This section describes the most user-visible new or changed features in FreeBSD since 5.5-RELEASE.
Typical release note items document recent security advisories issued after 5.5-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.
A bug in ypserv(8), which effectively disabled the /var/yp/securenets access control mechanism, has been corrected. More details are available in security advisory FreeBSD-SA-06:15.ypserv.
A bug in the smbfs file system, which could allow an attacker to escape out of chroot(2) environments on an smbfs mounted filesystem, has been fixed. For more details, see security advisory FreeBSD-SA-06:16.smbfs.
A potential denial of service problem in sendmail(8) caused by excessive recursion which leads to stack exhaustion when attempting delivery of a malformed MIME message, has been fixed. For more details, see security advisory FreeBSD-SA-06:17.sendmail.
A potential buffer overflow condition in sppp(4) has been corrected. For more details, see security advisory FreeBSD-SA-06:18.ppp.
An OpenSSL bug related to validation of PKCS#1 v1.5 signatures has been fixed. For more details, see security advisory FreeBSD-SA-06:19.openssl.
A potential denial of service attack against named(8) has been fixed. For more details, see security advisory FreeBSD-SA-06:20.bind.
Several programming errors have been fixed in gzip(1). They could have the effect of causing a crash or an infinite loop when decompressing files. More information can be found in security advisory FreeBSD-SA-06:21.gzip.
Several vulnerabilities have been fixed in OpenSSH. More details can be found in security advisory FreeBSD-SA-06:22.openssh.
Multiple errors in the OpenSSL crypto(3) library have been fixed. Potential effects are varied, and are documented in more detail in security advisory FreeBSD-SA-06:23.openssl.
A bug that could allow users in the operator group to read parts of kernel memory has been corrected. For more details, consult security advisory FreeBSD-SA-06:25.kmem.
A bug in gtar(1) has been fixed. Under certain circumstances, this bug could allow an attacker to overwrite files with the permissions of a user running gtar(1). More details on the exact impact of the bug, as well as workaround and patch information, can be found in security advisory FreeBSD-SA-06:26.gtar.
A bug in the jail startup script that could permit privilege escalation via a symlink attack has been fixed. More information is available in FreeBSD-SA-07:01.jail.
Two remote denials of service in BIND (one involving DNSSEC and one involving recursive DNS queries) have been fixed. For more information, see security advisory FreeBSD-SA-07:02.bind.
Multiple copies of a packet received via different bpf(4) listeners now all have identical timestamps.
The sysctl variables net.inet.ip.portrange.reservedhigh
and net.inet.ip.portrange.reservedlow can be used with IPv6
now.
BIND has been updated from 9.3.1 to 9.3.4.
netcat has been updated from the version in a 4 February 2005 OpenBSD snapshot to the version included in OpenBSD 3.9.
sendmail has been updated from 8.13.6 to 8.13.8.
The timezone database has been updated from the tzdata2006g release to the tzdata2006n release.
The supported version of the GNOME desktop environment (x11/gnome2) has been updated from 2.12.3 to 2.16.1.
The supported version of the KDE desktop environment (x11/kde3) has been updated from 3.5.1 to 3.5.3.
This file, and other release-related documents, can be downloaded from http://www.FreeBSD.org/snapshots/.
For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.
All users of FreeBSD 5-STABLE should subscribe to the <stable@FreeBSD.org> mailing list.
For questions about this documentation, e-mail <doc@FreeBSD.org>.