malloced and introduce
an accessor function to get the correct rnh pointer back.

Update netstat to get the correct pointer using kvm_read()
as well.

This not only fixes the ABI problem depending on the kernel
option but also permits the tunable to overwrite the kernel
option at boot time up to MAXFIBS, enlarging the number of
FIBs without having to recompile. So people could just use
GENERIC now.

Reviewed by:	julian, rwatson, zec
X-MFC:		not possible
@
text
@d26 1
a26 1
	The way we are storing and accessing `routeing table' entries
d31 6
@


1.610
log
@SVN rev 193138 on 2009-05-30 23:52:23Z by attilio

Remove the now invalid (and possibly unused) debug.mpsafevfs
sysctl/tunable.

Reviewed by:	emaste
Sponsored by:	Sandvine Incorporated
@
text
@d25 6
@


1.609
log
@SVN rev 193093 on 2009-05-30 14:01:01Z by trasz

Bump __FreeBSD_version after addition of VOP_ACCESSX(9).
@
text
@d26 4
@


1.608
log
@SVN rev 193055 on 2009-05-29 19:45:39Z by maxim

o Add missed quotation mark.
@
text
@d25 4
@


1.607
log
@SVN rev 193047 on 2009-05-29 18:50:27Z by trasz

Update __FreeBSD_version after addition of mnt_xflag.  Add a note
to UPDATING.
@
text
@d26 1
a26 1
	Add mnt_xflag field to 'struct mount.  File system modules
@


1.606
log
@SVN rev 193011 on 2009-05-29 01:49:27Z by attilio

Reverse the logic for ADAPTIVE_SX option and enable it by default.
Introduce for this operation the reverse NO_ADAPTIVE_SX option.
The flag SX_ADAPTIVESPIN to be passed to sx_init_flags(9) gets suppressed
and the new flag, offering the reversed logic, SX_NOADAPTIVE is added.

Additively implements adaptive spininning for sx held in shared mode.
The spinning limit can be handled through sysctls in order to be tuned
while the code doesn't reach the release, after which time they should
be dropped probabilly.

This change has made been necessary by recent benchmarks where it does
improve concurrency of workloads in presence of high contention
(ie. ZFS).

KPI breakage is documented by __FreeBSD_version bumping, manpage and
UPDATING updates.

Requested by:	jeff, kmacy
Reviewed by:	jeff
Tested by:	pho
@
text
@d25 5
@


1.605
log
@SVN rev 192895 on 2009-05-27 14:11:23Z by jamie

Add hierarchical jails.  A jail may further virtualize its environment
by creating a child jail, which is visible to that jail and to any
parent jails.  Child jails may be restricted more than their parents,
but never less.  Jail names reflect this hierarchy, being MIB-style
dot-separated strings.

Every thread now points to a jail, the default being prison0, which
contains information about the physical system.  Prison0's root
directory is the same as rootvnode; its hostname is the same as the
global hostname, and its securelevel replaces the global securelevel.
Note that the variable "securelevel" has actually gone away, which
should not cause any problems for code that properly uses
securelevel_gt() and securelevel_ge().

Some jail-related permissions that were kept in global variables and
set via sysctls are now per-jail settings.  The sysctls still exist for
backward compatibility, used only by the now-deprecated jail(2) system
call.

Approved by:	bz (mentor)
@
text
@d25 8
@


1.604
log
@SVN rev 192669 on 2009-05-23 21:43:44Z by zec

V_irtualize the if_clone framework, thus allowing for clonable ifnets
to optionally have overlapping unit numbers if attached in different
vnets.

At this stage if_loop is the only clonable ifnet class that has been
extended to allow for such overlapping allocation of unit numbers, i.e.
in each vnet it is possible to have a lo0 interface.  Other clonable ifnet
classes remain to operate with traditional semantics, i.e. each instance
of a clonable ifnet will be assigned a globally unique unit number,
regardless in which vnet such an ifnet becomes instantiated.

While here, garbage collect unused _lo_list field in struct vnet_net,
as well as improve indentation for #defines in sys/net/vnet.h.

The layout of struct vnet_net has changed, therefore bump
__FreeBSD_version.

This change has no functional impact on nooptions VIMAGE kernel builds.

Reviewed by:	bz, brooks
Approved by:	julian (mentor)
@
text
@d25 4
@


1.603
log
@SVN rev 192631 on 2009-05-23 09:24:07Z by joel

Fix minor typo.
@
text
@d26 5
@


1.602
log
@SVN rev 192629 on 2009-05-23 08:49:55Z by edwin

Rework the text for the import of zic(8) at 20090523.
Suggested by Niclas Zeising (and he was absolutely right on it!)
@
text
@d282 1
a282 1
	wrong for large segments. Note that limits must be explicitely
@


1.601
log
@SVN rev 192625 on 2009-05-23 06:31:50Z by edwin

MFV of tzcode2009e:

Upgrade of the tzcode from 2004a to 2009e.

Changes are numerous, but include...

- New format of the output of zic, which supports both 32 and 64
  bit time_t formats.

- zdump on 64 bit platforms will actually produce some output instead
  of doing nothing for a looooooooong time.

- linux_base-fX, with X >= at least 8, will work without problems related
  to the local time again.

The original patch, based on the 2008e, has been running for a long
time on both my laptop and desktop machine and have been tested by
other people.

After the installation of this code and the running of zic(8), you
need to run tzsetup(8) again to install the new datafile.

Approved by:	wollman@@ for usr.sbin/zic
MFC after:	1 month
@
text
@d27 2
a28 1
	output. Please run tzsetup(8) to install a newly /etc/localtime.
@


1.600
log
@SVN rev 192502 on 2009-05-21 01:48:42Z by thompsa

Rename the usb sysctl tree from hw.usb2.* back to hw.usb.*.

Submitted by:	Hans Petter Selasky
@
text
@d25 4
@


1.599
log
@SVN rev 192470 on 2009-05-20 20:05:56Z by sam

bump for net80211 monitor mode changes
@
text
@d26 4
@


1.598
log
@SVN rev 191688 on 2009-04-30 13:36:26Z by zec

Permit buiding kernels with options VIMAGE, restricted to only a single
active network stack instance.  Turning on options VIMAGE at compile
time yields the following changes relative to default kernel build:

1) V_ accessor macros for virtualized variables resolve to structure
fields via base pointers, instead of being resolved as fields in global
structs or plain global variables.  As an example, V_ifnet becomes:

    options VIMAGE:          ((struct vnet_net *) vnet_net)->_ifnet
    default build:           vnet_net_0._ifnet
    options VIMAGE_GLOBALS:  ifnet

2) INIT_VNET_* macros will declare and set up base pointers to be used
by V_ accessor macros, instead of resolving to whitespace:

    INIT_VNET_NET(ifp->if_vnet); becomes

    struct vnet_net *vnet_net = (ifp->if_vnet)->mod_data[VNET_MOD_NET];

3) Memory for vnet modules registered via vnet_mod_register() is now
allocated at run time in sys/kern/kern_vimage.c, instead of per vnet
module structs being declared as globals.  If required, vnet modules
can now request the framework to provide them with allocated bzeroed
memory by filling in the vmi_size field in their vmi_modinfo structures.

4) structs socket, ifnet, inpcbinfo, tcpcb and syncache_head are
extended to hold a pointer to the parent vnet.  options VIMAGE builds
will fill in those fields as required.

5) curvnet is introduced as a new global variable in options VIMAGE
builds, always pointing to the default and only struct vnet.

6) struct sysctl_oid has been extended with additional two fields to
store major and minor virtualization module identifiers, oid_v_subs and
oid_v_mod.  SYSCTL_V_* family of macros will fill in those fields
accordingly, and store the offset in the appropriate vnet container
struct in oid_arg1.
In sysctl handlers dealing with virtualized sysctls, the
SYSCTL_RESOLVE_V_ARG1() macro will compute the address of the target
variable and make it available in arg1 variable for further processing.

Unused fields in structs vnet_inet, vnet_inet6 and vnet_ipfw have
been deleted.

Reviewed by:	bz, rwatson
Approved by:	julian (mentor)
@
text
@d25 8
@


1.597
log
@SVN rev 191672 on 2009-04-29 19:19:13Z by bms

Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit:
import from p4 bms_netdev.  Summary of changes:

 * Connect netinet6/in6_mcast.c to build.
   The legacy KAME KPIs are mostly preserved.
 * Eliminate now dead code from ip6_output.c.
   Don't do mbuf bingo, we are not going to do RFC 2292 style
   CMSG tricks for multicast options as they are not required
   by any current IPv6 normative reference.
 * Refactor transports (UDP, raw_ip6) to do own mcast filtering.
   SCTP, TCP unaffected by this change.
 * Add ip6_msource, in6_msource structs to in6_var.h.
 * Hookup mld_ifinfo state to in6_ifextra, allocate from
   domifattach path.
 * Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
   Kernel consumers which need this should use in6m_lookup().
 * Refactor IPv6 socket group memberships to use a vector (like IPv4).
 * Update ifmcstat(8) for IPv6 SSM.
 * Add witness lock order for IN6_MULTI_LOCK.
 * Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
 * Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
 * Update carp(4) for new IPv6 SSM KPIs.
 * Virtualize ip6_mrouter socket.
   Changes mostly localized to IPv6 MROUTING.
 * Don't do a local group lookup in MROUTING.
 * Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
 * Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
 * Bump __FreeBSD_version to 800084.
 * Update UPDATING.

NOTE WELL:
 * This code hasn't been tested against real MLDv2 queriers
   (yet), although the on-wire protocol has been verified in Wireshark.
 * There are a few unresolved issues in the socket layer APIs to
   do with scope ID propagation.
 * There is a LOR present in ip6_output()'s use of
   in6_setscope() which needs to be resolved. See comments in mld6.c.
   This is believed to be benign and can't be avoided for the moment
   without re-introducing an indirect netisr.

This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
@
text
@d25 8
@


1.596
log
@SVN rev 191467 on 2009-04-24 15:38:13Z by delphij

Some minor formatting changes to make new text match old style.
@
text
@d25 86
@


1.595
log
@SVN rev 191464 on 2009-04-24 11:34:59Z by garga

- Add a single line separating two 20090415 entries

Approved by:	brueffer
@
text
@d36 1
a36 1
	Anticipate overflowing inp_flags - add inp_flags2. 
d38 1
a38 1
	state will require a world rebuild. 
d40 1
d43 1
a43 1
	embedding a struct route will need to be recompiled. 
d49 1
a49 1
	The route command now supports show as an alias for get, weighting 
d73 1
a73 1
	
d82 1
a82 1
	
@


1.594
log
@SVN rev 191457 on 2009-04-24 09:58:50Z by rwatson

Add UPDATING note about change to struct malloc_type -- following several
reports of panics, remind readers that rebuilding kernel modules between
kernel upgrades in HEAD is a good idea.
@
text
@d52 1
@


1.593
log
@SVN rev 191389 on 2009-04-22 15:54:27Z by emax

Bump __FreeBSD_version. Add UPDATING entry about low-level Bluetooth HCI API.
@
text
@d25 1
a25 1
20090422
d29 6
@


1.592
log
@SVN rev 191126 on 2009-04-15 22:09:42Z by kmacy

- add second flags field to to inpcb
- update comments in vflag
@
text
@d25 4
@


1.591
log
@SVN rev 191117 on 2009-04-15 20:34:19Z by kmacy

add an llentry to struct route{_in6} to allow it to be passed around with
the rtentry
@
text
@d26 5
@


1.590
log
@SVN rev 191080 on 2009-04-14 23:05:36Z by kmacy

Extend route command:
	- add show as alias for get
	- add weights to allow mpath to do more than equal cost
	- add sticky / nostick to disable / re-enable per-connection load balancing

This adds a field to rt_metrics_lite so network bits of world will need to be re-built.

Reviewed by:	jeli & qingli
@
text
@d25 5
@


1.589
log
@SVN rev 190974 on 2009-04-12 19:42:25Z by emax

Add entry about kbdmux(4) un-locking.
@
text
@d25 7
@


1.588
log
@SVN rev 190852 on 2009-04-08 18:30:42Z by zec

A belated note on layout change of certain V_ containers.

Approved by:	julian (mentor)
@
text
@d25 10
@


1.587
log
@SVN rev 190192 on 2009-03-20 23:13:32Z by ivoras

Separate the GEOM_PART entry into paragraphs with differences from old
slicers. Add more notes.

Reviewed by:	marcel (implicit)
Approved by:	gnn (mentor) (implicit)
@
text
@d25 5
@


1.586
log
@SVN rev 190182 on 2009-03-20 21:51:27Z by ivoras

Note that GEOM_PART is on by default in 8-CURRENT and how it's different
from older slices.

OKed by:	marcel
Approved by:	gnn (mentor)
@
text
@d28 17
a44 5
	introduces some changes: the devices created from MSDOS extended
	partition entries (EBR) can be named differently than with GEOM_MBR
	and are now symlinks to	devices with offset-based names, and kernel
	dumps are now not allowed to be written to devices whose partition
	types indicate they are meant to be used for file systems.
@


1.585
log
@SVN rev 190100 on 2009-03-19 20:33:26Z by thompsa

Remove the uscanner(4) driver, this follows the removal of the kernel scanner
driver in Linux 2.6. uscanner was just a simple wrapper around a fifo and
contained no logic, the default interface is now libusb (supported by sane).

Reviewed by:	HPS
@
text
@d25 9
@


1.584
log
@SVN rev 190012 on 2009-03-19 01:43:03Z by bms

Introduce a number of changes to the MROUTING code.
This is purely a forwarding plane cleanup; no control plane
code is involved.

Summary:
 * Split IPv4 and IPv6 MROUTING support. The static compile-time
   kernel option remains the same, however, the modules may now
   be built for IPv4 and IPv6 separately as ip_mroute_mod and
   ip6_mroute_mod.
 * Clean up the IPv4 multicast forwarding code to use BSD queue
   and hash table constructs. Don't build our own timer abstractions
   when ratecheck() and timevalclear() etc will do.
 * Expose the multicast forwarding cache (MFC) and virtual interface
   table (VIF) as sysctls, to reduce netstat's dependence on libkvm
   for this information for running kernels.
   * bandwidth meters however still require libkvm.
 * Make the MFC hash table size a boot/load-time tunable ULONG,
   net.inet.ip.mfchashsize (defaults to 256).
 * Remove unused members from struct vif and struct mfc.
 * Kill RSVP support, as no current RSVP implementation uses it.
   These stubs could be moved to raw_ip.c.
 * Don't share locks or initialization between IPv4 and IPv6.
 * Don't use a static struct route_in6 in ip6_mroute.c.
   The v6 code is still using a cached struct route_in6, this is
   moved to mif6 for the time being.
 * More cleanup remains to be merged from ip_mroute.c to ip6_mroute.c.

v4 path tested using ports/net/mcast-tools.
v6 changes are mostly mechanical locking and *have not* been tested.
As these changes partially break some kernel ABIs, they will not
be MFCed. There is a lot more work to be done here.

Reviewed by:	Pavlin Radoslavov
@
text
@d26 5
@


1.583
log
@SVN rev 189854 on 2009-03-15 16:12:50Z by rwatson

Mention specifically in UPDATING that non-MPSAFE device drivers are no
longer supported.
@
text
@d25 7
@


1.582
log
@SVN rev 189772 on 2009-03-13 16:40:56Z by gabor

- Add an entry about enabling libc NLS support
@
text
@d25 7
@


1.581
log
@SVN rev 189770 on 2009-03-13 16:30:33Z by rpaulo

Mention k8temp -> amdtemp rename.

MFC after:	2 weeks
@
text
@d26 6
@


1.580
log
@SVN rev 189602 on 2009-03-09 22:43:00Z by thompsa

Fix spelling.
@
text
@d25 4
@


1.579
log
@SVN rev 189601 on 2009-03-09 22:42:01Z by thompsa

Update 20090309 to say that libmap.conf entries for libusb are no longer needed.
@
text
@d70 1
a70 1
	libsub are no longer required and can be removed.
@


1.578
log
@SVN rev 189597 on 2009-03-09 19:56:37Z by stas

- Fix a typo.

Spotted by:	Steve Kargl <sgk@@troutmask.apl.washington.edu>
@
text
@d69 2
a70 1
	in the ports collection UPDATING file.
@


1.577
log
@SVN rev 189594 on 2009-03-09 19:22:45Z by stas

- Point libusb users to the ports collection UPDATING file.
@
text
@d68 1
a68 1
	rebuid all ports which uses libusb. More specific directions are given
@


1.576
log
@SVN rev 189592 on 2009-03-09 17:53:05Z by bms

Merge IGMPv3 and Source-Specific Multicast (SSM) to the FreeBSD
IPv4 stack.

Diffs are minimized against p4.
PCS has been used for some protocol verification, more widespread
testing of recorded sources in Group-and-Source queries is needed.
sizeof(struct igmpstat) has changed.

__FreeBSD_version is bumped to 800070.
@
text
@d68 2
a69 1
	update your ports as the affected programs have had a revision bump.
@


1.575
log
@SVN rev 189585 on 2009-03-09 17:05:31Z by thompsa

Install libusb20.so.1 as libusb.so.1, there will be a followup commit to the
ports tree so that programs use libusb from the base by default. Thanks to
Stanislav Sedov for sorting out the ports build.

Bump __FreeBSD_version to 800069

Help and testing by:	stas
@
text
@d26 39
@


1.574
log
@SVN rev 189399 on 2009-03-05 12:04:42Z by kib

Hopefully, improve the grammar and wording in the changes to shmctl(2)
manpage and UPDATING entry 20090302.

UPDATING changes suggested by bf2006a yahoo com.
man page corrections by bde.
@
text
@d25 6
@


1.573
log
@SVN rev 189283 on 2009-03-02 18:53:30Z by kib

Correct types of variables used to track amount of allocated SysV shared
memory from int to size_t. Implement a workaround for current ABI not
allowing to properly save size for and report more then 2Gb sized segment
of shared memory.

This makes it possible to use > 2 Gb shared memory segments on 64bit
architectures. Please note the new BUGS section in shmctl(2) and
UPDATING note for limitations of this temporal solution.

Reviewed by:	csjp
Tested by:	Nikolay Dzham <i levsha org ua>
MFC after:	2 weeks
@
text
@d26 3
a28 3
	The workaround is committed to allow to create System V shared
	memory segment of size > 2 Gb on the 64-bit architectures.
	Due to limitation of the existing ABI, the shm_segsz member
d30 1
a30 1
	wrong for large segments. Note that limits shall be explicitely
@


1.572
log
@SVN rev 189248 on 2009-03-01 18:57:59Z by imp

Add verbage about needing to remap libusb-0.1 to libusb20 to get old
programs to work with the new usb stack.
@
text
@d25 8
@


1.571
log
@SVN rev 189231 on 2009-03-01 12:44:33Z by rwatson

Note that network device driver modules need rebuilding.
@
text
@d38 2
a39 1
	Updating entry 20090216 for xorg may still apply.
d63 6
@


1.570
log
@SVN rev 189113 on 2009-02-27 17:32:49Z by thompsa

Make a note about USB /dev changes.
@
text
@d25 4
@


1.569
log
@SVN rev 188950 on 2009-02-23 19:30:00Z by thompsa

Fix spelling (again).

Spotted by:	Fabian Keil
@
text
@d25 4
@


1.568
log
@SVN rev 188949 on 2009-02-23 19:28:29Z by thompsa

Fix spelling.

Spotted by:	Fabian Keil
@
text
@d27 1
a27 1
	module names revered to their previous values (eg, usb, ehci, ohci,
@


1.567
log
@SVN rev 188946 on 2009-02-23 18:56:49Z by thompsa

Add an UPDATING entry and bump the OS version to 800064.
@
text
@d28 1
a28 1
	ums, ...).  The old usb stack can be compled in by prefixing the name
@


1.566
log
@SVN rev 188710 on 2009-02-17 11:55:50Z by mtm

Rename the rc.conf(5) knob if_up_delay to defaultroute_delay to better
reflect its purpose.
@
text
@d25 7
@


1.565
log
@SVN rev 188709 on 2009-02-17 10:50:18Z by maxim

o Trim EOL whitespaces.
@
text
@d25 6
@


1.564
log
@SVN rev 188708 on 2009-02-17 10:49:36Z by maxim

o Teminate sentences by dot.
@
text
@d77 1
a77 1
	The afdata and ifnet locks have been changed from mutexes to 
d83 1
a83 1
	The new code reduced struct rtentry{} by 16 bytes on 32-bit 
@


1.563
log
@SVN rev 188693 on 2009-02-16 18:59:18Z by thompsa

Add an entry for xorg+hal+USB2 not detecting input devices.
@
text
@d31 1
a31 1
	kbd and mouse sections from your xorg.conf
d39 1
a39 1
	eg uftdi -> usb2_serial_ftdi
@


1.562
log
@SVN rev 188660 on 2009-02-15 22:33:44Z by thompsa

Switch over GENERIC kernels to USB2 by default.

Tested by:	make universe
@
text
@d25 8
@


1.561
log
@SVN rev 188233 on 2009-02-06 15:03:14Z by jhb

Add a note to document that ichsmb(4) now uses left-justified SMBus slave
addresses.
@
text
@d25 8
@


1.560
log
@SVN rev 187989 on 2009-02-01 21:11:08Z by bz

Remove the single global unlocked route cache ip6_forward_rt
from the inet6 stack along with statistics and make sure we
properly free the rt in all cases.

While the current situation is not better performance wise it
prevents panics seen more often these days.
After more inet6 and ipsec cleanup we should be able to improve
the situation again passing the rt to ip6_forward directly.

Leave the ip6_forward_rt entry in struct vinet6 but mark it
for removal.

PR:		kern/128247, kern/131038
MFC after:	25 days
Committed from:	Bugathon #6
Tested by:	Denis Ahrens <denis@@h3q.com> (different initial version)
@
text
@d25 7
@


1.559
log
@SVN rev 187438 on 2009-01-19 17:00:42Z by sobomax

Mention removal of NTFS from GENERIC/amd64.
@
text
@d25 4
@


1.558
log
@SVN rev 187289 on 2009-01-15 06:44:22Z by lstewart

Add TCP Appropriate Byte Counting (RFC 3465) support to kernel.

The new behaviour is on by default, and can be disabled by setting the
net.inet.tcp.rfc3465 sysctl to 0 to obtain previous behaviour.

The patch changes struct tcpcb in sys/netinet/tcp_var.h which breaks
the ABI. Bump __FreeBSD_version to 800061 accordingly. User space tools
that rely on the size of struct tcpcb (e.g. sockstat) need to be recompiled.

Reviewed by:	rpaulo, gnn
Approved by:	gnn, kmacy (mentors)
Sponsored by:	FreeBSD Foundation
@
text
@d25 8
@


1.557
log
@SVN rev 186491 on 2008-12-25 10:05:00Z by mav

ng_tty(4) module updated to match the new TTY subsystem.
@
text
@d25 6
@


1.556
log
@SVN rev 186345 on 2008-12-19 23:12:14Z by sam

correct wording
@
text
@d25 6
@


1.555
log
@SVN rev 186344 on 2008-12-19 23:10:55Z by sam

add makefs to the base system; FreeBSD_version bumped just in case

Reviewed by:	imp
@
text
@d26 2
a27 2
	With __FreeBSD_version 800060 incorporates the makefs tool is
	part of the base system (it was a port).
@


1.554
log
@SVN rev 186199 on 2008-12-17 00:11:56Z by kmacy

convert ifnet and afdata locks from mutexes to rwlocks
@
text
@d24 5
@


1.553
log
@SVN rev 186119 on 2008-12-15 06:10:57Z by qingli

This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
   possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,

The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.

Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:

- Kip Macy revised the locking code completely, thus completing
  the last piece of the puzzle, Kip has also been conducting
  active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
  provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
  me maintaining that branch before the svn conversion
@
text
@d24 3
@


1.552
log
@SVN rev 185769 on 2008-12-08 17:12:40Z by schweikh

White space only: Tabify; white space at EOL removed.
@
text
@d25 9
@


1.551
log
@SVN rev 185534 on 2008-12-01 23:09:58Z by sam

correct typo

Submitted by:	Ole Vole
@
text
@d41 2
a42 2
	__FreeBSD_version 800054 adds memory barriers to 
	<machine/atomic.h>, new interfaces to ifnet to facilitate 
d45 1
a45 1
	enable drivers to more efficiently manage queueing of 
d290 5
a294 5
        The caching daemon (cached) was renamed to nscd. nscd.conf
        configuration file should be used instead of cached.conf and
        nscd_enable, nscd_pidfile and nscd_flags options should be used
        instead of cached_enable, cached_pidfile and cached_flags in
        rc.conf.
d302 1
a302 1
        The new IPsec code is now compiled in using the IPSEC option.  The
d605 4
a608 4
 	The interface version of the i4b kernel part has changed. So
 	after updating the kernel sources and compiling a new kernel,
 	the i4b user space tools in "/usr/src/usr.sbin/i4b" must also
 	be rebuilt, and vice versa.
d1074 1
a1074 1
 	<reboot>
@


1.550
log
@SVN rev 185522 on 2008-12-01 16:53:01Z by sam

Switch to ath hal source code. Note this removes the ath_hal
module; the ath module now brings in the hal support.  Kernel
config files are almost backwards compatible; supplying

device ath_hal

gives you the same chip support that the binary hal did but you
must also include

options AH_SUPPORT_AR5416

to enable the extended format descriptors used by 11n parts.
It is now possible to control the chip support included in a
build by specifying exactly which chips are to be supported
in the config file; consult ath_hal(4) for information.
@
text
@d29 1
a29 1
	options	ATH_SUPPORT_AR5416
@


1.549
log
@SVN rev 185162 on 2008-11-22 05:55:56Z by kmacy

- bump __FreeBSD version to reflect added buf_ring, memory barriers,
  and ifnet functions

- add memory barriers to <machine/atomic.h>
- update drivers to only conditionally define their own

- add lockless producer / consumer ring buffer
- remove ring buffer implementation from cxgb and update its callers

- add if_transmit(struct ifnet *ifp, struct mbuf *m) to ifnet to
  allow drivers to efficiently manage multiple hardware queues
  (i.e. not serialize all packets through one ifq)
- expose if_qflush to allow drivers to flush any driver managed queues

This work was supported by Bitgravity Inc. and Chelsio Inc.
@
text
@d25 15
@


1.548
log
@SVN rev 185075 on 2008-11-19 00:25:15Z by delphij

Grammar.

Submitted by:	"bf" <bf2006a at yahoo com>
@
text
@d25 8
@


1.547
log
@SVN rev 185061 on 2008-11-18 21:41:09Z by delphij

Mention that listsnapshots is disabled by default after latest ZFS import.
@
text
@d27 2
a28 2
	This version would have zpool attribute "listsnapshots" off
	by default, which means "zfs list" would not show snapshots,
@


1.546
log
@SVN rev 184414 on 2008-10-28 14:14:57Z by oleg

Type of q_time (start of queue idle time) has changed: uint32_t -> uint64_t.
This should fix q_time overflow, which happens after 2^32/(86400*hz) days of
uptime (~50days for hz = 1000).
q_time overflow cause following:
- traffic shaping may not work in 'fast' mode (not enabled by default).
- incorrect average queue length calculation in RED/GRED algorithm.

NB: due to ABI change this change is not applicable to stable.

PR:		kern/128401
@
text
@d25 6
@


1.545
log
@SVN rev 183741 on 2008-10-10 06:37:51Z by n_hibma

Add an entry about the split up of usb into usb+*hci modules.

Submitted by:	Andrew Thompson
@
text
@d25 3
@


1.544
log
@SVN rev 183738 on 2008-10-10 04:23:40Z by jkoshy

Mention the libpmc/hwpmc ABI change introduced in SVN r183725.
@
text
@d26 10
@


1.543
log
@SVN rev 183679 on 2008-10-08 01:31:00Z by delphij

Don't mention lib/compat, it has gone long ago.  Use ports/misc/compat*
instead.
@
text
@d25 5
@


1.542
log
@SVN rev 183027 on 2008-09-14 19:25:57Z by ed

The si(4) and ufoma(4) drivers have been ported to the new TTY layer.

Remove the entries from the UPDATING entry, to cause less confusion
among our users.
@
text
@d62 5
d1026 1
a1026 1
	<maybe install compatibility libraries from src/lib/compat>
@


1.541
log
@SVN rev 182714 on 2008-09-03 08:30:17Z by roberto

Mention ntpd upgrade to 4.2.4p5.
@
text
@d33 1
a33 1
		cy, digi, rc, rp, si, sio
d36 1
a36 1
		ubser, ucycom, ufoma
@


1.540
log
@SVN rev 182662 on 2008-09-01 23:50:56Z by des

Belatedly add a notice about the reversed order of preference for OpenSSH
authentication keys.
@
text
@d44 3
@


1.539
log
@SVN rev 181905 on 2008-08-20 08:31:58Z by ed

Integrate the new MPSAFE TTY layer to the FreeBSD operating system.

The last half year I've been working on a replacement TTY layer for the
FreeBSD kernel. The new TTY layer was designed to improve the following:

- Improved driver model:

  The old TTY layer has a driver model that is not abstract enough to
  make it friendly to use. A good example is the output path, where the
  device drivers directly access the output buffers. This means that an
  in-kernel PPP implementation must always convert network buffers into
  TTY buffers.

  If a PPP implementation would be built on top of the new TTY layer
  (still needs a hooks layer, though), it would allow the PPP
  implementation to directly hand the data to the TTY driver.

- Improved hotplugging:

  With the old TTY layer, it isn't entirely safe to destroy TTY's from
  the system. This implementation has a two-step destructing design,
  where the driver first abandons the TTY. After all threads have left
  the TTY, the TTY layer calls a routine in the driver, which can be
  used to free resources (unit numbers, etc).

  The pts(4) driver also implements this feature, which means
  posix_openpt() will now return PTY's that are created on the fly.

- Improved performance:

  One of the major improvements is the per-TTY mutex, which is expected
  to improve scalability when compared to the old Giant locking.
  Another change is the unbuffered copying to userspace, which is both
  used on TTY device nodes and PTY masters.

Upgrading should be quite straightforward. Unlike previous versions,
existing kernel configuration files do not need to be changed, except
when they reference device drivers that are listed in UPDATING.

Obtained from:		//depot/projects/mpsafetty/...
Approved by:		philip (ex-mentor)
Discussed:		on the lists, at BSDCan, at the DevSummit
Sponsored by:		Snow B.V., the Netherlands
dcons(4) fixed by:	kan
@
text
@d44 15
@


1.538
log
@SVN rev 181827 on 2008-08-18 10:38:16Z by ed

Extend the message in UPDATING on the sio(4) -> uart(4) change.

It turns out I forgot to mention that people really need to make sure
their hints are up to date if they are updating a system through the
serial console.

Requested by:	gavin
Reviewed by:	gavin
@
text
@d25 19
@


1.537
log
@SVN rev 180796 on 2008-07-25 09:30:53Z by maxim

o Trim whitespaces.
@
text
@d36 11
@


1.536
log
@SVN rev 180795 on 2008-07-25 09:13:18Z by maxim

o Fix grammar: see -> See.
@
text
@d29 1
a29 1
	
d43 1
a43 1
	please try to set sysctl compat.linux.osrelease to 2.4.2 and 
d346 1
a346 1
	To support interrupt filtering a modification to the newbus API 
d348 1
a348 1
	to 700031. Please make sure that your kernel and modules are in 
d407 2
a408 2
	The removal of several facets of the experimental Threading 
	system from the kernel means that the proc and thread structures 
d460 1
a460 1
	kernel modules must be re-compiled. The mutex profiling man page 
d509 1
a509 1
 
d591 1
a591 1
	
@


1.535
log
@SVN rev 180487 on 2008-07-13 07:20:14Z by ed

Make uart(4) the default serial port driver on i386 and amd64.

The uart(4) driver has the advantage of supporting a wider variety of
hardware on a greater amount of platforms. This driver has already been
the standard on platforms such as ia64, powerpc and sparc64.

I've decided not to change anything on pc98. I'd rather let people from
the pc98 team look at this.

Approved by:	philip (mentor), marcel
@
text
@d52 1
a52 1
	see the man pages setfib(1) and setfib(2).
@


1.534
log
@SVN rev 180349 on 2008-07-07 13:08:30Z by remko

Fix some spelling errors (improper review from my
side).

Submitted by:	ed, danger
@
text
@d25 11
@


1.533
log
@SVN rev 180345 on 2008-07-07 11:44:57Z by remko

Add missing information for geom_mirror metadata.

PR:		124434
Submitted by:	Philip M. Golluci <pgolluci at p6m7g8 dot com>
MFC after:	3 days

Prodded through:	bugbusters@@
@
text
@d426 1
a426 1
	the mirror (i.e.: /dev/ad0s1a). You can can than rebuild
@


1.532
log
@SVN rev 179691 on 2008-06-09 21:33:57Z by marcel

Note removal of gpt(8).
@
text
@d416 14
@


1.531
log
@SVN rev 179524 on 2008-06-03 18:09:10Z by rdivacky

Fix the date in the last commit.

Approved by:	kib (mentor)
@
text
@d25 4
@


1.530
log
@SVN rev 179523 on 2008-06-03 17:50:13Z by rdivacky

Switch to emulating Linux 2.6 on default.

Approved by:	kib (mentor)
@
text
@d25 1
a25 1
20080606:
@


1.529
log
@Remove ISDN4BSD (I4B) from HEAD as it is not MPSAFE and
parts relied on the now removed NET_NEEDS_GIANT.
Most of I4B has been disconnected from the build
since July 2007 in HEAD/RELENG_7.

This is what was removed:
- configuration in /etc/isdn
- examples
- man pages
- kernel configuration
- sys/i4b (drivers, layers, include files)
- user space tools
- i4b support from ppp
- further documentation

Discussed with: rwatson, re
@
text
@d25 6
@


1.528
log
@Add a note about multiple routing tables support
@
text
@d25 4
@


1.527
log
@More recommendations
@
text
@d25 7
@


1.526
log
@Add a breif example for the wlan change.  Include an explicit pointer
to rc.conf(5) to remind people where to look for all the details.
People without network connectivity forget basics like this...  This
is in keeping with historic UPDATING entries which try to provide
basic information in the entry, and a pointer to more extensive
information documenting the new thing.
@
text
@d35 3
a37 1
	see rc.conf(5) for more details.
@


1.525
log
@802.11 support moves to vaps
@
text
@d30 6
@


1.524
log
@- Add write(2) support for psm(4) in native operation level.  Now arbitrary
commands can be written to /dev/psm%d and status can be read back from it.
- Reflect the change in psm(4) and bump version for ports.

MFC after:	1 week
@
text
@d25 10
@


1.523
log
@ - Add an UPDATING entry about the removal of KSE.
@
text
@d25 7
@


1.522
log
@Make the vm_pmap field of struct vmspace the last field in the
structure. This allows per-CPU variations of struct pmap on a
single architecture without affecting the machine-independent
fields. As such, the PMAP variations don't affect the ABI. They
become part of it.
@
text
@d25 10
@


1.521
log
@Detail the em/igb split so no one gets confused.
@
text
@d25 8
@


1.520
log
@Rename geom_lvm(4) to geom_linux_lvm(4).

Requested by:	des, phk
@
text
@d25 6
@


1.519
log
@Switch the default NFS mount mode from UDP to TCP.  UDP mounts are a
historical relic, and are no longer appropriate for either LAN or WAN
mounting.  At modern (gigabit and 10 gigabit) LAN speeds packet loss
from socket buffer fill events is common, and sequence numbers wrap
quickly enough that data corruption is possible.  TCP solves both of
these problems without imposing significant overhead.

MFC after:     1 month
@
text
@d25 4
@


1.518
log
@Note m_collapse addition.
@
text
@d25 6
@


1.517
log
@Our fts(3) API, as inherited from 4.4BSD, suffers from integer
fields in FTS and FTSENT structs being too narrow.  In addition,
the narrow types creep from there into fts.c.  As a result, fts(3)
consumers, e.g., find(1) or rm(1), can't handle file trees an ordinary
user can create, which can have security implications.

To fix the historic implementation of fts(3), OpenBSD and NetBSD
have already changed <fts.h> in somewhat incompatible ways, so we
are free to do so, too.  This change is a superset of changes from
the other BSDs with a few more improvements.  It doesn't touch
fts(3) functionality; it just extends integer types used by it to
match modern reality and the C standard.

Here are its points:

o For C object sizes, use size_t unless it's 100% certain that
  the object will be really small.  (Note that fts(3) can construct
  pathnames _much_ longer than PATH_MAX for its consumers.)

o Avoid the short types because on modern platforms using them
  results in larger and slower code.  Change shorts to ints as
  follows:

	- For variables than count simple, limited things like states,
	  use plain vanilla `int' as it's the type of choice in C.

	- For a limited number of bit flags use `unsigned' because signed
	  bit-wise operations are implementation-defined, i.e., unportable,
	  in C.

o For things that should be at least 64 bits wide, use long long
  and not int64_t, as the latter is an optional type.  See
  FTSENT.fts_number aka FTS.fts_bignum.  Extending fts_number `to
  satisfy future needs' is pointless because there is fts_pointer,
  which can be used to link to arbitrary data from an FTSENT.
  However, there already are fts(3) consumers that require fts_number,
  or fts_bignum, have at least 64 bits in it, so we must allow for them.

o For the tree depth, use `long'.  This is a trade-off between making
  this field too wide and allowing for 64-bit inode numbers and/or
  chain-mounted filesystems.  On the one hand, `long' is almost
  enough for 32-bit filesystems on a 32-bit platform (our ino_t is
  uint32_t now).  On the other hand, platforms with a 64-bit (or
  wider) `long' will be ready for 64-bit inode numbers, as well as
  for several 32-bit filesystems mounted one under another.  Note
  that fts_level has to be signed because -1 is a magic value for it,
  FTS_ROOTPARENTLEVEL.

o For the `nlinks' local var in fts_build(), use `long'.  The logic
  in fts_build() requires that `nlinks' be signed, but our nlink_t
  currently is uint16_t.  Therefore let's make the signed var wide
  enough to be able to represent 2^16-1 in pure C99, and even 2^32-1
  on a 64-bit platform.  Perhaps the logic should be changed just
  to use nlink_t, but it can be done later w/o breaking fts(3) ABI
  any more because `nlinks' is just a local var.

This commit also inludes supporting stuff for the fts change:

o Preserve the old versions of fts(3) functions through libc symbol
versioning because the old versions appeared in all our former releases.

o Bump __FreeBSD_version just in case.  There is a small chance that
some ill-written 3-rd party apps may fail to build or work correctly
if compiled after this change.

o Update the fts(3) manpage accordingly.  In particular, remove
references to fts_bignum, which was a FreeBSD-specific hack to work
around the too narrow types of FTSENT members.  Now fts_number is
at least 64 bits wide (long long) and fts_bignum is an undocumented
alias for fts_number kept around for compatibility reasons.  According
to Google Code Search, the only big consumers of fts_bignum are in
our own source tree, so they can be fixed easily to use fts_number.

o Mention the change in src/UPDATING.

PR:		bin/104458
Approved by:	re (quite a while ago)
Discussed with:	deischen (the symbol versioning part)
Reviewed by:	-arch (mostly silence); das (generally OK, but we didn't
		agree on some types used; assuming that no objections on
		-arch let me to stick to my opinion)
@
text
@d25 4
@


1.516
log
@Support source upgrades from at least 6.0-RELEASE.

Reviewed by:	imp, obrien
@
text
@d25 14
@


1.515
log
@Quick note on how to disable malloc debugging in the top entry in this file.

PR:		83621
Submitted by:	Scott Robbins <scottro@@nyc.rr.com> (original version)
Reviewed by:	imp
@
text
@d25 1
a25 1
20080121:
d27 1
a27 2
	FreeBSD after the RELENG_6 branch point.  This means any of the
	6.x releases are supported and should work.  Upgrading to current
a28 2
	FreeBSD_version must be 600029 or higher, although this isn't
	enforced in the Makefile at this time.
@


1.514
log
@Note change in the supported upgrade path.  Prior to this 5.3-release
and newer were supported upgrade paths to -current.  After today's
commits, 6.0-RELEASE and newer is supported for jumping to current.
Make that clear in the UPDATING entry.  For the pedants out there,
upgrading from FreeBSD_version 600029 and newer should still work.
This represents a point from May 29, 2005 forward.  The prior date was
October 16th 2004.
@
text
@d22 2
a23 1
	to maximize performance.
@


1.513
log
@Mention ADAPTIVE_GIANT removal.

Reviewed by:	attilio@@
@
text
@d24 8
@


1.512
log
@Let sunkbd(4) emulate an AT keyboard by default.
This has the following benefits:
- allows to use the AT keyboard maps in share/syscons/keymaps with
  sunkbd(4),
- allows to use kbdmux(4) with sunkbd(4),
- allows Sun RS232 keyboards to be configured and used the same
  way as Sun USB keyboards driven by ukbd(4) (which also does AT
  keyboard emulation) with X.Org, putting an end to the problem
  of native support for the former in X.Org being broken over and
  over again.

MFC after:	3 days
@
text
@d24 4
@


1.511
log
@Add ABI backwards compatibility to the FreeBSD 4/5/6 versions of
the PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was broken
with the introduction of PCI domain support.
As the size of struct pci_conf_io wasn't changed with that commit,
this unfortunately requires the ABI of PCIOCGETCONF to be broken
again in order to be able to provide backwards compatibility to
the old version of that IOCTL.

Requested by:	imp
Discussed with:	re (kensmith)
Reviewed by:	PCI maintainers (imp, jhb)
MFC after:	5 days
@
text
@d24 11
@


1.510
log
@This time to the right branch
note the renaming of the kthread_xxx calls
@
text
@d24 13
@


1.509
log
@Note getfacl(1) changes

Submitted by: Henrik Brix Andersen <henrik at brixandersen.dk>
@
text
@d24 8
@


1.508
log
@To honor the birth of RELENG_7 bump HEAD to 8.0-CURRENT.

Approved by:	re (implicit)
@
text
@d45 5
@


1.507
log
@Pulled the trigger 2hr 50min late (Pago Pago time).
Submitted by:	ru
Approved by:	re (implicit)
@
text
@d11 2
a12 2
NOTE TO PEOPLE WHO THINK THAT FreeBSD 7.x IS SLOW:
	FreeBSD 7.x has many debugging features turned on, in
d24 3
@


1.507.2.1
log
@Remove debugging support from GENERIC kernels, remove warning in
UPDATING that says debugging support makes FreeBSD slower, and note
RELENG_7 creation.

Approved by:	re (implicit)
@
text
@d11 12
a22 2
20071010:
	RELENG_7 branched.
@


1.507.2.2
log
@MFC: UPDATING 1.511; sys/dev/pci/pci_user.c 1.23, 1.24;
     sys/sys/param.h 1.312, sys/sys/pciio.h 1.8

Add ABI backwards compatibility to the FreeBSD 4/5/6 versions of
the PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was broken
with the introduction of PCI domain support.
As the size of struct pci_conf_io wasn't changed with that commit,
this unfortunately requires the ABI of PCIOCGETCONF to be broken
again in order to be able to provide backwards compatibility to
the old version of that IOCTL.

Approved by:	re (kensmith)
@
text
@a10 13
20071028:
	It has been decided that it is desirable to provide ABI
	backwards compatibility to the FreeBSD 4/5/6 versions of the
	PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was
	broken with the introduction of PCI domain support (see the
	20070930 entry). Unfortunately, this required the ABI of
	PCIOCGETCONF to be broken again in order to be able to
	provide backwards compatibility to the old version of that
	IOCTL. Thus consumers of PCIOCGETCONF have to be recompiled
	again. As for prominent ports this affects neither pciutils
	nor xorg-server this time, the hal port needs to be rebuilt
	however.

@


1.507.2.3
log
@MFC: UPDATING 1.512, sys/sparc64/conf/DEFAULTS 1.11

Let sunkbd(4) emulate an AT keyboard by default.
This has the following benefits:
- allows to use the AT keyboard maps in share/syscons/keymaps with
  sunkbd(4),
- allows to use kbdmux(4) with sunkbd(4),
- allows Sun RS232 keyboards to be configured and used the same
  way as Sun USB keyboards driven by ukbd(4) (which also does AT
  keyboard emulation) with X.Org, putting an end to the problem
  of native support for the former in X.Org being broken over and
  over again.

Approved by:	re (kensmith)
@
text
@a10 11
20071126:
	The AT keyboard emulation of sunkbd(4) has been turned on
	by default. In order to make the special symbols of the Sun
	keyboards driven by sunkbd(4) work under X these now have
	to be configured the same way as Sun USB keyboards driven
	by ukbd(4) (which also does AT keyboard emulation), f.e.:

	Option	"XkbLayout" "us"
	Option	"XkbRules" "xorg"
	Option	"XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us"

@


1.507.2.4
log
@note addition of m_collapse
@
text
@a10 3
20080208:
	Note the addition of m_collapse for compacting mbuf chains.

@


1.507.2.5
log
@Speculate on the release date for FreeBSD 7.0.
@
text
@a10 3
20080226:
	FreeBSD 7.0-RELEASE

@


1.507.2.6
log
@SVN rev 180488 on 2008-07-13 11:48:44Z by remko

MFC r180345

  Add missing information for geom_mirror metadata.

  PR:             124434
  Submitted by:   Philip M. Golluci <pgolluci at p6m7g8 dot com>
  MFC after:      3 days

  Prodded through:        bugbusters@@

Approved by:	 imp (mentor, implicit)
@
text
@a287 14
	geom(4)'s gmirror(8) class metadata structure has been
	rev'd from v3 to v4. If you update across this point and
	your metadata is converted for you, you will not be easily
	able to downgrade since the /boot/kernel.old/geom_mirror.ko
	kernel module will be unable to read the v4 metadata.  You
	can resolve this by doing from the loader(8) prompt:

		set vfs.root.mountfrom="ufs:/dev/XXX"

	where XXX is the root slice of one of the disks that composed
	the mirror (i.e.: /dev/ad0s1a). You can can than rebuild
	the array the same way you built it originally.

20061122:
@


1.507.2.7
log
@SVN rev 180497 on 2008-07-13 18:11:50Z by remko

Merge r180349 as well.

  SVN rev 180349 on 2008-07-07 13:08:30Z by remko

  Fix some spelling errors (improper review from my
  side).

  Submitted by:	ed, danger

Submitted by:	Florian Smeets
@
text
@d298 1
a298 1
	the mirror (i.e.: /dev/ad0s1a). You can then rebuild
@


1.507.2.8
log
@SVN rev 180783 on 2008-07-24 17:39:51Z by julian

Commit ancillary parts of the MFC that I couldn't do last night because
the SVN server went strange (repoman. crashed I believe).

Obtained from:	 Cisco IronPort
@
text
@a10 7
20080724:
	I have MFC'd in code to support multiple routing tables.
	see the man pages setfib(1) and setfib(2).
	This is a backwards compatible version,
	but to make use of it you need to compile your kernel
	with options ROUTETABLES=2 (or more up to 16).

@


1.507.2.9
log
@SVN rev 181358 on 2008-08-07 07:16:07Z by brueffer

current -> STABLE here, as in all other STABLE branches.

Submitted by:	joel
@
text
@d1 1
a1 1
Updating Information for FreeBSD STABLE users
@


1.507.2.10
log
@SVN rev 181703 on 2008-08-14 00:58:54Z by jfv

Document the E1000 driver changes for the 7.1 RELEASE
@
text
@a10 28
20080811:
	Today STABLE got a reorganization of the Intel E1000
	driver code. In order to better support our new adapters
	there is a new driver, igb, that is now to be used for
	either the 82575 or 82576 adapters. The source however,
	is all now in sys/dev/e1000, both em and igb drivers are
	built from that common directory if you configure them
	in the kernel. Making loadable drivers still happens in
	the same place: sys/modules/[em, igb].

	The important thing to note is that the 82575 adapters
	were supported in the em driver in 7.0, but now needed
	to be moved into igb, so if you have the effected cards
	be sure and make any script changes to follow the name
	change.

	There are only 3 PCI ID's effected in this change:
		0x10A7, 0x10A9, and 0x10D6 
	So you can know ahead of time if they will be effected,
	these will now be supported in the igb driver. That
	driver will also support the new 82576 followon.

	The driver reorg in STABLE is inconvenient but it really
	was necessary for Intel to do this, and I figured it was
	better to have this small admin type issue than not to
	have support for this new hardware for a whole release
	cycle.

@


1.507.2.11
log
@SVN rev 182252 on 2008-08-27 06:59:01Z by jb

Add a mention of DTrace and the dog that are the commit message.
@
text
@a10 24
20080826:
	DTrace support was merged to STABLE today. In the best
	tradition of "the dog ate my homework", subversion decided
	that the commit message was too large and opted not to send
	it. It was a stealth commit!

	A 'make buildkernel' will now default to build the kernel
	and modules with both DTrace kernel hooks and CTF data ready
	for DTrace.

	After you have installed both world and the kernel, and
	rebooted, you can 'kldload dtraceall' to load all the DTrace
	kernel modules and then you're set to run the 'dtrace'
	client (as root).

	For DTrace documentation, refer to:
	<http://wikis.sun.com/display/DTrace/Documentation>

	We are limited to kernel tracing at the moment, so the pid
	provider is not available.

	For the syscall provider, note that the arguments to the
	return probes are the same as for the entry probes.

@


1.507.2.12
log
@SVN rev 182664 on 2008-09-01 23:53:55Z by des

Note the OpenSSH upgrade.
@
text
@a10 3
20080901:
	OpenSSH has been upgraded to 5.1p1.

@


1.507.2.13
log
@SVN rev 182717 on 2008-09-03 08:50:30Z by roberto

Note the ntpd upgrade.

Approved by:	re (kensmith)
@
text
@a10 3
20080903:
	ntpd has been upgraded to 4.2.4p5.

@


1.507.2.14
log
@SVN rev 186868 on 2009-01-07 16:35:59Z by mav

snd_hda(4) driver was updated to version 20081226_0122.
@
text
@a10 11
20090107:
	snd_hda(4) driver was updated to version 20081226_0122.

	Due to added HDMI audio and logical audio devices support, updated
	driver often provides several PCM devices. In some cases it can make
	system default audio device no longer correspond to the users's
	habbitual audio connectors. In such cases wanted device can be
	specified in audio application setup or defined globally via
	hw.snd.default_unit sysctl according to sound(4) and snd_hda(4)
	man pages.

@


1.507.2.15
log
@SVN rev 186983 on 2009-01-09 22:19:48Z by mav

powerd(8) was updated to get better SMP support.
Meanings of the -i and -r command line options were changed.
@
text
@a10 4
20090110:
	powerd(8) was updated to get better SMP support.
	Meanings of the -i and -r command line options were changed.

@


1.507.2.16
log
@SVN rev 187226 on 2009-01-14 16:27:04Z by kensmith

Oops, forgot to mention 7.1-RELEASE in stable/7...

Submitted by:	Florian Smeets <flo at kasimir dot com>
@
text
@a25 3
20090106:
	FreeBSD 7.1-RELEASE

@


1.507.2.17
log
@SVN rev 187440 on 2009-01-19 17:14:03Z by sobomax

MFC: mention removal of NTFS from GENERIC/amd64.
@
text
@a10 8
20090119:
	NTFS has been removed from GENERIC kernel on amd64 to match
	GENERIC on i386. Should not cause any issues since mount_ntfs(8)
	will load ntfs.ko module automatically when NTFS support is
	actually needed, unless ntfs.ko is not installed or security
	level prohibits loading kernel modules. If either is the case,
	"options NTFS" has to be added into kernel config.

@


1.507.2.18
log
@SVN rev 188281 on 2009-02-07 13:19:08Z by bz

MFC:
 r185435:
  This enhances the current jail implementation to permit multiple
  addresses per jail. In addtion to IPv4, IPv6 is supported as well.
  Due to updated checks it is even possible to have jails without
  an IP address at all, which basically gives one a chroot with
  restricted process view, no networking,..

  SCTP support was updated and supports IPv6 in jails as well.

  Cpuset support permits jails to be bound to specific processor
  sets after creation.

  Jails can have an unrestricted (no duplicate protection, etc.) name
  in addition to the hostname. The jail name cannot be changed from
  within a jail and is considered to be used for management purposes
  or as audit-token in the future.

  DDB 'show jails' command was added to aid debugging.

  Proper compat support permits 32bit jail binaries to be used on 64bit
  systems to manage jails. Also backward compatibility was preserved where
  possible: for jail v1 syscalls, as well as with user space management
  utilities.

  Both jail as well as prison version were updated for the new features.
  A gap was intentionally left as the intermediate versions had been
  used by various patches floating around the last years.

  Bump __FreeBSD_version for the afore mentioned and in kernel changes.

 r185441:
  Unbreak the no-networks (no INET/6) build.

 r185899:
  Correctly check the number of prison states to not access anything
  outside the prison_states array.
  When checking if there is a name configured for the prison, check the
  first character to not be '\0' instead of checking if the char array
  is present, which it always is. Note, that this is different for the
  *jailname in the syscall.

  Found with:	Coverity Prevent(tm)
  CID:		4156, 4155

 r186085:
  Make sure that the direct jls invocations prints something
  reasonable close to and in the same format as it had always.

 r186606:
  Make sure that unused j->ip[46] are cleared.

 r186834:
  Document the special loopback address behaviour of jails.

  PR:		kern/103464

 r186841:
  Put the devfs ruleset next to devfs enable, add a comment about
  the suggested ruleset[1].

  While here use an IP from the 'test-net' prefix for docs.

  PR:		kern/130102

 r187059:
  Add a short section talking about jails and file systems; mention the
  mountand jail-aware file systems as well as quota.

  PR:		kern/68192

 r187092:
  Sort .Xr.

 r187365:
  s,unmount 8,umount 8, it is unmount(2) which I did not mean.

 r187669:
  Update the description of the '-h' option wrt to primary addresses
  per address family and add a reference to the ip-addresses option.

 r187670:
  New sentence starts on a new line.
@
text
@a10 6
20090207:
	Multi-IPv4/v6/no-IP jail support was merged to STABLE.
	You need to rebuild jls(8) and to use the new features
	jail(8), jexec(8) and cpuset(1) with a new kernel.
	__FreeBSD_version was bumped to 701103.

@


1.507.2.19
log
@SVN rev 188291 on 2009-02-07 15:51:21Z by alc

Recent changes to the kernel increasing the size of the kernel and kmem
maps on amd64 machines should trigger ZFS users to reevaluate their
manual tuning of the kmem map.
@
text
@a11 7
	ZFS users on amd64 machines with 4GB or more of RAM should
	reevaluate their need for setting vm.kmem_size_max and
	vm.kmem_size manually.  In fact, after recent changes to the
	kernel, the default value of vm.kmem_size is larger than the
	suggested manual setting in most ZFS/FreeBSD tuning guides.

20090207:
@


1.507.2.20
log
@SVN rev 189720 on 2009-03-12 03:09:11Z by bms

Merge the open source Atheros HAL from HEAD to STABLE.

This adds support for the AH_SUPPORT_AR5416 kernel
configuration option, and removes the ath_rate*
and ath_hal modules. Their kernel options are not
however removed -- please see UPDATING.

Tested on an IBM/Lenovo T43 and ASUS EeePC 701 in both
STA and HostAP modes.

Submitted by:	sam
@
text
@a10 10
20090312:
	The open-source Atheros HAL has been merged from HEAD
	to STABLE.
	The kernel compile-time option AH_SUPPORT_AR5416 has been
	added to support certain newer Atheros parts, particularly
	PCI-Express chipsets.
	The following modules are no longer available, and should be
	removed from MODULES_OVERRIDE and/or loader.conf:-
	 ath_hal ath_rate_amrr ath_rate_onoe ath_rate_sample

@


1.507.2.21
log
@SVN rev 189740 on 2009-03-12 13:45:55Z by kib

MFC r189283:
Correct types of variables used to track amount of allocated SysV shared
memory from int to size_t. Implement a workaround for current ABI not
allowing to properly save size for and report more then 2GB sized segment
of shared memory.

This makes it possible to use > 2 GB shared memory segments on 64bit
architectures. Please note the new BUGS section in shmctl(2) and
UPDATING note for limitations of this temporal solution.

MFC r189398:
Systematically use vm_size_t to specify the size of the segment for VM KPI.
Do not overload the local variable size in kern_shmat() due to vm_size_t
change.
Fix style bug by adding explicit comparision with 0.

MFC r189399:
Improve the grammar and wording in the changes to shmctl(2) manpage.

Put an UPDATING entry and bump __FreeBSD_version for the change.
@
text
@a11 13
	A workaround is committed to allow the creation of System V shared
	memory segment of size > 2 GB on the 64-bit architectures.
	Due to a limitation of the existing ABI, the shm_segsz member
	of the struct shmid_ds, returned by shmctl(IPC_STAT) call is
	wrong for large segments. Note that limits must be explicitely
	raised to allow such segments to be created.

	The management interface that is used by ipcs(1) has to be changed
	in incompatible way. Rebuild the ipcs(1) utility with the new
	headers after the update. Buildworld/installworld takes care
	of this issue automatically.

20090312:
@


1.507.2.22
log
@SVN rev 189956 on 2009-03-18 11:30:47Z by bz

MFC r184096:

  Bring over the change switching from using sequential to random
  ephemeral port allocation as implemented in netinet/in_pcb.c rev. 1.143
  (initially from OpenBSD) and follow-up commits during the last four and
  a half years including rev. 1.157, 1.162 and 1.199.
  This now is relying on the same infrastructure as has been implemented
  in in_pcb.c since rev. 1.199.

Reviewed by:	rwatson (UPDATING)
@
text
@a10 7
20090318:
	Change IPv6 ephemeral port allocation from sequential to
	random allocation, like IPv4 has done for more than four years.
 	The implementation shares infrastructure with IPv4. This
	means that there is only one set of sysctls to control both
	IPv4 and IPv6. See ip(4) man page for details.

@


1.507.2.23
log
@SVN rev 190457 on 2009-03-26 22:54:19Z by rwatson

r189615:

  Remove now-unused INP_UNMAPPABLEOPTS.

  Discussd with: bz

r189637:

  Avoid use of IPv6  macro aliases to inpcb fields and inp_flags; we don't
  remove their defintions as some third-party tools may use them (such as
  net-snmp), unlike in the 8.x change.

  References to in6p_lport and in6_fport in sockstat are also replaced with
  normal inp_lport and inp_fport references.

  Reviewed by:   bz

r189848:

  Correct a number of evolved problems with inp_vflag and inp_flags:
  certain flags that should have been in inp_flags ended up in inp_vflag,
  meaning that they were inconsistently locked, and in one case,
  interpreted.  Move the following flags from inp_vflag to gaps in the
  inp_flags space (and clean up the inp_flags constants to make gaps
  more obvious to future takers):

    INP_TIMEWAIT
    INP_SOCKREF
    INP_ONESBCAST
    INP_DROPPED

  Some aspects of this change have no effect on kernel ABI at all, as these
  are UDP/TCP/IP-internal uses; however, netstat and sockstat detect
  INP_TIMEWAIT when listing TCP sockets, so any MFC will need to take this
  into account.

  MFC after:      1 week (or after dependencies are MFC'd)
  Reviewed by:    bz

Note that this change requires netstat, systat, and sockstat to be
recompiled in order to properly print TIMEWAIT connection state; this
minor API change (documented in UPDATING) is considered worth it in
order to fix the above bugs.  This change fixes the INP_ONESBCAST bug
describted in kern/124282 by disambiguating flag use.

Approved by:    re (kib)
PR:             kern/124282
r189637 discussed with:	pav
@
text
@a10 5
20090326:
	Following bug-fixes to TCP connection state flags, netstat, systat,
	and sockstat will need to be rebuilt in order to properly print
	connections in the TIMEWAIT state.

@


1.507.2.24
log
@SVN rev 191712 on 2009-05-01 02:16:05Z by kensmith

Predict announcement day for 7.2-RELEASE.

Approved by:	re (implicit)
@
text
@a10 3
20090504:
	FreeBSD 7.2-RELEASE

@


1.507.2.25
log
@SVN rev 192498 on 2009-05-20 23:34:59Z by kmacy

MFC ZFS version 13. This includes the changes by pjd (see original message
below) as well as the following:

- the recurring deadlock was fixed by deferring vinactive to a dedicated thread

- zfs boot for all pool types now works
      Submitted by: dfr

- kmem now goes up to 512GB so arc is now limited by physmem

- the arc now experiences backpressure from the vm (which can be too
much - but this allows ZFS to work without any tunables on amd64)

- frequently recurring LOR in the ARC fixed

- zfs send coredump fix

- fixes for various PRs

Supported by: Barrett Lyon, BitGravity

Revision 185029 - (view) (annotate) - [select for diffs]
Modified Mon Nov 17 20:49:29 2008 UTC (6 months ago) by pjd
File length: 38244 byte(s)
Diff to previous 177698

Update ZFS from version 6 to 13 and bring some FreeBSD-specific changes.

This bring huge amount of changes, I'll enumerate only user-visible changes:

- Delegated Administration

       Allows regular users to perform ZFS operations, like file system
       creation, snapshot creation, etc.

- L2ARC

       Level 2 cache for ZFS - allows to use additional disks for cache.
       Huge performance improvements mostly for random read of mostly
       static content.

- slog

       Allow to use additional disks for ZFS Intent Log to speed up
       operations like fsync(2).

- vfs.zfs.super_owner

       Allows regular users to perform privileged operations on files stored
       on ZFS file systems owned by him. Very careful with this one.

- chflags(2)

       Not all the flags are supported. This still needs work.

- ZFSBoot

       Support to boot off of ZFS pool. Not finished, AFAIK.

       Submitted by:   dfr

- Snapshot properties

- New failure modes

       Before if write requested failed, system paniced. Now one
       can select from one of three failure modes:

       Before if write requested failed, system paniced. Now one
       can select from one of three failure modes:
       - panic - panic on write error
       - wait - wait for disk to reappear
       - continue - serve read requests if possible, block write requests

- Refquota, refreservation properties

       Just quota and reservation properties, but don't count space consumed
       by children file systems, clones and snapshots.

 - Sparse volumes

       ZVOLs that don't reserve space in the pool.

 - External attributes

       Compatible with extattr(2).

 - NFSv4-ACLs

       Not sure about the status, might not be complete yet.

       Submitted by:   trasz

 - Creation-time properties

 - Regression tests for zpool(8) command.

 Obtained from:        OpenSolaris
@
text
@d10 1
a10 6
20090520
	Update ZFS to version 13. ZFS users will need to re-build
	kernel and world. Existing pools will continue to work
	without upgrade. If a pool is upgraded it will no longer be
	usable by older kernel revs. ZFS send / recv between 
	pool version 6 and pool version 13 is not supported.
@


1.507.2.26
log
@SVN rev 192507 on 2009-05-21 02:18:10Z by brd

Add some missing blank lines.

Approved by:	kmacy@@
@
text
@a9 1

a15 1

@


1.507.2.27
log
@SVN rev 192529 on 2009-05-21 10:03:50Z by ed

Add missing colon.
@
text
@d11 1
a11 1
20090520:
@


1.507.2.28
log
@SVN rev 192549 on 2009-05-21 17:12:13Z by rpaulo

Mention k8temp -> amdtemp rename.
@
text
@a10 4
20090521:
	The k8temp(4) driver has been renamed to amdtemp(4) since               
	support for K10 and K11 CPU families was added.

@


1.507.2.29
log
@SVN rev 193638 on 2009-06-07 18:45:04Z by fabient

Bump sys/param.h for the merge of PmcTools.
Add a note to rebuild world in UPDATING.

Reviewed by: jkoshy (mentor)
@
text
@a10 4
20090606:
	The components of PmcTools have been upgraded. Please
	update world and the kernel.

@


1.507.2.30
log
@SVN rev 194214 on 2009-06-14 21:11:39Z by kmacy

further clarify ZFS upgrade requirements
@
text
@d21 1
a21 2
	and install both kernel and world simultaneously in order 
	for the ZFS tools to work. Existing pools will continue to work
@


1.507.2.31
log
@SVN rev 195758 on 2009-07-18 21:50:53Z by brian

Fix some typos.  The changes only apply to UPDATING in stable/7.

PR:		133110
Submitted by:	Glen Barber - glen.j.barber at gmail
@
text
@d146 1
a146 1
	to be moved into igb, so if you have the affected cards
d150 1
a150 1
	There are only 3 PCI ID's affected in this change:
d152 1
a152 1
	So you can know ahead of time if they will be affected,
d164 1
a164 1
	See the man pages setfib(1) and setfib(2).
@


1.507.2.32
log
@SVN rev 196006 on 2009-07-31 20:32:55Z by jhb

MFC: Change the ABI of some of the structures used by the SYSV IPC API:
- Various members of struct ipc_perm use appropriate types instead of
  unsigned short.
- The shm_segsz member of struct shmid_ds is now a size_t instead of an
  int which should allow for complete support of SYSV SHM regions >= 2GB.
- The shm_nattch member of struct shmid_ds is now an int instead of a
  short.
- The existing versions of the __semctl(), msgctl(), and shmctl() system
  calls have been renamed to freebsd7_*() and implement the old ABI. New
  versions of these system calls provide the new ABI.  The new system
  calls also use newer symbol versions in libc so old and new binaries
  will both work under new kernels.
- Specific to 7.x: the kern_msgctl(), kern_semctl(), and kern_shmctl()
  functions now use ABI shims that transparently "rename" the functions
  to kern_new_*() for all new modules.  Existing compat functions under
  the old names remain to provide compatibility for older kernel modules.
@
text
@a10 4
20090731:
	The ABI of various structures related to the SYSV IPC API have
	been changed.  Bump __FreeBSD_version to 702105.

@


1.507.2.33
log
@SVN rev 196684 on 2009-08-31 02:45:47Z by edwin

MFC of r192625:

Throw alert about the newly generated format of zic(8) and the
necessarity to run tzsetup(8).
@
text
@a10 5
20090831:
	The newly imported zic(8) produces a new format in the
	output. Please run tzsetup(8) to install the newly created
	data to /etc/localtime.

@


1.507.2.34
log
@SVN rev 199901 on 2009-11-29 17:27:58Z by bz

MFC r179785, r180496:

  Remove obselete PECOFF image activator support.

Discussed with:	secteam, kib
Approved by:	re (kensmith)
@
text
@a10 3
20091129:
	PECOFF image activator support removed.

@


1.507.2.35
log
@SVN rev 205400 on 2010-03-20 23:50:55Z by kensmith

Guess at the date the 7.3-RELEASE builds will be finished and everything
will be in place for the announcement.
@
text
@a10 3
20100323:
	FreeBSD 7.3-RELEASE

@


1.507.2.36
log
@SVN rev 215909 on 2010-11-26 22:31:56Z by avg

add UPDATING entry for amd64 minidump version 2

This is a direct commit.
@
text
@a10 6
20101126:
	New version of minidump format for amd64 architecture was
	introduced in r215874.  To analyze vmcore files produced by
	kernels at or after this version you will need updated userland,
	libkvm actually, that is able to handle the new version.

@


1.507.2.37
log
@SVN rev 218735 on 2011-02-16 15:18:28Z by kensmith

Guess when all the bits will be in place for announcing 7.4-RELEASE.
@
text
@a10 3
20110221:
	FreeBSD 7.4-RELEASE

@


1.507.2.38
log
@SVN rev 219035 on 2011-02-25 16:08:31Z by netchild

MFC r216591:
  Suggest to run the delete-old target after the second mergemaster. If you run
  it before, your rc scripts may still reference old files/directories and
  if you are in the unlucky situation to have triggered a reboot (intentionally
  or not) between the delete-old run and the mergemaster, your system may not
  start anymore.

  While I'm here, give a hint about delete-old-libs.

  Noticed by:        bcr (luckily in a discussion and not by getting hit by
                          this)
@
text
@d991 1
a992 1
	make delete-old					[6]
d1029 1
a1030 1
	make delete-old					[6]
a1071 4
	[6] This only deletes old files and directories. Old libraries
	can be deleted by "make delete-old-libs", but you have to make
	sure that no program is using those libraries anymore.

@


1.507.2.39
log
@SVN rev 225276 on 2011-08-31 01:18:23Z by gjb

MFC 225142:

Reword sentence noting UPDATING entries prior to October 2007[1] are
only available in older FreeBSD releases.

PR:		159220

[1] - October 2007 is specific to HEAD.  In stable/8 and stable/7,
the correct year is 2004, so that change is reflected here as well.
@
text
@d1098 3
a1100 4
breakages in tracking -current.  It is not guaranteed to be a complete
list of such breakages, and only contains entries since October 16, 2004.
If you need to see UPDATING entries from before that date, you will need
to fetch an UPDATING file from an older FreeBSD release.
@


1.507.2.40
log
@SVN rev 227307 on 2011-11-07 13:46:16Z by marius

MFC: r227006, r227281, r227282

Add a PCI front-end to esp(4) allowing it to support AMD Am53C974 and
replace amd(4) with the former in the amd64, i386 and pc98 GENERIC kernel
configuration files. Besides duplicating functionality, amd(4), which
previously also supported the AMD Am53C974, unlike esp(4) is no longer
maintained and has accumulated enough bit rot over time to always cause
a panic during boot as long as at least one target is attached to it
(see PR 124667).

PR:		124667
Obtained from:	NetBSD (based on)
@
text
@a10 4
20111101:
	The broken amd(4) driver has been replaced with esp(4) in the amd64,
	i386 and pc98 GENERIC kernel configuration files.

@


1.507.2.41
log
@Switch importer
@
text
@d1133 1
a1133 1
$FreeBSD: stable/7/UPDATING 227307 2011-11-07 13:46:16Z marius $
@


1.507.2.42
log
@Warn about EOL
@
text
@a10 3
WARNING: THIS REPOSITORY IS TERMINATED and no longer tracks Subversion!
You can still get updates: http://wiki.freebsd.org/CvsIsDeprecated

@


1.507.2.36.2.1
log
@SVN rev 216618 on 2010-12-21 17:10:29Z by kensmith

Copy stable/7 to releng/7.4 in preparation for FreeBSD-7.4 release.

Approved by:	re (implicit)
@
text
@@


1.507.2.36.2.2
log
@SVN rev 218736 on 2011-02-16 15:19:31Z by kensmith

Guess when all the bits will be in place for announcing 7.4-RELEASE.

Approved by:	re (implicit)
@
text
@a10 3
20110221:
	FreeBSD 7.4-RELEASE

@


1.507.2.36.2.3
log
@SVN rev 220901 on 2011-04-20 21:00:24Z by cperciva

Fix CIDR parsing bug in mountd ACLs.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-11:01.mountd
@
text
@a10 3
20110420:	p1	FreeBSD-SA-11:01.mountd
	Fix CIDR parsing bug in mountd ACLs.

@


1.507.2.36.2.4
log
@SVN rev 222416 on 2011-05-28 08:44:39Z by simon

Fix an off by one which can result in a assertion failure in BIND
related to large RRSIG RRsets and Negative Caching. This can cause
named to crash.

Security:	FreeBSD-SA-11:02.bind
Security:	CVE-2011-1910
Security:	https://www.isc.org/software/bind/advisories/cve-2011-1910
Obtained from:	ISC
Approved by:	so (simon)
@
text
@a10 4
20110528:	p2	FreeBSD-SA-11:02.bind
	Fix BIND remote DoS with large RRSIG RRsets and negative
	caching.

@


1.507.2.36.2.5
log
@SVN rev 225827 on 2011-09-28 08:47:17Z by bz

Fix handling of corrupt compress(1)ed data. [11:04]

Add missing length checks on unix socket addresses. [11:05]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-11:04.compress
Security:	CVE-2011-2895 [11:04]
Security:	FreeBSD-SA-11:05.unix
@
text
@a10 5
20110928:	p3	FreeBSD-SA-11:04.compress, FreeBSD-SA-11:05.unix
	Fix handling of corrupt compress(1)ed data. [11:04]

	Add missing length checks on unix socket addresses. [11:05]

@


1.507.2.36.2.6
log
@SVN rev 226023 on 2011-10-04 19:07:38Z by cperciva

Fix a bug in UNIX socket handling in the linux emulator which was
exposed by the security fix in FreeBSD-SA-11:05.unix.

Approved by:	so (cperciva)
Approved by:	re (kib)
Security:	Related to FreeBSD-SA-11:05.unix, but not actually
		a security fix.
@
text
@a10 4
20111004:	p4	FreeBSD-SA-11:05.unix (revised)
	Fix a bug in UNIX socket handling in the linux emulator which was
	exposed by the security fix in FreeBSD-SA-11:05.unix.

@


1.507.2.36.2.7
log
@SVN rev 228843 on 2011-12-23 15:00:37Z by cperciva

Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06]

Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]

Fix a buffer overflow in telnetd. [11:08]

Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]

Add sanity checking of service names in pam_start. [11:10]

Approved by:    so (cperciva)
Approved by:    re (bz)
Security:       FreeBSD-SA-11:06.bind
Security:       FreeBSD-SA-11:07.chroot
Security:       FreeBSD-SA-11:08.telnetd
Security:       FreeBSD-SA-11:09.pam_ssh
Security:       FreeBSD-SA-11:10.pam
@
text
@a10 16
20111223:	p5	FreeBSD-SA-11:06.bind, FreeBSD-SA-11:07.chroot
			FreeBSD-SA-11:08.telnetd, FreeBSD-SA-11:09.pam_ssh
			FreeBSD-SA-11:10.pam
	Fix a problem whereby a corrupt DNS record can cause named to crash.
	[11:06]

	Add an API for alerting internal libc routines to the presence of
	"unsafe" paths post-chroot, and use it in ftpd. [11:07]

	Fix a buffer overflow in telnetd. [11:08]

	Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
	specified. [11:09]

	Add sanity checking of service names in pam_start. [11:10]

@


1.507.2.36.2.8
log
@SVN rev 229539 on 2012-01-04 23:47:20Z by cperciva

Extend the character set accepted by freebsd-update(8) in file
names in order to allow upgrades to FreeBSD 9.0-RELEASE.

Approved by:	so (cperciva)
Errata Notice:	FreeBSD-EN-12:01.freebsd-update
@
text
@a10 4
20120104:	p6	FreeBSD-EN-12:01.freebsd-update
	Extend the character set accepted by freebsd-update(8) in file
	names in order to allow upgrades to FreeBSD 9.0-RELEASE.

@


1.507.2.36.2.9
log
@SVN rev 234954 on 2012-05-03 15:25:11Z by bz

Fix multiple OpenSSL vulnerabilities.

Security:	CVE-2011-4576, CVE-2011-4619, CVE-2011-4109
Security:	CVE-2012-0884, CVE-2012-2110
Security:	FreeBSD-SA-12:01.openssl
Approved by:	so (bz,simon)
@
text
@a10 3
20120503:	p7	FreeBSD-SA-12:01.openssl
	Fix multiple OpenSSL vulnerabilities.

@


1.507.2.36.2.10
log
@SVN rev 236304 on 2012-05-30 12:01:28Z by bz

Update the previous openssl fix. [12:01]

Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

Security:	FreeBSD-SA-12:01.openssl (revised)
Security:	FreeBSD-SA-12:02.crypt
Approved by:	so (bz, simon)
@
text
@a10 6
20120530:	p8	FreeBSD-SA-12:01.openssl (revised),
			FreeBSD-SA-12:02.crypt
	Update the previous openssl fix. [12:01]

	Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

@


1.507.2.36.2.11
log
@SVN rev 236953 on 2012-06-12 12:10:10Z by bz

Fix a problem where zero-length RDATA fields can cause named(8) to crash.
[12:03]

Correct a privilege escalation when returning from kernel if
running FreeBSD/amd64 on non-AMD processors. [12:04]

Fix reference count errors in IPv6 code. [EN-12:02]

Security:	CVE-2012-1667
Security:	FreeBSD-SA-12:03.bind
Security:	CVE-2012-0217
Security:	FreeBSD-SA-12:04.sysret
Security:	FreeBSD-EN-12:02.ipv6refcount
Approved by:	so (simon, bz)
@
text
@a10 8
20120612:	p9	FreeBSD-SA-12:03.bind
			FreeBSD-SA-12:04.sysret
	Fix a problem where zero-length RDATA fields can cause named to crash.
	[12:03]

	Correct a privilege escalation when returning from kernel if
	running FreeBSD/amd64 on non-AMD processors. [12:04]

@


1.507.2.36.2.12
log
@SVN rev 239108 on 2012-08-06 21:33:11Z by simon

Fix named(8) DNSSEC validation Denial of Service.

Security:	FreeBSD-SA-12:05.bind
Security:	CVE-2012-3817
Obtained from:	ISC
Approved by:	so (simon)
@
text
@a10 3
20120806:	p10	FreeBSD-SA-12:05.bind
	Fix named(8) DNSSEC validation Denial of Service.

@


1.507.2.36.2.13
log
@Switch importer
@
text
@d1180 1
a1180 1
$FreeBSD: releng/7.4/UPDATING 239108 2012-08-06 21:33:11Z simon $
@


1.507.2.36.2.14
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 243417
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r243417 | simon | 2012-11-22 22:52:15 +0000 (Thu, 22 Nov 2012) | 13 lines
## SVN ##
## SVN ## Fix multiple Denial of Service vulnerabilities with named(8).
## SVN ##
## SVN ## Fix insufficient message length validation for EAP-TLS messages.
## SVN ##
## SVN ## Fix Linux compatibility layer input validation error.
## SVN ##
## SVN ## Security:	FreeBSD-SA-12:06.bind
## SVN ## Security:	FreeBSD-SA-12:07.hostapd
## SVN ## Security:	FreeBSD-SA-12:08.linux
## SVN ## Security:	CVE-2012-4244, CVE-2012-5166, CVE-2012-4445, CVE-2012-4576
## SVN ## Approved by:	re
## SVN ## Approved by:	security-officer
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@a10 5
20121122:	p11	FreeBSD-SA-12:06.bind FreeBSD-SA-12:08.linux
	Fix multiple Denial of Service vulnerabilities with named(8).

	Fix Linux compatibility layer input validation error.

d1180 1
a1180 1
$FreeBSD: releng/7.4/UPDATING 243417 2012-11-22 22:52:15Z simon $
@


1.507.2.36.2.15
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/246989
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a10 3
20130218:	p12	FreeBSD-SA-13:02.libc
	Fix Denial of Service vulnerability in libc's glob(3) functionality.

d1185 1
a1185 1
$FreeBSD: releng/7.4/UPDATING 246989 2013-02-19 13:27:20Z bz $
@


1.507.2.34.2.1
log
@SVN rev 203736 on 2010-02-10 00:26:20Z by kensmith

Copy stable/7 to releng/7.3 as part of the 7.3-RELEASE process.

Approved by:	re (implicit)
@
text
@@


1.507.2.34.2.2
log
@SVN rev 205401 on 2010-03-21 00:05:29Z by kensmith

Merge r205400:
> Guess at the date the 7.3-RELEASE builds will be finished and everything
> will be in place for the announcement.

Approved by:	re (implicit)
@
text
@a10 3
20100323:
	FreeBSD 7.3-RELEASE

@


1.507.2.34.2.3
log
@SVN rev 208586 on 2010-05-27 03:15:04Z by cperciva

Change the current working directory to be inside the jail created by
the jail(8) command. [10:04]

Fix a one-NUL-byte buffer overflow in libopie. [10:05]

Correctly sanity-check a buffer length in nfs mount. [10:06]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:04.jail
Security:	FreeBSD-SA-10:05.opie
Security:	FreeBSD-SA-10:06.nfsclient
@
text
@a10 5
20100526:	p1	FreeBSD-SA-10:05.opie, FreeBSD-SA-10:06.nfsclient
	Fix a one-NUL-byte buffer overflow in libopie. [10:05]

	Correctly sanity-check a buffer length in nfs mount. [10:06]

@


1.507.2.34.2.4
log
@SVN rev 209964 on 2010-07-13 02:45:17Z by cperciva

Correctly copy the M_RDONLY flag when duplicating a reference
to an mbuf external buffer.

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:07.mbuf
@
text
@a10 4
20100713:	p2	FreeBSD-SA-10:07.mbuf
	Correctly copy the M_RDONLY flag when duplicating a reference
	to an mbuf external buffer.

@


1.507.2.34.2.5
log
@SVN rev 212901 on 2010-09-20 14:58:08Z by cperciva

Fix an integer overflow in RLE length parsing when decompressing
corrupt bzip2 data.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-10:08.bzip2
@
text
@a10 4
20100920:	p3	FreeBSD-SA-10:08.bzip2
	Fix an integer overflow in RLE length parsing when decompressing
	corrupt bzip2 data.

@


1.507.2.34.2.6
log
@SVN rev 216063 on 2010-11-29 20:43:06Z by simon

Fix a race condition exists in the OpenSSL TLS server extension code and
a double free in the SSL client ECDH handling code.

Approved by:	so (simon)
Security:	CVE-2010-2939, CVE-2010-3864
Security:	FreeBSD-SA-10:10.openssl
@
text
@a10 3
20101129:	p4	FreeBSD-SA-10:10.openssl
	Fix OpenSSL multiple vulnerabilities.

@


1.507.2.34.2.7
log
@SVN rev 220901 on 2011-04-20 21:00:24Z by cperciva

Fix CIDR parsing bug in mountd ACLs.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-11:01.mountd
@
text
@a10 3
20110420:	p5	FreeBSD-SA-11:01.mountd
	Fix CIDR parsing bug in mountd ACLs.

@


1.507.2.34.2.8
log
@SVN rev 222416 on 2011-05-28 08:44:39Z by simon

Fix an off by one which can result in a assertion failure in BIND
related to large RRSIG RRsets and Negative Caching. This can cause
named to crash.

Security:	FreeBSD-SA-11:02.bind
Security:	CVE-2011-1910
Security:	https://www.isc.org/software/bind/advisories/cve-2011-1910
Obtained from:	ISC
Approved by:	so (simon)
@
text
@a10 4
20110528:	p6	FreeBSD-SA-11:02.bind
	Fix BIND remote DoS with large RRSIG RRsets and negative
	caching.

@


1.507.2.34.2.9
log
@SVN rev 225827 on 2011-09-28 08:47:17Z by bz

Fix handling of corrupt compress(1)ed data. [11:04]

Add missing length checks on unix socket addresses. [11:05]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-11:04.compress
Security:	CVE-2011-2895 [11:04]
Security:	FreeBSD-SA-11:05.unix
@
text
@a10 5
20110928:	p7	FreeBSD-SA-11:04.compress, FreeBSD-SA-11:05.unix
	Fix handling of corrupt compress(1)ed data. [11:04]

	Add missing length checks on unix socket addresses. [11:05]

@


1.507.2.34.2.10
log
@SVN rev 226023 on 2011-10-04 19:07:38Z by cperciva

Fix a bug in UNIX socket handling in the linux emulator which was
exposed by the security fix in FreeBSD-SA-11:05.unix.

Approved by:	so (cperciva)
Approved by:	re (kib)
Security:	Related to FreeBSD-SA-11:05.unix, but not actually
		a security fix.
@
text
@a10 4
20111004:	p8	FreeBSD-SA-11:05.unix (revised)
	Fix a bug in UNIX socket handling in the linux emulator which was
	exposed by the security fix in FreeBSD-SA-11:05.unix.

@


1.507.2.34.2.11
log
@SVN rev 228843 on 2011-12-23 15:00:37Z by cperciva

Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06]

Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]

Fix a buffer overflow in telnetd. [11:08]

Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]

Add sanity checking of service names in pam_start. [11:10]

Approved by:    so (cperciva)
Approved by:    re (bz)
Security:       FreeBSD-SA-11:06.bind
Security:       FreeBSD-SA-11:07.chroot
Security:       FreeBSD-SA-11:08.telnetd
Security:       FreeBSD-SA-11:09.pam_ssh
Security:       FreeBSD-SA-11:10.pam
@
text
@a10 16
20111223:	p9	FreeBSD-SA-11:06.bind, FreeBSD-SA-11:07.chroot
			FreeBSD-SA-11:08.telnetd, FreeBSD-SA-11:09.pam_ssh
			FreeBSD-SA-11:10.pam
	Fix a problem whereby a corrupt DNS record can cause named to crash.
	[11:06]

	Add an API for alerting internal libc routines to the presence of
	"unsafe" paths post-chroot, and use it in ftpd. [11:07]

	Fix a buffer overflow in telnetd. [11:08]

	Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
	specified. [11:09]

	Add sanity checking of service names in pam_start. [11:10]

@


1.507.2.34.2.12
log
@SVN rev 229539 on 2012-01-04 23:47:20Z by cperciva

Extend the character set accepted by freebsd-update(8) in file
names in order to allow upgrades to FreeBSD 9.0-RELEASE.

Approved by:	so (cperciva)
Errata Notice:	FreeBSD-EN-12:01.freebsd-update
@
text
@a10 4
20120104:	p10	FreeBSD-EN-12:01.freebsd-update
	Extend the character set accepted by freebsd-update(8) in file
	names in order to allow upgrades to FreeBSD 9.0-RELEASE.

@


1.507.2.23.2.1
log
@SVN rev 191087 on 2009-04-15 03:14:26Z by kensmith

Create releng/7.2 from stable/7 in preparation for 7.2-RELEASE.

Approved by:	re (implicit)
@
text
@@


1.507.2.23.2.2
log
@SVN rev 191381 on 2009-04-22 14:07:14Z by cperciva

Don't leak information via uninitialized space in db(3) records. [09:07]

Sanity-check string lengths in order to stop OpenSSL crashing
when printing corrupt BMPString or UniversalString objects. [09:08]

Security:	FreeBSD-SA-09:07.libc
Security:	FreeBSD-SA-09:08.openssl
Security:	CVE-2009-0590
Approved by:	re (kensmith)
Approved by:	so (cperciva)
@
text
@a10 7
20090422:		FreeBSD-SA-09:07.libc, FreeBSD-SA-09:08.openssl
	Don't leak information via uninitialized space in db(3) records.
	[09:07]

	Sanity-check string lengths in order to stop OpenSSL crashing
	when printing corrupt BMPString or UniversalString objects. [09:08]

@


1.507.2.23.2.3
log
@SVN rev 191713 on 2009-05-01 02:17:08Z by kensmith

Predict announcement day for 7.2-RELEASE.

Approved by:	re (implicit)
@
text
@a10 3
20090504:
	FreeBSD 7.2-RELEASE

@


1.507.2.23.2.4
log
@SVN rev 193893 on 2009-06-10 10:31:11Z by cperciva

Prevent integer overflow in direct pipe write code from circumventing
virtual-to-physical page lookups. [09:09]

Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]

Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]

Approved by:	so (cperciva)
Approved by:	re (not really, but SVN wants this...)
Security:	FreeBSD-SA-09:09.pipe
Security:	FreeBSD-SA-09:10.ipv6
Security:	FreeBSD-SA-09:11.ntpd
@
text
@a10 9
20090610:	p1	FreeBSD-SA-09:09.pipe, FreeBSD-SA-09:10.ipv6,
			FreeBSD-SA-09:11.ntpd
	Prevent integer overflow in direct pipe write code from circumventing
	virtual-to-physical page lookups. [09:09]

	Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]

	Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]

@


1.507.2.23.2.5
log
@SVN rev 194808 on 2009-06-24 05:28:09Z by cperciva

MFS r192477: Fix packet length calculation in bce(4). [EN-09:02]

MFS r191867: Correctly set IP packet length for TSO in fxp(4). [EN-09:03]

MFS r191767: Fix a lock order reversal bug that could cause deadlock during
fork(2). [EN-09:04]

Submitted by:	re (kensmith)
Approved by:	so (cperciva)
Errata:		FreeBSD-SA-09:02.bce
Errata:		FreeBSD-SA-09:03.fxp
Errata:		FreeBSD-SA-09:04.fork
@
text
@a10 9
20090624:	p2	FreeBSD-EN-09:02.bce, FreeBSD-EN-09:03.fxp,
			FreeBSD-EN-09:04.fork
	Fix packet length calculation in bce(4). [EN-09:02]

	Correctly set IP packet length for TSO in fxp(4). [EN-09:03]

	Fix a lock order reversal bug that could cause deadlock during
	fork(2). [EN-09:04]

@


1.507.2.23.2.6
log
@SVN rev 195935 on 2009-07-29 00:14:14Z by simon

Fix BIND named(8) dynamic update message remote DoS.

Obtained from:	ISC
Security:	FreeBSD-SA-09:12.bind
Security:	CVE-2009-0696
Approved by:	so (simon)
@
text
@a10 3
20090729:	p3	FreeBSD-SA-09:12.bind
	Fix BIND named(8) dynamic update message remote DoS.

@


1.507.2.23.2.7
log
@SVN rev 197715 on 2009-10-02 18:09:56Z by simon

MFC r197711 (partial) to 6.x and 7.x:

- Add no zero mapping feature, disabled by default. [EN-09:05]

MFC 178913,178914,179242,179243,180336,180340 to 6.x:

- Fix kqueue pipe race conditions. [SA-09:13]

MFC r192301 to 7.x; 6.x has slightly different fix:

- Fix devfs / VFS NULL pointer race condition. [SA-09:14]

Security:	FreeBSD-SA-09:13.pipe
Security:	FreeBSD-SA-09:14.devfs
Errata:		FreeBSD-EN-09:05.null
Submitted by:	kib [SA-09:13] [SA-09:14]
Submitted by:	bz [EN-09:05]
In collaboration with:	jhb, kib, alc [EN-09:05]
Approved by:	so (simon)
@
text
@a10 5
20091002:	p4	FreeBSD-SA-09:14.devfs FreeBSD-EN-09:05.null
	Fix devfs / VFS NULL pointer race condition. [SA-09:14]

	Add no zero mapping feature. [EN-09:05]

@


1.507.2.23.2.8
log
@SVN rev 200054 on 2009-12-03 09:18:40Z by cperciva

Disable SSL renegotiation in order to protect against a serious
protocol flaw. [09:15]

Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]

Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:15.ssl
Security:	FreeBSD-SA-09:16.rtld
Security:	FreeBSD-SA-09:17.freebsd-udpate
@
text
@a10 11
20091203:	p5	FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:16.rtld,
			FreeBSD-SA-09:17.freebsd-update
	Disable SSL renegotiation in order to protect against a serious
	protocol flaw. [09:15]

	Correctly handle failures from unsetenv resulting from a corrupt
	environment in rtld-elf. [09:16]

	Fix permissions in freebsd-update in order to prevent leakage of
	sensitive files. [09:17]

@


1.507.2.23.2.9
log
@SVN rev 201679 on 2010-01-06 21:45:30Z by simon

Fix BIND named(8) cache poisoning with DNSSEC validation.
[SA-10:01]

Fix ntpd mode 7 denial of service. [SA-10:02]

Fix ZFS ZIL playback with insecure permissions. [SA-10:03]

Various FreeBSD 8.0-RELEASE improvements. [EN-10:01]

Security:	FreeBSD-SA-10:01.bind
Security:	FreeBSD-SA-10:02.ntpd
Security:	FreeBSD-SA-10:03.zfs
Errata:		FreeBSD-EN-10:01.freebsd
Approved by:	so (simon)
@
text
@a10 9
20100106:	p6	FreeBSD-SA-10:01.bind, FreeBSD-SA-10:02.ntpd,
			FreeBSD-SA-10:03.zfs
	Fix BIND named(8) cache poisoning with DNSSEC validation.
	[SA-10:01]

	Fix ntpd mode 7 denial of service. [SA-10:02]

	Fix ZFS ZIL playback with insecure permissions. [SA-10:03]

@


1.507.2.23.2.10
log
@SVN rev 204409 on 2010-02-27 10:55:43Z by cperciva

MFC r197223: Fix a deadlock in the ULE scheduler.

Approved by:	so (cperciva)
Errata:		FreeBSD-EN-10:02.sched_ule
@
text
@a10 3
20100227:	p7	FreeBSD-EN-10:02.sched_ule
	Fix a deadlock in the ULE scheduler.

@


1.507.2.23.2.11
log
@SVN rev 208586 on 2010-05-27 03:15:04Z by cperciva

Change the current working directory to be inside the jail created by
the jail(8) command. [10:04]

Fix a one-NUL-byte buffer overflow in libopie. [10:05]

Correctly sanity-check a buffer length in nfs mount. [10:06]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:04.jail
Security:	FreeBSD-SA-10:05.opie
Security:	FreeBSD-SA-10:06.nfsclient
@
text
@a10 5
20100526:	p8	FreeBSD-SA-10:05.opie, FreeBSD-SA-10:06.nfsclient
	Fix a one-NUL-byte buffer overflow in libopie. [10:05]

	Correctly sanity-check a buffer length in nfs mount. [10:06]

@


1.507.2.13.2.1
log
@SVN rev 185281 on 2008-11-25 02:59:29Z by kensmith

Create releng/7.1 in preparation for moving into RC phase of 7.1 release
cycle.

Approved by:	re (implicit)
@
text
@@


1.507.2.13.2.2
log
@SVN rev 186405 on 2008-12-23 01:23:09Z by cperciva

Prevent cross-site forgery attacks on ftpd(8) due to splitting
long commands into multiple requests. [08:12]

Avoid calling uninitialized function pointers in protocol switch
code. [08:13]

Merry Christmas everybody...

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
@
text
@a10 7
20081223:		FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
	Prevent cross-site forgery attacks on ftpd(8) due to splitting
	long commands into multiple requests. [08:12]

	Avoid calling uninitialized function pointers in protocol switch
	code. [08:13]

@


1.507.2.13.2.3
log
@SVN rev 186653 on 2008-12-31 17:17:36Z by kensmith

Predict when we'll be ready to do the 7.1-RELEASE announcement.

Approved by:	re (implicit)
@
text
@a10 3
20090106:
	FreeBSD 7.1-RELEASE

@


1.507.2.13.2.4
log
@SVN rev 186872 on 2009-01-07 20:17:55Z by simon

Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
long commands into multiple requests. [09:01]

Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]

Security:	FreeBSD-SA-09:01.lukemftpd
Security:	FreeBSD-SA-09:02.openssl
Obtained from:	NetBSD [SA-09:01]
Obtained from:	OpenSSL Project [SA-09:02]
Approved by:	so (simon)
@
text
@a10 6
20090107:	p1	FreeBSD-SA-09:01.lukemftpd, FreeBSD-SA-09:02.openssl
	Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
	long commands into multiple requests. [09:01]

	Fix incorrect OpenSSL checks for malformed signatures. [09:02]

@


1.507.2.13.2.5
log
@SVN rev 187194 on 2009-01-13 21:19:27Z by simon

Correct ntpd(8) cryptographic signature bypass [SA-09:04].

Correct BIND DNSSEC incorrect checks for malformed signatures
[SA-09:04].

Security:	FreeBSD-SA-09:03.ntpd
Security:	FreeBSD-SA-09:04.bind
Obtained from:	ISC [SA-09:04]
Approved by:	so (simon)
@
text
@a10 6
20090113:	p2	FreeBSD-SA-09:03.ntpd, FreeBSD-SA-09:04.bind
	Correct ntpd cryptographic signature bypass. [09:03]

	Correct BIND DNSSEC incorrect checks for malformed
	signatures. [09:04]

@


1.507.2.13.2.6
log
@SVN rev 188699 on 2009-02-16 21:56:17Z by cperciva

Correctly scrub telnetd's environment.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:05.telnetd
@
text
@a10 3
20090216:	p3	FreeBSD-SA-09:05.telnetd
	Correctly scrub telnetd's environment.

@


1.507.2.13.2.7
log
@SVN rev 190301 on 2009-03-23 00:00:50Z by cperciva

Correctly sanity-check timer IDs. [SA-09:06]

Limit the size of malloced buffer when dumping environment
variables. [EN-09:01]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-09:06.ktimer
Errata:		FreeBSD-EN-09:01.kenv
@
text
@a10 6
20090323:	p4	FreeBSD-SA-09:06.ktimer, FreeBSD-EN-09:01.kenv
	Correctly sanity-check timer IDs. [SA-09:06]

	Limit the size of malloced buffer when dumping environment
	variables. [EN-09:01]

@


1.507.2.13.2.8
log
@SVN rev 191381 on 2009-04-22 14:07:14Z by cperciva

Don't leak information via uninitialized space in db(3) records. [09:07]

Sanity-check string lengths in order to stop OpenSSL crashing
when printing corrupt BMPString or UniversalString objects. [09:08]

Security:	FreeBSD-SA-09:07.libc
Security:	FreeBSD-SA-09:08.openssl
Security:	CVE-2009-0590
Approved by:	re (kensmith)
Approved by:	so (cperciva)
@
text
@a10 7
20090422:	p5	FreeBSD-SA-09:07.libc, FreeBSD-SA-09:08.openssl
	Don't leak information via uninitialized space in db(3) records.
	[09:07]

	Sanity-check string lengths in order to stop OpenSSL crashing
	when printing corrupt BMPString or UniversalString objects. [09:08]

@


1.507.2.13.2.9
log
@SVN rev 193893 on 2009-06-10 10:31:11Z by cperciva

Prevent integer overflow in direct pipe write code from circumventing
virtual-to-physical page lookups. [09:09]

Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]

Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]

Approved by:	so (cperciva)
Approved by:	re (not really, but SVN wants this...)
Security:	FreeBSD-SA-09:09.pipe
Security:	FreeBSD-SA-09:10.ipv6
Security:	FreeBSD-SA-09:11.ntpd
@
text
@a10 9
20090610:	p6	FreeBSD-SA-09:09.pipe, FreeBSD-SA-09:10.ipv6,
			FreeBSD-SA-09:11.ntpd
	Prevent integer overflow in direct pipe write code from circumventing
	virtual-to-physical page lookups. [09:09]

	Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]

	Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]

@


1.507.2.13.2.10
log
@SVN rev 195935 on 2009-07-29 00:14:14Z by simon

Fix BIND named(8) dynamic update message remote DoS.

Obtained from:	ISC
Security:	FreeBSD-SA-09:12.bind
Security:	CVE-2009-0696
Approved by:	so (simon)
@
text
@a10 3
20090729:	p7	FreeBSD-SA-09:12.bind
	Fix BIND named(8) dynamic update message remote DoS.

@


1.507.2.13.2.11
log
@SVN rev 197715 on 2009-10-02 18:09:56Z by simon

MFC r197711 (partial) to 6.x and 7.x:

- Add no zero mapping feature, disabled by default. [EN-09:05]

MFC 178913,178914,179242,179243,180336,180340 to 6.x:

- Fix kqueue pipe race conditions. [SA-09:13]

MFC r192301 to 7.x; 6.x has slightly different fix:

- Fix devfs / VFS NULL pointer race condition. [SA-09:14]

Security:	FreeBSD-SA-09:13.pipe
Security:	FreeBSD-SA-09:14.devfs
Errata:		FreeBSD-EN-09:05.null
Submitted by:	kib [SA-09:13] [SA-09:14]
Submitted by:	bz [EN-09:05]
In collaboration with:	jhb, kib, alc [EN-09:05]
Approved by:	so (simon)
@
text
@a10 5
20091002:	p8	FreeBSD-SA-09:14.devfs, FreeBSD-EN-09:05.null
	Fix devfs / VFS NULL pointer race condition. [SA-09:14]

	Add no zero mapping feature. [EN-09:05]

@


1.507.2.13.2.12
log
@SVN rev 200054 on 2009-12-03 09:18:40Z by cperciva

Disable SSL renegotiation in order to protect against a serious
protocol flaw. [09:15]

Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]

Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:15.ssl
Security:	FreeBSD-SA-09:16.rtld
Security:	FreeBSD-SA-09:17.freebsd-udpate
@
text
@a10 11
20091203:	p9	FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:16.rtld,
			FreeBSD-SA-09:17.freebsd-update
	Disable SSL renegotiation in order to protect against a serious
	protocol flaw. [09:15]

	Correctly handle failures from unsetenv resulting from a corrupt
	environment in rtld-elf. [09:16]

	Fix permissions in freebsd-update in order to prevent leakage of
	sensitive files. [09:17]

@


1.507.2.13.2.13
log
@SVN rev 201679 on 2010-01-06 21:45:30Z by simon

Fix BIND named(8) cache poisoning with DNSSEC validation.
[SA-10:01]

Fix ntpd mode 7 denial of service. [SA-10:02]

Fix ZFS ZIL playback with insecure permissions. [SA-10:03]

Various FreeBSD 8.0-RELEASE improvements. [EN-10:01]

Security:	FreeBSD-SA-10:01.bind
Security:	FreeBSD-SA-10:02.ntpd
Security:	FreeBSD-SA-10:03.zfs
Errata:		FreeBSD-EN-10:01.freebsd
Approved by:	so (simon)
@
text
@a10 9
20100106:	p10	FreeBSD-SA-10:01.bind, FreeBSD-SA-10:02.ntpd,
			FreeBSD-SA-10:03.zfs
	Fix BIND named(8) cache poisoning with DNSSEC validation.
	[SA-10:01]

	Fix ntpd mode 7 denial of service. [SA-10:02]

	Fix ZFS ZIL playback with insecure permissions. [SA-10:03]

@


1.507.2.13.2.14
log
@SVN rev 204409 on 2010-02-27 10:55:43Z by cperciva

MFC r197223: Fix a deadlock in the ULE scheduler.

Approved by:	so (cperciva)
Errata:		FreeBSD-EN-10:02.sched_ule
@
text
@a10 3
20100227:	p11	FreeBSD-EN-10:02.sched_ule
	Fix a deadlock in the ULE scheduler.

@


1.507.2.13.2.15
log
@SVN rev 208586 on 2010-05-27 03:15:04Z by cperciva

Change the current working directory to be inside the jail created by
the jail(8) command. [10:04]

Fix a one-NUL-byte buffer overflow in libopie. [10:05]

Correctly sanity-check a buffer length in nfs mount. [10:06]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:04.jail
Security:	FreeBSD-SA-10:05.opie
Security:	FreeBSD-SA-10:06.nfsclient
@
text
@a10 3
20100526:	p12	FreeBSD-SA-10:05.opie
	Fix a one-NUL-byte buffer overflow in libopie. [10:05]

@


1.507.2.13.2.16
log
@SVN rev 209964 on 2010-07-13 02:45:17Z by cperciva

Correctly copy the M_RDONLY flag when duplicating a reference
to an mbuf external buffer.

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:07.mbuf
@
text
@a10 4
20100713:	p13	FreeBSD-SA-10:07.mbuf
	Correctly copy the M_RDONLY flag when duplicating a reference
	to an mbuf external buffer.

@


1.507.2.13.2.17
log
@SVN rev 212901 on 2010-09-20 14:58:08Z by cperciva

Fix an integer overflow in RLE length parsing when decompressing
corrupt bzip2 data.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-10:08.bzip2
@
text
@a10 4
20100920:	p14	FreeBSD-SA-10:08.bzip2
	Fix an integer overflow in RLE length parsing when decompressing
	corrupt bzip2 data.

@


1.507.2.13.2.18
log
@SVN rev 215103 on 2010-11-10 23:36:13Z by cperciva

Don't unlock a mutex which wasn't locked.

PR:		kern/137310
Approved by:	so (cperciva)
Security:	FreeBSD-SA-10:09.pseudofs
@
text
@a10 3
20101110:	p15	FreeBSD-SA-10:09.pseudofs
	Don't unlock a mutex which wasn't locked.

@


1.507.2.13.2.19
log
@SVN rev 216063 on 2010-11-29 20:43:06Z by simon

Fix a race condition exists in the OpenSSL TLS server extension code and
a double free in the SSL client ECDH handling code.

Approved by:	so (simon)
Security:	CVE-2010-2939, CVE-2010-3864
Security:	FreeBSD-SA-10:10.openssl
@
text
@a10 3
20101129:	p16	FreeBSD-SA-10:10.openssl
	Fix OpenSSL multiple vulnerabilities.

@


1.507.2.3.2.1
log
@Fix issues which allow snooping on ptys. [08:01]

Fix an off-by-one error in inet_network(3). [08:02]

Security: FreeBSD-SA-08:01.pty
Security: FreeBSD-SA-08:02.libc
Approved by:	re (kensmith)
@
text
@a10 4
20080118:		FreeBSD-SA-08:01.pty, FreeBSD-SA-08:02.libc
	Fix issues which allow snooping on ptys. [08:01]
	Fix an off-by-one error in inet_network(3). [08:02]

@


1.507.2.3.2.2
log
@Fix date of last advisory -- January 14th, not January 18th.

Approved by:	re (kensmith)
@
text
@d11 1
a11 1
20080114:		FreeBSD-SA-08:01.pty, FreeBSD-SA-08:02.libc
@


1.507.2.3.2.3
log
@Fix sendfile(2) write-only file permission bypass.

Security:	FreeBSD-SA-08:03.sendfile
Approved by:	re (kensmith)
@
text
@a10 3
20080214:		FreeBSD-SA-08:02.sendfile
	Fix sendfile(2) write-only file permission bypass.

@


1.507.2.3.2.4
log
@Speculate on the release date for FreeBSD 7.0.

Approved by:	re (implicit)
@
text
@a10 3
20080226:
	FreeBSD 7.0-RELEASE

@


1.507.2.3.2.5
log
@Fix logic error in sshd(8) concerning the handling of failed
attempts to bind ports for X11 forwarding.

Security:	FreeBSD-SA-08:05.openssh
Approved by:	so (cperciva)
@
text
@a10 4
20080416:	p1	FreeBSD-SA-08:05.openssh
	Fix logic error in sshd(8) concerning the handling of failed
	attempts to bind ports for X11 forwarding.

@


1.507.2.3.2.6
log
@SVN rev 179871 on 2008-06-19 06:36:10Z by cperciva

Fix errors in the padding of TCP options.

Errata:		FreeBSD-EN-08:02.tcp
Approved by:	so (cperciva)
@
text
@a10 3
20080619:	p2	FreeBSD-EN-08:02.tcp
	Fix errors in the padding of TCP options.

@


1.507.2.3.2.7
log
@SVN rev 180499 on 2008-07-13 18:42:38Z by cperciva

Improve randomization in BIND to prevent response spoofing.

Security:	FreeBSD-SA-08:06.bind
Approved by:	so (cperciva)
Thanks to:	remko, csjp
No thanks to:	bronchitis
@
text
@a10 3
20080713:	p3	FreeBSD-SA-08:06.bind
	Improve randomization in BIND to prevent response spoofing.

@


1.507.2.3.2.8
log
@SVN rev 182740 on 2008-09-03 19:09:47Z by simon

- Fix amd64 local privilege escalation. [08:07]
- Fix nmount(2) local privilege escalation. [08:08]
- Fix IPv6 remote kernel panics. [08:09]

Fix for [08:07] is merge of r181823.

Submitted by:	kib [08:07], csjp [08:08], bz [08:09]
Reviewed by:	peter [08:07], jhb [08:07]
Reviewed by:	jinmei [08:09], rwatson [08:09]
Approved by:	re (SA blanket)
Approved by:	so (simon)
Security:	FreeBSD-SA-08:07.amd64
Security:	FreeBSD-SA-08:08.nmount
Security:	FreeBSD-SA-08:09.icmp6
@
text
@a10 6
20080903:	p4	FreeBSD-SA-08:07.amd64, FreeBSD-SA-08:08.nmount,
			FreeBSD-SA-08:09.icmp6
	Fix amd64 local privilege escalation. [08:07]
	Fix nmount(2) local privilege escalation. [08:08]
	Fix IPv6 remote kernel panics. [08:09]

@


1.507.2.3.2.9
log
@SVN rev 183529 on 2008-10-02 00:32:59Z by cperciva

Default to ignoring potentially evil IPv6 Neighbor Solicitation
messages.

Approved by:    so (cperciva)
Approved by:	re (kensmith)
Security:       FreeBSD-SA-08:10.nd6
Thanks to:      jinmei, bz
@
text
@a10 4
20081002:	p5	FreeBSD-SA-08:10.nd6
	Default to ignoring potentially evil IPv6 Neighbor Solicitation
	messages.

@


1.507.2.3.2.10
log
@SVN rev 185254 on 2008-11-24 17:39:39Z by cperciva

Make sure arc4random(9) is properly seeded when /etc/rc.d/initrandom returns.

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-08:11.arc4random
@
text
@a10 4
20081124:	p6	FreeBSD-SA-08:11.arc4random
	Make sure arc4random(9) is properly seeded when /etc/rc.d/initrandom
	returns.

@


1.507.2.3.2.11
log
@SVN rev 186405 on 2008-12-23 01:23:09Z by cperciva

Prevent cross-site forgery attacks on ftpd(8) due to splitting
long commands into multiple requests. [08:12]

Avoid calling uninitialized function pointers in protocol switch
code. [08:13]

Merry Christmas everybody...

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
@
text
@a10 7
20081223:	p7	FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
	Prevent cross-site forgery attacks on ftpd(8) due to splitting
	long commands into multiple requests. [08:12]

	Avoid calling uninitialized function pointers in protocol switch
	code. [08:13]

@


1.507.2.3.2.12
log
@SVN rev 186872 on 2009-01-07 20:17:55Z by simon

Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
long commands into multiple requests. [09:01]

Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]

Security:	FreeBSD-SA-09:01.lukemftpd
Security:	FreeBSD-SA-09:02.openssl
Obtained from:	NetBSD [SA-09:01]
Obtained from:	OpenSSL Project [SA-09:02]
Approved by:	so (simon)
@
text
@a10 6
20090107:	p8	FreeBSD-SA-09:01.lukemftpd, FreeBSD-SA-09:02.openssl
	Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
	long commands into multiple requests. [09:01]

	Fix incorrect OpenSSL checks for malformed signatures. [09:02]

@


1.507.2.3.2.13
log
@SVN rev 187194 on 2009-01-13 21:19:27Z by simon

Correct ntpd(8) cryptographic signature bypass [SA-09:04].

Correct BIND DNSSEC incorrect checks for malformed signatures
[SA-09:04].

Security:	FreeBSD-SA-09:03.ntpd
Security:	FreeBSD-SA-09:04.bind
Obtained from:	ISC [SA-09:04]
Approved by:	so (simon)
@
text
@a10 6
20090113:	p9	FreeBSD-SA-09:03.ntpd, FreeBSD-SA-09:04.bind
	Correct ntpd cryptographic signature bypass. [09:03]

	Correct BIND DNSSEC incorrect checks for malformed
	signatures. [09:04]

@


1.507.2.3.2.14
log
@SVN rev 188699 on 2009-02-16 21:56:17Z by cperciva

Correctly scrub telnetd's environment.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:05.telnetd
@
text
@a10 3
20090216:	p10	FreeBSD-SA-09:05.telnetd
	Correctly scrub telnetd's environment.

@


1.507.2.3.2.15
log
@SVN rev 190301 on 2009-03-23 00:00:50Z by cperciva

Correctly sanity-check timer IDs. [SA-09:06]

Limit the size of malloced buffer when dumping environment
variables. [EN-09:01]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-09:06.ktimer
Errata:		FreeBSD-EN-09:01.kenv
@
text
@a10 6
20090323:	p11	FreeBSD-SA-09:06.ktimer, FreeBSD-EN-09:01.kenv
	Correctly sanity-check timer IDs. [SA-09:06]

	Limit the size of malloced buffer when dumping environment
	variables. [EN-09:01]

@


1.507.2.3.2.16
log
@SVN rev 191381 on 2009-04-22 14:07:14Z by cperciva

Don't leak information via uninitialized space in db(3) records. [09:07]

Sanity-check string lengths in order to stop OpenSSL crashing
when printing corrupt BMPString or UniversalString objects. [09:08]

Security:	FreeBSD-SA-09:07.libc
Security:	FreeBSD-SA-09:08.openssl
Security:	CVE-2009-0590
Approved by:	re (kensmith)
Approved by:	so (cperciva)
@
text
@a10 7
20090422:	p12	FreeBSD-SA-09:07.libc, FreeBSD-SA-09:08.openssl
	Don't leak information via uninitialized space in db(3) records.
	[09:07]

	Sanity-check string lengths in order to stop OpenSSL crashing
	when printing corrupt BMPString or UniversalString objects. [09:08]

@


1.506
log
@Repo copy libpthreads to libkse.
This introduces the WITHOUT_LIBKSE nob,
and changes WITHOUT_LIBPTHREADS to mean with neither threading libs.
Approved by:	re(kensmith)
@
text
@d24 1
a24 1
20071008:
@


1.505
log
@Make the PCI code aware of PCI domains (aka PCI segments) so we can
support machines having multiple independently numbered PCI domains
and don't support reenumeration without ambiguity amongst the
devices as seen by the OS and represented by PCI location strings.
This includes introducing a function pci_find_dbsf(9) which works
like pci_find_bsf(9) but additionally takes a domain number argument
and limiting pci_find_bsf(9) to only search devices in domain 0 (the
only domain in single-domain systems). Bge(4) and ofw_pcibus(4) are
changed to use pci_find_dbsf(9) instead of pci_find_bsf(9) in order
to no longer report false positives when searching for siblings and
dupe devices in the same domain respectively.
Along with this change the sole host-PCI bridge driver converted to
actually make use of PCI domain support is uninorth(4), the others
continue to use domain 0 only for now and need to be converted as
appropriate later on.
Note that this means that the format of the location strings as used
by pciconf(8) has been changed and that consumers of <sys/pciio.h>
potentially need to be recompiled.

Suggested by:	jhb
Reviewed by:	grehan, jhb, marcel
Approved by:	re (kensmith), jhb (PCI maintainer hat)
@
text
@d24 4
d152 3
a154 3
	The default threading library has been changed to libthr.  If
	you wish to have libpthread as your default, use option
	DEFAULT_THREAD_LIB=libpthread for the buildworld.
@


1.504
log
@Finishing renaming of cached into nscd. etc/rc.d and usr.sbin/Makefile
updated. Note added to UPDATING.

Approved by:	re (kensmith, bmah), brooks (mentor)
@
text
@d24 7
@


1.503
log
@Fix typo.

Reported by:	Danny Braniss <danny at cs dot huji dot ac dot il>
Approved by:	re (bmah)
@
text
@d24 7
@


1.502
log
@Belately note default driver change for NVIDIA network adapters.

Requested by:	Michael Plass < mfp49_freebsd at plass-family dot net>
Approved by:	re (hrs)
@
text
@d49 1
a49 1
20060612:
@


1.501
log
@Document the move from FAST_IPSEC to IPSEC.  Point out the need for
device crypto in the kernel configuration file when using IPSEC.

Approved by: re
@
text
@d49 5
@


1.500
log
@Add a note about the pf update, mark libexec/ftp-proxy as obsolete and bump
__FreeBSD_version for ports.

Approved by:	re (implicit)
@
text
@d24 5
@


1.499
log
@Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes only the kernel files, the rest of the files
will follow in a second commit.

Reviewed by:    bz
Approved by:    re
Supported by:   Secure Computing
@
text
@d24 7
@


1.498
log
@Remove wicontrol(8) from the base system. Using wicontrol to configure an
interface has been deprecated since 5.1, wi(4) wireless interfaces are managed
via the net80211 stack and ifconfig.

Approved by:	re (rwatson)
@
text
@d25 8
@


1.497
log
@Spaces to tab
@
text
@d24 5
@


1.496
log
@Add a new rc.conf variable, sendmail_rebuild_aliases, which tells
/etc/rc.d/sendmail whether or not to run newaliases if the database
is missing or the aliases text file is newer than aliases.db.

In my opinion, the aliases file should never be automatically rebuilt.
The current text form could represent a work in progress.  Therefore,
in FreeBSD 7.0, this new option will default to "NO".  When this rc.d
change is MFC'ed, it will need to remain "YES" to maintain backward
compatibility.

PR:		conf/86252
Approved by:	re (kensmith)
MFC after:	3 days
@
text
@d109 4
a112 4
        The ABI breakage in sendmail(8)'s libmilter has been repaired
        so it is no longer necessary to recompile mail filters (aka,
        milters).  If you recompiled mail filters after the 20070408
        note, it is not necessary to recompile them again.
@


1.495
log
@Import rewrite of IPv4 socket multicast layer to support source-specific
and protocol-independent host mode multicast. The code is written to
accomodate IPv6, IGMPv3 and MLDv2 with only a little additional work.

This change only pertains to FreeBSD's use as a multicast end-station and
does not concern multicast routing; for an IGMPv3/MLDv2 router
implementation, consider the XORP project.

The work is based on Wilbert de Graaf's IGMPv3 code drop for FreeBSD 4.6,
which is available at: http://www.kloosterhof.com/wilbert/igmpv3.html

Summary
 * IPv4 multicast socket processing is now moved out of ip_output.c
   into a new module, in_mcast.c.
 * The in_mcast.c module implements the IPv4 legacy any-source API in
   terms of the protocol-independent source-specific API.
 * Source filters are lazy allocated as the common case does not use them.
   They are part of per inpcb state and are covered by the inpcb lock.
 * struct ip_mreqn is now supported to allow applications to specify
   multicast joins by interface index in the legacy IPv4 any-source API.
 * In UDP, an incoming multicast datagram only requires that the source
   port matches the 4-tuple if the socket was already bound by source port.
   An unbound socket SHOULD be able to receive multicasts sent from an
   ephemeral source port.
 * The UDP socket multicast filter mode defaults to exclusive, that is,
   sources present in the per-socket list will be blocked from delivery.
 * The RFC 3678 userland functions have been added to libc: setsourcefilter,
   getsourcefilter, setipv4sourcefilter, getipv4sourcefilter.
 * Definitions for IGMPv3 are merged but not yet used.
 * struct sockaddr_storage is now referenced from <netinet/in.h>. It
   is therefore defined there if not already declared in the same way
   as for the C99 types.
 * The RFC 1724 hack (specify 0.0.0.0/8 addresses to IP_MULTICAST_IF
   which are then interpreted as interface indexes) is now deprecated.
 * A patch for the Rhyolite.com routed in the FreeBSD base system
   is available in the -net archives. This only affects individuals
   running RIPv1 or RIPv2 via point-to-point and/or unnumbered interfaces.
 * Make IPv6 detach path similar to IPv4's in code flow; functionally same.
 * Bump __FreeBSD_version to 700048; see UPDATING.

This work was financially supported by another FreeBSD committer.

Obtained from:  p4://bms_netdev
Submitted by:   Wilbert de Graaf (original work)
Reviewed by:    rwatson (locking), silence from fenner,
		net@@ (but with encouragement)
@
text
@d25 6
@


1.494
log
@note 802.11 changes
@
text
@d24 19
@


1.493
log
@Now pam_nologin(8) will provide an account management function
instead of an authentication function.  There are a design reason
and a practical reason for that.  First, the module belongs in
account management because it checks availability of the account
and does no authentication.  Second, there are existing and potential
PAM consumers that skip PAM authentication for good or for bad.
E.g., sshd(8) just prefers internal routines for public key auth;
OTOH, cron(8) and atrun(8) do implicit authentication when running
a job on behalf of its owner, so their inability to use PAM auth
is fundamental, but they can benefit from PAM account management.

Document this change in the manpage.

Modify /etc/pam.d files accordingly, so that pam_nologin.so is listed
under the "account" function class.

Bump __FreeBSD_version (mostly for ports, as this change should be
invisible to C code outside pam_nologin.)

PR:		bin/112574
Approved by:	des, re
@
text
@d25 13
@


1.492
log
@Sync ether_ioctl() with ioctl(2) and ifnet.if_ioctl
as to the type of the command argument: int -> u_long.
These types have different widths in the 64-bit world.

Add a note to UPDATING because the change breaks KBI
on 64-bit platforms.

Discussed on:	-net, -current
Reviewed by:	bms, ru
@
text
@d24 18
@


1.491
log
@Revert config(8) version bump. It brings major pain for people working on
different versions of FreeBSD source tree.

Old config(8) can now be used unless you want to use INCLUDE_CONFIG_FILE
option.

Approved by:	imp
Reviewed by:	imp
@
text
@d24 6
@


1.490
log
@Add some notes about symbol versioning and the switch to libthr.
@
text
@d24 9
@


1.489
log
@Add a new note to revoke the 20070408 note.  Is is no longer necessary
to recompile milters.

MFC after:	4 days
@
text
@d24 13
@


1.488
log
@Back-out manual procedure for maintaining compatibility with old accounting
files.  This functionality will be built-into the corresponding tools.
@
text
@d24 6
@


1.487
log
@Notes on the acct(5) format switch.
@
text
@a23 11
20070418:
	A new acct(5) format is imminent.  If you want to maintain access
	to your accounting files, use the new lastcomm(1) -X functionality to
	export them into text format, and keep around a copy of the lastcomm
	binary.  An updated lastcomm(1) program will allow you to import
	the text files into the new acct(5) format.  The change will also
	invalidate the condensed summary files /var/account/savacct and
	/var/account/usracct.  If your process accounting system relies
	on them, you will need to save their contents in a readable format
	before the switch.

@


1.486
log
@Note the renaming of trunk(4) to lagg(4).
@
text
@d24 11
@


1.485
log
@Include a note about recompiling ports which use the base libmilter.

Submitted by:	Matthew Seaman
@
text
@d24 4
@


1.484
log
@Make the tunable names for Intel license agreement more obvious.
@
text
@d24 5
@


1.483
log
@Note that the old firmware modules need to be removed.

Reported by:	Jeremie Le Hen
Suggested by:	Stefan Ehmann
@
text
@d27 1
a27 1
	share/doc/legal and define legal.<name>.license_ack=1 via
@


1.482
log
@- Add missing subdirectories in BSD.usr.dist mtree file.
- Update hier(7) to reflect latest changes in mtree file.
- Add UPDATING entry following Intel firmwares inclusion.

Submitted by:	mlaier
MFC after:	1 month
@
text
@d28 2
a29 1
	loader.conf(5) or kenv(1).
@


1.481
log
@Bump the bootstrapping requirements for gensnmptree(1) and remove
a note in UPDATING that tried to work around the build breakage.

Tested by:	jhb
OK'ed by:	njl
@
text
@d24 6
@


1.480
log
@Document removal of addr2ascii/ascii2addr and addition of AF_LINK
support for getnameinfo.
@
text
@a44 13
20070218:
	The following build error may appear when upgrading from an old
	-current (usr.sbin/bsnmpd/modules/snmp_bridge, depend stage):
		line 31: '(' expected at begin of node
		context: " TruthValue ENUM (
		*** Error code 1
	If so, run "make install" in usr.sbin/bsnmpd/gensnmptree.  (It
	should probably be a build tool).  In the same module, you may
	also get the error:
		...snmp_bridge/bridge_sys.c:39:27:
		net/bridgestp.h: No such file or directory
	If so, run "cp src/sys/net/bridgestp.h /usr/include/net".

@


1.479
log
@- Use a permanent URL to reference piso's mail.
- Put URL on seperate line to not get very long lines.
@
text
@d24 8
@


1.478
log
@Reword addition about MROUTING.

Submitted by:	ru
@
text
@d28 2
a29 1
	sync. For more info: http://docs.freebsd.org/cgi/getmsg.cgi?fetch=465712+0+current/freebsd-current
@


1.477
log
@Update my previous note about newbus API breakage mentioning the
__FreeBSD_version bump.
@
text
@d32 3
a34 3
	kernels by loading the ip_mroute.ko module.
	The module build heeds the MK_INET6_SUPPORT make.conf option; it
	may be set to "no" to omit building the IPv6 support.
@


1.476
log
@Note newbus API & ABI breakage.
@
text
@d26 3
a28 2
	has occurred, and as a result ABI was broken: make sure that 
	your kernel and modules are in sync. For more info: http://docs.freebsd.org/cgi/getmsg.cgi?fetch=465712+0+current/freebsd-current
@


1.475
log
@Note that IPv6 multicast forwarding is now dynamically loadable.
@
text
@d25 5
@


1.474
log
@Note problems I had with bsnmpd while updating from an older -current.
There may be better ways to fix/work around these issues but this worked
for me.
@
text
@d24 6
@


1.473
log
@Retire most of the classful network behaviour of netstat -r output, for IPv4.

 Without -n, we now only print a "network name" without the prefix length
 under the following conditions:
  1) the network address and mask matches a classful network prefix;
  2) getnetbyaddr(3) returns a network name for this network address.

 With -n, we unconditionally print the full unabbreviated CIDR network
 prefix in the form "a.b.c.d/p". 0.0.0.0/0 is still printed as "default".

This change is in preparation for changes such as equal-cost multipath, and
to more generally assist operational deployment of FreeBSD as a modern IPv4
router. There are currently no plans to backport this change.

Discussed on:	freebsd-net
@
text
@d24 13
@


1.472
log
@Build PIM by default as part of the IPv4 multicast forwarding path.
Make PIM dynamically loadable by using encap_attach_func().
PIM may now be loaded into a GENERIC kernel.

Tested with:	ports/net/pimdd && tcpreplay && wireshark
Reviewed by:	Pavlin Radoslavov
@
text
@d24 11
@


1.471
log
@Remove support for IPIP tunnels in IPv4 multicast forwarding. XORP has
never used them; with mrouted, their functionality may be replaced by
explicitly configuring gif(4) instances and specifying them with the
'phyint' keyword.

Bump __FreeBSD_version to 700030, and update UPDATING.
A doc update is forthcoming.

Discussed on:	net
Reviewed by:	fenner
MFC after:	3 months
@
text
@d24 7
@


1.470
log
@Note the second coming of MSI support in the bge driver.
@
text
@d24 9
@


1.469
log
@Note that MSI support has been disabled already in the bge driver.
@
text
@d24 8
@


1.468
log
@Add an entry noting that MSI support has been put into the bge
driver.
@
text
@d25 7
@


1.467
log
@Note the mashing of the proc structure.. recommend recompiling
kernel modules.
@
text
@d24 6
@


1.466
log
@Welcome to Once-a-year Sound Mega-Commit. Enjoy numerous updates and fixes
in every sense.

General
-------

- Multichannel safe, endian safe, format safe
   * Large part of critical pcm filters such as vchan.c, feeder_rate.c,
     feeder_volume.c, feeder_fmt.c and feeder.c has been rewritten so that
     using them does not cause the pcm data to be converted to 16bit little
     endian.
   * Macrosses for accessing pcm data safely are defined within sound.h in
     the form of PCM_READ_* / PCM_WRITE_*
   * Currently, most of them are probably limited for mono/stereo handling,
     but the future addition of true multichannel will be much easier.

- Low latency operation
  * Well, this require lot more works to do not just within sound driver,
    but we're heading towards right direction. Buffer/block sizing within
    channel.c is rewritten to calculate precise allocation for various
    combination of sample/data/rate size. As a result, applying correct
    SNDCTL_DSP_POLICY value will achive expected latency behaviour simmilar
    to what commercial 4front driver do.
  * Signal handling fix. ctrl+c of "cat /dev/zero > /dev/dsp" does not
    result long delay.
  * Eliminate sound truncation if the sound data is too small.
    DIY:
      1) Download / extract
         http://people.freebsd.org/~ariff/lowlatency/shortfiles.tar.gz
      2) Do a comparison between "cat state*.au > /dev/dsp" and
         "for x in state*.au ; do cat $x > /dev/dsp ; done"
         - there should be no "perceivable" differences.
    Double close for PR kern/31445.

  CAVEAT: Low latency come with (unbearable) price especially for poorly
          written applications. Applications that trying to act smarter
	  by requesting (wrong) blocksize/blockcount will suffer the most.
	  Fixup samples/patches can be found at:
	  http://people.freebsd.org/~ariff/ports/

- Switch minimum/maximum sampling rate limit to "1" and "2016000" (48k * 42)
  due to closer compatibility with 4front driver.
  Discussed with: marcus@@ (long time ago?)

- All driver specific sysctls in the form of "hw.snd.pcm%d.*" have been
  moved to their own dev sysctl nodes, notably:
  hw.snd.pcm%d.vchans -> dev.pcm.%d.vchans
  Bump __FreeBSD_version.

Driver specific
---------------

- Ditto for sysctls.

- snd_atiixp, snd_es137x, snd_via8233, snd_hda
  * Numerous cleanups and fixes.
  * _EXPERIMENTAL_ polling mode support using simple callout_* mechanisme.
   This was intended for pure debugging and latency measurement, but proven
   good enough in few unexpected and rare cases (such as problematic shared
   IRQ with GIANT devices - USB). Polling can be enabled/disabled through
   dev.pcm.0.polling. Disabled by default.

- snd_ich
  * Fix possible overflow during speed calibration. Delay final
    initialization (pcm_setstatus) after calibration finished.
    PR: kern/100169
    Tested by: Kevin Overman <oberman@@es.net>
  * Inverted EAPD for few Nec VersaPro.
    PR: kern/104715
    Submitted by: KAWATA Masahiko <kawata@@mta.biglobe.ne.jp>

Thanks to various people, notably Joel Dahl, Yuriy Tsibizov, Kevin Oberman,
those at #freebsd-azalia @@ freenode and others for testing.

Joel Dahl will do the manpage update.
@
text
@d24 7
@


1.465
log
@Mention that the following binaries have been detached
from the build: mount_devfs, mount_ext2fs,
mount_fdescfs, mount_procfs, mount_linprocfs, and mount_std.
@
text
@d24 13
@


1.464
log
@Add a note about the MSI support with details on how to turn MSI off if
things break.
@
text
@d24 9
@


1.463
log
@MUTEX_PROFILING has been generalized to LOCK_PROFILING. We now profile
wait (time waited to acquire) and hold times for *all* kernel locks. If
the architecture has a system synchronized TSC, the profiling code will
use that - thereby minimizing profiling overhead. Large chunks of profiling
code have been moved out of line, the overhead measured on the T1 for when
it is compiled in but not enabled is < 1%.

Approved by: scottl (standing in for mentor rwatson)
Reviewed by: des and jhb
@
text
@d23 8
@


1.462
log
@Add 'options KSE' to the kernel config DEFAULTS on all arches/machines
except sun4v.

This change makes the transition from a default to an option more
transparent and is an attempt to head off all the compliants that are
likely from people who don't read UPDATING, based on experience with
the io/mem change.

Submitted by:	scottl@@
@
text
@d23 6
@


1.461
log
@Make KSE a kernel option, turned on by default in all GENERIC
kernel configs except sun4v (which doesn't process signals properly
with KSE).

Reviewed by:	davidxu@@
@
text
@d24 1
a24 1
20061025:
d26 5
a30 6
	default in the GENERIC kernels. Either add 'options KSE' to your
	custom kernel or edit /etc/libmap.conf to redirect libpthread.so.2
	to libthr.so.2. All kernel modules *must* be recompiled after
	this change. There-after, modules from a KSE kernel should be
	compatible with modules from a NOKSE kernel due to the temporary
	padding fields added to 'struct proc'.
@


1.460
log
@The ioctl(2) API has changed, and some ioctl command codes too.
Hint users to add "options COMPAT_FREEBSD6" to their kernel config
files, so that X.Org and friends still work without recompiling.
@
text
@d24 9
@


1.459
log
@Remove mrouted and its utilities from the base system.
They may now be obtained from ports.

Discussed with:	fenner, net@@
@
text
@d27 7
@


1.458
log
@Belatedly document the size change of "struct x?tcpcb".
@
text
@d24 3
@


1.457
log
@Note the removal of tcpslice
@
text
@d27 5
@


1.456
log
@o s/IP_FIREWALL_FORWARD/IPFIREWALL_FORWARD/.

PR:		docs/103251
Submitted by:	vd
MFC after:	3 days
@
text
@d24 3
@


1.455
log
@bump version for libpcap+tcpdump imports
@
text
@d29 1
a29 1
	for IP_FIREWALL_FORWARD is now as it was before when it was first
@


1.454
log
@Add a belated entry regarding the removal of lnc(4).
@
text
@d24 3
@


1.453
log
@Note IPFIREWALL_FOWARD_EXTENDED is now gone.

MFC after:	1 week
@
text
@d47 7
@


1.452
log
@Add an entry for enigma(1)/crypt(1) change on 64-bit architectures.
@
text
@d24 5
@


1.451
log
@Extend i4b to support CAPI manager based ISDN controllers (CAPI manager is part of
c4b, CAPI for BSD). This is a preparation to add CAPI for BSD to the source tree.

Approved by:	hm (mentor)
MFC after:	2 weeks
@
text
@d24 7
@


1.450
log
@Updated the XBOX kernel to use the new nfe(4) driver obtained from
OpenBSD. This driver seems to give a small performance increase, and
should lead to better maintainability in the future.

The nForce Ethernet-specific hack in sys/i386/xbox/xbox.c is still
required, judging from dev/nfe/if_nfe.c. The condition it hacks will
almost certainly only occur on XBOX-es anyway, so it is best left there.

Approved by:	imp (mentor)
@
text
@d24 6
@


1.449
log
@Note that an old adjkerntz is not really usable after the recent
sysctlbyname() changes, so the new adjkerntz binary should be
used while in single-user mode.

Reviewed by:	ceri, maxim
@
text
@d24 5
@


1.448
log
@Fix typo.
@
text
@d24 15
@


1.447
log
@Update UPDATING and bump __FreeBSD_version for the ip6fw removal.
@
text
@d27 1
a27 1
	have been update to deal with it.  There are some rules that
@


1.446
log
@Belatedly add 2 entries relating to the introduction of scc(4) and
the overhaul of puc(4). On sparc64 people may end up without serial
console if they upgrade without adding scc(4) to their kernel
configuration file.
@
text
@d24 7
@


1.445
log
@Fix the "make distribution" example; it should be run from src/.
@
text
@d24 15
@


1.444
log
@Document new world older for world/kernel build options.
@
text
@d432 1
a432 1
	cd src/etc; make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
@


1.443
log
@Add note about 'audit' group.
Add note about the '_dhcp' user.

While one is expected to run mergemaster -p before installworld, make
a note of the points where this will actively fail due to the addition of
users/groups.
@
text
@d24 13
@


1.442
log
@Revise the names of modules in the recent note on tdfx_linux.
@
text
@d35 5
d176 4
@


1.441
log
@Retire NETSMBCRYPTO as a kernel option and make its functionality
enabled by default in NETSMB and smbfs.ko.

With the most of modern SMB providers requiring encryption by
default, there is little sense left in keeping the crypto part
of NETSMB optional at the build time.

This will also return smbfs.ko to its former properties users
are rather accustomed to.

Discussed with:		freebsd-stable, re (scottl)
Not objected by:	bp, tjr (silence)
MFC after:		5 days
@
text
@d30 4
a33 4
	tdfx_linux device.  The latter can be loaded as a kernel module.
	Loading it alone should suffice to get 3dfx support for Linux
	apps because it will pull in tdfx.ko and linux.ko through its
	dependencies.
@


1.440
log
@Take the functionality contained in the former "options TDFX_LINUX"
into a separate module.  Accordingly, convert the option into a device
named similarly.

Note for MFC: Perhaps the option should stay in RELENG_6 for POLA reasons.

Suggested by:	scottl
Reviewed by:	cokane
MFC after:	5 days
@
text
@d24 4
@


1.439
log
@Add a quite late 20051014 entry for the changes in module Makefiles,
mainly to stick to the conventional MFC procedure.

Requested by:	Thomas E. Zander <riggs at rrr dot de>
MFC after:	3 days
@
text
@d24 7
@


1.438
log
@Record the change in vnone_create_vobject() argument size,
which broke kernel ABI to filesystem modules on i386, where
sizeof(size_t) != sizeof(off_t).
@
text
@d97 9
@


1.437
log
@Retroactively add a note about the device names in /dev for si(4) changing.
@
text
@d24 4
@


1.436
log
@- Fix typo

Reported by:	neologism/#freenode
@
text
@d45 4
@


1.435
log
@Note that the size of /boot has blown oout to 140 MBytes unless the
right options are used. Tell how to avoid this.
@
text
@d27 1
a27 1
	This increases the size of /boot/kenrnel to about 67Mbytes. You
@


1.434
log
@Note that libc's malloc implementation has been replaced.

Approved by:	markm (mentor)
@
text
@d24 10
@


1.433
log
@Yesterday netgraph ABI has been changed.
@
text
@d24 5
@


1.432
log
@Note shrinkage of lock_object and the subsequent widespread kernel ABI
breakage.
@
text
@d24 5
@


1.431
log
@Say some words about the removed PQ_* kernel options.
@
text
@d24 6
@


1.430
log
@Note the device filename changes due to sys/dev/rp/rp.c rev 1.70.
@
text
@d24 5
@


1.429
log
@note shuffle of commonly used programs in tools/tools/ath
@
text
@d49 4
@


1.428
log
@Add a paragraph to the COMMON ITEMS section that describes why
upgrading to the latest code in one branch before trying a major
version upgrade is a good idea.

Fleshing out of my thoughts provided by: kris
@
text
@d24 6
@


1.427
log
@- Mention also the COMPAT_FREEBSD5 option along with COMPAT_FREEBSD4.
- Notice that 20050227 entry is also applicable to packages, not only
  to world.

In collaboration with:	osa, phk
@
text
@d270 7
@


1.426
log
@Add an entry explaining the changes which add local scripts
to the base rcorder.
@
text
@d135 2
a136 1
	when crossing this point.
d399 2
a400 1
	that is hard to boot to recover.
@


1.425
log
@Document removal of nodev mount option.

Requested by:	gleb
@
text
@d24 10
@


1.424
log
@  Garbage-collect now unused struct _ipfw_insn_pipe and flush_pipe_ptrs(),
thus removing a few XXXes.
  Document the ABI breakage in UPDATING.
@
text
@d25 5
@


1.423
log
@Record renaming rc.d/ppp-user to rc.d/ppp.
@
text
@d24 4
@


1.422
log
@Note that kern.polling.enable is deprecated.
@
text
@d24 5
@


1.421
log
@Remove bridge(4) from the tree.  if_bridge(4) is a full functional
replacement and has additional features which make it superior.

Discussed on:	-arch
Reviewed by:	thompsa
X-MFC-after:	never (RELENG_6 as transition period)
@
text
@d24 4
@


1.420
log
@Be a little more obvious about the steps to build a kernel.
@
text
@d24 4
@


1.419
log
@Add delete-old and delete-old-libs targets:
  - removes obsolete files/dirs or libraries.
  - works in interactive (default) and batch mode
  - respects DISTDIR
  - documented in UPDATING and build(7)

The head of the file ObsoleteFiles.inc contains instructions how to add
obsolete files/dirs/libs to the list. Obviously one should add obsolete
files to this list, when he removes a file/dir/lib from the basesystem.

Additionally add check-old target:
  - allows re@@ to check if a file on the obsolete list resurfaces

Design goals:
  - allows full control by the user (default interactive mode)
  - possibility of scripted removal of obsolete files (batch mode)
  - opt-in removal of files (explicit list of files)
  - seperate removal of libs (2 delete targets)

Important design decissions:
  - structured list of files to remove instead of a plain text file:
    * allows to remove additional files if a NO_foo knob is specified
      without the need to change the targets (no NO_foo knob is respected
      yet)
  - not using mtree like NetBSD does:
    * mtree doesn't has an interactive mode

Discussed on:		arch (long ago), current (this year)
Additional input from:	re (hrs)
Approved by:		mentor (joerg)
@
text
@d240 4
a243 2
	a few days old), you should follow this procedure. With a
	/usr/obj tree with a fresh buildworld,
@


1.418
log
@mention getaddrinfo(3) ABI breakage on 64 bit arch.
@
text
@d280 1
d318 1
@


1.417
log
@Note RELENG_6 branch and minor related tweaks.

Approved by:	re (implicit)
@
text
@d24 7
@


1.416
log
@Add an entry about absolute PAM module paths, backdated to when the
change happened.

Submitted by:	rwatson
Approved by:	re (scottl)
@
text
@d11 2
a12 2
NOTE TO PEOPLE WHO THINK THAT FreeBSD 6.x IS SLOW:
	FreeBSD 6.x has many debugging features turned on, in
d24 3
@


1.416.2.1
log
@Note date of RELENG_6 branch.

Approved by:	re (implicit)
@
text
@a23 3
20050711:
	RELENG_6 branched here.

@


1.416.2.2
log
@MFC 1.418: mention getaddrinfo(3) ABI breakage on 64 bit arch.

Approved by:	re (kensmith)
@
text
@a23 7
20050722:
	The ai_addrlen of a struct addrinfo was changed to a socklen_t
	to conform to POSIX-2001.  This change broke an ABI
	compatibility on 64 bit architecture.  You have to recompile
	userland programs that use getaddrinfo(3) on 64 bit
	architecture.

@


1.416.2.3
log
@Big overall MFC of polling(4) cleanup:

o First attempt on removing Giant from polling. Details:
  http://lists.freebsd.org/pipermail/cvs-src/2005-September/051848.html
o Second attempt, and big polling cleanup including:
  - Functinal approach to turning polling on/off
  - Deprecating of poll_in_trap
  - Removal of ifnet knowledge from kern_poll.c
  Details:
  http://lists.freebsd.org/pipermail/cvs-src/2005-October/053267.html
o Improved checking of user configurable sysctls. Details:
  http://lists.freebsd.org/pipermail/cvs-src/2005-October/053351.html
o Moving DEVICE_POLLING from opt_global.h to opt_device_polling.h:
  http://lists.freebsd.org/pipermail/cvs-src/2005-October/053479.html

o All related documentation fixes.

Approved by:	re (kensmith)
Thanks to:	everyone, who helped with testing
@
text
@a23 4
20051001:
	kern.polling.enable sysctl MIB is now deprecated. Use ifconfig(8)
	to turn polling(4) on your interfaces.

@


1.416.2.4
log
@Remove a note that claims that the debugging options are turned on
by default, to match the reality that these has been turned off on
the 6-STABLE branch since 6.0-BETA6.

This is a direct commit against RELENG_6 since it is not applicable
for HEAD.

Approved by:	re (scottl)
@
text
@d11 13
@


1.416.2.5
log
@Some changes to reflect 6.0-STABLE/RELEASE:
 - Mention that this is -STABLE
 - Mention that only 5.3+ is supported for source upgrade
 - When just building a kernel we assume that the user got a
   system that is fresh enough
 - The in-place update is supported for 5.x-STABLE and 6.x-STABLE
 - Since we don't support systems that is prior to 5.3, don't
   mention about mergemaster three years before.
 - Since source upgrade from 4.x is no longer supported, we
   are supposed that COMPAT_FREEBSD5X is better suited for the
   source upgrade
 - At the end, call this a -STABLE

Approved by:	re (scottl)
@
text
@d1 1
a1 1
Updating Information for FreeBSD STABLE users
a227 3
	Due to several updates to the build infrastructure, source
	upgrades from versions prior to 5.3 no longer supported.

d246 1
a246 1
	This assumes you are already running a 6.X system.  Replace
d299 2
a300 2
	To upgrade in-place from 5.x-stable or higher to 6.x-stable
	-----------------------------------------------------------
d345 4
a348 1
	step.  It never hurts to do it all the time.
d350 2
a351 2
	[8] In order to have a kernel that can run the 5.x binaries
	needed to do an installworld, you must include the COMPAT_FREEBSD5
d371 1
a371 1
breakages in tracking -STABLE.  Not all things will be listed here,
@


1.416.2.6
log
@Note that 6.0-RELEASE is about to happen.

Approved by: re
@
text
@a11 3
	FreeBSD 6.0-RELEASE

20051001:
@


1.416.2.7
log
@Nov = 11

Approved by: re
@
text
@d11 1
a11 1
20051101:
@


1.416.2.8
log
@MFC the paragraph about major version upgrades from 1.428
@
text
@a233 7
	When upgrading from one major version to another it is generally
	best to upgrade to the latest code in the currently installed branch
	first, then do an upgrade to the new branch. This is the best-tested
	upgrade path, and has the highest probability of being successful.
	Please try this approach before reporting problems with a major
	version upgrade.

@


1.416.2.9
log
@MFC 1.427:
  - Mention also the COMPAT_FREEBSD5 option along with COMPAT_FREEBSD4.
  - Notice that 20050227 entry is also applicable to packages, not only
    to world.
@
text
@d97 1
a97 2
	when crossing this point. Crossing this point also requires
	recompile or reinstall of all locale depended packages.
d363 1
a363 2
	that is hard to boot to recover. A similar kernel option COMPAT_FREEBSD5
	is required to run the 5.x binaries on more recent kernels.
@


1.416.2.10
log
@MFC the inclusion of scripts from the local_startup directories
into the base rcorder, and related changes.
@
text
@a10 10
20051220:
	Scripts in the local_startup directories (as defined in
	/etc/defaults/rc.conf) that have the new rc.d semantics will
	now be run as part of the base system rcorder. If there are
	errors or problems with one of these local scripts, it could
	cause boot problems. If you encounter such problems, boot in
	single user mode, remove that script from the */rc.d directory.
	Please report the problem to the port's maintainer, and the
	freebsd-ports@@freebsd.org mailing list.

@


1.416.2.11
log
@Note that an MFC of a fix to trimdomain(3) may result in changes to host
names in log files under certain circumstances.
@
text
@a10 5
20051222:
	Bug fixes to the trimdomain(3) function in libutil may result in
	slight changes to the host names appearing in log files under
	relatively rare circumstances.

@


1.416.2.12
log
@MFC nearly everything of the soundsystem except recent commits and
most of the sysctl's (those which would introduce a new interface).
The spdif_enabled sysctl is still there (or more correctly: added
to another driver).

A rough overview what's there now:
 - new driver for ATI chips (snd_atiixp)
 - support for some Intel HDA chips in AC97 mode (no real HDA
   support!), this doesn't work with every mainboard and is
   subject to the wiring on the mainboard (no servicable parts
   inside)
 - MPSAFE and fixes for snd_als4000(4), snd_es137x(4),
   snd_via82c686(4), snd_via8233(4) and snd_ich(4)
 - 24bit and 32bit sound format support
 - feeder infrastructure (format, rate) has been reworked, new
   feeder (volume) has been introduced
 - lots of LOR and panic issues fixed
 - and a lot of small or not so small fixes I may have forgotten...

As noted in UPDATING: you may want to recompile mplayer (after booting
into the new world) to get all new features.

Tested by:	a lot of people
Requested by:	ariff
Submitted by:	ariff
@
text
@a10 5
20051230:
	A lot of fixes and new features in the soundsystem. To get all
	benefits, you may want to recompile mplayer (if installed) after
	booting the new world.

@


1.416.2.13
log
@MFC:
	The ObsoleteFiles removal/test targets
	  - check-old
	  - delete-old
	  - delete-old-libs
	and the corresponding docs.

Note:	Someone may want to have a look at the man-page and perhaps MFC
	some other parts (unrelated to ObsoleteFiles).

Tested by:	bz
@
text
@a304 1
	make delete-old
a341 1
	make delete-old
@


1.416.2.14
log
@MFC:
Record renaming rc.d/ppp-user to rc.d/ppp.
@
text
@a10 5
20060122:
	/etc/rc.d/ppp-user has been renamed to /etc/rc.d/ppp.
	Its /etc/rc.conf.d configuration file has been `ppp' from
	the beginning, and hence there is no need to touch it.

@


1.416.2.15
log
@Document the move of setkey from /usr/sbin/ to /sbin/.
A bit late, but better than never.

Reminded by:	bz
@
text
@a35 4
20051215:
	The setkey(8) utility was moved from /usr/sbin/setkey to /sbin/setkey.
	You may want to update scripts which depend on its location.

@


1.416.2.16
log
@MFC: Note that the device names in /dev for rp(4) and si(4) have changed.

Requested by:	scottl (sorta, these aren't release notes)
@
text
@a15 4
20060113:
	si(4)'s device files now contain the unit number.
	Uses of {cua,tty}A[0-9a-f] should be replaced by {cua,tty}A0[0-9a-f].
	
a39 4
20051108:
	rp(4)'s device files now contain the unit number.
	Uses of {cua,tty}R[0-9a-f] should be replaced by {cua,tty}R0[0-9a-f].

@


1.416.2.17
log
@MFC: obey opt_inet6.h and opt_ipsec.h in kernel build directory.

	src/sys/modules/ipfw/Makefile:	1.22, 1.23
	src/sys/netinet/ip_fw2.c:	1.117
	src/sys/netinet/ip_fw_pfil.c:	1.20

Approved by:	re (scottl)
@
text
@a10 7
20060211:
	An IPv6 support of ipfw was enabled by default.  If you don't
	want to filter an IPv6 by ipfw, please add following line into
	your ipfw rule:

		pass ip6 from any to any

@


1.416.2.18
log
@MFC rev. 1.439: build-time options of kernel modules.

Approved by:	re (mux)
@
text
@a17 9
20060210:
	Now most modules get their build-time options from the kernel
	configuration file.  A few modules still have fixed options
	due to their non-conformant implementation, but they will be
	corrected eventually.  You may need to review the options of
	the modules in use, explicitly specify the non-default options
	in the kernel configuration file, and rebuild the kernel and
	modules afterwards.

@


1.416.2.19
log
@Belatedly add a note about the i386 loader defaulting to the serial
rate set by the previous boot stage, if the console is already set
to the comconsole.

Approved by:    re (scottl)
@
text
@a26 10
20060127:
	The i386 loader(8) now defaults to the serial speed set by the
	previous boot stage, if the comconsole is already in use.  If
	you've changed BOOT_COMCONSOLE_SPEED in make.conf(5) and
	installed a new loader, but have not rebuilt and reinstalled the
	boot blocks, then your loader will leave the console at 9600
	baud.  Either install the new boot blocks, or set
	comconsole_speed in loader.conf(5).  Note that the new boot
	blocks also support a -S<speed> flag described in boot(8).

@


1.416.2.20
log
@MFC:

Move the functionality controlled by "options TDFX_LINUX"
from 3dfx.ko to a separate module, 3dfx_linux.ko.
The option is retained in RELENG_6 for POLA reasons
while it has been turned into "device tdfx_linux" in HEAD.

Approved by:	re (scottl)
@
text
@a10 6
20060309:
	The support for Linux applications the 3dfx kernel module used
	to provide is in a separate module named 3dfx_linux now.  The
	latter will pull in 3dfx.ko and linux.ko through its dependencies
	when loaded.

@


1.416.2.21
log
@MFC: document audit group being added.

Approved by: re@@ (scottl)
@
text
@d1 1
a1 1
nUpdating Information for FreeBSD STABLE users
a32 5
20060204:
	The 'audit' group was added to support the new auditing functionality
	in the base system.  Be sure to follow the directions for updating,
	including the requirement to run mergemaster -p.

@


1.416.2.22
log
@Kill 'n' accendtially introduced in last commit.

Approved by: re@@ (scottl) implied because the 'n' in the last commit wasn't
			  authorized :-)
@
text
@d1 1
a1 1
Updating Information for FreeBSD STABLE users
@


1.416.2.23
log
@Set pointer to 6.1-STABLE.

Approved by: re
@
text
@a10 3
20060506:
	FreeBSD 6.1-RELEASE

@


1.416.2.24
log
@Belately inform about iwi(4) changes.

Reminded by:	brueffer
@
text
@a10 5
20060711:
	The iwi(4) was updated to use the firmware(9) framework.  In order
	for it to work you need a port change from net/iwi-firmware to
	net/iwi-firmware-kmod.

@


1.416.2.25
log
@MFC:

Extend i4b to support CAPI manager based ISDN controllers (CAPI manager is
part of c4b, CAPI for BSD). This may be a preparation to add CAPI for BSD to
the source tree, in case the decision to MFC c4b itself is positive. Until
then users of c4b at least do not need to build a new kernel or base system
to compile and run c4b.

Approved by:	hm (mentor)
@
text
@a10 7
20060806:
	The interface version of the i4b kernel part has changed. So
	after updating the kernel sources and compiling a new kernel,
	the i4b user space tools in "/usr/src/usr.sbin/i4b" must also
	be rebuilt, and vice versa. This also applies to other tools
	using the i4b kernel interface to userland.

@


1.416.2.26
log
@MFC: Remove IPFIREWALL_FORWARD_EXTENDED as an option.
Allow that behaviour by default.
Reviewed by:	glebius
@
text
@a10 5
20060816:
	The IPFIREWALL_FORWARD_EXTENDED option is gone and the behaviour
	for IP_FIREWALL_FORWARD is now as it was before when it was first
	committed and for years thereafter. The behaviour is now ON.

@


1.416.2.27
log
@MFC: statistics fixups:
    o change rssi to be signed in ieee80211_nodestats
    o add noise floor in ieee80211_nodestats (use an implicit hole to
      preserve layout); return it as zero until we can update the api's
      so the driver can provide noise floor data
    o add a bandaid so IEEE80211_IOC_STA_STATS works for sta mode; when
      all nodes are in the station table this will no longer be needed
    o fix braino in IEEE80211_IOC_STA_INFO implementation; was supposed
      to take a mac address and return info for that sta or all stations
      if ff:ff:ff:ff:ff was supplied--but somehow this didn't get implemented;
      implement the intended semantics and leave a compat shim at the old
      ioctl number for the previous api

Note this changes the api for IEEE80211_IOC_STA_INFO but old binaries
will continue to work.  FreeBSD_version bumped so apps can track the
change (no such applications are known to exist but just in case).
@
text
@a10 6
20060902:
	The IEEE80211_IOC_STA_INFO ioctl was updated to take a mac
	address parameter.  Binaries using the old ioctl number will
	continue to work but user applications that use this must
	be updated (none exist in the base system).

@


1.416.2.28
log
@MFC rev. 1.456: s/IP_FIREWALL_FORWARD/IPFIREWALL_FORWARD/.

Approved by:	re (mux)
@
text
@d19 1
a19 1
	for IPFIREWALL_FORWARD is now as it was before when it was first
@


1.416.2.29
log
@Add an entry regarding NMBCLUSTERS kernel option remove, as it can affect
(though in rare curcumstances) existing kernel configurations.

Requested by:	simon
Reworded by:	brd
Approved by:	security-officer (simon)
Approved by:	re (I suppose so@@ is representative enough for that,
		provided re@@ had been in CC: for discussion)
@
text
@a16 4
20060818:
	The NMBCLUSTERS kernel option has been removed because it is obsolete.
	Use the kern.ipc.nmbclusters loader(8) tunable instead.

@


1.416.2.30
log
@Note FreeBSD 6.2-RELEASE.
@
text
@a10 3
20070115:
	FreeBSD 6.2-RELEASE

@


1.416.2.31
log
@MFC: Include a note about recompiling ports which use the base libmilter.

Submitted by:	Matthew Seaman
@
text
@a10 5
20070411:
	sendmail(8) has been updated to version 8.14.1.  Mail filters
	(aka, milters) compiled against the libmilter included in the
	base operating system should be recompiled.

@


1.416.2.32
log
@MFC: Bring in sendmail.org code from the future 8.14.2 release which restores
ABI compatibility to users of the libmilter.so shared library.
@
text
@a10 6
20070426:
        The ABI breakage in sendmail(8)'s libmilter has been repaired
        so it is no longer necessary to recompile mail filters (aka,
        milters).  If you recompiled mail filters after the 20070411
        note, it is not necessary to recompile them again.

@


1.416.2.33
log
@The path_cost field should have been increased to 32bits when RSTP support was
merged, fix this now and sync the struct order while I am at it.
@
text
@a10 4
20070806:
	An incorrect field size in an ioctl struct for if_bridge(4) has been
	corrected, ifconfig(8) will need to be recompilied.

@


1.416.2.34
log
@Note the renaming of kthread_xxx to kproc_xxx in 800002
@
text
@a10 8
20071020:
	The misnamed kthread_create() and friends have been renamed
	to kproc_create() etc. Many of the callers already
	used kproc_start().. 
	I will return kthread_create() and friends in a while
	with implementations that actually create threads, not procs.
	Renaming corresponds with version 800002.

@


1.416.2.35
log
@holy shit! that was checked out in RELENG_6.. back it out and put it in the right branch!
@
text
@d11 8
@


1.416.2.36
log
@- Add a note about ctype(3) breakage. A proper fix is being working on,
  should be committed soon. Before that, advice users not to upgrade
  world. Also add instructions about how to recover from it.

Discussed with:	delphij
@
text
@a10 11
20071024:
	A breakage was introduced in libc. Until a proper fix is committed,
	do not upgrade your world. Otherwise, it will break during
	installworld stage. It can be recovered by

	- reboot to single user mode, make sure you use /rescue/sh
	  instead of /bin/sh
	- use /rescue/chflags to remove schg flag on /lib/libc.so.6
	- use /rescue/cp to copy libc.so.6 from /usr/obj to /lib/libc.so.6
	- continue installworld, you should be fine now

@


1.416.2.37
log
@- The breakage of ctype(3) is fixed now. Update the entry.
@
text
@d12 3
a14 3
	A breakage was introduced in libc and fixed later. Make sure
	you have lib/Makefile rev 1.205.2.4. If it already breaks your
	world, you can recover it by
@


1.416.2.37.2.1
log
@MFC: UPDATING 1.512, sys/sparc64/conf/DEFAULTS 1.11

Let sunkbd(4) emulate an AT keyboard by default.
This has the following benefits:
- allows to use the AT keyboard maps in share/syscons/keymaps with
  sunkbd(4),
- allows to use kbdmux(4) with sunkbd(4),
- allows Sun RS232 keyboards to be configured and used the same
  way as Sun USB keyboards driven by ukbd(4) (which also does AT
  keyboard emulation) with X.Org, putting an end to the problem
  of native support for the former in X.Org being broken over and
  over again.

Approved by:	re (kensmith)
@
text
@a10 11
20071127:
	The AT keyboard emulation of sunkbd(4) has been turned on
	by default. In order to make the special symbols of the Sun
	keyboards driven by sunkbd(4) work under X these now have
	to be configured the same way as Sun USB keyboards driven
	by ukbd(4) (which also does AT keyboard emulation), f.e.:

	Option	"XkbLayout" "us"
	Option	"XkbRules" "xorg"
	Option	"XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us"

@


1.416.2.37.2.2
log
@Correct a random value disclosure in random(4).

Security:	FreeBSD-SA-07:09.random
Approved by:	re (kensmith)
@
text
@a10 3
20071129:		FreeBSD-SA-07:09.random
	Correct a random value disclosure in random(4).

@


1.416.2.37.2.3
log
@Fix issues which allow snooping on ptys. [08:01]

Fix an off-by-one error in inet_network(3). [08:02]

Security: FreeBSD-SA-08:01.pty
Security: FreeBSD-SA-08:02.libc
Approved by:	re (kensmith)
Thanks to:	re@@ for being so patient with us holding up the release
@
text
@a10 4
20080118:		FreeBSD-SA-08:01.pty, FreeBSD-SA-08:02.libc
	Fix issues which allow snooping on ptys. [08:01]
	Fix an off-by-one error in inet_network(3). [08:02]

@


1.416.2.37.2.4
log
@Add theoretical date of 6.3-RELEASE.

Approved by:	re (implicit)
@
text
@a10 3
20080118:
	FreeBSD 6.3-RELEASE

@


1.416.2.37.2.5
log
@Fix sendfile(2) write-only file permission bypass.

Security:	FreeBSD-SA-08:03.sendfile
Approved by:	so (simon)
@
text
@a10 3
20080214:	p1	FreeBSD-SA-08:02.sendfile
	Fix sendfile(2) write-only file permission bypass.

@


1.416.2.37.2.6
log
@Fix logic error in sshd(8) concerning the handling of failed
attempts to bind ports for X11 forwarding.

Security:	FreeBSD-SA-08:05.openssh
Approved by:	so (cperciva)
@
text
@a10 7
20080416:	p2	FreeBSD-SA-08:05.openssh,
			FreeBSD-EN-08:01.libpthread
	Fix logic error in sshd(8) concerning the handling of failed
	attempts to bind ports for X11 forwarding. [SA-08:05]

	Fix issued with threaded programs calling fork(2). [EN-08:01]

@


1.416.2.37.2.7
log
@Forced commit to note that the previous commit message should have been:

Fix logic error in sshd(8) concerning the handling of failed
attempts to bind ports for X11 forwarding. [SA-08:05]

Fix issues with threaded programs calling fork(2). [EN-08:01]

Security:	FreeBSD-SA-08:05.openssh
Errata:		FreeBSD-EN-08:01.libpthread
Approved by:	so (cperciva)
@
text
@@


1.416.2.37.2.8
log
@SVN rev 180499 on 2008-07-13 18:42:38Z by cperciva

Improve randomization in BIND to prevent response spoofing.

Security:	FreeBSD-SA-08:06.bind
Approved by:	so (cperciva)
Thanks to:	remko, csjp
No thanks to:	bronchitis
@
text
@a10 3
20080713:	p3	FreeBSD-SA-08:06.bind
	Improve randomization in BIND to prevent response spoofing.

@


1.416.2.37.2.9
log
@SVN rev 182740 on 2008-09-03 19:09:47Z by simon

- Fix amd64 local privilege escalation. [08:07]
- Fix nmount(2) local privilege escalation. [08:08]
- Fix IPv6 remote kernel panics. [08:09]

Fix for [08:07] is merge of r181823.

Submitted by:	kib [08:07], csjp [08:08], bz [08:09]
Reviewed by:	peter [08:07], jhb [08:07]
Reviewed by:	jinmei [08:09], rwatson [08:09]
Approved by:	re (SA blanket)
Approved by:	so (simon)
Security:	FreeBSD-SA-08:07.amd64
Security:	FreeBSD-SA-08:08.nmount
Security:	FreeBSD-SA-08:09.icmp6
@
text
@a10 6
20080903:	p4	FreeBSD-SA-08:07.amd64, FreeBSD-SA-08:08.nmount,
			FreeBSD-SA-08:09.icmp6
	Fix amd64 local privilege escalation. [08:07]
	Fix nmount(2) local privilege escalation. [08:08]
	Fix IPv6 remote kernel panics. [08:09]

@


1.416.2.37.2.10
log
@SVN rev 183529 on 2008-10-02 00:32:59Z by cperciva

Default to ignoring potentially evil IPv6 Neighbor Solicitation
messages.

Approved by:    so (cperciva)
Approved by:	re (kensmith)
Security:       FreeBSD-SA-08:10.nd6
Thanks to:      jinmei, bz
@
text
@a10 4
20081002:	p5	FreeBSD-SA-08:10.nd6
	Default to ignoring potentially evil IPv6 Neighbor Solicitation
	messages.

@


1.416.2.37.2.11
log
@SVN rev 185254 on 2008-11-24 17:39:39Z by cperciva

Make sure arc4random(9) is properly seeded when /etc/rc.d/initrandom returns.

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-08:11.arc4random
@
text
@a10 4
20081124:	p6	FreeBSD-SA-08:11.arc4random
	Make sure arc4random(9) is properly seeded when /etc/rc.d/initrandom
	returns.

@


1.416.2.37.2.12
log
@SVN rev 186405 on 2008-12-23 01:23:09Z by cperciva

Prevent cross-site forgery attacks on ftpd(8) due to splitting
long commands into multiple requests. [08:12]

Avoid calling uninitialized function pointers in protocol switch
code. [08:13]

Merry Christmas everybody...

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
@
text
@a10 7
20081223:	p7	FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
	Prevent cross-site forgery attacks on ftpd(8) due to splitting
	long commands into multiple requests. [08:12]

	Avoid calling uninitialized function pointers in protocol switch
	code. [08:13]

@


1.416.2.37.2.13
log
@SVN rev 186872 on 2009-01-07 20:17:55Z by simon

Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
long commands into multiple requests. [09:01]

Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]

Security:	FreeBSD-SA-09:01.lukemftpd
Security:	FreeBSD-SA-09:02.openssl
Obtained from:	NetBSD [SA-09:01]
Obtained from:	OpenSSL Project [SA-09:02]
Approved by:	so (simon)
@
text
@a10 6
20090107:	p8	FreeBSD-SA-09:01.lukemftpd, FreeBSD-SA-09:02.openssl
	Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
	long commands into multiple requests. [09:01]

	Fix incorrect OpenSSL checks for malformed signatures. [09:02]

@


1.416.2.37.2.14
log
@SVN rev 187194 on 2009-01-13 21:19:27Z by simon

Correct ntpd(8) cryptographic signature bypass [SA-09:04].

Correct BIND DNSSEC incorrect checks for malformed signatures
[SA-09:04].

Security:	FreeBSD-SA-09:03.ntpd
Security:	FreeBSD-SA-09:04.bind
Obtained from:	ISC [SA-09:04]
Approved by:	so (simon)
@
text
@a10 6
20090113:	p9	FreeBSD-SA-09:03.ntpd, FreeBSD-SA-09:04.bind
	Correct ntpd cryptographic signature bypass. [09:03]

	Correct BIND DNSSEC incorrect checks for malformed
	signatures. [09:04]

@


1.416.2.37.2.15
log
@SVN rev 191381 on 2009-04-22 14:07:14Z by cperciva

Don't leak information via uninitialized space in db(3) records. [09:07]

Sanity-check string lengths in order to stop OpenSSL crashing
when printing corrupt BMPString or UniversalString objects. [09:08]

Security:	FreeBSD-SA-09:07.libc
Security:	FreeBSD-SA-09:08.openssl
Security:	CVE-2009-0590
Approved by:	re (kensmith)
Approved by:	so (cperciva)
@
text
@a10 7
20090422:	p10	FreeBSD-SA-09:07.libc, FreeBSD-SA-09:08.openssl
	Don't leak information via uninitialized space in db(3) records.
	[09:07]

	Sanity-check string lengths in order to stop OpenSSL crashing
	when printing corrupt BMPString or UniversalString objects. [09:08]

@


1.416.2.37.2.16
log
@SVN rev 193893 on 2009-06-10 10:31:11Z by cperciva

Prevent integer overflow in direct pipe write code from circumventing
virtual-to-physical page lookups. [09:09]

Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]

Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]

Approved by:	so (cperciva)
Approved by:	re (not really, but SVN wants this...)
Security:	FreeBSD-SA-09:09.pipe
Security:	FreeBSD-SA-09:10.ipv6
Security:	FreeBSD-SA-09:11.ntpd
@
text
@a10 9
20090610:	p11	FreeBSD-SA-09:09.pipe, FreeBSD-SA-09:10.ipv6,
			FreeBSD-SA-09:11.ntpd
	Prevent integer overflow in direct pipe write code from circumventing
	virtual-to-physical page lookups. [09:09]

	Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]

	Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]

@


1.416.2.37.2.17
log
@SVN rev 195935 on 2009-07-29 00:14:14Z by simon

Fix BIND named(8) dynamic update message remote DoS.

Obtained from:	ISC
Security:	FreeBSD-SA-09:12.bind
Security:	CVE-2009-0696
Approved by:	so (simon)
@
text
@a10 3
20090729:	p12	FreeBSD-SA-09:12.bind
	Fix BIND named(8) dynamic update message remote DoS.

@


1.416.2.37.2.18
log
@SVN rev 197715 on 2009-10-02 18:09:56Z by simon

MFC r197711 (partial) to 6.x and 7.x:

- Add no zero mapping feature, disabled by default. [EN-09:05]

MFC 178913,178914,179242,179243,180336,180340 to 6.x:

- Fix kqueue pipe race conditions. [SA-09:13]

MFC r192301 to 7.x; 6.x has slightly different fix:

- Fix devfs / VFS NULL pointer race condition. [SA-09:14]

Security:	FreeBSD-SA-09:13.pipe
Security:	FreeBSD-SA-09:14.devfs
Errata:		FreeBSD-EN-09:05.null
Submitted by:	kib [SA-09:13] [SA-09:14]
Submitted by:	bz [EN-09:05]
In collaboration with:	jhb, kib, alc [EN-09:05]
Approved by:	so (simon)
@
text
@a10 8
20091002:	p13	FreeBSD-SA-09:13.pipe, FreeBSD-SA-09:14.devfs,
			FreeBSD-EN-09:05.null
	Fix kqueue pipe race conditions. [SA-09:13]

	Fix devfs / VFS NULL pointer race condition. [SA-09:14]

	Add no zero mapping feature. [EN-09:05]

@


1.416.2.37.2.19
log
@SVN rev 200054 on 2009-12-03 09:18:40Z by cperciva

Disable SSL renegotiation in order to protect against a serious
protocol flaw. [09:15]

Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]

Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:15.ssl
Security:	FreeBSD-SA-09:16.rtld
Security:	FreeBSD-SA-09:17.freebsd-udpate
@
text
@a10 7
20091203:	p14	FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:17.freebsd-update
	Disable SSL renegotiation in order to protect against a serious
	protocol flaw. [09:15]

	Fix permissions in freebsd-update in order to prevent leakage of
	sensitive files. [09:17]

@


1.416.2.37.2.20
log
@SVN rev 201679 on 2010-01-06 21:45:30Z by simon

Fix BIND named(8) cache poisoning with DNSSEC validation.
[SA-10:01]

Fix ntpd mode 7 denial of service. [SA-10:02]

Fix ZFS ZIL playback with insecure permissions. [SA-10:03]

Various FreeBSD 8.0-RELEASE improvements. [EN-10:01]

Security:	FreeBSD-SA-10:01.bind
Security:	FreeBSD-SA-10:02.ntpd
Security:	FreeBSD-SA-10:03.zfs
Errata:		FreeBSD-EN-10:01.freebsd
Approved by:	so (simon)
@
text
@a10 6
20100106:	p15	FreeBSD-SA-10:01.bind, FreeBSD-SA-10:02.ntpd
	Fix BIND named(8) cache poisoning with DNSSEC validation.
	[SA-10:01]

	Fix ntpd mode 7 denial of service. [SA-10:02]

@


1.416.2.38
log
@MFC: UPDATING 1.512, sys/sparc64/conf/DEFAULTS 1.11

Let sunkbd(4) emulate an AT keyboard by default.
This has the following benefits:
- allows to use the AT keyboard maps in share/syscons/keymaps with
  sunkbd(4),
- allows to use kbdmux(4) with sunkbd(4),
- allows Sun RS232 keyboards to be configured and used the same
  way as Sun USB keyboards driven by ukbd(4) (which also does AT
  keyboard emulation) with X.Org, putting an end to the problem
  of native support for the former in X.Org being broken over and
  over again.

Approved by:	re (kensmith)
@
text
@a10 11
20071126:
	The AT keyboard emulation of sunkbd(4) has been turned on
	by default. In order to make the special symbols of the Sun
	keyboards driven by sunkbd(4) work under X these now have
	to be configured the same way as Sun USB keyboards driven
	by ukbd(4) (which also does AT keyboard emulation), f.e.:

	Option	"XkbLayout" "us"
	Option	"XkbRules" "xorg"
	Option	"XkbSymbols" "pc(pc105)+sun_vndr/usb(sun_usb)+us"

@


1.416.2.39
log
@Mention 6.3-RELEASE

PR:		misc/120760
Submitted by:	pluknet <pluknet at gmail dot com>
@
text
@a10 3
20080118:
	FreeBSD 6.3-RELEASE

@


1.416.2.40
log
@SVN rev 182753 on 2008-09-04 12:51:10Z by roberto

Note the ntpd 04.2.4p5 upgrade.

Approved by:	re (kensmith)
@
text
@a10 3
20080904:
	ntpd upgraded to 4.2.4p5.

@


1.416.2.41
log
@SVN rev 186721 on 2009-01-03 13:55:02Z by brueffer

Mention 6.4-RELEASE.

PR:		129952
Submitted by:	pluknet
@
text
@a10 3
20081128:
	FreeBSD 6.4-RELEASE

@


1.416.2.42
log
@SVN rev 199902 on 2009-11-29 17:35:31Z by bz

MFC r179785, r180496:

  Remove obselete PECOFF image activator support.

Discussed with:	secteam, kib
Approved by:	re (kensmith)
@
text
@a10 3
20091129:
	PECOFF image activator support removed.

@


1.416.2.43
log
@Switch importer
@
text
@d571 1
a571 1
$FreeBSD: stable/6/UPDATING 199902 2009-11-29 17:35:31Z bz $
@


1.416.2.44
log
@Warn about EOL repo
@
text
@a10 3
WARNING: THIS REPOSITORY IS TERMINATED and no longer tracks Subversion!
You can still get updates: http://wiki.freebsd.org/CvsIsDeprecated

@


1.416.2.40.2.1
log
@SVN rev 183531 on 2008-10-02 02:57:24Z by kensmith

Create releng/6.4 from stable/6 in preparation for 6.4-RC1.

Approved by:	re (implicit)
@
text
@@


1.416.2.40.2.2
log
@SVN rev 185254 on 2008-11-24 17:39:39Z by cperciva

Make sure arc4random(9) is properly seeded when /etc/rc.d/initrandom returns.

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-08:11.arc4random
@
text
@a10 4
20081124:		FreeBSD-SA-08:11.arc4random
	Make sure arc4random(9) is properly seeded when /etc/rc.d/initrandom
	returns.

@


1.416.2.40.2.3
log
@SVN rev 185274 on 2008-11-25 01:40:25Z by kensmith

Predict 6.4-RELEASE date.

Approved by:	re (implicit)
@
text
@a10 3
20081128:
	FreeBSD 6.4-RELEASE

@


1.416.2.40.2.4
log
@SVN rev 186405 on 2008-12-23 01:23:09Z by cperciva

Prevent cross-site forgery attacks on ftpd(8) due to splitting
long commands into multiple requests. [08:12]

Avoid calling uninitialized function pointers in protocol switch
code. [08:13]

Merry Christmas everybody...

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
@
text
@a10 7
20081223:	p1	FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
	Prevent cross-site forgery attacks on ftpd(8) due to splitting
	long commands into multiple requests. [08:12]

	Avoid calling uninitialized function pointers in protocol switch
	code. [08:13]

@


1.416.2.40.2.5
log
@SVN rev 186872 on 2009-01-07 20:17:55Z by simon

Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
long commands into multiple requests. [09:01]

Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]

Security:	FreeBSD-SA-09:01.lukemftpd
Security:	FreeBSD-SA-09:02.openssl
Obtained from:	NetBSD [SA-09:01]
Obtained from:	OpenSSL Project [SA-09:02]
Approved by:	so (simon)
@
text
@a10 6
20090107:	p2	FreeBSD-SA-09:01.lukemftpd, FreeBSD-SA-09:02.openssl
	Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
	long commands into multiple requests. [09:01]

	Fix incorrect OpenSSL checks for malformed signatures. [09:02]

@


1.416.2.40.2.6
log
@SVN rev 187194 on 2009-01-13 21:19:27Z by simon

Correct ntpd(8) cryptographic signature bypass [SA-09:04].

Correct BIND DNSSEC incorrect checks for malformed signatures
[SA-09:04].

Security:	FreeBSD-SA-09:03.ntpd
Security:	FreeBSD-SA-09:04.bind
Obtained from:	ISC [SA-09:04]
Approved by:	so (simon)
@
text
@a10 6
20090113:	p9	FreeBSD-SA-09:03.ntpd, FreeBSD-SA-09:04.bind
	Correct ntpd cryptographic signature bypass. [09:03]

	Correct BIND DNSSEC incorrect checks for malformed
	signatures. [09:04]

@


1.416.2.40.2.7
log
@SVN rev 187558 on 2009-01-21 18:47:52Z by cperciva

Fix typo: FreeBSD 6.4 is at -p3, not at -p9.

Approved by:	so (cperciva)
@
text
@d11 1
a11 1
20090113:	p3	FreeBSD-SA-09:03.ntpd, FreeBSD-SA-09:04.bind
@


1.416.2.40.2.8
log
@SVN rev 191381 on 2009-04-22 14:07:14Z by cperciva

Don't leak information via uninitialized space in db(3) records. [09:07]

Sanity-check string lengths in order to stop OpenSSL crashing
when printing corrupt BMPString or UniversalString objects. [09:08]

Security:	FreeBSD-SA-09:07.libc
Security:	FreeBSD-SA-09:08.openssl
Security:	CVE-2009-0590
Approved by:	re (kensmith)
Approved by:	so (cperciva)
@
text
@a10 7
20090422:	p4	FreeBSD-SA-09:07.libc, FreeBSD-SA-09:08.openssl
	Don't leak information via uninitialized space in db(3) records.
	[09:07]

	Sanity-check string lengths in order to stop OpenSSL crashing
	when printing corrupt BMPString or UniversalString objects. [09:08]

@


1.416.2.40.2.9
log
@SVN rev 193893 on 2009-06-10 10:31:11Z by cperciva

Prevent integer overflow in direct pipe write code from circumventing
virtual-to-physical page lookups. [09:09]

Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]

Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]

Approved by:	so (cperciva)
Approved by:	re (not really, but SVN wants this...)
Security:	FreeBSD-SA-09:09.pipe
Security:	FreeBSD-SA-09:10.ipv6
Security:	FreeBSD-SA-09:11.ntpd
@
text
@a10 9
20090610:	p5	FreeBSD-SA-09:09.pipe, FreeBSD-SA-09:10.ipv6,
			FreeBSD-SA-09:11.ntpd
	Prevent integer overflow in direct pipe write code from circumventing
	virtual-to-physical page lookups. [09:09]

	Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]

	Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]

@


1.416.2.40.2.10
log
@SVN rev 195935 on 2009-07-29 00:14:14Z by simon

Fix BIND named(8) dynamic update message remote DoS.

Obtained from:	ISC
Security:	FreeBSD-SA-09:12.bind
Security:	CVE-2009-0696
Approved by:	so (simon)
@
text
@a10 3
20090729:	p6	FreeBSD-SA-09:12.bind
	Fix BIND named(8) dynamic update message remote DoS.

@


1.416.2.40.2.11
log
@SVN rev 197715 on 2009-10-02 18:09:56Z by simon

MFC r197711 (partial) to 6.x and 7.x:

- Add no zero mapping feature, disabled by default. [EN-09:05]

MFC 178913,178914,179242,179243,180336,180340 to 6.x:

- Fix kqueue pipe race conditions. [SA-09:13]

MFC r192301 to 7.x; 6.x has slightly different fix:

- Fix devfs / VFS NULL pointer race condition. [SA-09:14]

Security:	FreeBSD-SA-09:13.pipe
Security:	FreeBSD-SA-09:14.devfs
Errata:		FreeBSD-EN-09:05.null
Submitted by:	kib [SA-09:13] [SA-09:14]
Submitted by:	bz [EN-09:05]
In collaboration with:	jhb, kib, alc [EN-09:05]
Approved by:	so (simon)
@
text
@a10 8
20091002:	p7	FreeBSD-SA-09:13.pipe, FreeBSD-SA-09:14.devfs,
			FreeBSD-EN-09:05.null
	Fix kqueue pipe race conditions. [SA-09:13]

	Fix devfs / VFS NULL pointer race condition. [SA-09:14]

	Add no zero mapping feature. [EN-09:05]

@


1.416.2.40.2.12
log
@SVN rev 200054 on 2009-12-03 09:18:40Z by cperciva

Disable SSL renegotiation in order to protect against a serious
protocol flaw. [09:15]

Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]

Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:15.ssl
Security:	FreeBSD-SA-09:16.rtld
Security:	FreeBSD-SA-09:17.freebsd-udpate
@
text
@a10 7
20091203:	p8	FreeBSD-SA-09:15.ssl, FreeBSD-SA-09:17.freebsd-update
	Disable SSL renegotiation in order to protect against a serious
	protocol flaw. [09:15]

	Fix permissions in freebsd-update in order to prevent leakage of
	sensitive files. [09:17]

@


1.416.2.40.2.13
log
@SVN rev 201679 on 2010-01-06 21:45:30Z by simon

Fix BIND named(8) cache poisoning with DNSSEC validation.
[SA-10:01]

Fix ntpd mode 7 denial of service. [SA-10:02]

Fix ZFS ZIL playback with insecure permissions. [SA-10:03]

Various FreeBSD 8.0-RELEASE improvements. [EN-10:01]

Security:	FreeBSD-SA-10:01.bind
Security:	FreeBSD-SA-10:02.ntpd
Security:	FreeBSD-SA-10:03.zfs
Errata:		FreeBSD-EN-10:01.freebsd
Approved by:	so (simon)
@
text
@a10 6
20100106:	p9	FreeBSD-SA-10:01.bind, FreeBSD-SA-10:02.ntpd
	Fix BIND named(8) cache poisoning with DNSSEC validation.
	[SA-10:01]

	Fix ntpd mode 7 denial of service. [SA-10:02]

@


1.416.2.40.2.14
log
@SVN rev 208586 on 2010-05-27 03:15:04Z by cperciva

Change the current working directory to be inside the jail created by
the jail(8) command. [10:04]

Fix a one-NUL-byte buffer overflow in libopie. [10:05]

Correctly sanity-check a buffer length in nfs mount. [10:06]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:04.jail
Security:	FreeBSD-SA-10:05.opie
Security:	FreeBSD-SA-10:06.nfsclient
@
text
@a10 3
20100526:	p10	FreeBSD-SA-10:05.opie
	Fix a one-NUL-byte buffer overflow in libopie. [10:05]

@


1.416.2.40.2.15
log
@SVN rev 212901 on 2010-09-20 14:58:08Z by cperciva

Fix an integer overflow in RLE length parsing when decompressing
corrupt bzip2 data.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-10:08.bzip2
@
text
@a10 4
20100920:	p11	FreeBSD-SA-10:08.bzip2
	Fix an integer overflow in RLE length parsing when decompressing
	corrupt bzip2 data.

@


1.416.2.29.2.1
log
@Correct a signedness bug which allowed members of the operator
group to read kernel memory.

Security:	FreeBSD-SA-06:25.kmem
Approved by:	re (kensmith)
@
text
@a10 4
20061206:		FreeBSD-SA-06:25.kmem
	Correct a signedness bug which allowed members of the operator
	group to read kernel memory.

@


1.416.2.29.2.2
log
@Also document FreeBSD-SA-07:01.jail on this branch which is for:

	Fix jail rc.d script privilege escalation via symlink attack
	against /var/log/console.log and mount points.

Approved by:	re (bmah)
@
text
@a10 3
20070111:		FreeBSD-SA-07:01.jail
	Correct jail rc.d script privilege escalation.

@


1.416.2.29.2.3
log
@Prepare for 6.2-RELEASE.

Approved by:	re (implicit)
@
text
@a10 3
20070114:
	FreeBSD 6.2-RELEASE.

@


1.416.2.29.2.4
log
@Correct two remote denials of service in BIND involving DNSSEC and
recursive DNS queries respectively.

Security:	FreeBSD-SA-07:02.bind
Approved by:	so (cperciva)
@
text
@a10 4
20070209:	p1	FreeBSD-SA-07:02.bind
	Correct two remote denials of service in BIND involving DNSSEC and
	recursive DNS queries respectively.

@


1.416.2.29.2.5
log
@MFS sys/netinet6/nd6.c rev 1.48.2.18: Fix behavior of IPv6 over
point-to-point gif(4) interfaces. [EN-07:02]

MFS etc/rc.d/jail rev 1.23.2.8: Fix rc.d jail script interface IP
alias removal. [EN-07:03]

Approved by:	so (simon)
Submitted by:	re (bmah) [EN-07:02]; Philipp Wuensche, simon [EN-07:03]
Errata:		FreeBSD-EN-07:02.net FreeBSD-EN-07:03.rc.d_jail
@
text
@a10 6
20070228:	p2	FreeBSD-EN-07:02.net FreeBSD-EN-07:03.rc.d_jail
	Fix behavior of IPv6 over point-to-point gif(4) interfaces.
	[EN-07:02]

	Fix rc.d jail script interface IP alias removal. [EN-07:03]

@


1.416.2.29.2.6
log
@Fix problems in FreeBSD Update concerning the updating of SMP kernels.

Approved by:	so (cperciva)
Errata:         FreeBSD-EN-07:05.freebsd-update
@
text
@a10 4
20070315:	p3	FreeBSD-EN-07:05.freebsd-update
	Fix problems in FreeBSD Update concerning the updating of SMP
	kernels.

@


1.416.2.29.2.7
log
@Disable processing of IPv6 type 0 Routing Headers.  This behaviour
can be changed via the (newly added) net.inet6.ip6.rthdr0_allowed
sysctl.

Security:	FreeBSD-SA-07:03.ipv6
Approved by:	so (cperciva)
@
text
@a10 5
20070426:	p4	FreeBSD-SA-07:04.ipv6
	Disable processing of IPv6 type 0 Routing Headers.  This behaviour
	can be changed via the (newly added) net.inet6.ip6.rthdr0_allowed
	sysctl.

@


1.416.2.29.2.8
log
@Fix buffer overflow in libmagic(3).

Security:	FreeBSD-SA-07:04.file
Approved by:	so (cperciva)
@
text
@d11 1
a11 4
20070523:	p5	FreeBSD-SA-07:04.file
	Fix buffer overflow in libmagic(3).

20070426:	p4	FreeBSD-SA-07:03.ipv6
@


1.416.2.29.2.9
log
@Correct multiple security issues in how libarchive handles corrupt
tar archives, including a potentially exploitable buffer overflow.

Approved by:	so (cperciva)
Reviewed by:	kientzle
Security:	FreeBSD-SA-07:05.libarchive
@
text
@a10 5
20070712:	p6	FreeBSD-SA-07:05.libarchive
	Correct multiple security issues in how libarchive handles
	corrupt tar archives, including a potentially exploitable
	buffer overflow.

@


1.416.2.29.2.10
log
@Correct buffer overflow in tcpdump(1). [SA-07:06]

Correct predictable query ids in named(8). [SA-07:07]

Security:	FreeBSD-SA-07:06.tcpdump
Security:	FreeBSD-SA-07:07.bind
Approved by:	so (simon)
@
text
@a10 5
20070801:	p7	FreeBSD-SA-07:06.tcpdump, FreeBSD-SA-07:07.bind
	Correct a buffer overflow in tcpdump(1). [07:06]

	Correct predictable query ids in named(8). [07:07]

@


1.416.2.29.2.11
log
@Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().

Security:	FreeBSD-SA-07:08.openssl
Approved by:	so (simon)
@
text
@a10 3
20071003:	p8	FreeBSD-SA-07:08.openssl
	Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().

@


1.416.2.29.2.12
log
@Correct a random value disclosure in random(4).

Security:	FreeBSD-SA-07:09.random
Approved by:	so (simon)
@
text
@a10 3
20071129:	p9	FreeBSD-SA-07:09.random
	Correct a random value disclosure in random(4).

@


1.416.2.29.2.13
log
@Fix issues which allow snooping on ptys. [08:01]

Fix an off-by-one error in inet_network(3). [08:02]

Security: FreeBSD-SA-08:01.pty
Security: FreeBSD-SA-08:02.libc
Approved by:	so (cperciva)
@
text
@a10 4
20080118:	p10	FreeBSD-SA-08:01.pty, FreeBSD-SA-08:02.libc
	Fix issues which allow snooping on ptys. [08:01]
	Fix an off-by-one error in inet_network(3). [08:02]

@


1.416.2.29.2.14
log
@Fix date of last advisory -- January 14th, not January 18th.

Approved by:	so (cperciva)
@
text
@d11 1
a11 1
20080114:	p10	FreeBSD-SA-08:01.pty, FreeBSD-SA-08:02.libc
@


1.416.2.29.2.15
log
@Fix sendfile(2) write-only file permission bypass.

Security:	FreeBSD-SA-08:03.sendfile
Approved by:	so (simon)
@
text
@a10 3
20080214:	p11	FreeBSD-SA-08:02.sendfile
	Fix sendfile(2) write-only file permission bypass.

@


1.416.2.29.2.16
log
@Fix logic error in sshd(8) concerning the handling of failed
attempts to bind ports for X11 forwarding.

Security:	FreeBSD-SA-08:05.openssh
Approved by:	so (cperciva)
@
text
@a10 4
20080416:	p12	FreeBSD-SA-08:05.openssh
	Fix logic error in sshd(8) concerning the handling of failed
	attempts to bind ports for X11 forwarding.

@


1.416.2.22.2.1
log
@MFC: Correct a local information leakage bug affecting AMD FPUs.

Security:	FreeBSD-SA-06:14.fpu
Approved by:	re (scottl)
@
text
@a10 3
20060419:		FreeBSD-SA-06:14.fpu
	Correct a local information leakage bug affecting AMD FPUs.

@


1.416.2.22.2.2
log
@Set all the pointers to 6.1-RELEASE.

Approved by: re
@
text
@a10 3
20060506:
	FreeBSD 6.1-RELEASE

@


1.416.2.22.2.3
log
@Enable inadvertantly disabled "securenet" access controls in ypserv. [1]

Correct a bug in the handling of backslash characters in smbfs which can
allow an attacker to escape from a chroot(2). [2]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:15.ypserv [1]
Security:	FreeBSD-SA-06:16.smbfs [2]
@
text
@a10 7
20060531:	p1	FreeBSD-SA-06:15.ypserv, FreeBSD-SA-06:16.smbfs
	Enable inadvertantly disabled "securenet" access controls in
	ypserv. [06:15]

	Correct a bug in the handling of backslash characters in smbfs
	which can allow an attacker to escape from a chroot(2). [06:16]

@


1.416.2.22.2.4
log
@Correct a bug in the handling of multipart messages by sendmail(8)
which can allow a malformed message to crash a sendmail queue
processing process.

Security:	FreeBSD-SA-06:17.sendmail
Approved by:	so (cperciva)
@
text
@a10 5
20060614:	p2	FreeBSD-SA-06:17.sendmail
	Correct a bug in the handling of multipart messages by sendmail(8)
	which can allow a malformed message to crash a sendmail queue
	processing process.

@


1.416.2.22.2.5
log
@Fix problems in the startup scripts for jails.

Errata:		FreeBSD-EN-06:01.jail
Approved by:	so (cperciva)
@
text
@a10 3
20060707:	p3	FreeBSD-EN-06:01.jail
	Correct bug in the startup scripts for jails.

@


1.416.2.22.2.6
log
@Correct buffer overflow in the handling of LCP options in ppp(4)

Security:	FreeBSD-SA-06:18.ppp
Approved by:	so (cperciva)
@
text
@a10 3
20060823:	p4	FreeBSD-SA-06:18.ppp
	Correct buffer overflow in the handling of LCP options in ppp(4).

@


1.416.2.22.2.7
log
@Correct several problems in the network stack, including a
locally-triggered kernel panic, inaccuracy in reported memory
allocation statistics, and problems on IPv6 point-to-point links.

Approved by:	so (cperciva)
Errata:		FreeBSD-EN-06:02.net
@
text
@a10 5
20060828:	p5	FreeBSD-EN-06:02.net
	Correct several problems in the network stack, including a
	locally-triggered kernel panic, inaccuracy in reported memory
	allocation statistics, and problems on IPv6 point-to-point links.

@


1.416.2.22.2.8
log
@Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). [1]

Correct multiple denial-of-service vulnerabilities in BIND related to
SIG Query Processing and Excessive Recursive Queries. [2]

Security:	FreeBSD-SA-06:19.openssl [1]
Security:	FreeBSD-SA-06:20.bind [2]
Approved by:	so (simon)
@
text
@a10 7
20060906:	p6	FreeBSD-SA-06:19.openssl, FreeBSD-SA-06:20.bind
	Correct incorrect PKCS#1 v1.5 padding validation in
	crypto(3). [06:19]

	Correct multiple denial-of-service vulnerabilities in BIND related to
	SIG Query Processing and Excessive Recursive Queries. [06:20]

@


1.416.2.22.2.9
log
@Correct multiple vulnerabilities in gzip(1).

Security:	FreeBSD-SA-06:21.gzip
Approved by:	so (simon)
@
text
@a10 3
20060919:	p7	FreeBSD-SA-06:21.gzip
	Correct multiple vulnerabilities in gzip(1).

@


1.416.2.22.2.10
log
@Correct multiple vulnerabilities in crypto(3).
Limit the size of public keys used in order to protect applications
from a denial of service via insane key sizes.

Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a10 5
20060928:	p8	FreeBSD-SA-06:23.openssl
	Correct multiple vulnerabilities in crypto(3).
	Limit the size of public keys used in order to protect applications
	from a denial of service via insane key sizes.

@


1.416.2.22.2.11
log
@Correct problem in the 2006-09-28 patch concerning the handling of
excessively large DH moduli.

Reported by:	Steve Kiernan (Juniper SIRT)
Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a10 4
20060929:	p9	FreeBSD-SA-06:23.openssl
	Correct problem in the 2006-09-28 patch concerning the handling of
	excessively large DH moduli.

@


1.416.2.22.2.12
log
@Correct multiple vulnerabilities in OpenSSH.

Security:	FreeBSD-SA-06:22.openssh
Approved by:	so (simon)
@
text
@a10 3
20060930:	p10	FreeBSD-SA-06:22.openssh
	Correct multiple vulnerabilities in sshd(8).

@


1.416.2.22.2.13
log
@Correct a signedness bug which allowed members of the operator
group to read kernel memory.

Security:	FreeBSD-SA-06:25.kmem
Approved by:	so (cperciva)
@
text
@a10 4
20061206	p11	FreeBSD-SA-06:25.kmem
	Correct a signedness bug which allowed members of the operator
	group to read kernel memory.

@


1.416.2.22.2.14
log
@Fix jail rc.d script privilege escalation via symlink attack against
/var/log/console.log and mount points.

Security:	FreeBSD-SA-07:01.jail
Approved by:	so (simon)
@
text
@a10 3
20070111:	p12	FreeBSD-SA-07:01.jail
	Correct jail rc.d script privilege escalation.

@


1.416.2.22.2.15
log
@Correct two remote denials of service in BIND involving DNSSEC and
recursive DNS queries respectively.

Security:	FreeBSD-SA-07:02.bind
Approved by:	so (cperciva)
@
text
@a10 4
20070209:	p13	FreeBSD-SA-07:02.bind
	Correct two remote denials of service in BIND involving DNSSEC and
	recursive DNS queries respectively.

@


1.416.2.22.2.16
log
@Correct problems with locking, namei leakage, and symlink
creation in the NFS subsystem.

Approved by:	so (cperciva)
Submitted by:	re (hrs)
Errata:		FreeBSD-EN-07:01.nfs
@
text
@a10 4
20070214:	p14	FreeBSD-EN-07:01.nfs
	Correct problems with locking, namei leakage, and symlink
	creation in the NFS subsystem.

@


1.416.2.22.2.17
log
@Update zoneinfo and required support files for change in Daylight
Savings Time that begins in 2007.

Approved by:	so (simon)
Submitted by:	re (kensmith)
Errata:		FreeBSD-EN-07:04.zoneinfo
@
text
@a10 4
20070228:	p15	FreeBSD-EN-07:04.zoneinfo
	Update zoneinfo files for change in Daylight Savings Time that
	begins in 2007.

@


1.416.2.22.2.18
log
@Disable processing of IPv6 type 0 Routing Headers.  This behaviour
can be changed via the (newly added) net.inet6.ip6.rthdr0_allowed
sysctl.

Security:	FreeBSD-SA-07:03.ipv6
Approved by:	so (cperciva)
@
text
@a10 5
20070426:	p16	FreeBSD-SA-07:03.ipv6
	Disable processing of IPv6 type 0 Routing Headers.  This behaviour
	can be changed via the (newly added) net.inet6.ip6.rthdr0_allowed
	sysctl.

@


1.416.2.22.2.19
log
@Fix buffer overflow in libmagic(3).

Security:	FreeBSD-SA-07:04.file
Approved by:	so (cperciva)
@
text
@a10 3
20070523:	p17	FreeBSD-SA-07:04.file
	Fix buffer overflow in libmagic(3).

@


1.416.2.22.2.20
log
@Correct multiple security issues in how libarchive handles corrupt
tar archives, including a potentially exploitable buffer overflow.

Approved by:	so (cperciva)
Reviewed by:	kientzle
Security:	FreeBSD-SA-07:05.libarchive
@
text
@a10 5
20070712:	p18	FreeBSD-SA-07:05.libarchive
	Correct multiple security issues in how libarchive handles
	corrupt tar archives, including a potentially exploitable
	buffer overflow.

@


1.416.2.22.2.21
log
@Correct buffer overflow in tcpdump(1). [SA-07:06]

Correct predictable query ids in named(8). [SA-07:07]

Security:	FreeBSD-SA-07:06.tcpdump
Security:	FreeBSD-SA-07:07.bind
Approved by:	so (simon)
@
text
@a10 5
20070801:	p19	FreeBSD-SA-07:06.tcpdump, FreeBSD-SA-07:07.bind
	Correct a buffer overflow in tcpdump(1). [07:06]

	Correct predictable query ids in named(8). [07:07]

@


1.416.2.22.2.22
log
@Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().

Security:	FreeBSD-SA-07:08.openssl
Approved by:	so (simon)
@
text
@a10 3
20071003:	p20	FreeBSD-SA-07:08.openssl
	Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().

@


1.416.2.22.2.23
log
@Correct a random value disclosure in random(4).

Security:	FreeBSD-SA-07:09.random
Approved by:	so (simon)
@
text
@a10 3
20071129:	p21	FreeBSD-SA-07:09.random
	Correct a random value disclosure in random(4).

@


1.416.2.22.2.24
log
@Fix issues which allow snooping on ptys.

Security: FreeBSD-SA-08:01.pty
Approved by:	so (cperciva)
@
text
@a10 3
20080118:	p22	FreeBSD-SA-08:01.pty
	Fix issues which allow snooping on ptys.

@


1.416.2.22.2.25
log
@Fix date of last advisory -- January 14th, not January 18th.

Approved by:	so (cperciva)
@
text
@d11 1
a11 1
20080114:	p22	FreeBSD-SA-08:01.pty
@


1.416.2.22.2.26
log
@Fix sendfile(2) write-only file permission bypass.

Security:	FreeBSD-SA-08:03.sendfile
Approved by:	so (simon)
@
text
@a10 3
20080214:	p23	FreeBSD-SA-08:02.sendfile
	Fix sendfile(2) write-only file permission bypass.

@


1.416.2.22.2.27
log
@Fix logic error in sshd(8) concerning the handling of failed
attempts to bind ports for X11 forwarding.

Security:	FreeBSD-SA-08:05.openssh
Approved by:	so (cperciva)
@
text
@a10 4
20080416:	p24	FreeBSD-SA-08:05.openssh
	Fix logic error in sshd(8) concerning the handling of failed
	attempts to bind ports for X11 forwarding.

@


1.416.2.3.2.1
log
@Correct a man-in-the-middle SSL version rollback vulnerability.

Security:       FreeBSD-SA-05:21.openssl
Approved by:    re@@ (scottl)
@
text
@a23 3
20051011:		FreeBSD-SA-05:21.openssl
	Correct a man-in-the-middle SSL version rollback vulnerability.

@


1.416.2.3.2.2
log
@MFR6: Remove the "6.x is slow" note to reflect reality.

Approved by:	re (scottl)
@
text
@d11 13
@


1.416.2.3.2.3
log
@MFRELENG_6 1.416.2.4: Some changes to reflect 6.0-STABLE/RELEASE.

Approved by:	re (scottl)
@
text
@d1 1
a1 1
Updating Information for FreeBSD STABLE users
a230 3
	Due to several updates to the build infrastructure, source
	upgrades from versions prior to 5.3 no longer supported.

d249 1
a249 1
	This assumes you are already running a 6.X system.  Replace
d302 2
a303 2
	To upgrade in-place from 5.x-stable or higher to 6.x-stable
	-----------------------------------------------------------
d348 4
a351 1
	step.  It never hurts to do it all the time.
d353 2
a354 2
	[8] In order to have a kernel that can run the 5.x binaries
	needed to do an installworld, you must include the COMPAT_FREEBSD5
d374 1
a374 1
breakages in tracking -STABLE.  Not all things will be listed here,
@


1.416.2.3.2.4
log
@Note that 6.0-RELEASE is about to happen.

Approved by:	re
@
text
@a10 3
20051001:
	FreeBSD 6.0-RELEASE

@


1.416.2.3.2.5
log
@Grrr, Nov = 11

Approved by:	re
@
text
@d11 1
a11 1
20051101:
@


1.416.2.3.2.6
log
@Merge from RELENG_6 of src/sys/nfsclient/nfs_vnops.c rev 1.258.2.1:
  MFC 1.260 (by ps): Fixed a panic that can happen when nfs_lookup() hits
  an error.

Work done by:	Mohan Srinivasan
Approved by:	re (scottl), so (cperciva)
Erratum:	FreeBSD-EN-05:04.nfs
@
text
@a10 5
20051219:	p1	FreeBSD-EN-05:04.nfs
	Correct a locking issue in nfs_lookup() where a call to vrele()
	might be made while holding the vnode mutex, which resulted
	in kernel panics under certain load patterns.

@


1.416.2.3.2.7
log
@Correct insecure temporary file usage in texindex. [06:01]
Correct insecure temporary file usage in ee. [06:02]
Correct a race condition when setting file permissions, sanitize file
names by default, and fix a buffer overflow when handling files
larger than 4GB in cpio. [06:03]
Fix an error in the handling of IP fragments in ipfw which can cause
a kernel panic. [06:04]

Security:	FreeBSD-SA-06:01.texindex
Security:	FreeBSD-SA-06:02.ee
Security:	FreeBSD-SA-06:03.cpio
Security:	FreeBSD-SA-06:04.ipfw
Approved by:	so (cperciva)
@
text
@a10 13
20060111:	p2	FreeBSD-SA-06:01.texindex, FreeBSD-SA-06:02.ee,
			FreeBSD-SA-06:03.cpio, FreeBSD-SA-06:04.ipfw
	Correct insecure temporary file usage in texindex. [06:01]

	Correct insecure temporary file usage in ee. [06:02]

	Correct a race condition when setting file permissions,
	sanitize file names by default, and fix a buffer overflow
	when handling files larger than 4GB in cpio. [06:03]

	Fix an error in the handling of IP fragments in ipfw which
	can cause a kernel panic. [06:04]

@


1.416.2.3.2.8
log
@Correct a buffer overflow when scanning for 802.11 wireless networks.

Security:	FreeBSD-SA-06:05.80211
Approved by:	so (cperciva)
@
text
@a10 5
20060118:	p3	FreeBSD-SA-06:05.80211
	Correct a buffer overflow when scanning for 802.11 wireless
	networks which can be provoked by corrupt beacon or probe
	response frames.

@


1.416.2.3.2.9
log
@Make sure buffers in if_bridge are fully initialized before copying
them to userland. [1]

MFC rev. 1.37 of sys/net80211/ieee80211_ioctl.c: Correct a logic error
which could allow too much data to be copied into userland. [2]

MFC rev. 1.16 of sys/contrib/pf/net/pf_norm.c: Correct an error in pf
handling of IP packet fragments which could result in a kernel panic.
[3]

Security:	FreeBSD-SA-06:06.kmem [1] [2]
Security:	FreeBSD-SA-06:07.pf [3]
Approved by:	so (cperciva)
@
text
@a10 8
20060125:	p4	FreeBSD-SA-06:06.kmem, FreeBSD-SA-06:07.pf
	Make sure buffers in if_bridge are fully initialized before
	copying them to userland.  Correct a logic error which could
	allow too much data to be copied into userland. [06:06]

	Correct an error in pf handling of IP packet fragments which
	could result in a kernel panic. [06:07]

@


1.416.2.3.2.10
log
@Correct a remote kernel panic when processing zero-length RPC records
via TCP. [06:10]

Security:	FreeBSD-SA-06:10.nfs
Approved by:	so (cperciva)
@
text
@a10 4
20060301:	p5	FreeBSD-SA-06:10.nfs
	Correct a remote kernel panic when processing zero-length RPC
	records via TCP.

@


1.416.2.3.2.11
log
@Add missing code needed for the detection of IPSec packet replays. [1]

Correctly identify the user running opiepasswd(1) when the login name
differs from the account name. [2]

Modify timeout handling logic in sendmail(8) to correct a reported
signal handling race condition. [3]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:11.ipsec [1]
Security:	FreeBSD-SA-06:12.opie [2]
Security:	FreeBSD-SA-06:13.sendmail [3]
@
text
@a10 11
20060322:	p6	FreeBSD-SA-06:11.ipsec, FreeBSD-SA-06:12.opie,
			FreeBSD-SA-06:13.sendmail
	Add missing code needed for the detection of IPSec packet
	replays. [06:11]

	Correctly identify the user running opiepasswd(1) when the login
	name differs from the account name. [06:12]

	Modify timeout handling logic in sendmail(8) to correct a reported
	signal handling race condition. [06:13]

@


1.416.2.3.2.12
log
@MFC: Correct a local information leakage bug affecting AMD FPUs.

Security:	FreeBSD-SA-06:14.fpu
Approved by:	so (cperciva)
@
text
@a10 3
20060419:	p7	FreeBSD-SA-06:14.fpu
	Correct a local information leakage bug affecting AMD FPUs.

@


1.416.2.3.2.13
log
@Enable inadvertantly disabled "securenet" access controls in ypserv. [1]

Correct a bug in the handling of backslash characters in smbfs which can
allow an attacker to escape from a chroot(2). [2]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:15.ypserv [1]
Security:	FreeBSD-SA-06:16.smbfs [2]
@
text
@a10 7
20060531:	p8	FreeBSD-SA-06:15.ypserv, FreeBSD-SA-06:16.smbfs
	Enable inadvertantly disabled "securenet" access controls in
	ypserv. [06:15]

	Correct a bug in the handling of backslash characters in smbfs
	which can allow an attacker to escape from a chroot(2). [06:16]

@


1.416.2.3.2.14
log
@Correct a bug in the handling of multipart messages by sendmail(8)
which can allow a malformed message to crash a sendmail queue
processing process.

Security:	FreeBSD-SA-06:17.sendmail
Approved by:	so (cperciva)
@
text
@a10 5
20060614:	p9	FreeBSD-SA-06:17.sendmail
	Correct a bug in the handling of multipart messages by sendmail(8)
	which can allow a malformed message to crash a sendmail queue
	processing process.

@


1.416.2.3.2.15
log
@Correct buffer overflow in the handling of LCP options in ppp(4)

Security:	FreeBSD-SA-06:18.ppp
Approved by:	so (cperciva)
@
text
@a10 3
20060823:	p10	FreeBSD-SA-06:18.ppp
	Correct buffer overflow in the handling of LCP options in ppp(4).

@


1.416.2.3.2.16
log
@Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). [1]

Correct multiple denial-of-service vulnerabilities in BIND related to
SIG Query Processing and Excessive Recursive Queries. [2]

Security:	FreeBSD-SA-06:19.openssl [1]
Security:	FreeBSD-SA-06:20.bind [2]
Approved by:	so (simon)
@
text
@a10 7
20060906:	p11	FreeBSD-SA-06:19.openssl, FreeBSD-SA-06:20.bind
	Correct incorrect PKCS#1 v1.5 padding validation in
	crypto(3). [06:19]

	Correct multiple denial-of-service vulnerabilities in BIND related to
	SIG Query Processing and Excessive Recursive Queries. [06:20]

@


1.416.2.3.2.17
log
@Correct multiple vulnerabilities in gzip(1).

Security:	FreeBSD-SA-06:21.gzip
Approved by:	so (simon)
@
text
@a10 3
20060919:	p12	FreeBSD-SA-06:21.gzip
	Correct multiple vulnerabilities in gzip(1).

@


1.416.2.3.2.18
log
@Correct multiple vulnerabilities in crypto(3).
Limit the size of public keys used in order to protect applications
from a denial of service via insane key sizes.

Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a10 5
20060928:	p13	FreeBSD-SA-06:23.openssl
	Correct multiple vulnerabilities in crypto(3).
	Limit the size of public keys used in order to protect applications
	from a denial of service via insane key sizes.

@


1.416.2.3.2.19
log
@Correct problem in the 2006-09-28 patch concerning the handling of
excessively large DH moduli.

Reported by:	Steve Kiernan (Juniper SIRT)
Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a10 4
20060929:	p14	FreeBSD-SA-06:23.openssl
	Correct problem in the 2006-09-28 patch concerning the handling of
	excessively large DH moduli.

@


1.416.2.3.2.20
log
@Correct multiple vulnerabilities in OpenSSH.

Security:	FreeBSD-SA-06:22.openssh
Approved by:	so (simon)
@
text
@a10 3
20060930:	p15	FreeBSD-SA-06:22.openssh
	Correct multiple vulnerabilities in sshd(8).

@


1.416.2.3.2.21
log
@Correct a signedness bug which allowed members of the operator
group to read kernel memory.

Security:	FreeBSD-SA-06:25.kmem
Approved by:	so (cperciva)
@
text
@a10 4
20061206:	p16	FreeBSD-SA-06:25.kmem
	Correct a signedness bug which allowed members of the operator
	group to read kernel memory.

@


1.416.2.3.2.22
log
@Fix jail rc.d script privilege escalation via symlink attack against
/var/log/console.log and mount points.

Security:	FreeBSD-SA-07:01.jail
Approved by:	so (simon)
@
text
@a10 3
20070111:	p17	FreeBSD-SA-07:01.jail
	Correct jail rc.d script privilege escalation.

@


1.416.2.3.2.23
log
@Correct problems with locking, namei leakage, and symlink
creation in the NFS subsystem.

Approved by:	so (cperciva)
Submitted by:	re (hrs)
Errata:		FreeBSD-EN-07:01.nfs
@
text
@a10 4
20070214:	p18	FreeBSD-EN-07:01.nfs
	Correct problems with locking, namei leakage, and symlink
	creation in the NFS subsystem.

@


1.415
log
@ - Remove the pccard_ifconfig variable in favor of a new
   ifconfig_DEFAULT variable.  Unlike pccard_ifconfig, ifconfig_DEFAULT
   applies to all interfaces that do not specify an ifconfig_<ifn>
   variable rather than just those listed in removable_interfaces.
 - Correct the list of interfaces when network_interfaces and
   removable_interfaces are both set by including removable_interfaces
   in the list of canidates.
 - When listing dhcp interfaces, include those with other ifconfig
   options so nat works.

Approved by:	re (network interface startup blanket)
@
text
@d31 8
@


1.414
log
@Mention hwpmc(4) ABI/API changes in the 20050609 entry.

Discussed with:	imp
@
text
@d24 7
@


1.413
log
@Mention interface API changes.
@
text
@d34 4
@


1.412
log
@Mention the change to kinfo_proc, and the need for a complete buildworld.
@
text
@d24 5
@


1.411
log
@Mention the import of the OpenBSD dhclient, particularly the requirement
of running devd and the loss of DNS update functionality.

Reminded by:	sobomax
@
text
@d24 5
@


1.410
log
@Bump __FreeBSD_version for if_bridge.

Approved by:	mlaier (mentor)
@
text
@d24 7
@


1.409
log
@mention libpcap.
@
text
@d24 4
@


1.408
log
@fix typo in my previous commit.

Submitted by:	Jiawei Ye <leafy7382 _at_ gmail.com>
@
text
@d28 4
a31 3
	compatibility on 64 bit architecture.  You have to recompile
	userland programs that use getnetbyaddr(3), getnetbyname(3)
	and/or getnetent(3) on 64 bit architecture.
@


1.407
log
@mention getnet*(3) ABI breakage.
@
text
@d27 1
a27 1
	confirm to POSIX-2001.  These changes broke an ABI
@


1.406
log
@Provide info on the incompatible change in v1.33 of sys/kern/imgact_shell.c

Discussed with:	imp
@
text
@d24 8
@


1.405
log
@Add a note how to use nextboot(8) to test a kernel only once.

Approved by:	mentor (joerg)
Discussed with:	imp
@
text
@d24 6
@


1.404
log
@cleanup a danging reference to cleaning up /etc/fstab.  Since we don't
support 4->6 upgrades, this is moot.  Most 4.x installations even,
have things compatible with 5 at thsi point, but some don't, so I'll
leave it in the branch...

submitted by: kevlo
@
text
@d180 8
@


1.403
log
@Remove reference to seedrandom, since it is now gone, and was in there
just in case.
@
text
@a200 1
	<maybe fix /etc/fstab>				[7]
@


1.402
log
@Bump __FreeBSD_version for pf 3.7 and inform about user visible changes.
@
text
@a205 1
	src/etc/rc.d/preseedrandom			[10]
@


1.401
log
@Note that NO_MIXED_MODE is gone.
@
text
@d24 5
@


1.400
log
@Remove important entry being X that's 9 months old
@
text
@d24 6
@


1.399
log
@Remove references to 4.x upgrades, since those no longer are possible
(one must upgrade to 5.3 before first jumping to current).
@
text
@d9 1
a9 1
portupgrade.  Important recent entries: 20040724 (default X changes).
@


1.398
log
@Make an advise that a rebuild of fsck(8) is recommended for -CURRENT
after 20050220 due to the superblock summary recomputation change.
Also make a note about how to go back to the old behavior.

MFC After:	1 day
@
text
@a144 6
	# NOTE: 5.x below applies to 6.0-current as well, for the
	# moment.  4.any -> 5.any upgrade support will remain in
	# place for 6.0 current, but after 5.3 RELEASE, the 4.any ->
	# 6.0-current upgrade path will require moving through 5.3
	# RELEASE or newer.

d226 1
a226 1
	To upgrade in-place from 4.x-stable to current
a227 9
	# 5.x uses more space than 4.x.  Also, the location of kernel
	# modules has changed.  If you are installing 5.x onto a 4.x
	# system, you'll need about 30MB of free disk space on your /
	# partition.  If you have less than this, you may encounter difficult
	# to back out of problems with this procedure.  If /tmp is on
	# the / partition, you may want to completely remove all its content
	# before upgrading, as this can be a common source of shortage of
	# space on /.

a228 1
	<maybe fix /etc/fstab>				[7]
a229 1
	cp sys/${MACHINE}/conf/GENERIC.hints /boot/device.hints [2]
a230 1
	cd sys/boot ; make STRIP="" install		[6]
a232 1
	src/etc/rc.d/preseedrandom			[10]
a233 1
	rm -rf /usr/include/g++
a253 4
	[2] If you have legacy ISA devices, you may need to create
	your own device.hints to reflect your unique hardware
	configuration.

a261 3
	For the 4.x -> 5.x upgrade, you will also see many messages about
	needing to recompile your userland.  These are harmless and can
	be ignored while you proceed to the next step.
a276 15
	[6] 4.x boot loader can be used to boot a 5.x system, however
	it is difficult to do that at best.  If you wish to try, then
	you should interrupt the boot and at the ok prompt type:
		ok unload
		ok boot /boot/kernel/kernel
	If this fails to work, you must install a new boot loader as
	described here.

	[7] Before you upgrade, please make sure that you are not using
	compatibility slices.  These are device names of the form /dev/ad0a
	without the actual slice name.  These will break with 5.x and newer.
	You generally must update these entries to use the post FreeBSD
	2.x form of /dev/ad0s1a. i386 and pc98 are affected, while alpha
	is not.

a294 10

	In case you would like to avoid installing new packages of everything,
	you might want to uncomment the "COMPAT4X=	YES" entry, so that 4.x
	compatibility libraries are built which should allow you to continue
	using your existing software for a while.  Alternatively, you can
	install the misc/compat4x port.

	[10] In order to create temporary files, /dev/random must be
	initialized by feeding data into it.  src/etc/rc.d/preseedrandom
	takes care of this.
d299 1
a299 1
and it only starts on March 15, 2000.  Updating files can found in
d304 1
a304 1
Copyright 1998-2004 M. Warner Losh.  All Rights Reserved.
@


1.397
log
@Add a note about new format of LC_CTYPE files.
@
text
@d51 10
@


1.396
log
@Add notes on merging acpi_perf and acpi_throttle to acpi.ko
@
text
@d24 5
@


1.395
log
@Change the definition of struct if_data's member ifi_epoch from wall
clock time to uptime because wall clock time may go backwards.

This is a change in the API which will impact SNMP agents who are using
ifi_epoch to set RFC2233's ifCounterDiscontinuityTime.  None are know to
exist today.  This will not impact applications that are using the
<index, epoch> tuple to verify interface uniqueness except that it
eliminates a race which could lead to a false assumption of uniqueness.

Because this is a behavior change, bump __FreeBSD_version.

Discussed with:	re (jhb, scottl)
MFC after:	3 days
Pointed out by:	pkh (way back at EuroBSDCon)
Pointy hat:	brooks
@
text
@d32 4
d48 1
a48 1
	acpi(4) throttling have been removed.  The power_profile(8) script
d50 1
a50 2
	rc.conf(5) to set AC on/offline cpu frequencies.  The acpi
	throttling support has been merged into acpi_perf(4).
@


1.394
log
@Welcome to the 21st century: increase MAXSHELLCMDLEN from 128 bytes to
PAGE_SIZE.

Unlike originator of the PR suggests retain MAXSHELLCMDLEN definition
(he has been proposing to replace it with PAGE_SIZE everywhere), not only
this reduced the diff significantly, but prevents code obfuscation and also
allows to increase/decrease this parameter easily if needed.

PR:		kern/64196
Submitted by:	Magnus Bckstrm <b@@etek.chalmers.se>
@
text
@d24 8
@


1.393
log
@Simplify steps necessary to cross-install -CURRENT onto a
separate partition.  (Take advantage of "make distribute"
installing /boot/device.hints.)
@
text
@d25 5
@


1.392
log
@Note removal of "options CPU_ENABLE_TCC"
@
text
@d187 1
d191 1
a191 3
	make buildkernel KERNCONF=YOUR_KERNEL_HERE
	cp src/sys/${ARCH}/conf/GENERIC.hints \
		${CURRENT_ROOT}/boot/device.hints	# as needed
a192 1
	cd src/etc; make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
@


1.391
log
@Fix disorder.
@
text
@d24 5
@


1.390
log
@Note the cpufreq import and acpi throttling changes.
@
text
@a81 3
20041104:
	FreeBSD 5.3 shipped here.

d90 3
@


1.389
log
@Notice that NG_VERSION has been increased.
@
text
@d25 7
@


1.388
log
@Fix typos.

PR:		misc/77151
Submitted by:	Anton Karpov
@
text
@d24 3
@


1.387
log
@As threatened, trim the UDPATING file to the branchpoint for RELENG_5.
People wishing to see prior changes are encouraged to look at the
UPDATING file on the RELENG_5 branch.  Document when RELENG_5 was
branched, as well as the 5.3 release date, as shown in the CVS logs
for newvers.sh.

This change should not be MFC'd.

Noticed by: Matteo Riondato (and ru)
@
text
@d99 2
a100 2
	# NOTE: 5.x below applies to 6.0-currrent as well, for the
	# momemnt.  4.any -> 5.any upgrade support will remain in
@


1.386
log
@Note the deprecation of the abbreviation of a number of ipfw options.
@
text
@a10 2
[[ The UPDATING file will be trimmed to 20040814 on or about Oct 1, 2004 ]]

d72 3
d93 3
a95 1680
20041007:
	The FreeBSD keyword is no longer a requirement for a valid
	rc.d script. The rc(8) and rc.shutdown(8) scripts no longer check
	for the existence of this keyword when ordering rc.d scripts.
	This change touches most of the file in /etc/rc.d; therefore,
	if you have not modified any files in that directory it may
	be easier to rm -rf /etc/rc.d and then use the -i switch with
	mergemaster(8).

20041007:
	One of the syscalls the 1:1 threading library libthr uses has
	changed, thus breaking ABI compatibility. Make sure you rebuild
	this library with the kernel.

20041004:
	A major sweep over the tty drivers to elimnate approx 3100
	lines of copy&pasted code have been performed.  As a part of
	this change some tty devices have changed names:
	sio devices are now named:	{tty,cua}d%d[.init,.lock]
	ucom devices are now named:	{tty,cua}U%d[.init,.lock]
	For other drivers see the commit logs.

20041001:
	The following libraries had their version number bumped up:
		/lib/libm.so.2 -> libm.so.3
		/lib/libreadline.so.4 -> libreadline.so.5
		/usr/lib/libhistory.so.4 -> libhistory.so.5
		/usr/lib/libopie.so.2 -> libopie.so.3
		/usr/lib/libpcap.so.2 -> libpcap.so.3
	FreeBSD 4.10 versions of these libraries will be added to the
	compat4x collection.  If you expect to be able to run old 4.X
	executables you will need to remove the old versions of these
	libraries.  However note that any 5.X executables you have built
	will stop working once you remove those old libraries.  You should
	have all your ports/packages rebuilt before removing the old
	libraries.

20040929:
	The pfil API has gained an additional argument to pass an inpcb.
	You should rebuild all pfil consuming modules: ipfw, ipfilter
	and pf.

20040928:
	If named is enabled, the default is now to run it in a chroot
	"sandbox." For users with existing configurations in
	/etc/namedb the migration should be simple. Upgrade your
	world as usual, then after installworld but before
	mergemaster do the following:

	If named is running: /etc/rc.d/named stop
	cd /etc
	mv namedb namedb.bak
	mkdir -p /var/named/etc/namedb
	cp -Rp namedb.bak/* /var/named/etc/namedb/
	mergemaster (with your usual options)
	If using the generated localhost* files:
		cd /var/named/etc/namedb
		/bin/sh make-localhost
		rm -f localhost-v6.rev localhost.rev
	/etc/rc.d/syslogd restart
	/etc/rc.d/named start

	If you are using a custom configuration, or if you have
	customised the named_* variables in /etc/rc.conf[.local]
	then you may have to adjust the instructions accordingly.
	It is suggested that you carefully examine the new named
	variables in /etc/defaults/rc.conf and the options in
	/var/named/etc/namedb/named.conf to see if they might
	now be more suitable.

20040925:
	BIND 9 has been imported into the base, and is now fully
	functional. BIND 8 has now been removed. There are numerous
	differences between BIND 8 and 9, and users with critical
	named installations should read the migration documentation
	in /usr/share/doc/bind9/misc/migration. There is also a
	new instruction manual in /usr/share/doc/bind9/arm.

	The key differences that most users will experience are in
	how picky BIND 9 is about zone file format. If you are using
	named as a resolving (caching) name server, you will likely
	not have trouble.

	The following files are part of the old BIND 8 installation
	and should be removed:
	/usr/bin/dnskeygen /usr/bin/dnsquery /usr/libexec/named-xfer
	/usr/sbin/named.restart /usr/sbin/ndc

	The following files have moved to /usr/bin, and should be
	removed from their old locations:
	/usr/sbin/nslookup /usr/sbin/nsupdate

20040914:
	The format of the pflogd(8) logfile "/var/log/pflog" has changed for
	architectures that have a 64 bit long type to make it compatible to
	the standard pcap format. In order to prevent corruption move away
	any old logfile before using a new pflogd(8).

20040906:
	debug.witness_* has been renamed to debug.witness.*.  There are
	compatibility tunables left in for a few days.  Update loader.conf
	as necessary.

20040902:
	The ifi_epoch change has been reverted because the ABI breakage
	was too extensive.  If you are running with a kernel/userland
	containing the initial change (20040830), you should heed the
	warning about ifconfig incompatibility when upgrading again.
	With this change, 5.3 and 6.0 ifconfigs and kernels are once
	again interoperable.

20040830:
	A new variable, ifi_epoch, has been added to struct if_data
	which is part if struct ifnet.  This means all network drivers
	and network monitoring applications need to be recompiled.

        WARNING WARNING WARNING WARNING WARNING WARNING WARNING

        This also breaks ifconfig compatibility.  An old ifconfig will
        not work with the new kernel and a new ifconfig will not work
        with the old.  It is strongly recommended that you make a copy
        of your old ifconfig before installworld.  If you are installing
        remotely, you must copy over a new ifconfig before rebooting in
        to the new kernel.

20040828:
	The default configuration for the network stack has been changed
	such that it now runs without the Giant lock unless configured
	otherwise.  If you experience network-related instability, you
	may wish to try setting "debug.mpsafenet=0" or compiling the
	kernel with "options NET_WITH_GIANT".  Details on the netperf
	project may be found at:

	    http://www.watson.org/~robert/freebsd/netperf/

	Including the 20040828 announcement of configuration change
	details.

20040827:
	PFIL_HOOKS are a fixed part of the network stack now and do not
	need to be specified in the kernel configuration file anymore.

20040819:
	Netgraph changed its message format slightly to align the data
	portion well on 64 bit machines.
	Netgraph using utilities (e.g. ngctl, nghook, ppp, mpd,
	pppoed, bluetooth, ATM) should be recompiled when a new kernel
	is installed.

20040817:
	IPFW has been converted to use pfil(9).  This change is
	transparent to userland and preserves the ipfw ABI.  The ipfw
	core packet inspection and filtering functions have not been
	changed, only how ipfw is invoked is different.

20040814:
	The RANDOM_IP_ID option has been replaced by the sysctl
	net.inet.ip.random_id. If you had RANDOM_IP_ID in your kernel then
	you may want to add "net.inet.ip.random_id=1" to /etc/sysctl.conf.

20040807:
	The size of 'struct ifnet' has changed due to the addition of the
	if_carp placeholder.  All kernel modules implementing network
	interfaces must be recompiled as a result.

20040806:
	Module loading has been fixed.  Some older installations will
	drop proper module_path initialization and modules will fail to
	load properly.  If you have a line in /boot/loader.rc that says:
	"initialize drop", do (i386 only):
		cp /usr/src/sys/boot/i386/loader/loader.rc /boot/loader.rc
		chown root:wheel /boot/loader.rc
		chmod 444 /boot/loader.rc

20040802:
	making /dev/(null|zero) into a module proved to be too unpopular,
	so this bit has been revoked from the previous (20040801) entry.

20040801:
	The /dev/mem, /dev/io /dev/(null/zero) devices are now modules,
	so you may wish to add them to your kernel config file. See
	GENERIC for examples.

20040728:
	System compiler has been upgraded to GCC 3.4.2-pre. As with any major
	compiler upgrade, there are several issues to be aware of. GCC 3.4.x
	has broken C++ ABI compatibility with previous releases yet again
	and users will have to rebuild all their C++ programs with the new
	compiler. If you are getting run-time error such as
	/libexec/ld-elf.so.1: Undefined symbol "_ZNSs20_S_empty_rep_storageE"
	This entry does apply to you.

	A new unit-at-a-time optimization mode, which is default in this
	compiler release, is more aggressive in removing unused static
	symbols. This is the likely cause of 'make buildworld' breakages
	with non-default CFLAGS where optimization level is set to -O2
	or higher.

	With the upgrade of the system compiler, the kernel has been upgraded
	to match the new system compiler.  This makes it impossible to build
	a new kernel with the old compiler.  Upgrade your system via
	make buildworld and make kernel (see below) to fix this problem.

20040727:
	The size of 'struct ifnet' has changed due to the addition of
	the IFF_NEEDSGIANT flag (and what it implies).  All kernel
	modules implementing network interfaces must be recompiled as
	a result.

20040716:
	The sound device drivers are renamed.  `sound' is always required,
	while `snd_*' should be configured accordingly to your hardware.
	Refer to NOTES for the detail of the drivers.

20040710:
	__FreeBSD_version bumped to 502122.

20040710:
	The console initialization on Alpha has been reworked and is now
	identical to other platforms. This means that the hardcoding of
	the serial console and the debug port has been removed. As such,
	hints (hint.sio.0.flags="0x10") are now required for the sio(4)
	driver to become a console or debug port.  The NO_SIO option has
	been decommissioned because of this.
	Running mergemaster is the easiest way to ensure your
	'boot/device.hints' has the needed line.

20040710:
	A revamp of the debugging code in the kernel with some visible
	changes beyond just the debugging experience:
	o  The DDB option is now specific to the DDB debugger backend
	   and should not be used any more for conditional compilation
	   of debugging code for when debugging is enabled. Use the KDB
	   option for this.
	o  The WITNESS_DDB, DDB_TRACE and DDB_UNATTENDED options have
	   been renamed to WITNESS_KDB, KDB_TRACE and KDB_UNATTENDED
	   respectively. This is in line with the first bullet.
	o  The remote GDB support has been untangled from DDB and needs
	   to be enabled separately now. Use the GDB option for this.
	o  The GDB_REMOTE_CHAT option has been removed. Support for this
	   homegrown feature is discontinued. The GDB remote protocol
	   supports console output and it makes sense to use that. 
	o  The DDB_NOKLDSYM option has been removed. The DDB debugger
	   now supports both direct symbol table lookups as well as KLD
	   symbol lookups through the linker.

20040708:
	Bluetooth code has been marked as non-i386 specific.
	__FreeBSD_version has been bumped to 502121 to mark this change.

20040702:
	The native preemption has been added to the kernel scheduler.
	There is some report that the ULE scheduler was broken in some
	machines and we encourage users using the ULE scheduler either
	stick with a known good kernel, or temporarily switch to the 4BSD
	scheduler as a workaround.

20040630:
	The netgraph ABI version number has been incremented to indicate
	an incompatible change in the ABI. Old netgraph nodes will refuse
	to attach until recompiled. Netgraph now uses mbuf tags to move
	metadata and this commit removes its home-grown metadata facility.
	Nodes should just recompile, unless they use metadata, in which
	case the changes are simple; the file ng_ksocket.c serves as an
	example of such changes.

	This also broke i4b, although the compile problem has been papered
	over.

20040630:
	ACPI has been updated to disable known-bad BIOS revisions.  A message
	will be printed on the console indicating that ACPI has been disabled
	automatically and that the user should use a newer BIOS, if possible.
	If you think ACPI does work on your system and want to override
	this (i.e., for testing), set hint.acpi.0.disabled="0" at the
	loader prompt.

20040623:
	pf was updated to OpenBSD-stable 3.5 and pflogd(8) is privilege
	separated now. It uses the newly created "_pflogd" user/group
	combination. If you plan to use pflogd(8) make sure to run
	mergemaster -p or install the "_pflogd" user and group manually.

20040622:
	Network interface cloning has been overhauled.  This change will
	require a recompile of modules using cloning and modification of
	external ones to the new API.  __FreeBSD_version has been bumped
	to 502119 to mark this change.  Additionally, users creating
	stf(4) interfaces via "ifconfig stf" will need to update their
	scripts as this will create an interface named "stf" instead of
	"stf0" and ifconfig will not print "stf0" to stdout.

20040621:
	On 20040524, the /etc/rc.d/nsswitch script was modified to
	automatically create /etc/nsswitch.conf on startup if it did
	not already exist.  Unfortunately, an error in the man page
	was carried over to the script, resulting in incorrect
	nsswitch settings.  The simplest remedy is to remove both
	/etc/nsswitch.conf and /etc/host.conf; they will be recreated
	during the next reboot.

20040614:
	The return value of sema_timedwait(9) has been changed to
	make it consistent with cv_timedwait(9).  Be sure to recompile
	the ips module and any third-party modules which call
	sema_timedwait.

20040613:
	ALTQ is now linked to the build. This breaks ABI for struct ifnet.
	Make sure to recompile modules and any userland that makes use of
	sizeof(struct ifnet). In order to get the altq headers in place
	please recompile and reinstall world.

20040607:
	Splitting kern_thread.c into 2 files (adding kern_kse.c)
	requires that you re-run config after updating your tree.

20040601:
	The MIDI drivers have been removed. Until the new module-friendly
	ones are merged, remove or comment out midi and seq from your
	kernel configuration.

20040423:
	Due to a new option in ipfw (versrcreach) the ipfw(8) command
	needs to be recompiled.  Normal accept/reject rules without
	options are not affected but those with options may break until
	ipfw(8) is recompiled.

20040420:
	Due to changes in the callout ABI, kernels compiled after this
	date may be incompatible with kernel modules compiled prior to
	20040406.

20040414:
	The PCI bus power state stuff has been turned on.  If this causes
	problems for your system, please disable it using the tunable
	hw.pci.do_powerstate=0.

20040412:
	The bulk of the pci problems have been fixed, although the floppy
	drive is still broken.

20040410:
	A substantial update to the pci bus resource and power management
	have been committed.  Expect a bumpy ride for a few days until
	the unanticipated problems have been resolved.

20040409:
        Due to changes in the the Yarrow initialization process,
        /dev/random needs to be fed before operations requiring
        temp files can succeed in single user mode.  This includes
        running "make installworld". /dev/random may be fed by running
        "/etc/rc.d/initrandom start" or with 20040415 source by running
        "/etc/rc.d/preseedrandom".

20040322:
	The debug.mpsafenet tunable controls whether the kernel Giant
	lock is held across the lower levels of the network stack, and
	by default is turned off.  In the few days following 20040322,
	the behavior of debug.mpsafenet will change such that this
	tunable controls Giant over all levels of the network stack.
	If you are currently setting debug.mpsafenet to 1, you should
	set it back to 0 (the default) again during the change-over.
	An additional note will be added to UPDATING when sufficient
	locking is merged to permit this to take place.

20040310:
	The FreeBSD/sparc64 platform is changing time_t from 32-bits to
	64-bits.  This is a very major incompatible change, so people
	using FreeBSD/sparc64 *must* read the UPDATING.64BTT file for
	detailed instructions on how to make this upgrade.  People
	upgrading FreeBSD on other platforms can ignore this event.

20040308:
	The packet filter (pf) is now installed with the base system. Make
	sure to run mergemaster -p before installworld to create required
	user account ("proxy"). If you do not want to build pf with your
	system you can use the NO_PF knob in make.conf.
	The pf system consists of the following three devices:
	device		pf		# required
	device		pflog		# optional
	device		pfsync		# optional

20040303:
	If you are having trouble with the libc_r -> libpthread transition
	(see the 20040130 entry), place the following lines at the top of
	/etc/libmap.conf:

	libc_r.so.5		libpthread.so.1
	libc_r.so		libpthread.so

	This will cause all programs and libraries linked against libc_r
	to use libpthread instead.

20040226:
	Some sshd configuration defaults have changed: protocol version 1
	is no longer enabled by default, and password authentication is
	disabled by default if PAM is enabled (which it is by default).
	OpenSSH clients should not be affected by this; other clients may
	have to be reconfigured, upgraded or replaced.

20040225:
	The ABIs defined in <resolv.h> and <netdb.h> have been updated
	to support improved reentrancy.  Multi-threaded programs that
	reference the "_res" or "h_errno" symbols may experience some
	problems if they are not recompiled.  Single-threaded programs
	should remain unaffected.

20040225:
	routed has been updated in the base system from the vendor
	sources, routed v2.27, from rhyolite.com. This change means that
	for users who use RIP's MD5 authentication feature, FreeBSD
	-CURRENT's routed is now incompatible with previous versions
	of FreeBSD; however it is now compatible with implementations
	from Sun, Cisco and other vendors.

20040224:
	The tcpcb structure has changed and makes a recompile of libkvm
	and related userland network utilities necessary.

20040222:
	The cdevsw structure has changed in two externally visible ways.
	First, the sense of the D_GIANT flag has changed to D_NEEDSGIANT.
	Second, the d_version field must be filled in with D_VERSION.
	Drivers outside the tree will need to be updated.

20040207:
	The /etc/rc.d/ttys script has been removed. It is no longer
	necessary since devfs has been mandatory for some time.

20040130:
	libkse has been renamed back to libpthread and is now the
	default threads library.  The gcc -pthread option has also
	been changed to link to libpthread instead of libc_r.  For
	alpha and sparc64 machines, libkse is not renamed and links
	are installed so that libpthread points to libc_r.  Until
	the ports system is updated to handle this change, it is
	recommended that folks install an /etc/libmap.conf(5) that
	maps libc_r to libpthread.  If you have any binaries or
	libraries linked to libkse, then it is also recommended
	that you map libkse to libpthread.  Anyone that is using
	nvidia supplied drivers and libraries should use a libmap.conf
	that maps libpthread to libc_r since their drivers/libraries
	do not work with libpthread.

20040125:
	ULE has entered into its probationary period as the default scheduler
	in GENERIC.  For the average user, interactivity is reported to be
	better in many cases.  On SMP machines ULE will be able to make more
	efficient use of the available parallel resources.  If you are not
	running it now, please switch over, replacing the kernel option
	SCHED_4BSD with SCHED_ULE.

20040125:
	Move LongRun support out of identcpu.c, where it hardly
	belongs, into its own file and make it opt-in, not mandatory,
	depending on CPU_ENABLE_LONGRUN config(8) option.

20031213:
	src/lib/libc/gen/initgroups.c:1.8 now causes logins to fail
	if the login process is unable to successfully set the
	process credentials to include all groups defined for the
	user.  The current kernel limit is 16 groups; administrators
	may wish to check that users do not have over 16 groups
	defined, or they will be unable to log in.

20031203:
	The ACPI module has been reactivated.  It is no longer required
	to compile ACPI support into kernels statically.

20031112:
	The statfs structure has been updated with 64-bit fields to
	allow accurate reporting of multi-terabyte filesystem
	sizes. You should build world, then build and boot the new kernel
	BEFORE doing a `installworld' as the new kernel will know about
	binaries using the old statfs structure, but an old kernel will
	not know about the new system calls that support the new statfs
	structure.
	Note that the backwards compatibility is only present when the
	kernel is configured with the COMPAT_FREEBSD4 option. Since
	even /bin/sh will not run with a new kernel without said option
	you're pretty much dead in the water without it. Make sure you
	have COMPAT_FREEBSD4!
	Running an old kernel after a `make world' will cause programs
	such as `df' that do a statfs system call to fail with a bad
	system call. Marco Wertejuk <wertejuk@@mwcis.com> also reports
	that cfsd (ports/security/cfs) needs to be recompiled after
	these changes are installed.

	****************************DANGER*******************************

	DO NOT make installworld after the buildworld w/o building and
	installing a new kernel FIRST.  You will be unable to build a
	new kernel otherwise on a system with new binaries and an old
	kernel.

20031112:
	Some netgraph string length constants have been changed. This
	change requires the netgraph kernel modules and all netgraph
	userland components to be in sync. Especially users who require
	netgraph to boot need to make sure to have world and kernel in
	sync before rebooting.

20031111:
	Hyperthreading logical CPU's are no longer probed by default
	when using the MP Table.  If ACPI is being used, then logical
	CPUs will be probed if hyperthreading is enabled in the BIOS.
	If ACPI is not being used and hyperthreading is enabled in the
	BIOS, logical CPUs can be enabled by building a custom kernel
	with the option MPTABLE_FORCE_HTT enabled.

20031103:
	The i386 APIC_IO kernel option has been replaced by
	'device apic'.  The ACPI module has also been temporarily
	disabled, so ACPI must be statically compiled into your
	kernel using 'device acpi' if you wish to use the ACPI driver.

20031031:
	The API and ABI of struct ifnet have been changed by removing
	the if_name and if_unit members and replacing them with
	if_xname, if_dname, and if_dunit.  All network drivers and most
	userland programs which include net/if_var.h must be updated
	and recompiled.  __FreeBSD_version has been bumped to 501113 to
	reflect this change.

20030928:
	Changes to the cdevsw default functions have been made to remove
	the need to specify nullopen() and nullclose() explicitly.
	__FreeBSD_version bumped to 501110.

20030926:
	kiconv(3) has been added. mount_msdosfs(8), mount_ntfs(8) and
	mount_cd9660(8) need to be in sync with kernel.

20030923:
	Fix a bug in arplookup(), whereby a hostile party on a locally
	attached network could exhaust kernel memory, and cause a system
	panic, by sending a flood of spoofed ARP requests. See
	FreeBSD-SA-03:14.arp.

20030915:
	A change to /etc/defaults/rc.conf now causes inetd to be started
	with `-C 60' if it is not overridden in /etc/rc.conf.  This
	causes inetd to stop accepting connections from an IP address
	that exceeds the rate of 60 connections per minute.

20030829:
	The following rc.d scripts have been removed and should be
	deleted from your installation: atm2.sh atm3.sh devdb
	localdaemons network1 network2 network3. Depending on when
	you last updated world and used mergemaster(8) you may or
	may not have problems during the rc boot sequence. The simplest
	solution is an 'rm -rf /etc/rc.d/*' and then 'mergemaster -i'.
	The atm2.sh atm3.sh and devdb scripts were removed some time
	ago, so depending on when you installed -CURRENT these scripts
	may or may not exist on your system.

20030824:
	ATAng has been committed. You need to build world as sys/ata.h
	has changed, and userland atacontrol depends on it.
	If you use ATA SW raids you need "device ataraid" in your
	kernel config file, as it is no longer pulled in automatically.

20030819:
	The OFW_NEWPCI option has been turned on in the Sparc64 GENERIC kernel.
	Among other things, this changes the device enumeration to be
	closer to Solaris.  Be aware that, this can even cause the machine
	to not boot without manual intervention before the fstab is adjusted.

20030728:
	All current USB and Firewire quirks in da(4) have been deprecated
	and will be removed for 5.2.  If this causes failure for your
	umass(4) devices, enable "options DA_OLD_QUIRKS" in your kernel
	and send the output of "camcontrol inquiry da0" to scsi@@freebsd.org
	so the quirk can be re-enabled.

20030724:
	Problems with entry 20030714 have been corrected and no known issues
	with /rescue and -j exist for host systems after this point in time.

20030722:
	FPU-less support has been removed from FreeBSD.  Chances are you won't
	notice.  386+387 support should still work after this change, but
	it is now a minimum requirement for the i386 port that you have real
	FPU hardware.

20030714:
	Some people are having problems with changes related to /rescue.
	If you are building -j N, you will need to define NO_RESCUE.  Others
	will need to define it if /rescue has issues with their environment.
	People should report those issues to current@@.

20030711:
	gcc was upgraded to 3.3.  You are advised to not build -DNOCLEAN
	across this point.  Further, it might be a good idea to remove
	/usr/obj.

20030610:
	Remove deprecated locale names and transition period code
	for them, finishing switching to the new scheme. Check your
	LANG environment variable.

20030609:
	CCD has been changed to be a fully GEOMified class.  Kernel
	and ccdconfig(8) needs to be in sync, this is particularly
	important to remember beforehand if your source tree is on
	a ccd device.  Consider making a copy of the old ccdconfig
	into /boot/kernel.good or wherever you keep your backup
	kernel.

20030605:
	There was a small window in which sed(1) was broken.  If you
	happen to have sed(1) installed during that window, which is
	evidenced by an inability to build world with the failure
	given below, you need to manually build and install sed(1)
	(and only sed(1)) before doing anything else. This is a one-
	time snafu. Typical failure mode:

	In file included from /usr/src/contrib/binutils/bfd/targets.c:1092:
	targmatch.h:7:1: null character(s) ignored
	targmatch.h:12:1: null character(s) ignored
	targmatch.h:16:1: null character(s) ignored
		:

	The window of "sed(1)-uction" is from Wed Jun 4 15:31:55 2003 UTC
	to Thu Jun 5 12:10:19 2003 UTC (from rev 1.30 to rev 1.31 of
	usr.bin/sed/process.c).

20030505:
	Kerberos 5 (Heimdal) is now built by default. Setting
	MAKE_KERBEROS5 no longer has any effect. If you do NOT
	want the "base" Kerberos 5, you need to set NO_KERBEROS.

20030502:
	groff has been updated.  If you try to do a buildworld and
	get an infinite loop in troff, update to May 4th or newer.  If you
	have a newer kernel than userland, you may need to set the OSRELDATE
	to 500110 in your environment before starting a buildworld.

20030501:
	The old rc system has been removed.  Please report any problems
	to freebsd-rc@@yahoogroups.com, and/or freebsd-current@@freebsd.org.
	Your personal versions of these files will not be removed, so you can
	continue to use them. However, you should take great care when updating,
	especially when using mergemaster, since the compatibility code that
	utilizes these old scripts has also been removed.

20030423:
	A bug has been fixed in /dev/devctl which would cause devd
	to hang on boot, were it not for a workaround in devd.  The
	work around in devd will be removed around 20030507.  You
	have until then to upgrade your kernel before updating
	userland.  In general, you should have a userland and
	kernel that's in sync with each other.  However, given the
	effects of this bug (hang on boot when starting devd), some
	allowances are made.

20030329:
	Alphas with libc from between 20030312 and 20030329 exhibit
	floating point exceptions (FPEs), most notably in awk(1)
	while upgrading the system through a buildworld.

	So, to successfully upgrade your Alpha, you must either
	downgrade your libc.so to a pre-20030312 version, or update
	/usr/share/mk/bsd.cpu.mk to revision 1.26 which adds -mieee
	to CFLAGS, then forcibly rebuild and install libc:

	cd /usr/src/lib/libc && \
	    make cleandir && make obj && \
	    make -DNOMAN -DNOPROFILE all && \
	    make -DNOMAN -DNOPROFILE install

20030208:
	sendmail 8.12.7 has been imported.  It has one important
	change for IPv6 users.  The default submit.mc now uses
	'[127.0.0.1]' instead of 'localhost' meaning only IPv4 is
	used to connect to the MTA.  Users on IPv6-only machines
	will need to edit /etc/mail/submit.mc appropriately.

20030128:
	NODEVFS option has been removed and DEVFS thereby made standard.
	This makes all references to MAKEDEV obsolete, and they should
	be removed when convenient.

20030126:
	The name of the device for the ofw console has changed, sparc64 users
	must run mergemaster to update their installed /etc/ttys.

20030125:
	The scheduler framework has grown a second scheduler and consequently
	you must specify one and only one scheduler in your kernel config.
	The cvs config files have been updated to use the old scheduler
	which may be selected via 'options SCHED_4BSD'.  If you would like
	to try the new, much more experimental, scheduler please try
	'options SCHED_ULE' and contribute to the arch@@ discussion.

20030115:
	A new version of the wi driver has been imported into the tree.
	One now must have device wlan in the config file for it to operate
	properly.

	In addition, there have been some changes to how wi devices are
	configured for point to point links to bring it more in line
	with the former way of doing things, as well as compatibility
	with NetBSD.

20021222:
 	For a period after the GCC 3.2.1 import (from 12/04 to 12/22), GCC
 	used an incompatible form of ABI for returning structures and unions
 	which FreeBSD's GCC maintainers were not aware of relative to previous
 	versions of FreeBSD.  We have gone back to the ABI for now, and any
 	code compiled which is required to interoperate with other code (not
 	built at the same time) returning structs or unions should be
	rebuilt.

20021216:
	A name change in /etc/netconfig has been reverted to stay
	compatible with suns TIRPC and also with NetBSD. You need
	to run mergemaster after make world. A new libc does still work
	with an outdated /etc/netconfig for some time, but you'll get
	a warning. This warning will be removed in 20030301.

20021202:
	The recent binutils upgrade marks a kernel flag day on
	sparc64: modules built with the old binutils will not work
	with new kernels and vice versa. Mismatches will result in
	panics.  Make sure your kernel and modules are in sync.

20021029:
	The value of IPPROTO_DIVERT has changed.  Make sure to keep
	your kernel, netstat, natd and any third-party DIVERT
	consumers in sync.

20021024:
	Old, compatibility slices have been removed in GEOM kernels.
	This means that you will have to update your /etc/fstab to
	not use disk devices of the form /dev/ad0a.  Instead, you
	now must specify /dev/ad0s1a, or whatever slice your FreeBSD
	partition really is on.  The old device names have gone
	away, so if you use them anywhere else, you must also adjust
	those uses.  (This doesn't affect the disks formatted in
	the ``dangerously-dedicated'' mode.)

20021023:
	Alphas with kernels from between 20020830 and 20021023 and/or
	rtld (ld-elf.so.1) older than 20021023 may experience problems
	with groff while doing a buildworld (kernel: "out of memory",
	fixed in rev 1.129 of kern/imgact_elf.c; rtld: "too few PT_LOAD
	segments", fixed in rev 1.8 of libexec/rtld-elf/map_object.c).

	So, to successfully upgrade your Alpha, you must either
	upgrade your kernel and rtld first (which might be a bit
	tricky), or avoid running the bootstrapped groff during the
	"transitional" buildworld.  To avoid running groff during the
	transitional upgrade run make buildworld with -DNOMAN,
	-DNO_SHAREDOCS, and -DNO_LPR.

20020831:
	gcc has been upgraded to 3.2.  It is not all binary compatible
	with earlier versions of gcc for c++ programs.  All c++
	programs and libraries need to be recompiled.

	Also, if you encounter g++ issues, rm /usr/include/g++/* before
	doing an installworld to make sure that stale files are removed.

20020827:
	Our /etc/termcap now has all the entries from the XFree86 xterm
	almost unchanged. This means xterm now supports color by default.
	If you used TERM=xterm-color in the past you now should use
	TERM=xterm. (xterm-color will lead to benign warnings).

20020815:
	A "bug" in gcc(1) that was hiding warning in system headers was
	fixed.  It's probably time to add -DNO_WERROR to your make line
	again.

20020729:
	COPY is being deprecated.  The 20010530 change was reverted, as
	it causes far more pain than was expected, and to always compare
	before installing, please use INSTALL="install -C" again.  The
	-C option is now silently ignored when used with the -d option.

20020702:
	Problems with libc_r clients like KDE and GNOME have been resolved.
	There are still some minor problems with some signals but the
	system is stable enough for general use again. SMP is less so than UP
	but each can successfully complete multiple buildworlds.
	Libkvm needs to be recompiled due to KSE.

20020701:
	Now would be a bad time to upgrade.  Something in or near the
	KSE commit totally broke programs using libc_r like KDE and
	GNOME.

20020511:
	The k5su utility installed as part of Kerberos 5 is no longer
	installed with the set-user-ID bit set by default.  Add
	ENABLE_SUID_K5SU=yes to /etc/make.conf to have it installed
	with the set-user-ID bit set.

20020510:
	Gcc 3.1 debugging format (cc -g) has changed from STABS to DWARF2.
	Unfortunately our native GDB (at version 4.18) does not understand
	the DWARF2 debugging format.  Thus you must use `gcc -gstabs+' to
	generated debugging information for our native GDB.

20020510:
	Due to the way CVS works, it may not properly update src/contrib/gcc
	to the 3.1 sources.  The easiest fix is to `rm -rf' src/contrib/gcc
	and then do a cvs update.

20020421:
	When exec'ing set[ug]id executables, the kernel now ensures that the
	stdio file descriptors (0..2) are open.  See FreeBSD-SA-02:23.stdio.

20020404:
	New sendmail startup scripts have been installed to make it
	easier to use alternative MTAs with FreeBSD.  Setting the rc.conf
	variable sendmail_enable to "NO" no longer prevents any sendmail
	daemons from starting.  Instead, either set sendmail_enable to
	"NONE" or change mta_start_script to a script for starting
	an alternative MTA.  Setting mta_start_script to "" will
	also prevent any MTA from being started at boot.

20020403:
	UCONSOLE is no longer a valid kernel option.

20020315:
	FreeBSD 5.0 DP-1 was basically branched today.

20020225:
	Warnings are now errors in the kernel.  Unless you are a developer,
	you should add -DNO_WERROR to your make line.

20020217:
	sendmail 8.12.2 has been imported.  The sendmail binary is no
	longer a set-user-ID root binary and the infrastructure to support
	command line mail submission has changed.  Be sure to run
	mergemaster (especially for updating /etc/rc, /etc/defaults/rc.conf,
	and /etc/mail) and read /etc/mail/README for more details.

	Due to the import of sendmail 8.12.2, a new user and group are
	required in order for sendmail to run as a set-group-ID
	binary.  A 'make installworld' will use the new user and group
	to set the owner and group of /var/spool/clientmqueue and will
	fail if the new user and group do not exist.  The 'smmsp' user
	and group must be merged from src/etc/group and
	src/etc/master.passwd before using 'make installworld'.
	'mergemaster -p' will do this.  You may need to install
	mergemaster before this will work if you are updating from a
	very old version of current.  The updating recipe has changed
	as of this date.

20020112:
	The preferred configuration method for PAM is now /etc/pam.d/
	rather than /etc/pam.conf.  If you have an unmodified
	pam.conf, just delete it after your next mergemaster run.  If
	you have local modifications, you can use
	/usr/src/etc/pam.d/convert.pl to incorporate them into your
	/etc/pam.d.

	Please see the following url for more details:
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<xzp6667fyoa.fsf@@flood.ping.uio.no>
20011229:
	If anyone here is already using the new rc.conf(5) variable
	networkfs_types, please note that it has changed
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<9744.1009655556@@axl.seasidesoftware.co.za>

20011220:
	sys/i4b/driver/i4b_ispppsubr.c has been retired.  This file
	started out its life in the ISDN4BSD project as an offspring
	from sys/net/if_spppsubr.c, which eventually got a life of its
	own.  All the accumulated features and bug fixes of the i4b
	version have now been merged back into the base system's
	version now.  The only user-visible change resulting from this
	is that i4b's sppp(4) interfaces are to be managed with
	spppcontrol(8) again, since ispppcontrol(8) has been retired
	as well.  (There has never been rc file support for
	ispppcontrol in -current, but only in -stable.  That will be
	reverted by the time the changes are MFCed.)

20011215:
	The fdc(4) driver has been updated and now automatically
	recognizes media in `standard' formats (like 1440 KB and
	720 KB for a 3.5" high-density drive) when accessing the
	default device node (e. g. /dev/fd0).  The old variety of
	floppy device nodes /dev/fd*.* is no longer present by
	default, devices can be created (in DEVFS) on demand.  They
	will need to be customized then for `odd' densities using
	fdcontrol(8).

20011209:
	The bugs in procfs' debugging support code have been fixed,
	and truss(1) now works again.

20011207:
	Daily security checks have been split out to use the periodic(8)
	scripts.  Some change in configuration may be necessary.  Please
	see
http://www.freebsd.org/cgi/mid.cgi?db=mid&id=<20011207155805.R8975@@blossom.cjclark.org>
	for details.

20011204:
	sos added VCD/SVCD support to ata driver and that needs the
	kernel and burncd to be in sync.

20011203:
	The procfs pseudo-filesystem has now been converted to use the
	pseudofs framework.  If you have 'options PROCFS' in your
	kernel config, you'll need to add 'options PSEUDOFS' if it's
	not there already.

	This change temporarily breaks truss(1); use ktrace(1) instead
	until the issue has been resolved.

20011202:
	A security hole in OpenSSH involving `UseLogin yes' has been
	patched.

20011126:
	You need to remove /usr/obj/.../usr.bin/tip before rebuilding
	after this date.  You need to do this only once.

20011103:
	Most of the awk issues have been resolved.  Some rough
	edges may be left, but for the most part things should be
	back to "normal." For CURRENT's usual definition of "normal."

20011030:
	Awk has been upgraded to the one true awk from bell labs.  Expect
	choppy waves in the upgrade process.

20011030:
	The asr driver problem has been resolved.

20011027:
	Due to changes in other parts of the system, the asr driver
	now causes the system to panic on boot.  Do not use it pending
	correction.  Comment it out of any kernel config file that you
	try to use from this date forward.

20011025:
	When crossbuilding, use TARGET=xxx where you used to use
	MACHINE=xxx.  You don't need to set TARGET_ARCH and TARGET,
	unless you are changing both of them.  To cross build pc98 on
	an alpha, for example, you need to set TARGET=pc98 and
	TARGET_ARCH=i386.

20011001:
	The kernel interface that burncd depends on has changed.
	You must recompile both the kernel and userland applications
	at the same time.

20010929:
	When crossbuilding, please set TARGET_ARCH rather than
	MACHINE_ARCH to indicate the target.  In the future, one will
	set TARGET_MACHINE where you set MACHINE now.  At the moment,
	setting MACHINE alone for same MACHINE_ARCH machines works
	(eg, you can build pc98 on an i386 machine and vice versa).

20010927:
	Some weird problems result from using ACPI on some machines.
	To disable ACPI you can add
		hint.acpi.0.disabled="1"
	to /boot/loader.conf (or by putting set X=Y at the boot
	loader "ok" prompt).

	Alternatively, you can remove it from /boot/kernel/acpi.ko
	or use the MODULES_OVERRIDE function in your kernel config
	file and not list acpi in that list.

20010924:
	The buildworld has been fixed.  You may need to install
	the 4.x compatibility libraries for some old binaries
	to work.  Add COMPAT4X=true to your /etc/make.conf to
	get them installed on every installworld, or execute the
	following to get them installed only once:
		cd src/lib/compat/compat4x.<arch>
		make all install
	You will see ``__stdoutp undefined'' until you do this.

20010919:
	There's a bug in the world build process.  The cross-tools
	are build with the NEW headers, but the OLD libc.a.  This
	leads to all kinds of problems with the new libc.  A temporary
	workaround is to add
		CFLAGS="-O -pipe -D_OLD_STDIO"
	before building world when upgrading from 4.x to current.  This
	can be removed afterwards.

	A proper fix to the buildworld target is needed.

20010918:
	Peter has committed his new kthread nfs client/server code.
	NFS may be unstable after this date.

20010912:
	KSE has hit the tree.  Lots of things are now different in
	the kernel.  While a few problems were introduced in the
	initial commit, most of the major ones have been found and
	corrected.

20010901:
	In OLDCARD, CardBus bridges appear to be stable.  The work
	arounds described in the 20010604 entry are now no longer
	necessary and will be ignored.  Most insert/remove problems
	have been rectified around this date.

20010823:
 	named now runs as user bind and group bind rather than as
 	root.  If named_enable is set to YES in /etc/rc.conf, ensure
 	that user bind is available in /etc/passwd (using vipw(8))
 	and that group bind is available in /etc/group.  Also make
 	sure that user or group bind has read (and not write)
 	permission for your name server configuration and that it
 	has read and write permission for your slave zone files and
 	directory.

 	If you wish to continue to run named as root (a less secure
 	alternative), add a line to /etc/rc.conf saying

 		named_flags=

20010709:
	The PAM libraries have had an API upgrade that is beyond
	the ability of the shared library major number to handle.
	It is manifested by PAM-using ports dumping core. The
	solution is to rebuild those ports.

20010628:
	The kernel compile module has moved from src/sys/compile/FOO
	to src/sys/${MACHINE}/compile/FOO.

20010625:
	The pccard modem issue from 20010613 has been corrected.
	OLDCARD support is still a little weak in -current.  slot 1 is
	known not to work on some TI based cardbus bridges.  Some
	cardbus bridges do not properly detect insert/removal events.
	IRQ configuration needs more safety belts.

20010617:
	Softupdates problems have been corrected.

20010614:
	Peter ripped out the linkerset support.  You must, as always,
	rerun config after you cvsup if you are using the traditional
	kernel building methods.

20010613:
	pccard modems may not work with current after 20010604 date.  Some
	do, others result in panics.  *MAKE*SURE* that you update your
	config and /etc/rc.conf ala the 20010604 entry, or you will have
	problems (this issue will be fixed, it just hasn't been yet).

20010613:
	SOFTUPDATES seem to be broken since the middle of May or so.  Do not
	use them in current.  You can disable softupdates on all mounted
	partitions, or remove SOFTUPDATES the kernel config file.

20010612:
	After Peter's commits to the hints code, people have been noticing
	that certain devices are attached (or try to) twice.  This is due
	to having both static hints as well as a /boot/device.hints.  To
	work around this issue, please use only one or the other mechanism
	until this bug is fixed.

	Please note that a feature of config is that if you have config
	file FOO and FOO.hints, it automatically adds FOO.hints to the
	hints.c file, whether you want it to or not.

20010610:
	Locale names have changed to match other systems better.

20010604:
	pccard support for pci cards has been committed.  You must change
	your /etc/pccard.conf irq lines.  It must match the irq used by
	pcic device.  Interrupt storms may result if you fail to do this.
	Interrupt storms look a lot like a hang.

	You must also install a new pccardd, otherwise you will get an
	interrupt storm at card reset time (just after it tells you what
	it is).

	pccardd_flags="-I" is necessary for the time being.  It tells pccardd
	not to ask the kernel if the interrupt is really free or not before
	using it.  You can either change the /etc/pccard.conf irq lines to
	match pcic, or add "-i X" to the pccardd_flags.

20010530:
	INSTALL=install -C is being deprecated.  If you want to do this,
	use COPY=-C instead.  The former method will be supported for only
	a limited time.  If you see

install: warning: the -d and -C options may not be specified together

	in your makeworld, then you need to migrate towards using
	COPY=-C.

20010525:
	It appears that vm is now stable enough to use again.  However,
	there may be other problems, so caution is still urged.  alpha
	definitely is in bad shape.

20010521:
	Minor repo damage has happened.  This may cause problems
	with cvsup of ports.  If you get errors, please see
	http://www.FreeBSD.org/cgi/query-pr.cgi?pr=27495
	at the bottom for details on a workaround.  The error message
	is
Updater failed: Cannot delete "/usr/ports/www/jakarta-tomcat/files": Directory not empty

20010520:
	Vm and/or swapping are busted on -current.  Please be patient.

20010519:
	pccard has had much reorganizational work done to it over
	the past few days.  Everything should still work, but if
	not, please contact imp@@freebsd.org.

20010517:
	ata ioctl changed.  Make sure to recompile both kernel and
	userland at the same time.

20010517:
	New ncurses imported.

20010512:
	DEVFS is now opt out, not opt in.  Barring major problems, this
	will be the only way to go starting July 1.

20010504:
	OpenSSH has been updated to 2.9.  Some defaults are different,
	including RhostsRSAAuthentication, which changes from yes to no.

20010502:
	Perl breakage in 20010501 was corrected at 14:18:33 PDT.

20010501:
	Building perl was broken at 02:25:25 PDT.

20010430:
	The bug in 20010429 was corrected at 07:35:37 PDT.  It is safe to
	go back in the water.

20010429:
	A bad bug was committed at 04:48:42 PDT.  Don't use kernels after
	this date, but before the correction date.

20010423:
	old fsck and new kernel interactions appear to have been fixed.

20010411:
	fsck and the kernel were changed to handle some optimizations
	to directory layout.  This breaks backward compatibility.
	Update only if you understand that you must not use the old
	fsck with the new kernel ever.

20010330:
	fsck has changed the meaning of the pass column in /etc/fstab.
	Please see the cvs commit to fsck.8 or the fsck.8 man page for
	details.  It is unclear if changes to /etc/fstab are necessary.

20010319:
	portmap had changed name to rpcbind for maximum POLA in your
	current world.  /etc/hosts.{allow,deny} needs changes.  nfs and
	other rpc based programs that rely on portmapper will not work
	without updates to /etc/hosts.{allow,deny} and /etc/netconfig.

20010315:
	ata subsystem changes.  ATA_ENABLE_ATAPI_DMA, ATA_ENABLE_WC
	and ATA_ENABLE_TAGS are no longer kernel options.  They have
	been replaced by tunables.  See ata.4 for details.

20010312:
	The fxp driver was converted to use miibus.  If you compile
	fxp into your kernel statically, you will need to add miibus.

20010312:
	The wi device now defaults to BSS (infrastructure) mode
	instead of ad-hoc.

20010310:
	/dev/urandom should be a symbolic link to /dev/random now.
	Users of current not using DEVFS need to run MAKEDEV std.
	ssh might not work if you don't.

20010303:
	The ed driver has been updated.  It now allows mii attachments,
	which means that you must include the miibus in your kernel if
	you use the ed driver.

20010220:
	The problems with libc have been corrected.  It is now mostly
	safe to go back into the water.

20010211:
	The size of FILE was changed.  This breaks upgrading.  If
	you must upgrade, be prepared for pain.  It also breaks almost
	all binaries that you've compiled on -current.  You are warned
	that before upgrading would be a good time to do a level 0
	dump of your system.  No, really, I mean it this time.

	To get to the new system, you'll need to use the following
	workaround.  Hopefully this can be sorted out so that we
	don't have to move this to the updating section.

	To get around the installworld problem, do:
		# cd /usr/src/usr.bin/sed
		# make install
		# cd /usr/src
		# make installworld
	If that doesn't work, then try:
		# make -k installworld
		# make installworld

20010207:
	DEVFS is now the default.  If you use vinum, make sure that you
	do not include devfs in your kernel as problems result.

20010205:
	FFS_ROOT and CD9660_ROOT have been removed or deprecated.
	Remove them from your config.

20010122:
	****************************** WARNING ******************************
			buildkernel has been changed slightly
	****************************** WARNING ******************************
	KERNCONF replaces the variable KERNEL for buildkernel.  You
	should update your scripts and make.conf accordingly.

20010119:
	config has changed to allow DEV_FOO as a replacement for NFOO.
	This requires a new config to build correctly.

20010116:
	The kernel option I386_CPU is now mutually exclusive with the
	other cpu types. If you have an i386 system, be sure that it
	only had this line.  Remove it for all other configurations.

20010110:
	Changes to the kernel require it and burncd be in sync.

20010102:
	Everyone who has hw.sndunit set to something in
	/etc/sysctl.conf, it is now hw.snd.unit.

20010101:
	ex and vi were broken by some changes to sys/queue.h.  If you
	have a bad vi, you will see make buildworld fail with a core
	dump while building termcap.  You can work around this problem
	by adding -k to your make buildworld.  This will cause the
	build to complete and install a new vi.  Once that's done, you
	can rebuild again without the -k to pick up anything that
	might have been ignored by the -k option.

	Others have suggested that you can just rebuild libc if your
	vi/ex is dynamically linked, but I've not received any reports
	of this working.

20001228:
	There have been some changes to libcrypt in -current.  The
	libscrypt/libdescrypt symlink silliness is gone and the installed
	libcrypt is fully functional.  Be aware of this.

20001218:
	Linksys Fast Ethernet PCCARD cards supported by the ed driver
	now require the addition of flag 0x80000 to their config line
	in pccard.conf(5).  This flag is not optional.  These Linksys
	cards will not be recognized without it.

20001205:
	Important new FreeBSD-version stuff: PAM support has been worked
	in, partially from the "Unix" OpenSSH version.  This requires
	adding the following in pam.conf:

	sshd    auth    sufficient      pam_skey.so
	sshd    auth    required        pam_unix.so         try_first_pass
	sshd    session required        pam_permit.so

20001031:
	cvs updated to 1.11.

20001020:
	The random device needs more entropy, so you need to make sure
	that you've run mergemaster to get a /etc/rc which will seed
	/dev/random.  If you don't and the system hangs after ldconfig,
	then banging on the keyboard randomly until it unhangs is one
	workaround.

20001010:
	****************************** WARNING ******************************
				Sendmail has been updated.
	****************************** WARNING ******************************
	o mail.local(8) is no longer installed as a set-user-id binary.
	o sendmail(8) is now built with STARTTLS support unless NO_OPENSSL
	  is set.
	o The default /etc/mail/sendmail.cf disables the SMTP EXPN and VRFY
	  commands.
	o Now using sendmail's version of vacation(1).
	o The sendmail cf building tools (contrib/sendmail/cf) are installed
	  in /usr/share/sendmail/cf.
	o sendmail.cw changed to local-host-names

	More details can be found at
		http://people.freebsd.org/~imp/UPDATING/sendmail-20001010

20001009:
	The ports tree's new layout is in place.  Be sure to update
	your entire ports tree, or you will have problems.

20001006:
	The perl build procedure no longer installs miniperl, nor uses
	the installed miniperl.  It is recommended that you delete
	/usr/bin/miniperl.

20001005:
	This weekend the ports tree will be updated to a new layout.
	It will be in an inconsistent state until noted in the UPDATING
	file, or with asami-san's message to the relevant mailing
	lists.  With this new layout, you'll need to update the whole
	tree for anything to work.

20000928:
	There was a change in the passwd format.  Need more information.

20000916:
	/boot/kernel/kernel.ko -> /boot/kernel/kernel change has taken
	place.  Please update boot loader (not the boot blocks) at the
	same time as your kernel.

20000914:
	The new pmtimer device is necessary for laptops.  Failure to
	include the device will cause suspended laptops losing time
	when they resume.  Include
		device		pmtimer
	in your config file and
		hint.pmtimer.0.at="isa"
	to your /boot/device.hints file.

20000911:
	The random device has been turned into a (pseudo-)device,
	rather than an option. The supplied kernel config files have
	been updated. You will need to do something similar in your
	own kernel config file.
	Remove:
		options		RANDOMDEV
	Add:
		device		random
	If you prefer to load the loadable module, you need to do
	nothing.

20000909:
	The random device module has been renamed from randomdev.ko to
	random.ko. You will need to edit your /boot/loader.conf to
	reflect this if you load this module at boot time.
	The line should read:
		random_load="YES"

20000907:
	The SMPNG commit has happened.  It should work, but if it
	doesn't, fallback to the PRE_SMPNG CVS tag.  There are likely
	to be a variety of minor issues.  Please see 20000905 to make
	sure you don't have model loading problems which might at
	first blush appear related to SMP.

20000906:
	nsswitch has been imported from NetBSD.  Among other things,
	this means that /etc/host.conf is no longer used.  See
	nsswitch.conf(5) instead.  Note that at boot time rc.network
	will attempt to produce a new nsswitch.conf file for you if you
	don't have one, and you have host.conf.

20000905:
	The ucred structure changed size.  This breaks the interface
	that mountd uses.  Trying to use an older mountd with a newer
	kernel guarantees a panic.  This means that you need to use
	kernels newer than today only with matching mountd, but you
	needed to do that anyway with the boot loader changes.

20000905:
	The boot loader has been updated.  The new default kernel is
	now /boot/kernel/kernel.ko.  The new default module location
	is /boot/kernel.

	You *MUST* upgrade your boot loader and kernel at the same time.
	The easiest way to do this is to do the buildworld/buildkernel/
	installkernel/installworld dance.

	Furthermore, you are urged to delete your old /modules directory
	before booting the new kernel, since kldload will find stale
	modules in that directory instead of finding them in the correct
	path, /boot/kernel.  The most common complaint that this cures
	is that the linux module crashes your machine after the update.

	if [ ! -d /boot/kernel.old ]; then
		mv /modules.old /boot/kernel.old
		chflags noschg /kernel.old
		mv /kernel.old /boot/kernel.old/kernel.ko
		chflags schg /boot/kernel.old/kernel.ko
	fi

20000904:
	A new issue with the sendmail upgrade has come to light.
	/etc/aliases has moved to /etc/mail/aliases.  Mergemaster will
	incorrectly install the default aliases in /etc/mail rather than
	move the old one from /etc.  So you'll need to manually move the
	file, create a symbolic link, remove the old /etc/aliases.db and
	run newaliases.  For safety sake, you should stop sendmail
	while doing this and run the upgrade when locally sourced email
	is not likely to be generated.

20000825:
	/boot/device.hints is now required for installkernel to
	succeed.  You should copy GENERIC.hints for your architecture
	into /boot/device.hints.  If and only if you compile hints
	into your kernel, then this file may be empty.  Please note,
	if you have an empty or missing /boot/device.hints file and
	you neglected to compile hints into your kernel, no boot
	messages will appear after the boot loader tries to start the
	kernel.

20000821:
	If you do NOT have ``options RANDOMDEV'' in your kernel and
	you DO want the random device then add randomdev_load="YES" to
	/boot/loader.conf.

20000812:
	suidperl is now always built and installed on the system, but
	with permissions of 511.  If you have applications that use
	this program, you are now required to add ENABLE_SUIDPERL=true
	to /etc/make.conf.  If you forget to do this,
		chmod 4511 /usr/bin/suidperl
	will fix this until the next build.

20000812:
	sendmail has been updated from 8.9.3 to 8.11.0.  Some of the more
	visible changes that may immediately affect your configuration
	include:
	- New default file locations from src/contrib/sendmail/cf/README
	- newaliases limited to root and trusted users
	- MSA port (587) turned on by default
	- New queue file naming system so can't go from 8.11 -> 8.9
	- FEATURE(`rbl') renamed to FEATURE(`dnsbl')
	- FEATURE(`nullclient') is more full featured
	- FEATURE(`nouucp') requires an argument: `reject' or `nospecial'
	- mail.local FreeBSD-only -b option changed to -B
	- See src/contrib/sendmail/RELEASE_NOTES for more info

20000810:
	suidperl (aka sperl) is no longer build by default.  You must
	specifically define BUILD_SUIDPERL to "true" for it to be build.
	Furthermore, we recommend that you remove /usr/bin/sperl* and
	/usr/bin/suidperl files from your system unless you have a
	specific use for it.

20000729:
	Networking defaults have been tightened.  Anybody upgrading
	/etc/defaults/rc.conf needs to add the following lines to
	/etc/rc.conf if they want to have the same setup
	afterwards (unless the variables already are set, of course):
		# Enable network daemons for user convenience.
		inetd_enable="YES"
		portmap_enable="YES"
		sendmail_enable="YES"

20000728:
	If you have null_load="YES" in your /boot/loader.conf, you
	will need to change that to nullfs_load="YES".

20000728:
	The "installkernel" target has changed slightly. Now even if
	you override KERNEL e.g. 'make installkernel KERNEL=MYKERNEL'
	it will install the MYKERNEL file (built with the buildkernel
	target) as /kernel rather than /MYKERNEL. Those who have
	updated their /boot/loader.conf files to point to /MYKERNEL
	should remove that entry or perform manual rename of /kernel
	to /MYKERNEL.

20000711:
	If you use CVSUP or CTM to get CVS trees, AND you used to get
	the old crypto files from internat.freebsd.org AND you check
	out files from the CVS tree with the cvs command, please read
		http://people.freebsd.org/~imp/internat.txt
	for details on potential problems that you might have and how
	to get around them.

	If you are merely a mirror, or don't answer yes to each of the
	clauses above, you needn't worry.

20000711:
	/etc/security has been updated to print the inode number of
	setuid programs that have changed.  You will see a large spike
	in the number of changed programs the first time when you run
	mergemaster to get a new /etc/security.

20000710:
	/dev/random now has good entropy collection (from the keyboard
	and sysmouse drivers). Please ensure that either `options
	RANDOMDEV' is present in your kernel config file or that
	`randomdev_load="YES"' is in your /boot/loader.conf. If you do
	not have the /dev/random driver, OpenSSL (and consequently
	lots of crypto tools (like SSH)) will fail with strange
	errors. (see below, 20000624).

	FreeBSD-current is safe again to run Crypto.

20000709:
	phk made the malloc default options AJ.  This may slow things
	down and uncover other latent bugs in the code.  If you need to
	run at full speed, you can disable this by doing the following:
		ln -s aj /etc/malloc.conf

20000706:
	libftpio's version was accidentally bumped a few days ago.  This
	has been corrected.  You may need to remove /usr/lib/libftpio.so.6
	before doing your next buildworld/installworld pair.  It certainly
	won't hurt to remove it before the update procedure.  It will
	break fetch until a new one is built, but ftp can be used in the
	interim if needed.

20000705:
	The crypto packages have changed for the cvsup.  This has been done
	in a backward compatible way, but the old packages will go away at
	some point in the future.  Look at /usr/share/examples/cvsup for
	details.

20000704:
	With the new sys/modules/sound/drivers/*, you will need to
	set SYSDIR until you do an installworld after July 7th.

20000704:
	rc.shutdown and rc will now call the rc.d scripts with start
	or stop.  This may cause some harmless warnings from older
	rc.d scripts that haven't been updated.

20000630:
	The libfetch based version of fetch has gone into the tree.
	Minor problems may result on some of the less popular sites,
	which should be reported to des@@freebsd.org.

20000625:
	From approximately this date forward, one must have the crypto
	system installed in order to build the system and kernel.
	While not technically strictly true, one should treat it as
	required and grab the crypto bits.  If you are grabbing CVS
	trees, src-all and cvs-crypto should be treated as if they
	were required.  You should check with the latest collections
	to make sure that these haven't changed.

20000624:
	Mark Murray just committed the first parts of a cleanup of
	/dev/zero, et al.  This is also cleaning up /dev/random.
	The entropy is disconnected, so DO NOT USE VERSIONS OF FREEBSD
	-CURRENT FROM THIS POINT to 2000710 for cryptographic services
	until Mark can merge in the fixes to this work in progress.
	openssh and openssl should not be used to generate keys from this
	date to the completion of the work.

	If you must operate at this reduced level of security, add '
	options RANDOMDEV' to your kernel or modload the randomdev
	module.  You may also need to copy a new MAKEDEV to /dev and
	recreate the random and urandom devices.

20000622:
	The license on the softupdates is now a standard 2 clause
	BSD license.  You may need to remove your symbolic links
	that used to be required when updating.

20000621:
	Scott Flatman <sf@@aracnet.com> sent in a decent write-up on
	the config file update procedure.
		http://people.freebsd.org/~imp/config-upd.html
	NOTE: LINT is gone.  It has been replaced with NOTES.  NOTES
	isn't buildable.  However, you can generate a LINT file:
		cd /sys/<ARCH>/conf && make LINT

20000620:
	Binutils 2.10 have hit the tree, or will shortly.  As soon
	as they do, the problem noted in 20000522 will be resolved and
	that workaround will no longer be required.

20000615:
	phk removed the compatibility creation of wd devices in the
	ad driver.  If you haven't done so already, you must update
	your fstab, etc to use the ad devices instead of the wd
	devices.

	In addition, you'll need to update your boot blocks to a
	more modern version, if you haven't already done so.  Modern
	here means 4.0 release or newer (although older releases
	may work).

20000612:
	Peter took an axe to config(8).  Be sure that you read his mail
	on the topic before even thinking about updating.  You will
	need to create a /boot/device.hints or add a hints directive
	to your config file to compile them in statically.  The format
	of the config file has changed as well.  Please see GENERIC or
	NEWCARD for examples of the new format.

	Indirectly, this also breaks USERCONFIG.  Unless a newer entry
	says that it has been fixed, assume that must use the hints mechanism
	in the loader if you need to use a machine with very old ISA cards
	in it.

20000522:
	A new set of binutils went into the tree today.  Anybody
	building a kernel after this point is advised that they need
	to rebuild their binutils (or better yet do a
	buildworld/installworld) before building a new kernel.

	Due to bugs in binutils, using malloc options (eg /etc/malloc.conf
	or MALLOC_OPTIONS env var) J will cause ld to dump core.  It
	is recommended that you don't set this option until the problem
	is resolved.

20000513:
	The ethernet drivers were all updated to clean up the BPF handling.

20000510:
	The problems with boot blocks on the alphas have been corrected.
	This will require some care in updating alphas.  A new libstand
	is requires for the boot blocks to build properly.

20000503:
	Recompile all kld modules.  Proper version dependency info
	is now available.

20000502:
	Modules have been disconnected from the buildworld tree and
	connected to the kernel building instead.

20000427:
	You may need to build gperf
		cd /usr/src/gnu/usr.bin/gperf && make depend all install
	when upgrading from 4.0 -> current.  The build system now uses
	an option only in -current.

20000417:
	The method that we brand ELF binaries has changed to be more
	acceptable to the binutils maintainers.  You will need to
	rebrand your ELF binaries that aren't native.  One problem
	binary is the Linux ldconfig.  After your make world, but
	before you reboot, you'll need to issue:
		brandelf -t Linux /compat/linux/sbin/ldconfig
	if you have Linux compatibility enabled on your machine.

20000320:
	If you have really bad/marginal IDE drives, you may find they
	don't work well.  Use pio mode instead.  The easiest way to
	cope if you have a problem combination is to add:
		/sbin/sysctl hw.ata.ata_dma=0
	to the start of /etc/rc.conf.

20000319:
	The ISA and PCI compatibility shims have been connected to the
	options COMPAT_OLDISA and COMPAT_OLDPCI.  If you are using old
	style PCI or ISA drivers (i.e. tx, voxware, etc.) you must
	include the appropriate option in your kernel config.  Drivers
	using the shims should be updated or they won't ship with
	5.0-RELEASE, targeted for 2001.

20000318:
	We've entered the traditional post release dumping party.
	Large kernel changes are being committed and are in the
	works.  It is important to keep the systems' klds and kernel
	in sync as kernel interfaces and structures are changing.
	Before reporting kernel panics, make sure that all modules
	that you are loading are up to date.

20000315:
	If you are upgrading from an older version of FreeBSD, you
	need to update your boot blocks as well.  'disklabel -B ad0'
	will do the trick.  This isn't critical until you remove your
	wd device entries in /dev, at which point your system will not
	boot.

20000315:
	4.0 RELEASE shipped.  Please see the 4.0 UPDATING file for how
	to upgrade to 4.0 from 3.x.
@


1.385
log
@Warn about the NOFOO -> NO_FOO conversion, and remind users to
read the COMMON ITEMS section of this file for proper upgrade
instructions.
@
text
@d26 9
@


1.384
log
@Note requirement to manually load/configure ancillary wlan modules.

Requested by:	silby
@
text
@d26 7
@


1.383
log
@Mention the necessity for ``enable echo'' in ppp(8).
@
text
@d26 9
@


1.382
log
@Slightly embelish the 20040710 entry about the requirement for
'hint.sio.0.flags="0x10"' on Alpha.

Also move the sio name changes to chronological change order.
@
text
@d26 7
@


1.381
log
@note ath+wlan changes
@
text
@a59 8
20041018:
	A major sweep over the tty drivers to elimnate approx 3100
	lines of copy&pasted code have been performed.  As a part of
	this change some tty devices have changed names:
	sio devices are now named:	{tty,cua}d%d[.init,.lock]
	ucom devices are now named:	{tty,cua}U%d[.init,.lock]
	For other drivers see the commit logs.

d74 8
d281 5
a285 3
	hints are now required for the sio(4) driver to become a console
	or debug port. The NO_SIO option has been decommissioned because
	of this.
@


1.380
log
@Remove some (no longer vaild) notes about PFIL_HOOKS.
@
text
@d26 12
@


1.379
log
@Add a note about 80386 support being removed from HEAD.
@
text
@d198 1
a198 1
	IPFW has been converted to use PFIL_HOOKS.  This change is
d201 1
a201 3
	changed, only how ipfw is invoked is different.  Note that
	"option PFIL_HOOKS" is required to use IPFIREWALL compiled
	into the kernel or as KLD.
d424 1
a424 2
	Also note that pf requires "options PFIL_HOOKS" in the kernel. The
	pf system consists of the following three devices:
a579 7
20030925:
	Configuring a system to use IPFILTER now requires that PFIL_HOOKS
	also be explicitly configured.  Previously this dependency was
	magically handled through some cruft in net/pfil.h; but that has
	been removed.  Building a kernel with IPFILTER but not PFIL_HOOKS
	will fail with obtuse errors in ip_fil.c.

@


1.378
log
@Add note about changed root mount semantics for (preloaded) memory disks
@
text
@d26 4
@


1.377
log
@Remove RFC1644 T/TCP support from the TCP side of the network stack.

A complete rationale and discussion is given in this message
and the resulting discussion:

 http://docs.freebsd.org/cgi/mid.cgi?4177C8AD.6060706

Note that this commit removes only the functional part of T/TCP
from the tcp_* related functions in the kernel.  Other features
introduced with RFC1644 are left intact (socket layer changes,
sendmsg(2) on connection oriented protocols)  and are meant to
be reused by a simpler and less intrusive reimplemention of the
previous T/TCP functionality.

Discussed on:	-arch
@
text
@d26 8
@


1.376
log
@Shave 40 unused bytes from struct tcpcb.
@
text
@d26 5
@


1.375
log
@Add an entry about some tty devices being renamed.
@
text
@d26 5
@


1.374
log
@Remove the suggestion to use libmap.conf to deal with the version bump.
People have a tendency to add things to libmap.conf and forget about them
(as we've seen in the mailing lists before).
The compat4x port should be used instead.
@
text
@d26 8
@


1.373
log
@Add additional information on how to cope with the change.
@
text
@a54 10
	As a temporary measure, if you do not have any 4.X executables,
	you can add the following lines to /etc/libmap.conf to force
	5.X executables to use the new libraries:

		libhistory.so.4		libhistory.so.5
		libm.so.2		libm.so.3
		libopie.so.2		libopie.so.3
		libpcap.so.2		libpcap.so.3
		libreadline.so.4	libreadline.so.5

@


1.372
log
@Forced commit:

Remove references to the FreeBSD keyword.
Make a note in UPDATING about the recent change regarding
the keyword.

MFC after: 3 days
@
text
@d30 4
@


1.371
log
@F
@
text
@@


1.370
log
@Note libthr ABI breakage.
@
text
@d27 5
@


1.369
log
@Make it more clear that if named is enabled, it will be chrooted by default.
Change to syslogd restart as suggested by des.
@
text
@d26 5
@


1.368
log
@Document how to set up libmap.conf to deal with the library version bump.
@
text
@d57 1
a57 1
	If enabled, the default is now to run named in a chroot
a62 1
	/etc/rc.d/syslogd stop
d73 1
a73 1
	/etc/rc.d/syslogd start
@


1.367
log
@Bump the library version numbers for the following libraries:

	/lib/{libm,libreadline}
	/usr/lib/{libhistory,libopie,libpcap}

in preparation for doing the same thing to RELENG_5.  HUGE amounts of
help for determining what to bump provided by kris.

Discussed on:	freebsd-current
Approved by:	re (not required for commit but something like this should be)
@
text
@d41 10
@


1.366
log
@Add an additional struct inpcb * argument to pfil(9) in order to enable
passing along socket information. This is required to work around a LOR with
the socket code which results in an easy reproducible hard lockup with
debug.mpsafenet=1. This commit does *not* fix the LOR, but enables us to do
so later. The missing piece is to turn the filter locking into a leaf lock
and will follow in a seperate (later) commit.

This will hopefully be MT5'ed in order to fix the problem for RELENG_5 in
forseeable future.

Suggested by:		rwatson
A lot of work by:	csjp (he'd be even more helpful w/o mentor-reviews ;)
Reviewed by:		rwatson, csjp
Tested by:		-pf, -ipfw, LINT, csjp and myself
MFC after:		3 days

LOR IDs:		14 - 17 (not fixed yet)
@
text
@d26 15
@


1.365
log
@Amend the named chroot update instructions by adding a stop and start
of syslogd. The rc.d/syslogd script has the logic already to create
a socket in the chroot dir, it just needs to be restarted.

Reminded by:	matusita
@
text
@d26 5
@


1.364
log
@Create a named chroot directory structure in /var/named, and use it
by default when named is enabled. Also, improve our default directory
layout by creating /var/named/etc/namedb/{master|slave} directories,
and use the former for the generated localhost* files.

Rather than using pax to copy device entries, mount devfs in the
chroot directory.

There may be some corner cases where things need to be adjusted,
but overall this structure has been well tested on a production
network, and should serve the needs of the vast majority of users.

UPDATING has instructions on how to do the conversion for those
with existing configurations.
@
text
@d33 1
d44 1
@


1.363
log
@Update the BIND 9 entry with information about files that
have moved, or should be removed.
@
text
@d26 27
@


1.362
log
@Add an entry to tell the world about BIND 9.
@
text
@d39 9
@


1.361
log
@Backout the last entry.  It went to the wrong branch.
@
text
@d26 13
@


1.360
log
@MFC: Make PFIL_HOOKS a permanent part of the kernel and remove the associated
kernel compile option.

Approved by:	re (scottl)
@
text
@a25 5
20040922:
	PFIL_HOOKS are a fixed part of the network stack now and do not
	need to be specified in the kernel configuration file anymore.
	Remove 'options PFIL_HOOKS' from your kernel config file.

@


1.359
log
@Bring back etc/rc.d/ntpdate as requested by scads of people.  This isn't a
complete backout as the ntpd_sync_on_start etc/rc.conf tunable is still
present, though the default is now NO (was YES).  Since we're no longer
syncing time at startup by default when ntpd is enabled (as was the case
24hrs ago), remove UPDATING entry pointing out that ntpd(1) -g is slower
than ntpdate(1).

Hopefully ntpd_sync_on_start="YES" can be made the default for -CURRENT
after 5.3 is cut.  At the very least, this should be set to YES when a
user requests to have ntpd enabled via sysinstall(1).

Requested by:	many
@
text
@d26 5
@


1.358
log
@Stop using ntpdate(1) in our startup proceedure.  Replace ntpdate(1) with
calls to ntpd -g.  ntpd is noticably slower than ntpdate, but is also more
accurate.  This removes the nasty hackery in rc.d/ntpdate that would parse
out ntp servers from /etc/ntp.conf (ntpd knows how to read its own config
file).  By default, ntpd *will* sync with its listed time servers.  To
turn this off so that ntpd does not sync, ntpd_sync_on_start="NO" can be
added to /etc/rc.conf.  If ntpd is not enabled (the default), then time is
not synced on startup.  ntpdate's use has been depreciated by the ntpd
authors for quite some time so this change shouldn't be unexpected.

Suggested by:	des
Approved by:	roberto (resident ntp guru)
@
text
@a26 10
	/etc/rc.d/ntpdate has been removed in favor of using the -g
	flag to ntpd(1).  By default, if ntpd is enabled,  it will sync
	with the time servers listed in /etc/ntp.conf regardless of the
	time difference (slew).  To prevent this, add
	ntpd_sync_on_start="NO" to /etc/rc.conf.

	NOTE: Doing a sync (ntpd -g) is noticably slower than ntpdate(1),
	but is also more accurate (hence ntpdate(1) being depreciated).

20040914:
@


1.357
log
@Put in a note about the changed pflogd format (for 64 bit archs).
@
text
@d27 10
@


1.356
log
@document the recent change to debug.witness.*
fix spelling of debug.witness.kdb

MFC after:	5 days
@
text
@d26 6
@


1.355
log
@Expand the 4.x -> current updating section.  Update to show how to use
make kernel.  Update the compatibility slice section.  Note about
updating devices in the kernel config file.  MAKEOBJDIRPREFIX changes
and mention the port alternative to COMPAT4X=yes.  Fix copyright.

This should be MFC'd.
@
text
@d26 5
@


1.354
log
@Back out ifi_epoch.  The ABI breakage is too disruptive this close to
5-STABLE. ifi_epoch will shortly be reintroduced with less precistion
using the space currently allocated to ifi_unused.
@
text
@d1706 1
a1706 1
	# modules has changed.  If you are installing 5.0 onto a 4.x
a1716 1
	make buildkernel KERNCONF=YOUR_KERNEL_HERE	[8]
d1718 1
a1718 1
	make installkernel KERNCONF=YOUR_KERNEL_HERE
d1784 2
a1785 3
	compatibility slices.  These are device names of the form, on i386
	and other architectures that use MBR slicing, /dev/ad0a without the
	actual slice name.  Chances are excellent that these will break.
d1787 2
a1788 1
	2.x form of /dev/ad0s1a.
d1795 3
d1799 10
a1808 3
	cvs prune empty directories. Also, if CPUTYPE is defined in your
	/etc/make.conf, make sure to use the "?=" instead of the "=" assignment
	operator, so that buildworld can override the CPUTYPE if it needs to.
d1812 2
a1813 1
	using your existing software for a while.
d1827 1
a1827 1
Copyright 1998, 2002 M. Warner Losh.  All Rights Reserved.
@


1.353
log
@Add warnings about ifconfig incompatabilities caused by the addition of
ifi_epoch.
@
text
@d26 8
@


1.352
log
@Add a new variable, ifi_epoch, to struct if_data.  It is set to the last
time the interface counters were zeroed, currently the time if_attach()
was called.  It is indentended to be a valid value for RFC2233's
ifCounterDiscontinuityTime and to make it easier for applications to
verify that the interface they find at a given index is the one that was
there last time they looked.

An if_epoch "compatability" macro has not been created as ifi_epoch has
never been a member of struct ifnet.

Approved by:	andre, bms, wollman
@
text
@d31 9
@


1.351
log
@Add an updating entry for the recent change in network stack locking
default for debug.mpsafenet, pointing at the recent announcement and
things to try if instability is experienced.
@
text
@d26 5
@


1.350
log
@Always compile PFIL_HOOKS into the kernel and remove the associated kernel
compile option.  All FreeBSD packet filters now use the PFIL_HOOKS API and
thus it becomes a standard part of the network stack.

If no hooks are connected the entire packet filter hooks section and related
activities are jumped over.  This removes any performance impact if no hooks
are active.

Both OpenBSD and DragonFlyBSD have integrated PFIL_HOOKS permanently as well.
@
text
@d26 13
@


1.349
log
@Recommend using make kernel for current -> current upgrades.  No reason
to have multiple commands for that.
Use relative paths into the src tree consistantly in the instructions.
Fix minor nits that have crept into things.

# is preseedrandom still necessary?
@
text
@d26 4
@


1.348
log
@Add a blanket note about 5.x being the same as 6.0 and vice versa for
the time being.  Also add a note that says we are going to remove the
band-aides for 4.early -> 6.0 after 5.3-RELEASE so people get used to
the idea, even though it has been planned since before 5.0 was
released.
@
text
@d1628 1
a1628 2
	make buildkernel KERNCONF=YOUR_KERNEL_HERE
	make installkernel KERNCONF=YOUR_KERNEL_HERE
d1631 1
a1631 1
	/etc/rc.d/preseedrandom				[10]
d1652 1
a1652 1
	cp /usr/src/sys/${ARCH}/conf/GENERIC.hints \
d1655 1
a1655 1
	cd /usr/src/etc; make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
d1660 1
a1660 1
	<maybe install compatibility libraries from /usr/src/lib/compat>
d1681 1
a1681 1
	cd sys/boot ; make STRIP="" install			[6]
d1684 1
a1684 1
	/usr/src/etc/rc.d/preseedrandom				[10]
d1715 1
a1715 1
		cd /usr/src
d1767 1
a1767 1
	initialized by feeding data into it.  /usr/src/etc/rc.d/preseedrandom
@


1.347
log
@Two items:
	o we're 6.x now, so say so in the first few lines of the file.
	o note that I'll be trimming this file around 5.3 release time.
@
text
@d32 1
a32 1
	
d77 1
a77 1
	
d81 2
a82 1
	with non-default CFLAGS where optimization level is set to -O2 or higher.
d1574 6
@


1.346
log
@Hit people over the head so they realize run-time errors of the form
/libexec/ld-elf.so.1: Undefined symbol "_ZNSs20_S_empty_rep_storageE"
does mean they are hitting the GCC 3.4 ABI change issue.
@
text
@d11 4
a14 2
NOTE TO PEOPLE WHO THINK THAT FreeBSD 5.x IS SLOW:
	FreeBSD 5.x has many debugging features turned on, in
@


1.345
log
@Align netgraph message fields ready for 64-bit (and 128 bit :-) machines.
requires a recompile of netgraph users.
Also change the size of a field in the bluetooth code
that was waiting for the next change that needed recompiles so
it could piggyback its way in.

Submitted by:	jdp, maksim
MFC after:	2 days
@
text
@d72 8
a79 5
	compiler. A new unit-at-a-time optimization mode, which is default
	in this compiler release, is more aggressive in removing unused
	static symbols. This is the likely cause of 'make buildworld'
	breakages with non-default CFLAGS where optimization level is set
	to -O2 or higher.
@


1.344
log
@Fix spelling error in my last blurb.

Pointed out by:	ru
@
text
@d24 7
@


1.343
log
@Put in a note about the ipfw to pfil_hooks conversion and the requirement
of having said in the kernel to be able to use ipfw.
@
text
@d25 1
a25 1
	IPFW has been converted to use PFIL_HOOKS.  This is change is
@


1.342
log
@Add a note about RANDOM_IP_ID.
@
text
@d24 8
@


1.342.2.1
log
@MFC of v1.343 and v1.344, add note about ipfw to pfil_hooks conversion
and requirement of having that in the kernel to be able to use ipfw.

Work done by:	andre@@
Approved by:	re
@
text
@a23 8
20040817:
	IPFW has been converted to use PFIL_HOOKS.  This change is
	transparent to userland and preserves the ipfw ABI.  The ipfw
	core packet inspection and filtering functions have not been
	changed, only how ipfw is invoked is different.  Note that
	"option PFIL_HOOKS" is required to use IPFIREWALL compiled
	into the kernel or as KLD.

@


1.342.2.2
log
@MFC of field alignment change and a filed size change.
5.3 seems the last change to get this in before we freeze the ABI
for a while.
 MFC'd from:
>  1.345     +7 -0      src/UPDATING
>  1.6       +1 -6      src/sys/netgraph/bluetooth/include/ng_btsocket.h
>  1.44      +1 -1      src/sys/netgraph/netgraph.h
>  1.24      +5 -3      src/sys/netgraph/ng_message.h

Submitted by:	jdp, emax
Approved by:	re (scottl)
@
text
@a23 7
20040826:
	Netgraph changed its message format slightly to align the data
	portion well on 64 bit machines.
	Netgraph using utilities (e.g. ngctl, nghook, ppp, mpd,
	pppoed, bluetooth, ATM) should be recompiled when a new kernel
	is installed.
	
@


1.342.2.3
log
@Merge UPDATING:1.351 to RELENG_5:

  date: 2004/08/28 17:08:30;  author: rwatson;  state: Exp;  lines: +13 -0
  Add an updating entry for the recent change in network stack locking
  default for debug.mpsafenet, pointing at the recent announcement and
  things to try if instability is experienced.

Approved by:	re (scottl)
@
text
@a23 13
20040902:
	The default configuration for the network stack has been changed
	such that it now runs without the Giant lock unless configured
	otherwise.  If you experience network-related instability, you
	may wish to try setting "debug.mpsafenet=0" or compiling the
	kernel with "options NET_WITH_GIANT".  Details on the netperf
	project may be found at:

	    http://www.watson.org/~robert/freebsd/netperf/

	Including the 20040828 announcement of configuration change
	details.

@


1.342.2.4
log
@Remove the big scary paragraph about 5.x being slow due to enabled debugging
code.  Replace it with a friendly paragraph about how the debugging code
was disabled recently.

Submitted by: Xin Li (who really is in dire need of a commit bit!)
Approved by: re
@
text
@d11 12
a22 3
20040907:
	The kernel and userland debugging options have been turned off
	by default.
@


1.342.2.5
log
@The pflog format change has been MFC'ed so the note about the format change
(for 64 bit archs) belongs here as well.

Requested by:	scottl
Approved by:	re (scottl)
@
text
@a10 6
20040914:
	The format of the pflogd(8) logfile "/var/log/pflog" has changed for
	architectures that have a 64 bit long type to make it compatible to
	the standard pcap format. In order to prevent corruption move away
	any old logfile before using a new pflogd(8).

@


1.342.2.6
log
@MFC: subr_witness.c v1.179
>   make witness it's own sysctl branch instead of using _ to do this.  I have
>   left the old tunables in to give people a few days to transition their
>   loader.conf and sysctl.conf's over to the new names..

MFC: witness.4 1.6, UPDATING 1.356
>   document the recent change to debug.witness.*
>   fix spelling of debug.witness.kdb

Approved by:	re (kensmith)
@
text
@a16 5
20040913:
	debug.witness_* has been renamed to debug.witness.*.  There are
	compatibility tunables left in for a few days.  Update loader.conf
	as necessary.

@


1.342.2.7
log
@MFC: Make PFIL_HOOKS a permanent part of the kernel and remove the associated
kernel compile option.

Approved by:	re (scottl)
@
text
@a10 5
20040922:
	PFIL_HOOKS are a fixed part of the network stack now and do not
	need to be specified in the kernel configuration file anymore.
	Remove 'options PFIL_HOOKS' from your kernel config file.

@


1.342.2.8
log
@RELENG_5 != current, so call this "... for FreeBSD stable users" instead
of "... for FreeBSD current users".

Pointed out by:	Thierry Herbelot via freebsd-current
Approved by:	re (scottl)
@
text
@d1 1
a1 1
Updating Information for FreeBSD stable users
@


1.342.2.9
log
@MFC the BIND 9 import and chroot-by-default work up to date.

This includes:
1. More granular NO_BIND_* make knobs.
2. WITH_BIND_LIBS make knob.
3. Run in an automatically configured chroot dir by default.
4. Edit paths in man pages, and install man pages for liblwres.
5. Improve named.conf and make it work with the new structure.
6. Install the bind9 docs.
7. A few Makefile style fixes.

Approved by:	re (scottl)
@
text
@a10 50
20040928:
	If enabled, the default is now to run named in a chroot
	"sandbox." For users with existing configurations in
	/etc/namedb the migration should be simple. Upgrade your
	world as usual, then after installworld but before
	mergemaster do the following:

	If named is running: /etc/rc.d/named stop
	cd /etc
	mv namedb namedb.bak
	mkdir -p /var/named/etc/namedb
	cp -Rp namedb.bak/* /var/named/etc/namedb/
	mergemaster (with your usual options)
	If using the generated localhost* files:
		cd /var/named/etc/namedb
		/bin/sh make-localhost
		rm -f localhost-v6.rev localhost.rev
	/etc/rc.d/syslogd restart
	/etc/rc.d/named start

	If you are using a custom configuration, or if you have
	customised the named_* variables in /etc/rc.conf[.local]
	then you may have to adjust the instructions accordingly.
	It is suggested that you carefully examine the new named
	variables in /etc/defaults/rc.conf and the options in
	/var/named/etc/namedb/named.conf to see if they might
	now be more suitable.

20040925:
	BIND 9 has been imported into the base, and is now fully
	functional. BIND 8 has now been removed. There are numerous
	differences between BIND 8 and 9, and users with critical
	named installations should read the migration documentation
	in /usr/share/doc/bind9/misc/migration. There is also a
	new instruction manual in /usr/share/doc/bind9/arm.

	The key differences that most users will experience are in
	how picky BIND 9 is about zone file format. If you are using
	named as a resolving (caching) name server, you will likely
	not have trouble.

	The following files are part of the old BIND 8 installation
	and should be removed:
	/usr/bin/dnskeygen /usr/bin/dnsquery /usr/libexec/named-xfer
	/usr/sbin/named.restart /usr/sbin/ndc

	The following files have moved to /usr/bin, and should be
	removed from their old locations:
	/usr/sbin/nslookup /usr/sbin/nsupdate

@


1.342.2.10
log
@MFC: Bump of library version numbers for:

	/lib/{libm,libreadline}
	/usr/lib/{libhistory,libopie,libpcap}

Versions of effected files being MFC-ed from commit done to HEAD:

	Revision  Changes    Path
	1.367     +15 -0     src/UPDATING
	1.10      +1 -1      src/gnu/lib/libreadline/Makefile.inc
	1.19      +1 -1      src/lib/libopie/Makefile
	1.34      +1 -1      src/lib/libpcap/Makefile
	1.52      +1 -0      src/lib/msun/Makefile

Approved by:	re (scottl)
@
text
@a10 15
20041001:
	The following libraries had their version number bumped up:
		/lib/libm.so.2 -> libm.so.3
		/lib/libreadline.so.4 -> libreadline.so.5
		/usr/lib/libhistory.so.4 -> libhistory.so.5
		/usr/lib/libopie.so.2 -> libopie.so.3
		/usr/lib/libpcap.so.2 -> libpcap.so.3
	FreeBSD 4.10 versions of these libraries will be added to the
	compat4x collection.  If you expect to be able to run old 4.X
	executables you will need to remove the old versions of these
	libraries.  However note that any 5.X executables you have built
	will stop working once you remove those old libraries.  You should
	have all your ports/packages rebuilt before removing the old
	libraries.

@


1.342.2.11
log
@MFC pfil API change:
  Add an additional struct inpcb * argument to pfil(9) in order to enable
  passing along socket information. This is required to work around a LOR
  with the socket code which results in an easy reproducible hard lockup
  with debug.mpsafenet=1. This commit does *not* fix the LOR, but enables us
  to do so later. The missing piece is to turn the filter locking into a
  leaf lock and will follow in a seperate (later) commit.

  Suggested by:           rwatson
  A lot of work by:       csjp
  LOR IDs:                14 - 17 (not fixed yet)

Approved by:	re (scottl)
@
text
@a10 5
20041003:
	The pfil API has gained an additional argument to pass an inpcb.
	You should rebuild all pfil consuming modules: ipfw, ipfilter
	and pf.

@


1.342.2.12
log
@MFC:
RCS file: /home/ncvs/src/UPDATING,v
----------------------------
revision 1.370
date: 2004/10/07 05:45:39;  author: mtm;  state: Exp;  lines: +5 -0
Note libthr ABI breakage.
=============================================================================

Approved by: re/assumed because of libthr abi change already approved
@
text
@a15 5
20041007:
	One of the syscalls the 1:1 threading library libthr uses has
	changed, thus breaking ABI compatibility. Make sure you rebuild
	this library with the kernel.

@


1.342.2.13
log
@RCS file: /home/ncvs/src/UPDATING,v
----------------------------
revision 1.372
date: 2004/10/07 14:51:23;  author: mtm;  state: Exp;  lines: +0 -0
Make a note in UPDATING about the recent change regarding
the FreeBSD keyword.
=============================================================================

o Add additional information on how to cope with this change.
o Fix the date for the previous libthr change to correctly reflect
  the date it was MFCed on.

Approved by: re/assumed because of approval for the actual src change
@
text
@d11 4
a14 8
20041010:
	The FreeBSD keyword is no longer a requirement for a valid
	rc.d script. The rc(8) and rc.shutdown(8) scripts no longer check
	for the existence of this keyword when ordering rc.d scripts.
	This change touches most of the file in /etc/rc.d; therefore,
	if you have not modified any files in that directory it may
	be easier to rm -rf /etc/rc.d and then use the -i switch with
	mergemaster(8).
d16 1
a16 1
20041009:
a19 5

20041003:
	The pfil API has gained an additional argument to pass an inpcb.
	You should rebuild all pfil consuming modules: ipfw, ipfilter
	and pf.
@


1.342.2.13.2.1
log
@Note 5.3-RELEASE in UPDATING.

Approved by: re
@
text
@a10 3
20041024:
	FreeBSD 5.3-RELEASE

@


1.342.2.13.2.2
log
@New date for 5.3-RELEASE

Approved by: re
@
text
@d11 1
a11 1
200411104:
@


1.342.2.13.2.3
log
@Oops, correct date for 5.3

Approved by: re
@
text
@d11 1
a11 1
20041104:
@


1.342.2.13.2.4
log
@FreeBSD-SA-04:16.fetch:
MFC revision 1.75 of src/usr.bin/fetch/fetch.c
Bump newvers.sh and document in UPDATING.

Approved by:	so
@
text
@a10 4
20041118:	p1	FreeBSD-SA-04:16.fetch
	Correct a buffer overflow in fetch(1) which could allow a
	mallicious server to execute arbitrary code on the client.

@


1.342.2.13.2.5
log
@FreeBSD-SA-04:17.procfs:
MFC revision 1.54 of src/sys/fs/procfs/procfs_status.c
MFC revision 1.86 of src/sys/compat/linprocfs/linprocfs.c

Approved by:	so (nectar)
@
text
@a10 5
20041201:	p2	FreeBSD-SA-04:17.procfs
	Fix a tainted pointer dereference in procfs(5) and linprocfs(5)
	which could allow a local attacker to panic a system and/or read
	from kernel memory.

@


1.342.2.13.2.6
log
@MFC of src/sys/nfsserver/nfs_serv.c rev 1.147.2.3:
  Merge nfs_serv.c:1.151 from HEAD to RELENG_5:

    date: 2004/11/11 21:30:52;  author: rwatson;  state: Exp;  lines: +52 -38
    Correct a bug in nfsrv_create() where a call to nfsrv_access() might
    be made holding the NFS server mutex.  To clean this up, introduce a
    version of the function, nfsrv_access_withgiant(), that expects the
    NFS server mutex to already have been dropped and Giant acquired.
    Wrap nfsrv_access() around this.  This permits callers to more
    efficiently check access if they're in a code block performing VFS
    operations, and can be substitited for the nfsrv_access() call that
    triggered this bug.

    PR:             73807, 73208

Approved by:	so (nectar)
Work done by:	rwatson
Errata Notice:	FreeBSD-EN-05:01.nfs
@
text
@a10 5
20050103:	p3	FreeBSD-EN-05:01.nfs
	Correct a bug in nfsrv_create() where a call to nfsrv_access()
	might be made while holding the NFS server mutex, which resulted
	in kernel panics under certain load patterns.

@


1.342.2.13.2.7
log
@Merge from RELENG_5 if_sk.c 1.83.2.3 1.83.2.4, if_skreg.h 1.20.2.3:
Correct bugs in the sk(4) network driver that could result in
data corruption and system crashes on SMP systems.

Approved by:	so, re
@
text
@a10 4
20050106:	p4	FreeBSD-EN-05:02.sk
	Correct bugs in the sk(4) network driver that could result in
	data corruption and system crashes on SMP systems.

@


1.342.2.13.2.8
log
@MFR5 for FreeBSD-EN-05:03.ipi

From commit to RELENG_5:
  MFC IPI panic fix done by Stephan Uphoff:
          sys/i386/i386/apic_vector.s     1.101 -> 1.102
          sys/i386/i386/mp_machdep.c      1.241 -> 1.243
          sys/i386/include/apicvar.h      1.8 -> 1.9
          sys/i386/include/smp.h          1.78 -> 1.79

  To quote the original commit message:
          Avoid more than two pending IPI interrupt vectors per local APIC
          as this may cause deadlocks.

          This should fix kern/72123.

          Discussed with: jhb
          Tested by: Nik Azim Azam, Andy Farkas, Flack Man, Aykut KARA
                     Izzet BESKARDES, Jens Binnewies, Karl Keusgen

  Discussed with: ups
  Reviewed by:    jhb

Versions being merged from RELENG_5:

  src/sys/i386/i386/apic_vector.s	1.101.2.1
  src/sys/i386/i386/mp_machdep.c	1.235.2.4
  src/sys/i386/include/apicvar.h	1.8.2.1
  src/sys/i386/include/smp.h		1.78.2.1

Approved by:	so (nectar)
@
text
@a10 4
20050114:	p5	FreeBSD-EN-05:03.ipi
	Avoid more than two pending IPI interrupt vectors per local
	APIC as this may cause deadlocks.

@


1.342.2.13.2.9
log
@MFC src/contrib/telnet/telnet.c 1.16: Correct buffer overflows in
telnet(1).
Security: CAN-2005-0468, CAN-2005-0469
Approved by:	security-officer
@
text
@a10 3
20050328:	p6	FreeBSD-SA-05:01.telnet
	Correct buffer overflows in telnet(1).

@


1.342.2.13.2.10
log
@MFC revision 1.103.

Security:	FreeBSD-SA-05:02.sendfile
Approved by:	so (nectar)
@
text
@a10 3
20050404:	p7	FreeBSD-SA-05:02.sendfile
	Correct kernel memory disclosure bug in sendfile(2).

@


1.342.2.13.2.11
log
@Fully initialize the required TSS fields so that the io permission
bitmap is set correctly.

Patch from:	peter
Security:	FreeBSD-SA-05:03.amd64
Approved by:	so (cperciva)
@
text
@a10 3
20050406:	p8	FreeBSD-SA-05:03.amd64
	Correctly initialize the I/O permission bitmap on amd64.

@


1.342.2.13.2.12
log
@Zero the ifr.ifr_name buffer in ifconf() in order to avoid
accidental disclosure of kernel memory to userland.

Security:	FreeBSD-SA-05:04.ifconf
Approved by:	so (cperciva)
@
text
@a10 4
20050414:	p9	FreeBSD-SA-05:04.ifconf
	Zero a buffer in ifconf() in order to avoid accidental
	disclosure of kernel memory to userland.

@


1.342.2.13.2.13
log
@MFC:

Correct multiple security related errors: a buffer overflow, NULL
pointer dereferences, possible use of uninitialized variables, and
memory leaks.

Security:	CAN-2005-0753
Security:	FreeBSD-SA-05:05.cvs
Approved by:	so (cperciva)
@
text
@a10 3
20050422:	p10	FreeBSD-SA-05:05.cvs
	Correct several vulnerabilities in CVS.

@


1.342.2.13.2.14
log
@Correct improper permissions on /dev/iir.  The earlier permissions
of 0644 allowed for people to do Evil Things via ioctl(2).

Security: FreeBSD-SA-05:06.iir
Approved by: so (cperciva)
@
text
@a10 3
20050506:	p11	FreeBSD-SA-05:06.iir
	Correct overly liberal permissions on /dev/iir.

@


1.342.2.13.2.15
log
@Correctly validate inputs to the i386_get_ldt syscall.

Security: FreeBSD-SA-05:07.ldt
Approved by: so (cperciva)
@
text
@a10 3
20050506:	p12	FreeBSD-SA-05:07.ldt
	Correctly validate inputs to the i386_get_ldt syscall.

@


1.342.2.13.2.16
log
@If we are going to
1. Copy a NULL-terminated string into a fixed-length buffer, and
2. copyout that buffer to userland,
we really ought to
0. Zero the entire buffer
first.

Security: FreeBSD-SA-05:08.kmem
Approved by: so (cperciva)
@
text
@a10 3
20050506:	p13	FreeBSD-SA-05:08.kmem
	Correct several local kernel memory disclosure bugs.

@


1.342.2.13.2.17
log
@MFC: Fix two issues which were missed in FreeBSD-SA-05:08.kmem.

Reported by:	Uwe Doering
Approved by:	so (cperciva)
@
text
@a10 3
20050508:	p14	FreeBSD-SA-05:08.kmem
	Correct two issues which were missed from the earlier commit.

@


1.342.2.13.2.18
log
@Add a knob for disabling/enabling HTT, "machdep.hyperthreading_allowed".
Default off due to information disclosure on multi-user systems.

Submitted by:	cperciva
Reviewed by:	jhb
Approved by:	security-officer
@
text
@a10 4
20050513:	p15	FreeBSD-SA-05:09.htt
	Add a knob for disabling/enabling HTT.  Default off due to information
	disclosure on multi-user systems.

@


1.342.2.13.2.19
log
@Correct several denial-of-service vulnerabilities in tcpdump.

Security:	FreeBSD-SA-05:10.tcpdump
Security:	CAN-2005-1267, CAN-2005-1278, CAN-2005-1279, CAN-2005-1280
Obtained from:	tcpdump.org

Correct directory traversal and race condition vulnerabilities in gzip.

Security:	FreeBSD-SA-05:11.gzip
Security:	CAN-2005-0988, CAN-2005-1228
Obtained from:	Steve Grubb via RedHat, Debian

Correct BIND 9 DNSSEC remote denial of service vulnerability.

Security:	FreeBSD-SA-05:12.bind9
Security:	CAN-2005-0034
Obtained from:	ISC
Submitted by:	trhodes

Approved by:	so (nectar, cperciva)
@
text
@a10 8
20050608:	p16	FreeBSD-SA-05:10.tcpdump, FreeBSD-SA-05:11.gzip,
			FreeBSD-SA-05:12.bind9
	Correct several denial-of-service vulnerabilities in tcpdump.

	Correct directory traversal and race condition vulnerabilities in gzip.

	Correct BIND 9 DNSSEC remote denial of service vulnerability.

@


1.342.2.13.2.20
log
@Correct bzip2 denial of service and permission race vulnerabilities.

Obtained from:	Redhat, Steve Grubb via RedHat
Security:	CAN-2005-0953, CAN-2005-1260
Security:	FreeBSD-SA-05:14.bzip2
Approved by:	obrien

Correct TCP connection stall denial-of-service vulnerabilities.

MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP
packets containing a timestamp is received, inadequate checking of
sequence numbers is performed, allowing an attacker to artificially
increase the internal "recent" timestamp for a connection.

A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.

Security:	CAN-2005-0356, CAN-2005-2068
Security:	FreeBSD-SA-05:15.tcp

Approved by:	so (cperciva)
@
text
@a10 5
20050629:	p17	FreeBSD-SA-05:14.bzip2, FreeBSD-SA-05:15.tcp
	Correct bzip2 denial of service and permission race vulnerabilities.

	Correct TCP connection stall denial of service vulnerabilities.

@


1.342.2.13.2.21
log
@MFC rev. 1.6 of src/lib/libz/inftrees.c:
  Correct a buffer overflow which occurred in the handling of some
  particularly corrupt deflated data streams.

Security:	FreeBSD-SA-05:16.zlib
Approved by:	so (cperciva)
@
text
@a10 3
20050706:	p18	FreeBSD-SA-05:17.zlib
	Correct buffer overflow when handling corrupt deflated data streams.

@


1.342.2.13.2.22
log
@MFC rev 1.116 of src/sys/fs/devfs/devfs_vnops.c:

  Correct devfs ruleset bypass.

Correct typo in p18 entry, zlib advisory was FreeBSD-SA-05:16.zlib.

Submitted by:	csjp
Reviewed by:	phk
Security:	FreeBSD-SA-05:17.devfs
Approved by:	so (cperciva)
@
text
@d11 1
a11 4
20050720:	p19	FreeBSD-SA-05:17.devfs
	Correct devfs ruleset bypass.

20050706:	p18	FreeBSD-SA-05:16.zlib
@


1.342.2.13.2.23
log
@Correct a buffer overflow which can occur when decompressing a
carefully crafted deflated data stream. [1]

Correct problems in the AES-XCBC-MAC IPsec authentication algorithm. [2]

Submitted by:   suz [2]
Security:       FreeBSD-SA-05:18.zlib [1], FreeBSD-SA-05:19.ipsec [2]
Approved by:	so (cperciva)
@
text
@a10 7
20050727:	p20	FreeBSD-SA-05:18.zlib, FreeBSD-SA-05:19.ipsec
	Correct buffer overflow when handling certain deflated data
	streams.

	Correct errors in the implementation of the AES-XCBC-MAC IPsec
	authentication algorithm.

@


1.342.2.13.2.24
log
@MFC: Correct insecure temporary file usage.

Security:	FreeBSD-SA-05:20.cvsbug
Approved by:	so (cperciva)
@
text
@a10 3
20050907:	p21	FreeBSD-SA-05:20.cvsbug
	Correct insecure temporary file usage.

@


1.342.2.13.2.25
log
@Fix an additional temporary file usage bogon which was apparently fixed
but not MFCed to RELENG_5_3 earlier.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-05:20.cvsbug
@
text
@a10 3
20050909:	p22	FreeBSD-SA-05:20.cvsbug [revised]
	Correct additional temporary file usage issues.

@


1.342.2.13.2.26
log
@Correct a man-in-the-middle SSL version rollback vulnerability.

Security:       FreeBSD-SA-05:21.openssl
Approved by:    so@@ (cperciva)
@
text
@a10 3
20051011:	p23	FreeBSD-SA-05:21.openssl
	Correct a man-in-the-middle SSL version rollback vulnerability.

@


1.342.2.13.2.27
log
@Correct insecure temporary file usage in texindex. [06:01]
Correct insecure temporary file usage in ee. [06:02]
Correct a race condition when setting file permissions, sanitize file
names by default, and fix a buffer overflow when handling files
larger than 4GB in cpio. [06:03]

Security:	FreeBSD-SA-06:01.texindex
Security:	FreeBSD-SA-06:02.ee
Security:	FreeBSD-SA-06:03.cpio
Approved by:	so (cperciva)
@
text
@a10 10
20060111:	p24	FreeBSD-SA-06:01.texindex, FreeBSD-SA-06:02.ee,
			FreeBSD-SA-06:03.cpio
	Correct insecure temporary file usage in texindex. [06:01]

	Correct insecure temporary file usage in ee. [06:02]

	Correct a race condition when setting file permissions,
	sanitize file names by default, and fix a buffer overflow
	when handling files larger than 4GB in cpio. [06:03]

@


1.342.2.13.2.28
log
@MFC rev. 1.16 of sys/contrib/pf/net/pf_norm.c: Correct an error in pf
handling of IP packet fragments which could result in a kernel panic.

Security:	FreeBSD-SA-06:07.pf
Approved by:	so (cperciva)
@
text
@a10 4
20060125:	p25	FreeBSD-SA-06:07.pf
	Correct an error in pf handling of IP packet fragments which
	could result in a kernel panic. [06:07]

@


1.342.2.13.2.29
log
@MFRELENG_5 sys/netinet/tcp_sack.c rev. 1.3.2.10:
  Avoid an infinite loop in sack scoreboard processing when the per-hole
  limits or global scoreboard limits are reached, or when memory
  exhaustion occurs. This can occur when an existing hole fails to be
  split due to limits or memory exhaustion.

Security:	FreeBSD-SA-06:08.sack
Approved by:	so (cperciva)
@
text
@a10 4
20060201:	p26	FreeBSD-SA-06:08.sack
	Avoid an infinite loop in sack scoreboard processing which can
	result from memory exhaustion.

@


1.342.2.13.2.30
log
@Correct a remote DoS in OpenSSH when using PAM and privilege
separation. [06:09]

Submitted by:	des

Correct a remote kernel panic when processing zero-length RPC records
via TCP. [06:10]

Security:	FreeBSD-SA-06:09.openssh
Security:	FreeBSD-SA-06:10.nfs
Approved by:	so (cperciva)
@
text
@a10 7
20060301:	p27	FreeBSD-SA-06:09.openssh, FreeBSD-SA-06:10.nfs
	Correct a remote DoS in OpenSSH when using PAM and privilege
	separation. [06:09]

	Correct a remote kernel panic when processing zero-length RPC
	records via TCP. [06:10]

@


1.342.2.13.2.31
log
@Add missing code needed for the detection of IPSec packet replays. [1]

Correctly identify the user running opiepasswd(1) when the login name
differs from the account name. [2]

Modify timeout handling logic in sendmail(8) to correct a reported
signal handling race condition. [3]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:11.ipsec [1]
Security:	FreeBSD-SA-06:12.opie [2]
Security:	FreeBSD-SA-06:13.sendmail [3]
@
text
@a10 11
20060322:	p28	FreeBSD-SA-06:11.ipsec, FreeBSD-SA-06:12.opie,
			FreeBSD-SA-06:13.sendmail
	Add missing code needed for the detection of IPSec packet
	replays. [06:11]

	Correctly identify the user running opiepasswd(1) when the login
	name differs from the account name. [06:12]

	Modify timeout handling logic in sendmail(8) to correct a reported
	signal handling race condition. [06:13]

@


1.342.2.13.2.32
log
@MFC: Correct a local information leakage bug affecting AMD FPUs.

Security:	FreeBSD-SA-06:14.fpu
Approved by:	so (cperciva)
@
text
@a10 3
20060419:	p29	FreeBSD-SA-06:14.fpu
	Correct a local information leakage bug affecting AMD FPUs.

@


1.342.2.13.2.33
log
@Enable inadvertantly disabled "securenet" access controls in ypserv. [1]

Correct a bug in the handling of backslash characters in smbfs which can
allow an attacker to escape from a chroot(2). [2]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:15.ypserv [1]
Security:	FreeBSD-SA-06:16.smbfs [2]
@
text
@a10 7
20060531:	p30	FreeBSD-SA-06:15.ypserv, FreeBSD-SA-06:16.smbfs
	Enable inadvertantly disabled "securenet" access controls in
	ypserv. [06:15]

	Correct a bug in the handling of backslash characters in smbfs
	which can allow an attacker to escape from a chroot(2). [06:16]

@


1.342.2.13.2.34
log
@Correct a bug in the handling of multipart messages by sendmail(8)
which can allow a malformed message to crash a sendmail queue
processing process.

Security:	FreeBSD-SA-06:17.sendmail
Approved by:	so (cperciva)
@
text
@a10 5
20060614:	p31	FreeBSD-SA-06:17.sendmail
	Correct a bug in the handling of multipart messages by sendmail(8)
	which can allow a malformed message to crash a sendmail queue
	processing process.

@


1.342.2.13.2.35
log
@Correct buffer overflow in the handling of LCP options in ppp(4)

Security:	FreeBSD-SA-06:18.ppp
Approved by:	so (cperciva)
@
text
@a10 3
20060823:	p32	FreeBSD-SA-06:18.ppp
	Correct buffer overflow in the handling of LCP options in ppp(4).

@


1.342.2.13.2.36
log
@Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). [1]

Correct multiple denial-of-service vulnerabilities in BIND related to
SIG Query Processing and Excessive Recursive Queries. [2]

Security:	FreeBSD-SA-06:19.openssl [1]
Security:	FreeBSD-SA-06:20.bind [2]
Approved by:	so (simon)
@
text
@a10 7
20060906:	p33	FreeBSD-SA-06:19.openssl, FreeBSD-SA-06:20.bind
	Correct incorrect PKCS#1 v1.5 padding validation in
	crypto(3). [06:19]

	Correct multiple denial-of-service vulnerabilities in BIND related to
	SIG Query Processing and Excessive Recursive Queries. [06:20]

@


1.342.2.13.2.37
log
@Correct multiple vulnerabilities in gzip(1).

Security:	FreeBSD-SA-06:21.gzip
Approved by:	so (simon)
@
text
@a10 3
20060919:	p34	FreeBSD-SA-06:21.gzip
	Correct multiple vulnerabilities in gzip(1).

@


1.342.2.13.2.38
log
@Correct multiple vulnerabilities in crypto(3).
Limit the size of public keys used in order to protect applications
from a denial of service via insane key sizes.

Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a10 5
20060928:	p35	FreeBSD-SA-06:23.openssl
	Correct multiple vulnerabilities in crypto(3).
	Limit the size of public keys used in order to protect applications
	from a denial of service via insane key sizes.

@


1.342.2.13.2.39
log
@Correct problem in the 2006-09-28 patch concerning the handling of
excessively large DH moduli.

Reported by:	Steve Kiernan (Juniper SIRT)
Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a10 4
20060929:	p36	FreeBSD-SA-06:23.openssl
	Correct problem in the 2006-09-28 patch concerning the handling of
	excessively large DH moduli.

@


1.342.2.13.2.40
log
@Correct multiple vulnerabilities in OpenSSH.

Security:	FreeBSD-SA-06:22.openssh
Approved by:	so (simon)
@
text
@a10 3
20060930:	p37	FreeBSD-SA-06:22.openssh
	Correct multiple vulnerabilities in sshd(8).

@


1.342.2.14
log
@Note 5.3-RELEASE in UPDATING

Approved by: re
@
text
@a10 3
20041024:
	FreeBSD 5.3-RELEASE

@


1.342.2.15
log
@Sneak in mention of the change to GENERIC config files.

Requested by:	Gavin Atkinson
		<gavin.atkinson (at) ury (dot) york (dot) ac (dot) uk>
Approved by:	re (implicitly)
@
text
@a13 5
20041023:
	GENERIC kernel config files for amd64 and i386 no longer have
	"options SMP".  That has been moved to a new config file named
	SMP for users who want an easy way to build an SMP kernel.

@


1.342.2.16
log
@Note that several netgraph modules need to be rebuilt.
There were no such entry in HEAD, that's my fault.

Wording by:	rwatson
@
text
@a10 11
20041126:
	The numbers of arguments for ng_timeout() and ng_untimeout()
	have changed. If netgraph.ko is rebuilt or if netgraph is
	statically compiled in kernel, then the following modules
	must also be rebuilt:
		ng_hci
		ng_l2cap
		ng_source
		ng_sscop
		ng_uni

@


1.342.2.17
log
@Mention possible upgrade issues with the latest ppp(8) modifications.
@
text
@a10 9
20050203:
	ppp(8) no longer reverts to sending ECHO requests if LQR is
	enabled but fails negotiation.  To enable the old behaviour,
	add ``enable echo'' to your config.
	Additionally, when RADIUS is enabled, ppp now sends both
	NAS-IP-Address and NAS-Identifier by default.  This behaviour
	can be modified with the ``enable/disable
	NAS-IP-Address/NAS-Identifier'' command.

@


1.342.2.18
log
@Add a note that people on sparc64 and using the GENERIC kernel need
to run mergemaster or edit /etc/ttys manually now that uart(4) is
the default serial console. This is easily forgotten or overlooked.
@
text
@a10 6
20050215: [applicable to sparc64 only]
	uart(4) is the default serial console now. When using the
	GENERIC kernel, make sure to start getty(8) processes on
	ttyu0 and/or ttyu1. Either run mergemaster(8) or edit
	/etc/ttys manually.

@


1.342.2.19
log
@MFC: Note addition of cpufreq framework although only the acpi_throttle
driver has been added.
@
text
@a10 9
20050225:
	The cpufreq framework has been merged.  As part of this, the sysctls
	for acpi(4) throttling have been removed.  See cpufreq(4) for the
	new sysctl interface.  The power_profile script has also been updated,
	so you can use performance/economy_cpu_freq in rc.conf(5) to set AC
	on/offline cpu frequencies.  No new cpufreq drivers have been brought
	in with this import but drivers from -current can now be built and run
	on -stable.

@


1.342.2.20
log
@MFC the change of ifi_epoch to be uptime instead of wall clock time.
The origional commit message follows:

	Change the definition of struct if_data's member ifi_epoch from
	wall clock time to uptime because wall clock time may go
	backwards.

	This is a change in the API which will impact SNMP agents who
	are using ifi_epoch to set RFC2233's ifCounterDiscontinuityTime.
	None are known to exist today.  This will not impact applications
	that are using the <index, epoch> tuple to verify interface
	uniqueness except that it eliminates a race which could lead to
	a false assumption of uniqueness.

Discussed with: re (jhb, scottl)
Pointed out by: pkh (way back at EuroBSDCon)
Pointy hat:     brooks
@
text
@a10 8
20050228:
	The ifi_epoch member of struct if_data has been changed to
	contain the uptime at which the interface was created or the
	statistics zeroed rather then the wall clock time because
	wallclock time may go backwards.  This should have no impact
	unless an snmp implementation is using this value (I know of
	none at this point.)

@


1.342.2.21
log
@MFC 1.398: advise user to rebuild fsck(8) after new kernel build.
@
text
@a11 10
	The responsibility of recomputing the file system summary of
	a SoftUpdates-enabled dirty volume has been transferred to the
	background fsck.  A rebuild of fsck(8) utility is recommended  
	if you have updated the kernel.

	To get the old behavior (recompute file system summary at mount
	time), you can set vfs.ffs.compute_summary_at_mount=1 before
	mounting the new volume.

20050228:
@


1.342.2.22
log
@MFC: Bring back full packet destination manipulation for 'ipfw fwd'
with the kernel compile time option:

   options IPFIREWALL_FORWARD_EXTENDED

This option has to be specified in addition to IPFIRWALL_FORWARD.

PR:		kern/71910
PR:		kern/73129
@
text
@a10 13
20050302:
	The full packet destination manipulation for 'ipfw fwd' is
	back with the kernel compile time option:

	  options IPFIREWALL_FORWARD_EXTENDED

	This option has to be specified in addition to IPFIRWALL_FORWARD.
	With this option even packets targeted for an IP address local
	to the host can be redirected.  All restrictions to ensure proper
	behaviour for locally generated packets are turned off.  Firewall
	rules have to be carefully crafted to make sure that things like
	PMTU discovery do not break.

@


1.342.2.23
log
@Document that the default world build won't run on the 80386 and document how to
target the 80386.
@
text
@a41 5
20050227:
	The default "world" build no longer supports running on an
	80386 CPU.  In order to build a world for an 80386 CPU, one
	needs to set CPUTYPE=i386 in /etc/make.conf.

@


1.342.2.24
log
@s/IPFIRWALL/IPFIREWALL/.

Spotted by:	Andre Guibert de Brue
Approved by:	re (kensmith)
@
text
@d17 1
a17 1
	This option has to be specified in addition to IPFIREWALL_FORWARD.
@


1.342.2.25
log
@Renumber the footnotes on the 4.x -> 5 section.
Add information from rwatson for the problems he's encountered, along with
expanded advise for ports, packages and updating systems that once ran
2.x and/or 3.x.  Not kerberos issues, even though I have no work around.

This should bring the issues wrt 4.x->5 more up to date.  Let me know if
there are other issues.
@
text
@d1848 4
a1851 4
	<maybe fix /etc/fstab>					[1]
	make buildworld						[2]
	make buildkernel KERNCONF=YOUR_KERNEL_HERE		[3]
	cp sys/${MACHINE}/conf/GENERIC.hints /boot/device.hints [4]
d1853 5
a1857 5
	cd sys/boot ; make STRIP="" install			[5]
								[6]
	<reboot in single user>					[7]
	/usr/src/etc/rc.d/preseedrandom				[8]
	mergemaster -p						[9]
d1860 1
a1860 1
	mergemaster -i						[10]
d1875 7
a1881 20
	The following items are known to cause problems with the upgrade:
	(a) Kerberos upgrades are hard, and evidentally don't work.  More
	    on this later.
	(b) Old ports and packages can sometimes have subtle problems with
	    newer libraries.  portupgrade is recommended where possible after
	    the upgrade.
	(c) Perl based ports may also have the wrong version of perl hard
	    coded into the headers.  Spamassassin is one such port.
	(d) Startup scripts have significantly changed.  Make sure that you
	    verify that all expected daemons start.  Modifications of /etc/rc*
	    (except rc.conf) may cause problems.
	(e) Device names have changed and MAKEDEV is gone.
	(f) The boot loader defaults have changed, which may cause confusion.

	[1] Before you upgrade, please make sure that you are not using
	compatibility slices.  These are device names of the form, on i386 and
	other architectures that use MBR slicing, /dev/ad0a without the actual
	slice name.  Chances are excellent that these will break.  You
	generally must update these entries to use the post FreeBSD 2.x form
	of /dev/ad0s1a.
d1883 1
a1883 32
	[2] When checking out sources, you must include the -P flag to have
	cvs prune empty directories. Also, if CPUTYPE is defined in your
	/etc/make.conf, make sure to use the "?=" instead of the "="
	assignment operator, so that buildworld can override the CPUTYPE if it
	needs to.  In case you would like to avoid installing new packages of
	everything, you might want to uncomment the "COMPAT4X= YES" entry, so
	that 4.x compatibility libraries are built which should allow you to
	continue using your existing software for a while.

	[3] In order to have a kernel that can run the 4.x or earlier binaries
	needed to do an installworld, you must include the COMPAT_FREEBSD4
	option in your kernel.  Failure to do so may leave you with a system
	that is hard to boot to recover.  If you have a.out binaries, then you
	need to add COMPAT_AOUT option too.  If you are updating a system
	that's been updated from 2.x and/or 3.x in the past, enable both of
	these to be safe.

	[4] If you have legacy ISA devices, you may need to create your own
	device.hints to reflect your unique hardware configuration.

	[5] 4.x boot loader can be used to boot a 5.x system, however it is
	difficult to do that at best.  If you wish to try, then you should
	interrupt the boot and at the ok prompt type:
		ok unload
		ok boot /boot/kernel/kernel
	If this fails to work, you must install a new boot loader as described
	here.

	[6] If you have third party modules, such as vmware, you should
	disable them at this point so they don't crash your system on reboot.

	[7] From the bootblocks, boot -s, and then do
d1889 39
a1927 5
	Also, when doing a major release upgrade, it is required that you boot
	into single user mode to do the installworld.  For the 4.x -> 5.x
	upgrade, you will also see many messages about needing to recompile
	your userland.  These are harmless and can be ignored while you
	proceed to the next step.
d1929 10
a1938 1
	[8] In order to create temporary files, /dev/random must be
a1940 15

	[9] Usually this step is a noop.  However, from time to time you may
	need to do this if you get unknown user in the following step.  It
	never hurts to do it all the time.  You may need to install a new
	mergemaster (cd src/usr.sbin/mergemaster && make install) after the
	buildworld before this step if you last updated from current before
	20020224 or from -stable before 20020408.

	[10] Note: This step is non-optional.  Failure to do this step can
	result in a significant reduction in the functionality of the system.
	Attempting to do it by hand is not recommended and those that pursue
	this avenue should read this file carefully, as well as the archives
	of freebsd-current and freebsd-hackers mailing lists for potential
	gotchas.

@


1.342.2.26
log
@More information about port upgrading from kris@@.  Cross reference
/usr/ports/UPDATING at his suggestion.
@
text
@d9 1
a9 1
portupgrade.
d1875 1
a1875 3
	If you have any ports or packages installed on the system, please
	see /usr/ports/UPDATING.  The following items are known to cause
	problems with the upgrade:
d1879 2
a1880 4
	    newer libraries.  portupgrade -f is recommended where possible
	    after the upgrade.  portupgrade -P will be faster since it uses
	    packages.  There are many known issues with running a mix of
	    4.x built packages and 5.x built packages, and this avoids them.
@


1.342.2.27
log
@Note date of 5.4-REL here too.  I've been forgetting to do it in the
development branches.

Prodded by:	cperciva and others
@
text
@a10 3
20050509:
	FreeBSD 5.4-RELEASE

@


1.342.2.28
log
@Minor simplification
@
text
@d1856 1
a1856 1
	cd sys/boot ; make STRIP= install			[5]
@


1.342.2.29
log
@Update details for updating to 5.x from 4.x:
o Note non-standard /usr/src and /usr/obj gotchas
o No need for mount -u / before mount -a
o Note pam gotchas
o Note /lib
o Note named issue
@
text
@d1862 2
a1863 2
	make installworld					[11]
	mergemaster -i						[12]
d1868 9
a1876 4
	cycle of stable, things change fairly rarely.  However, many
	changes from 4.x to 5.x are not reflected in this breif section.
	The defaults can also change, so please read ALL of the UPDATING
	entries.
a1894 12
	(g) If the build dies for some reason and you reboot, you'll be booting
	    with new libraries, but old paths.  You will need to tell ldconfig
	    about them with
		ldconfig /lib /usr/lib /usr/local/lib
	(h) If the system appears to hang, try toggling the scroll lock.  Many
	    kvm switches use Scroll Lock to switch screens and on such systems
	    a hang can often just be scroll lock active.
	(i) named now runs in a chroot unless you disable this.  See
	    named_chrootdir in /etc/defaults/rc.conf for details on restoring
	    4.x behavior.
	(j) Ports that use PAM on 4.x should be recompiled.  This is especially
	    true for sudo.  know thy root password before the upgrade!
d1923 1
a1923 8
	[5] Since make installkernel also does a make heirarchy, PAM will
	stop working because /etc/pam.d's existance overrides /etc/pam.conf.
	If you want to login to your system after the install kernel, or if
	you have accidentally rebooted a remote system into multi-user, the
	existance of /etc/pam.d will cause remote logins to fail.  It is
	safe to remove it at this step as it will be recreated later.

	[6] 4.x boot loader can be used to boot a 5.x system, however it is
d1931 1
a1931 1
	[7] If you have third party modules, such as vmware, you should
d1934 1
a1934 1
	[8] From the bootblocks, boot -s, and then do
d1936 2
a1937 1
		mount -a -t ufs
d1946 1
a1946 1
	[9] In order to create temporary files, /dev/random must be
d1950 1
a1950 1
	[10] Usually this step is a noop.  However, from time to time you may
d1955 1
a1955 5
	20020224 or from -stable before 20020408.  If you are installing not
	from /usr/src, don't forget the -m option.

	[11] If you are using a non-standard /usr/obj, you need to set
	an appropriate MAKEOBJDIRPREFIX before this step.
d1957 1
a1957 1
	[12] Note: This step is non-optional.  Failure to do this step can
d1962 1
a1962 4
	gotchas.  Also, if you are installing not from /usr/src, don't
	forget the -m option.  Also note: since many libraries moved into
	/lib with 5.x, failure to run mergemaster will result in many
	shared libraries that should be there not being found.
@


1.342.2.30
log
@Belatedly document the disabling of Hyper-Threading.  Security issues
are not normally documented in UPDATING on the stable branches, but
since this is a user-visible change, it needs to be here.

This is not an MFC since Hyper-Threading is enabled by default in HEAD.

Pointed out by:	Erik Trulsson, via freebsd-stable
@
text
@a10 5
20050513:
	Intel Hyper-Threading is now disabled by default due to a
	security issue, but can be re-enabled by setting the
	machdep.hyperthreading_allowed tunable in /boot/loader.conf.

@


1.342.2.31
log
@Add a note to UPDATING and bump __FreeBSD_version for if_bridge MFC.

Approved by:	mlaier (mentor)
@
text
@a10 5
20051004:
	if_bridge has been merged which provides more advanced Ethernet
	bridging and 802.1d spanning tree support. See if_bridge(4) for
	configuration details.

@


1.342.2.32
log
@Document the accidental temporary change in the libarchive shared library
version number.
@
text
@a10 8
20051015:
	The shared library version number of libarchive was accidentally
	bumped up during an MFC of other changes on October 4, 2005.  It
	was reset to the correct value on October 14, 2005.  If you
	updated a system between those dates you should check to see if
	/usr/lib/libarchive.so.2 exists and remove it AFTER doing your
	next update.

@


1.342.2.33
log
@- In upgrade from 4.x paragraph prefer "5.x" instead of "-current". 5.x
  isn't CURRENT anymore.
- In upgrade from 4.x paragraph notice that it is important to
  delete /sbin/mountd, otherwise it will be started instead of
  /usr/bin/mountd.
@
text
@d1857 1
a1857 1
	To upgrade in-place from 4.x-stable to 5.x
d1860 1
a1860 1
	# modules has changed.  If you are installing 5.x onto a 4.x
a1879 1
	rm -f /sbin/mountd
@


1.342.2.34
log
@MFC rev 1.6:
	When removing the local domain, only do so when the result
	will be a host name.  This is matches the documented behaviro.
	The previous behavior would remove the domain name even if
	the result retained a dot.

	This fixes rsh connections from a.example.com to example.com.

This is also reported to fix rsh connections from host xxx to
yyy.example.com.

PR:             88301
@
text
@a10 5
20060111:
	Bug fixes to the trimdomain(3) function in libutil may result in
	slight changes to the host names appearing in log files under
	relatively rare circumstances.

@


1.342.2.35
log
@Belatedly add a note about the i386 loader defaulting to the serial
rate set by the previous boot stage, if the console is already set
to the comconsole.

Approved by:    re (scottl)
@
text
@a10 10
20060127:
	The i386 loader(8) now defaults to the serial speed set by the
	previous boot stage, if the comconsole is already in use.  If
	you've changed BOOT_COMCONSOLE_SPEED in make.conf(5) and
	installed a new loader, but have not rebuilt and reinstalled the
	boot blocks, then your loader will leave the console at 9600
	baud.  Either install the new boot blocks, or set
	comconsole_speed in loader.conf(5).  Note that the new boot
	blocks also support a -S<speed> flag described in boot(8).

@


1.342.2.35.2.1
log
@Enable inadvertantly disabled "securenet" access controls in ypserv. [1]

Correct a bug in the handling of backslash characters in smbfs which can
allow an attacker to escape from a chroot(2). [2]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:15.ypserv [1]
Security:	FreeBSD-SA-06:16.smbfs [2]
@
text
@a10 10
20060531:	p1	FreeBSD-SA-06:15.ypserv, FreeBSD-SA-06:16.smbfs
	Enable inadvertantly disabled "securenet" access controls in
	ypserv. [06:15]

	Correct a bug in the handling of backslash characters in smbfs
	which can allow an attacker to escape from a chroot(2). [06:16]

20060525:
	FreeBSD 5.5-RELEASE

@


1.342.2.35.2.2
log
@Correct a bug in the handling of multipart messages by sendmail(8)
which can allow a malformed message to crash a sendmail queue
processing process.

Security:	FreeBSD-SA-06:17.sendmail
Approved by:	so (cperciva)
@
text
@a10 5
20060614:	p2	FreeBSD-SA-06:17.sendmail
	Correct a bug in the handling of multipart messages by sendmail(8)
	which can allow a malformed message to crash a sendmail queue
	processing process.

@


1.342.2.35.2.3
log
@Correct buffer overflow in the handling of LCP options in ppp(4)

Security:	FreeBSD-SA-06:18.ppp
Approved by:	so (cperciva)
@
text
@a10 3
20060823:	p3	FreeBSD-SA-06:18.ppp
	Correct buffer overflow in the handling of LCP options in ppp(4).

@


1.342.2.35.2.4
log
@Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). [1]

Correct multiple denial-of-service vulnerabilities in BIND related to
SIG Query Processing and Excessive Recursive Queries. [2]

Security:	FreeBSD-SA-06:19.openssl [1]
Security:	FreeBSD-SA-06:20.bind [2]
Approved by:	so (simon)
@
text
@a10 7
20060906:	p4	FreeBSD-SA-06:19.openssl, FreeBSD-SA-06:20.bind
	Correct incorrect PKCS#1 v1.5 padding validation in
	crypto(3). [06:19]

	Correct multiple denial-of-service vulnerabilities in BIND related to
	SIG Query Processing and Excessive Recursive Queries. [06:20]

@


1.342.2.35.2.5
log
@Correct multiple vulnerabilities in gzip(1).

Security:	FreeBSD-SA-06:21.gzip
Approved by:	so (simon)
@
text
@a10 3
20060919:	p5	FreeBSD-SA-06:21.gzip
	Correct multiple vulnerabilities in gzip(1).

@


1.342.2.35.2.6
log
@Correct multiple vulnerabilities in crypto(3).
Limit the size of public keys used in order to protect applications
from a denial of service via insane key sizes.

Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a10 5
20060928:	p6	FreeBSD-SA-06:23.openssl
	Correct multiple vulnerabilities in crypto(3).
	Limit the size of public keys used in order to protect applications
	from a denial of service via insane key sizes.

@


1.342.2.35.2.7
log
@Correct problem in the 2006-09-28 patch concerning the handling of
excessively large DH moduli.

Reported by:	Steve Kiernan (Juniper SIRT)
Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a10 4
20060929:	p7	FreeBSD-SA-06:23.openssl
	Correct problem in the 2006-09-28 patch concerning the handling of
	excessively large DH moduli.

@


1.342.2.35.2.8
log
@Correct multiple vulnerabilities in OpenSSH.

Security:	FreeBSD-SA-06:22.openssh
Approved by:	so (simon)
@
text
@a10 3
20060930:	p8	FreeBSD-SA-06:22.openssh
	Correct multiple vulnerabilities in sshd(8).

@


1.342.2.35.2.9
log
@Correct a signedness bug which allowed members of the operator
group to read kernel memory. [1]

Disable handling of GNUTYPE_NAMES tar file entries by default,
since they can be used to extract files outside of the cwd. [2]

Security:	FreeBSD-SA-06:25.kmem [1]
Security:	FreeBSD-SA-06:26.gtar [2]
Approved by:	so (cperciva)
@
text
@a10 7
20061206:	p9	FreeBSD-SA-06:25.kmem, FreeBSD-SA-06.26.gtar
	Correct a signedness bug which allowed members of the operator
	group to read kernel memory. [06:25]

	Disable handling of GNUTYPE_NAMES tar file entries by default,
	since they can be used to extract files outside of the cwd. [06:26]

@


1.342.2.35.2.10
log
@Fix jail rc.d script privilege escalation via symlink attack against
/var/log/console.log and mount points.

Security:	FreeBSD-SA-07:01.jail
Approved by:	so (simon)
@
text
@a10 3
20070111:	p10	FreeBSD-SA-07:01.jail
	Correct jail rc.d script privilege escalation.

@


1.342.2.35.2.11
log
@Correct two remote denials of service in BIND involving DNSSEC and
recursive DNS queries respectively.

Security:	FreeBSD-SA-07:02.bind
Approved by:	so (cperciva)
@
text
@a10 4
20070209	p11	FreeBSD-SA-07:02.bind
	Correct two remote denials of service in BIND involving DNSSEC and
	recursive DNS queries respectively.

@


1.342.2.35.2.12
log
@Disable processing of IPv6 type 0 Routing Headers.  This behaviour
can be changed via the (newly added) net.inet6.ip6.rthdr0_allowed
sysctl.

Security:	FreeBSD-SA-07:03.ipv6
Approved by:	so (cperciva)
@
text
@d11 1
a11 6
20070426:	p12	FreeBSD-SA-07:03.ipv6
	Disable processing of IPv6 type 0 Routing Headers.  This behaviour
	can be changed via the (newly added) net.inet6.ip6.rthdr0_allowed
	sysctl.

20070209:	p11	FreeBSD-SA-07:02.bind
@


1.342.2.35.2.13
log
@Fix buffer overflow in libmagic(3).

Security:	FreeBSD-SA-07:04.file
Approved by:	so (cperciva)
@
text
@a10 3
20070523:	p13	FreeBSD-SA-07:04.file
	Fix buffer overflow in libmagic(3).

@


1.342.2.35.2.14
log
@Correct multiple security issues in how libarchive handles corrupt
tar archives, including a potentially exploitable buffer overflow.

Approved by:	so (cperciva)
Reviewed by:	kientzle
Security:	FreeBSD-SA-07:05.libarchive
@
text
@a10 5
20070712:	p14	FreeBSD-SA-07:05.libarchive
	Correct multiple security issues in how libarchive handles
	corrupt tar archives, including a potentially exploitable
	buffer overflow.

@


1.342.2.35.2.15
log
@Correct a bug in the patch for FreeBSD-SA-07:01.jail which prevented
jails with custom fstab's from starting due to use of incorrect
variable. [1]

Correct buffer overflow in tcpdump(1). [SA-07:06]

Correct predictable query ids in named(8). [SA-07:07]

Reported by:	Joel Hatton <joel@@auscert.org.au> [1]
Security:	FreeBSD-SA-07:06.tcpdump
Security:	FreeBSD-SA-07:07.bind
Approved by:	so (simon)
@
text
@a10 8
20070801:	p15	FreeBSD-SA-07:01.jail, FreeBSD-SA-07:06.tcpdump,
			FreeBSD-SA-07:07.bind
	Correct a bug in the patch for FreeBSD-SA-07:01.jail. [07:01]

	Correct a buffer overflow in tcpdump(1). [07:06]

	Correct predictable query ids in named(8). [07:07]

@


1.342.2.35.2.16
log
@Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().

Security:	FreeBSD-SA-07:08.openssl
Approved by:	so (simon)
@
text
@a10 3
20071003:	p16	FreeBSD-SA-07:08.openssl
	Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().

@


1.342.2.35.2.17
log
@Correct a random value disclosure in random(4). [07:09]

Correct a gtar directory traversal vulnerability. [07:10]

Security:	FreeBSD-SA-07:09.random
Security:	FreeBSD-SA-07:10.gtar
Approved by:	so (simon)
@
text
@a10 5
20071129:	p17	FreeBSD-SA-07:09.random, FreeBSD-SA-07:10.gtar
	Correct a random value disclosure in random(4). [07:09]

	Correct a gtar directory traversal vulnerability. [07:10]

@


1.342.2.35.2.18
log
@Fix issues which allow snooping on ptys.

Security: FreeBSD-SA-08:01.pty
Approved by:	so (cperciva)
@
text
@a10 3
20080118:	p18	FreeBSD-SA-08:01.pty
	Fix issues which allow snooping on ptys.

@


1.342.2.35.2.19
log
@Fix date of last advisory -- January 14th, not January 18th.

Approved by:	so (cperciva)
@
text
@d11 1
a11 1
20080114:	p18	FreeBSD-SA-08:01.pty
@


1.342.2.35.2.20
log
@Fix sendfile(2) write-only file permission bypass. [08:03.sendfile]

Fix IPsec null pointer dereference panic. [SA-08:04.ipsec]

Security:	FreeBSD-SA-08:03.sendfile
Security:	FreeBSD-SA-08:04.ipsec
Approved by:	so (simon)
@
text
@a10 5
20080214:	p19	FreeBSD-SA-08:02.sendfile, FreeBSD-SA-08:03.ipsec
	Fix sendfile(2) write-only file permission bypass. [08:02]

	Fix IPsec null pointer dereference panic. [08:03]

@


1.342.2.35.2.21
log
@Fix logic error in sshd(8) concerning the handling of failed
attempts to bind ports for X11 forwarding.

Security:	FreeBSD-SA-08:05.openssh
Approved by:	so (cperciva)
@
text
@a10 4
20080416:	p20	FreeBSD-SA-08:05.openssh
	Fix logic error in sshd(8) concerning the handling of failed
	attempts to bind ports for X11 forwarding.

@


1.342.2.36
log
@Note the release date of 5.5.
@
text
@a10 3
20060525:
	FreeBSD 5.5-RELEASE

@


1.342.2.37
log
@MFC: Include a note about recompiling ports which use the base libmilter.

Submitted by:	Matthew Seaman
@
text
@a10 5
20070411:
	sendmail(8) has been updated to version 8.14.1.  Mail filters
	(aka, milters) compiled against the libmilter included in the
	base operating system should be recompiled.

@


1.342.2.38
log
@MFC: Bring in sendmail.org code from the future 8.14.2 release which restores
ABI compatibility to users of the libmilter.so shared library.
@
text
@a10 6
20070426:
        The ABI breakage in sendmail(8)'s libmilter has been repaired
        so it is no longer necessary to recompile mail filters (aka,
        milters).  If you recompiled mail filters after the 20070411
        note, it is not necessary to recompile them again.

@


1.342.2.24.2.1
log
@MFC revision 1.103.

Security:	FreeBSD-SA-05:02.sendfile
Approved by:	re (kensmith, scottl)
@
text
@a10 3
20050404:		FreeBSD-SA-05:02.sendfile
	Correct kernel memory disclosure bug in sendfile(2).

@


1.342.2.24.2.2
log
@Fully initialize the required TSS fields so that the io permission
bitmap is set correctly.

Patch from:	peter
Security:	FreeBSD-SA-05:03.amd64
Approved by:	re (kensmith)
@
text
@a10 3
20050406:		FreeBSD-SA-05:03.amd64
	Correctly initialize the I/O permission bitmap on amd64.

@


1.342.2.24.2.3
log
@Zero the ifr.ifr_name buffer in ifconf() in order to avoid
accidental disclosure of kernel memory to userland.

Security:	FreeBSD-SA-05:04.ifconf
Approved by:	re (kensmith)
@
text
@a10 4
20050414:		FreeBSD-SA-05:04.ifconf
	Zero a buffer in ifconf() in order to avoid accidental
	disclosure of kernel memory to userland.

@


1.342.2.24.2.4
log
@MFC:

Correct multiple security related errors: a buffer overflow, NULL
pointer dereferences, possible use of uninitialized variables, and
memory leaks.

Security:	CAN-2005-0753
Security:	FreeBSD-SA-05:05.cvs
Approved by:	re (kensmith)
@
text
@a10 3
20050422:		FreeBSD-SA-05:05.cvs
	Correct several vulnerabilities in CVS.

@


1.342.2.24.2.5
log
@Correct improper permissions on /dev/iir.  The earlier permissions
of 0644 allowed for people to do Evil Things via ioctl(2).

Security: FreeBSD-SA-05:06.iir
Approved by: re (kensmith)
@
text
@a10 3
20050506:		FreeBSD-SA-05:06.iir
	Correct overly liberal permissions on /dev/iir.

@


1.342.2.24.2.6
log
@Correctly validate inputs to the i386_get_ldt syscall.

Security: FreeBSD-SA-05:07.ldt
Approved by: re (kensmith)
@
text
@a10 3
20050506:		FreeBSD-SA-05:07.ldt
	Correctly validate inputs to the i386_get_ldt syscall.

@


1.342.2.24.2.7
log
@If we are going to
1. Copy a NULL-terminated string into a fixed-length buffer, and
2. copyout that buffer to userland,
we really ought to
0. Zero the entire buffer
first.

Security: FreeBSD-SA-05:08.kmem
Approved by: re (kensmith)
@
text
@a10 3
20050506:		FreeBSD-SA-05:08.kmem
	Correct several local kernel memory disclosure bugs.

@


1.342.2.24.2.8
log
@Prep for 5.4-RELEASE tagging.

Approved by:	re (implicit)
@
text
@a10 3
20050509:
	FreeBSD 5.4-RELEASE.

@


1.342.2.24.2.9
log
@MFC: Fix two issues which were missed in FreeBSD-SA-05:08.kmem.

Reported by:	Uwe Doering
Approved by:	re (kensmith)
@
text
@a13 3
20050507:		FreeBSD-SA-05:08.kmem
	Correct two issues which missed from the earlier commit.

@


1.342.2.24.2.10
log
@Add a knob for disabling/enabling HTT, "machdep.hyperthreading_allowed".
Default off due to information disclosure on multi-user systems.

Submitted by:	cperciva
Reviewed by:	jhb
Approved by:	re
@
text
@a10 4
20050513:	p1  	FreeBSD-SA-05:09.htt
	Add a knob for disabling/enabling HTT.  Default off due to information
	disclosure on multi-user systems.

@


1.342.2.24.2.11
log
@Correct several denial-of-service vulnerabilities in tcpdump.

Security:	FreeBSD-SA-05:10.tcpdump
Security:	CAN-2005-1267, CAN-2005-1278, CAN-2005-1279, CAN-2005-1280
Obtained from:	tcpdump.org

Correct directory traversal and race condition vulnerabilities in gzip.

Security:	FreeBSD-SA-05:11.gzip
Security:	CAN-2005-0988, CAN-2005-1228
Obtained from:	Steve Grubb via RedHat, Debian

Approved by:	so (nectar)
@
text
@a10 5
20050608:	p2	FreeBSD-SA-05:10.tcpdump, FreeBSD-SA-05:11.gzip
	Correct several denial-of-service vulnerabilities in tcpdump.

	Correct directory traversal and race condition vulnerabilities in gzip.

@


1.342.2.24.2.12
log
@Correct ipfw packet matching errors with address tables.

Security:	CAN-2005-2019
Security:	FreeBSD-SA-05:13.ipfw

Correct bzip2 denial of service and permission race vulnerabilities.

Obtained from:	Redhat, Steve Grubb via RedHat
Security:	CAN-2005-0953, CAN-2005-1260
Security:	FreeBSD-SA-05:14.bzip2
Approved by:	obrien

Correct TCP connection stall denial-of-service vulnerabilities.

MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP
packets containing a timestamp is received, inadequate checking of
sequence numbers is performed, allowing an attacker to artificially
increase the internal "recent" timestamp for a connection.

A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.

Security:	CAN-2005-0356, CAN-2005-2068
Security:	FreeBSD-SA-05:15.tcp

Approved by:	so (cperciva)
@
text
@a10 8
20050629:	p3	FreeBSD-SA-05:13.ipfw, FreeBSD-SA-05:14.bzip2,
			FreeBSD-SA-05:15.tcp
	Correct ipfw packet matching errors with address tables.

	Correct bzip2 denial of service and permission race vulnerabilities.

	Correct TCP connection stall denial of service vulnerabilities.

@


1.342.2.24.2.13
log
@MFC rev. 1.6 of src/lib/libz/inftrees.c:
  Correct a buffer overflow which occurred in the handling of some
  particularly corrupt deflated data streams.

Security:	FreeBSD-SA-05:16.zlib
Approved by:	so (cperciva)
@
text
@a10 3
20050706:	p4	FreeBSD-SA-05:16.zlib
	Correct buffer overflow when handling corrupt deflated data streams.

@


1.342.2.24.2.14
log
@MFC rev 1.116 of src/sys/fs/devfs/devfs_vnops.c:

Correct devfs ruleset bypass.

Submitted by:	csjp
Reviewed by:	phk
Security:	FreeBSD-SA-05:17.devfs
Approved by:	so (cperciva)
@
text
@a10 3
20050720:	p5	FreeBSD-SA-05:17.devfs
	Correct devfs ruleset bypass.

@


1.342.2.24.2.15
log
@Correct a buffer overflow which can occur when decompressing a
carefully crafted deflated data stream. [1]

Correct problems in the AES-XCBC-MAC IPsec authentication algorithm. [2]

Submitted by:   suz [2]
Security:       FreeBSD-SA-05:18.zlib [1], FreeBSD-SA-05:19.ipsec [2]
Approved by:	so (cperciva)
@
text
@a10 7
20050727:	p6	FreeBSD-SA-05:18.zlib, FreeBSD-SA-05:19.ipsec
	Correct buffer overflow when handling certain deflated data
	streams.

	Correct errors in the implementation of the AES-XCBC-MAC IPsec
	authentication algorithm.

@


1.342.2.24.2.16
log
@MFC: Correct insecure temporary file usage.

Security:	FreeBSD-SA-05:20.cvsbug
Approved by:	so (cperciva)
@
text
@a10 3
20050907:	p7	FreeBSD-SA-05:20.cvsbug
	Correct insecure temporary file usage.

@


1.342.2.24.2.17
log
@Correct a man-in-the-middle SSL version rollback vulnerability.

Security:       FreeBSD-SA-05:21.openssl
Approved by:    so@@ (cperciva)
@
text
@a10 3
20051011:	p8	FreeBSD-SA-05:21.openssl
	Correct a man-in-the-middle SSL version rollback vulnerability.

@


1.342.2.24.2.18
log
@Correct insecure temporary file usage in texindex. [06:01]
Correct insecure temporary file usage in ee. [06:02]
Correct a race condition when setting file permissions, sanitize file
names by default, and fix a buffer overflow when handling files
larger than 4GB in cpio. [06:03]

Security:	FreeBSD-SA-06:01.texindex
Security:	FreeBSD-SA-06:02.ee
Security:	FreeBSD-SA-06:03.cpio
Approved by:	so (cperciva)
@
text
@a10 10
20060111:	p9	FreeBSD-SA-06:01.texindex, FreeBSD-SA-06:02.ee,
			FreeBSD-SA-06:03.cpio
	Correct insecure temporary file usage in texindex. [06:01]

	Correct insecure temporary file usage in ee. [06:02]

	Correct a race condition when setting file permissions,
	sanitize file names by default, and fix a buffer overflow
	when handling files larger than 4GB in cpio. [06:03]

@


1.342.2.24.2.19
log
@MFC rev. 1.16 of sys/contrib/pf/net/pf_norm.c: Correct an error in pf
handling of IP packet fragments which could result in a kernel panic.

Security:	FreeBSD-SA-06:07.pf
Approved by:	so (cperciva)
@
text
@a10 4
20060125:	p10	FreeBSD-SA-06:07.pf
	Correct an error in pf handling of IP packet fragments which
	could result in a kernel panic.

@


1.342.2.24.2.20
log
@MFRELENG_5 sys/netinet/tcp_sack.c rev. 1.3.2.10:
  Avoid an infinite loop in sack scoreboard processing when the per-hole
  limits or global scoreboard limits are reached, or when memory
  exhaustion occurs. This can occur when an existing hole fails to be
  split due to limits or memory exhaustion.

Security:	FreeBSD-SA-06:08.sack
Approved by:	so (cperciva)
@
text
@a10 4
20060201:	p11	FreeBSD-SA-06:08.sack
	Avoid an infinite loop in sack scoreboard processing which can
	result from memory exhaustion.

@


1.342.2.24.2.21
log
@Correct a remote DoS in OpenSSH when using PAM and privilege
separation. [06:09]

Submitted by:	des

Correct a remote kernel panic when processing zero-length RPC records
via TCP. [06:10]

Security:	FreeBSD-SA-06:09.openssh
Security:	FreeBSD-SA-06:10.nfs
Approved by:	so (cperciva)
@
text
@a10 7
20060301:	p12	FreeBSD-SA-06:09.openssh, FreeBSD-SA-06:10.nfs
	Correct a remote DoS in OpenSSH when using PAM and privilege
	separation. [06:09]

	Correct a remote kernel panic when processing zero-length RPC
	records via TCP. [06:10]

@


1.342.2.24.2.22
log
@Add missing code needed for the detection of IPSec packet replays. [1]

Correctly identify the user running opiepasswd(1) when the login name
differs from the account name. [2]

Modify timeout handling logic in sendmail(8) to correct a reported
signal handling race condition. [3]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:11.ipsec [1]
Security:	FreeBSD-SA-06:12.opie [2]
Security:	FreeBSD-SA-06:13.sendmail [3]
@
text
@a10 11
20060322:	p13	FreeBSD-SA-06:11.ipsec, FreeBSD-SA-06:12.opie,
			FreeBSD-SA-06:13.sendmail
	Add missing code needed for the detection of IPSec packet
	replays. [06:11]

	Correctly identify the user running opiepasswd(1) when the login
	name differs from the account name. [06:12]

	Modify timeout handling logic in sendmail(8) to correct a reported
	signal handling race condition. [06:13]

@


1.342.2.24.2.23
log
@MFC: Correct a local information leakage bug affecting AMD FPUs.

Security:	FreeBSD-SA-06:14.fpu
Approved by:	so (cperciva)
@
text
@a10 3
20060419:	p14	FreeBSD-SA-06:14.fpu
	Correct a local information leakage bug affecting AMD FPUs.

@


1.342.2.24.2.24
log
@Enable inadvertantly disabled "securenet" access controls in ypserv. [1]

Correct a bug in the handling of backslash characters in smbfs which can
allow an attacker to escape from a chroot(2). [2]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:15.ypserv [1]
Security:	FreeBSD-SA-06:16.smbfs [2]
@
text
@a10 7
20060531:	p15	FreeBSD-SA-06:15.ypserv, FreeBSD-SA-06:16.smbfs
	Enable inadvertantly disabled "securenet" access controls in
	ypserv. [06:15]

	Correct a bug in the handling of backslash characters in smbfs
	which can allow an attacker to escape from a chroot(2). [06:16]

@


1.342.2.24.2.25
log
@Correct a bug in the handling of multipart messages by sendmail(8)
which can allow a malformed message to crash a sendmail queue
processing process.

Security:	FreeBSD-SA-06:17.sendmail
Approved by:	so (cperciva)
@
text
@a10 5
20060614:	p16	FreeBSD-SA-06:17.sendmail
	Correct a bug in the handling of multipart messages by sendmail(8)
	which can allow a malformed message to crash a sendmail queue
	processing process.

@


1.342.2.24.2.26
log
@Correct buffer overflow in the handling of LCP options in ppp(4)

Security:	FreeBSD-SA-06:18.ppp
Approved by:	so (cperciva)
@
text
@a10 3
20060823:	p17	FreeBSD-SA-06:18.ppp
	Correct buffer overflow in the handling of LCP options in ppp(4).

@


1.342.2.24.2.27
log
@Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). [1]

Correct multiple denial-of-service vulnerabilities in BIND related to
SIG Query Processing and Excessive Recursive Queries. [2]

Security:	FreeBSD-SA-06:19.openssl [1]
Security:	FreeBSD-SA-06:20.bind [2]
Approved by:	so (simon)
@
text
@a10 7
20060906:	p18	FreeBSD-SA-06:19.openssl, FreeBSD-SA-06:20.bind
	Correct incorrect PKCS#1 v1.5 padding validation in
	crypto(3). [06:19]

	Correct multiple denial-of-service vulnerabilities in BIND related to
	SIG Query Processing and Excessive Recursive Queries. [06:20]

@


1.342.2.24.2.28
log
@Correct multiple vulnerabilities in gzip(1).

Security:	FreeBSD-SA-06:21.gzip
Approved by:	so (simon)
@
text
@a10 3
20060919:	p19	FreeBSD-SA-06:21.gzip
	Correct multiple vulnerabilities in gzip(1).

@


1.342.2.24.2.29
log
@Correct multiple vulnerabilities in crypto(3).
Limit the size of public keys used in order to protect applications
from a denial of service via insane key sizes.

Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a10 5
20060928:	p20	FreeBSD-SA-06:23.openssl
	Correct multiple vulnerabilities in crypto(3).
	Limit the size of public keys used in order to protect applications
	from a denial of service via insane key sizes.

@


1.342.2.24.2.30
log
@Correct problem in the 2006-09-28 patch concerning the handling of
excessively large DH moduli.

Reported by:	Steve Kiernan (Juniper SIRT)
Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a10 4
20060929:	p21	FreeBSD-SA-06:23.openssl
	Correct problem in the 2006-09-28 patch concerning the handling of
	excessively large DH moduli.

@


1.342.2.24.2.31
log
@Correct multiple vulnerabilities in OpenSSH.

Security:	FreeBSD-SA-06:22.openssh
Approved by:	so (simon)
@
text
@a10 3
20060930:	p22	FreeBSD-SA-06:22.openssh
	Correct multiple vulnerabilities in sshd(8).

@


1.341
log
@Proofreading the 4.x -> 5.x upgrade procedure.
@
text
@d24 5
@


1.340
log
@Spell check the 20040806 entry.
@
text
@d1688 1
a1688 1
	For the 4.x -> 5.0 upgrade, you will also see many messages about
d1732 1
a1732 1
	compatibility libraries are build which should allow you to continue
d1736 1
a1736 1
	initialized by feeding data into it.  /etc/rc.d/preseedrandom
@


1.339
log
@add comment about needing to upgrade loader.rc on i386 systems that have
problems loading modules...

Solution by:	ru
@
text
@d31 1
a31 1
	drop proper module_path initalization and modules will fail to
@


1.338
log
@Add another UPDATING entry about recompiling modules implementing network
interfaces due to a change in the size of struct ifnet.
@
text
@d29 9
@


1.337
log
@Since we upgraded compilers, and the kernel build to match, we can't build
new kernels on older userlands.  Document this fact in the entry that talked
about the system upgrade.
@
text
@d24 5
@


1.336
log
@Update for the null.ko removal.
@
text
@d44 5
@


1.335
log
@Announce the memory device module update.
@
text
@d24 4
@


1.334
log
@Get the current year number straight and remove one instance of trailing
whitespace.

Time travel spoiled by:	ru
@
text
@d24 5
@


1.333
log
@Document /usr/ports/UPDATING and have a brief pointer re x11
@
text
@d24 1
a24 1
20030728:
d28 1
a28 1
	and users will have to rebuild all their C++ programs with the new 
@


1.332
log
@Add a note about recent GCC import.
@
text
@d7 4
@


1.331
log
@back out the localkg changes until things have settled.

Discussed with:	mtm
@
text
@d20 11
@


1.330
log
@Add an UPDATING entry about recompiling modules implementing network
interfaces due to a change in the size of struct ifnet.
@
text
@a25 13
20040724:
	The rc.d/localpkg script now "does the right thing" with respect
	to ports rc.d scripts. The most disruptive change is that scripts
	ending in *.sh are sourced in the same shell as rc.d/localpkg (as
	opposed to a subshell) and may cause the script to end prematurely
	if a script calls exit. Some broken scripts may not recognize the
	'fast' prefix to a command. The first problem can be fixed by simply
	renaming the script so that it doesn't have a '.sh' ending. Another
	temporary work-arround is to completely remove the 'PROVIDE' line
	from the script. If you notice a broken ports rc.d script please
	notify the maintainer. Legacy scripts should not be affected.
	__FreeBSD_version bumped to 502124.

@


1.329
log
@Typo.

Submitted By: demon
@
text
@d20 6
@


1.328
log
@Ports related rc.d cleanups:
o Separate out local (ports) scripts that use rc.d, and the old style
  startup/shutdown scripts and execute them separately. On startup the
  rc.d style scripts are executed first and then the old-style scripts.
  On shutdown, exactly the reverse happens.
o The rc.d ports scripts should now behave more like base system scripts.
  Scripts ending in .sh will be sourced into the current shell, while the
  rest will be executed in a subshell. Previously, all ports scripts,
  regardless of the .sh suffix, were executed in a subshell.
o The parent script, /etc/rc.d/localpkg, passes its command line arguments
  straight to the rc.d ports scripts. This means they should now honor
  faststop and faststart commands as well. Old style scripts, should not see
  any differences. They will still get either a start or stop command.
o The initial phrase shown during shutdown has been changed to use
  "local packages" instead of "daemon processes" to be more inline with the
  phrase used during local package startup. The phrases are also used only for
  old-style ports script startup/shutdown, whereas previously they were being
  used for both rc.d and old-style scripts. This should make startup/shutdown
  output a bit less ugly.

Discussed with:	portmgr
Has Reservations: eik
@
text
@d21 1
a21 1
	The rc.d/loclpkg script now "does the right thing" with respect
@


1.327
log
@English fixes, no content change.
@
text
@d20 13
@


1.326
log
@Add the change of the sound drivers.
@
text
@d47 1
a47 1
	   to be enabled seperately now. Use the GDB option for this.
d61 3
a63 3
	There is some report that ULE scheduler was broken in some
	machines and we encourage users using ULE scheduler either
	stick with an known good kernel, or temporary switch to 4BSD
d80 1
a80 1
	will be printed on console indicating that ACPI has been disabled
d87 1
a87 1
	pf was updated to OpenBSD-stable 3.5 and pflogd(8) is priviledge
d228 1
a228 1
	and related userland network utilities neccessary.
d338 1
a338 1
	__FreeBSD_version bumpted to 501110.
d689 1
a689 1
	own.  All the accumulated features and bugfixes of the i4b
@


1.325
log
@Fix typo in 20040702 entry.

Noticed by:	Andre Guibert de Bruet <andy@@siliconlandmark.com>
@
text
@d20 5
@


1.324
log
@Add 3 new entries:
o  __FreeBSD_version bumped to 502122
o  Alpha console initialization requires the same sio(4) hints as on
   other platforms. Options NO_SIO and DEV_SC removed.
o  KDB framework: Added KDB and GDB; Renamed WITNESS_DDB, DDB_TRACE
   DDB_UNATTENDED. Removed GDB_REMOTE_CHAT and DDB_NOKLDSYM.
@
text
@d57 1
a57 1
	machines and we encourage users using ULE schedluer either
@


1.323
log
@Bump __FreeBSD_version

Reviewed by:	kris, ru
@
text
@d20 30
@


1.322
log
@Add note about ULE breakage at the moment.

Submitted by: Xin LI
@
text
@d20 4
@


1.321
log
@Wordsmith and spell-correct last commit
@
text
@d20 7
d35 3
@


1.320
log
@Remove the home-grown metadata facility in favour of the now generic
mbuf tags facility. Netgraph modules will all need a recompile.

Submitted by:	Gleb Smirnoff <glebius@@cell.sick.ru>
@
text
@d22 6
a27 6
	an incompatible change in the ABI. Old netgraph nodes will refuse 
	to attach until recompiled. Netgraph no uses tehmbuf TAGS feature
	to move metadata and this commit removes its home-grown metadata
	facility. Nodes should just recompile unless they use metadata
	in which case the changes are simple and shown in ng_ksocket.c
	which can be used as an example.
@


1.319
log
@Note the ACPI blacklist changes.

Prodded by:	imp
@
text
@d21 9
@


1.318
log
@Make some bugfixes and improve some text in the description of how to
update from 4.x to 5.x.

Submitted by:	Frerich Raabe <raabe@@kde.org>
@
text
@d20 8
@


1.317
log
@Add "privsep" user/group _pflogd:_pflogd (64:64) to make pflogd(8) work
again. This user/group is not required for install* targets, hence do not
add them to CHECK_UIDS/CHECK_GIDS in Makefile.inc1 (no need to annoy
people).

Discussed-on:	-current
@
text
@d1533 1
a1533 1
	cp src/sys/${MACHINE}/conf/GENERIC.hints /boot/device.hints [2]
d1535 1
a1535 1
	cd src/sys/boot ; make install			[6]
d1538 1
a1538 1
	/etc/rc.d/preseedrandom				[10]
d1542 1
a1542 1
	mergemaster					[4]
d1612 7
a1618 1
	cvs prune empty directories.
@


1.316
log
@Fix whitespace errors in previous commit.

Reported by:	simon
@
text
@d20 6
@


1.315
log
@Add entry for network interface cloning changes.
@
text
@d21 4
a24 4
        Network interface cloning has been overhauled.  This change will
        require a recompile of modules using cloning and modification of
        external ones to the new API.  __FreeBSD_version has been bumped
        to 502119 to mark this change.  Additionally, users creating
@


1.314
log
@Whitespace cleanup.
@
text
@d20 9
@


1.313
log
@Correct an error carried over from the nsswitch.conf(5) manual page; add
a note to UPDATING since users may have to manually remove an incorrect
nsswitch.conf.

Noticed by:	simon
@
text
@d57 1
a57 1
	Due to changes in the callout ABI, kernels compiled after this 
d239 1
a239 1
 
d272 1
a272 1
	attached network could exhaust kernel memory, and cause a system 
d294 1
a294 1
	ATAng has been committed. You need to build world as sys/ata.h 
d448 1
a448 1
 	built at the same time) returning structs or unions should be 
d520 1
a520 1
	There are still some minor problems with some signals but the 
d634 1
a634 1
	see 
d745 7
a751 7
 	named now runs as user bind and group bind rather than as 
 	root.  If named_enable is set to YES in /etc/rc.conf, ensure 
 	that user bind is available in /etc/passwd (using vipw(8)) 
 	and that group bind is available in /etc/group.  Also make 
 	sure that user or group bind has read (and not write) 
 	permission for your name server configuration and that it 
 	has read and write permission for your slave zone files and 
d753 2
a754 2
 
 	If you wish to continue to run named as root (a less secure 
d756 1
a756 1
 
d1010 1
a1010 1
  
d1139 1
a1139 1
	/etc/aliases has moved to /etc/mail/aliases.  Mergemaster will 
d1215 1
a1215 1
	If you use CVSUP or CTM to get CVS trees, AND you used to get 
d1365 1
a1365 1
	Modules have been disconnected from the buildworld tree and 
d1454 1
a1454 1
	make install	
d1500 1
a1500 1
 	<reboot>	
d1503 1
a1503 1
	To upgrade in-place from 4.x-stable to current 
d1513 1
a1513 1
	
@


1.312
log
@Change the return value of sema_timedwait() so it returns 0 on
success and a proper errno value on failure.  This makes it
consistent with cv_timedwait(), and paves the way for the
introduction of functions such as sema_timedwait_sig() which can
fail in multiple ways.

Bump __FreeBSD_version and add a note to UPDATING.

Approved by:	scottl (ips driver), arch
@
text
@d20 9
@


1.311
log
@Suggest a full build-/installworld instead of just installincludes.

Requested-by:	ru
@
text
@d20 6
@


1.310
log
@Bump __FreeBSD_version for ALTQ. Also put some notes in UPDATING regarding
the ABI break.
@
text
@d23 2
a24 2
	sizeof(struct ifnet). In order to get the altq headers in place run
	make installincludes.
@


1.309
log
@Note the need to rerun config.
@
text
@d20 6
@


1.308
log
@Note the removal of the midi drivers.

Pointed out by:	scottl
Shame on:	myself
@
text
@d20 4
@


1.307
log
@Recompile of ipfw(8) is required because of new ipfw option (versrcreach).
@
text
@d20 5
@


1.306
log
@1. Remove callout_stop binary compatibility.
2. Document that this means that kernel modules must be rebuilt.
3. While I'm here, fix my sorting error in callout.h

Requested by:	many [1], scottl [2], bde [3]
@
text
@d20 6
@


1.305
log
@I added preseedrandom yesterday, not last month.

Reported by:	Dmitry Morozovsky <marck at rinet.ru>
@
text
@d20 5
@


1.304
log
@Document changes in /dev/random initalization.  Suggest running
/etc/rc.d/preseedrandom to seed the PRNG in the upgrade instructions.
@
text
@d39 1
a39 1
        "/etc/rc.d/initrandom start" or with 20040315 source by running
@


1.303
log
@Add notes about the pci stuff that's currently working its way through
current.
@
text
@d34 8
d1429 1
d1482 1
d1557 4
@


1.302
log
@Fix kernel build instructions to be correct for 5.X.

PR:		docs/65397
Submitted by:	Russell Francis <rf358197 (at) ohio.edu>
@
text
@d20 14
@


1.301
log
@Commit a message to UPDATING indicating that during network stack locking
merges, debug.mpsafenet will no longer be safe to use, and that it should
be turned off (which is the default).  I will commit a follow-up message
to UPDATING (and post to freebsd-current) when it's safe to turn it on,
with a description of under what circumstances it is safe to use.
@
text
@d1382 5
a1386 1
	cd src/sys/{i386,alpha}/conf
d1388 1
a1388 1
	cd ../../compile/KERNEL_NAME_HERE
@


1.300
log
@Mention the user account for 'pf' is "proxy".
@
text
@d20 11
@


1.299
log
@Change time_t from a 32-bit value to a 64-bit value, on FreeBSD/sparc64
only.  This is a  MAJOR  incompatible change for the sparc64 platform,
but will not effect FreeBSD on other architectures.

Reviewed by:	imp for UPDATING, freebsd-sparc for the change itself.
@
text
@d30 2
a31 2
	user accounts. If you do not want to build pf with your system you
	can use the NO_PF knob in make.conf.
@


1.298
log
@Bump __FreeBSD_version for the pf install and write comments to UPDATING.

Approved by:	bms(mentor)
@
text
@d20 7
@


1.297
log
@Add a note explaining how to use libmap.conf to work around problems
with the libc_r -> libpthread transition.
@
text
@d20 11
@


1.296
log
@Mention getaddrinfo(3)/resolver(3) ABI change.

Reminded by:	bmah
@
text
@d20 11
@


1.295
log
@It's protocol version 1 I've disabled, not version 2.
@
text
@d28 7
@


1.294
log
@Mention the recent sshd configuration changes.
@
text
@d21 1
a21 1
	Some sshd configuration defaults have changed: protocol version 2
@


1.293
log
@Add a note about the routed update breaking compatibility (for MD5
authentication only) with older versions of FreeBSD's routed.
@
text
@d20 7
@


1.292
log
@Note change of sizeof(struct tcpcb) and libkvm recompile.
@
text
@d20 8
@


1.291
log
@Add a note about cdevsw changes.
@
text
@d20 4
@


1.290
log
@Update instructions on /rescue vs -j to indicate a fixed date.
@
text
@d20 6
@


1.289
log
@Add a belated entry for the CPU_ENABLE_LONGRUN issue.
@
text
@d177 4
d198 14
a211 1
20030613: [retrospective]
a227 13

20030610:
	Remove deprecated locale names and transition period code
	for them, finishing switching to the new scheme. Check your
	LANG environment variable.

20030609:
	CCD has been changed to be a fully GEOMified class.  Kernel
	and ccdconfig(8) needs to be in sync, this is particularly
	important to remember beforehand if your source tree is on
	a ccd device.  Consider making a copy of the old ccdconfig
	into /boot/kernel.good or wherever you keep your backup
	kernel.
@


1.288
log
@Add an entry about the removal of etc/rc.d/ttys.
@
text
@d47 5
@


1.287
log
@Add a note about the libkse -> libpthread switch.

Reviewed by:	imp
@
text
@d20 4
@


1.286
log
@Add a note to say that ULE is now the default scheduler in GENERIC.

PR:		docs/61870
Submitted by:	Xin LI <delphij@@frontfree.net>
Approved by:	imp
@
text
@d20 15
@


1.285
log
@Add a note to say that the ACPI module has been turned back on now.

Requested by:	Joel Ray Holveck <joelh@@piquan.org>
@
text
@d20 8
@


1.284
log
@Comment on initgroups.c:1.8: it can prevent users from logging in if
a user has over 16 groups defined.

Reported by:	"Klaus-J. Wolf" <yanestra@@web.de>
@
text
@d28 4
@


1.283
log
@Add a note about MPTABLE_FORCE_HTT.

Prompted by:	John Stockdale <jstockdale@@stanford.edu>
@
text
@d20 8
@


1.282
log
@Clarify UPDATING language: do buildworld before buildkernel, and
do installkernel before installworld, rather than don't make world
before installkernel.

Pointed out by:	gad
@
text
@d53 8
@


1.282.2.1
log
@Update UPDATING for 5.2
@
text
@d1 1
a1 1
Updating Information for FreeBSD 5.2 users
d7 12
a18 2
20031206:
	FreeBSD 5.2 branched
@


1.282.2.2
log
@MFC: Add a note to document MPTABLE_FORCE_HTT.

Approved by:	re (scottl)
@
text
@a42 8
20031111:
	Hyperthreading logical CPU's are no longer probed by default
	when using the MP Table.  If ACPI is being used, then logical
	CPUs will be probed if hyperthreading is enabled in the BIOS.
	If ACPI is not being used and hyperthreading is enabled in the
	BIOS, logical CPUs can be enabled by building a custom kernel
	with the option MPTABLE_FORCE_HTT enabled.
 
@


1.282.2.3
log
@MFC: Add note about acpi module being re-enabled.

Approved by:	re (rwatson)
@
text
@a35 4
20031203:
	The ACPI module has been reactivated.  It is no longer required
	to compile ACPI support into kernels statically.

@


1.282.2.4
log
@5.2-RELEASE-p1 is a security branch release to address an issue in
mksnap_ffs(8).  Because release engineering for 5.2.1-RELEASE is
currently in process, 5.2-RELEASE-p1 also includes several other bug
fixes which are not security related.  The additional fixes are
documented in UPDATING and in the release notes.

Approved by:	re
@
text
@a6 63
This is for the 5.2 release branch.  All entries since 5.0 are an
itemized list of commits to this branch, numbered from the beginning.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.

20040127:	p1	FreeBSD-SA-04:01.mksnap_ffs
	Fixed mksnap_ffs to preserve existing file system flags.

	NOTE WELL:
	Due to release engineering in progress, 5.2-RELEASE-p1 also
	includes numerous other critical bug fixes, most of which
	are not security related.

	- (i386) `cdboot' now works around a BIOS problem observed on
	  some systems when booting from USB CDROM drives.

	- (sparc64) The dc(4) driver now supports sparc64 Davicom
	  cards that store their MAC address in OpenFirmware.

	- Several bugs related to multicast and promiscuous mode
	  handling in the sk(4) driver have been fixed.

	- A bug in GEOM(4) that could result in I/O hangs in some
	  rare cases has been fixed.

	- A panic in the NFSv4 client has been fixed; this occurred
	  when attempting operations against an NFSv3/NFSv2-only
	  server.

	- A bugfix has been applied to NSS support, which fixes
	  problems when using third-party NSS modules (such as
	  `net/nss_ldap') and groups with large membership lists.

	- Security improvements from CVS 1.11.10 and 1.11.11 have
	  been backported.  Specifically, certain malformed module
	  requests are now rejected, and when using `cvs pserver'
	  mode, attempts to authenticate as `root' are rejected and
	  recorded via syslog(3).

	- The `PFIL_HOOKS' option is now enabled by default in the
	  GENERIC kernel.  The most notable effect of this change is
	  to make IPFilter work correctly when loaded as a kernel
	  module.

	- Some bugs in the IPsec implementation from the KAME Project
	  have been fixed.  These bugs were related to freeing memory
	  objects before all references to them were removed, and
	  could cause erratic behavior or kernel panics after flushing
	  the Security Policy Database (SPD).

	- A number of bugs in the ata(4) driver have been fixed.  Most
	  notably, master/slave device detection should work better,
	  and some problems with timeouts should be resolved.

	- (pc98) The partition type used for new partitions on the pc98
	  platform was corrected.

	- Allow devfs path rules to work on directories.

@


1.282.2.5
log
@MFC sysv_shm.c 1.90: Correct a reference counting bug in shmat(2).
@
text
@a15 3
20040205:	p2	FreeBSD-SA-04:02.shmat
	Correct a reference counting bug in shmat(2).

@


1.282.2.6
log
@MFC vfs_mount.c 1.117: Fix issues related to mount/unmount.

Submitted by:	pjd
Approved by:	re
@
text
@a15 6
20040210:
	Fixed bugs in vfs_mount(9) that could allow jailed processes
	to mount or unmount file systems outside of the jail and
	in some cases allow a normal user to unmount a file system
	when usermounts have been changed from enabled to disabled.

@


1.282.2.7
log
@MFC pseudofs_vnops.c 1.43: Fix a panic in pseudofs(9).

Approved by:	re
@
text
@a21 2
	Fix a panic in pseudofs(9).

@


1.282.2.8
log
@Update for 5.2.1 and note that 5.2.1 is on the 5.2 release branch.
@
text
@d1 1
a1 1
Updating Information for FreeBSD 5.2.1 users
d7 1
a7 2
This is for the 5.2 release branch.  FreeBSD 5.2.1 is part of the 5.2
release branch and has no branch of its own.  All entries since 5.0 are an
a14 3

20040222:
	FreeBSD 5.2.1 RELEASE
@


1.282.2.9
log
@MFC in part tcp_input.c 1.228, tcp_subr.c 1.182, tcp_var.h 1.98:
Limit TCP segment reassembly queue size and use UMA for it.

Submitted by:	andre
@
text
@a16 3
20040302:	p1	FreeBSD-SA-04:04.tcp
	Limit TCP segment reassembly queue size.

@


1.282.2.10
log
@Bump patch level for update of FreeBSD-SA-04:04.tcp fix.
@
text
@a16 3
20040316:	p2
	Improvement of FreeBSD-SA-04:04.tcp fix.

@


1.282.2.11
log
@MFC s3_pkt.c 1.1.1.9:
Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079).
@
text
@a16 3
20040317:	p3	FreeBSD-SA-04:05.openssl
	Correct a denial-of-service vulnerability in OpenSSL.

@


1.282.2.12
log
@MFC ip6.h 1.11, ip6_output.c 1.79:
Validate IPv6 socket options more carefully.
@
text
@a16 4
20040329:	p4	FreeBSD-SA-04:06.ipv6
	Correct an input validation error involving setsockopt and
	IPv6 sockets.

@


1.282.2.13
log
@Merge from 4-STABLE client.c 1.2.2.7, modules.c 1.1.1.5.2.4:
Correct some path validation errors in CVS.

Approved by:	so
@
text
@a16 3
20040415:	p5	FreeBSD-SA-04:07.cvs
	Correct some path validation errors in CVS.

@


1.282.2.14
log
@Correctly validate the transited field in Kerberos tickets.
http://vuxml.freebsd.org/bfb36941-84fa-11d8-a41f-0020ed76ef5a.html

Obtained from:	Heimdal 0.6.1
Approved by:	so
@
text
@a16 3
20040505:	p6	FreeBSD-SA-04:08.heimdal
	Correctly validate the transited field in Kerberos tickets.

@


1.282.2.15
log
@Bump and document patch level.

Approved by:	so
@
text
@a16 3
20040519:       p7	FreeBSD-SA-04:10.cvs
	Correct a heap overflow in cvs's pserver protocol parser.

@


1.282.2.16
log
@Bump patch level and document the change.

Approved by:	so
@
text
@a16 8
20040526:	p8	FreeBSD-SA-04:11.msync
	Fix a bug in msync(2) which could cause it to discard dirty
	pages.

	NOTE: In some cases involving NFS, the incorrect behaviour may
	actually be preferrable.  Setting the vm.old_msync sysctl
	variable to 1 will revert msync(2) to its old behaviour.

@


1.282.2.17
log
@FreeBSD-SA-04:13.linux:
MFC revision 1.116 of sys/compat/linux/linux_ioctl.c
Bump newvers.sh and document in UPDATING.

Approved by:	so (des)
@
text
@a16 4
20040630:	p9	FreeBSD-SA-04.13.linux
	Correct an input validation error in the linux binary
	compatibility code.

@


1.282.2.18
log
@Correct several vulnerabilities in CVS 1.11.5 (CAN-2004-0414,
CAN-2004-0416, CAN-2004-0417, CAN-2004-0418, CAN-2004-0778 and
others).

Approved by:	so
@
text
@d17 1
a17 5
20040919:	p10	FreeBSD-SA-04:14.cvs
	Correct several vulnerabilities in CVS (CAN-2004-0414,
	CAN-2004-0416, CAN-2004-0417, CAN-2004-0418, CAN-2004-0778).

20040630:	p9	FreeBSD-SA-04:13.linux
@


1.282.2.19
log
@MFC 1.429: Disallow negative coordinates and sizes in the syscons
CONS_SCRSHOT ioctl.

Approved by:	so
@
text
@a16 3
20041003:	p11	FreeBSD-SA-04:15.syscons
	Correct a kernel memory disclosure vulnerability in syscons(4).

@


1.282.2.20
log
@FreeBSD-SA-04:16.fetch:
MFC revision 1.75 of src/usr.bin/fetch/fetch.c
Bump newvers.sh and document in UPDATING.

Approved by:	so
@
text
@a16 4
20041118:	p12	FreeBSD-SA-04:16.fetch
	Correct a buffer overflow in fetch(1) which could allow a
	mallicious server to execute arbitrary code on the client.

@


1.282.2.21
log
@FreeBSD-SA-04:17.procfs:
MFC revision 1.54 of src/sys/fs/procfs/procfs_status.c
MFC revision 1.86 of src/sys/compat/linprocfs/linprocfs.c

Approved by:	so (nectar)
@
text
@a16 5
20041201:	p13	FreeBSD-SA-04:17.procfs
	Fix a tainted pointer dereference in procfs(5) and linprocfs(5)
	which could allow a local attacker to panic a system and/or read
	from kernel memory.

@


1.282.2.22
log
@Mention FreeBSD-SA-05:03.amd64, bump patchlevel.

Approved by:  so (cperciva)
@
text
@a16 3
20050406:	p14	FreeBSD-SA-05:03.amd64
	Correctly initialize the I/O permission bitmap on amd64.

@


1.281
log
@Add the most vital piece of information WRT upgrading past the
statfs changes: you must have COMPAT_FREEBSD4 in your kernel
config file. Everything else is documented procedure and will
not save your ass if you don't have the option.
@
text
@d23 4
a26 4
	sizes. You should build and boot a new kernel BEFORE doing a
	`make world' as the new kernel will know about binaries using
	the old statfs structure, but an old kernel will not know
	about the new system calls that support the new statfs
@


1.280
log
@Note to update cfsd (ports/security/cfs) after installing the
statfs changes.

Submitted by:   Marco Wertejuk <wertejuk@@mwcis.com>
@
text
@d27 11
a37 5
	structure.  Running an old kernel after a `make world' will
	cause programs such as `df' that do a statfs system call to
	fail with a bad system call. Marco Wertejuk <wertejuk@@mwcis.com>
	also reports that cfsd (ports/security/cfs) needs to be
	recompiled after these changes are installed.
@


1.279
log
@Warn that you won't be able to build a kernel if you do an installworld
@
text
@d29 3
a31 1
	fail with a bad system call.
@


1.278
log
@Add an entry about the changes in the statfs structure that require
kernel and user land applications doing statfs to be in sync.

Requested by:	Johan Karlsson <johan@@FreeBSD.org>
@
text
@d21 16
a36 8
	The statfs structure has been updated with 64-bit fields to allow
	accurate reporting of multi-terabyte filesystem sizes. You should
	build and boot a new kernel BEFORE doing a `make world' as the new
	kernel will know about binaries using the old statfs structure,
	but an old kernel will not know about the new system calls that
	support the new statfs structure. Running an old kernel after a 
	`make world' will cause programs such as `df' that do a statfs
	system call to fail with a bad system call.
@


1.277
log
@Add an entry about the changes in netgraph that require kernel and
user land netgraph stuff to be in sync.

Reviewed by:	imp
@
text
@d21 15
a35 5
 	Some netgraph string length constants have been changed. This
 	change requires the netgraph kernel modules and all netgraph
 	userland components to be in sync. Especially users who require
 	netgraph to boot need to make sure to have world and kernel in
 	sync before rebooting.
d39 1
a39 1
        'device apic'.  The ACPI module has also been temporarily
@


1.276
log
@Correct a typo; two permutations of ACPI are plenty already.
@
text
@d20 7
@


1.275
log
@Add an entry dealing with the change from 'options APIC_IO' to
'device acpi' as well as the temporary disablement of the ACPI kernel
module.
@
text
@d23 1
a23 1
	disabled, so APCI must be statically compiled into your
@


1.274
log
@Use tabs not spaces.

Pointed out by:	Xin LI <delphij at frontfree dot net>
@
text
@d20 6
@


1.273
log
@Replace the if_name and if_unit members of struct ifnet with new members
if_xname, if_dname, and if_dunit. if_xname is the name of the interface
and if_dname/unit are the driver name and instance.

This change paves the way for interface renaming and enhanced pseudo
device creation and configuration symantics.

Approved By:	re (in principle)
Reviewed By:	njl, imp
Tested On:	i386, amd64, sparc64
Obtained From:	NetBSD (if_xname)
@
text
@d21 6
a26 6
        The API and ABI of struct ifnet have been changed by removing
        the if_name and if_unit members and replacing them with
        if_xname, if_dname, and if_dunit.  All network drivers and most
        userland programs which include net/if_var.h must be updated
        and recompiled.  __FreeBSD_version has been bumped to 501113 to
        reflect this change.
@


1.272
log
@s/5.0-CURRENT/FreeBSD 5.x/
@
text
@d20 8
@


1.271
log
@Fixed the "To build a kernel" section to mention -DALWAYS_CHECK_MAKE
as the new sys/conf/kmod.mk depends on a make(1) bugfix now.

Reported by:	current
@
text
@d7 2
a8 2
NOTE TO PEOPLE WHO THINK THAT 5.0-CURRENT IS SLOW:
	FreeBSD 5.0-CURRENT has many debugging features turned on, in
@


1.270
log
@Note change to cdevsw open/close default change.
@
text
@d1202 2
a1203 2
	make buildkernel KERNCONF=YOUR_KERNEL_HERE
	make installkernel KERNCONF=YOUR_KERNEL_HERE
@


1.269
log
@Add a note about kiconv(3).
@
text
@d20 5
@


1.268
log
@note PFIL_HOOKS must be explicitly configured when using IPFILTER
@
text
@d20 4
@


1.267
log
@Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.

Approved by:	jake (mentor)
Reported by:	Apple Product Security <product-security@@apple.com>
@
text
@d20 7
@


1.266
log
@Note the addition of `-C 60' to inetd_flags in etc/defaults/rc.conf.
@
text
@d20 6
@


1.265
log
@Remove deprecated files no longer neccesary as part of rc.d. Include
a note in UPDATING about removing them from current installations.
@
text
@d20 6
@


1.264
log
@Fix the former commit as cvs screwed it up somehow
@
text
@d20 11
@


1.263
log
@Add comment about ATAng.
@
text
@d23 2
a24 1
	If you use ATA SW raids you need "device ataraid" in your 			kernel config file, as it is no longer pulled in automatically.
@


1.262
log
@Fix accidental line deletion.
@
text
@d20 5
@


1.261
log
@Document the OFW_NEWPCI commit to sparc64 generic.
@
text
@d18 1
@


1.260
log
@Note da(4) quirks being deprecated and the procedure for re-enabling them.
@
text
@d18 6
a23 1
	to maximize performance.
@


1.259
log
@note rescue issues and fpu emulation removal
@
text
@d20 7
@


1.258
log
@Correct a spelling error.
@
text
@d20 12
@


1.257
log
@Delete the panic part of 20030711, it has been fixed
@
text
@d22 1
a22 1
	accross this point.  Further, it might be a good idea to remove
@


1.256
log
@gcc3.3: add dire warnings.
@
text
@d23 1
a23 1
	/usr/obj.  Finally, i386 kernels are currently panicing on boot.
@


1.255
log
@Add a retrospective entry about how having installed a broken sed(1)
can cause build failures.

Triggered by: too many questions on the -current
@
text
@d20 5
@


1.254
log
@Fix date, appearantly everybody else got done with May before I did.
@
text
@d20 18
@


1.253
log
@Add entry for removing deprecated locale names

Approved by:    imp
@
text
@d25 1
a25 1
20030509:
@


1.252
log
@GEOMification of CCD.

You need your kernel and ccdconfig(8) to be in sync, particularly if your
source tree is on a ccd device.
@
text
@d20 5
@


1.251
log
@Announce the Kerberos5 changes.

Prodded by:	imp
@
text
@d20 8
@


1.251.2.1
log
@Update UPDATING for 5.1
@
text
@d1 1
a1 1
Updating Information for FreeBSD 5.1 users
d7 12
a18 3

20030603:
	FreeBSD 5.1
@


1.251.2.2
log
@MFC sys_process.c 1.113, spigot.c 1.60:
Add or correct range checking of signal numbers in system calls and
ioctls.

MFC kern_sig.c 1.257:
panic() if we try to handle an out-of-range signal number in psignal()/
tdsignal().
@
text
@a6 11
This is for the 5.1 release branch.  All entries since 5.0 are an
itemized list of commits to this branch, numbered from the beginning.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.

20030810:	p1	FreeBSD-SA-03:09.signal
	Repair range-checking errors in signal handling.
@


1.251.2.3
log
@MFC 1.24: Validate the iBCS2 statfs(2) length parameter.
@
text
@a15 3
20030810:	p2	FreeBSD-SA-03:10.iBCS2
	iBCS2 system call translator for statfs leaked information.

@


1.251.2.4
log
@MFC buffer.c 1.1.1.7: Do not record expanded size before attempting to
reallocate associated memory.
@
text
@a15 3
20030916:	p3	FreeBSD-SA-03:12.openssh
	OpenSSH oversized packet buffer handling corrected.

@


1.251.2.5
log
@MFC buffer.c 1.2, channels.c 1.16, deattack.c 1.1.1.6, misc.c 1.1.1.5,
    session.c 1.41, ssh-agent.c 1.19:
Correct more cases of allocation size bookkeeping errors.
@
text
@a15 3
20030916:	p4	FreeBSD-SA-03:12.openssh
	Follow-up fixes for OpenSSH oversized packet buffer handling.

@


1.251.2.6
log
@MFC: sendmail address parsing bug fix

Approved by:	so (nectar)
@
text
@a15 3
20030917:	p5	FreeBSD-SA-03:13.sendmail
	Fix another address parsing buffer overflow.

@


1.251.2.7
log
@Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.

Approved by:	security-officer, jake (mentor)
Reported by:	Apple Product Security <product-security@@apple.com>
@
text
@a15 5
20030917:	p6	FreeBSD-SA-03:14.arp
	Fix a bug in arplookup(), whereby a hostile party on a locally
	attached network could exhaust kernel memory, and cause a system
	panic, by sending a flood of spoofed ARP requests.

@


1.251.2.8
log
@Correct the date for the latest note.
@
text
@d16 1
a16 1
20030923:	p6	FreeBSD-SA-03:14.arp
@


1.251.2.9
log
@Update patch level
@
text
@a15 3
20030924:	p7	FreeBSD-SA-03:15.openssh
	Fix PAM-related bugs in OpenSSH's challenge/response code.

@


1.251.2.10
log
@Bump patch level for updated arplookup fix.
@
text
@a15 3
20030924:	p8	FreeBSD-SA-03:14.arp
	Updated fix for arplookup bug.

@


1.251.2.11
log
@MFC procfs_dbregs.c 1.23, procfs_fpregs.c 1.29, procfs_regs.c 1.28,
    pseudofs_vnops.c 1.42, kern_subr.c 1.77, uio.h 1.28:
Correct several integer underflows/overflows in procfs and linprocfs.
@
text
@a15 3
20031003:	p9	FreeBSD-SA-03:17.procfs
	Correct integer underflows/overflows in procfs(5) and linprocfs(5).

@


1.251.2.12
log
@Correct vulnerabilities in OpenSSL ASN.1 parsing.

Obtained from:	openssl.org CVS
@
text
@a15 3
20031003:	p10	FreeBSD-SA-03:18.openssl
	Corrected vulnerabilities in OpenSSL ASN.1 parsing.

@


1.251.2.13
log
@Correct a remote denial-of-service attack in named(8).
@
text
@a15 3
20031126:	p11	FreeBSD-SA-03:19.bind
	Corrected remote denial-of-service vulnerability in named(8).

@


1.251.2.14
log
@Update for the mksnap_ffs(8) issue.

Approved by:	so
@
text
@a15 3
20040127:	p12	FreeBSD-SA-04:01.mksnap_ffs
	Fixed mksnap_ffs to preserve existing file system flags.

@


1.251.2.15
log
@MFC sysv_shm.c 1.90: Correct a reference counting bug in shmat(2).
@
text
@a15 3
20040205:	p13	FreeBSD-SA-04:02.shmat
	Correct a reference counting bug in shmat(2).

@


1.251.2.16
log
@MFC kern_jail.c 1.40: Rework jail_attach(2) so that an already jailed
process cannot hop to another jail.
@
text
@a15 4
20040225:	p14	FreeBSD-SA-04:03.jail
	Correct a bug in jail_attach(2) which could allow jailed
	`superusers' to access files in another jail.

@


1.251.2.17
log
@MFC in part tcp_input.c 1.228, tcp_subr.c 1.182, tcp_var.h 1.98:
Limit TCP segment reassembly queue size.

Approved by:	security-officer
@
text
@a15 3
20040315:	p15	FreeBSD-SA-04:04.tcp
	Limit TCP segment reassembly queue size.

@


1.251.2.18
log
@MFC s3_pkt.c 1.1.1.9:
Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079).
@
text
@a15 3
20040317:	p16	FreeBSD-SA-04:05.openssl
	Correct a denial-of-service vulnerability in OpenSSL.

@


1.251.2.19
log
@Bump and document patch level.

Approved by:	so
@
text
@a15 3
20040519:       p17	FreeBSD-SA-04:10.cvs
	Correct a heap overflow in cvs's pserver protocol parser.

@


1.251.2.20
log
@FreeBSD-SA-04:16.fetch:
MFC revision 1.75 of src/usr.bin/fetch/fetch.c
Bump newvers.sh and document in UPDATING.

Approved by:	so
@
text
@a15 4
20041118:	p18	FreeBSD-SA-04:16.fetch
	Correct a buffer overflow in fetch(1) which could allow a
	mallicious server to execute arbitrary code on the client.

@


1.250
log
@Document a workaround for getting past the groff infinite loop problem
when your userland is older tahn your kernel and Makefile.inc1 therefore
thinks that you don't need to rebuild groff, when in fact you do.  This
workaround is to set OSRELDATE to 500110 before building, but only if you
have a new enough Makefile.inc1.

I've confirmed this on my laptop, which was suffering from this problem.
Since it only hits power users, we'll naively assume that such users are
smart enough to read UPDATING.
@
text
@d20 5
@


1.249
log
@Per previous announcement, remove the old version of the rc system.

All functionality from the previous system has been preserved, and
users should still customize their system boot with the familiar
methods, rc.conf, rc.conf.local, rc.firewall, sysctl.conf, etc.

Users who have customized versions of scripts that have been removed
should take great care when upgrading, since the compatibility code
that used those old scripts has also been removed.
@
text
@d20 6
a32 1

@


1.248
log
@Add a warning about the impending demise of rcOG.
@
text
@d20 8
a27 5
20030427:
	The old rc system will soon be going away.  If you have specified
	rc_ng="NO" in your /etc/rc.conf[.local] you should remove it and
	test with the new rc system.  Please report any problems to
	freebsd-rc@@yahoogroups.com, and/or freebsd-current@@freebsd.org.
@


1.247
log
@Alphas with libc.so between 2003/03/12 and 2003/03/29 cannot be
upgraded cleanly.  Document the reason and possible workarounds.

Requested by:	gallatin
@
text
@d20 6
@


1.246
log
@Add warning about a potential hang on boot at devd after 20030507 if
you have an old kernel and a new userland.  I've just committed a fix
for devd to work around the kernel bug, but that goes away on May 7th.
@
text
@d30 15
@


1.245
log
@Correct a doubled 'with'.
@
text
@d20 10
@


1.244
log
@Mention that 20021024 entry doesn't affect disks formatted in
dangerously-dedicated mode.
@
text
@d65 1
a65 1
	compatible with with suns TIRPC and also with NetBSD. You need
@


1.243
log
@Acutally document how to make a LINT kernel config, besides telling all it
is gone.
@
text
@d82 8
a89 6
	Old, compatibility slices have been removed in GEOM kernels.  This
	means that you will have to update your /etc/fstab to not use
	disk devices of the form /dev/ad0a.  Instead, you now must
	specify /dev/ad0s1a, or whatever slice your FreeBSD partition
	really is on.  The old device names have gone away, so if you
	use them anywhere else, you must also adjust those uses.
@


1.242
log
@Correct assorted typos and grammos. No content changes.
@
text
@d919 2
a920 1
	isn't buildable.  However, you can generate a LINT file.
@


1.241
log
@Notify IPv6 users of important change in sendmail 8.12.7
@
text
@d29 1
a29 1
	This makes all references to MAKEDEV obsolete, and the should
d39 1
a39 1
	The in cvs config files have been updated to use the old scheduler
d414 1
a414 1
	hints.c file, wheather you want it to or not.
d450 1
a450 1
	Minor repo damange has happened.  This may cause problems
d516 1
a516 1
	and ATA_ENABEL_TAGS are no longer kernel options.  They have
d581 1
a581 1
	The kerrnel option I386_CPU is now mutually exclusive with the
d607 1
a607 1
	libscrypt/libdescrypt symlink sillyness is gone and the installed
d1113 1
a1113 1
	# to back out of problems with this proceedure.  If /tmp is on
@


1.240
log
@Add a section describing installing -current onto a dedicated partition
from a 4-stable build environment.

Reviewed by:		imp
@
text
@d20 8
a27 1
20030128
@


1.239
log
@20030128
	NODEVFS option has been removed and DEVFS thereby made standard.
	This makes all references to MAKEDEV obsolete, and the should
	be removed when convenient.
@
text
@d1074 28
a1101 2
	To upgrade from 4.x-stable to current
	-------------------------------------
@


1.238
log
@hint.acpi.0.disable -> hint.acpi.0.disabled

Submitted by:   Vitaly Markitantov <vm@@dics.com.ua>
@
text
@d20 5
@


1.237
log
@Add a note about the ofwcons device name change.
@
text
@d297 1
a297 1
		hint.acpi.0.disable="1"
@


1.236
log
@ - Add an entry about the new scheduler options.
@
text
@d20 4
@


1.235
log
@More wi info: adhoc means have reverted.
@
text
@d20 8
@


1.234
log
@wi now needs wlan.
@
text
@d25 5
@


1.233
log
@Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
especially in troff files.
@
text
@d20 5
@


1.232
log
@Add a word, lost in previos commit.
@
text
@d33 1
a33 1
	with a outdated /etc/netconfig for some time, but you'll get
d270 1
a270 1
	(eg, you can build pc98 on a i386 machine and vice versa).
@


1.231
log
@Add note about GCC -fno-pcc-struct-return being default again. The
breakage window was about 18 days long.

Submitted by:	juli
Approved by:	re (rwatson)
@
text
@d27 1
@


1.230
log
@Change the name for the local unix-socket based protocol
from "unix" back to "local".  Add some compat stuff so both
ways work for some time.

Reviewed by:    phk
Approved by:    imp (UPDATING)
Requested by:   iedowse, lukem@@netbsd.org
@
text
@d20 8
@


1.229
log
@Add an entry for sparc64 users to warn them about potential problems
with kernels & modules that are not in sync, after the latest upgrade
of binutils.

Reviewed by:	tmm
Approved by:	re (rwatson)
@
text
@d20 7
@


1.229.2.1
log
@MFC: Change the name for the local unix-socket based protocol
from "unix" back to "local".  Add some compat stuff so both
ways work for some time.

Reviewed by:	phk
Approved by:	Re (rwatson)
@
text
@a19 7
20021216:
	A name change in /etc/netconfig has been reverted to stay
	compatible with with suns TIRPC and also with NetBSD. You need
	to run mergemaster after make world. A new libc does still work
	with a outdated /etc/netconfig for some time, but you'll get
	a warning. This warning will be removed in 20030301.

@


1.229.2.2
log
@MFC: a note about GCC ABI breakage.

Submitted by:	juli
Approved by:	re (rwatson)
@
text
@a19 9
20021222:
        For a period after the GCC 3.2.1 import (from 12/04 to 12/22), GCC
        used an incompatible form of ABI for returning structures and unions
        which FreeBSD's GCC maintainers were not aware of relative to previous
        versions of FreeBSD.  We have gone back to the ABI for now, and any
        code compiled which is required to interoperate with other code (not
        built at the same time) returning structs or unions should be
	rebuilt.

@


1.229.2.3
log
@Note 5.0-RELEASE

Approved by:	re (blanket)
@
text
@d1 1
a1 1
Updating Information for FreeBSD 5.0 users
d7 12
a18 2
20030117:
	FreeBSD 5.0-RELEASE
@


1.229.2.4
log
@-- Emphasize on the first line that this is a security branch (and which
   branch specifically).
-- Update imp's copyright to 2003.
-- Add some boiler-plate text for security branches that was missing.
@
text
@d1 1
a1 1
Updating Information for FreeBSD 5.0 Security Branch (RELENG_5_0) users.
a6 13
A reverse chronology since 5.0 was released is included, followed by
the common items quick how-tos, followed by entries for versions of
-current prior to 5.0 Release.

This is for the 5.0 release branch.  All entries since 5.0 are an
itemized list of commits to this branch, numbered from the beginning.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.

d1140 1
a1140 1
Copyright 1998-2003 M. Warner Losh.  All Rights Reserved.
@


1.229.2.5
log
@Correct a double-free bug and disable a dangerous feature in
cvs.

See <URL:http://online.securityfocus.com/archive/1/72584>,
<URL:http://security.e-matters.de/advisories/012003.html>,
and the soon-to-be-released FreeBSD-SA-03:01.cvs for details.
@
text
@a19 4
20030204:	p1	FreeBSD-SA-03:01.cvs
	Correct a double-free bug and disable a dangerous feature in
	cvs.

@


1.229.2.6
log
@Document a fix in xe(4) (src/sys/dev/xe/if_xe.c revision 1.32.2.1)
which was slipped in accidently.  (This is not a security fix.)
@
text
@a23 4
20030129:
	Correct a bug where the xe(4) driver would discard a full-sized
	(1500-byte) Ethernet frame.

@


1.229.2.7
log
@Update to OpenSSL 0.9.6i.
@
text
@a19 4
20030220:	p2	FreeBSD-SA-03:02.openssl
	Update to OpenSSL 0.9.6i in order to correct `Timing-based
	attacks on SSL/TLS with CBC encryption' vulnerability.

@


1.229.2.8
log
@MFC tcp_syncache.c 1.38: Improve security and performance of syncookies.
@
text
@a19 3
20030223:	p3	FreeBSD-SA-03:03.syncookies
	Make brute force attacks on syncookies much more difficult.

@


1.229.2.9
log
@FreeBSD-SA-03:04.sendmail: sendmail header parsing buffer overflow

Approved by:	security-officer (nectar)
@
text
@a19 3
20030303:	p4	FreeBSD-SA-03:04.sendmail
	sendmail header parsing buffer overflow, ident parsing bug.

@


1.229.2.10
log
@MFC:
  src/lib/libc/xdr/xdr_mem.c 1.12
  src/include/rpc/xdr.h      1.23

Clean up some signed/unsigned issues in the XDR code.
@
text
@a19 3
20030320:	p5	FreeBSD-SA-03:05.xdr
	integer overflow errors in the Sun XDR library.

@


1.229.2.11
log
@MFC: crypto/openssl/ssl/s3_srvr.c 1.1.1.11
     Import of PKCS #1 security fix.
       http://www.openssl.org/news/secadv_20030319.txt

MFC: crypto/openssl/crypto/rsa/rsa_eay.c 1.11
     crypto/openssl/crypto/rsa/rsa_lib.c  1.9
     Enable RSA blinding by default.
       http://www.openssl.org/news/secadv_20030317.txt
@
text
@a19 4
20030321:	p6	FreeBSD-SA-03:06.openssl
	enable RSA blinding by default
	fix PKCS #1 v1.5 padding vulnerability

@


1.229.2.12
log
@sendmail parsing buffer overflow fix
Advisory number to be filled in later

Approved by:	so (nectar)
@
text
@a19 3
20030329:	p7	FreeBSD-SA-03:??.sendmail
	sendmail address parsing buffer overflow.

@


1.229.2.13
log
@Update FreeBSD Security Advisory Number

Approved by:	so (nectar)
@
text
@d20 1
a20 1
20030329:	p7	FreeBSD-SA-03:07.sendmail
@


1.229.2.14
log
@realpath(3) bug fix:  There was an off-by-one error in computing the
size of the resulting canonical path.
@
text
@a19 3
20030804:	p8	FreeBSD-SA-03:08.realpath
	Correct a single byte buffer overflow in realpath(3).

@


1.229.2.15
log
@MFC sys_process.c 1.113, spigot.c 1.60:
Add or correct range checking of signal numbers in system calls and
ioctls.

MFC kern_sig.c 1.257:
panic() if we try to handle an out-of-range signal number in psignal()/
tdsignal().
@
text
@a19 3
20030810:	p9	FreeBSD-SA-03:09.signal
	Repair range-checking errors in signal handling.

@


1.229.2.16
log
@MFC 1.24: Validate the iBCS2 statfs(2) length parameter.
@
text
@a19 3
20030810:	p10	FreeBSD-SA-03:10.iBCS2
	iBCS2 system call translator for statfs leaked information.

@


1.229.2.17
log
@Apply sendmail.org fix for DNS map processing error.  See
<URL:http://www.sendmail.org/dnsmap1.html> for details.
@
text
@a19 3
20030825:	p11	FreeBSD-SA-03:11.sendmail
	Sendmail DNS map problem corrected.

@


1.229.2.18
log
@MFC buffer.c 1.1.1.7: Do not record expanded size before attempting to
reallocate associated memory.
@
text
@a19 3
20030916:	p12	FreeBSD-SA-03:12.openssh
	OpenSSH oversized packet buffer handling corrected.

@


1.229.2.19
log
@MFC buffer.c 1.2, channels.c 1.16, deattack.c 1.1.1.6, misc.c 1.1.1.5,
    session.c 1.41, ssh-agent.c 1.19:
Correct more cases of allocation size bookkeeping errors.
@
text
@a19 3
20030916:	p13	FreeBSD-SA-03:12.openssh
	Follow-up fixes for OpenSSH oversized packet buffer handling.

@


1.229.2.20
log
@MFC: sendmail address parsing bug fix

Approved by:	so (nectar)
@
text
@a19 3
20030917:	p14	FreeBSD-SA-03:13.sendmail
	Fix another address parsing buffer overflow.

@


1.229.2.21
log
@Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.

Approved by:	security-officer, jake (mentor)
Reported by:	Apple Product Security <product-security@@apple.com>
@
text
@a19 5
20030923:	p15	FreeBSD-SA-03:14.arp
	Fix a bug in arplookup(), whereby a hostile party on a locally
	attached network could exhaust kernel memory, and cause a system
	panic, by sending a flood of spoofed ARP requests.

@


1.229.2.22
log
@Bump patch level for updated arplookup fix.
@
text
@a19 3
20030924:	p16	FreeBSD-SA-03:14.arp
	Updated fix for arplookup bug.

@


1.229.2.23
log
@MFC procfs_dbregs.c 1.23, procfs_fpregs.c 1.29, procfs_regs.c 1.28,
    pseudofs_vnops.c 1.42, kern_subr.c 1.77, uio.h 1.28:
Correct several integer underflows/overflows in procfs and linprocfs.
@
text
@a19 3
20031003:	p17	FreeBSD-SA-03:17.procfs
	Correct integer underflows/overflows in procfs(5) and linprocfs(5).

@


1.229.2.24
log
@Correct vulnerabilities in OpenSSL ASN.1 parsing.

Obtained from:	openssl.org CVS
@
text
@a19 3
20031003:	p18	FreeBSD-SA-03:18.openssl
	Corrected vulnerabilities in OpenSSL ASN.1 parsing.

@


1.229.2.25
log
@Correct a remote denial-of-service attack in named(8).
@
text
@a19 3
20031126:	p19	FreeBSD-SA-03:19.bind
	Corrected remote denial-of-service vulnerability in named(8).

@


1.229.2.26
log
@MFC sysv_shm.c 1.90: Correct a reference counting bug in shmat(2).
@
text
@a19 3
20040205:	p20	FreeBSD-SA-04:02.shmat
	Correct a reference counting bug in shmat(2).

@


1.229.2.27
log
@Bump and document patch level.

Approved by:	so
@
text
@a19 3
20040519:       p21	FreeBSD-SA-04:10.cvs
	Correct a heap overflow in cvs's pserver protocol parser.

@


1.229.2.28
log
@FreeBSD-SA-04:16.fetch:
MFC revision 1.75 of src/usr.bin/fetch/fetch.c
Bump newvers.sh and document in UPDATING.

Approved by:	so
@
text
@a19 4
20041118:	p22	FreeBSD-SA-04:16.fetch
	Correct a buffer overflow in fetch(1) which could allow a
	mallicious server to execute arbitrary code on the client.

@


1.228
log
@OK, you can use the 4.x boot loader and boot blocks to load kernels, but
I'm nervous about recommending it, so note it as a footnote only for now.
@
text
@d20 6
@


1.227
log
@The value of IPPROTO_DIVERT has changed.
@
text
@d1097 7
a1103 9
	[6] 4.x boot blocks can be used to boot a 5.x system, however
	it is difficult to do that at best.  If you are concerned
	about being able to boot 4.x if the reboot to single user
	fails, then you should do something like
		mv /boot /boot-4x
		mkdir /boot
	before this step.  You may be able to then boot the 4.x boot
	blocks if you catch boot2, and enter /boot-4x/loader rather than
	/boot/loader.  However, this step hasn't been torture tested.
@


1.226
log
@Add note: cvs checkout -P needed for fresh tree.
@
text
@d20 5
@


1.225
log
@MACHINE_ARCH is wrong here.  It should be MACHINE

Submitted by: nyan@@ (Yoshihiro-san)
@
text
@d1033 1
a1033 1
	make buildworld
d1114 2
@


1.224
log
@Mention the need to have COMPAT_FREEBSD4 in the kernel you use for the
upgrade.
@
text
@d1035 1
a1035 1
	cp src/sys/${MACHINE_ARCH}/conf/GENERIC.hints /boot/device.hints [2]
@


1.223
log
@Note the scary messages that you see when mounting / and other things
are expected and normal when you've booted a 5.0 kernel with a 4.x
userland.
@
text
@d1034 1
a1034 1
	make buildkernel KERNCONF=YOUR_KERNEL_HERE
d1108 5
@


1.222
log
@State the stupidly obvious:
	If /tmp is on /, then blowing away its contents, as appropriate,
	may get you enough space to do the installworld.
@
text
@d1074 3
@


1.221
log
@Note: 5.0 requires more space.  If you don't have 30MB free on /, then
you are going to get hurt badly if you try to do an update from
sources.  Make a note of this.  While 'experts' could install it in
less space, I think 30MB is a good number.
@
text
@d1007 1
d1026 6
a1031 1
	# to back out of problems with this proceedure.
@


1.220
log
@A simple make world is too dangerous for most upgrades.  Instead, copy
the updating from stable section, and remove the kludge-o-rounds that
are in there.

Sometimes make world is safe, sometimes not.  Let's document the safe
way to deal.
@
text
@d1021 5
@


1.219
log
@Note GEOM removal of the compatibility slice, and what you, the
upgrader needs to do about it.

Also, greatly expand the the upgrading from -stable part of this file.
It appears that you need new boot blocks to ensure that the right
kernel is booted single user.
@
text
@d1004 14
a1017 2
	make world
	Build a new kernel, see above.
@


1.218
log
@Document the (alpha only) "out of memory" and "PT_LOAD: too few segments"
problems with the new groff and mention possible workarounds for people
buildworlding to current.

Reviewed by: ru (a slighly older version)
@
text
@d20 7
a26 4
	In addition, IDE write caching is currently disabled by default
	due to on-going concerns about disk write order and file system
	integrity.  Re-enabling write caching can substantially improve
	performance.
d1009 1
d1014 4
a1017 2
	reboot in single user [3]
	mergemaster -p		[5]
d1020 1
a1020 2
	mergemaster		[4]
	[1]
d1065 17
@


1.217
log
@gcc 3.2
rm -rf /usr/include/g++ needed to upgrade from 4.6
@
text
@d25 14
@


1.216
log
@Mention new termcap and TERM=xterm-color -> xterm issue.
@
text
@d25 8
d998 1
@


1.215
log
@Document the effect of contrib/gcc/c-lex.c,v 1.2 commit.
@
text
@d25 6
@


1.214
log
@Ignore -C, -p, and -S options of install(1) when used with the -d
option.  Warn about COPY being phased out.  Restore the old method
of always comparing before installing: INSTALL="install -C".

Requested by:	bde
@
text
@d25 5
@


1.213
log
@Approved by:	imp@@freebsd.org
@
text
@d25 6
@


1.212
log
@Add a note to UPDATING saying that now is a bad time to update due
to some KSE/libc_r interaction.

Submitted by: julian
@
text
@d25 7
@


1.211
log
@Slightly modify the UPDATING text to indicate that -gstabs+ is a gcc
flag to replace -g.  This works around slight obtuseness in the developer.
(me :-).
@
text
@d25 5
@


1.210
log
@Document -gstabs+
@
text
@d34 1
a34 1
	the DWARF2 debugging format.  Thus you must use `-gstabs+' to
@


1.209
log
@Remove comment about NO_WERROR, since it no longer applies.

Pointed out by:	silby
@
text
@d32 6
@


1.208
log
@Add a note that NO_WERROR is a good idea for the time being due to the
compiler upgrade.  People still seem to be tripping over this.
@
text
@a24 8
20020520:
	Due to a compiler upgrade, the set of warnings has changed,
	resulting in new compile failures when -Werror is set
	inappropriately.  While the set of warnings is adjusted and
	fixed, it is recommended that you place "NO_WERROR=yes" on
	the make line for buildworld/buildkernel, or in /etc/make.conf
	if appropriate.

@


1.207
log
@Check that kldxref(8) exists before running it.
@
text
@d25 8
@


1.206
log
@Turn on the set-user-ID bit for k5su if ENABLE_SUID_K5SU is defined.
@
text
@d952 1
a952 1
	make installkernel KERNCONF=YOUR_KERNEL_HERE [6]
a1001 3

	[6] You may get a warning from kldxref.  Ignore it.  It doesn't
	matter.
@


1.205
log
@Note potential cvs update problem in contrib/gcc.
@
text
@d25 6
@


1.204
log
@Use hw.ata.ata_dma instead of hw.atamodes, which doesn't exist in anymore.

Reviewed by:	maxim
@
text
@d25 5
@


1.203
log
@Note change for FreeBSD-SA-02:23.stdio.
@
text
@d864 1
a864 1
		/sbin/sysctl -w hw.atamodes=pio,pio,pio,pio
@


1.202
log
@Warnings about single user and kldxref
@
text
@d25 4
@


1.201
log
@Mention the UCONSOLE kernel option removal.

Prompted by:	sheldonh
@
text
@d937 1
a937 1
	make installkernel KERNCONF=YOUR_KERNEL_HERE
d971 2
d987 3
@


1.200
log
@Do some minor editing of the entires (the date of the smmsp user
wasn't April 4, but Feb 17th).  Update the updating proceedure to use
the new mergemaster -p flag.  Add a footnote telling users how to cope
if their mergemaster doesn't have a -p flag.
@
text
@d34 3
@


1.199
log
@Update to note my dropping the strong lock on this file.

Clarify what my last note about USERCONFIG really means and how to
know if it is fixed.
@
text
@a33 9
20020404:
	Due to the import of sendmail 8.12.2 (see 20020217 entry), a new
	user and group are required in order for sendmail to run as a
	set-group-ID binary.  A 'make installworld' will use the new user
	and group to set the owner and group of /var/spool/clientmqueue
	and will fail if the new user and group do not exist.  The 'smmsp'
	user and group must be merged from src/etc/group and
	src/etc/master.passwd before using 'make installworld'.

d48 12
a69 1

d936 1
d975 7
@


1.198
log
@Note date of USERCONFIG's real death
@
text
@d4 2
a5 3
<imp@@village.org>.  Please send new entries directly to him.  See end
of file for further details.  For commonly done items, please see the
COMMON ITEMS: section later in the file.
d804 4
a807 1
	Indirectly, this also breaks USERCONFIG
a979 3
Please filter your entries through Warner Losh (imp@@village.org) so
that the style, formatting, etc of this file can be maintained.

d982 1
a982 1
Copyright 1998, 2001 M. Warner Losh.  All Rights Reserved.
d986 1
a986 1
document are permitted.
@


1.197
log
@Add two items that have come up in the mailing lists regarding the
sendmail import.

Approved by:	imp
@
text
@d805 2
@


1.196
log
@Note comment about DP-1
@
text
@d26 18
@


1.195
log
@PLASTER A WARNING THAT TELLS PEOPLE THAT CURRENT HAS DEBUGGING FEATURES
TURNED ON.

Submitted by: rwatson

Suggest -DNO_WERROR unless you are a developer when building a kernel.

Submitted by: mike
@
text
@d26 3
@


1.194
log
@Add notes about sendmail update from gshapiro.
@
text
@d8 22
@


1.193
log
@Add info about sppp and fd changes in December to current.

Submitted by: joerg
@
text
@d8 7
@


1.192
log
@Add note about openssh 2.9 changing some defaults

Submitted by: Thomas.Quinot@@Cuivre.FR.EU.ORG
PR: 28724
@
text
@d24 23
@


1.191
log
@Add only once to the tip workaround.

Submitted by: ru
@
text
@d263 4
d686 1
a686 1
	-CURRENT FROM THIS POINT FORWARD for cryptographic services
@


1.190
log
@Add some verbage about make environment poisoning.

Submitted by: sheldonh
Ignored for two months by: imp
@
text
@d54 1
a54 1
	after this date.
@


1.189
log
@Add info about the /etc/pam.conf -> /etc/pam.d stuff.
@
text
@d815 7
@


1.188
log
@Add note about new rc.conf for networkfs.  Fix typos from PR:33499
@
text
@d8 11
@


1.187
log
@add note that truss works again as of dec 09.

Submitted by: des
Ignored by: imp for over two weeks
@
text
@d8 5
d815 1
a815 1
	config KERNEL_NAME_HERE			[1]
a819 2
	
	[1] If in doubt, -r might help here.
d865 1
a865 1
		adjkerntz -i		# if COMS is wall time
@


1.186
log
@Add note about daily security checks moving to periodic(8)
@
text
@d8 4
@


1.185
log
@Add note to 20010924 entry that tells people about the COMPAT4X option
in /etc/make.conf, since sometimes these libraries are updated.

Submitted by: ru
@
text
@d8 7
@


1.184
log
@Add note about __stdoutp to the compat stuff.

Submitted by: ru
@
text
@d80 4
a83 2
	to work.
		cd src/lib/compat/compat4x.i386
d85 1
a85 1
	You will see __stdoutp undefined until you do this.
@


1.183
log
@kernel/burncd in sync!
@
text
@d83 1
@


1.182
log
@Warn about PROCFS stuff.

Submitted by: des
@
text
@d8 4
@


1.181
log
@Note fix for OpenSSH `UseLogin yes' environment issue.
@
text
@d8 9
@


1.180
log
@Add tip breakage workaround.
@
text
@d8 4
@


1.179
log
@Some words about awk and pain
@
text
@d8 4
d15 1
a15 1
	back to "normal." For CURRENT's usual definition of "normal.
@


1.178
log
@The correction entry about asr was too pessimistic based on my poor
understanging of the situation.

Submitted by: scottl
@
text
@d8 9
@


1.177
log
@Add entries about the recent problems with asr.
TARGET replaces MACHINE

Submitted by: ru, jhb
@
text
@d9 1
a9 3
	The asr driver now no longer panics the system on machines that
	do not have the asr hardware.  It is unknown if asr works still
	for the hardware it supports.
@


1.176
log
@Add Soren's burncd warning.
@
text
@d8 18
d865 1
a865 1
$FreeBSD: src/UPDATING,v 1.175 2001/10/01 03:59:13 imp Exp $
@


1.175
log
@Fix the damage caused in the last commit:
	give the correct workaround for compat library problem
	give a better acpi workaround.
Also include note about TARGET_ARCH.

DO NOT COMMIT TO THIS FILE UNLESS YOU ARE IMP.
@
text
@d8 5
d847 1
a847 1
$FreeBSD: src/UPDATING,v 1.174 2001/10/01 03:45:07 alfred Exp $
@


1.174
log
@Tell people why they might want to disable ACPI and how to do it.
Tell people how to fix the 4.x compatibility issue.
@
text
@d8 10
a17 4
20010930:
	ACPI may not interact well with some devices, if devices
	are not probing or attaching you can disable ACPI by 
	adding
d19 6
a24 1
	to your /boot/device.hints
d29 3
a31 3
	to work.  You can do this by adding COMPAT4X=YES to your
	make world command
		make world COMPAT4X=YES
d842 1
a842 1
$FreeBSD: src/UPDATING,v 1.173 2001/09/27 15:43:04 imp Exp $
@


1.173
log
@Add note about buildworld being fixed.
@
text
@d8 7
d18 3
a20 1
	to work.
d831 1
a831 1
$FreeBSD: src/UPDATING,v 1.172 2001/09/23 06:44:07 imp Exp $
@


1.172
log
@While I am THE Warner Losh (I know of no others that share my name and
I've looked), there's no need to refer to myself here as the Warner Losh.

Noticed by: mike
@
text
@d8 5
d822 1
a822 1
$FreeBSD: src/UPDATING,v 1.171 2001/09/23 06:36:41 imp Exp $
@


1.171
log
@Fix grammar of the newest UPDATING entry.  Also, minor rewording of
grant to use this document to be less restrictive than before.  The
document now can be used without restriction.
@
text
@d814 1
a814 1
Contact the Warner Losh if you have any questions about your use of
d817 1
a817 1
$FreeBSD: src/UPDATING,v 1.170 2001/09/21 05:08:00 imp Exp $
@


1.170
log
@Note world breakage and give workaround
@
text
@d12 1
a12 1
	workaround is to do addn
d795 3
a797 3
Redistribution, translation and use, with or without modification, in
full or in part, are permitted provided that the above copyright
notice is retained.
d814 4
a817 1
$FreeBSD: src/UPDATING,v 1.169 2001/08/24 21:43:35 imp Exp $
@


1.169
log
@Use Brian Sommers' named entry
@
text
@d8 27
d814 1
a814 1
$FreeBSD: src/UPDATING,v 1.168 2001/08/23 15:39:13 imp Exp $
@


1.168
log
@Fix typo in repo damage message.

Submitted by: Vadim Ostranitsyn <vadim@@tsu.ru>
@
text
@d8 15
d34 5
a38 5
	The pccard modem issue has been corrected.  OLDCARD support is
	still a little weak in -current.  slot 1 is known not to work
	on some TI based cardbus bridges.  Some cardbus bridges do not
	properly detect insert/removal events.  IRQ configuration needs
	more safety belts.
d787 1
a787 1
$FreeBSD: src/UPDATING,v 1.167 2001/08/22 15:44:19 imp Exp $
@


1.167
log
@Remove some stray text that crept into this verison of the updating
file.  It is for current, not the 4.3 release branch.
@
text
@d89 1
a89 1
	Minor repo damanged has happened.  This may cause problems
d772 1
a772 1
$FreeBSD: src/UPDATING,v 1.166 2001/08/11 02:03:51 imp Exp $
@


1.166
log
@Note: mergemaster stopped being optional a long time ago.  Caution against
doing it by hand (but provide pointers to those wanting to do it by hand).
@
text
@a7 4
This is for the 4.3 release branch.  All entries since 4.3 are an
itemized list of commits to this branch, numbered from the beginning.
By this count, we're at 4.3.0p9

d772 1
a772 1
$FreeBSD: src/UPDATING,v 1.165 2001/08/10 21:32:53 imp Exp $
@


1.165
log
@Typo
@
text
@d705 1
a705 1
	mergemaster
d736 7
d776 1
a776 1
$FreeBSD: src/UPDATING,v 1.164 2001/07/25 22:53:11 imp Exp $
@


1.164
log
@Add, belated, entry for ed driver needing mii
@
text
@d8 4
d151 1
a151 1
	without updates to /etc/hosts.{allow,deny} and /etc/netcofnig.
d769 1
a769 1
$FreeBSD: src/UPDATING,v 1.163 2001/07/17 08:01:25 markm Exp $
@


1.163
log
@Mention problems with PAM upgrade and ports.

OK'ed by:	imp
@
text
@d167 5
d765 1
a765 1
$FreeBSD: src/UPDATING,v 1.162 2001/06/30 06:35:45 imp Exp $
@


1.162
log
@Note move of kernel compile to src/sys/MACHINE/compile/FOO.
@
text
@d8 6
d760 1
a760 1
$FreeBSD: src/UPDATING,v 1.161 2001/06/29 06:00:44 imp Exp $
@


1.161
log
@pccard modem support fixed.

Update hints problems.

Add copyright and copying notice: Do what you want with this file.
@
text
@d8 4
d754 1
a754 1
$FreeBSD: src/UPDATING,v 1.160 2001/06/22 04:50:11 imp Exp $
@


1.160
log
@More updates

# Note, I managed to fat finger some mail commands and lost who submitted some
# of these entries.  If it was you, email me and I'll for a commit to
# give proper credit.
@
text
@d3 11
a13 4
This file is maintained by imp@@village.org.  Please send new entries
directly to him.  See end of file for further details.  For commonly
done items, please see the end of the file.  Search for 'COMMON
ITEMS:'
d16 1
a16 1
	It appears that soft updates are working again.
a23 2
	Two items that have been biting people:

d26 2
a27 2
	config ala the 20010604 entry, or you will have problems (this issue
	will be fixed, it just hasn't been yet).
d29 1
d31 2
a32 1
	use them in current.  Resolution unknown.
d41 4
d727 24
a750 1
$FreeBSD: src/UPDATING,v 1.159 2001/06/13 06:36:28 imp Exp $
@


1.159
log
@Add warning that some people are having problems with pccard modems in
current, reasons unknown.

Add note about softupdates being unstable since the middle of May.
@
text
@d8 8
d27 10
d716 1
a716 1
$FreeBSD: src/UPDATING,v 1.158 2001/06/10 03:09:52 imp Exp $
@


1.158
log
@Provide better advise than the last commit to UPDATING advocated about
running newer pccard software.
@
text
@d8 11
d698 1
a698 1
$FreeBSD: src/UPDATING,v 1.157 2001/06/10 02:59:59 julian Exp $
@


1.157
log
@Add an example of how to do the cryptic change suggested by UPDATING
for pccard IRQs.
@
text
@d12 10
a21 3
	Interrupt storms look a lot like a hang. You do this by using the
	-I and -i options to pccardd via the pccardd_flags entry in
	/etc/rc.conf, e.g. pccardd_flags="-I -i 11"
d687 1
a687 1
$FreeBSD: src/UPDATING,v 1.156 2001/06/04 16:17:06 imp Exp $
@


1.156
log
@Recommend what to do in a single user boot.

PR: 25028
Submitted by: Mark Andrews <marka@@nominum.com>
@
text
@d12 3
a14 1
	Interrupt storms look a lot like a hang.
d680 1
a680 1
$FreeBSD: src/UPDATING,v 1.155 2001/06/04 07:10:19 imp Exp $
@


1.155
log
@Set up us the pccard bomb.
@
text
@d635 1
d661 7
d678 1
a678 1
$FreeBSD: src/UPDATING,v 1.154 2001/05/30 07:07:41 imp Exp $
@


1.154
log
@Note: INSTALL=install -C is no longer supported.  Use COPY=-C instead.
While the old way will continue to work for a while, it will cause
warnings until after 4.4, but before 4.5.
@
text
@d8 6
d670 1
a670 1
$FreeBSD: src/UPDATING,v 1.153 2001/05/29 16:55:34 imp Exp $
@


1.153
log
@Yet another typo
@
text
@d8 10
d664 1
a664 1
$FreeBSD: src/UPDATING,v 1.152 2001/05/29 16:52:18 imp Exp $
@


1.152
log
@Missed this typo too.

Submitted by: Szilveszter Adam <sziszi@@petra.hos.u-szeged.hu>
PR: 26766
@
text
@d88 1
a88 1
	/dev/urandmon should be a symbolic link to /dev/random now.
d654 1
a654 1
$FreeBSD: src/UPDATING,v 1.151 2001/05/29 16:50:23 imp Exp $
@


1.151
log
@Fix typo.

Submitted by: Szilveszter Adam <sziszi@@petra.hos.u-szeged.hu>
PR: 26766
@
text
@d65 1
a65 1
	Please see the cvs commit to fsck.8 or the fsck.8 man page fora
d654 1
a654 1
$FreeBSD: src/UPDATING,v 1.150 2001/05/29 05:32:13 imp Exp $
@


1.150
log
@Alpha is not in good shape at all.

Submitted by: obrien
@
text
@d88 1
a88 1
	/dev/urandmon should be a sumbolic link to /dev/random now.
d654 1
a654 1
$FreeBSD: src/UPDATING,v 1.149 2001/05/29 05:24:08 imp Exp $
@


1.149
log
@Temper my optimism
@
text
@d10 2
a11 1
	there may be other problems, so caution is still urged.
d654 1
a654 1
$FreeBSD: src/UPDATING,v 1.148 2001/05/29 04:26:44 imp Exp $
@


1.148
log
@Looks like -current is safe again, and has been since Friday.
@
text
@d9 2
a10 1
	It appears that vm is now stable enough to use again.
d653 1
a653 1
$FreeBSD: src/UPDATING,v 1.147 2001/05/22 20:41:36 imp Exp $
@


1.147
log
@Mention jakarta-tomcat issues
@
text
@d8 3
d20 1
a20 1
	Swapping is busted on -current.  Please be patient.
d652 1
a652 1
$FreeBSD: src/UPDATING,v 1.146 2001/05/21 16:40:50 imp Exp $
@


1.146
log
@Add note about pccard rototill and swapping breakage.
@
text
@d8 8
d649 1
a649 1
$FreeBSD: src/UPDATING,v 1.145 2001/05/19 06:27:16 imp Exp $
@


1.145
log
@Note ncurses import and ata ioctl changes.
@
text
@d8 8
d641 1
a641 1
$FreeBSD: src/UPDATING,v 1.144 2001/05/16 19:15:32 imp Exp $
@


1.144
log
@Fix type noticed by jasone
@
text
@d8 7
d633 1
a633 1
$FreeBSD: src/UPDATING,v 1.143 2001/05/16 04:34:40 imp Exp $
@


1.143
log
@Note recent windows of breakage.
Note new ata subsystem.
Add additional files for the portmap change.
@
text
@d19 1
a19 1
	The bug in 20010429 was corrected at 07:35:37 PDF.  It is safe to
d626 1
a626 1
$FreeBSD: src/UPDATING,v 1.142 2001/05/14 05:11:31 imp Exp $
@


1.142
log
@DEVFS is opt in not opt out.  Warn about July 1.
@
text
@d12 14
d44 6
a49 1
	without updates to /etc/hosts.{allow,deny}.
d626 1
a626 1
$FreeBSD: src/UPDATING,v 1.141 2001/04/24 04:49:21 imp Exp $
@


1.141
log
@Add warning, and resolution, of the fsck and kernel problem
@
text
@d8 4
d607 1
a607 1
$FreeBSD: src/UPDATING,v 1.140 2001/04/22 05:35:49 imp Exp $
@


1.140
log
@Catch up to the end of march.
o fsck pass changes
o portmap changes
o fxp needs miibus
o wi defaults to BSS mode.
o urandom and random are the same
@
text
@d8 9
d603 1
a603 1
$FreeBSD: src/UPDATING,v 1.139 2001/03/02 00:36:13 imp Exp $
@


1.139
log
@Spell deprecated correctly (dufault)
Suggest mergemaster in the 4.x-stable -> current upgrade (fenner)
correct path to hints file (fenner)

Submitted by: dufault, fenner.
@
text
@d8 24
d594 1
a594 1
$FreeBSD: src/UPDATING,v 1.138 2001/02/28 05:45:16 imp Exp $
@


1.138
log
@It is now safe to go back into the water.
@
text
@d37 1
a37 1
	FFS_ROOT and CD9660_ROOT have been removed or depricated.
d533 1
a533 1
	cp src/sys/${MACHINE_ARCH}/arch/GENERIC.hints /boot/device.hints [2]
d536 1
d570 1
a570 1
$FreeBSD: src/UPDATING,v 1.137 2001/02/12 21:16:37 imp Exp $
@


1.137
log
@Sigh.  Add note about the FILE FIASCO.

Also notes about FFS_ROOT and CD9660_ROOT and DEVFS cautions.

It is not a good time to live in -current.
@
text
@d8 4
d569 1
a569 1
$FreeBSD: src/UPDATING,v 1.136 2001/01/22 08:03:13 imp Exp $
@


1.136
log
@Note change of KERNEL to KERNCONF for building instructions.  Peter
changed this due to the undesirable side effects that putting KERNEL
in /etc/make.conf was having on people's lives.  Also update the
instructions as well.
@
text
@d8 28
d529 1
a529 1
	cp src/sys/${MACHINE_ARCH}/GENERIC.hints /boot/device.hints [2]
d565 1
a565 1
$FreeBSD: src/UPDATING,v 1.135 2001/01/17 17:59:09 imp Exp $
@


1.135
log
@Catchup from my holiday lull:
o libcrypt not a symlink.
o hw.sndunit -> hw.snd.unit
o burncd / kernel changes
o I386_CPU now mutually exclusive with all other CPU types.
@
text
@d8 11
d476 2
a477 2
	make buildkernel KERNEL=YOUR_KERNEL_HERE
	make installkernel KERNEL=YOUR_KERNEL_HERE
d500 1
a500 1
	make buildkernel KERNEL=YOUR_KERNEL_HERE
d502 1
a502 1
	make installkernel KERNEL=YOUR_KERNEL_HERE
d537 1
a537 1
$FreeBSD: src/UPDATING,v 1.134 2001/01/03 05:30:30 imp Exp $
@


1.134
log
@Spell while the more traditional way.

Submitted by: knu

Suggest that maybe rebuilding just libc might also work around this.

Suggested by: rgrimes and phk.
@
text
@d8 12
d33 5
d526 1
a526 1
$FreeBSD: src/UPDATING,v 1.133 2001/01/02 21:28:48 imp Exp $
@


1.133
log
@Note problems with vi core dumping for a comple of days, plus
workaround.
@
text
@d11 1
a11 1
	dump wile building termcap.  You can work around this problem
d17 4
d509 1
a509 1
$FreeBSD: src/UPDATING,v 1.132 2000/12/18 17:25:26 imp Exp $
@


1.132
log
@Add note about ed driver changes impacting the Linksys cards.
@
text
@d8 9
d505 1
a505 1
$FreeBSD: src/UPDATING,v 1.131 2000/12/05 16:38:14 imp Exp $
@


1.131
log
@Add new ssh pam support and pam.conf requirements.
@
text
@d8 6
d496 1
a496 1
$FreeBSD: src/UPDATING,v 1.130 2000/11/16 20:15:12 marko Exp $
@


1.130
log
@Fix a couple of typos

Approved by:	Warner
@
text
@d8 9
d490 1
a490 1
$FreeBSD: src/UPDATING,v 1.129 2000/11/03 07:04:43 imp Exp $
@


1.129
log
@Try to catchup with my UPDATING backlog:
	o cvs 1.11
	o /dev/random
	o sendmail
	o password default change
Please look at these entries and let me know if I've forgotten anything,
or if my understanding doesn't match reality.
@
text
@d40 1
a40 1
	The perl build proceedure no longer installs miniperl, nor uses
d46 1
a46 1
	It will be in an inconsistant state until noted in the UPDATING
d481 1
a481 1
$FreeBSD: src/UPDATING,v 1.128 2000/10/29 15:55:15 nik Exp $
@


1.128
log
@Fix a typo in a date line.  I wouldn't normally ignore MAINTAINER, but the
PR's been assigned to Warner since June.

PR:		docs/18835
Submitted by:	shirota@@mbox.media.nagoya-u.ac.jp
@
text
@d8 27
d51 3
d481 1
a481 1
$FreeBSD: src/UPDATING,v 1.127 2000/10/09 03:56:39 imp Exp $
@


1.127
log
@rm miniperl && cd /usr/ports && cvs update -PAd now recommended
@
text
@d325 1
a325 1
2000427:
d451 1
a451 1
$FreeBSD: src/UPDATING,v 1.126 2000/10/05 23:13:47 imp Exp $
@


1.126
log
@Add upcoming ports layout changes
@
text
@d8 9
d451 1
a451 1
$FreeBSD: src/UPDATING,v 1.125 2000/09/17 21:01:30 imp Exp $
@


1.125
log
@Note about moving kernel names.
@
text
@d8 7
d442 1
a442 1
$FreeBSD: src/UPDATING,v 1.124 2000/09/16 19:27:41 imp Exp $
@


1.124
log
@hint vs hints typo

Submitted by: "Niels Chr. Bank-Pedersen" <ncbp@@bank-pedersen.dk>
@
text
@d8 5
d435 1
a435 1
$FreeBSD: src/UPDATING,v 1.123 2000/09/16 03:08:55 imp Exp $
@


1.123
log
@Add warning about laptops needing pmtimer device for proper suspend/resume
functionality.
@
text
@d14 1
a14 1
		hints.pmtimer.0.at="isa"
d430 1
a430 1
$FreeBSD: src/UPDATING,v 1.122 2000/09/14 06:04:44 imp Exp $
@


1.122
log
@Another Sept 5 change forces a new mountd since the old mountd panics
the kernel, according to Mike Smith.
@
text
@d8 9
d430 1
a430 1
$FreeBSD: src/UPDATING,v 1.121 2000/09/12 19:06:16 markm Exp $
@


1.121
log
@Forgotten in last commit -

OK'ed by:	imp
@
text
@d42 7
d54 2
d421 1
a421 1
$FreeBSD: src/UPDATING,v 1.120 2000/09/12 19:05:11 markm Exp $
@


1.120
log
@The entropy device is no longer an option in the kernel,
it is a (pseudo-)device. Document this for the upgrading
masses.
@
text
@d412 1
a412 1
$FreeBSD: src/UPDATING,v 1.119 2000/09/12 04:37:12 imp Exp $
@


1.119
log
@Fix 1.117 as requested by DES, but in a different way.  Generally
degrumpify it, and add pointer to module problem that I had hit with a
stale Linux module when I upgraded to SMPNG code.
@
text
@d8 12
d412 1
a412 1
$FreeBSD: src/UPDATING,v 1.118 2000/09/11 05:59:00 imp Exp $
@


1.118
log
@Add warning from Sheldon and others about stale modules
Add warning from markm about randomdev vs random change in loader
@
text
@d17 4
a20 6
	doesn't, fallback to the PRE_SMPNG CVS tag.

	Expect problems.  The Linux emulation panics the system on
	boot, and there are other minor and not so minor irritations.
	The thin skinned should switch to 4.x-stable for the next few
	months.
d400 1
a400 1
$FreeBSD: src/UPDATING,v 1.117 2000/09/08 06:41:47 imp Exp $
@


1.117
log
@Add a mild warning for people to expect problems in -current after the
SMPng merge.  Suggest 4.x-stable for a while for those people that are
unable or unwilling to cope with problems.

After 6 hours of use tonight, my gut tells me that we're going to have
lots of problems crop up in the coming weeks.
@
text
@d8 7
d38 13
d402 1
a402 1
$FreeBSD: src/UPDATING,v 1.116 2000/09/07 21:39:59 imp Exp $
@


1.116
log
@Add note about SMPNG commit.
@
text
@d12 5
d382 1
a382 1
$FreeBSD: src/UPDATING,v 1.115 2000/09/07 21:04:39 imp Exp $
@


1.115
log
@Revamp boot message.  Get the path names right.

Submitted by: "Dampure, Pierre Y." <pierre.dampure@@alveley.org>
@
text
@d8 4
d377 1
a377 1
$FreeBSD: src/UPDATING,v 1.114 2000/09/06 23:51:10 marko Exp $
@


1.114
log
@Fix typos

Approved by:	Warner
@
text
@d16 5
a20 4
	This just in.  The boot loader has been updated.  The new
	default kernel is /kernel.ko.  The new default module location
	is /boot/modules.  You *MUST* upgrade your boot loader and
	kernel at the same time.  Film at 11.
d373 1
a373 1
$FreeBSD: src/UPDATING,v 1.113 2000/09/06 18:53:48 imp Exp $
@


1.113
log
@NewBSD nsswitch ported to FreeBSD.

Submitted by: "Jacques A. Vidrine" <n@@nectar.com>
@
text
@d138 1
a138 1
	interrum if needed.
d189 1
a189 1
	Scott Flatman <sf@@aracnet.com> sent in a decent writeup on
d257 1
a257 1
	before you reboot, you'll neeed to issue:
d372 1
a372 1
$FreeBSD: src/UPDATING,v 1.112 2000/09/06 18:02:03 imp Exp $
@


1.112
log
@First cut at new boot loader.
Rip it to shreds so that it is better, please :-)
@
text
@d8 7
d372 1
a372 1
$FreeBSD: src/UPDATING,v 1.111 2000/09/04 21:09:01 imp Exp $
@


1.111
log
@Add a note about /etc/aliases moving /etc/mail/aliases and the problems
that causes in updating.

Submitted by: Robert Watson

[[ NB: marko and I are trying an experiment: he'll try to fix typos
   quickly in UPDATING, while I concentrate on content. ]]
@
text
@d8 6
d365 1
a365 1
$FreeBSD: src/UPDATING,v 1.110 2000/09/04 16:59:32 marko Exp $
@


1.110
log
@Correct minor typos

PR:		21022
Submitted by:	Daniel S. Lewart <d-lewart@@uiuc.edu>
@
text
@d8 10
d359 1
a359 1
$FreeBSD: src/UPDATING,v 1.109 2000/09/04 03:18:01 imp Exp $
@


1.109
log
@Add note about avoiding -j when following the upgrade path.  It isn't
strictly verboten, just a recommendation to avoid problems.
Add note about LINT being built from NOTES.
@
text
@d113 1
a113 1
	won't hurt to remove it before the update proceedure.  It will
d189 1
a189 1
	Peter took an axe to config(8).  Besure that you read his mail
d231 1
a231 1
	acceptible to the binutils maintainers.  You will need to
d246 1
a246 1
	The ISA and PCI compatability shims have been connected to the
d254 1
a254 1
	We've entered the tradtional post release dumping party.
d286 1
a286 1
	a few days old), you should follow this proceedure. With a
d341 1
a341 1
This file contains a list, in reverse chronologocal order, of major
d349 1
a349 1
$FreeBSD: src/UPDATING,v 1.108 2000/08/29 06:35:46 imp Exp $
@


1.108
log
@Expand information about device.hints.  Add information in the
cookbook section about needing to copy GENERIC.hints to
/boot/device.hints, as well as a footnote about exceptions to this
rule.

Partially suggested by: obrien
@
text
@d170 1
a170 1
	isn't buildable.
d274 9
d349 1
a349 1
$FreeBSD: src/UPDATING,v 1.107 2000/08/28 03:54:51 imp Exp $
@


1.107
log
@/boot/device.hints is now required.
@
text
@d10 12
a21 1
	succeed.
d304 1
d326 4
d340 1
a340 1
$FreeBSD: src/UPDATING,v 1.106 2000/08/13 02:19:13 imp Exp $
@


1.106
log
@New suidperl instructions.
@
text
@d8 4
d287 1
d298 5
a302 4
	Make sure that you've read the UPDATING file to understand
	the tweaks to various things you need.  At this point in the
	life cycloe of current, things change often and you are on
	your own to cope.
d324 1
a324 1
$FreeBSD: src/UPDATING,v 1.105 2000/08/12 22:47:21 imp Exp $
@


1.105
log
@Add excellent entry written by gshaprio for his import of Sendmail
8.11.0 into the tree.  Good job Gregory!

Submitted by: Gregory Neil Shapiro <gshapiro@@freebsd.org>
@
text
@d9 8
d318 1
a318 1
$FreeBSD: src/UPDATING,v 1.104 2000/08/10 23:16:32 imp Exp $
@


1.104
log
@Add stuff:
o BUILD_SUIDPERL replaces NOSUIDPERL
o New /etc/rc.conf settings for secure networking may require changes
  to those upgrading.
o nullfs in loader.conf.
@
text
@d8 14
d310 1
a310 1
$FreeBSD: src/UPDATING,v 1.103 2000/08/10 05:14:31 imp Exp $
@


1.103
log
@o Move to recommending the {build,install}kernel targets for updating from
  older versions of FreeBSD.
o Continue to document the old way of doing it with a warning stating if that
  doesn't work, to do the {build,install}kernel thing.
o minor wordsmithing on what a make world really is.
@
text
@d8 21
d296 1
a296 1
$FreeBSD: src/UPDATING,v 1.102 2000/08/10 05:03:49 imp Exp $
@


1.102
log
@Add a reminder note to people to disable third party modules at the
right place in the upgrade proceedure so that they don't get burned by
a crash on reboot.
@
text
@d218 18
a235 6
	Update config, genassym and go:
		config YOUR_KERNEL_HERE			[1]
		cd ../../compile/YOUR_KERNEL_HERE
		make depend && make
		make install
	[1] If upgrading, add -r won't hurt and sometimes helps.
d237 2
a238 2
	To rebuild everything
	---------------------
d275 1
a275 1
$FreeBSD: src/UPDATING,v 1.101 2000/08/06 22:18:39 imp Exp $
@


1.101
log
@Type in FreeBSD capitalization
@
text
@d235 1
d249 4
d263 1
a263 1
$FreeBSD: src/UPDATING,v 1.100 2000/08/06 22:16:34 imp Exp $
@


1.100
log
@Add entry on the installkernel changes as well as more grumpy notes
about needing to be on -current to track -current.  Tweak the 4.0 ->
4.x version stuff.
@
text
@d43 1
a43 1
	FreESBD-current is safe again to run Crypto.
d258 1
a258 1
$FreeBSD: src/UPDATING,v 1.99 2000/07/27 20:49:24 imp Exp $
@


1.99
log
@typos from asmodai, one important for device.hints
@
text
@d8 9
d43 2
d229 1
a229 1
	To upgrade from 4.0-stable to current
d242 6
d258 1
a258 1
$FreeBSD: src/UPDATING,v 1.98 2000/07/19 18:35:05 imp Exp $
@


1.98
log
@alex@@big.endian.de (Alexander Langer) noticed that I point at LINT,
which no longer exists.  Updating the entry accordingly.
@
text
@d35 3
a37 3
	phk made the default options AJ.  This may slow things down
	and uncover other latent bugs in the code.  If you need to run
	at full speed, you can disable this by doing the following:
d122 1
a122 1
	need to create a /boot/devices.hints or add a hints directive
d241 1
a241 1
$FreeBSD: src/UPDATING,v 1.97 2000/07/16 06:00:40 imp Exp $
@


1.97
log
@Take jdp's excellent message to -current about the internat crypto
files and put it in my freebsd web area.  Rewrite the entry in
UPDATING to point to it the message and hopefully not confuse people
like the old one did.
@
text
@d124 2
a125 2
	of the config file has changed as well.  Please see LINT,
	GENERIC or NEWCARD for examples of the new format.
d241 1
a241 1
$FreeBSD: src/UPDATING,v 1.96 2000/07/13 05:35:31 imp Exp $
@


1.96
log
@Two entries:
	o Mark M has updated the random device to harvest entropy.  Put
	  instructions to tell people how to cope.
	o add entry about phk's malloc changes.
@
text
@d8 17
d241 1
a241 1
$FreeBSD: src/UPDATING,v 1.95 2000/07/07 05:17:49 imp Exp $
@


1.95
log
@Add warning about needing to set SYSDIR to build new kernels after
July 4th due to the new sys/modules/sound/drivers/* being added to the
tree.  You will need to do this until you do a make installworld with
my bsd.kmod.mk change.
@
text
@d8 15
d224 1
a224 1
$FreeBSD: src/UPDATING,v 1.94 2000/07/06 23:04:55 imp Exp $
@


1.94
log
@Add information on libftpio version backoff.  Also mention the crypto
collection changes.
@
text
@d23 4
d209 1
a209 1
$FreeBSD: src/UPDATING,v 1.93 2000/07/06 22:51:16 imp Exp $
@


1.93
log
@o rc.d now use start/stop, and some scripts may produce warnings.
o NOTES replaces LINT.  Make a note of it in an older entry.
@
text
@d8 14
d205 1
a205 1
$FreeBSD: src/UPDATING,v 1.92 2000/06/30 17:19:07 imp Exp $
@


1.92
log
@Note des' libfetch/fetch changes.
Clarify requirements for dev random, et al, from markm's commit.

Initial diffs for the latter by: archie
@
text
@d8 5
d50 2
d191 1
a191 1
$FreeBSD: src/UPDATING,v 1.91 2000/06/29 00:34:54 imp Exp $
@


1.91
log
@Added a dire sounding note about how crypto is required to build the
system.  Well, not really required if you know what you are doing, but
there's enough people that don't fit into this class that are getting
burned now that we need to say it is required.  The actual message
says that one should treat it as if it was required to try to be
weasilly for the nitpickers amoung us :-)Killed by signal 2.
@
text
@d8 5
d15 6
a20 4
	system installed in order to build the system and kernel.  While
	not technically strictly true, one should treat it as true and
	grab the crypto bits.  If you are grabbing CVS trees, src-all
	and cvs-crypto should be treated as if they were required.
d31 5
d184 1
a184 1
$FreeBSD: src/UPDATING,v 1.90 2000/06/26 05:54:02 imp Exp $
@


1.90
log
@Add warning about /dev/random disconnecting entropy for a few days while
the code is reworked.
@
text
@d8 7
d172 1
a172 1
$FreeBSD: src/UPDATING,v 1.89 2000/06/25 08:26:38 imp Exp $
@


1.89
log
@Add softupdate change info.
@
text
@d8 9
a50 3
	More details to follow.  A better howto would be warmly
	accepted by the author of UPDATING.

d165 1
a165 1
$FreeBSD: src/UPDATING,v 1.88 2000/06/22 07:28:44 dbaker Exp $
@


1.88
log
@Fix typo in the config file update procedure URL and typo in preceding
sentence.
@
text
@d8 5
d159 1
a159 1
$FreeBSD: src/UPDATING,v 1.87 2000/06/22 02:23:52 imp Exp $
@


1.87
log
@bde says we don't need to note in passing the locore stuff.
Scott Flatman <sf@@arcanet.com> sent in a step by step buide to updating
the config file.  since he was first, he gets his name in lights :-)
@
text
@d10 2
a11 2
	the config file update proceedure.
		http://people.freebsd.org/~imp/config-upd.hmtl
d154 1
a154 1
$FreeBSD: src/UPDATING,v 1.86 2000/06/21 07:09:22 imp Exp $
@


1.86
log
@Missed one:

Per grog's suggestion, mention bde's symbol change to the kernel.  It
likely isn't a big deal, but should be noted in passing.
@
text
@d8 5
a39 5
20000606:
	Kernel debug symbols now occupy core space on the intel port.
	This may change the amount of available memory after booting
	newer kernels.

d154 1
a154 1
$FreeBSD: src/UPDATING,v 1.85 2000/06/21 07:06:38 imp Exp $
@


1.85
log
@I felt guilty:
	o add note about binutils 2.10 fixing the problems noted on 20000522.
	o Add some very brief text to the '612 entry on the config changes.
	  A better howto would be warmly added to the file.
@
text
@d35 5
d154 1
a154 1
$FreeBSD: src/UPDATING,v 1.84 2000/06/21 07:01:33 imp Exp $
@


1.84
log
@Forgot about the bootblocks.
@
text
@d8 5
d26 8
a33 2
	on the topic before even thinking about updating.  More details
	to follow.
d149 1
a149 1
$FreeBSD: src/UPDATING,v 1.83 2000/06/21 06:59:35 imp Exp $
@


1.83
log
@Note phk's axing of wd compat devices in -current.
@
text
@d14 5
d138 1
a138 1
$FreeBSD: src/UPDATING,v 1.82 2000/06/14 15:42:50 imp Exp $
@


1.82
log
@Warn about config's bout with Peter's big axe
@
text
@d8 6
d133 1
a133 1
$FreeBSD: src/UPDATING,v 1.81 2000/05/29 01:49:56 imp Exp $
@


1.81
log
@Add note about make.conf's J finding bugs in ld and not to use it for
the moment.
@
text
@d8 5
d14 1
a14 1
	A new set up binutils went into the tree today.  Anybdoy
d94 1
a94 1
		config YOUR_KERNEL_HERE
d98 1
d104 13
d127 1
a127 1
$FreeBSD: src/UPDATING,v 1.80 2000/05/27 21:20:07 imp Exp $
@


1.80
log
@Add entry for new binutils that are needed to properly rebuild the
kernel.
@
text
@d14 5
d108 1
a108 1
$FreeBSD: src/UPDATING,v 1.79 2000/05/16 07:48:18 imp Exp $
@


1.79
log
@All the latest big changes in -current that I could find:
	mod depends
	modules out of makeworld
	ethernet drivers
	alpha boot bloocks
Maybe a few others
@
text
@d8 6
d17 1
a17 1
2000510:
d22 4
a29 4
20000503:
	Recompile all kld modules.  Proper version dependency info
	is now available.

d32 1
a32 1
		cd /usr/src/gnu/usr.bin/gperf &&make depend all install
a35 1

d103 1
a103 1
$FreeBSD: src/UPDATING,v 1.78 2000/05/04 08:02:11 imp Exp $
@


1.78
log
@o Make note of brandelf change (obrien)
o Make the ata warning less dire based on more experience.  It seems that marginal
  disks cause more problems than that chipset singled out. (sos)
@
text
@d8 23
d98 1
a98 1
$FreeBSD: src/UPDATING,v 1.77 2000/04/04 17:14:18 imp Exp $
@


1.77
log
@Add information about the dangarous apollo MPV3 chipset.  Several
people have suggested the workaround to me (use only PIO mode) and
I've not seend a message saying ths was fixed.  I'll removed the bold
warning stars after the issue is corrected.
@
text
@d8 9
d18 3
a20 5
			* * * W A R N I N G * * *
	The ata driver has some issues with the Apollo MVP3 chipset.
	Drives work only in pio mode and must be set to pio mode early
	int the boot process.  Do not upgrade.  If you must upgrade
	in the face of this, add
d22 1
a22 4
	to the start of /etc/rc.conf.  Even if you do this, any and
	all damage to your system is at your own risk.  You have been
	warned.
			* * * W A R N I N G * * *
d75 1
a75 1
$FreeBSD: src/UPDATING,v 1.76 2000/03/28 06:59:46 imp Exp $
@


1.76
log
@Normally I don't put entries that should have been made months ago
into UPDATING.  However, in this case I'm making an exception.  I'm
adding a recommendation that people update their boot blocks.  Old
boot blocks will cause a system to become unbootable if you have
removed /dev/{,r}wd*.

Submitted by: Jeroen Ruigrok/Asmodai <asmodai@@freebsd.org>
@
text
@d8 12
d71 1
a71 1
$FreeBSD: src/UPDATING,v 1.75 2000/03/23 05:57:10 imp Exp $
@


1.75
log
@Add entry about the isa/pci shim issue.
@
text
@d25 7
d59 1
a59 1
$FreeBSD: src/UPDATING,v 1.74 2000/03/21 19:19:47 imp Exp $
@


1.74
log
@Massive gut.  We're not into 5.0 so remove all 4.x entries from this
file and start over.

Also note that we're in the traditional whack-a-ball kernel model/api
reorg for 5.0 and that one needs to be extra careful about making sure
models and kernels are in sync.
@
text
@d8 8
a41 2
	Except when it doesn't work.

d46 2
a47 2
and it only starts on November 18, 1998.  If you have an earlier
version of FreeBSD, you are on your own to get to November 18, 1998.
d52 1
a52 1
$FreeBSD: src/UPDATING,v 1.73 2000/03/09 07:34:46 imp Exp $
@


1.73
log
@Add blurb about perl modules needing recompiling.
@
text
@d8 11
a18 611
20000308:
	The binary interface of perl to its modules changed.  You
	will need to recompile any perl moudles after an
	installworld.  This includes all ports matching the pattern 
	/usr/ports/*/p5-*.

20000303:
	CMSG_XXX macros offset in <sys/socket.h> has changed to
	conform RFC-2292.  All affected applications have been
	corrected.  The i386 platform's offsets haven't changed, but
	the alpha's did.  When you build and install new kernel on
	FreeBSD/alpha, you must also do a make world.

20000225:
	OpenSSH has been added to FreeBSD.  This may conflict with the
	ports/security/ssh port since it installs binaries into
	/usr/bin and the port goes into /usr/local/bin.  Most paths
	have /usr/bin in the path before /usr/local/bin, so problems
	may arise.  If you don't want OpenSSH, add NO_OPENSSH=yes to
	your make.conf.

	You will also need to enable OpenSSH in /etc/rc.conf if you
	want to run the new servers.  You may need to move your host
	key and other config files from /usr/local/etc to /etc/ssh.

	OpenSSH's command line parsing, available options and default
	settings aren't the same as ssh, so some care needs to be
	taken in its operation.  One should do a full audit of all
	configuration settings.

20000205:
	The xinstall problem has kinda sorta been corrected.  The 
	following is known to work by the author of UPDATING.  It
	is what he did to update his laptop.  It is likely the same
	effect as the work around listed in 20000129.
		make buildworld
		make installworld	This will fail
		cd usr.bin/xinstall
		make clean all install NOSHARED=YES
		cd ../..
		make installworld
	If it doesn't work for you, then I'm sure that there will be
	another 100 messages in -current.

20000204:
	libipsec version number changed from 2 to 0.  The original
	commit of Jan 6 incorrectly set this to 2.  Remove
	/usr/lib/libipsec.so.2* before the buildworld and rebuild
	anything that uses libipsec.so after you install the new
	version.

20000201:
	The rcmd related functions have been aligned with other BSD
	implementations.  rlogind and rshd have been changed to use
	the new API.  A make world is recommended to keep them in sync
	with the libraries they use.

	http://www.FreeBSD.org/cgi/cvsweb.cgi/src/lib/libc/net/rcmd.c
	has the details.

20000129:
	{set,get}flags have been added to the tree for rather dubious
	reasons.

	IF AND ONLY IF installworld fails:
		make -k -DNOFSCHG installworld
		make installworld
	This issue was resolved Feb 5, 2000.

20000125:
	rcmd_af() is added for multiple address family support.  rsh
	and rlogin have been updated to use this to support INET6.  A
	make world is recommended to keep them in sync with the
	libraries they use.

20000124:
	The default way that virtual tables in our default C++
	compiler has changed.  We used to use THUNKS for virtual
	inheritance.  Unfortunately there are bugs that The GCC
	developers thought would be fixed in GCC 2.95.  However it
	isn't.

	After this change existing applications written in C++ may
	give errors like below when you try to run them:

/usr/libexec/ld-elf.so.1: /usr/lib/libstdc++.so.3: Undefined symbol "__vt_7filebuf"

	The only fix is to rebuild the application and any C++
	libraries used.

20000124:
	The management of next_writeable has been move from the
	kernel to userspace. This means that the burncd command
	must be in sync with the kernel. So make world is your
	friend.

20000117:
	GNU texinfo upgraded to 4.0.  It is recommended that you use
	make buildworld to update.

20000117:
	CAM_VERSION has been increased.  Recompile all programs that
	depend on it (tosha, camcontrol, etc) when moving to kernels
	past this date.

20000115:
	pccard ioctls changed with a commit to have the kernel tell
	pccardd which device it created, rather than having pccardd
	dictate it to the kernel.  Recompile kernel and
	pccardd/pccardc together.  pccardd/pccardc rely on a kernel
	Makefile that must be installed prior to building them.  Make
	world will automatically take care of this issue, but you need
	to know if you are building by hand.

20000109:
	Your kernel config files need to be changed to s/controller/device/
	in them.  You will need a new version of config to do this.

20000107:
	chown & chgrp moved again

	This is a heads up to let you know that you need to 
		    rm -f /sbin/chown /bin/chgrp
	after your next `make world'.  Additionally you need to install
	a new /dev/MAKEDEV (mergemaster(8) will assist you in this).

20000107:
	SHA-1 password support gone

	As warned yesterday, I've just removed the ability for
	libcrypt to understand SHA-1 passwords. This was present but
	undocumented in the tree for the past few months and was
	removed so it can be reimplemented properly as part of a
	revamped libcrypt at a later date. Anyone who was actually
	making use of the feature will have to update their passwords
	back to MD5 before they reinstall the library.

20000106:
	ioctl numbers changed for dvdio ioctls.  You will need to recompile
	anything that uses them.  wormcontrol has been deprecated in
	favor of burncd.

19991223:
	Building linux and svr4 compatibility into the kernel now
	requires /usr/bin/genassym.  Go to /usr/src/usr.bin/genassym,
	do "make obj ; make clean depend all install" before building
	your kernel.

19991218:
	sendmail.cf has moved from /etc/sendmail.cf to
	/etc/mail/sendmail.cf.  You may need to adjust /etc/rc.conf
	and /etc/rc to cope as well as moving sendmail.cf.

19991216:
	ntp 4.0.98 has replaced the ancient xntpd.  The daemon name
	changed from xntpd to ntpd, so you may need to update your
	/etc/rc.conf file.  The ntp.conf files are compatible with the
	old release, unless you are using a local reference clock.
	Details about ntp4 can be found at http://www.ntp.org/.

	xntpd will be cvs removed from the repo in about a week.

19991213:
	Soren updated the ata driver.  Please update to at least this
	version before submitting bug reports.

19991210:
	The ata driver has become the primary ata/ide/atapi driver in
	the kernel.  The wd driver is obsolete.  You should upgrade your
	machine to the new ata driver.  You will need to follow the
	directions for updating the devices in the 19991205 entry.  You
	will need to update all occurances of wd to ad in your config files
	(/etc/rc.conf, /etc/fstab, etc).  A compatibility device exists
	for wd for the time being, but once you have determined that
	ata is working for you, transition to the new ad devices.

19991205:
	Block devices are going away.  You will need to update your /dev
	tree with a fresh copy of MAKEDEV for things to always work in 
	the future.  fsck is unable to cope with dirty file systems
	after this change, so it may work for you or it may not.

	See "To rebuild disk /dev entries" at the end of the file.

	*** All uses of block devices must be converted to char devices.
	*** Likely the only thing impacted is dumpdev in /etc/rc.conf

19991204:
	The dc interface has replaced al, ax, dm, pn and mx.  The former
	have been removed.

19991204:
	Support for the old 'sd' device names has been removed in
	favor of 'da'.  Please update your /etc/fstab, /etc/rc.conf
	and any other places you might have sd names cached.
	Generally these changes are as simple as s=/dev/sd=/dev/da=g,
	but be careful to make sure that things are really that
	simple.  You may also need to create /dev entries for the da
	devices as well.

	See "To rebuild disk /dev entries" at the end of the file.

19991203:
	BAD144 support has been removed.  Cope or replace the hardware.

19991129:
	ALPHA users take note.  All klds will need to be recompiled for
	kernels build after this date.  It is a good time to update since
	pal.s will be going away soon.

19991126:
	MFS_ROOT and MFS_ROOT_SIZE are gone, replaced by MD_ROOT and
	MD_ROOT_SIZE options in the md driver.  md driver now deals with
	the hacks.  You should add md driver to kerneles that have
	MFS_ROOT, et al.  See GENERIC or LINT for details.

19991125:
	The ep changed a while ago and can no longer be used with hard
	wired addresses in the config file.

19991122:
	The bridge drivers for sound cards have been committed.  Please
	see LINT for instructions for your card, if it still works at
	all.

19991113:
	Gcc 2.95.2 is now the default compiler.

19991030:
	/etc/radius.conf file format has changed.The format change is
	as follows.  Each server line in the file should now begin
	with a new field containing either "auth" for RADIUS
	authentication, or "acct" for RADIUS accounting.  Formerly
	only authentication was supported.  If the first field isn't
	"auth" or "acct" then the code assumes that "auth" is
	intended.  (That's the compatibility hack.)

19991015:
	PCCARD has been updated to attach pcic to the isa bus.  Therefore
	you will need to modify kernel config files that have pcic/card
	in them as follows:
		controller	pcic0	at isa?
		controller	pcic1	at isa?
		controller	card0

19990929:
	The sigset_t datatype has been changed from an integral type
	to a compound type and can hold 128 signals. Syscalls directly
	or indirectly using the new sigset_t have been added as to
	maintain compatibility with existing binaries. A new kernel must
	be made and installed and booted with before a make world can
	be done.

	***************************************************************
		RECOMPILE AND REINSTALL KERNEL BEFORE MAKEWORLD
	***************************************************************

19990919:
	New jail syscall format requires recompilation of jail(8) with
	fresh headers installed (or a make world will do it for you).

19990914:
	Matt Dillon checked in many vm related things and sent a heads up
	to -current urging caution and to report vm problems to him.
	As of the 19th, no killer problems have been reported, but you
	have been warned.

19990908:
	The new miibus has been added to the system.  If you are using
	the dm, rl, sf, sis, ste, tl, wb or xl drivers, you need to
	add "controller miibus0" to your config file.

19990905:
	/var/cron/log has been moved to /var/log/cron to get all the
	log files in one place.

19990831:
	tn3270 has been removed from the base system and added as a port.

19990830:
	User-visible TCP timers are now expressed in units of 1ms, instead
	of 500ms, so if you've customized any timer values under
	``net.inet.tcp'', multiply them by 500 to preserve TCP's behavior.

19990828:
	RCS Id tags changed to FreeBSD.  This will cause huge cvsup
	updates.

19990821:
	On 28-May-1999 libreadline was upgraded from readline-2.2 to
	readline-4.0.  At that time the shared library major version
	number was bumped from "3" to "4".  It has been deemed that
	the interface change between readline-2.2 and readline-4.0 was
	not sufficient to warrant the version number bump.

	Thus I have reverted it back to "3".  You will need to perform
	the below immediately before your next ``make world'':
	    cd /usr/lib
	    ls -l libreadline.so.4
	        (if you have /usr/lib/libreadline.so.4)
	    mv libreadline.so.4 libreadline.so.3
	    rm -f libreadline.so
	    ln -s libreadline.so.3 libreadline.so

19990801:
	Changes to the pccardd kernel interface require that you recompile
	pccardd for new kernel.

19980725:
	The ipfw interface to the kernel has changed.  You will need to
	recompile ipfw programs for the new kernel.

19990715:
	The bpfilter device has been renamed to bpf.  You will need to 
	change your config files in order to enable this in newer kernels.

19990704:
	src/contrib/sys/softupdates is moving to
	src/sys/contrib/softupdates.  Update your symbolic links/etc.

19990702:
	Major changes have been made to vinum and its interface.  See
	the man page (vinum(8)) for details.  Look at the concat,
	mirror and stripe commands, as well as the SIMPLIFIED
	CONFIGURATION section.

19990628:
	Newsyslog.conf has had a minor, but potentially dangerous,
	change to its username/group syntax.  The old syntax was
	user.group, while the new syntax is user:group.

19990627:
	Inetd wrapping default has changed.  Please see the updated
	man page for details.

19990623:
	Compaq Smart Raid driver committed as ida.

19990622:
	The second phase of syscons cleanup has happened.  Some
	functionality has been made optional.  For details, see
        http://www.freebsd.org/~yokota/sc_update-June.txt
	Everyone will need to re-config(8) their kernels, but old
	binaries will work with the new kernel.

19990620:
	IPFW uid/gid-based filtering support has been committed. This
	breaks binary compatibility with previous copies of
	ipfw(8). Any utilities using the ioctl()s of ipfw (especially
	ipfw(8)) need to be recompiled with the newest headers
	installed.

19990618:
	Inetd now wraps all stream-based services, including internals.
	Syslog "severity" options are honoured. Installed syslog.conf
	and hosts.allow should be checked.

19990509:
	Most of the problems with newbus have been corrected, but
	it is still current and evolving.

	libcam's ABI has changed.  You must recompile the world and
	any ports that use it.

19990427:
	Massive changes to SMP went into the tree that should speed
	things up.  However, if you experience problems with SMP 
	machines, you can back off to the PRE_SMP_VMSHARE tag in the
	CVS repository (or run an MP kernel).

19990420:
	Pccardd and the pccard bus in general seem to be broken or
	most people.  Soren has patches to make it better for some,
	but not all people.  Work is underway to make it better for
	all people.

19990416:
	new bus changes integrated into -current.  Many problems were
	initially reported, but most have been fixed.  You'll need a
	new config and to tweak your kernel config file the way that
	GENERIC was tweaked.  Keep a copy of your old kernel when
	upgrading in case your new kernel doesn't work (and report the
	breakage to current@@freebsd.org).

	As of 19990421 the remaining problems/quirks are

	o sio no longer supports pnp nor pccard.  This will be corrected,
	  but the new pccard code needs to be completed.
	o Some of the sound drivers broke for some people.  It seems
	  inconsistant as to who/what/when/where things broke.
	o Duplicate device entries in your config do not work.  Previously
	  they were silently ignored.  psm0 seems to be the most common
	  duplicate choice, although some reports have come in from people
	  that wired their scsi disk entries.
	o You must move the keyboard and mouse attachments from the
	  isa bus to the atkbdc bus.  See GENERIC for details.
	o Machines with multiple host-pci bridges (Intel 450NX) will not
	  probe the second pci bus.
	o Some probe ordering may have changed, so device naming may change
	  with the new kernel.  If you have multiple devices, please double
	  check to make sure they didn't move.  This is especially true
	  for cards on different buses.
	o The bus attachment for vga0 is always isa0 and never pci0 when
	  it is in fact a pci card.  It is safe to ignore this.
	o The format of the boot messages has changed (and is not
	  guaranteed to be constant for a while) so you may see this
	  in some shell scripts that diff dmesg from day to day as well
	  as scripts that parse dmesg output.

19990414:
	cc -aout sometimes has problems compiling with -g, remove -g
	from those compilation units affected until this is corrected.

	cc -aout has problems with producing some threaded libraries,
	so make world -DWANT_AOUT is not functional at this time.

	Since make world for a.out isn't functional, you cannot do
	make aout-to-elf from a pre-egcs a.out system.  To work around
	this problem, make aout-to-elf using 3.1-stable first (or a
	pre egcs -current) and then a simple make world will take you
	the rest of the way with a -current source base.

19990413:
	Make -j works again for make world.  As always, use it with
	care, and be sure to try a make world w/o -j before reporting
	problems (that is, know if the problem exists w/o -j before
	reporting the problem with -j).

19990413:
	Note cc -aout, which had been broken since the conversion to
	egcs, now supposedly works.  If you have rebuilt things like
	XFree86 a.out libraries, you should rebuild them again or
	progams that use them, including netscape, will fail to work.

19990409:
	NOTE: New c++ compiler cannot be used with c++ binaries from
	the old compiler and vice versa.

19990408:
	In recent days egcs has been imported into the tree.  A number
	of problems have been discussed in -current.  Here is a highlight
	of a few of the more common ones.  With the exception of make
	-j n, they have been claimed to have been fixed.

	c++ is broken after make world: This is correct.  Because we
	changed compilers two make worlds are necessary to get C++
	working again.  The code generated by the old compiler and new
	compiler are not compatible, so things wind up being
	undefined.

	cpp is broken in make world:  There was a window where cpp
	would be built incorrectly.  The fix for this is
		cd src/gnu/usr.bin/cc
		make clean
		make all
		make install
	and this should correct your problems.  See the -current
	archives for a version of this that does moer cleaning.

	Make -j n doesn't work.  Work contiunes to make this work,
	I've seen no reports of success as of April 7th.

19990329:
	Previously, one would define "NOAOUT" to keep from building
	the legacy a.out bits.  Now one would define "WANT_AOUT" to
	build them.

19990316:
	The name of the old wd.c and atapi.c based CDROM driver has
	been changed back to wcd. So update your config file to use
	"device wcd" instead of "device acd".

19990314:
	For those of you using the VN device as a loadable module,
	please be aware that the new VN device has been committed to
	-4.x and cannot yet be used as a loadable module.  This will
	be fixed in the future.
	
19990309:
	New loader.rc mechanism.  Please see src/sys/boot/README for
	details.

19990225:
	struct proc size changed.  Recompile kernel and the
	usual suspects.  Make world if in doubt.

19990214:
	The nlpt driver has changed names back to be the lpt driver.
	See ppbus(4) or http://www.freebsd.org/~nsouch/ppbus.html
	for proper configuration details.

19990210:
	The 'lpt' driver is now obsolete.  Replace it with the 'nlpt'
	driver and 'ppbus' controller combination.

19990209:
	New devstat API requires recompilation of libdevstat, systat,
	iostat, vmstat and rpc.rstatd.  A new kernel is also required.
	make world + building a kernel should do all of this.  Any
	ports that use devstat need to be recompiled as well.

19990125:
	Linux threads options has gone away (they are now standard in
	the FreeBSD kernel).  A recompile of all libkvm using programs
	is in order (or better yet a make world).

19990122:
	On or about this date there was a small window when the boot
	blocks had some minor problems which seemed to force one to
	edit /etc/fstab.  This has been corrected, if you are seeing this
	problem, please rebuild and reinstall your boot blocks.

19990121:
	Vinum has changed.  The "vinum read" command has changed.  For
	updates, please see

http://www.freebsd.org/cgi/getmsg.cgi?fetch=800363+0+current/freebsd-current

	for details.  

	Matt Dillon committed a boatload of VM changes, for
	information please see

http://www.freebsd.org/cgi/getmsg.cgi?fetch=886676+0+current/freebsd-current
	or
http://www.freebsd.org/cgi/getmsg.cgi?fetch=827400+0+current/freebsd-current

	for details.  These changes will likely not impact anybody,
	but large chagnes to the VM need at least a heads up.

19990120:
	Stable branch created.  You might want to consider using this
	branch.  It is tagged with RELENG_3.

19990119:
	More work on the syscons driver has been committed.  Since
	files moved around, you will need to reconfigure your kernel,
	and make clean; make depend before rebuilding the kernel.  No
	config file changes are needed.

19990111:
	New keyboard and video card drivers are introduced as the first
	stage of console driver reorganization.  You are required to
	update the kernel configuration file and rebuild the kernel.
	kbdcontrol, vidcontrol, and screen savers also need recompilation.
	The instruction can be found in

		http://www.freebsd.org/~yokota/sc_update.txt

	It has notes on splash screen too.

19990106:
	Robert Nordier was kind enough to make this page to enable people to
	install the new bootblocks:

		http://www.freebsd.org/~rnordier/boot.txt

	When updating to ELF, make sure that you have updated your
	/etc/rc files which have different ldconfig invocations for
	elf and aout.  Otherwise things like X will stop working with
	messages about being unable to find library files.  The
	mergemaster utility in ports/sysutils/mergemaster helps to
	keep critical files like this in sync, and its use is
	recommended.

19990104:
	Information about ELF day (see 19981230) can be found in

		http://www.freebsd.org/~peter/elfday.html

	about the upcoming change, its motivations and instructions
	for doing the upgrade.

19981230:
	You should install new bootblocks now.  The ELF kernel will
	become default soon.  In addition, you'll need to upgrade
	your userland programs to ELF before then as well.  Use
	make aout-to-elf to upgrade your userland programs (old
	a.out programs in, for example, /usr/local/bin will
	continue to work, even after the upgrade).  See src/Makefile
	for more details.

19981224:
	The old wcd driver has been deleted from the kernel.  The
	driver that replaces it is named acd.  You'll need to change
	this in your configuration files.

	Failure to do this will result in "ATAPI CD-ROMs not
	configured" at boot time.

	The floppy tape driver (ft) has been removed from the kernel,
	with no replacement driver.

19981202:
	New groups from 19981201 commented out of mtree, so they
	aren't strictly needed, but still a good idea to have.

19981201:
	New user/group added: bind.  From src/etc/master.passwd and
	src/etc/group:
		% grep <newstuff> /usr/src/etc/group 
		bind:*:53:
		% grep <newstuff> /usr/src/etc/master.passwd 
		tty:*:4:65533::0:0:Tty Sandbox:/:/sbin/nologin
		kmem:*:5:65533::0:0:KMem Sandbox:/:/sbin/nologin
		bind:*:53:53::0:0:Bind Sandbox:/:/sbin/nologin

19981118:
	PAM integrated into the tree.   Requires new /etc/pam.conf file
	to silence warnings from authentication programs (login, etc).
	See src/etc/pam.conf for a sample.
a24 5
		cd src/usr.bin/genassym
		make depend all install clean
		cd ../../usr.sbin/config
		make depend all install clean
		cd ../../sys/i386/conf
a29 12
	To rebuild disk /dev entries
	----------------------------

	MAKEDEV should be copied from src/etc/MAKEDEV to /dev before
	starting the following:

		For N in the list of disks
			MAKEDEV N			# eg ad0
			for M in the list of slices
				MAKEDEV NsMa		# eg ad0s1a


a35 17
	To update from 3.x to 4.0 stable
	--------------------------------
	cd /usr/src
	make buildworld
	cd sbin/mknod
	make install
	<follow directions to build/install a kernel>
	<follow rebuild disk /dev entries above>	[*]
	reboot
	<in single user>
	cd /usr/src
	make -DNOINFO installworld
	make installworld

	[*] You may need to switch from wd to ad ala 19991210


d46 1
a46 1
$FreeBSD: src/UPDATING,v 1.72 2000/03/07 04:35:24 imp Exp $
@


1.73.2.1
log
@minor mods and BUILD_KERBEROS4 issues
@
text
@d4 3
a6 66
directly to him.  See end of file for further details.  Common issues
are listed first, followed by specific problems that upgradiung from
prior versions of 4.x-stable.  Prior to the 4.0 release entry, there
are some items that are relevant to upgrading from 4.0-current.  They
will be removed after 4.1-RELEASE happens.

COMMON ITEMS:

	To build a kernel
	-----------------
	cd /usr/src
	# If you have not already done so, please buildworld here
	make buildkernel KERNEL=<YOUR_KERNEL_HERE>
	make installkernel  KERNEL=<YOUR_KERNEL_HERE>
	# Verify that the new kernel works, it will be installed as
	# /YOUR_KERNEL_HERE
	mv /YOUR_KERNEL_HERE

	To rebuild disk /dev entries
	----------------------------
	MAKEDEV should be copied from src/etc/MAKEDEV to /dev before
	starting the following:

		For N in the list of disks
			MAKEDEV N			# eg ad0
			for M in the list of slices
				MAKEDEV NsMa		# eg ad0s1a


	To rebuild everything
	---------------------
	make world

	Except when it doesn't work :-)

	To update from 3.x to 4.0 stable
	--------------------------------
	cd /usr/src
	<see notes below>				[**]
	make buildworld
	cd sbin/mknod
	make install
	<follow directions to build/install a kernel>
	cd sys/modules
	make install
	<follow rebuild disk /dev entries above>	[*]
	reboot
	<in single user>
	cd /usr/src
	make -DNOINFO installworld
	make installworld
	reboot
	<multi-user>

	[*] You may need to switch from wd to ad ala 19991210
	[**] If you have any of the following in your /etc/make.conf,
	please comment them out before following these instructions
	and then do a make buildworld + make installworld after you
	are back to <multi-user> above:
		BUILD_KERBEROS4

20000315:
	FreeBSD 4.0 RELEASE.  The rest of this file is historical
	and will be removed in the future.

****************************** 4.0 RELEASE ******************************
d620 50
d680 1
a680 1
$FreeBSD: src/UPDATING,v 1.73 2000/03/09 07:34:46 imp Exp $
@


1.73.2.2
log
@Fix typos.  Rearrange a little.  Keep the obsolete stuff at the end of
the file, but put the common items before them.

This should be fairly close to reality now.
@
text
@d4 5
a8 10
directly to him.  See end of file for further details.  A reverse
chronology since 4.0 was released is included, followed by the common
items quick how-tos, followed by entries for versions of -current
prior to 4.0 Release.

20000315:
	FreeBSD 4.0 RELEASE.  The rest of this file is historical
	and will be removed in the future.

****************************** 4.0 RELEASE ******************************
d20 1
a20 4
	chflags noschg /kernel
	mv /kernel /kernel.old
	mv /YOUR_KERNEL_HERE /kernel
	chflags schg /kernel
a40 1
	<see notes below>				[***]
d46 1
a48 1
	<follow directions to build/install a kernel>
d63 5
a67 6
		MAKE_KERBEROS4
	[***] Update to 4.0-stable sources.  Make sure that you get all
	the parts.  If you are using cvsup files that are older than a
	couple of months, be sure they have all the components listed
	in /usr/share/examples/cvsup.  Crypto and secure are now
	required.
d69 1
a69 2
What follows are older entries for those people upgrading from earlier
versions of -stable.
d693 1
a693 1
$FreeBSD: src/UPDATING,v 1.73.2.1 2000/03/22 01:24:11 imp Exp $
@


1.73.2.3
log
@Minor nits in 3.4->4.0 upgrade
@
text
@a20 2
	# You will also need to update your config file to 4.0.  Usually
	# people tend to start with GENERIC from 4.0 and hack from there.
a25 1
	chflags noschg /YOUR_KERNEL_HERE
a63 1
	mergemaster [****]
a77 3
	[***] This step is optional, but is generally a good idea.  If
	you wish to use many of the new features in 4.0, you must do
	this anyway.
d704 1
a704 1
$FreeBSD: src/UPDATING,v 1.73.2.2 2000/03/23 05:58:28 imp Exp $
@


1.73.2.4
log
@Use the right number of [****] for mergemaster footnote.
Minor nits pointed out by a lot of people.
@
text
@d58 1
a58 1
	cd ../../sys/modules
d65 1
a65 3
	cd gnu/usr.bin/texinfo/install-info
	make install
	cd ../../../..
d82 1
a82 1
	[****] This step is optional, but is generally a good idea.  If
d711 1
a711 1
$FreeBSD: src/UPDATING,v 1.73.2.3 2000/04/04 17:05:18 imp Exp $
@


1.73.2.5
log
@Add two things:
	1) Note the ABI change in the kernel requiring new kernel
	and new modules after approx May 1.
	2) Note ldconfig -R being needed sometimes when updating from 3.x
	to -stable.
@
text
@a8 6
20000501:
	At approximately this date, an incompatible kernel change
	was made which means that if you update kernels accross
	this boundary, you also have to update modules, and vice
	versa.

d52 1
a52 1
	<see notes below>				[3]
d54 1
a54 1
	<see notes below>				[2]
d61 1
a61 1
	<follow rebuild disk /dev entries above>	[1]
d68 2
a69 2
	make installworld				[5]
	mergemaster					[4]
d73 2
a74 2
	[1] You may need to switch from wd to ad ala 19991210
	[2] If you have any of the following in your /etc/make.conf,
d79 1
a79 1
	[3] Update to 4.0-stable sources.  Make sure that you get all
d84 1
a84 1
	[4] This step is optional, but is generally a good idea.  If
a86 2
	[5] If you get warnings from ld-elf.so that it cannot load
	libc.so, run 'ldconfig -R' and repeat the installworld target.
d713 1
a713 1
$FreeBSD: src/UPDATING,v 1.73.2.4 2000/05/16 07:47:22 imp Exp $
@


1.73.2.6
log
@MFC: softupdate information
@
text
@a8 5
20000622:
	The license on the softupdates is now a standard 2 clause
	BSD license.  You may need to remove your symbolic links
	that used to be required when updating.

d62 1
a62 2
	<follow directions to build/install a kernel>
	cd /usr/src/sys/modules
d64 1
a64 1
	cd /usr/src/sbin/mknod
d66 1
d94 1
a94 2
	libc.so, run 'ldconfig -R /usr/obj/usr/src/lib/libc' and repeat
	the installworld target.
d721 1
a721 1
$FreeBSD: src/UPDATING,v 1.73.2.5 2000/05/27 21:24:09 imp Exp $
@


1.73.2.7
log
@Add note about the requirement to do a make buildkernel.  Despite
having it in the instructions for UPDATING, people got burned by not
doing it when the new binutils came into the tree.
@
text
@a8 8
20000706:
	Binutils were updated.  In order to build a kernel after this
	date, you must follow the updating proceedure for building
	kernels exactly as presented here.  You may be able to get away
	with doing it the old way, but if it breaks, make sure that you've
	tried the "To build a kernel" section with a fresh /usr/obj
	first.

d727 1
a727 1
$FreeBSD: src/UPDATING,v 1.73.2.6 2000/06/25 08:27:08 imp Exp $
@


1.73.2.8
log
@MFC: 1.97 blurb on the crypto stuff.
@
text
@a8 11
20000711:
	If you use CVSUP or CTM to get CVS trees, AND you used to get 
	the old crypto files from internat.freebsd.org AND you check
	out files from the CVS tree with the cvs command, please read
		http://people.freebsd.org/~imp/internat.txt
	for details on potential problems that you might have and how
	to get around them.

	If you are merely a mirror, or don't answer yes to each of the
	clauses above, you needn't worry.

d735 1
a735 1
$FreeBSD: src/UPDATING,v 1.73.2.7 2000/07/11 05:59:02 imp Exp $
@


1.73.2.9
log
@Spelling errors
@
text
@d22 1
a22 1
	date, you must follow the updating procedure for building
d746 1
a746 1
$FreeBSD: src/UPDATING,v 1.73.2.8 2000/07/16 06:04:43 imp Exp $
@


1.73.2.10
log
@Minor clarifications:
	o this file applies to stable.
	o note historical nature of parts of this file more clearly so that
	  people don't get confused about the non-optional nature of the
	  kernel upgrade building instructions.
@
text
@d1 1
a1 1
Updating Information for FreeBSD STABLE users
a8 3
20000724:
	FreeBSD 4.1 Released on or about this date.

d40 2
a41 2
	FreeBSD 4.0 RELEASE.  Historical entries follow the common
	items.
d746 1
a746 1
$FreeBSD: src/UPDATING,v 1.73.2.9 2000/07/17 22:26:16 imp Exp $
@


1.73.2.11
log
@o Add note about behavior change for installkernel.
o Update 4.0 -> 4.x or 4.1 as appropriate
o Add a note warning people to read the -stable archive before updating
  to a new version because of the (up to) 1 week lag in updating UPDATING.
o Warn people doing upgrades of remote machines to use the exact version
  they are updating the remote machine to for testing purposes.  This
  would be obvious, but I've had several grump-o-grams when things broke
  and the base cause was lack of testing of methods up front.

installkernel changes submitted by John Reynolds.  Other people have
made passing comments on the rest, or sent me patches.  Sadly, I've
lost their names :-(.
@
text
@a8 9
20000803:
	The "installkernel" target has changed slightly. Now even if
	you override KERNEL e.g. 'make installkernel KERNEL=MYKERNEL'
	it will install the MYKERNEL file (built with the buildkernel
	target) as /kernel rather than /MYKERNEL. Those who have
	updated their /boot/loader.conf files to point to /MYKERNEL
	should remove that entry or perform manual rename of /kernel
	to /MYKERNEL.

d54 2
a55 2
	# You will also need to update your config file to 4.x.  Usually
	# people tend to start with GENERIC from 4.x and hack from there.
d83 1
a83 1
	To update from 3.x to 4.x stable
a84 8
	***********************************************************
	READ -STABLE ARCHIVES FOR THE LAST WEEK OR TWO BEFORE
	STARTING THIS PROCESS.  UPDATING MAY LAG BEHIND A LITTLE
	A GOTCHAS ARE OFTEN REPORTED IN FREEBSD-STABLE@@FREEBSD.ORG
	BEFORE BEING INCLUDED HERE.  IF YOU ARE GOING TO DO REMOTE
	MACHINES, MAKE SURE THAT THE EXACT VERSION YOU ARE UPDATING
	THEM TO WORKS ON LOCAL MACHINES BEFORE PROCEEDING.
	***********************************************************
d112 1
a112 1
	[3] Update to 4.x-stable sources.  Make sure that you get all
d118 1
a118 1
	you wish to use many of the new features in 4.x, you must do
d125 1
a125 1
versions of -stable/-current.
d749 1
a749 1
$FreeBSD: src/UPDATING,v 1.73.2.10 2000/07/23 03:05:37 imp Exp $
@


1.73.2.12
log
@Add entry about the MFC of the building of modules and the
difficulties that causes for those people that don't want to follow
the instructs.  Was going to add an entry for binutils, but that was
already there.

Suggested by: dillon
@
text
@a31 6
20000707:
	We started building modules here.  IF you don't wish to
	follow the documented proceedure for building kernels, then
	you'll have to install new mk files from src/share/mk, or
	define NO_MODULES.

d766 1
a766 1
$FreeBSD: src/UPDATING,v 1.73.2.11 2000/08/06 21:11:00 imp Exp $
@


1.73.2.13
log
@Add section on updating 4.0 RELEASE and newer to the most recent
4.x-stable with pragmatic notes about what you can and cannot get away
with and a recommendation to use a serial console on remote installs.
Remove the moving the kernel around instructions since the MFC for
installkernel no longer requires it.  Also add a note about moving
modules out of the way at the proper places in the upgrade proceedure.
@
text
@d74 6
a79 1
	# /kernel
d129 1
a129 3
	[1] You may need to switch from wd to ad ala 19991210.  In
	addition, you should disable any third party modules such as
	vmware so that you don't crash your system on reboot.
a146 19
	To update from 4.0-RELEASE or later to the most current
	4.x-STABLE
	----------
	make buildworld
	make buildkernel KERNEL=YOUR_KERNEL_HERE
	make installkernel KERNEL=YOUR_KERNEL_HERE
	reboot	(in single user) [1]
	make installworld
	reboot

	[1] You can often get away without doing this step as the
	system will be properly updated.  During the running of the
	installworld, however, system components may break and other
	oddities may happen.  Don't do this on systems that aren't
	otherwise quiet as unpredictable results may happen.  If in
	doubt, reboot into single user.  For remote installs, keep
	a separate kernel around and use a serial console if at all
	possible.

d772 1
a772 1
$FreeBSD: src/UPDATING,v 1.73.2.12 2000/08/10 03:31:28 imp Exp $
@


1.73.2.14
log
@Remove manual installation of modules.  installkernel does that.
@
text
@d108 2
d788 1
a788 1
$FreeBSD: src/UPDATING,v 1.73.2.13 2000/08/10 05:17:27 imp Exp $
@


1.73.2.15
log
@In updating a machine from 3.5.1 CDROM to -stable, I found that
ldconfig is always needed, so go ahead and just include it in the
upgrade instructions.  People will always hit this and there's no need
to have an IF statement that always evaluates to true.
@
text
@a116 1
	ldconfig -R /usr/obj/usr/src/lib/libc
d138 3
d786 1
a786 1
$FreeBSD: src/UPDATING,v 1.73.2.14 2000/08/24 18:46:51 imp Exp $
@


1.73.2.16
log
@MFC: Sendmail 8.11.0
@
text
@a8 14
20000827:
	sendmail has been updated from 8.9.3 to 8.11.0.  Some of the more
	visible changes that may immediately affect your configuration
	include:
	- New default file locations from src/contrib/sendmail/cf/README
	- newaliases limited to root and trusted users
	- MSA port (587) turned on by default
	- New queue file naming system so can't go from 8.11 -> 8.9
	- FEATURE(`rbl') renamed to FEATURE(`dnsbl')
	- FEATURE(`nullclient') is more full featured
	- FEATURE(`nouucp') requires an argument: `reject' or `nospecial'
	- mail.local FreeBSD-only -b option changed to -B
	- See src/contrib/sendmail/RELEASE_NOTES for more info

d784 1
a784 1
$FreeBSD: src/UPDATING,v 1.73.2.15 2000/08/26 05:05:18 imp Exp $
@


1.73.2.17
log
@Add entries for MFC of libkvm changes forcing recall.
MFC the sendmail warning about /etc/mail/aliases.
@
text
@a8 16
20000907:
	Changes to libkvm requires a recompile of the usual suspects.
	(find /usr/src -name Makefile | xargs egrep LIBKVM)
	This means that your world must match your kernel around this
	point.

20000904:
	A new issue with the sendmail upgrade has come to light.
	/etc/aliases has moved to /etc/mail/aliases.  Mergemaster will 
	incorrectly install the default aliases in /etc/mail rather than
	move the old one from /etc.  So you'll need to manually move the
	file, create a symbolic link, remove the old /etc/aliases.db and
	run newaliases.  For safety sake, you should stop sendmail
	while doing this and run the upgrade when locally sourced email
	is not likely to be generated.

d798 1
a798 1
$FreeBSD: src/UPDATING,v 1.73.2.16 2000/08/28 00:11:35 imp Exp $
@


1.73.2.18
log
@Add mergemaster step before reboot.

Suggested by: Kent Stewart <kstewart@@urx.com>
@
text
@a177 1
	mergemaster
d814 1
a814 1
$FreeBSD: src/UPDATING,v 1.73.2.17 2000/09/08 04:43:05 imp Exp $
@


1.73.2.19
log
@miniperl
port tree layout
networking defaults tightened
@
text
@a8 19
20001009:
	The ports tree's new layout is in place.  Be sure to update
	your entire ports tree, or you will have problems.

20001006:
	The perl build proceedure no longer installs miniperl, nor uses
	the installed miniperl.  It is recommended that you delete
	/usr/bin/miniperl.

20000907:
	Networking defaults have been tightened.  Anybody upgrading
	/etc/defaults/rc.conf needs to add the following lines to
	/etc/rc.conf if they want to have the same setup
	afterwards (unless the variables already are set, of course):
		# Enable network daemons for user convenience.
		inetd_enable="YES"
		portmap_enable="YES"
		sendmail_enable="YES"

d815 1
a815 1
$FreeBSD: src/UPDATING,v 1.73.2.18 2000/09/13 18:50:54 imp Exp $
@


1.73.2.20
log
@4.1R and 4.1.1R dates
@
text
@a17 3
20000925:
	FreeBSD 4.1.1 RELEASE.

d68 1
a68 1
	FreeBSD 4.1 RELEASE
d834 1
a834 1
$FreeBSD: src/UPDATING,v 1.73.2.19 2000/10/09 04:06:57 imp Exp $
@


1.73.2.21
log
@This is for tracking -stable.

Submitted by: alex@@big.endian.de (Alexander Langer)
@
text
@d830 1
a830 1
breakages in tracking -stable.  Not all things will be listed here,
d837 1
a837 1
$FreeBSD: src/UPDATING,v 1.73.2.20 2000/10/09 04:10:35 imp Exp $
@


1.73.2.22
log
@MFC: sendmail info
delete bogus security enhancement text.  This hasn't been MFC'd.

Approved by: jkh
@
text
@a8 20
20001115:
	FreeBSD 4.2 RELEASE.

20001020:
	****************************** WARNING ******************************
				Sendmail has been updated.
	****************************** WARNING ******************************
	o mail.local(8) is no longer installed as a set-user-id binary.
	o sendmail(8) is now built with STARTTLS support unless NO_OPENSSL
	  is set.
	o The default /etc/mail/sendmail.cf disables the SMTP EXPN and VRFY
	  commands.
	o Now using sendmail's version of vacation(1).
	o The sendmail cf building tools (contrib/sendmail/cf) are installed
	  in /usr/share/sendmail/cf.
	o sendmail.cw changed to local-host-names

	More details can be found at
		http://people.freebsd.org/~imp/UPDATING/sendmail-20001010

d22 10
d33 1
a33 1
	(find /usr/src -name Makefile | xargs egrep -l LIBKVM)
d837 1
a837 1
$FreeBSD: src/UPDATING,v 1.73.2.21 2000/10/09 04:31:07 imp Exp $
@


1.73.2.23
log
@Push back the release date.  Glad to know people are reading this :-)

Approved by: jkh, indirectly
@
text
@d9 1
a9 1
20001120:
d847 1
a847 1
$FreeBSD: src/UPDATING,v 1.73.2.22 2000/11/05 04:55:19 imp Exp $
@


1.73.2.24
log
@Fix a couple of typos

Approved by:	Warner
@
text
@d34 1
a34 1
	The perl build procedure no longer installs miniperl, nor uses
d614 1
a614 1
	  inconsistent as to who/what/when/where things broke.
d847 1
a847 1
$FreeBSD: src/UPDATING,v 1.73.2.23 2000/11/16 19:49:09 imp Exp $
@


1.73.2.25
log
@Catch up:
o ipfw interface change.
o ssh pam stuff
o Linksys MFC
@
text
@a8 19
20010117:
	Linksys Fast Ethernet PCCARD cards supported by the ed driver
	now require the addition of flag 0x80000 to their config line
	in pccard.conf(5).  This flag is not optional.  These Linksys
	cards will not be recognized without it.

20010112:
	Important new FreeBSD-version stuff: PAM support has been worked
	in, partially from the "Unix" OpenSSH version.  This requires
	adding the following in pam.conf:
  
	sshd    auth    sufficient      pam_skey.so
	sshd    auth    required        pam_unix.so         try_first_pass
	sshd    session required        pam_permit.so

20010109:
	ipfw interface changed.  Make sure that the userland and kernel match
	or you won't have the firewall rules you think you do.

d847 1
a847 1
$FreeBSD: src/UPDATING,v 1.73.2.24 2000/11/16 20:18:45 marko Exp $
@


1.73.2.26
log
@Add notes about KERNEL -> KERNCONF.
Suggest -DNOPERL in upgrade, but that's not likely enough.  More to come,
maybe.
@
text
@a8 5
20010202:
	The KERNEL variable for buildkernel and installkernel has been
	deprecated in favor of KERNCONF.  make kernel now combines these
	two steps.

d187 1
a187 1
	make buildworld -DNOPERL
d199 1
a199 1
	make installworld -DNOPERL			[5]
d866 1
a866 1
$FreeBSD: src/UPDATING,v 1.73.2.25 2001/01/17 18:00:17 imp Exp $
@


1.73.2.27
log
@Use new KERNCONF= in building rather than old KERNEL=.

Submitted by: dfrazier@@manpage.com
@
text
@d157 2
a158 2
	make buildkernel KERNCONF=<YOUR_KERNEL_HERE>
	make installkernel  KERNCONF=<YOUR_KERNEL_HERE>
d230 2
a231 2
	make buildkernel KERNCONF=YOUR_KERNEL_HERE
	make installkernel KERNCONF=YOUR_KERNEL_HERE
d871 1
a871 1
$FreeBSD: src/UPDATING,v 1.73.2.26 2001/02/28 05:49:40 imp Exp $
@


1.73.2.28
log
@Fix typo.  I'm sorry, but I lost the mail that contained this patch,
so I don't know who sent this to me.
@
text
@d120 1
a120 1
	follow the documented procedure for building kernels, then
d871 1
a871 1
$FreeBSD: src/UPDATING,v 1.73.2.27 2001/03/02 00:37:32 imp Exp $
@


1.73.2.28.2.1
log
@Preliminary attempt to codify the changes made to RELENG_4_3 tree.
There appear to have been 9 commits to the tree after 4.3 release was
finalized.  In the future, I plan on committing here shortly after
changes I notice and also after advisories are released.

Approved in concept by: kris
Slightly reviewed by: rwatson
@
text
@a8 44
This is for the 4.3 release branch.  All entries since 4.3 are an
itemized list of commits to this branch, numbered from the beginning.
By this count, we're at 4.3.0p9.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.

20010723:	p9	FreeBSD-SA-01:49 (part 2)
	Fix a different overflow with output_data and netflush in
	telnetd.  Make sure that you have both this update and the
	previous one.

20010721:	p8	FreeBSD-SA-01:49 (part 1)
	Fix buffer overflow in telnetd.

20010719:	p7
	Add PRNG security patch from openssl to prevent guessing of
	internal state.

20010717:	p6
	Fix ipfw "me" definition.

20010710:	p5	FreeBSD-SA-01:42
	Don't share signal handlers from rfork after exec.

20010708:	p4	FreeBSD-SA-01:48
	Fix possible tcpdump buffer overflow.

20010704:	p3
	Unbreak paranoid host checking in tcp_wrappers.

20010601:	p2	FreeBSD-SA-01:40 (part 2)
	Fix a second instance of chdir with fts_safe_changedir().

20010530:	p1	FreeBSD-SA-01:40 (part 1)
	Fix to stat after chdir .. in fts to make sure we wind up where
	we think we should.

20010421:
	FreeBSD 4.3 RELEASE

d871 1
a871 1
$FreeBSD: src/UPDATING,v 1.73.2.28 2001/03/25 20:35:17 imp Exp $
@


1.73.2.28.2.2
log
@Note that p7 and FreeBSD-SA-01:51 are related.

Submitted b: kris
@
text
@d27 1
a27 1
20010719:	p7	FreeBSD-SA-01:51
d915 1
a915 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.1 2001/07/29 06:13:45 imp Exp $
@


1.73.2.28.2.3
log
@Add p10 (ip fragment attack), p11 (nfs filehandle issue) and p12 (procfs)
changes to the 4.3 branch.
@
text
@a18 9
20010813:	p12
	procfs permission tightening.

20010810:	p11
	Check filehandle size when mounting nfs filesystems.

20010805:	p10
	Prevent DoS attack from bogus fragmented packets.

d915 1
a915 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.2 2001/07/31 07:26:11 imp Exp $
@


1.73.2.28.2.4
log
@Fix typo in current patchlevel pointed out by many people
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p12.
d924 1
a924 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.3 2001/08/15 05:09:52 imp Exp $
@


1.73.2.28.2.5
log
@Add ipfw me advisory
@
text
@d40 1
a40 1
20010717:	p6	FreeBSD-SA-01:53
d924 1
a924 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.4 2001/08/17 16:39:15 imp Exp $
@


1.73.2.28.2.6
log
@p13: sendmail arugment parsing bug fixed by Simon a few minutes ago.
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p13.
a18 3
20010822:	p13
	Fix command line argument overflow probelm in sendmail.

d924 1
a924 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.5 2001/08/18 04:54:03 imp Exp $
@


1.73.2.28.2.7
log
@Note that p12 is the subject of FreeBSD-SA-01:55.
@
text
@d22 1
a22 1
20010813:	p12	FreeBSD-SA-01:55
d927 1
a927 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.6 2001/08/22 06:45:19 imp Exp $
@


1.73.2.28.2.8
log
@p13 really was the IRC DCC issue.  Add that and move the sendmail
issue to p14.

Submitted by: Makoto `MAR' MATSUSHITA
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p14.
d19 1
a19 1
20010822:	p14
a21 3
20010821:	p13
	Close the "IRC DCC" security problem.

d927 1
a927 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.7 2001/08/22 08:18:45 imp Exp $
@


1.73.2.28.2.9
log
@MFC: Merge the repo damage entry from -current.
@
text
@a64 8
20010521:
	Minor repo damange has happened.  This may cause problems
	with cvsup of ports.  If you get errors, please see
	http://www.FreeBSD.org/cgi/query-pr.cgi?pr=27495
	at the bottom for details on a workaround.  The error message
	is
Updater failed: Cannot delete "/usr/ports/www/jakarta-tomcat/files": Directory not empty

d930 1
a930 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.8 2001/08/22 15:50:04 imp Exp $
@


1.73.2.28.2.10
log
@Update to include the last two security advisories.

Submitted by: Makoto MATSUSHITA-san <matusita@@jp.FreeBSD.org>
@
text
@d31 1
a31 1
20010805:	p10	FreeBSD-SA-01:52
d55 1
a55 1
20010704:	p3	FreeBSD-SA-01:56
d938 1
a938 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.9 2001/08/23 15:39:57 imp Exp $
@


1.73.2.28.2.11
log
@Update to p15 with recent lpd fixes.

Also, include sendmail advisory as fixing p14.
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p15.
d19 1
a19 4
20010830	p15	FreeBSD-SA-01:58
	Fix lpd remote root exploitable buffer overflow.

20010822:	p14	FreeBSD-SA-01:57
d938 1
a938 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.10 2001/08/30 05:01:23 imp Exp $
@


1.73.2.28.2.12
log
@rmuser fix.
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p16.
a18 3
20010904	p16
	Close race condition when updating /etc/master.passwd in rmuser.

d941 1
a941 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.11 2001/08/30 22:31:40 imp Exp $
@


1.73.2.28.2.13
log
@Bump to p17 with rmuser correction.
Add advisory number for p16/p17 now that its available.
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p17.
d19 1
a19 4
20010904	p17	FreeBSD-SA-01:59
	Minor fix to p16.

20010904	p16	FreeBSD-SA-01:59
d944 1
a944 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.12 2001/09/04 14:43:57 imp Exp $
@


1.73.2.28.2.14
log
@New patch (p18) for uucp stuff.
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p18.
a18 3
20010910	p18
	UUCP fixes.

d947 1
a947 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.13 2001/09/05 17:34:31 imp Exp $
@


1.73.2.28.2.15
log
@dd's commit semop fixes.
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p19.
a18 3
20010911	p19
	semop fixes to prevent overflows.

d950 1
a950 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.14 2001/09/11 03:01:09 imp Exp $
@


1.73.2.28.2.16
log
@p20: login.conf patching.
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p20.
a18 3
20010920	p20
	Plug login.conf hole.

d953 1
a953 1
$FreeBSD: src/UPDATING,v 1.73.2.28.2.15 2001/09/11 16:40:35 imp Exp $
@


1.73.2.28.2.17
log
@p21: fix for OpenSSH `UseLogin yes' environment issue.
@
text
@a18 4
20011202	p21
	A security hole in OpenSSH involving `UseLogin yes' has been
	patched.

d956 1
a956 1
$FreeBSD$
@


1.73.2.28.2.18
log
@Bump patchlevel for fix to pw(8).
@
text
@a18 4
20011221	p22
	A bug was fixed wherein the pw(8) command created a short-lived
	but world-readable copy of /etc/master.passwd.

@


1.73.2.28.2.19
log
@Update to what I think is the latest patch number.  Also update
advsiories that I can trace to patches.
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p22.
d19 1
a19 1
20011221	p22	FreeBSD-SA-02:02:pw.asc
d23 1
a23 1
20011202	p21	FreeBSD-SA-01:63:openssh.asc
d33 1
a33 1
20010910	p18	FreeBSD-SA-01:62.asc
@


1.73.2.28.2.20
log
@Add p23 and p24 for the k5su and exec problems.  I'd overlooked these
commits somehow.
@
text
@a18 7
20020123:	p24	FreeBSD-SA-02:08.exec.asc
	There's a small window in exec where one could debug a setuid
	program and obtain elevated priviledges.  This was corrected.

20020123:	p23	FreeBSD-SA-02:07.k5su
	k5su fixes.

@


1.73.2.28.2.21
log
@We're up to p24 and add some colons
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p24.
d26 1
a26 1
20011221:	p22	FreeBSD-SA-02:02:pw.asc
d30 1
a30 1
20011202:	p21	FreeBSD-SA-01:63:openssh.asc
d34 1
a34 1
20010920:	p20
d37 1
a37 1
20010911:	p19
d40 1
a40 1
20010910:	p18	FreeBSD-SA-01:62.asc
d43 1
a43 1
20010904:	p17	FreeBSD-SA-01:59
d46 1
a46 1
20010904:	p16	FreeBSD-SA-01:59
d49 1
a49 1
20010830:	p15	FreeBSD-SA-01:58
@


1.73.2.28.2.22
log
@Note gzip and sdiff changes, bump patch level.
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p26.
a17 6

20020127:	p26
	sdiff temp file handling.

20020127:	p25
	gzip tempfile handling.
@


1.73.2.28.2.23
log
@Note zlib fix, bump patch level (-p27)
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p27.
a17 3

20020223:	p27
	zlib inflate error handling.
@


1.73.2.28.2.24
log
@Apply fix for OpenSSH off-by-one error (FreeBSD-02:13.openssh).
@
text
@a18 3
20020307:	p28	FreeBSD-SA-02:13.openssh
	OpenSSH off-by-one error.

@


1.73.2.28.2.25
log
@Update patchlevel per current count.
@
text
@d11 1
a11 1
By this count, we're at 4.3.0p28.
@


1.73.2.28.2.26
log
@Add cross-references to applicable security advisories.  Also
be more consistent about the format of the names we give for advisories.

Approved by:	nectar
@
text
@d22 1
a22 1
20020223:	p27	FreeBSD-SA-02:18.zlib
d38 1
a38 1
20011221:	p22	FreeBSD-SA-02:02:pw
d42 1
a42 1
20011202:	p21	FreeBSD-SA-01:63:openssh
d52 1
a52 1
20010910:	p18	FreeBSD-SA-01:62.uucp
d55 1
a55 1
20010904:	p17	FreeBSD-SA-01:59.rmuser
d58 1
a58 1
20010904:	p16	FreeBSD-SA-01:59.rmuser
d61 1
a61 1
20010830:	p15	FreeBSD-SA-01:58.lpd
d64 2
a65 2
20010822:	p14	FreeBSD-SA-01:57.sendmail
	Fix command line argument overflow problem in sendmail.
d70 1
a70 1
20010813:	p12	FreeBSD-SA-01:55.procfs
d76 1
a76 1
20010805:	p10	FreeBSD-SA-01:52.fragment
d79 1
a79 1
20010723:	p9	FreeBSD-SA-01:49.telnetd (part 2)
d84 1
a84 1
20010721:	p8	FreeBSD-SA-01:49.telnetd (part 1)
d87 1
a87 1
20010719:	p7	FreeBSD-SA-01:51.openssl
d91 1
a91 1
20010717:	p6	FreeBSD-SA-01:53.ipfw
d94 1
a94 1
20010710:	p5	FreeBSD-SA-01:42.signal
d97 1
a97 1
20010708:	p4	FreeBSD-SA-01:48.tcpdump
d100 1
a100 1
20010704:	p3	FreeBSD-SA-01:56.tcp_wrappers
d103 1
a103 1
20010601:	p2	FreeBSD-SA-01:40.fts (part 2)
d106 1
a106 1
20010530:	p1	FreeBSD-SA-01:40.fts (part 1)
@


1.73.2.28.2.27
log
@Add missing note for patch 29 before I add patch 30.

Missed by: trevor
@
text
@a18 3
20020710:	p29	FreeBSD-SA-02:28.resolv
	resolver buffer overflow.

@


1.73.2.28.2.28
log
@MFC: Fix smrsh bypass bug.

Approved by:	security-officer
@
text
@a18 3
20021026:	p30
	smrsh bypass bug.

@


1.73.2.28.2.29
log
@FreeBSD-SA-03:04.sendmail: sendmail header parsing buffer overflow

Approved by:    security-officer (nectar)
@
text
@a18 3
20030303:	p31	FreeBSD-SA-03:04.sendmail
	sendmail header parsing buffer overflow, ident parsing bug.

@


1.73.2.28.2.30
log
@sendmail parsing buffer overflow fix
Advisory number to be filled in later

Approved by:	so (nectar)
@
text
@a18 3
20030329:	p32	FreeBSD-SA-03:??.sendmail
	sendmail address parsing buffer overflow.

@


1.73.2.28.2.31
log
@Update FreeBSD Security Advisory Number

Approved by:	so (nectar)
@
text
@d19 1
a19 1
20030329:	p32	FreeBSD-SA-03:07.sendmail
@


1.73.2.28.2.32
log
@realpath(3) bug fix:  There was an off-by-one error in computing the
size of the resulting canonical path.
@
text
@a18 3
20030804:	p33	FreeBSD-SA-03:08.realpath
	Correct a single byte buffer overflow in realpath(3).

@


1.73.2.28.2.33
log
@MFC sys_process.c 1.113, spigot.c 1.60:
Add or correct range checking of signal numbers in system calls and
ioctls.
@
text
@a18 3
20030810:	p34	FreeBSD-SA-03:09.signal
	Repair range-checking errors in signal handling.

@


1.73.2.28.2.34
log
@MFC 1.24: Validate the iBCS2 statfs(2) length parameter.
@
text
@a18 3
20030810:	p35	FreeBSD-SA-03:10.iBCS2
	iBCS2 system call translator for statfs leaked information.

@


1.73.2.28.2.35
log
@MFC buffer.c 1.1.1.7: Do not record expanded size before attempting to
reallocate associated memory.
@
text
@a18 3
20030916:	p36	FreeBSD-SA-03:12.openssh
	OpenSSH oversized packet buffer handling corrected.

@


1.73.2.28.2.36
log
@MFC buffer.c 1.2, channels.c 1.16, deattack.c 1.1.1.6,
    misc.c 1.1.1.5 (->scp.c), session.c 1.41, ssh-agent.c 1.19:
Correct more cases of allocation size bookkeeping errors.
@
text
@a18 3
20030916:	p37	FreeBSD-SA-03:12.openssh
	Follow-up fixes for OpenSSH oversized packet buffer handling.

@


1.73.2.28.2.37
log
@MFC: sendmail address parsing bug fix

Approved by:	so (nectar)
@
text
@a18 3
20030917:	p38	FreeBSD-SA-03:13.sendmail
	Fix another address parsing buffer overflow.

@


1.73.2.28.2.38
log
@Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.

Approved by:	security-officer, jake (mentor)
Reported by:	Apple Product Security <product-security@@apple.com>
@
text
@a18 5
20030923:	p39	FreeBSD-SA-03:14.arp
	Fix a bug in arplookup(), whereby a hostile party on a locally
	attached network could exhaust kernel memory, and cause a system
	panic, by sending a flood of spoofed ARP requests.

@


1.73.2.28.2.39
log
@Bump patch level for updated arplookup fix.
@
text
@a18 3
20030924:	p40	FreeBSD-SA-03:14.arp
	Updated fix for arplookup bug.

@


1.73.2.28.2.40
log
@MFS 1.55.2.11:  Correct a reference counting bug in readv(2).
@
text
@a18 3
20031002:	p41	FreeBSD-SA-03:16.filedesc
	Correct a reference counting bug in readv(2).

@


1.73.2.28.2.41
log
@Merge from RELENG_4: kern_subr.c 1.31.2.3, procfs_dbregs.c 1.4.2.4,
    procfs_fpregs.c 1.11.2.4, procfs_regs.c 1.10.2.4,
    procfs_rlimit.c 1.5.2.1, procfs_status.c 1.20.2.5, uio.h 1.11.2.2,
    linprocfs_misc.c 1.3.2.9.
Correct several integer underflows/overflows in procfs and linprocfs.
@
text
@a18 3
20031003:	p42	FreeBSD-SA-03:17.procfs
	Correct integer underflows/overflows in procfs(5) and linprocfs(5).

@


1.73.2.29
log
@fxp backported from current.  now it requires mii bus.
@
text
@a8 5
20010510:
	The fxp driver from current has been ported to -stable.  This
	requires kernels that include fxp to also include mii bus devices.
	See GENERIC for details.

d871 1
a871 1
$FreeBSD: src/UPDATING,v 1.73.2.28 2001/03/25 20:35:17 imp Exp $
@


1.73.2.30
log
@Add FreeBSD 4.3 Release to the timeline.
@
text
@a13 3
20010421:
	FreeBSD 4.3 RELEASE

d876 1
a876 1
$FreeBSD: src/UPDATING,v 1.73.2.29 2001/05/14 05:18:12 imp Exp $
@


1.73.2.31
log
@Note that threaded perl breaks mod_perl.

Submitted by: Brent Kearney <brent@@kearneys.ca>
@
text
@a16 5
20010402:
	It appears that PERL_THREADED=true in /etc/make.conf is not
	compatible with mod_perl.  Not sure the exact date of this problem,
	but it post dates 4.2 and predates 4.3.

d879 1
a879 1
$FreeBSD: src/UPDATING,v 1.73.2.30 2001/05/14 05:29:34 imp Exp $
@


1.73.2.32
log
@Note possible binary incompatibility with the crhold macro and suggest
recompiling kernel modules that use it.
@
text
@a8 5
20010516:
	Size changes in the cred structures introduced a binary
	incompatibility for modules using the crhold() macro.  Modules
	should be recompiled for kernel later than this date.

d884 1
a884 1
$FreeBSD: src/UPDATING,v 1.73.2.31 2001/05/14 05:38:19 imp Exp $
@


1.73.2.33
log
@MFC: Note about single user.  Also, fix missing [5] footnote.
@
text
@d216 1
a216 1
	<in single user>				[6]
a242 8
	[5] Note: This won't upgrade your perl install.  You will
	need to rebuild the world on 4.x to update perl.
	[6] From the bootblocks, boot -s, and then do
		fsck -p
		mount -u /
		mount -a
		cd /usr/src
		adjkerntz -i		# if COMS is wall time
d262 1
a262 1
	possible.  See also note [6] above.
d889 1
a889 1
$FreeBSD: src/UPDATING,v 1.73.2.32 2001/05/19 06:30:15 imp Exp $
@


1.73.2.34
log
@Two entries for stable: The repo damage (also suggested by jdp, but I forgot
until now) and the TCP_RESTRICT_RST stuff.

Submitted by: Jimmy Olgeni <olgeni@@uli.it>
@
text
@a8 14
20010611:
	The TCP_RESTRICT_RST option has been removed. You should entirely
	remove it from your kernel configuration.

	The same functionality is available from the blackhole(4) MIB.

20010521:
	Minor repo damanged has happened.  This may cause problems
	with cvsup of ports.  If you get errors, please see
	http://www.FreeBSD.org/cgi/query-pr.cgi?pr=27495
	at the bottom for details on a workaround.  The error message
	is
Updater failed: Cannot delete "/usr/ports/www/jakarta-tomcat/files": Directory not empty

d897 1
a897 1
$FreeBSD: src/UPDATING,v 1.73.2.33 2001/06/04 16:20:22 imp Exp $
@


1.73.2.35
log
@MFC: copyright info.
@
text
@d3 5
a7 8
This file is maintained and copyrighted by M. Warner Losh
<imp@@village.org>.  Please send new entries directly to him.  See end
of file for further details.  For commonly done items, please see the
COMMON ITEMS: section later in the file.

A reverse chronology since 4.0 was released is included, followed by
the common items quick how-tos, followed by entries for versions of
-current prior to 4.0 Release.
d911 1
a911 24
Copyright information:

Copyright 1998, 2001 M. Warner Losh.  All Rights Reserved.

Redistribution, translation and use, with or without modification, in
full or in part, are permitted provided that the above copyright
notice is retained.

THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED.  IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

If you find this document useful, and you want to, you may buy the
author a beer.

$FreeBSD: src/UPDATING,v 1.73.2.34 2001/06/22 04:47:40 imp Exp $
@


1.73.2.36
log
@Mention gif(4) changes related to cloning support.

Approved by:	imp
@
text
@a11 11
20010724:
	The gif(4) interface has been converted to use cloning
	rather then allocating a static number of devices a compile
	time.  If you use gif interfaces and configure them by any
	method other then setting standard variables in /etc/rc.conf
	you will need to update your system to create devices with
	"ifconfig gifX create" before attempting to configure them.
	
	See the ifconfig(8) man page and /etc/rc.network for more
	information.

d937 1
a937 1
$FreeBSD: src/UPDATING,v 1.73.2.35 2001/06/29 22:23:59 imp Exp $
@


1.73.2.37
log
@MFC: Add entry for ed driver needing mii now that it was MFC'd by Ian Dowse
@
text
@a11 5
20010725:
	The ed driver has been updated.  It now allows mii attachments,
	which means that you must include the miibus in your kernel if
	you use the ed driver.

d948 1
a948 1
$FreeBSD: src/UPDATING,v 1.73.2.36 2001/07/24 19:23:07 brooks Exp $
@


1.73.2.38
log
@Strongly recommend using mergemaster and give some indication of what
problems can happen if you don't.
@
text
@d273 3
a275 5
	[4] This step is not optional.  If you fail to do this, you
	will not have critical system config files updated for their
	4.x functionality.  This will lead to reduced system
	functionality, the biggest problem being with /etc/pam.conf
	not having the entries necessary to allow remote ssh access.
d293 1
a293 1
	mergemaster		[2]
a303 3
	[2] If you do not run mergemaster, you will likely hit a
	number of show stopper problems.  The biggest one is that
	your /etc/pam.conf won't let you log in using ssh.
d953 1
a953 1
$FreeBSD: src/UPDATING,v 1.73.2.37 2001/07/25 22:54:25 imp Exp $
@


1.73.2.39
log
@Note wd compat device removal as of May 31, 2001.

Forgotten by: imp
Pointed out by: Mike Silbersack <silby@@silby.com>
@
text
@a33 6
20010531:
	The wd compat devices were removed from the ata driver.  Kernels
	after this date will fail to work with /dev/ nodes that you may
	have on your disk.  /etc/fstab is a common place to find these
	files hanging out, as are dump devices in /etc/rc.conf.

d958 1
a958 1
$FreeBSD: src/UPDATING,v 1.73.2.38 2001/08/11 02:07:17 imp Exp $
@


1.73.2.40
log
@pccardd and kernel updating at the same time
@
text
@a11 5
20010814:
	The pci attachment for pcic device was merged from current.  You
	should update your pccardd at the same time as you update your
	kernel.

d964 1
a964 1
$FreeBSD: src/UPDATING,v 1.73.2.39 2001/08/11 03:08:18 imp Exp $
@


1.73.2.41
log
@Note isdb4bsd has been updated and new proceedures for new version.
@
text
@a16 6
20010811:
	isdn4bsd was updated to version 1.00.1. for users of the isp<N>
	(kernel PPP over ISDN) devices, this means that they now _must_
	use ispppcontrol instead of spppcontrol to configure and control
	their isp<N> devices. see /usr/share/examples/isdn for more info.

d969 1
a969 1
$FreeBSD: src/UPDATING,v 1.73.2.40 2001/08/15 03:56:21 imp Exp $
@


1.73.2.42
log
@Fix typo in repo damage message.

Submitted by: Vadim Ostranitsyn <vadim@@tsu.ru>
@
text
@d52 1
a52 1
	Minor repo damange has happened.  This may cause problems
d975 1
a975 1
$FreeBSD: src/UPDATING,v 1.73.2.41 2001/08/15 07:17:56 imp Exp $
@


1.73.2.43
log
@Add note about shared interrupts.
@
text
@a16 4
	Note: Interrupts will now be shared between the CardBus bridge
	and the cards.  This is a change over the hand configuration
	before.

d975 1
a975 1
$FreeBSD: src/UPDATING,v 1.73.2.42 2001/08/23 15:39:27 imp Exp $
@


1.73.2.44
log
@Note 4.4-RELEASE
@
text
@a11 3
20010914:
	4.4 Released.

d979 1
a979 1
$FreeBSD$
@


1.73.2.45
log
@Note dummynet MFC
@
text
@a11 3
20011102:
	ipfw/bridge/dummynet features merged from current.

@


1.73.2.46
log
@Add note about linux module in recent stable releases
@
text
@a11 7
20011110:
	Some linux module changed, merged from current, require that you
	clean out the old compile directory.  If you are building with
	MODULES_WITH_WORLD=yes, then you need to cd to src/sys/modules/linux
	and run "make cleandir".  If not, then you need to cd
	src/sys/compile/$KERNCONF and do a make modules-clean.

@


1.73.2.47
log
@Add note that -g is now passed to modules builds, where before
it was not.
@
text
@a21 7
20011018:
	The kernel Makefile was enhanced to pass -g to modules builds
	when it is used for kernel building (eg, when the config file
	has DEBUG=-g).  People that have enabled debugging kernels
	will find they need significantly more disk space in their
	slash (/) partition.

@


1.73.2.48
log
@Note fix for OpenSSH `UseLogin yes' environment issue.
@
text
@a11 4
20011202:
	A security hole in OpenSSH involving `UseLogin yes' has been
	patched.

@


1.73.2.49
log
@Note new locale names
@
text
@a11 9
20020105:
	The locale names have been renamed in -stable to match
	-current:
		1. ISO_* -> ISO*
		2. ru_SU* -> ru_RU*
		3. DIS_* -> ISO*-15
		4. *.EUC -> *.euc??
		5. *.ASCII -> *.US-ASCII

d982 1
a982 1
Copyright 1998-2002 M. Warner Losh.  All Rights Reserved.
@


1.73.2.50
log
@s/COMS/CMOS/; PR 33499
@
text
@d339 1
a339 1
		adjkerntz -i		# if CMOS is wall time
@


1.73.2.50.2.1
log
@MFS: 20011110 typo fixed.

Approved by: re (I think with blanket approval)
@
text
@d26 1
a26 1
	Some linux module changes, merged from current, require that you
@


1.73.2.50.2.2
log
@MFS: 20010928 from nectar re ssh and skey
@
text
@a41 8
20010928:
	The OpenSSH `ChallengeResponseAuthentication' option now
	defaults to `yes'.  This enables S/Key authentication, which
	can result in users receiving an S/Key challenge when logging
	in interactively.  To disable this behavior, add a line to
	your /etc/ssh/sshd_config file:
	`ChallengeResponseAuthentication no'

@


1.73.2.50.2.3
log
@Add boilerplate 4.5 information now that we're on the 4.5 branch.

obviously, there is no patch level :-)

Approved/suggested by: murray
@
text
@d1 1
a1 1
Updating Information for FreeBSD STABLE users, 4.5 security branch
a10 10

This is for the 4.5 release branch.  All entries since 4.5 are an
itemized list of commits to this branch, numbered from the beginning.
By this count, we're at 4.5.0.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.
@


1.73.2.50.2.4
log
@The *.EUC -> *.euc?? change was backed out because it was too
disruptive, so we shouldn't document it here.

Submitted by:  matusita
Apologies to:  imp
I think my re@@ hat justifies this breach of protocol.
@
text
@d28 2
a29 1
		4. *.ASCII -> *.US-ASCII
@


1.73.2.50.2.5
log
@Note zlib and syncache fixes and bzip2 update, bump patch level (-p1)
@
text
@d14 1
a14 1
By this count, we're at 4.5.0p1.
a20 6

20020223:	p1
	zlib inflate error handling.
	bzip2 updated to fix insecure permissions during symlink dereferencing  
	and a race condition while creating new files
	Stale tcb pointer fixes in syncache handling.
@


1.73.2.50.2.6
log
@Add 4.5-RELEASEp2.
@
text
@a21 3
20020307:	p2	FreeBSD-SA-02:13.openssh
	OpenSSH off-by-one bug.

@


1.73.2.50.2.7
log
@Note fixes for:
= IP routing table leak in icmp_relect().
= mmap/msync bug which can panic the kernel.
= TCP broadcast connection bug.
@
text
@d14 1
a14 1
By this count, we're at 4.5-RELEASE-p3.
a20 5

20020316:	p3
	IP routing table leak in icmp_relect().
	mmap/msync bug which can panic the kernel.
	TCP broadcast connection bug.
@


1.73.2.50.2.8
log
@Note change for FreeBSD-SA-02:23.stdio.
@
text
@a21 4
20020421:	p4	FreeBSD-SA-02:23.stdio
	When exec'ing set[ug]id executables, the kernel now ensures that the
	stdio file descriptors (0..2) are open.  

@


1.73.2.50.2.9
log
@Update patchlevel per current count.
@
text
@d14 1
a14 1
By this count, we're at 4.5-RELEASE-p4.
@


1.73.2.50.2.10
log
@Note 4.5-RELEASE date.

Approved by:	nectar
@
text
@a39 3
20020129:
	FreeBSD 4.5-RELEASE.

@


1.73.2.50.2.11
log
@Add cross-references to applicable security advisories.

Approved by:	nectar
@
text
@d26 1
a26 2
20020316:	p3	FreeBSD-SA-02:21.tcpip
			FreeBSD-SA-02:22.mmap
d34 1
a34 2
20020223:	p1	FreeBSD-SA-02:18.zlib
			FreeBSD-SA-02:20.syncache
@


1.73.2.50.2.12
log
@MFC 1.206 src/UPDATING
    1.6   src/kerberos5/usr.bin/k5su/Makefile
    1.187 src/share/examples/etc/make.conf (etc/defaults/make.conf)
    1.44  src/share/man/man5/make.conf.5
Turn on the set-user-ID bit for k5su if ENABLE_SUID_K5SU is defined.
@
text
@a21 6
20020515:
	The k5su utility installed as part of Kerberos 5 is no longer
	Installed with the set-user-ID bit set by default.  Add
	ENABLE_SUID_K5SU=yes to /etc/make.conf to have it installed
	with the set-user-ID bit set.

@


1.73.2.50.2.13
log
@Note 4.5-RELEASE-p5.
@
text
@d14 1
a14 1
By this count, we're at 4.5-RELEASE-p5.
d22 1
a22 1
20020515:	p5
@


1.73.2.50.2.14
log
@Note FreeBSD-SA-02:26, 02:27, and patch level bump.
@
text
@d14 1
a14 1
By this count, we're at 4.5-RELEASE-p6.
a20 5

20020528:	p6	FreeBSD-SA-02:26.accept
			FreeBSD-SA-02:27.rc
	Accept filter bug.
	Dangerous globbing in /etc/rc.
@


1.73.2.50.2.15
log
@MFC: fix libc resolver buffer overflow.
@
text
@d14 1
a14 1
By this count, we're at 4.5-RELEASE-p7.
a20 3

20020626:	p7	FreeBSD-SA-02:28.resolv
	A fix for a buffer overflow in libc has been corrected.
@


1.73.2.50.2.16
log
@MFS: prevent tracing of previously privileged processes.
@
text
@a21 3
20020711:		FreeBSD-SA-02:30.ktrace
	Prevent users from tracing previously privileged processes.

@


1.73.2.50.2.17
log
@Bump patch level for the ktrace issue.  I intentionally did not do this
for RELENG_4_6, then unintentionally forgot for RELENG_4_5.
@
text
@d14 1
a14 1
By this count, we're at 4.5-RELEASE-p8.
d22 1
a22 1
20020711:	p8	FreeBSD-SA-02:30.ktrace
@


1.73.2.50.2.18
log
@MFC 1.6: Correct a buffer overflow when handling malformed NFS
packets.
@
text
@a21 3
20020712:	p8	FreeBSD-SA-02:29.tcpdump
	A buffer overflow in tcpdump has been corrected.

@


1.73.2.50.2.19
log
@Notate the upgrade to BIND 8.3.3

Approved by:	security-officer
@
text
@a21 2
20020713:	p9	Upgrade to BIND 8.3.3

@


1.73.2.50.2.20
log
@Correct date of BIND 8.3.3 merge, reformat.

Approved by:	security-officer (implicitly)
@
text
@d22 1
a22 2
20020715:	p9
	Upgrade to BIND 8.3.3.
@


1.73.2.50.2.21
log
@MFC sys/kern/kern_exec.c 1.178: Fix ordering of set-(user|group)-ID checks.
@
text
@d14 1
a14 1
By this count, we're at 4.5-RELEASE-p10.
a20 4

20020730:	p10	FreeBSD-SA-02:23.stdio.v1.2
	A bug in the previous patch for the vulnerability described
	in FreeBSD-SA-02:23.stdio was found and corrected.
@


1.73.2.50.2.22
log
@MFC 1.20: Use fchmod() to restore the tty modes.
@
text
@d14 1
a14 1
By this count, we're at 4.5-RELEASE-p11.
a20 3

20020730:	p11	FreeBSD-SA-02:32.pppd
	A fix for a race condition in pppd(8) was corrected.
@


1.73.2.50.2.23
log
@Correct awkward wording in recent pppd entry.
@
text
@d23 1
a23 1
	A race condition in pppd(8) was corrected.
@


1.73.2.50.2.24
log
@MFC lib/libc/xdr/xdr_array.c 1.11: Patch to fix bounds checking/overflow.
@
text
@a21 3
20020731:	p12
	A bounds checking error in the XDR decoder was corrected.

@


1.73.2.50.2.25
log
@Remove `By this count' line ... it provides no additional information and I
always forget to update it.
@
text
@d14 1
@


1.73.2.50.2.26
log
@MFC: OpenSSL 0.9.6e
@
text
@a20 3
20020731:	p13
	Upgrade to OpenSSL 0.9.6e.

@


1.73.2.50.2.27
log
@Correct bounds checking error in FFS filesize limits.
@
text
@a20 3
20020731:	p14
	A bounds checking error in FFS filesize limits was corrected.

@


1.73.2.50.2.28
log
@The fix applied to the XDR decoder in lib/libc/xdr/xdr_array.c revision
1.8.8.1 was incorrect.
@
text
@a20 3
20020801:	p15	FreeBSD-SA-02:34.rpc
	The original fix applied to the XDR decoder was in error.

d27 1
a27 1
20020731:	p12	FreeBSD-SA-02:34.rpc
@


1.73.2.50.2.29
log
@Update UPDATING and bump patch level for NFS fix.
@
text
@a20 3
20020801:	p16	FreeBSD-SA-02:36.nfs
	RPCs with zero-length payload would cause an infinite loop.

@


1.73.2.50.2.30
log
@Add cross-reference for SA-02:33.

Approved by:	security-officer (implicitly)
@
text
@d30 1
a30 1
20020731:	p13	FreeBSD-SA-02:33.openssl
@


1.73.2.50.2.31
log
@MFS: check far end of pipe.
@
text
@a20 4
20020805:	p17	FreeBSD-SA-02:37.kqueue
	Registering an EVFILT_WRITE event on a pipe whose far end had
	already been closed would cause a kernel panic.

@


1.73.2.50.2.32
log
@MFC src/crypto/openssl/crypto/asn1/asn1_lib.c rev 1.1.1.6:
  Correct a bug in the ASN.1 decoder.
@
text
@a20 4
20020805:	p18
	Correct a bug in the ASN.1 decoder which was introduced with
	the recent OpenSSL update.

@


1.73.2.50.2.33
log
@Add references to FreeBSD-SA-02:33.openssl and FreeBSD-SA-02:35.ffs to the
applicable entries.

Requested by:	matusita
@
text
@d21 1
a21 1
20020805:	p18	FreeBSD-SA-02:33.openssl
d35 1
a35 1
20020731:	p14	FreeBSD-SA-02:35.ffs
@


1.73.2.50.2.34
log
@MFC of upc_syscalls:1.123,1.124 and vesa.c:1.37.

Submitted by:	Silvio Cesare <silvio@@qualys.com> (1.123, 1.37)
@
text
@a20 4
20020813:	p19
	Bounds checking errors in accept(), getsockname(),
	getpeername(), and a VESA ioctl() command were corrected.

@


1.73.2.50.2.35
log
@Add cross-reference for SA-02:38.

Approved by:	security-officer (implicitly)
@
text
@d21 1
a21 1
20020813:	p19	FreeBSD-SA-02:38.signed-error
@


1.73.2.50.2.36
log
@MFC src/lib/libkvm/kvm.c 1.23: mark file descriptors close-on-exec.
@
text
@a20 5
20020911:	p20
	The kvm_openfiles/kvm_open functions now mark the returned file
	descriptors close-on-exec in case set-user-ID/set-group-ID
	applications are careless.

@


1.73.2.50.2.37
log
@Update UPDATING and bump patch level for kadmind fix.
@
text
@a20 3
20021023:       p21
	Correct kadmind buffer overflow.

@


1.73.2.50.2.38
log
@MFC: Fix smrsh bypass bug.

Approved by:    security-officer
@
text
@a20 3
20021026:	p22
	smrsh bypass bug.

@


1.73.2.50.2.39
log
@Correct recent name server vulnerabilities as documented at
<URL:http://www.isc.org/products/BIND/bind-security.html> and
<URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469>.

Obtained from:  ISC
@
text
@d21 1
a21 4
20021113:	p23	FreeBSD-SA-02:43.bind
	Correct name server vulnerabilities.

20021026:	p22	FreeBSD-SA-02:41.smrsh
d24 1
a24 1
20021023:	p21	FreeBSD-SA-02:40.kadmind
d27 1
a27 1
20020911:	p20	FreeBSD-SA-02:39.libkvm
@


1.73.2.50.2.40
log
@MFC 1.114: Fix a file descriptor leak in fpathconf(2).
@
text
@a20 3
20030107:	p24	FreeBSD-SA-02:44.filedesc
	Correct a reference counting bug in fpathconf(2).

@


1.73.2.50.2.41
log
@FreeBSD-SA-03:04.sendmail: sendmail header parsing buffer overflow

Approved by:    security-officer (nectar)
@
text
@a20 3
20030303:	p25	FreeBSD-SA-03:04.sendmail
	sendmail header parsing buffer overflow, ident parsing bug.

@


1.73.2.50.2.42
log
@sendmail parsing buffer overflow fix
Advisory number to be filled in later

Approved by:	so (nectar)
@
text
@a20 3
20030329:	p26	FreeBSD-SA-03:??.sendmail
	sendmail address parsing buffer overflow.

@


1.73.2.50.2.43
log
@Update FreeBSD Security Advisory Number

Approved by:	so (nectar)
@
text
@d21 1
a21 1
20030329:	p26	FreeBSD-SA-03:07.sendmail
@


1.73.2.50.2.44
log
@realpath(3) bug fix:  There was an off-by-one error in computing the
size of the resulting canonical path.
@
text
@a20 3
20030804:	p27	FreeBSD-SA-03:08.realpath
	Correct a single byte buffer overflow in realpath(3).

@


1.73.2.50.2.45
log
@MFC sys_process.c 1.113, spigot.c 1.60:
Add or correct range checking of signal numbers in system calls and
ioctls.
@
text
@a20 3
20030810:	p28	FreeBSD-SA-03:09.signal
	Repair range-checking errors in signal handling.

@


1.73.2.50.2.46
log
@MFC 1.24: Validate the iBCS2 statfs(2) length parameter.
@
text
@a20 3
20030810:	p29	FreeBSD-SA-03:10.iBCS2
	iBCS2 system call translator for statfs leaked information.

@


1.73.2.50.2.47
log
@MFC buffer.c 1.1.1.7: Do not record expanded size before attempting to
reallocate associated memory.
@
text
@a20 3
20030916:	p30	FreeBSD-SA-03:12.openssh
	OpenSSH oversized packet buffer handling corrected.

@


1.73.2.50.2.48
log
@MFC buffer.c 1.2, channels.c 1.16, deattack.c 1.1.1.6, misc.c 1.1.1.5,
    session.c 1.41, ssh-agent.c 1.19:
Correct more cases of allocation size bookkeeping errors.
@
text
@a20 3
20030916:	p31	FreeBSD-SA-03:12.openssh
	Follow-up fixes for OpenSSH oversized packet buffer handling.

@


1.73.2.50.2.49
log
@MFC: sendmail address parsing bug fix

Approved by:	so (nectar)
@
text
@a20 3
20030917:	p32	FreeBSD-SA-03:13.sendmail
	Fix another address parsing buffer overflow.

@


1.73.2.50.2.50
log
@Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.

Approved by:	security-officer, jake (mentor)
Reported by:	Apple Product Security <product-security@@apple.com>
@
text
@a20 5
20030923:	p33	FreeBSD-SA-03:14.arp
	Fix a bug in arplookup(), whereby a hostile party on a locally
	attached network could exhaust kernel memory, and cause a system
	panic, by sending a flood of spoofed ARP requests.

@


1.73.2.50.2.51
log
@Bump patch level for updated arplookup fix.
@
text
@a20 3
20030924:	p34	FreeBSD-SA-03:14.arp
	Updated fix for arplookup bug.

@


1.73.2.50.2.52
log
@MFS 1.55.2.11:  Correct a reference counting bug in readv(2).
@
text
@a20 3
20031002:	p35	FreeBSD-SA-03:16.filedesc
	Correct a reference counting bug in readv(2).

@


1.73.2.50.2.53
log
@Merge from RELENG_4: kern_subr.c 1.31.2.3, procfs_dbregs.c 1.4.2.4,
    procfs_fpregs.c 1.11.2.4, procfs_regs.c 1.10.2.4,
    procfs_rlimit.c 1.5.2.1, procfs_status.c 1.20.2.5, uio.h 1.11.2.2,
    linprocfs_misc.c 1.3.2.9.
Correct several integer underflows/overflows in procfs and linprocfs.
@
text
@a20 3
20031003:	p36	FreeBSD-SA-03:17.procfs
	Correct integer underflows/overflows in procfs(5) and linprocfs(5).

@


1.73.2.50.2.54
log
@Correct a remote denial-of-service attack in named(8).
@
text
@a20 3
20031126:	p37	FreeBSD-SA-03:19.bind
	Corrected remote denial-of-service vulnerability in named(8).

@


1.73.2.51
log
@Fix typo

Submitted by:	"Kevin Oberman" <oberman@@es.net>
@
text
@d26 1
a26 1
	Some linux module changes, merged from current, require that you
@


1.73.2.52
log
@Add note about openssh merge and implciations for skey.

Submitted by:	nectar
@
text
@a41 8
20010928:
	The OpenSSH `ChallengeResponseAuthentication' option now
	defaults to `yes'.  This enables S/Key authentication, which
	can result in users receiving an S/Key challenge when logging
	in interactively.  To disable this behavior, add a line to
	your /etc/ssh/sshd_config file:
	`ChallengeResponseAuthentication no'

@


1.73.2.53
log
@The EUC locale changes were backed out.
@
text
@d18 2
a19 1
		4. *.ASCII -> *.US-ASCII
@


1.73.2.54
log
@MFC sendmail 8.12.2
@
text
@a11 7
20020325:
	sendmail 8.12.2 has been imported.  The sendmail binary is no
	longer a set-user-ID root binary and the infrastructure to support
	command line mail submission has changed.  Be sure to run
	mergemaster (especially for updating /etc/rc, /etc/defaults/rc.conf,
	and /etc/mail) and read /etc/mail/README for more details.

@


1.73.2.55
log
@MFC: Add two items that have come up in the mailing lists regarding the
     sendmail import.

Approved by:	imp
@
text
@a11 16
20020404:
	The sendmail startup code in /etc/rc has been changed to deal
	with a non-set-user-ID sendmail binary.  Setting the rc.conf
	variable sendmail_enable to "NO" no longer prevents any sendmail
	daemons from starting.  Instead, set sendmail_enable to "NONE"
	to prevent any MTA from being started at boot.

20020404:
	Due to the import of sendmail 8.12.2 (see 20020325 entry), a new
	user and group are required in order for sendmail to run as a
	set-group-ID binary.  A 'make installworld' will use the new user
	and group to set the owner and group of /var/spool/clientmqueue
	and will fail if the new user and group do not exist.  The 'smmsp'
	user and group must be merged from src/etc/group and
	src/etc/master.passwd before using 'make installworld'.

@


1.73.2.56
log
@Add a note about the ephemeral port change.

Approved by:	imp
@
text
@a11 9
20020409:
	The default ephemeral port range has changed from [1024-5000] to
	[49152-65535].  Although unlikely, this change may conflict with some
	strict firewalls.  If this is the case, you may switch back to using
	the [1024-5000] range by entering:

	sysctl net.inet.ip.portrange.first=1024
	sysctl net.inet.ip.portrange.last=5000

@


1.73.2.57
log
@Make the previous comment about the ephemeral port range change
more verbose, including a note about ipnat and wording on how
to change the settings in rc.conf.

Suggested by:	AMAKAWA Shuhei <sa264@@cam.ac.uk>
@
text
@d14 3
a16 5
	[49152-65535].  This may cause conflicts with some configurations
	of ipnat; please ensure that you are not overlapping port ranges.
	It is also possible that the new port range may be blocked by some
	strict firewalls.  If either of these things are the case, you
	may switch back to using the [1024-5000] range by entering:
a19 6

	or adding the following lines to rc.conf if you wish the
	change to be permanent.  (Rebooting will be required in this case.)

	ip_portrange_first=1024
	ip_portrange_last=5000
@


1.73.2.58
log
@The MTA startup script changes have been MFC'ed so MFC the UPDATING
information as well.
@
text
@a11 7
20020411:
	New sendmail startup scripts have been installed to make it
	easier to use alternative MTAs with FreeBSD.  The rc.conf
	variable mta_start_script can be set to a script for starting
	an alternative MTA or to "" to prevent any MTA from being
	started at boot.

@


1.73.2.59
log
@Add a note about the /etc MFC
@
text
@a11 11
20020415:
	Many denizens of /etc were MFC'ed. While most of the changes
	are very benign, some of them have created a bit of a stir.
	Use the new version of mergemaster to update /etc, either by
	updating /etc after installworld, or by doing:
	cd /usr/src/usr.sbin/mergemaster; make all install [clean]
	Then use the new -C option to double-check your rc.conf settings.
	You should also double-check settings in [defaults/]rc.conf,
	syslog.conf, newsyslog.conf, and anything else important
	to your system.

@


1.73.2.60
log
@Add more specific information about inetd.

Submitted by:	bmah, and a cast of thousands
@
text
@d20 1
a20 2
	syslog.conf, newsyslog.conf, inetd.conf, your inetd_enable
	setting in rc.conf[.local]; and anything else important
@


1.73.2.61
log
@Add notes about sendmail and inet in -stable
@
text
@d4 3
a6 2
<imp@@village.org>.  See end of file for further details.  For commonly
done items, please see the COMMON ITEMS: section later in the file.
a11 9
20020421:
	inetd_enable was changed back to YES, to match the defaults
	earlier in the 4.0-stable branch.  This change restores the
	daemons that were enabled prior to April 15th.

20020420:
	sendmail_enable was changed back to YES, to match the
	defaults earlier in the 4.0-stable branch.

a22 5

	The two most important changes to note: sendmail and inetd are
	off by default now.  If you need them, please turn them back
	on by adding sendmail_enable=YES and/or inetd_enable=YES to
	/etc/rc.conf.
@


1.73.2.62
log
@Remove the now redundant emphasis on inetd from the paragraph I wrote.
Change the tense in the warning about re-enabling sendmail and inetd
so as not to confuse users into thinking that these are still
off by default.
@
text
@d28 2
a29 1
	syslog.conf, newsyslog.conf, and anything else important
d32 2
a33 2
	The two most important changes to note: sendmail and inetd were
	turned off by default.  If you need them, please turn them back
@


1.73.2.63
log
@Note change for FreeBSD-SA-02:23.stdio.
@
text
@a15 3
	When exec'ing set[ug]id executables, the kernel now ensures that the
	stdio file descriptors (0..2) are open.  See FreeBSD-SA-02:23.stdio.

@


1.73.2.64
log
@MFC the note about using mergemaster to add the smmsp user/group.

Suggested by:	abc
@
text
@a77 4
	'mergemaster -p' will do this.  You may need to install
	mergemaster before this will work if you are updating from a
	very old version of stable.  This can be done with:
	cd /usr/src/usr.sbin/mergemaster; make all install [clean]
@


1.73.2.65
log
@Remove entry about ephemeral port range change MFC, as it
has been un-MFC'd.
@
text
@d46 17
@


1.73.2.66
log
@Mention the reversion of the ephemeral port range change.
@
text
@a10 6
20020501:
	The ephemeral port range change that was previously mentioned
	in this document has been reverted, so any changes it required
	to your system may be reverted as well.  Those who missed the
	change should ignore this notice.

@


1.73.2.67
log
@MFC 1.206 src/UPDATING
    1.6   src/kerberos5/usr.bin/k5su/Makefile
    1.187 src/share/examples/etc/make.conf (etc/defaults/make.conf)
    1.44  src/share/man/man5/make.conf.5
Turn on the set-user-ID bit for k5su if ENABLE_SUID_K5SU is defined.

Approved by:	brian (re)
@
text
@a10 6
20020515:
	The k5su utility installed as part of Kerberos 5 is no longer
	installed with the set-user-ID bit set by default.  Add
	ENABLE_SUID_K5SU=yes to /etc/make.conf to have it installed
	with the set-user-ID bit set.

@


1.73.2.68
log
@Note 4.5-RELEASE release date.

Submitted by:	Nuno Teixeira <nunotex@@pt-quorum.com>
Approved by:	re (implicitly)
@
text
@a84 3
20020129:
	FreeBSD 4.5-RELEASE.

@


1.73.2.68.2.1
log
@Add a note for an ata(4) MFC, which required remaking device nodes.

Suggested by:	Larry Rosenman <ler@@lerctr.org>
Approved by:	re (bmah)
@
text
@a84 7
20020318:
	The ata(4) driver has been updated from the version in -CURRENT.  
	As a result, some device nodes in /dev have changed; it will be 
	necessary to update MAKEDEV and re-make the device nodes.
	mergemaster(8) will offer to do this as a part of its upgrade
	procedure.

@


1.73.2.68.2.2
log
@Note the 4.6 release date.

Approved by:	re (implicitly)
@
text
@a10 3
20020615:
	FreeBSD 4.6-RELEASE.

@


1.73.2.68.2.3
log
@MFC: oflow fixes.
@
text
@a10 3
20020626:	-p1
	A fix for a buffer overflow in libc has been corrected.

@


1.73.2.68.2.4
log
@Note that the tags bug fix in ata(4) was merged.
@
text
@a10 3
20020708:
	A tags bug in the ata(4) subsystem has been corrected.

@


1.73.2.68.2.5
log
@MFS: prevent tracing of previously privileged processes.
@
text
@a10 3
20020711:		FreeBSD-SA-02:30.ktrace
	Prevent users from tracing previously privileged processes.

@


1.73.2.68.2.6
log
@MFC 1.6: Correct a buffer overflow when handling malformed NFS
packets.
@
text
@a10 14
This is for the 4.6 release branch.  All entries since 4.5 are an
itemized list of commits to this branch, numbered from the beginning.
By this count, we're at 4.6-RELEASE-p2.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.


20020712:	p2	FreeBSD-SA-02:29.tcpdump
	A buffer overflow in tcpdump has been corrected.

d17 1
a17 1
20020626:	p1
@


1.73.2.68.2.7
log
@Notate the upgrade to BIND 8.3.3

Approved by:	security-officer
@
text
@a20 1
20020713:	p3	Upgrade to BIND 8.3.3
@


1.73.2.68.2.8
log
@Try to get UPDATING caught up to reality:

o Correct BIND 8.3.3 merge date.

o Add items for atprq bugfix, OpenSSH 3.4p1 import, pcic power bugfix,
  and sendmail bugfix.

o Cross-reference SA-02:28 in appropriate place.
@
text
@d21 1
a21 12
20020718:
	"Hang in atprq" bugfix for ATAPI CDROMs.

20020716:
	OpenSSH 3.4p1 update.

20020715:	p3
	Upgrade to BIND 8.3.3.

20020714:
	pcic power bugfix.
	sendmail DNS map bugfix.
d32 1
a32 1
20020626:	p1	FreeBSD-SA-02:28.resolv
@


1.73.2.68.2.9
log
@MFC sys/kern/kern_exec.c 1.178: Fix ordering of set-(user|group)-ID checks.
@
text
@d11 1
a11 1
This is for the 4.6 release branch.  All entries since 4.6 are an
d13 1
a13 1
By this count, we're at 4.6.1-RELEASE-p1.
a19 4

20020730:	p1	FreeBSD-SA-02:23.stdio.v1.2
	A bug in the previous patch for the vulnerability described
	in FreeBSD-SA-02:23.stdio was found and corrected.
@


1.73.2.68.2.10
log
@MFC 1.20: Use fchmod() to restore the tty modes.
@
text
@d13 1
a13 1
By this count, we're at 4.6.1-RELEASE-p2.
a19 3

20020730:	p2	FreeBSD-SA-02:32.pppd
	A fix for a race condition in pppd(8) was corrected.
@


1.73.2.68.2.11
log
@MFC: OpenSSL 0.9.6e
@
text
@d13 1
a13 1
By this count, we're at 4.6.1-RELEASE-p3.
a19 3

20020730:	p3
	Upgrade to OpenSSL 0.9.6e.
@


1.73.2.68.2.12
log
@Note XDR decoder fix.
@
text
@a20 3
20020731:	p4
	A bounds checking error in the XDR decoder was corrected.

@


1.73.2.68.2.13
log
@Correct awkward wording in recent pppd entry.
@
text
@d28 1
a28 1
	A race condition in pppd(8) was corrected.
@


1.73.2.68.2.14
log
@Remove `By this count' line ... it provides no additional information and I
always forget to update it.
@
text
@d13 1
@


1.73.2.68.2.15
log
@Correct bounds checking error in FFS filesize limits.
@
text
@a19 3
20020731:	p5
	A bounds checking error in FFS filesize limits was corrected.

@


1.73.2.68.2.16
log
@The fix applied to the XDR decoder in lib/libc/xdr/xdr_array.c revision
1.8.10.1 was incorrect.
@
text
@a19 3
20020801:	p6	FreeBSD-SA-02:34.rpc
	The original fix applied to the XDR decoder was in error.

d23 1
a23 1
20020731:	p4	FreeBSD-SA-02:34.rpc
@


1.73.2.68.2.17
log
@Update UPDATING and bump patch level for NFS fix.
@
text
@a19 3
20020801:	p7	FreeBSD-SA-02:36.nfs
	RPCs with zero-length payload would cause an infinite loop.

@


1.73.2.68.2.18
log
@Document READ_BIG bugfix.

Approved by:	  re
@
text
@a19 3
20020804:
	Bugfix for READ_BIG errors with ATAPI devices.

@


1.73.2.68.2.19
log
@Bump patch level for ATA READ_BIG fixes.
@
text
@d20 1
a20 1
20020804:	p8
@


1.73.2.68.2.20
log
@Add cross-reference for SA-02:33.

Approved by:	security-officer (implicitly)
@
text
@d35 1
a35 1
20020730:	p3	FreeBSD-SA-02:33.openssl
@


1.73.2.68.2.21
log
@MFS: check far end of pipe.
@
text
@a19 4
20020805:	p9	FreeBSD-SA-02:37.kqueue
	Registering an EVFILT_WRITE event on a pipe whose far end had
	already been closed would cause a kernel panic.

@


1.73.2.68.2.22
log
@MFC src/crypto/openssl/crypto/asn1/asn1_lib.c rev 1.1.1.6:
  Correct a bug in the ASN.1 decoder.
@
text
@a19 4
20020805:	p10
	Correct a bug in the ASN.1 decoder which was introduced with
	the recent OpenSSL update.

@


1.73.2.68.2.23
log
@Add references to FreeBSD-SA-02:33.openssl and FreeBSD-SA-02:35.ffs to the
applicable entries.

Requested by:	matusita
@
text
@d20 1
a20 1
20020805:	p10	FreeBSD-SA-02:33.openssl
d37 1
a37 1
20020731:	p5	FreeBSD-SA-02:35.ffs
@


1.73.2.68.2.24
log
@MFC of upc_syscalls:1.123,1.124 and vesa.c:1.37.

Submitted by:	Silvio Cesare <silvio@@qualys.com> (1.123, 1.37)
@
text
@a19 4
20020813:	p11
	Bounds checking errors in accept(), getsockname(),
	getpeername(), and a VESA ioctl() command were corrected.

@


1.73.2.68.2.25
log
@Add entry for 4.6.2-RELEASE.
@
text
@a19 3
20020814:
	FreeBSD 4.6.2-RELEASE.

@


1.73.2.68.2.26
log
@Add cross-reference for SA-02:38.

Approved by:	security-officer (implicitly)
@
text
@d23 1
a23 1
20020813:	p11	FreeBSD-SA-02:38.signed-error
@


1.73.2.68.2.27
log
@Document pkg_add bugfix.

Approved by:	security-officer (nectar)
@
text
@a19 4
20020909:	p1
	Fix a bug in pkg_add(1) -r that made it look in the wrong place
	for 4.6-RELEASE and 4.6.2-RELEASE packages.

@


1.73.2.68.2.28
log
@MFC src/lib/libkvm/kvm.c 1.23: mark file descriptors close-on-exec.
@
text
@a19 5
20020911:	p2
	The kvm_openfiles/kvm_open functions now mark the returned file
	descriptors close-on-exec in case set-user-ID/set-group-ID
	applications are careless.

@


1.73.2.68.2.29
log
@Update UPDATING and bump patch level for kadmind fix.
@
text
@a19 3
20021023:       p3
	Correct kadmind buffer overflow.

@


1.73.2.68.2.30
log
@MFC: Fix smrsh bypass bug.

Approved by:    security-officer
@
text
@a19 3
20021026:	p4
	smrsh bypass bug.

@


1.73.2.68.2.31
log
@Correct recent name server vulnerabilities as documented at
<URL:http://www.isc.org/products/BIND/bind-security.html> and
<URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469>.

Obtained from:	ISC
@
text
@d20 1
a20 4
20021113:	p5	FreeBSD-SA-02:43.bind
	Correct name server vulnerabilities.

20021026:	p4	FreeBSD-SA-02:41.smrsh
d23 1
a23 1
20021023:	p3	FreeBSD-SA-02:40.kadmind
d26 1
a26 1
20020911:	p2	FreeBSD-SA-02:39.libkvm
@


1.73.2.68.2.32
log
@MFC 1.114: Fix a file descriptor leak in fpathconf(2).
@
text
@a19 3
20030106:	p6	FreeBSD-SA-02:44.filedesc
	Correct a reference counting bug in fpathconf(2).

@


1.73.2.68.2.33
log
@-- Emphasize on the first line that this is a security branch (and which
   branch specifically).
-- Update imp's copyright to 2003.
@
text
@d1 1
a1 1
Updating Information for FreeBSD 4.6 Security Branch (RELENG_4_6) users.
d1179 1
a1179 1
Copyright 1998-2003 M. Warner Losh.  All Rights Reserved.
@


1.73.2.68.2.34
log
@Correct a double-free bug and disable a dangerous feature in
cvs.

See <URL:http://online.securityfocus.com/archive/1/72584>,
<URL:http://security.e-matters.de/advisories/012003.html>,
and the soon-to-be-released FreeBSD-SA-03:01.cvs for details.
@
text
@a19 4
20030204:	p7	FreeBSD-SA-03:01.cvs
	Correct a double-free bug and disable a dangerous feature in
	cvs.

@


1.73.2.68.2.35
log
@Merge from RELENG_4_7: Update to OpenSSL 0.9.6i.
@
text
@a19 4
20030221:	p8	FreeBSD-SA-03:02.openssl
	Update to OpenSSL 0.9.6i in order to correct `Timing-based
	attacks on SSL/TLS with CBC encryption' vulnerability.

@


1.73.2.68.2.36
log
@MFC tcp_syncache.c 1.38: Improve security and performance of syncookies.
@
text
@a19 3
20030223:	p9	FreeBSD-SA-03:03.syncookies
	Make brute force attacks on syncookies much more difficult.

@


1.73.2.68.2.37
log
@FreeBSD-SA-03:04.sendmail: sendmail header parsing buffer overflow

Approved by:    security-officer (nectar)
@
text
@a19 3
20030303:	p10	FreeBSD-SA-03:04.sendmail
	sendmail header parsing buffer overflow, ident parsing bug.

@


1.73.2.68.2.38
log
@MFC:
  src/lib/libc/xdr/xdr_mem.c 1.12
  src/include/rpc/xdr.h      1.23

Clean up some signed/unsigned issues in the XDR code.
@
text
@a19 3
20030320:	p11	FreeBSD-SA-03:05.xdr
	integer overflow errors in the Sun XDR library.

@


1.73.2.68.2.39
log
@MFC: crypto/openssl/ssl/s3_srvr.c 1.1.1.11
     Import of PKCS #1 security fix.
       http://www.openssl.org/news/secadv_20030319.txt

MFC: crypto/openssl/crypto/rsa/rsa_eay.c 1.11
     crypto/openssl/crypto/rsa/rsa_lib.c  1.9
     Enable RSA blinding by default.
       http://www.openssl.org/news/secadv_20030317.txt
@
text
@a19 4
20030321:	p12	FreeBSD-SA-03:06.openssl
	enable RSA blinding by default
	fix PKCS #1 v1.5 padding vulnerability

@


1.73.2.68.2.40
log
@sendmail parsing buffer overflow fix
Advisory number to be filled in later

Approved by:	so (nectar)
@
text
@a19 3
20030329:	p13	FreeBSD-SA-03:??.sendmail
	sendmail address parsing buffer overflow.

@


1.73.2.68.2.41
log
@Update FreeBSD Security Advisory Number

Approved by:	so (nectar)
@
text
@d20 1
a20 1
20030329:	p13	FreeBSD-SA-03:07.sendmail
@


1.73.2.68.2.42
log
@realpath(3) bug fix:  There was an off-by-one error in computing the
size of the resulting canonical path.
@
text
@a19 3
20030804:	p14	FreeBSD-SA-03:08.realpath
	Correct a single byte buffer overflow in realpath(3).

@


1.73.2.68.2.43
log
@MFC sys_process.c 1.113, spigot.c 1.60:
Add or correct range checking of signal numbers in system calls and
ioctls.
@
text
@a19 3
20030810:	p15	FreeBSD-SA-03:09.signal
	Repair range-checking errors in signal handling.

@


1.73.2.68.2.44
log
@MFC 1.24: Validate the iBCS2 statfs(2) length parameter.
@
text
@a19 3
20030810:	p16	FreeBSD-SA-03:10.iBCS2
	iBCS2 system call translator for statfs leaked information.

@


1.73.2.68.2.45
log
@Merge sm_resolve.c 1.229.2.17: Fix for DNS map processing error.
@
text
@a19 3
20030825:	p17	FreeBSD-SA-03:11.sendmail
	Sendmail DNS map problem corrected.

@


1.73.2.68.2.46
log
@MFC buffer.c 1.1.1.7: Do not record expanded size before attempting to
reallocate associated memory.
@
text
@a19 3
20030916:	p18	FreeBSD-SA-03:12.openssh
	OpenSSH oversized packet buffer handling corrected.

@


1.73.2.68.2.47
log
@MFC buffer.c 1.2, channels.c 1.16, deattack.c 1.1.1.6, misc.c 1.1.1.5,
    session.c 1.41, ssh-agent.c 1.19:
Correct more cases of allocation size bookkeeping errors.
@
text
@a19 3
20030916:	p19	FreeBSD-SA-03:12.openssh
	Follow-up fixes for OpenSSH oversized packet buffer handling.

@


1.73.2.68.2.48
log
@MFC: sendmail address parsing bug fix

Approved by:	so (nectar)
@
text
@a19 3
20030917:	p20	FreeBSD-SA-03:13.sendmail
	Fix another address parsing buffer overflow.

@


1.73.2.68.2.49
log
@Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.

Approved by:	security-officer, jake (mentor)
Reported by:	Apple Product Security <product-security@@apple.com>
@
text
@a19 5
20030923:       p21      FreeBSD-SA-03:14.arp
	Fix a bug in arplookup(), whereby a hostile party on a locally
	attached network could exhaust kernel memory, and cause a system
	panic, by sending a flood of spoofed ARP requests.

@


1.73.2.68.2.50
log
@Fix whitespace in latest note.
@
text
@d20 1
a20 1
20030923:	p21	FreeBSD-SA-03:14.arp
@


1.73.2.68.2.51
log
@Update patch level
@
text
@a19 3
20030924:       p22	FreeBSD-SA-03:15.openssh
	Fix PAM-related bugs in OpenSSH's challenge/response code.

@


1.73.2.68.2.52
log
@Bump patch level for updated arplookup fix.
@
text
@a19 3
20030924:	p23	FreeBSD-SA-03:14.arp
	Updated fix for arplookup bug.

@


1.73.2.68.2.53
log
@MFS 1.55.2.11:  Correct a reference counting bug in readv(2).
@
text
@a19 3
20031002:	p24	FreeBSD-SA-03:16.filedesc
	Correct a reference counting bug in readv(2).

@


1.73.2.68.2.54
log
@Merge from RELENG_4: kern_subr.c 1.31.2.3, procfs_dbregs.c 1.4.2.4,
    procfs_fpregs.c 1.11.2.4, procfs_regs.c 1.10.2.4,
    procfs_rlimit.c 1.5.2.1, procfs_status.c 1.20.2.5, uio.h 1.11.2.2,
    linprocfs_misc.c 1.3.2.9.
Correct several integer underflows/overflows in procfs and linprocfs.
@
text
@a19 3
20031003:	p25	FreeBSD-SA-03:17.procfs
	Correct integer underflows/overflows in procfs(5) and linprocfs(5).

@


1.73.2.68.2.55
log
@Correct vulnerabilities in OpenSSL ASN.1 parsing.

Obtained from:	openssl.org CVS
@
text
@a19 3
20031003:	p26	FreeBSD-SA-03:18.openssl
	Corrected vulnerabilities in OpenSSL ASN.1 parsing.

@


1.73.2.68.2.56
log
@Correct a remote denial-of-service attack in named(8).
@
text
@a19 3
20031126:	p27	FreeBSD-SA-03:19.bind
	Corrected remote denial-of-service vulnerability in named(8).

@


1.73.2.69
log
@Add a note for an ata(4) MFC, which required remaking device nodes.

Suggested by:	Larry Rosenman <ler@@lerctr.org>
Approved by:	re (bmah)
@
text
@a84 7
20020318:
	The ata(4) driver has been updated from the version in -CURRENT.  
	As a result, some device nodes in /dev have changed; it will be 
	necessary to update MAKEDEV and re-make the device nodes.
	mergemaster(8) will offer to do this as a part of its upgrade
	procedure.

@


1.73.2.70
log
@Note the 4.6 release date.

Approved by:	re (implicitly)
@
text
@a10 3
20020615:
	FreeBSD 4.6-RELEASE.

@


1.73.2.71
log
@Warn that install(1) no longer accepts -d and -C together.
@
text
@a10 5
20020703:
	The install(1) utility no longer allows the -d and -C options
	to be specified together.  "INSTALL=install -C" in make.conf
	should be replaced with "COPY=-C".

@


1.73.2.72
log
@Mention OpenSSH 3.4p1 and the switch to protovol version 2.
@
text
@a10 8
20020704:
	OpenSSH has been upgraded to 3.4p1 and fully PAMified.  Note
	that the protocol version now defaults to 2 rather than 1,
	which means clients might get warnings about unknown host keys
	their hostfiles only list the ssh1 RSA key.  See ssh_config(5)
	and sshd_config(5) for more information on configuring ssh and
	sshd.

@


1.73.2.73
log
@Remove the references to clean'ing in src/usr.sbin/mergemaster, since
numerous users have sent me questions, and/or problem reports about
their installworld failing after running 'make clean' here.
@
text
@d56 1
a56 3
	cd /usr/src/usr.sbin/mergemaster; make all install
	before you run installworld.

d92 1
a92 1
	cd /usr/src/usr.sbin/mergemaster; make all install
@


1.73.2.74
log
@MFC.

Ignore -C, -p, and -S options of install(1) when used with the -d
option.  Warn about COPY being phased out.  Restore the old method
of always comparing before installing: INSTALL="install -C".
@
text
@a10 6
20020807:
	COPY is being deprecated.  The 20020703 change was reverted, as
	it causes far more pain than was expected, and to always compare
	before installing, please use INSTALL="install -C" again.  The
	-C option is now silently ignored when used with the -d option.

@


1.73.2.74.2.1
log
@Note the release date of 4.7-RELEASE.

Approved by:	security-officer (implicitly)
@
text
@a10 3
20021010:
	FreeBSD 4.7-RELEASE.

@


1.73.2.74.2.2
log
@Update UPDATING and bump patch level for tar(1) and kadmind fixes.
@
text
@a10 5
20021023:       p1
	Correct bug in the tar(1) contains_dot_dot function allowing
	files to be extracted outside the intended directory tree.
	Correct kadmind buffer overflow.

@


1.73.2.74.2.3
log
@Correct recent name server vulnerabilities as documented at
<URL:http://www.isc.org/products/BIND/bind-security.html> and
<URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469>.

Obtained from:	ISC
@
text
@d11 1
a11 4
20021113:	p2	FreeBSD-SA-02:43.bind
	Correct name server vulnerabilities.

20021023:       p1	FreeBSD-SA-02:40.kadmind
@


1.73.2.74.2.4
log
@MFC 1.114: Fix a file descriptor leak in fpathconf(2).
@
text
@a10 3
20030106:	p3	FreeBSD-SA-02:44.filedesc
	Correct a reference counting bug in fpathconf(2).

@


1.73.2.74.2.5
log
@-- Emphasize on the first line that this is a security branch (and which
   branch specifically).
-- Update imp's copyright to 2003.
-- Add some boiler-plate text for security branches that was missing.
@
text
@d1 1
a1 1
Updating Information for FreeBSD 4.7 Security Branch (RELENG_4_7) users.
a10 9
This is for the 4.7 release branch.  All entries since 4.7 are an
itemized list of commits to this branch, numbered from the beginning.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.

d1119 1
a1119 1
Copyright 1998-2003 M. Warner Losh.  All Rights Reserved.
@


1.73.2.74.2.6
log
@Correct a double-free bug and disable a dangerous feature in
cvs.

See <URL:http://online.securityfocus.com/archive/1/72584>,
<URL:http://security.e-matters.de/advisories/012003.html>,
and the soon-to-be-released FreeBSD-SA-03:01.cvs for details.
@
text
@a19 4
20030204:	p4	FreeBSD-SA-03:01.cvs
	Correct a double-free bug and disable a dangerous feature in
	cvs.

@


1.73.2.74.2.7
log
@Merge from RELENG_5_0: Update to OpenSSL 0.9.6i.
@
text
@a19 4
20030220:	p5	FreeBSD-SA-03:02.openssl
	Update to OpenSSL 0.9.6i in order to correct `Timing-based
	attacks on SSL/TLS with CBC encryption' vulnerability.

@


1.73.2.74.2.8
log
@MFC tcp_syncache.c 1.38: Improve security and performance of syncookies.
@
text
@a19 3
20030223:	p6	FreeBSD-SA-03:03.syncookies
	Make brute force attacks on syncookies much more difficult.

@


1.73.2.74.2.9
log
@FreeBSD-SA-03:04.sendmail: sendmail header parsing buffer overflow

Approved by:    security-officer (nectar)
@
text
@a19 3
20030303:	p7	FreeBSD-SA-03:04.sendmail
	sendmail header parsing buffer overflow, ident parsing bug.

@


1.73.2.74.2.10
log
@MFC:
  src/lib/libc/xdr/xdr_mem.c 1.12
  src/include/rpc/xdr.h      1.23

Clean up some signed/unsigned issues in the XDR code.
@
text
@a19 3
20030320:	p8	FreeBSD-SA-03:05.xdr
	integer overflow errors in the Sun XDR library.

@


1.73.2.74.2.11
log
@MFC: crypto/openssl/ssl/s3_srvr.c 1.1.1.11
     Import of PKCS #1 security fix.
       http://www.openssl.org/news/secadv_20030319.txt

MFC: crypto/openssl/crypto/rsa/rsa_eay.c 1.11
     crypto/openssl/crypto/rsa/rsa_lib.c  1.9
     Enable RSA blinding by default.
       http://www.openssl.org/news/secadv_20030317.txt
@
text
@a19 4
20030321:	p9	FreeBSD-SA-03:06.openssl
	enable RSA blinding by default
	fix PKCS #1 v1.5 padding vulnerability

@


1.73.2.74.2.12
log
@sendmail parsing buffer overflow fix
Advisory number to be filled in later

Approved by:	so (nectar)
@
text
@a19 3
20030329:	p10	FreeBSD-SA-03:??.sendmail
	sendmail address parsing buffer overflow.

@


1.73.2.74.2.13
log
@Update FreeBSD Security Advisory Number

Approved by:	so (nectar)
@
text
@d20 1
a20 1
20030329:	p10	FreeBSD-SA-03:07.sendmail
@


1.73.2.74.2.14
log
@realpath(3) bug fix:  There was an off-by-one error in computing the
size of the resulting canonical path.
@
text
@a19 3
20030804:	p11	FreeBSD-SA-03:08.realpath
	Correct a single byte buffer overflow in realpath(3).

@


1.73.2.74.2.15
log
@MFC sys_process.c 1.113, spigot.c 1.60:
Add or correct range checking of signal numbers in system calls and
ioctls.
@
text
@a19 3
20030810:	p12	FreeBSD-SA-03:09.signal
	Repair range-checking errors in signal handling.

@


1.73.2.74.2.16
log
@MFC 1.24: Validate the iBCS2 statfs(2) length parameter.
@
text
@a19 3
20030810:	p13	FreeBSD-SA-03:10.iBCS2
	iBCS2 system call translator for statfs leaked information.

@


1.73.2.74.2.17
log
@Merge sm_resolve.c 1.229.2.17: Fix for DNS map processing error.
@
text
@a19 3
20030825:	p14	FreeBSD-SA-03:11.sendmail
	Sendmail DNS map problem corrected.

@


1.73.2.74.2.18
log
@MFC buffer.c 1.1.1.7: Do not record expanded size before attempting to
reallocate associated memory.
@
text
@a19 3
20030916:	p15	FreeBSD-SA-03:12.openssh
	OpenSSH oversized packet buffer handling corrected.

@


1.73.2.74.2.19
log
@MFC buffer.c 1.2, channels.c 1.16, deattack.c 1.1.1.6, misc.c 1.1.1.5,
    session.c 1.41, ssh-agent.c 1.19:
Correct more cases of allocation size bookkeeping errors.
@
text
@a19 3
20030916:	p16	FreeBSD-SA-03:12.openssh
	Follow-up fixes for OpenSSH oversized packet buffer handling.

@


1.73.2.74.2.20
log
@MFC: sendmail address parsing bug fix

Approved by:	so (nectar)
@
text
@a19 3
20030917:	p17	FreeBSD-SA-03:13.sendmail
	Fix another address parsing buffer overflow.

@


1.73.2.74.2.21
log
@Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.

Approved by:	security-officer, jake (mentor)
Reported by:	Apple Product Security <product-security@@apple.com>
@
text
@a19 5
20030923:	p18	FreeBSD-SA-03:14.arp    
	Fix a bug in arplookup(), whereby a hostile party on a locally
	attached network could exhaust kernel memory, and cause a system
	panic, by sending a flood of spoofed ARP requests.

@


1.73.2.74.2.22
log
@Update patch level
@
text
@a19 3
20030924:       p19	FreeBSD-SA-03:15.openssh
	Fix PAM-related bugs in OpenSSH's challenge/response code.

@


1.73.2.74.2.23
log
@Bump patch level for updated arplookup fix.
@
text
@a19 3
20030924:	p20	FreeBSD-SA-03:14.arp
	Updated fix for arplookup bug.

@


1.73.2.74.2.24
log
@MFS 1.55.2.11:  Correct a reference counting bug in readv(2).
@
text
@a19 3
20031002:	p21	FreeBSD-SA-03:16.filedesc
	Correct a reference counting bug in readv(2).

@


1.73.2.74.2.25
log
@Merge from RELENG_4: kern_subr.c 1.31.2.3, procfs_dbregs.c 1.4.2.4,
    procfs_fpregs.c 1.11.2.4, procfs_regs.c 1.10.2.4,
    procfs_rlimit.c 1.5.2.1, procfs_status.c 1.20.2.5, uio.h 1.11.2.2,
    linprocfs_misc.c 1.3.2.9.
Correct several integer underflows/overflows in procfs and linprocfs.
@
text
@a19 3
20031003:	p22	FreeBSD-SA-03:17.procfs
	Correct integer underflows/overflows in procfs(5) and linprocfs(5).

@


1.73.2.74.2.26
log
@Correct vulnerabilities in OpenSSL ASN.1 parsing.

Obtained from:	openssl.org CVS
@
text
@a19 3
20031003:	p23	FreeBSD-SA-03:18.openssl
	Corrected vulnerabilities in OpenSSL ASN.1 parsing.

@


1.73.2.74.2.27
log
@Correct a remote denial-of-service attack in named(8).
@
text
@a19 3
20031126:	p24	FreeBSD-SA-03:19.bind
	Corrected remote denial-of-service vulnerability in named(8).

@


1.73.2.74.2.28
log
@Document the recent commits to src/usr.bin/gensetdefs/gensetdefs.c and
their (non-security-related) purpose.

Requested by:	imp
Approved by:	so (nectar)
@
text
@a19 5
20040202:
	Fixed a syntax issue in gensetdefs(8) sources which tripped up
	newer compilers.  This has no impact on security, but allows
	cross-building 4.7 on a 5.x system.

@


1.73.2.74.2.29
log
@MFC sysv_shm.c 1.90: Correct a reference counting bug in shmat(2).
@
text
@a19 3
20040205:	p25	FreeBSD-SA-04:02.shmat
	Correct a reference counting bug in shmat(2).

@


1.73.2.74.2.30
log
@MFC in part tcp_input.c 1.228, tcp_subr.c 1.182, tcp_var.h 1.98:
Limit TCP segment reassembly queue size.
@
text
@a19 3
20040317:	p26	FreeBSD-SA-04:04.tcp
	Limit TCP segment reassembly queue size.

@


1.73.2.74.2.31
log
@Bump and document patch level.

Approved by:	so
@
text
@a19 3
20040519:	p27	FreeBSD-SA-04:10.cvs
	Correct a heap overflow in cvs's pserver protocol parser.

@


1.73.2.74.2.32
log
@FreeBSD-SA-04:16.fetch:
MFC revision 1.75 of src/usr.bin/fetch/fetch.c
Bump newvers.sh and document in UPDATING.

Approved by:	so
@
text
@a19 4
20041118:	p28	FreeBSD-SA-04:16.fetch
	Correct a buffer overflow in fetch(1) which could allow a
	mallicious server to execute arbitrary code on the client.

@


1.73.2.75
log
@Note the release date of 4.7-RELEASE.
@
text
@a10 3
20021010:
	FreeBSD 4.7-RELEASE.

@


1.73.2.76
log
@Add an UPDATING note for changes in stdin/stdout/stderr.

Requested by:	Larry Rosenman <ler@@lerctr.org> and many others
Reviewed by:	imp
@
text
@a10 7
20021110:
	The definitions of the standard file streams (stdio, stdout, and
	stderr) have changed so that they are no longer compile-time 
	constants.  Some older binaries may require updated 3.X 
	compatability libraries (for example, by setting COMPAT3X=yes 
	for a buildworld/installworld).

@


1.73.2.77
log
@Fix a typo (s/stdio/stdin/).

Discussed on:	-doc
@
text
@d12 1
a12 1
	The definitions of the standard file streams (stdin, stdout, and
@


1.73.2.78
log
@Describe how to build and install mergemaster for the pre-installworld
 step even when upgrading from really old systems like 4.2-RELEASE
@
text
@d72 1
a72 1
	cd /usr/src/usr.sbin/mergemaster; make -m /usr/src/share/mk all install
d110 1
a110 1
	cd /usr/src/usr.sbin/mergemaster; make -m /usr/src/share/mk all install
@


1.73.2.79
log
@MFC: sendmail 8.12.7
@
text
@a10 7
20030213:
	sendmail 8.12.7 has been imported.  It has one important
	change for IPv6 users.  The default submit.mc now uses
	'[127.0.0.1]' instead of 'localhost' meaning only IPv4 is
	used to connect to the MTA.  Users on IPv6-only machines
	will need to edit /etc/mail/submit.mc appropriately.

@


1.73.2.80
log
@MFC OpenSSL 0.9.7
@
text
@a10 4
20030214:
	OpenSSL 0.97 has been imported, and the libcrypto/libssl
	library versions have been bumped.

@


1.73.2.81
log
@FreeBSD 4.8 was released April 3, 2003.
@
text
@a10 4

20030403:
	FreeBSD 4.8-RELEASE.

@


1.73.2.82
log
@Note MFC of quirk disabling.
@
text
@a11 7
20030806:
	All current USB quirks in da(4) have been deprecated and will be
	removed for 4.9.  If this causes failure for your umass(4) devices,
	enable "options DA_OLD_QUIRKS" in your kernel and send the output of
	"camcontrol inquiry da0" to scsi@@freebsd.org so the quirk can be
	re-enabled.

@


1.73.2.83
log
@Add a warning about -stable's stability at the moment.
@
text
@a10 5
20030825:
	Due to some inadvertant bugs that crept in during the PAE import,
	-STABLE may be a bit unstable at this time.  If you have a well
	running system, it is recommended that you hold off on updating
	to 4.8-stable for another few days.
@


1.73.2.84
log
@Update note about 4.x breakage to note that the problem has been fixed,
noting the dates during which it was broken.
@
text
@d11 5
a15 8
20030826:
	A bug in the i386 virtual memory system which could result in
	frequent panics was accidently included with the PAE changes
	on August 9th.  This problem has now been corrected, restoring
	the stability of the -stable branch.

	Anyone with a kernel built between August 9th and August 26th
	is strongly encouraged to cvsup and rebuild.
@


1.73.2.85
log
@Update the status of -stable's ability again, I jumped the gun
with my last entry. :(
@
text
@a10 8
20030828:
	Unfortuntely, the previous entry turned out to be incorrect;
	the instability has not yet been solved.  If you are running
	a pre-August 9th kernel, please hold off updating at this
	time.  Please read the stable@@freebsd.org list for up to
	date information on this issue.  Once a final solution has
	been committed, this file will be updated.

@


1.73.2.86
log
@Update comment about 4.x's vm bug: it's fixed now.

Approved by:	re (murray)
@
text
@d11 16
a26 5
20030904:
	Between August 9th and August 30th, a bug existed in the i386
	virtual memory system which could cause panics under load.
	Anyone running a kernel built between those dates is advised
	to update at the earliest possible convenience.
@


1.73.2.87
log
@Inform users how to deal with sendmail.cf problems caused by the
mergemaster/sendmail chicken and egg problem.

Approved by:	re (murray)
@
text
@a11 6
	If you get errors regarding sendmail.cf files while trying
	to run mergemaster, you should either install the new version,
	or run /usr/src/usr.sbin/mergemaster/mergemaster.sh. This is
	a one-time issue to fix a Makefile compatibility problem.

20030904:
@


1.73.2.88
log
@Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.

Approved by:	security-officer, jake (mentor)
Reported by:	Apple Product Security <product-security@@apple.com>
@
text
@a10 6
20030923:
	Fix a bug in arplookup(), whereby a hostile party on a locally
	attached network could exhaust kernel memory, and cause a system
	panic, by sending a flood of spoofed ARP requests. See
	FreeBSD-SA-03:14.arp.

@


1.73.2.89
log
@Add a note about the changes to the HTT support.

Approved by:	re (scottl)
@
text
@a10 10
20031022:
	Support for HyperThread logical CPUs has now been enabled by
	default.  As a result, the HTT kernel option no longer exists.
	Instead, the logical CPUs are always started so that they can
	handle interrupts.  However, the extra logical CPUs are prevented
	from executing user processes by default.  To enable the logical
	CPUs, change the value of the machdep.hlt_logical_cpus from 1 to
	0.  This value can also be set from the loader as a tunable of
	the same name.

@


1.73.2.89.2.1
log
@We did 4.9 Release, document it on 4.9 branch :-)
@
text
@a10 3
20031028:
	FreeBSD 4.9-RELEASE.

@


1.73.2.89.2.2
log
@Correct a remote denial-of-service attack in named(8).
@
text
@a10 12
This is for the 4.9 release branch.  All entries since 4.9 are an
itemized list of commits to this branch, numbered from the beginning.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.

20031126:	p1	FreeBSD-SA-03:19.bind
	Corrected remote denial-of-service vulnerability in named(8).

@


1.73.2.89.2.3
log
@MFC sysv_shm.c 1.90: Correct a reference counting bug in shmat(2).
@
text
@a19 3
20040205:	p2	FreeBSD-SA-04:02.shmat
	Correct a reference counting bug in shmat(2).

@


1.73.2.89.2.4
log
@MFC in part tcp_input.c 1.228, tcp_subr.c 1.182, tcp_var.h 1.98:
Limit TCP segment reassembly queue size.
@
text
@a19 3
20040302:	p3	FreeBSD-SA-04:04.tcp
	Limit TCP segment reassembly queue size.

@


1.73.2.89.2.5
log
@MFC s3_pkt.c 1.1.1.9:
Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079).
@
text
@a19 3
20040317:	p4	FreeBSD-SA-04:05.openssl
	Correct a denial-of-service vulnerability in OpenSSL.

@


1.73.2.89.2.6
log
@Merge from 4-STABLE client.c 1.2.2.7, modules.c 1.1.1.5.2.4:
Correct some path validation errors in CVS.

Approved by:	so
@
text
@a19 3
20040415:       p5      FreeBSD-SA-04:07.cvs
	Correct some path validation errors in CVS.

@


1.73.2.89.2.7
log
@Merge from 4-STABLE 1.1.1.2.2.4 config.c, 1.1.1.2.2.5 kdc.8,
  1.1.1.2.2.4 kdc_locl.h, 1.1.1.2.2.5 kerberos5.c,
  1.1.1.3.2.5 krb5-protos.h, 1.1.1.3.2.3 rd_req.c, 1.1.1.3.2.3 transited.c:
Correctly validate the transited field in Kerberos tickets.

Approved by:	so
@
text
@a19 3
20040505:	p6	FreeBSD-SA-04:08.heimdal
	Correctly validate the transited field in Kerberos tickets.

@


1.73.2.89.2.8
log
@Correct a heap buffer overflow in k5admind(8) when built with Kerberos
IV support.

Obtained from:	Heimdal CVS
Approved by:	so
@
text
@a19 3
20040505:	p7	FreeBSD-SA-04:09.kadmind
	Correct a heap buffer overflow in k5admind's Kerberos IV support.

@


1.73.2.89.2.9
log
@Bump and document patch level.

Approved by:	so
@
text
@a19 3
20040519:       p8	FreeBSD-SA-04:10.cvs
	Correct a heap overflow in cvs's pserver protocol parser.

@


1.73.2.89.2.10
log
@Bump patch level and document the change.

Approved by:	so
@
text
@a19 8
20040526:	p9	FreeBSD-SA-04:11.msync
	Fix a bug in msync(2) which could cause it to discard dirty
	pages.

	NOTE: In some cases involving NFS, the incorrect behaviour may
	actually be preferrable.  Setting the vm.old_msync sysctl
	variable to 1 will revert msync(2) to its old behaviour.

@


1.73.2.89.2.11
log
@FreeBSD-SA-04:12.jailroute:
MFS revision 1.44.2.13 of sys/net/rtsock.c
Bump newvers.sh and document in UPDATING.

Approved by:	so (des)
@
text
@a19 4
20040607:	p10	FreeBSD-SA-04:12.jailroute
	Correct a user validation error which could allow a jailed
	super-user to manipulate routing tables.

@


1.73.2.89.2.12
log
@FreeBSD-SA-04:13.linux:
MFC revision 1.116 of sys/compat/linux/linux_ioctl.c
Bump newvers.sh and document in UPDATING.

Approved by:	so (des)
@
text
@a19 4
20040630:	p11	FreeBSD-SA-04.13.linux
	Correct an input validation error in the linux binary
	compatibility code.

@


1.73.2.89.2.13
log
@Correct several vulnerabilities in CVS 1.11.5 (CAN-2004-0414,
CAN-2004-0416, CAN-2004-0417, CAN-2004-0418, CAN-2004-0778 and
others).

Approved by:	so
@
text
@d20 1
a20 5
20040919:	p12	FreeBSD-SA-04:14.cvs
	Correct several vulnerabilities in CVS (CAN-2004-0414,
	CAN-2004-0416, CAN-2004-0417, CAN-2004-0418, CAN-2004-0778).

20040630:	p11	FreeBSD-SA-04:13.linux
@


1.73.2.89.2.14
log
@FreeBSD-SA-04:16.fetch:
MFC revision 1.75 of src/usr.bin/fetch/fetch.c
Bump newvers.sh and document in UPDATING.

Approved by:	so
@
text
@a19 4
20041118:	p13	FreeBSD-SA-04:16.fetch
	Correct a buffer overflow in fetch(1) which could allow a
	mallicious server to execute arbitrary code on the client.

@


1.73.2.89.2.15
log
@o Merge SA-04:17.procfs, SA-05:01.telnet and SA-05:02.sendfile.

Approved by:		so (nectar, cperciva)
Thanks for testing to:	Valentin Nechayev
@
text
@a19 10
20050408:	p14	FreeBSD-SA-04:17.procfs, FreeBSD-SA-05:01.telnet,
    			FreeBSD-SA-05:02.sendfile
	Fix a tainted pointer dereference in procfs(5) and linprocfs(5)
	which could allow a local attacker to panic a system and/or read
	from kernel memory.

	Correct buffer overflows in telnet(1).

	Correct kernel memory disclosure bug in sendfile(2).

@


1.73.2.89.2.16
log
@o Merge SA-05:04.ifconf.

Approved by:		so (cperciva)
Thanks for testing to:	Valentin Nechayev
@
text
@a19 4
20050421:	p15	FreeBSD-SA-05:04.ifconf
	Zero a buffer in ifconf() in order to avoid accidental
	disclosure of kernel memory to userland.

@


1.73.2.89.2.17
log
@o Merge SA-05:05.cvs.

Approved by:	so (nectar)
@
text
@a19 3
20050426:	p16	FreeBSD-SA-05:05.cvs
	Correct several vulnerabilities in CVS.

@


1.73.2.89.2.18
log
@Merge SA-05:06.iir, SA-05:07.ldt and SA-05:08.kmem.

Approved by:	so (cperciva)
@
text
@a19 8
20050512:	p17	FreeBSD-SA-05:06.iir, FreeBSD-SA-05:07.ldt,
    			FreeBSD-SA-05:08.kmem
	Correct overly liberal permissions on /dev/iir.

	Correctly validate inputs to the i386_get_ldt syscall.

	Correct several local kernel memory disclosure bugs.

@


1.73.2.89.2.19
log
@o Merge SA-05:11.gzip.

Approved by:	so (cperciva)
@
text
@a19 3
20050610:	p18	FreeBSD-SA-05:11.gzip
	Correct directory traversal and race condition vulnerabilities in gzip.

@


1.73.2.89.2.20
log
@Merge SA-05:14.bzip2 and SA-05:15.tcp.

Approved by:	so (cperciva)
@
text
@a19 5
20050702:	p19	FreeBSD-SA-05:14.bzip2, FreeBSD-SA-05:15.tcp
	Correct bzip2 denial of service and permission race vulnerabilities.

	Correct TCP connection stall denial of service vulnerabilities.

@


1.73.2.89.2.21
log
@Merge SA-05:20.cvsbug.

Approved by:	so (cperciva)
@
text
@a19 3
20050910:	p20	FreeBSD-SA-05:20.cvsbug
	Correct insecure temporary file usage.

@


1.73.2.89.2.22
log
@o Merge FreeBSD-SA-05:21.openssl.

Approved by:	so (cperciva)
@
text
@a19 3
20051013:	p21	FreeBSD-SA-05:21.openssl
	Correct a man-in-the-middle SSL version rollback vulnerability.

@


1.73.2.89.2.23
log
@o Merge SA-06:01.texindex, SA-06:02.ee, SA-06:03.cpio.

Approved by:	so (cperciva)
@
text
@a19 10
20060118:	p22	FreeBSD-SA-06:01.texindex, FreeBSD-SA-06:02.ee,
			FreeBSD-SA-06:03.cpio
	Correct insecure temporary file usage in texindex. [06:01]

	Correct insecure temporary file usage in ee. [06:02]

	Correct a race condition when setting file permissions,
	sanitize file names by default, and fix a buffer overflow
	when handling files larger than 4GB in cpio. [06:03]

@


1.73.2.89.2.24
log
@o Merge SA-06:10.nfs.

Approved by:	so (cperciva)
@
text
@a19 4
20060302:	p23	FreeBSD-SA-06:10.nfs
	Correct a remote kernel panic when processing zero-length RPC
	records via TCP.

@


1.73.2.89.2.25
log
@o Merge SA-06:11.ipsec, SA-06:12.opie.

Approved by:	so (cperciva)
@
text
@a19 7
20060323:	p24	FreeBSD-SA-06:11.ipsec, FreeBSD-SA-06:12.opie
	Add missing code needed for the detection of IPSec packet
	replays. [06:11]

	Correctly identify the user running opiepasswd(1) when the login
	name differs from the account name. [06:12]

@


1.73.2.89.2.26
log
@o Merge FreeBSD-SA-06:14.fpu.

Approved by:	so (cperciva)
@
text
@a19 3
20060421:	p25	FreeBSD-SA-06:14.fpu
	Correct a local information leakage bug affecting AMD FPUs.

@


1.73.2.90
log
@Note the 4.9 release date.

Reviewed by:	bmah
@
text
@a10 3
20031028:
	FreeBSD 4.9-RELEASE.

@


1.73.2.90.2.1
log
@MFS of rev 1.73.2.91, note 4.10-RELEASE date.

Approved by:	re (implicit)
@
text
@a10 3
20040527:
	FreeBSD 4.10-RELEASE.

@


1.73.2.90.2.2
log
@Add note about p1 and what it fixes.

Caught by:	kuriyama
Approved by:	so (implicit)
@
text
@a10 3
20040626:	p1	FreeBSD-EN-04:01.twe
	Fix a bug in twe(4) that could cause kernel lockups.
	
@


1.73.2.90.2.3
log
@FreeBSD-SA-04:13.linux:
MFC revision 1.116 of sys/compat/linux/linux_ioctl.c
Bump newvers.sh and document in UPDATING.

Approved by:	so (des)
@
text
@a10 4
20040630:	p2	FreeBSD-SA-04.13.linux
	Correct an input validation error in the linux binary
	compatibility code.

@


1.73.2.90.2.4
log
@Correct several vulnerabilities in CVS 1.11.5 (CAN-2004-0414,
CAN-2004-0416, CAN-2004-0417, CAN-2004-0418, CAN-2004-0778 and
others).

Approved by:	so
@
text
@d11 1
a11 14
This is for the 4.10 release branch.  All entries since 4.10 are an
itemized list of commits to this branch, numbered from the beginning.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.

20040919:	p3	FreeBSD-SA-04:14.cvs
	Correct several vulnerabilities in CVS (CAN-2004-0414,
	CAN-2004-0416, CAN-2004-0417, CAN-2004-0418, CAN-2004-0778).

20040630:	p2	FreeBSD-SA-04:13.linux
d17 1
a17 1

@


1.73.2.90.2.5
log
@FreeBSD-SA-04:16.fetch:
MFC revision 1.75 of src/usr.bin/fetch/fetch.c
Bump newvers.sh and document in UPDATING.

Approved by:	so
@
text
@a19 4
20041118:	p4	FreeBSD-SA-04:16.fetch
	Correct a buffer overflow in fetch(1) which could allow a
	mallicious server to execute arbitrary code on the client.

@


1.73.2.90.2.6
log
@FreeBSD-SA-04:17.procfs:
MFC (in the spirit of) revision 1.54 of
src/sys/fs/procfs/procfs_status.c

Approved by:	so (nectar)
@
text
@a19 5
20041201:	p5	FreeBSD-SA-04:17.procfs
	Fix a tainted pointer dereference in procfs(5) and linprocfs(5)
	which could allow a local attacker to panic a system and/or read
	from kernel memory.

@


1.73.2.90.2.7
log
@MFC src/contrib/telnet/telnet.c 1.16: Correct buffer overflows in
telnet(1).
Security: CAN-2005-0468, CAN-2005-0469
Approved by:	security-officer
@
text
@a19 3
20050328:	p6	FreeBSD-SA-05:01.telnet
	Correct buffer overflows in telnet(1).

@


1.73.2.90.2.8
log
@MFC revision 1.103.

Security:	FreeBSD-SA-05:02.sendfile
Approved by:	so (nectar)
@
text
@a19 3
20050404:	p7	FreeBSD-SA-05:02.sendfile
	Correct kernel memory disclosure bug in sendfile(2).

@


1.73.2.90.2.9
log
@Zero the ifr.ifr_name buffer in ifconf() in order to avoid
accidental disclosure of kernel memory to userland.

Security:	FreeBSD-SA-05:04.ifconf
Approved by:	so (cperciva)
@
text
@a19 4
20050414:	p8	FreeBSD-SA-05:04.ifconf
	Zero a buffer in ifconf() in order to avoid accidental
	disclosure of kernel memory to userland.

@


1.73.2.90.2.10
log
@MFC:

Correct multiple security related errors: a buffer overflow, NULL
pointer dereferences, possible use of uninitialized variables, and
memory leaks.

Security:	CAN-2005-0753
Security:	FreeBSD-SA-05:05.cvs
Approved by:	so (cperciva)
@
text
@a19 3
20050422:	p9	FreeBSD-SA-05:05.cvs
	Correct several vulnerabilities in CVS.

@


1.73.2.90.2.11
log
@Correct improper permissions on /dev/iir.  The earlier permissions
of 0644 allowed for people to do Evil Things via ioctl(2).

Security: FreeBSD-SA-05:06.iir
Approved by: so (cperciva)
@
text
@a19 3
20050506:	p10	FreeBSD-SA-05:06.iir
	Correct overly liberal permissions on /dev/iir.

@


1.73.2.90.2.12
log
@Correctly validate inputs to the i386_get_ldt syscall.

Security: FreeBSD-SA-05:07.ldt
Approved by: so (cperciva)
@
text
@a19 3
20050506:	p11	FreeBSD-SA-05:07.ldt
	Correctly validate inputs to the i386_get_ldt syscall.

@


1.73.2.90.2.13
log
@If we are going to
1. Copy a NULL-terminated string into a fixed-length buffer, and
2. copyout that buffer to userland,
we really ought to
0. Zero the entire buffer
first.

Security: FreeBSD-SA-05:08.kmem
Approved by: so (cperciva)
@
text
@a19 3
20050506:	p12	FreeBSD-SA-05:08.kmem
	Correct several local kernel memory disclosure bugs.

@


1.73.2.90.2.14
log
@MFC: Fix two issues which were missed in FreeBSD-SA-05:08.kmem.

Reported by:	Uwe Doering
Approved by:	so (cperciva)
@
text
@a19 3
20050508:	p13	FreeBSD-SA-05:08.kmem
	Correct two issues which were missed from the earlier commit.

@


1.73.2.90.2.15
log
@Add a knob for disabling/enabling HTT, "machdep.hyperthreading_allowed".
Default off due to information disclosure on multi-user systems.

Submitted by:	cperciva
Reviewed by:	jhb
Approved by:	security-officer
@
text
@a19 4
20050513:	p14	FreeBSD-SA-05:09.htt
	Add a knob for disabling/enabling HTT.  Default off due to information
	disclosure on multi-user systems.

@


1.73.2.90.2.16
log
@Correct directory traversal and race condition vulnerabilities in gzip.

Security:	FreeBSD-SA-05:11.gzip
Security:	CAN-2005-0988, CAN-2005-1228
Obtained from:	Steve Grubb via RedHat, Debian

Approved by:	so (nectar)
@
text
@a19 3
20050608:	p15	FreeBSD-SA-05:11.gzip
	Correct directory traversal and race condition vulnerabilities in gzip.

@


1.73.2.90.2.17
log
@Correct bzip2 denial of service and permission race vulnerabilities.

Obtained from:	Redhat, Steve Grubb via RedHat
Security:	CAN-2005-0953, CAN-2005-1260
Security:	FreeBSD-SA-05:14.bzip2
Approved by:	obrien

Correct TCP connection stall denial-of-service vulnerabilities.

MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP
packets containing a timestamp is received, inadequate checking of
sequence numbers is performed, allowing an attacker to artificially
increase the internal "recent" timestamp for a connection.

A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.

Security:	CAN-2005-0356, CAN-2005-2068
Security:	FreeBSD-SA-05:15.tcp

Approved by:	so (cperciva)
@
text
@a19 5
20050629:	p16	FreeBSD-SA-05:14.bzip2, FreeBSD-SA-05:15.tcp
	Correct bzip2 denial of service and permission race vulnerabilities.

	Correct TCP connection stall denial of service vulnerabilities.

@


1.73.2.90.2.18
log
@MFC: Correct insecure temporary file usage.

Security:	FreeBSD-SA-05:20.cvsbug
Approved by:	so (cperciva)
@
text
@a19 3
20050907:	p17	FreeBSD-SA-05:20.cvsbug
	Correct insecure temporary file usage.

@


1.73.2.90.2.19
log
@Fix two more temporary file usage bogons which were apparently fixed
but not MFCed to RELENG_4_10 earlier.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-05:20.cvsbug
@
text
@a19 3
20050909:	p18	FreeBSD-SA-05:20.cvsbug [revised]
	Correct additional temporary file usage issues.

@


1.73.2.90.2.20
log
@Correct a man-in-the-middle SSL version rollback vulnerability.

Security:       FreeBSD-SA-05:21.openssl
Approved by:	so@@ (cperciva)
@
text
@a19 3
20051011:	p19	FreeBSD-SA-05:21.openssl
	Correct a man-in-the-middle SSL version rollback vulnerability.

@


1.73.2.90.2.21
log
@Correct insecure temporary file usage in texindex. [06:01]
Correct insecure temporary file usage in ee. [06:02]
Correct a race condition when setting file permissions, sanitize file
names by default, and fix a buffer overflow when handling files
larger than 4GB in cpio. [06:03]

Security:	FreeBSD-SA-06:01.texindex
Security:	FreeBSD-SA-06:02.ee
Security:	FreeBSD-SA-06:03.cpio
Approved by:	so (cperciva)
@
text
@a19 11
20060111:	p20	FreeBSD-SA-06:01.texindex, FreeBSD-SA-06:02.ee,
			FreeBSD-SA-06:03.cpio

	Correct insecure temporary file usage in texindex. [06:01]

	Correct insecure temporary file usage in ee. [06:02]

	Correct a race condition when setting file permissions,
	sanitize file names by default, and fix a buffer overflow
	when handling files larger than 4GB in cpio. [06:03]

@


1.73.2.90.2.22
log
@Correct a remote kernel panic when processing zero-length RPC records
via TCP.

Security:	FreeBSD-SA-06:10.nfs
Approved by:	so (cperciva)
@
text
@a19 4
20060301:	p21	FreeBSD-SA-06:10.nfs
	Correct a remote kernel panic when processing zero-length RPC
	records via TCP.

@


1.73.2.90.2.23
log
@Add missing code needed for the detection of IPSec packet replays. [1]

Correctly identify the user running opiepasswd(1) when the login name
differs from the account name. [2]

Modify timeout handling logic in sendmail(8) to correct a reported
signal handling race condition. [3]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:11.ipsec [1]
Security:	FreeBSD-SA-06:12.opie [2]
Security:	FreeBSD-SA-06:13.sendmail [3]
@
text
@a19 11
20060322:	p22	FreeBSD-SA-06:11.ipsec, FreeBSD-SA-06:12.opie,
			FreeBSD-SA-06:13.sendmail
	Add missing code needed for the detection of IPSec packet
	replays. [06:11]

	Correctly identify the user running opiepasswd(1) when the login
	name differs from the account name. [06:12]

	Modify timeout handling logic in sendmail(8) to correct a reported
	signal handling race condition. [06:13]

@


1.73.2.90.2.24
log
@MFC: Correct a local information leakage bug affecting AMD FPUs.

Security:	FreeBSD-SA-06:14.fpu
Approved by:	so (cperciva)
@
text
@a19 3
20060419:	p23	FreeBSD-SA-06:14.fpu
	Correct a local information leakage bug affecting AMD FPUs.

@


1.73.2.90.2.25
log
@Correct a bug in the handling of backslash characters in smbfs which can
allow an attacker to escape from a chroot(2).

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:16.smbfs
@
text
@a19 4
20060531:	p24	FreeBSD-SA-06:16.smbfs
	Correct a bug in the handling of backslash characters in smbfs
	which can allow an attacker to escape from a chroot(2).

@


1.73.2.91
log
@Note 4.10-RELEASE date.
@
text
@a10 3
20040527:
	FreeBSD 4.10-RELEASE.

@


1.73.2.92
log
@Add 4.11 release date (slightly off but this is what matches the entry
in RELENG_4_11).

Noticed by:	"Morgan Davis" <mdavis at dtl dot net>
@
text
@a10 3
20050124:
	FreeBSD 4.11-RELEASE.

@


1.73.2.93
log
@Fix disorder caused by a year being off-by-one.
@
text
@d857 1
a857 1
19990725:
@


1.73.2.94
log
@MFr5 revision 1.342.2.30:
  Belatedly document the disabling of Hyper-Threading.  Security issues
  are not normally documented in UPDATING on the stable branches, but
  since this is a user-visible change, it needs to be here.

  This is not an MFC since Hyper-Threading is enabled by default in HEAD.

  Pointed out by: Erik Trulsson, via freebsd-stable

  Revision    Changes    Path
  1.342.2.30  +5 -0      src/UPDATING
@
text
@a10 5
20050513:
	Intel Hyper-Threading is now disabled by default due to a
	security issue, but can be re-enabled by setting the
	machdep.hyperthreading_allowed tunable in /boot/loader.conf.

@


1.73.2.95
log
@MFC: Include a note about recompiling ports which use the base libmilter.

Submitted by:	Matthew Seaman
@
text
@a10 5
20070411:
	sendmail(8) has been updated to version 8.14.1.  Mail filters
	(aka, milters) compiled against the libmilter included in the
	base operating system should be recompiled.

@


1.73.2.96
log
@MFC: Bring in sendmail.org code from the future 8.14.2 release which restores
ABI compatibility to users of the libmilter.so shared library.
@
text
@a10 6
20070426:
        The ABI breakage in sendmail(8)'s libmilter has been repaired
        so it is no longer necessary to recompile mail filters (aka,
        milters).  If you recompiled mail filters after the 20070411
        note, it is not necessary to recompile them again.

@


1.73.2.97
log
@Switch importer
@
text
@d1210 1
a1210 1
$FreeBSD: stable/4/UPDATING 169064 2007-04-27 03:33:51Z gshapiro $
@


1.73.2.98
log
@add EOL warning
@
text
@a10 3
WARNING: THIS REPOSITORY IS TERMINATED and no longer tracks Subversion!
You can still get updates: http://wiki.freebsd.org/CvsIsDeprecated

@


1.73.2.91.2.1
log
@Ready to do the tagging for 4.11-RELEASE.

Approved by:	re (implicit)
@
text
@a10 3
20050124:
	FreeBSD 4.11-RELEASE.

@


1.73.2.91.2.2
log
@MFC src/contrib/telnet/telnet.c 1.16: Correct buffer overflows in
telnet(1).
Security: CAN-2005-0468, CAN-2005-0469
Approved by:	security-officer
@
text
@a10 12
This is for the 4.11 release branch.  All entries since 4.11 are an
itemized list of commits to this branch, numbered from the beginning.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.

20050328:	p1	FreeBSD-SA-05:01.telnet
	Correct buffer overflows in telnet(1).

@


1.73.2.91.2.3
log
@MFC revision 1.103.

Security:	FreeBSD-SA-05:02.sendfile
Approved by:	so (nectar)
@
text
@a19 3
20050404:	p2	FreeBSD-SA-05:02.sendfile
	Correct kernel memory disclosure bug in sendfile(2).

@


1.73.2.91.2.4
log
@Zero the ifr.ifr_name buffer in ifconf() in order to avoid
accidental disclosure of kernel memory to userland.

Security:	FreeBSD-SA-05:04.ifconf
Approved by:	so (cperciva)
@
text
@a19 4
20050414:	p3	FreeBSD-SA-05:04.ifconf
	Zero a buffer in ifconf() in order to avoid accidental
	disclosure of kernel memory to userland.

@


1.73.2.91.2.5
log
@MFC:

Correct multiple security related errors: a buffer overflow, NULL
pointer dereferences, possible use of uninitialized variables, and
memory leaks.

Security:	CAN-2005-0753
Security:	FreeBSD-SA-05:05.cvs
Approved by:	so (cperciva)
@
text
@a19 3
20050422:	p4	FreeBSD-SA-05:05.cvs
	Correct several vulnerabilities in CVS.

@


1.73.2.91.2.6
log
@Correct improper permissions on /dev/iir.  The earlier permissions
of 0644 allowed for people to do Evil Things via ioctl(2).

Security: FreeBSD-SA-05:06.iir
Approved by: so (cperciva)
@
text
@a19 3
20050506:	p5	FreeBSD-SA-05:06.iir
	Correct overly liberal permissions on /dev/iir.

@


1.73.2.91.2.7
log
@Correctly validate inputs to the i386_get_ldt syscall.

Security: FreeBSD-SA-05:07.ldt
Approved by: so (cperciva)
@
text
@a19 3
20050506:	p6	FreeBSD-SA-05:07.ldt
	Correctly validate inputs to the i386_get_ldt syscall.

@


1.73.2.91.2.8
log
@If we are going to
1. Copy a NULL-terminated string into a fixed-length buffer, and
2. copyout that buffer to userland,
we really ought to
0. Zero the entire buffer
first.

Security: FreeBSD-SA-05:08.kmem
Approved by: so (cperciva)
@
text
@a19 3
20050506:	p7	FreeBSD-SA-05:08.kmem
	Correct several local kernel memory disclosure bugs.

@


1.73.2.91.2.9
log
@MFC: Fix two issues which were missed in FreeBSD-SA-05:08.kmem

Reported by:	Uwe Doering
Approved by:	so (cperciva)
@
text
@a19 3
20050508:	p8	FreeBSD-SA-05:08.kmem
	Correct two issues which were missed from the earlier commit.

@


1.73.2.91.2.10
log
@Add a knob for disabling/enabling HTT, "machdep.hyperthreading_allowed".
Default off due to information disclosure on multi-user systems.

Submitted by:	cperciva
Reviewed by:	jhb
Approved by:	security-officer
@
text
@a19 4
20050513:	p9	FreeBSD-SA-05:09.htt
	Add a knob for disabling/enabling HTT.  Default off due to information
	disclosure on multi-user systems.

@


1.73.2.91.2.11
log
@Correct directory traversal and race condition vulnerabilities in gzip.

Security:	FreeBSD-SA-05:11.gzip
Security:	CAN-2005-0988, CAN-2005-1228
Obtained from:	Steve Grubb via RedHat, Debian

Approved by:	so (nectar)
@
text
@a19 3
20050608:	p10	FreeBSD-SA-05:11.gzip
	Correct directory traversal and race condition vulnerabilities in gzip.

@


1.73.2.91.2.12
log
@Correct bzip2 denial of service and permission race vulnerabilities.

Obtained from:	Redhat, Steve Grubb via RedHat
Security:	CAN-2005-0953, CAN-2005-1260
Security:	FreeBSD-SA-05:14.bzip2
Approved by:	obrien

Correct TCP connection stall denial-of-service vulnerabilities.

MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP
packets containing a timestamp is received, inadequate checking of
sequence numbers is performed, allowing an attacker to artificially
increase the internal "recent" timestamp for a connection.

A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.

Security:	CAN-2005-0356, CAN-2005-2068
Security:	FreeBSD-SA-05:15.tcp

Approved by:	so (cperciva)
@
text
@a19 5
20050629:	p11	FreeBSD-SA-05:14.bzip2, FreeBSD-SA-05:15.tcp
	Correct bzip2 denial of service and permission race vulnerabilities.

	Correct TCP connection stall denial of service vulnerabilities.

@


1.73.2.91.2.13
log
@MFC: Correct insecure temporary file usage.

Security:	FreeBSD-SA-05:20.cvsbug
Approved by:	so (cperciva)
@
text
@a19 3
20050907:	p12	FreeBSD-SA-05:20.cvsbug
	Correct insecure temporary file usage.

@


1.73.2.91.2.14
log
@Correct a man-in-the-middle SSL version rollback vulnerability.

Security:       FreeBSD-SA-05:21.openssl
Approved by:	so@@ (cperciva)
@
text
@a19 3
20051011:	p13	FreeBSD-SA-05:21.openssl
	Correct a man-in-the-middle SSL version rollback vulnerability.

@


1.73.2.91.2.15
log
@Correct insecure temporary file usage in texindex. [06:01]
Correct insecure temporary file usage in ee. [06:02]
Correct a race condition when setting file permissions, sanitize file
names by default, and fix a buffer overflow when handling files
larger than 4GB in cpio. [06:03]

Security:	FreeBSD-SA-06:01.texindex
Security:	FreeBSD-SA-06:02.ee
Security:	FreeBSD-SA-06:03.cpio
Approved by:	so (cperciva)
@
text
@a19 10
20060111:	p14	FreeBSD-SA-06:01.texindex, FreeBSD-SA-06:02.ee,
			FreeBSD-SA-06:03.cpio
	Correct insecure temporary file usage in texindex. [06:01]

	Correct insecure temporary file usage in ee. [06:02]

	Correct a race condition when setting file permissions,
	sanitize file names by default, and fix a buffer overflow
	when handling files larger than 4GB in cpio. [06:03]

@


1.73.2.91.2.16
log
@Correct a remote kernel panic when processing zero-length RPC records
via TCP.

Security:	FreeBSD-SA-06:10.nfs
Approved by:	so (cperciva)
@
text
@a19 4
20060301:	p15	FreeBSD-SA-06:10.nfs
	Correct a remote kernel panic when processing zero-length RPC
	records via TCP.

@


1.73.2.91.2.17
log
@Add missing code needed for the detection of IPSec packet replays. [1]

Correctly identify the user running opiepasswd(1) when the login name
differs from the account name. [2]

Modify timeout handling logic in sendmail(8) to correct a reported
signal handling race condition. [3]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:11.ipsec [1]
Security:	FreeBSD-SA-06:12.opie [2]
Security:	FreeBSD-SA-06:13.sendmail [3]
@
text
@a19 11
20060322:	p16	FreeBSD-SA-06:11.ipsec, FreeBSD-SA-06:12.opie,
			FreeBSD-SA-06:13.sendmail
	Add missing code needed for the detection of IPSec packet
	replays. [06:11]

	Correctly identify the user running opiepasswd(1) when the login
	name differs from the account name. [06:12]

	Modify timeout handling logic in sendmail(8) to correct a reported
	signal handling race condition. [06:13]

@


1.73.2.91.2.18
log
@MFC: Correct a local information leakage bug affecting AMD FPUs.

Security:	FreeBSD-SA-06:14.fpu
Approved by:	so (cperciva)
@
text
@a19 3
20060419:	p17	FreeBSD-SA-06:14.fpu
	Correct a local information leakage bug affecting AMD FPUs.

@


1.73.2.91.2.19
log
@Correct a bug in the handling of backslash characters in smbfs which can
allow an attacker to escape from a chroot(2).

Approved by:	so (cperciva)
Security:	FreeBSD-SA-06:16.smbfs
@
text
@a19 4
20060531:	p18	FreeBSD-SA-06:16.smbfs
	Correct a bug in the handling of backslash characters in smbfs
	which can allow an attacker to escape from a chroot(2).

@


1.73.2.91.2.20
log
@Correct a bug in the handling of multipart messages by sendmail(8)
which can allow a malformed message to crash a sendmail queue
processing process.

Security:	FreeBSD-SA-06:17.sendmail
Approved by:	so (cperciva)
@
text
@a19 5
20060614:	p19	FreeBSD-SA-06:17.sendmail
	Correct a bug in the handling of multipart messages by sendmail(8)
	which can allow a malformed message to crash a sendmail queue
	processing process.

@


1.73.2.91.2.21
log
@Correct buffer overflow in the handling of LCP options in ppp(4)

Security:	FreeBSD-SA-06:18.ppp
Approved by:	so (cperciva)
@
text
@a19 3
20060823:	p20	FreeBSD-SA-06:18.ppp
	Correct buffer overflow in the handling of LCP options in ppp(4).

@


1.73.2.91.2.22
log
@Correct incorrect PKCS#1 v1.5 padding validation in crypto(3).

Security:	FreeBSD-SA-06:19.openssl
Approved by:	so (simon)
@
text
@a19 4
20060906:	p21	FreeBSD-SA-06:19.openssl
	Correct incorrect PKCS#1 v1.5 padding validation in
	crypto(3).

@


1.73.2.91.2.23
log
@Correct multiple vulnerabilities in gzip(1).

Security:	FreeBSD-SA-06:21.gzip
Approved by:	so (simon)
@
text
@a19 3
20060919:	p22	FreeBSD-SA-06:21.gzip
	Correct multiple vulnerabilities in gzip(1).

@


1.73.2.91.2.24
log
@Correct multiple vulnerabilities in crypto(3).
Limit the size of public keys used in order to protect applications
from a denial of service via insane key sizes.

Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a19 5
20060928:	p23	FreeBSD-SA-06:23.openssl
	Correct multiple vulnerabilities in crypto(3).
	Limit the size of public keys used in order to protect applications
	from a denial of service via insane key sizes.

@


1.73.2.91.2.25
log
@Correct problem in the 2006-09-28 patch concerning the handling of
excessively large DH moduli.

Reported by:	Steve Kiernan (Juniper SIRT)
Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)
@
text
@a19 4
20060929:	p24	FreeBSD-SA-06:23.openssl
	Correct problem in the 2006-09-28 patch concerning the handling of
	excessively large DH moduli.

@


1.73.2.91.2.26
log
@Correct multiple vulnerabilities in OpenSSH.

Security:	FreeBSD-SA-06:22.openssh
Approved by:	so (simon)
@
text
@a19 3
20060930:	p25	FreeBSD-SA-06:22.openssh
	Correct multiple vulnerabilities in sshd(8).

@


1.73.2.91.2.27
log
@Correct a signedness bug which allowed members of the operator
group to read kernel memory. [1]

Disable handling of GNUTYPE_NAMES tar file entries by default,
since they can be used to extract files outside of the cwd. [2]

Security:	FreeBSD-SA-06:25.kmem [1]
Security:	FreeBSD-SA-06:26.gtar [2]
Approved by:	so (cperciva)
@
text
@a19 7
20061206:	p26	FreeBSD-SA-06:25.kmem, FreeBSD-SA-06.26.gtar
	Correct a signedness bug which allowed members of the operator
	group to read kernel memory. [06:25]

	Disable handling of GNUTYPE_NAMES tar file entries by default,
	since they can be used to extract files outside of the cwd. [06:26]

@


1.73.2.80.2.1
log
@Add entry for FreeBSD 4.8.
@
text
@a10 4

20030331:
	FreeBSD 4.8-RELEASE.

@


1.73.2.80.2.2
log
@Correct date of FreeBSD release.
@
text
@d12 1
a12 1
20030403:
@


1.73.2.80.2.3
log
@realpath(3) bug fix:  There was an off-by-one error in computing the
size of the resulting canonical path.
@
text
@a10 11
This is for the 4.8 release branch.  All entries since 4.8 are an
itemized list of commits to this branch, numbered from the beginning.

The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.

20030804:	p1	FreeBSD-SA-03:08.realpath
	Correct a single byte buffer overflow in realpath(3).
@


1.73.2.80.2.4
log
@MFC sys_process.c 1.113, spigot.c 1.60:
Add or correct range checking of signal numbers in system calls and
ioctls.
@
text
@a19 3
20030810:	p2	FreeBSD-SA-03:09.signal
	Repair range-checking errors in signal handling.

@


1.73.2.80.2.5
log
@MFC 1.24: Validate the iBCS2 statfs(2) length parameter.
@
text
@a19 3
20030810:	p3	FreeBSD-SA-03:10.iBCS2
	iBCS2 system call translator for statfs leaked information.

@


1.73.2.80.2.6
log
@Merge sm_resolve.c 1.229.2.17: Fix for DNS map processing error.
@
text
@a19 3
20030825:	p4	FreeBSD-SA-03:11.sendmail
	Sendmail DNS map problem corrected.

@


1.73.2.80.2.7
log
@MFC buffer.c 1.1.1.7: Do not record expanded size before attempting to
reallocate associated memory.
@
text
@a19 3
20030916:	p5	FreeBSD-SA-03:12.openssh
	OpenSSH oversized packet buffer handling corrected.

@


1.73.2.80.2.8
log
@MFC buffer.c 1.2, channels.c 1.16, deattack.c 1.1.1.6, misc.c 1.1.1.5,
    session.c 1.41, ssh-agent.c 1.19:
Correct more cases of allocation size bookkeeping errors.
@
text
@a19 3
20030916:	p6	FreeBSD-SA-03:12.openssh
	Follow-up fixes for OpenSSH oversized packet buffer handling.

@


1.73.2.80.2.9
log
@MFC: sendmail address parsing bug fix

Approved by:	so (nectar)
@
text
@a19 3
20030917:	p7	FreeBSD-SA-03:13.sendmail
	Fix another address parsing buffer overflow.

@


1.73.2.80.2.10
log
@Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.

Approved by:	security-officer, jake (mentor)
Reported by:	Apple Product Security <product-security@@apple.com>
@
text
@a19 5
20030923:	p8	FreeBSD-SA-03:14.arp
	Fix a bug in arplookup(), whereby a hostile party on a locally
	attached network could exhaust kernel memory, and cause a system
	panic, by sending a flood of spoofed ARP requests.

@


1.73.2.80.2.11
log
@Update patch level
@
text
@a19 3
20030924:       p9	FreeBSD-SA-03:15.openssh
	Fix PAM-related bugs in OpenSSH's challenge/response code.

@


1.73.2.80.2.12
log
@Bump patch level for updated arplookup fix.
@
text
@a19 3
20030924:	p10	FreeBSD-SA-03:14.arp
	Updated fix for arplookup bug.

@


1.73.2.80.2.13
log
@MFS 1.55.2.11:  Correct a reference counting bug in readv(2).
@
text
@a19 3
20031002:	p11	FreeBSD-SA-03:16.filedesc
	Correct a reference counting bug in readv(2).

@


1.73.2.80.2.14
log
@Merge from RELENG_4: kern_subr.c 1.31.2.3, procfs_dbregs.c 1.4.2.4,
    procfs_fpregs.c 1.11.2.4, procfs_regs.c 1.10.2.4,
    procfs_rlimit.c 1.5.2.1, procfs_status.c 1.20.2.5, uio.h 1.11.2.2,
    linprocfs_misc.c 1.3.2.9.
Correct several integer underflows/overflows in procfs and linprocfs.
@
text
@a19 3
20031003:	p12	FreeBSD-SA-03:17.procfs
	Correct integer underflows/overflows in procfs(5) and linprocfs(5).

@


1.73.2.80.2.15
log
@Correct vulnerabilities in OpenSSL ASN.1 parsing.

Obtained from:	openssl.org CVS
@
text
@a19 3
20031003:	p13	FreeBSD-SA-03:18.openssl
	Corrected vulnerabilities in OpenSSL ASN.1 parsing.

@


1.73.2.80.2.16
log
@Correct a remote denial-of-service attack in named(8).
@
text
@a19 3
20031126:	p14	FreeBSD-SA-03:19.bind
	Corrected remote denial-of-service vulnerability in named(8).

@


1.73.2.80.2.17
log
@Document the recent commits to src/usr.bin/gensetdefs/gensetdefs.c and
their (non-security-related) purpose.

Requested by:	imp
Approved by:	so (nectar)
@
text
@a19 5
20040202:
	Fixed a syntax issue in gensetdefs(8) sources which tripped up
	newer compilers.  This has no impact on security, but allows
	cross-building 4.8 on a 5.x system.

@


1.73.2.80.2.18
log
@MFC sysv_shm.c 1.90: Correct a reference counting bug in shmat(2).
@
text
@a19 3
20040205:	p15	FreeBSD-SA-04:02.shmat
	Correct a reference counting bug in shmat(2).

@


1.73.2.80.2.19
log
@MFC in part tcp_input.c 1.228, tcp_subr.c 1.182, tcp_var.h 1.98:
Limit TCP segment reassembly queue size.
@
text
@a19 3
20040302:	p16	FreeBSD-SA-04:04.tcp
	Limit TCP segment reassembly queue size.

@


1.73.2.80.2.20
log
@MFC s3_pkt.c 1.1.1.9:
Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079).
@
text
@a19 3
20040317:	p17	FreeBSD-SA-04:05.openssl
	Correct a denial-of-service vulnerability in OpenSSL.

@


1.73.2.80.2.21
log
@Merge from 4-STABLE client.c 1.2.2.7, modules.c 1.1.1.5.2.4:
Correct some path validation errors in CVS.

Approved by:	so
@
text
@a19 3
20040415:       p18      FreeBSD-SA-04:07.cvs
	Correct some path validation errors in CVS.

@


1.73.2.80.2.22
log
@Merge from 4-STABLE 1.1.1.2.2.4 config.c, 1.1.1.2.2.5 kdc.8,
  1.1.1.2.2.4 kdc_locl.h, 1.1.1.2.2.5 kerberos5.c,
  1.1.1.3.2.5 krb5-protos.h, 1.1.1.3.2.3 rd_req.c, 1.1.1.3.2.3 transited.c:
Correctly validate the transited field in Kerberos tickets.

Approved by:    so
@
text
@a19 3
20040505:	p19	FreeBSD-SA-04:08.heimdal
	Correctly validate the transited field in Kerberos tickets.

@


1.73.2.80.2.23
log
@Correct a heap buffer overflow in k5admind(8) when built with Kerberos
IV support.

Obtained from:	Heimdal CVS
Approved by:	so
@
text
@a19 3
20040505:	p20	FreeBSD-SA-04:09.kadmind
	Correct a heap buffer overflow in k5admind's Kerberos IV support.

@


1.73.2.80.2.24
log
@Bump and document patch level.

Approved by:	so
@
text
@a19 3
20040519:       p21	FreeBSD-SA-04:10.cvs
	Correct a heap overflow in cvs's pserver protocol parser.

@


1.73.2.80.2.25
log
@Bump patch level and document the change.

Approved by:	so
@
text
@a19 8
20040526:	p22	FreeBSD-SA-04:11.msync
	Fix a bug in msync(2) which could cause it to discard dirty
	pages.

	NOTE: In some cases involving NFS, the incorrect behaviour may
	actually be preferrable.  Setting the vm.old_msync sysctl
	variable to 1 will revert msync(2) to its old behaviour.

@


1.73.2.80.2.26
log
@FreeBSD-SA-04:12.jailroute:
MFS revision 1.44.2.13 of sys/net/rtsock.c
Bump newvers.sh and document in UPDATING.

Approved by:	so (des)
@
text
@a19 4
20040607:	p23	FreeBSD-SA-04:12.jailroute
	Correct a user validation error which could allow a jailed
	super-user to manipulate routing tables.

@


1.73.2.80.2.27
log
@FreeBSD-SA-04:13.linux:
MFC revision 1.116 of sys/compat/linux/linux_ioctl.c
Bump newvers.sh and document in UPDATING.

Approved by:	so (des)
@
text
@a19 4
20040630:	p24	FreeBSD-SA-04.13.linux
	Correct an input validation error in the linux binary
	compatibility code.

@


1.73.2.80.2.28
log
@Correct several vulnerabilities in CVS 1.11.5 (CAN-2004-0414,
CAN-2004-0416, CAN-2004-0417, CAN-2004-0418, CAN-2004-0778 and
others).

Approved by:	so
@
text
@d20 1
a20 5
20040919:	p25	FreeBSD-SA-04:14.cvs
	Correct several vulnerabilities in CVS (CAN-2004-0414,
	CAN-2004-0416, CAN-2004-0417, CAN-2004-0418, CAN-2004-0778).

20040630:	p24	FreeBSD-SA-04:13.linux
@


1.73.2.80.2.29
log
@FreeBSD-SA-04:16.fetch:
MFC revision 1.75 of src/usr.bin/fetch/fetch.c
Bump newvers.sh and document in UPDATING.

Approved by:	so
@
text
@a19 4
20041118:	p26	FreeBSD-SA-04:16.fetch
	Correct a buffer overflow in fetch(1) which could allow a
	mallicious server to execute arbitrary code on the client.

@


1.73.2.80.2.30
log
@FreeBSD-SA-04:17.procfs:
MFC (in the spirit of) revision 1.54 of
src/sys/fs/procfs/procfs_status.c

Approved by:	so (nectar)
@
text
@a19 5
20041201:	p5	FreeBSD-SA-04:17.procfs
	Fix a tainted pointer dereference in procfs(5) and linprocfs(5)
	which could allow a local attacker to panic a system and/or read
	from kernel memory.

@


1.73.2.80.2.31
log
@Correct typo: We're now at FreeBSD 4.8-RELEASE-p27, not FreeBSD
4.8-RELEASE-p5.  (The entries in newvers.sh and the security advisory
were both correct -- it was only src/UPDATING that I typoed.)

Pointed out by:	Stephen McKay
Approved by:	so (rwatson)
@
text
@d20 1
a20 1
20041201:	p27	FreeBSD-SA-04:17.procfs
@


1.73.2.80.2.32
log
@MFC src/contrib/telnet/telnet.c 1.16: Correct buffer overflows in
telnet(1).
Security: CAN-2005-0468, CAN-2005-0469
Approved by:	security-officer
@
text
@a19 3
20050328:	p28	FreeBSD-SA-05:01.telnet
	Correct buffer overflows in telnet(1).

@


1.73.2.80.2.33
log
@MFC revision 1.103.

Security:	FreeBSD-SA-05:02.sendfile
Approved by:	so (nectar)
@
text
@a19 3
20050404:	p29	FreeBSD-SA-05:02.sendfile
	Correct kernel memory disclosure bug in sendfile(2).

@


1.73.2.80.2.34
log
@o Merge SA-05:04.ifconf.

Approved by:		so (cperciva)
Thanks for testing to:	Valentin Nechayev
@
text
@a19 4
20050421:	p30	FreeBSD-SA-05:04.ifconf
	Zero a buffer in ifconf() in order to avoid accidental
	disclosure of kernel memory to userland.

@


1.73.2.80.2.35
log
@o Merge SA-05:05.cvs.

Approved by:	so (nectar)
@
text
@a19 3
20050426:	p31	FreeBSD-SA-05:05.cvs
	Correct several vulnerabilities in CVS.

@


1.73.2.80.2.36
log
@Merge SA-05:06.iir, SA-05:07.ldt and SA-05:08.kmem.

Approved by:	so (cperciva)
@
text
@a19 8
20050512:	p32	FreeBSD-SA-05:06.iir, FreeBSD-SA-05:07.ldt,
			FreeBSD-SA-05:08.kmem
	Correct overly liberal permissions on /dev/iir.

	Correctly validate inputs to the i386_get_ldt syscall.

	Correct several local kernel memory disclosure bugs.

@


1.73.2.80.2.37
log
@o Merge SA-05:11.gzip.

Approved by:	so (cperciva)
@
text
@a19 3
20050610:	p33	FreeBSD-SA-05:11.gzip
	Correct directory traversal and race condition vulnerabilities in gzip.

@


1.73.2.80.2.38
log
@Merge SA-05:14.bzip2 and SA-05:15.tcp.

Approved by:	so (cperciva)
@
text
@a19 5
20050702:	p34	FreeBSD-SA-05:14.bzip2, FreeBSD-SA-05:15.tcp
	Correct bzip2 denial of service and permission race vulnerabilities.

	Correct TCP connection stall denial of service vulnerabilities.

@


1.73.2.80.2.39
log
@Merge SA-05:20.cvsbug.

Approved by:	so (cperciva)
@
text
@a19 3
20050910:	p35	FreeBSD-SA-05:20.cvsbug
	Correct insecure temporary file usage.

@


1.73.2.80.2.40
log
@o Merge FreeBSD-SA-05:21.openssl.

Approved by:	so (cperciva)
@
text
@a19 3
20051013:	p36	FreeBSD-SA-05:21.openssl
	Correct a man-in-the-middle SSL version rollback vulnerability.

@


1.73.2.80.2.41
log
@o Merge SA-06:01.texindex, SA-06:02.ee, SA-06:03.cpio.

Approved by:	so (cperciva)
@
text
@a19 10
20060118:	p37	FreeBSD-SA-06:01.texindex, FreeBSD-SA-06:02.ee,
			FreeBSD-SA-06:03.cpio
	Correct insecure temporary file usage in texindex. [06:01]

	Correct insecure temporary file usage in ee. [06:02]

	Correct a race condition when setting file permissions,
	sanitize file names by default, and fix a buffer overflow
	when handling files larger than 4GB in cpio. [06:03]

@


1.73.2.80.2.42
log
@o Merge SA-06:10.nfs.

Approved by:	so (cperciva)
@
text
@a19 4
20060302:	p38	FreeBSD-SA-06:10.nfs
	Correct a remote kernel panic when processing zero-length RPC
	records via TCP.

@


1.73.2.80.2.43
log
@o Merge SA-06:11.ipsec, SA-06:12.opie.

Approved by:	so (cperciva)
@
text
@a19 7
20060323:	p39	FreeBSD-SA-06:11.ipsec, FreeBSD-SA-06:12.opie
	Add missing code needed for the detection of IPSec packet
	replays. [06:11]

	Correctly identify the user running opiepasswd(1) when the login
	name differs from the account name. [06:12]

@


1.73.2.80.2.44
log
@o Merge FreeBSD-SA-06:14.fpu.

Approved by:	so (cperciva)
@
text
@a19 3
20060421:	p40	FreeBSD-SA-06:14.fpu
	Correct a local information leakage bug affecting AMD FPUs.

@


1.73.2.43.2.1
log
@First best guess for 4.4 release date
@
text
@a11 3
20010915:
	FreeBSD 4.4-RELEASE.

d979 1
a979 1
$FreeBSD: src/UPDATING,v 1.73.2.43 2001/08/23 16:27:41 imp Exp $
@


1.73.2.43.2.2
log
@p1: fix for OpenSSH `UseLogin yes' environment issue.
@
text
@a11 4
20011202:	p1
	A security hole in OpenSSH involving `UseLogin yes' has been
	patched.

d982 1
a982 1
$FreeBSD$
@


1.73.2.43.2.3
log
@Bump patchlevel for fix to pw(8).
@
text
@a11 4
20011221:	p2
	A bug was fixed wherein the pw(8) command created a short-lived
	but world-readable copy of /etc/master.passwd.

@


1.73.2.43.2.4
log
@Move 4.3 header info.  Add p3 and p4.
@
text
@d1 1
a1 1
Updating Information for FreeBSD STABLE users, 4.4 security branch
d6 1
a6 4
COMMON ITEMS: section later in the file.  A reverse chronology since
4.0 was released is included, followed by the common items quick
how-tos, followed by entries for versions of -current prior to 4.0
Release.
d8 3
a10 3
This is for the 4.4 release branch.  All entries since 4.4 are an
itemized list of commits to this branch, numbered from the beginning.
By this count, we're at 4.4.0p4.
d12 1
a12 14
The security advisories related to various patches contain information
on how to build/install a minimal set of binaries and start/stop a
minimal number of processes, if possible, for that patch.  For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.

20020123:	p4	FreeBSD-SA-02:08.exec
	There's a small window in exec where one could debug a setuid
	program and obtain elevated priviledges.  This was corrected.

20020117:	p3	FreeBSD-SA-02:07.k5su
	k5su fixes.

20011221:	p2	FreeBSD-SA-02:02
d16 1
a16 1
20011202:	p1	FreeBSD-SA-01:63
@


1.73.2.43.2.5
log
@Note changes to standard-supfile, sdiff and gzip.  We are now at p7.
@
text
@d13 1
a13 1
By this count, we're at 4.4.0p7.
a19 10

20020127:	p7
	sdiff temp file handling.

20020127:	p6
	gzip temp file handling.
	
20020127:	p5
	The standard-supfile should track the branch.  There won't be
	a security advisory for this.
@


1.73.2.43.2.6
log
@Note zlib fix and bzip2 update, bump patch level (-p8)
@
text
@d13 1
a13 1
By this count, we're at 4.4.0p8.
a19 5

20020223:	p8
	zlib inflate error handling.
	bzip2 updated to fix insecure permissions during symlink dereferencing
	and a race condition while creating new files.
@


1.73.2.43.2.7
log
@Add 4.4-RELEASEp9.
@
text
@a20 3
20020307:	p9	FreeBSD-SA-02:13.openssh
	OpenSSH off-by-one bug.

@


1.73.2.43.2.8
log
@Note fixes for:
= mmap/msync bug which can panic the kernel.
= TCP broadcast connection bug.
@
text
@d13 1
a13 1
By this count, we're at 4.4-RELEASE-p10.
a19 4

20020316:	p10
	mmap/msync bug which can panic the kernel.
	TCP broadcast connection bug.
@


1.73.2.43.2.9
log
@Note change for FreeBSD-SA-02:23.stdio.
@
text
@a20 4
20020421:	p11	FreeBSD-SA-02:23.stdio
	When exec'ing set[ug]id executables, the kernel now ensures that the
	stdio file descriptors (0..2) are open.

@


1.73.2.43.2.10
log
@Update patchlevel per current count.
@
text
@d13 1
a13 1
By this count, we're at 4.4-RELEASE-p11.
@


1.73.2.43.2.11
log
@Add cross-references to applicable security advisories.  Also
be more consistent about the format of the names we give for advisories.

Approved by:	nectar
@
text
@d25 1
a25 1
20020316:	p10	FreeBSD-SA-02:22.mmap
d32 1
a32 1
20020223:	p8	FreeBSD-SA-02:18.zlib
d54 1
a54 1
20011221:	p2	FreeBSD-SA-02:02.pw
d58 1
a58 1
20011202:	p1	FreeBSD-SA-01:63.openssh
@


1.73.2.43.2.12
log
@MFC 1.206 src/UPDATING
    1.6   src/kerberos5/usr.bin/k5su/Makefile
    1.187 src/share/examples/etc/make.conf (etc/defaults/make.conf)
    1.44  src/share/man/man5/make.conf.5
Turn on the set-user-ID bit for k5su if ENABLE_SUID_K5SU is defined.
@
text
@a20 6
20020515:
	The k5su utility installed as part of Kerberos 5 is no longer
	Installed with the set-user-ID bit set by default.  Add
	ENABLE_SUID_K5SU=yes to /etc/make.conf to have it installed
	with the set-user-ID bit set.

@


1.73.2.43.2.13
log
@Note 4.4-RELEASE-p12.
@
text
@d13 1
a13 1
By this count, we're at 4.4-RELEASE-p12.
d21 1
a21 1
20020515:	p12
@


1.73.2.43.2.14
log
@Note FreeBSD-SA-02:27 and patch level bump.
@
text
@d13 1
a13 1
By this count, we're at 4.4-RELEASE-p13.
a19 3

20020528:	p13	FreeBSD-SA-02:27.rc
	Dangerous globbing in /etc/rc.
@


1.73.2.43.2.15
log
@Note FreeBSD-SA-02:28.resolv and patch level bump.
@
text
@d13 1
a13 1
By this count, we're at 4.4-RELEASE-p14.
a19 3

20020626:	p14
	A fix for a buffer overflow in libc has been corrected.
@


1.73.2.43.2.16
log
@MFS: prevent tracing of previously privileged processes.
@
text
@d13 1
a13 1
By this count, we're at 4.4-RELEASE-p15.
a19 3

20020711:	p15	FreeBSD-SA-02:30.ktrace
	Prevent users from tracing previously privileged processes.
@


1.73.2.43.2.17
log
@MFC 1.6: Correct a buffer overflow when handling malformed NFS
packets.
@
text
@a20 3
20020712:	p15	FreeBSD-SA-02:29.tcpdump
	A buffer overflow in tcpdump has been corrected.

@


1.73.2.43.2.18
log
@Notate the upgrade to BIND 8.3.3

Approved by:	security-officer
@
text
@a20 2
20020713:	p16	Upgrade to BIND 8.3.3

@


1.73.2.43.2.19
log
@Correct date of BIND 8.3.3 merge, reformat.

Cross-reference SA-02:28 where appropriate.

Approved by:	security-officer (implicitly)
@
text
@d21 1
a21 2
20020715:	p16
	Upgrade to BIND 8.3.3
d29 1
a29 1
20020626:	p14	FreeBSD-SA-02:28.resolv
@


1.73.2.43.2.20
log
@MFC sys/kern/kern_exec.c 1.178: Fix ordering of set-(user|group)-ID checks.
@
text
@d13 1
a13 1
By this count, we're at 4.4-RELEASE-p17.
a19 4

20020730:	p17	FreeBSD-SA-02:23.stdio.v1.2
	A bug in the previous patch for the vulnerability described
	in FreeBSD-SA-02:23.stdio was found and corrected.
@


1.73.2.43.2.21
log
@MFC 1.20: Use fchmod() to restore the tty modes.
@
text
@d13 1
a13 1
By this count, we're at 4.4-RELEASE-p18.
a19 3

20020730:	p18	FreeBSD-SA-02:32.pppd
	A fix for a race condition in pppd(8) was corrected.
@


1.73.2.43.2.22
log
@Correct awkward wording in recent pppd entry.
@
text
@d22 1
a22 1
	A race condition in pppd(8) was corrected.
@


1.73.2.43.2.23
log
@MFC lib/libc/xdr/xdr_array.c 1.11: Patch to fix bounds checking/overflow.
@
text
@d13 1
a13 1
By this count, we're at 4.4-RELEASE-p19.
a19 3

20020731:	p19
	A bounds checking error in the XDR decoder was corrected.
@


1.73.2.43.2.24
log
@Remove `By this count' line ... it provides no additional information and I
always forget to update it.
@
text
@d13 1
@


1.73.2.43.2.25
log
@MFC: OpenSSL 0.9.6e
@
text
@a19 3
20020731:	p20
	Upgrade to OpenSSL 0.9.6e.

@


1.73.2.43.2.26
log
@Correct bounds checking error in FFS filesize limits.
@
text
@a19 3
20020731:	p21
	A bounds checking error in FFS filesize limits was corrected.

@


1.73.2.43.2.27
log
@The fix applied to the XDR decoder in lib/libc/xdr/xdr_array.c revision
1.8.6.1 was incorrect.
@
text
@a19 3
20020801:	p22	FreeBSD-SA-02:34.rpc
	The original fix applied to the XDR decoder was in error.

d26 1
a26 1
20020731:	p19	FreeBSD-SA-02:34.rpc
@


1.73.2.43.2.28
log
@Update UPDATING and bump patch level for NFS fix.
@
text
@a19 3
20020801:	p23	FreeBSD-SA-02:36.nfs
	RPCs with zero-length payload would cause an infinite loop.

@


1.73.2.43.2.29
log
@Add cross-reference for SA-02:33.

Approved by:	security-officer (implicitly)
@
text
@d29 1
a29 1
20020731:	p20	FreeBSD-SA-02:33.openssl
@


1.73.2.43.2.30
log
@MFS: check far end of pipe.
@
text
@a19 4
20020805:	p24	FreeBSD-SA-02:37.kqueue
	Registering an EVFILT_WRITE event on a pipe whose far end had
	already been closed would cause a kernel panic.

@


1.73.2.43.2.31
log
@MFC src/crypto/openssl/crypto/asn1/asn1_lib.c rev 1.1.1.6:
  Correct a bug in the ASN.1 decoder.
@
text
@a19 4
20020805:	p25
	Correct a bug in the ASN.1 decoder which was introduced with
	the recent OpenSSL update.

@


1.73.2.43.2.32
log
@Add references to FreeBSD-SA-02:33.openssl and FreeBSD-SA-02:35.ffs to the
applicable entries.

Requested by:	matusita
@
text
@d20 1
a20 1
20020805:	p25	FreeBSD-SA-02:33.openssl
d34 1
a34 1
20020731:	p21	FreeBSD-SA-02:35.ffs
@


1.73.2.43.2.33
log
@MFC of upc_syscalls:1.123,1.124 and vesa.c:1.37.

Submitted by:	Silvio Cesare <silvio@@qualys.com> (1.123, 1.37)
@
text
@a19 4
20020813:	p26
	Bounds checking errors in accept(), getsockname(),
	getpeername(), and a VESA ioctl() command were corrected.

@


1.73.2.43.2.34
log
@Add cross-reference for SA-02:38.

Approved by:	security-officer (implicitly)
@
text
@d20 1
a20 1
20020813:	p26	FreeBSD-SA-02:38.signed-error
@


1.73.2.43.2.35
log
@MFC src/lib/libkvm/kvm.c 1.23: mark file descriptors close-on-exec.
@
text
@a19 5
20020911:	p27
	The kvm_openfiles/kvm_open functions now mark the returned file
	descriptors close-on-exec in case set-user-ID/set-group-ID
	applications are careless.

@


1.73.2.43.2.36
log
@Update UPDATING and bump patch level for kadmind fix.
@
text
@a19 3
20021023:	p28
	Correct kadmind buffer overflow.

@


1.73.2.43.2.37
log
@MFC: Fix smrsh bypass bug.

Approved by:    security-officer
@
text
@a19 3
20021026:	p29
	smrsh bypass bug.

@


1.73.2.43.2.38
log
@Correct recent name server vulnerabilities as documented at
<URL:http://www.isc.org/products/BIND/bind-security.html> and
<URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469>.

Obtained from:  ISC
@
text
@d20 1
a20 4
20021113:	p30	FreeBSD-SA-02:43.bind
	Correct name server vulnerabilities.
	
20021026:	p29	FreeBSD-SA-02:41.smrsh
d23 1
a23 1
20021023:	p28	FreeBSD-SA-02:40.kadmind
d26 1
a26 1
20020911:	p27	FreeBSD-SA-02:39.libkvm
@


1.73.2.43.2.39
log
@MFC 1.114: Fix a file descriptor leak in fpathconf(2).
@
text
@a19 6
20030107:	p32	FreeBSD-SA-02:44.filedesc
	Correct a reference counting bug in fpathconf(2).

20021122:	p31	FreeBSD-SA-02:42.resolv
	Correct a resolver overrun.

@


1.73.2.43.2.40
log
@FreeBSD-SA-03:04.sendmail: sendmail header parsing buffer overflow

Approved by:    security-officer (nectar)
@
text
@a19 3
20030303:	p33	FreeBSD-SA-03:04.sendmail
	sendmail header parsing buffer overflow, ident parsing bug.

@


1.73.2.43.2.41
log
@Put in the cvserver patches.. (MF4.6)
 SA:      FreeBSD-SA-03:01.cvs

Approved by:	security officer (nectar@@)
Obtained from:	FreeBSD-SA-03:01.cvs
@
text
@a19 3
20030304:	p34	FreeBSD-SA-03:01.cvs
	Patch for cvs server vulnerabilities.

@


1.73.2.43.2.42
log
@sendmail parsing buffer overflow fix
Advisory number to be filled in later

Approved by:	so (nectar)
@
text
@a19 3
20030329:	p35	FreeBSD-SA-03:??.sendmail
	sendmail address parsing buffer overflow.

@


1.73.2.43.2.43
log
@Update FreeBSD Security Advisory Number

Approved by:	so (nectar)
@
text
@d20 1
a20 1
20030329:	p35	FreeBSD-SA-03:07.sendmail
@


1.73.2.43.2.44
log
@MF4.6
Security update FreeBSD-SA-03:05.xdr

Approved by:	re@@ (blanket agreement for 4.4)
Obtained from:	4.6
@
text
@a19 3
20030405:       p36     FreeBSD-SA-03:05.xdr
        integer overflow errors in the Sun XDR library.

@


1.73.2.43.2.45
log
@realpath(3) bug fix:  There was an off-by-one error in computing the
size of the resulting canonical path.
@
text
@d20 2
a21 5
20030804:	p37	FreeBSD-SA-03:08.realpath
	Correct a single byte buffer overflow in realpath(3).

20030405:	p36	FreeBSD-SA-03:05.xdr
	integer overflow errors in the Sun XDR library.
@


1.73.2.43.2.46
log
@MFC sys_process.c 1.113, spigot.c 1.60:
Add or correct range checking of signal numbers in system calls and
ioctls.
@
text
@a19 3
20030810:	p38	FreeBSD-SA-03:09.signal
	Repair range-checking errors in signal handling.

@


1.73.2.43.2.47
log
@MFC 1.24: Validate the iBCS2 statfs(2) length parameter.
@
text
@a19 3
20030810:	p39	FreeBSD-SA-03:10.iBCS2
	iBCS2 system call translator for statfs leaked information.

@


1.73.2.43.2.48
log
@MFC buffer.c 1.1.1.7: Do not record expanded size before attempting to
reallocate associated memory.
@
text
@a19 3
20030916:	p40	FreeBSD-SA-03:12.openssh
	OpenSSH oversized packet buffer handling corrected.

@


1.73.2.43.2.49
log
@MFC buffer.c 1.2, channels.c 1.16, deattack.c 1.1.1.6,
    misc.c 1.1.1.5 (->scp.c), session.c 1.41, ssh-agent.c 1.19:
Correct more cases of allocation size bookkeeping errors.
@
text
@a19 3
20030916:	p41	FreeBSD-SA-03:12.openssh
	Follow-up fixes for OpenSSH oversized packet buffer handling.

@


1.73.2.43.2.50
log
@MFC: sendmail address parsing bug fix

Approved by:	so (nectar)
@
text
@a19 3
20030917:	p42	FreeBSD-SA-03:13.sendmail
	Fix another address parsing buffer overflow.

@


1.73.2.43.2.51
log
@Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.

Approved by:	security-officer, jake (mentor)
Reported by:	Apple Product Security <product-security@@apple.com>
@
text
@a19 5
20030923:	p43	FreeBSD-SA-03:14.arp
	Fix a bug in arplookup(), whereby a hostile party on a locally
	attached network could exhaust kernel memory, and cause a system
	panic, by sending a flood of spoofed ARP requests.

@


1.73.2.43.2.52
log
@Bump patch level for updated arplookup fix.
@
text
@a19 3
20030924:	p44	FreeBSD-SA-03:14.arp
	Updated fix for arplookup bug.

@


1.73.2.43.2.53
log
@MFS 1.55.2.11:  Correct a reference counting bug in readv(2).
@
text
@a19 3
20031002:	p45	FreeBSD-SA-03:16.filedesc
	Correct a reference counting bug in readv(2).

@


1.73.2.43.2.54
log
@Merge from RELENG_4: kern_subr.c 1.31.2.3, procfs_dbregs.c 1.4.2.4,
    procfs_fpregs.c 1.11.2.4, procfs_regs.c 1.10.2.4,
    procfs_rlimit.c 1.5.2.1, procfs_status.c 1.20.2.5, uio.h 1.11.2.2,
    linprocfs_misc.c 1.3.2.9.
Correct several integer underflows/overflows in procfs and linprocfs.
@
text
@a19 3
20031003:	p46	FreeBSD-SA-03:17.procfs
	Correct integer underflows/overflows in procfs(5) and linprocfs(5).

@


1.73.2.43.2.55
log
@Correct a remote denial-of-service attack in named(8).
@
text
@a19 3
20031126:	p47	FreeBSD-SA-03:19.bind
	Corrected remote denial-of-service vulnerability in named(8).

@


1.72
log
@Add openssh and api changes.
@
text
@d8 6
d680 1
a680 1
$FreeBSD: src/UPDATING,v 1.71 2000/02/23 05:51:02 imp Exp $
@


1.71
log
@Slightly improved 3.x -> current instructions.
@
text
@d8 24
d674 1
a674 1
$FreeBSD: src/UPDATING,v 1.70 2000/02/22 01:50:25 imp Exp $
@


1.70
log
@Add 3.x -> 4.0 upgrade instructions
Make it plainer the kernel rebuild required point.

I had thought these changes were already in.
@
text
@d621 2
d634 1
a634 1
	make -k installworld
d650 1
a650 1
$FreeBSD: src/UPDATING,v 1.69 2000/02/07 05:14:16 imp Exp $
@


1.69
log
@Enshrine my own personal tantrum to the whole xinstall fiasco.

Inspired by: reading too much -current and updating my laptop accross
the great divide.
@
text
@d231 4
d603 1
d623 14
a636 1
	make world
d645 2
a646 2
Please filter your entries through Warner (imp@@village.org) so that
the style, formatting, etc of this file can be maintained.
d648 1
a648 1
$FreeBSD: src/UPDATING,v 1.68 2000/02/06 04:31:15 imp Exp $
@


1.68
log
@Fix details of libipsec, per Jim Bloom.
@
text
@d9 12
a20 1
	The xinstall problem has been corrected.
d630 1
a630 1
$FreeBSD: src/UPDATING,v 1.67 2000/02/06 04:07:11 imp Exp $
@


1.67
log
@Add libipsec shared version regression.
Add section on updating from 3.x
Yet another attempt to explain xinstall problems
Fix typos
@
text
@d13 1
a13 1
	commit of Feb 3 incorrectly set this to 0.  Remove
d619 1
a619 1
$FreeBSD: src/UPDATING,v 1.66 2000/02/02 05:35:31 imp Exp $
@


1.66
log
@Add entries for recent ipv6 api interface alignment (from shin@@freebsd.org)
Clarify xinstall instructions from bde
@
text
@d8 10
d19 1
a19 1
	The rcmd related fucntions have been aligned with other BSD
d29 6
a34 12
	reasons.  An unintended side effect of this is that you must
	rebuild install before the rest of the world.  You need to
	build it static install before you make world:

		cd src/usr.bin/xinstall
		make depend all install NOSHARED=yes

	If you encounter an error in installworld after doing a build
	world, then do the following:
		cd src/usr.bin/xinstall
		make install
	This issue may be resolved before 4.0 goes out.
d584 1
a584 1
		cd ../../../sys/i386/conf
d603 5
a607 1
	make world.
d619 1
a619 1
$FreeBSD: src/UPDATING,v 1.65 2000/01/30 23:15:21 imp Exp $
@


1.65
log
@Add a section at the end called COMMON ITEMS.  This is where we'll put
those questions that come up all the time (eg, how do I build a
kernel).  This is intended to be a very brief reminder for people that
are basically clueful what the steps are to do these common things.
What it lacks in verbosity it makes up in terseness.
@
text
@d5 11
a15 1
done items, please see the end of the file.  Search for COMMON ITEMS:
d20 5
a24 1
	rebuild install before the rest of the world.
d26 2
d29 2
a30 1
		make depend all install clean
d32 5
a36 2
	before make world or buildworld.  This issue may be resolved
	before 4.0 goes out.
d145 1
a145 7
	MAKEDEV should be copied from src/etc/MAKEDEV to /dev before
	starting the following:

		For N in the list of disks
			MAKEDEV N			# eg ad0
			for M in the list of slices
				MAKEDEV NsMa		# eg ad0s1a
d163 1
a163 2
	MAKEDEV should be copied from src/etc/MAKEDEV to /dev before
	starting the following:
a164 4
		For N in the list of da disks on your system
			MAKEDEV daN
			for M in the list of slices
				MAKEDEV daNsMa
d585 16
d611 1
a611 1
$FreeBSD: src/UPDATING,v 1.64 2000/01/30 23:09:58 imp Exp $
@


1.64
log
@Add info about burncd, c++ changes, the xinstall kludge as well as
correct the buidlworld typo every keeps teasing me about.

I didn't ask Jordan if this was OK, but figured it fell under the
documentation exception in his freeze mail.
@
text
@d4 2
a5 1
directly to him.  See end of file for further details.
d562 16
d586 1
a586 1
$FreeBSD: src/UPDATING,v 1.63 2000/01/19 17:18:43 imp Exp $
@


1.63
log
@Add recent entries:
	CAM version bump
	gnu texinfo
	pccardd/pccardc recompile to match kernel ioctls
@
text
@d6 32
d40 1
a40 1
	make buidlworld to update.
d569 1
a569 1
$FreeBSD: src/UPDATING,v 1.62 2000/01/17 06:12:00 imp Exp $
@


1.62
log
@Fix typos and talk about the controller -> device config file
changes.
@
text
@d6 18
d537 1
a537 1
$FreeBSD: src/UPDATING,v 1.61 2000/01/09 05:12:25 imp Exp $
@


1.61
log
@Spell chown right.

Noticed by: Phil Jenvey and Mike Heffner
@
text
@d6 4
d16 1
a16 1
	a new /dev/MAKEDEV (mergmaster(8) will assist you in this).
d31 1
a31 1
	anything that uses them.  wormcontrol has been depreicated in
d519 1
a519 1
$FreeBSD: src/UPDATING,v 1.60 2000/01/07 20:16:39 imp Exp $
@


1.60
log
@The happy, busy elves have been happily busy again:
	sha-1 gone
	burncd (and ioctl interface changes)
	chown/chgrp moved back
@
text
@d10 1
a10 1
		    rm -f /sbin/chwon /bin/chgrp
d515 1
a515 1
$FreeBSD: src/UPDATING,v 1.59 2000/01/06 18:19:35 imp Exp $
@


1.59
log
@Fix typos:
	named->name:		hank@@black-hole.com
	/etc/rc.conf -> /etc/rc	PR: docs/15664 Iiya Naumov

Added radius.conf format change from jdp
Added genassym change from geoff rehmet <geoff@@is.co.za>

Yes.  I'm still very much the maintainer of this file in -current.
@
text
@d6 24
d515 1
a515 1
$FreeBSD: src/UPDATING,v 1.58 1999/12/19 23:51:50 imp Exp $
@


1.58
log
@Add import of ntpd 4.x
Add movement of /etc/sendmail.cf to /etc/mail/sendmail.cf
@
text
@d6 6
d14 2
a15 2
	/etc/mail/sendmail.cf.  You may need to adjust /etc/rc.conf to
	cope as well as moving sendmail.cf.
d18 1
a18 1
	ntp 4.0.98 has replaced the ancient xntpd.  The daemon named
d103 9
d491 1
a491 1
$FreeBSD: src/UPDATING,v 1.57 1999/12/13 17:55:23 imp Exp $
@


1.57
log
@Add notes from recent HEADS UP messages:
	o soren updated the ata driver.  Please use 1213 or newer if
	  you have problems with the old stuff.
	o Enshrine the night of bared axes against wd.  Strongly push
	  users to move to ata driver.
	o Alpha users need to recompile klds after 11/29.
	o Mention the sound driver bridge code commit of 11/22.
	o change examples in 1205 entry from wd to ad.
	o Talk about new dc driver replacing all of the drivers that
	  Bill Paul has ever written.[*]

Corrections to these entries welcome.

[*] Well, at least those based on tulip clones...
@
text
@d6 14
d476 1
a476 1
$FreeBSD: src/UPDATING,v 1.56 1999/12/06 22:42:01 imp Exp $
@


1.56
log
@"raw" -> "block" Block devices have been what are now gone, not "raw"
devices.

Submitted by: David O'Brian
@
text
@d6 14
d30 1
a30 1
			MAKEDEV N			# eg wd0
d32 1
a32 1
				MAKEDEV NsMa		# eg wd0s1a
d38 4
d60 5
d75 5
d462 1
a462 1
$FreeBSD: src/UPDATING,v 1.55 1999/12/06 04:21:50 imp Exp $
@


1.55
log
@bad144 elimination
bdev removal and its required actions (MAKEDEV)
sd -> da
@
text
@d7 1
a7 1
	Raw devices are going away.  You will need to update your /dev
d434 1
a434 1
$FreeBSD: src/UPDATING,v 1.54 1999/12/05 18:55:53 phk Exp $
@


1.54
log
@Add entry about updating of /dev being desirable.
@
text
@d7 34
a40 2
	/dev needs updating, copy MAKEDEV from src/etc to /dev and
	run it to recreate all diskdevices.
d434 1
a434 1
$FreeBSD: src/UPDATING,v 1.53 1999/11/26 20:38:36 imp Exp $
@


1.53
log
@Add poul's md information, in abbreviated form, to the UPDATING file.
@
text
@d6 4
d402 1
a402 1
$FreeBSD: src/UPDATING,v 1.52 1999/11/26 06:36:13 imp Exp $
@


1.52
log
@Add note about how hardwiring ep0 will not likely work.

Also correct a small spelling nit from Bill Fumerola.
@
text
@d6 6
d398 1
a398 1
$FreeBSD: src/UPDATING,v 1.51 1999/11/19 02:16:26 billf Exp $
@


1.51
log
@Spelling fix.
@
text
@d6 4
d49 1
a49 1
	tn3270 has been removed from the based system and added as a port.
d392 1
a392 1
$FreeBSD: src/UPDATING,v 1.50 1999/11/17 18:06:56 imp Exp $
@


1.50
log
@gcc 2.95.2
@
text
@d61 1
a61 1
	not suffient to warrant the version number bump.
d388 1
a388 1
$FreeBSD: src/UPDATING,v 1.49 1999/10/23 18:15:14 chris Exp $
@


1.49
log
@Fix a typo:  ``maintain compatible'' -> ``maintain compatibility''
@
text
@d6 3
d388 1
a388 1
$FreeBSD: src/UPDATING,v 1.48 1999/10/15 17:34:56 imp Exp $
@


1.48
log
@New pccard kernel config requirement
@
text
@d18 1
a18 1
	maintain compatible with existing binaries. A new kernel must
d385 1
a385 1
$FreeBSD: src/UPDATING,v 1.47 1999/09/30 14:54:48 imp Exp $
@


1.47
log
@Sort by date, reindent sigset_t entry
@
text
@d6 8
d385 1
a385 1
$FreeBSD: src/UPDATING,v 1.46 1999/09/29 22:29:15 imp Exp $
@


1.46
log
@Fix typo in november
Add signal breakage

**** NEW KERNEL NEEDED FOR MAKE WORLD ****
@
text
@d6 8
a23 8
19990929:
       The sigset_t datatype has been changed from an integral type
       to a compound type and can hold 128 signals. Syscalls directly
       or indirectly using the new sigset_t have been added as to
       maintain compatible with existing binaries. A new kernel must
       be made and installed and booted with before a make world can
       be done.

d377 1
a377 1
$FreeBSD: src/UPDATING,v 1.45 1999/09/08 18:34:31 imp Exp $
@


1.45
log
@controller miibus0 is now needed.
Also adjust previous entry to be terminated by a blank line.
@
text
@d6 18
d371 1
a371 1
and it only starts on Novemeber 18, 1998.  If you have an earlier
d377 1
a377 1
$FreeBSD: src/UPDATING,v 1.44 1999/09/06 20:10:26 n_hibma Exp $
@


1.44
log
@Move /var/cron/log to /var/log/cron
@
text
@d6 5
d14 1
d359 1
a359 1
$FreeBSD: src/UPDATING,v 1.43 1999/08/31 17:07:14 imp Exp $
@


1.43
log
@Forgot Peter's Id->FreeBSD change as well as tn3270 being removed from
the base system and added as a port.
@
text
@d6 3
d353 1
a353 1
$FreeBSD: src/UPDATING,v 1.42 1999/08/31 17:01:34 imp Exp $
@


1.42
log
@Add blurb Jonathan Lemmon provided about the new TCP timer values.  I
didn't document the couple day window when the units were in terms of
ticks rather than ms.

Also add note about libreadline major version retrograde motion.
@
text
@d6 3
d14 4
d350 1
a350 1
$FreeBSD: src/UPDATING,v 1.41 1999/08/28 01:35:59 peter Exp $
@


1.41
log
@$Id$ -> $FreeBSD$
@
text
@d6 21
d343 1
a343 1
$FreeBSD$
@


1.40
log
@Add ipfw recompile and bpfilter -> bpf changes
@
text
@d322 1
a322 1
$Id: UPDATING,v 1.39 1999/08/01 18:19:03 imp Exp $
@


1.39
log
@Note need to recompile pccardd with latest kernel.
@
text
@d10 8
d322 1
a322 1
$Id: UPDATING,v 1.38 1999/07/07 04:28:48 imp Exp $
@


1.38
log
@Spelling nits
@
text
@d6 4
d314 1
a314 1
$Id: UPDATING,v 1.37 1999/07/03 22:15:43 imp Exp $
@


1.37
log
@Latest updating changes for softupdates, inetd and newsysconfig.
@
text
@d8 1
a8 1
	src/sy/contrib/softupdates.  Update your symbolic links/etc.
d310 1
a310 1
$Id: UPDATING,v 1.36 1999/06/24 04:20:37 imp Exp $
@


1.36
log
@Compaq smart raid
@
text
@d6 19
d310 1
a310 1
$Id: UPDATING,v 1.35 1999/06/23 06:39:07 imp Exp $
@


1.35
log
@Ooops.  Forgot about kernel config requirement.
@
text
@d6 3
d291 1
a291 1
$Id: UPDATING,v 1.34 1999/06/23 05:51:37 imp Exp $
@


1.34
log
@Add latest syscons cleanup.
@
text
@d10 2
d288 1
a288 1
$Id: UPDATING,v 1.33 1999/06/20 09:56:32 imp Exp $
@


1.33
log
@Add ipfw binary breakage, as well as inetd updates.
@
text
@d6 5
d286 1
a286 1
$Id: UPDATING,v 1.32 1999/05/10 05:34:32 imp Exp $
@


1.32
log
@Add update on the status of new bus.
Add libcam ABI change warning.
@
text
@d6 12
d281 1
a281 1
$Id: UPDATING,v 1.31 1999/04/28 05:18:46 imp Exp $
@


1.31
log
@Add two recent developments:
	pccard is busted
	The cool new SMP stuff
@
text
@d6 7
d269 1
a269 1
$Id: UPDATING,v 1.30 1999/04/21 06:57:35 imp Exp $
@


1.30
log
@Add entry for newbus.  It is rather long, but lots of nits can shoot
people with this upgrade.  Lemme know what you think, or any
corrections that should be made to it.

Corrected a few typos based on submissions from various people.

Add note that make aout-to-elf is currently broken and what to do to
work around it.  This is implied by make -DWANT_AOUT being broken, but
that isn't obvious to many people.
@
text
@d6 12
d262 1
a262 1
$Id: UPDATING,v 1.29 1999/04/15 04:36:45 imp Exp $
@


1.29
log
@Clarify the current state of cc -aout:
	Compiling -g sometimes doesn't work (from Bruce)
	libgcc_r won't build (Jos Backus)
Also mention that make -j n world is working again
@
text
@d4 34
a37 1
to him.  See end of file for further details.
d46 6
d60 1
a60 1
	egcs, not supposedly works.  If you have rebuilt things like
d62 1
a62 1
	things (including netscape) will not work.
d250 1
a250 1
$Id: UPDATING,v 1.28 1999/04/13 06:10:53 imp Exp $
@


1.28
log
@Note that cc -aout has been broken for a while and a reminder to
recompile now that it has been fixed.

Submitted by: Peter Wemm
@
text
@d6 13
d20 4
a23 3
	Note cc -aout has been broken since the conversion to egcs.  If
	you have rebuilt things like XFree86 a.out libraries, you should
	rebuild them again or things (including netscape) will not work.
d211 1
a211 1
$Id: UPDATING,v 1.27 1999/04/12 16:22:15 max Exp $
@


1.27
log
@Typo fix, src/sys/gnu/usr.bin/cc -> src/gnu/usr.bin/cc.
@
text
@d6 5
d197 1
a197 1
$Id: UPDATING,v 1.26 1999/04/09 06:34:00 imp Exp $
@


1.26
log
@Ooops.  Forgot C++ ABI major version bump (aka breakage).
@
text
@d24 1
a24 1
		cd src/sys/gnu/usr.bin/cc
d192 1
a192 1
$Id: UPDATING,v 1.25 1999/04/09 06:31:00 imp Exp $
@


1.25
log
@In reading -current, I noticed I had overlooked the NOAOUT -> WANT_AOUT
change, which deserves a mention here.
@
text
@d6 5
a10 1
1990408:
d192 1
a192 1
$Id: UPDATING,v 1.24 1999/04/09 06:17:37 imp Exp $
@


1.24
log
@Added a whole lot of information on upgrading with egcs and the common
problems discussed in -current up through approx april 7th.  Those
more in the know please read these changes and send me corrections.
I've only hit a few of the cases, not all of them, so my reporting is
second hand at best.
@
text
@d30 5
d188 1
a188 1
$Id: UPDATING,v 1.23 1999/03/18 05:39:45 imp Exp $
@


1.23
log
@Add pointer sys/boot/README for new boot system (this should be in a
man page, but I take what I can get)
Submitted by: chuckr

Add warning that vn can't be a loadable module for a while
Submitted by: dillon

Add name change for old atapi cd driver
Submitted by: sos
@
text
@d6 24
d183 1
a183 1
$Id: UPDATING,v 1.22 1999/03/10 06:21:28 imp Exp $
@


1.22
log
@Mention new loader.rc.  Point people at the updated man pages for more
details.
@
text
@d6 11
d18 2
a19 2
	New loader.rc mechanism.  Please see updated man pages for
	details.  If you do nothing, nothing will change.
d159 1
a159 1
$Id: UPDATING,v 1.21 1999/02/27 03:14:22 imp Exp $
@


1.21
log
@Note struct proc size change from Mark Newton.
@
text
@d6 4
d148 1
a148 1
$Id: UPDATING,v 1.20 1999/02/17 05:32:40 imp Exp $
@


1.20
log
@Catch up with the past week:
	Add better text for the ppbus changes
	Add note about libdevstat changing forcing a recompile of some
	things in the tree as well as ports that use devstat.

Thanks to those people that used HEADS UP in their message.  Large,
rabid mammals to those that wanted to beat the /etc/rc* horse with the
phrase "heads up" in the subject line.
@
text
@d3 6
a8 2
This file is maintainted by imp@@village.org.  Please send new entries
in it to him.  See end of file for further details.
d141 4
a144 1
$Id: UPDATING,v 1.19 1999/02/15 08:09:07 imp Exp $
@


1.19
log
@nlpt -> lpt changes.  Point at the man page, but refrain from
suggesting course of action if man page proves unhelpful.
@
text
@d8 2
a9 1
	See lpt(4) and/or nlpt(4) for proper configuration details.
d15 6
d137 1
a137 1
$Id: UPDATING,v 1.18 1999/02/14 05:18:35 imp Exp $
@


1.18
log
@lpt -> nlpt and ppbus due to Dag's changes.

Submitted by: Joseph Koshy <jkoshy@@FreeBSD.ORG>

P.S.  Forgive the delay on committing this.  I've been out of town at
a funeral until just a few minutes ago.
@
text
@d6 4
d12 1
a12 2
	driver and 'ppbus' controller combination (rev 1.147 of
	src/sys/i386/conf/GENERIC.)
d130 1
a130 1
$Id: UPDATING,v 1.17 1999/01/26 03:13:22 imp Exp $
@


1.17
log
@	o Add info about Julian's Linux Threads checkin (one of these
	  days I'm going to write a make kvm top level target).
	o Add warning about the
	  short lived boot block breakage and briefly what to do to
	  fix it.
@
text
@d4 6
a9 5
in it to him.  It contains a list, in reverse chronologocal order, of
major breakages in tracking -current.  Not all things will be listed
here, and it only starts on Novemeber 18, 1998.  If you have an
earlier version of FreeBSD, you are on your own to get to November 18,
1998.
d122 6
a127 1
$Id: UPDATING,v 1.16 1999/01/21 20:16:24 imp Exp $
@


1.16
log
@Nits.
@
text
@d10 12
a21 1
1999121:
d121 1
a121 1
$Id: UPDATING,v 1.15 1999/01/21 20:13:41 imp Exp $
@


1.15
log
@Add notes about:
	vinum changes
	Matt Dillon's massive changes to vm_*.c
	The great RELENG_3 branch event
@
text
@d13 1
d15 1
d20 1
d24 1
d110 1
a110 1
$Id: UPDATING,v 1.14 1999/01/19 21:04:22 imp Exp $
@


1.14
log
@Add note about the need to reconfigure kernel for some new syscons
cahnges that kazu-san has committed, culled from his HEADS UP message
to -current.
@
text
@d10 18
d106 1
a106 1
$Id: UPDATING,v 1.13 1999/01/17 17:39:32 imp Exp $
@


1.14.2.1
log
@Initial attempt at what I believe to be just 3.x-relative changes.
@
text
@d3 6
a8 36
This file is maintained by imp@@village.org.  Please send new entries
directly to him.  See end of file for further details.

19990214:
	The nlpt driver has changed names back to be the lpt driver.
	See ppbus(4) or http://www.freebsd.org/~nsouch/ppbus.html
	for proper configuration details.

19990209:
	New devstat API requires recompilation of libdevstat, systat,
	iostat, vmstat and rpc.rstatd.  A new kernel is also required.
	make world + building a kernel should do all of this.  Any
	ports that use devstat need to be recompiled as well.

19990125:
	Linux threads options has gone away (they are now standard in
	the FreeBSD kernel).  A recompile of all libkvm using programs
	is in order (or better yet a make world).

19990122:
	On or about this date there was a small window when the boot
	blocks had some minor problems which seemed to force one to
	edit /etc/fstab.  This has been corrected, if you are seeing this
	problem, please rebuild and reinstall your boot blocks.

19990121:
	Vinum has changed.  The "vinum read" command has changed.  For
	updates, please see

http://www.freebsd.org/cgi/getmsg.cgi?fetch=800363+0+current/freebsd-current

	for details.  

19990120:
	Stable branch created.  You might want to consider using this
	branch.  It is tagged with RELENG_3.
d88 1
a88 9
This file contains a list, in reverse chronologocal order, of major
breakages in tracking -current.  Not all things will be listed here,
and it only starts on Novemeber 18, 1998.  If you have an earlier
version of FreeBSD, you are on your own to get to November 18, 1998.

Please filter your entries through Warner (imp@@village.org) so that
the style, formatting, etc of this file can be maintained.

$Id: UPDATING,v 1.31 1999/04/28 05:18:46 imp Exp $
@


1.14.2.2
log
@Document	'nlpt'->'lpt'
			devstat and friends API change
			NOAOUT->WANT_AOUT
@
text
@d6 2
a7 13
19990510:
	Previously, one would define "NOAOUT" to keep from building
	the legacy a.out bits.  Now one would define "WANT_AOUT" to
	build them.

19990507:
	New devstat API requires recompilation of libdevstat, systat,
	iostat, vmstat and rpc.rstatd.  A new kernel is also required.
	make world + building a kernel should do all of this.  Any
	ports that use devstat need to be recompiled as well.

19990424:
	The 'nlpt' driver has changed names to become the 'lpt' driver.
d119 1
a119 1
breakages in tracking -stable.  Not all things will be listed here,
d126 1
a126 1
$Id: UPDATING,v 1.14.2.1 1999/05/10 09:22:47 jkh Exp $
@


1.14.2.3
log
@$Id$ -> $FreeBSD$
@
text
@d137 1
a137 1
$FreeBSD$
@


1.14.2.4
log
@Gut this file.  It contains obsolete information and has been
unmaintained for some time now.  Add note pointing people to jkh if
they want to maintain it in -stable.  I plan to remove it from this
branch if no one has come forward by Feb 15, 2000.
@
text
@d1 1
a1 1
Updating Information for FreeBSD Stable users
d3 133
a135 3
This file is unmaintained.  Serious applicants for the position please
contact jkh@@freebsd.org before Feb 15, 2000.  This file will be
removed then if no maintainer has come forward.
@


1.14.2.5
log
@Take my name out of here - I'm tired of getting asked about it!
@
text
@d3 5
a7 1
$FreeBSD: src/UPDATING,v 1.14.2.4 2000/01/06 17:39:38 imp Exp $
@


1.14.2.6
log
@Tell people that you should read /usr/src/UPDATING after the sources
have been upgraded when moving to 4.x-stable.
@
text
@d3 1
a3 4
When updating to 4.x-stable from 3.x-stable, please read src/UPDATING
after updating to the new sources for important information.

$FreeBSD: src/UPDATING,v 1.14.2.5 2000/02/07 17:24:27 jkh Exp $
@


1.13
log
@Remove stray </a> html markers left in last commit.

Submitted by: "Philippe Charnier" <charnier@@xp11.frmug.org>
@
text
@d10 6
d88 1
a88 1
$Id: UPDATING,v 1.12 1999/01/14 05:59:52 imp Exp $
@


1.12
log
@After much negative feedback, go back to plain ASCII for this file.
@
text
@d17 1
a17 1
		http://www.freebsd.org/~yokota/sc_update.txt</a>
d25 1
a25 1
		http://www.freebsd.org/~rnordier/boot.txt</a>
d38 1
a38 1
		http://www.freebsd.org/~peter/elfday.html</a>
d82 1
a82 1
$Id: UPDATING,v 1.11 1999/01/12 20:11:29 imp Exp $
@


1.11
log
@Convert to HTML.  Verified to work on Netscape 4.5 and Netscape
3.something.  We were getting a lot of URL links in this file and it
seemed like a good idea to convert this file to html so people can
follow them easily.

This does not use the doc tools to generate.  I'm doing it all by hand
at the moment.
@
text
@d1 10
a10 18
<html>
<head>
<title>Updating Information for FreeBSD current users</title>
</head>
<body>
<h1>Updating Information for FreeBSD current users</h1>
<p>
This file is maintainted by <a href="mailto:imp@@village.org">Warner
Losh</a>.  Please send new entries in it to him.  It contains a list,
in reverse chronologocal order, of major breakages in tracking
-current.  Not all things will be listed here, and it only starts on
Novemeber 18, 1998.  If you have an earlier version of FreeBSD, you
are on your own to get to November 18, 1998.</P>

<table cellpadding=0 cellspacing=0 boarder=0 width="95%" align=center>
  <tr>
    <td width="10%" valign=top align=left><b>19990111</b></td>
    <td valign=top align=left>
d16 3
a18 4
    <br>
	<a href="http://www.freebsd.org/~yokota/sc_update.txt">
	http://www.freebsd.org/~yokota/sc_update.txt</a>
    <br>
d20 2
a21 5
    </td>
  </tr>
  <tr>
    <td width="10%" valign=top align=left><b>19990106</b></td>
    <td valign=top align=left>
d24 3
a26 4
    <br>
	<a href="http://www.freebsd.org/~rnordier/boot.txt">
	http://www.freebsd.org/~rnordier/boot.txt</a>
    <p>
d34 2
a35 5
    </td>
  </tr>
  <tr>
    <td width="10%" valign=top align=left><b>19990104</b></td>
    <td valign=top align=left>
d37 3
a39 4
    <br>
	<a href="http://www.freebsd.org/~peter/elfday.html">
	http://www.freebsd.org/~peter/elfday.html</a>
    <br>
d42 2
a43 5
    </td>
  </tr>
  <tr>
    <td width="10%" valign=top align=left><b>19981230</b></td>
    <td valign=top align=left>
d51 2
a52 5
    </td>
  </tr>
  <tr>
    <td width="10%" valign=top align=left><b>19981224</b></td>
    <td valign=top align=left>
d56 1
a56 1
    <p>
d59 1
a59 1
    <p>
d62 2
a63 5
    </td>
  </tr>
  <tr>
    <td width="10%" valign=top align=left><b>19981202</b></td>
    <td valign=top align=left>
d66 2
a67 5
    </td>
  </tr>
  <tr>
    <td width="10%" valign=top align=left><b>19981201</b></td>
    <td valign=top align=left>
a69 1
    <pre>
d76 2
a77 6
    </pre>
    </td>
  </tr>
  <tr>
    <td width="10%" valign=top align=left><b>19981118</b></td>
    <td valign=top align=left>
d81 2
a82 8
    </td>
  </tr>
</table>
<p>
<comment>
$Id: UPDATING,v 1.10 1999/01/11 09:07:18 imp Exp $
</comment>
</body>
@


1.10
log
@Add notes about the new console system and a pointer to the changes
required by it.

Submitted by: Kazutaka YOKOTA (with minor edits by me)
@
text
@d1 18
a18 8
This file is maintainted by imp@@village.org.  Please send new entries
in it to him.  It contains a list, in reverse chronologocal order, of
major breakages in tracking -current.  Not all things will be listed
here, and it only starts on Novemeber 18, 1998.  If you have an
earlier version of FreeBSD, you are on your own to get to November 18,
1998.

19990111
d24 4
a27 3

		http://www.freebsd.org/~yokota/sc_update.txt

d29 6
a34 3

19980106:
	Robert was kind enough to make this page to enable people to
d36 4
a39 2
		http://www.freebsd.org/~rnordier/boot.txt

d43 9
a51 5
	messages about being unable to find library files.  The mergemaster
	utility in ports/sysutils/mergemaster helps to keep critical
	files like this in sync, and its use is recommended.

19990104:
d53 4
a56 1
	  http://www.freebsd.org/~peter/elfday.html
d59 5
a63 2

19981230:
d71 5
a75 2

19981224:
d79 1
a79 1

d82 1
a82 1

d85 5
a89 2

19981202:
d92 5
a96 2

19981201:
d99 1
d106 6
a111 2

19981118:
d115 8
a122 5

YYYYMMDD:
	What happened and what you need to do.

$Id: UPDATING,v 1.9 1999/01/06 19:35:46 imp Exp $
@


1.9
log
@Add pointer to mergemaster.

Submitted by: Jaye Mathisen <mrcpu@@internetcds.com>

Also minor formatting nits.
@
text
@d8 11
d79 1
a79 1
$Id: UPDATING,v 1.8 1999/01/06 07:12:41 imp Exp $
@


1.8
log
@Add Robert Nordier's boot block URL.
@
text
@a12 1
19980106:
d16 3
a18 1
	messages about being unable to find library files.
d68 1
a68 1
$Id: UPDATING,v 1.7 1999/01/06 07:06:38 imp Exp $
@


1.7
log
@More Elven advice:
	Update /etc/rc* if you are going to run a system with aout
libraries, otherwise ldconfig won't know what to do and all dynamic
aout binaries will fail.
@
text
@d9 5
d67 1
a67 1
$Id: UPDATING,v 1.6 1999/01/05 07:45:10 imp Exp $
@


1.6
log
@On Dec 24 the wcd driver was removed.  The new driver is acd.  Make a
note of this in the updating file.  Put it under the 19981224 date
rather than today's date, since that was when the change was.

Submitted by: Gregory Bond <gnb@@itga.com.au>

Also added note about floppy tape driver.  Didn't add note about
voxware or pcvt as they have been restored to the kernel.
@
text
@d8 6
d62 1
a62 1
$Id: UPDATING,v 1.5 1999/01/05 05:46:37 imp Exp $
@


1.5
log
@Add a poitner to Peter's page on the ELF migration day.  This is the
day when the elves sail accross the sea to a new home, which happens
to be in your computer.  They will sing glorious songs for the Eldar
days.  You machine will shun the darkness that is upon the world.

Errrm, well actually you won't even notice...

Submitted by: peter
Appologies to: tokien
@
text
@d23 11
d56 1
a56 1
$Id: UPDATING,v 1.4 1998/12/31 08:01:12 imp Exp $
@


1.4
log
@Added notes about upcoming uid/gid mta for the postfix integration.
Suggested by: peter

Also reworked the 981230 section in light of a better understanding of
what is in the pipeline.
@
text
@d5 2
a6 1
earlier version of FreeBSD, you are on your own.
d8 5
a12 3
19981231:
	Postfix, to be committed shortly, will require a new uid (mta)
	and a new gid (mta).  Add them now and avoid the rush.
d45 1
a45 1
$Id: UPDATING,v 1.3 1998/12/31 06:20:01 imp Exp $
@


1.3
log
@Add impending flag day for ELF.  Make notes about elf userland and elf
kernel forced migration happening soon.

While still incomplete, and there may be showstoppers along the way,
the advise given here is not incorrect.

Submitted indirectly by: jdk, peter wemm
@
text
@d7 4
d13 6
a18 4
	become default on Jan 6.  Instructions on upgrading will be
	forth coming.  In addition, the aout buildworld will be
	blocked at that time was well.  Upgrade to elf as described in
	src/Makefile.
d42 1
a42 1
$Id: UPDATING,v 1.2 1998/12/24 02:02:09 imp Exp $
@


1.2
log
@Added new users/group that Matt Dillan added.  While not strictly
necessary due to later changes to the tree, they may someday be
required.
@
text
@d7 7
d36 1
a36 1
$Id: UPDATING,v 1.1 1998/12/15 00:24:32 imp Exp $
@


1.1
log
@This file contains minimal instructions for the moderately clueful to
update their systems from prior versions of FreeBSD.  It is only for
November 18, 1998 and newer systems.  If you have an older system, you
are on your own.

I'll update this from time to time, and if it shows signs of bitrot
I'll kill it.
@
text
@d7 14
d29 1
a29 1
$Id:$
@

