os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Regen after mention of capsicum enabled by default.

Browse source 
Sponsored by:	The FreeBSD Foundation
This commit is contained in:
Glen Barber 2014-01-21 07:02:44 +00:00
parent 84d7c8619b
commit 629b934929
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=43606
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
en_US.ISO8859-1/htdocs/releases/10.0R/relnotes.html
View file

@ -1,5 +1,5 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title>FreeBSD 10.0-RELEASE Release Notes</title><link rel="stylesheet" type="text/css" href="docbook.css" /><link rev="made" href="doc@FreeBSD.org" /><meta name="generator" content="DocBook XSL Stylesheets V1.78.1" /><meta name="description" content="The release notes for FreeBSD 10.0-RELEASE contain a summary of the changes made to the FreeBSD base system on the 10.0-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented." /></head><body><div class="article"><div xmlns="" class="titlepage"><div><div><h1 xmlns="http://www.w3.org/1999/xhtml" class="title"><a id="idp61503184"></a>FreeBSD 10.0-RELEASE Release Notes</h1></div><div><div xmlns="http://www.w3.org/1999/xhtml" class="author"><h3 class="author"><span class="orgname">The FreeBSD Project</span></h3></div></div><div><p xmlns="http://www.w3.org/1999/xhtml" class="copyright">Copyright © 2013-2014 The FreeBSD Documentation
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title>FreeBSD 10.0-RELEASE Release Notes</title><link rel="stylesheet" type="text/css" href="docbook.css" /><link rev="made" href="doc@FreeBSD.org" /><meta name="generator" content="DocBook XSL Stylesheets V1.78.1" /><meta name="description" content="The release notes for FreeBSD 10.0-RELEASE contain a summary of the changes made to the FreeBSD base system on the 10.0-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented." /></head><body><div class="article"><div xmlns="" class="titlepage"><div><div><h1 xmlns="http://www.w3.org/1999/xhtml" class="title"><a id="idp61445840"></a>FreeBSD 10.0-RELEASE Release Notes</h1></div><div><div xmlns="http://www.w3.org/1999/xhtml" class="author"><h3 class="author"><span class="orgname">The FreeBSD Project</span></h3></div></div><div><p xmlns="http://www.w3.org/1999/xhtml" class="copyright">Copyright © 2013-2014 The FreeBSD Documentation
Project</p></div><div><div xmlns="http://www.w3.org/1999/xhtml" class="legalnotice"><a id="trademarks"></a><p xmlns="http://www.w3.org/TR/xhtml1/transitional">FreeBSD is a registered trademark of
the FreeBSD Foundation. </p><p xmlns="http://www.w3.org/TR/xhtml1/transitional">IBM, AIX, OS/2,
PowerPC, PS/2, S/390, and ThinkPad are
@ -52,7 +52,9 @@
advisories available from
<a xmlns="http://www.w3.org/1999/xhtml" class="link" href="http://security.FreeBSD.org/" target="_top">FreeBSD
Security Information</a>. </p><div class="informaltable"><table border="0"><colgroup><col /><col /><col /></colgroup><thead><tr><th>Advisory</th><th>Date</th><th>Topic</th></tr></thead><tbody><tr><td><a class="link" href="http://www.freebsd.org/security/advisories/FreeBSD-SA-13:14.openssh.asc" target="_top">SA-13:14.openssh</a></td><td>19 November 2013</td><td><p xmlns="http://www.w3.org/TR/xhtml1/transitional">OpenSSH AES-GCM memory corruption
vulnerability </p></td></tr><tr><td><a class="link" href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:01.bsnmpd.asc" target="_top">SA-14:01.bsnmpd</a></td><td>14 January 2014</td><td><p xmlns="http://www.w3.org/TR/xhtml1/transitional">bsnmpd remote denial of service vulnerability </p></td></tr><tr><td><a class="link" href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:02.ntpd.asc" target="_top">SA-14:02.ntpd</a></td><td>14 January 2014</td><td><p xmlns="http://www.w3.org/TR/xhtml1/transitional">ntpd distributed reflection Denial of Service vulnerability </p></td></tr><tr><td><a class="link" href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:03.openssl.asc" target="_top">SA-14:03.openssl</a></td><td>14 January 2014</td><td><p xmlns="http://www.w3.org/TR/xhtml1/transitional">OpenSSL multiple vulnerabilities </p></td></tr><tr><td><a class="link" href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:04.bind.asc" target="_top">SA-14:04.bind</a></td><td>14 January 2014</td><td><p xmlns="http://www.w3.org/TR/xhtml1/transitional">BIND remote denial of service vulnerability </p></td></tr></tbody></table></div></div><div class="sect2"><div xmlns="" class="titlepage"><div><div><h3 xmlns="http://www.w3.org/1999/xhtml" class="title"><a id="kernel"></a>2.2. Kernel Changes</h3></div></div></div><p xmlns="http://www.w3.org/TR/xhtml1/transitional">The use of unmapped VMIO buffers
vulnerability </p></td></tr><tr><td><a class="link" href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:01.bsnmpd.asc" target="_top">SA-14:01.bsnmpd</a></td><td>14 January 2014</td><td><p xmlns="http://www.w3.org/TR/xhtml1/transitional">bsnmpd remote denial of service vulnerability </p></td></tr><tr><td><a class="link" href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:02.ntpd.asc" target="_top">SA-14:02.ntpd</a></td><td>14 January 2014</td><td><p xmlns="http://www.w3.org/TR/xhtml1/transitional">ntpd distributed reflection Denial of Service vulnerability </p></td></tr><tr><td><a class="link" href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:03.openssl.asc" target="_top">SA-14:03.openssl</a></td><td>14 January 2014</td><td><p xmlns="http://www.w3.org/TR/xhtml1/transitional">OpenSSL multiple vulnerabilities </p></td></tr><tr><td><a class="link" href="http://www.freebsd.org/security/advisories/FreeBSD-SA-14:04.bind.asc" target="_top">SA-14:04.bind</a></td><td>14 January 2014</td><td><p xmlns="http://www.w3.org/TR/xhtml1/transitional">BIND remote denial of service vulnerability </p></td></tr></tbody></table></div></div><div class="sect2"><div xmlns="" class="titlepage"><div><div><h3 xmlns="http://www.w3.org/1999/xhtml" class="title"><a id="kernel"></a>2.2. Kernel Changes</h3></div></div></div><p xmlns="http://www.w3.org/TR/xhtml1/transitional">Capsicum has been enabled in the kernel by default, allowing
sandboxing of several programs that work within the
<span xmlns="http://www.w3.org/1999/xhtml" class="quote">&#8220;<span class="quote">capabilities mode</span>&#8221;</span>. </p><p xmlns="http://www.w3.org/TR/xhtml1/transitional">The use of unmapped VMIO buffers
eliminates the need to perform TLB shootdown for mapping on
buffer creation and reuse, greatly reducing the amount of IPIs
for shootdown on big-SMP machines and eliminating up to 25-30%