FreeBSD 11.0 lands, with security fixes to FreeBSD 11.0
Bootleggers, don't ignore the official version
If you were one of the sharp-eyed users who downloaded FreeBSD 11.0 from the project's FTP servers before official release, it's time to upgrade again. The release version has landed and it's not the same as the bootleg.
As Glen Barber posted at the end of September, “the final 11.0-RELEASE will be rebuilt and republished on the Project mirrors as a result of a few last-minute security fixes we feel are imperative to include in the final release.”
Since the FreeBSD-announce list shows fixes to OpenSSL, BIND, Bspatch, Portsnap and Libarchive since the beginning of October, the advice is serious.
There's also OpenSSH security patches, with DSA (Digital Signature Algorithm) key generation disabled, and the OpenSSH Protocol 1 removed. The release notes remind users to update their keys before they upgrade.
Also in the final FreeBSD 11.0 is support for 802.11n (party like it's 2012!) is an expanded driver set for 802.11n devices* along with a bunch of new wireless hardware drivers, and the version adds support for arm64.
FreeBSD 11.0 also implements the unpopular Federal Communications Commission (FCC) regulation limiting what users can do with their Wi-Fi interfaces.
“By default, the ifconfig utility will set the default regulatory domain to FCC on wireless interfaces. As a result, newly created wireless interfaces with default settings will have less chance to violate country-specific regulations”, the release notes state, which will undoubtedly please users who aren't in the USA.
The hypervisor (bhyve) gets native graphics support, svnlite is updated to version 1.9.4, and NetBSD's libblacklist is ported to FreeBSD.
The release is here. ®
*Edit: Correction - the release notes, which we wrote up here, were meant to say "802.11n drivers for a number of chipsets". The 802.11n standard has been supported since FreeBSD 9. ®