FreeBSD is an open source operating system.
It was recently announced release of the new version of FreeBSD 13.3 and this release highlights a large number of improvements, features and minor changes that improve the stability of the system, as well as to offer support and performance improvements.
One of the key areas of focus in FreeBSD 13.3 has been security, as several critical security fixes have been implemented, including updates to the libtacplus library as it has been improved so that tacplus.conf now follows POSIX shell syntax rules. Additionally, programs like login now allow configuration of process priority from specific configuration files, adding an additional layer of security control for users.
The user experience has also received significant improvements, as the configuration file and reported security output changes have been optimized to reduce unrelated content and improve readability. Besides, powerd daemon has been updated to be enabled by default in /etc/rc.conf in the arm64 image for Raspberry Pi systems, allowing for optimal performance based on system needs.
In addition to this, the library expat has been updated to version 2.6.0, while security fixes have been applied to the Heimdal library to mitigate vulnerabilities in the Kerberos Key Distribution Center. Additionally, the LLVM and clang compiler have been updated to version 17.0.6, ensuring more efficient and secure development on the platform.
Improved stability of drivers for wireless devices, including drivers run through the linuxkpi layer, allowing the use of Linux drivers on FreeBSD. Additionally, updated iwlwifi and rtw88 drivers for Intel and Realtek wireless cards, implemented the ability to run a Jailed NFS server with an isolated vnet environment, including a new “syskrb5” mount option to mount NFSv4.1/ 4.2 Kerberized without specifying Kerberos credentials.
Another change that stands out in FreeBSD 13.3 is in the Kernel in which the introduction to kernel programming interfaces has been completely rewritten, which improves system stability and compatibility. In addition, improvements have been made to hardware support, such as support for multiple PCI MCFG regions on x86 systems, which expands the configuration and use possibilities of peripheral devices.
On the storage front, improvements have been made to the ZFS file system, which has been updated to version 2.1.14. This brings improvements to storage management and system reliability with improvements such as zfsd to designate disks as failed in case of excessive I/O latency events.
Hardware support has been expanded for GVE (Google Virtual NIC) virtual network adapters, making it easier to integrate and use virtual network devices. Additionally, plans have been released for future versions of FreeBSD, including phasing out support for 32-bit platforms in favor of more modern and efficient architectures.
Of the other changes that stand out:
- Updated Clang compiler and LLVM toolkit to branch 17.
- Added the ability to specify the umask value for individual services in rc.conf using the "servicename_umask" variables.
- Implemented the ability to specify the priorities of programs that use the setusercontext call in ~/.login_conf or login.conf, such as the login process.
- Added the ability to set flags for the diff utility, which is started when the periodic utility reports changes.
- The head and tail utilities now support the -q (quiet) and -v (verbose) options, as well as the ability to use C units in numeric arguments.
- Included was the objdump utility developed by the LLVM project.
- Added "-S" option to tftpd, allowing writing to files in a chroot environment that are not publicly writable.
- Statistics related to the vnode file system and debugging are grouped into the vfs.vnode sysctl series.
- By default, support for RFC 4620 (IPv6 node information, host information request) is disabled.
- The pf packet filter implements the ability to apply packet redirection rules (rdr) sent by the current host and delivered locally.
Finally, if you are interested in learning more about it, you can consult the details in the following link