1 This file documents some of the problems you may encounter when upgrading
2 your ports. We try our best to minimize these disruptions, but sometimes
5 You should get into the habit of checking this file for changes each time
6 you update your ports collection, before attempting any port upgrades.
9 AFFECTS: users of security/libressl-devel
10 AUTHOR: brnrd@FreeBSD.org
12 The version 2.5.1 bumps the libcrypto, libssl and libtls shared library
13 versions. You will have to rebuild all packages that depend on
14 libressl-devel. Check the 20160811 libressl entry for more detailed
15 guidance on rebuilding.
18 AFFECTS: users of www/uwsgi
19 AUTHOR: feld@FreeBSD.org
21 The previous disruptive changes to uwsgi for security have been remediated
22 through creation of a dedicated uwsgi user/group and utilizing the
23 uwsgi feature to set socket ownership. The uwsgi daemon by default now
24 has the following properties:
26 * Process runs as uwsgi user and group (UID/GID 165)
27 * Socket mode is 660, still protecting unauthorized access from "other"
28 * Socket ownership is www:www, restoring compatibility
31 AFFECTS: users of devel/ice, devel/py-ice, devel/php5-ice
32 AUTHOR: grembo@FreeBSD.org
34 Since __WORDSIZE as defined by <stdint.h> always reports 32 when using
35 C++98/03 (unless __STDC_LIMIT_MACROS is set explictly), Ice 3.6.3 used
36 "long long" for Int64 instead of "long" on 64-bit platforms by mistake.
37 A workaround has been added in version 3.6.3_2 of these three ports,
38 requiring to upgrade all of them at the same time and to rebuild all
39 custom code that links against them.
42 AFFECTS: users of multimedia/motion
43 AUTHOR: jhale@FreeBSD.org
45 Version 3.x expected the configuration files to reside in:
47 Version 4.x expects the configuration files to reside in:
48 ${LOCALBASE}/etc/motion
49 This was unfortunately overlooked when the port was updated to 4.x, but it
50 has now been fixed to install the default configuration file in the new
51 location. The rc script now checks for motion.conf in the new location.
53 While you may be able to simply copy your old motion.conf to the new location,
54 it is recommended to review ${LOCALBASE}/etc/motion/motion.conf and make
55 changes to it based on your old ${LOCALBASE}/etc/motion.conf as some options
56 have been added and removed.
58 Further, if you use motion with multiple cameras and have
59 ${LOCALBASE}/etc/thread[0-9].conf files, they should be moved to
60 ${LOCALBASE}/etc/motion as well. These files are deprecated and should be
61 renamed to camera[0-9].conf and in motion.conf, lines like:
62 thread /usr/local/etc/thread1.conf
63 Should be converted to:
64 camera /usr/local/etc/motion/camera1.conf
67 AFFECTS: users of www/uwsgi
68 AUTHOR: feld@FreeBSD.org
70 The default socket mode for uwsgi as 777 is a severe security concern.
71 This has been remediated by changing the rc script to default to 600.
72 The mode is configurable with rc.conf values: uwsgi_socket_mode="600"
73 or for a profile named "www", uwsgi_www_socket_mode="600".
76 AFFECTS: users of security/tinc
77 AUTHOR: dinoex@FreeBSD.org
79 this version of tinc requires all nodes in the VPN to be linked with a
80 version of OpenSSL or LibreSSL that supports the AES256 and SHA256
85 AFFECTS: users of databases/mysql56-server
86 AUTHOR: feld@FreeBSD.org
88 databases/mysql56-server was updated to 5.6.35 which included backported
89 rc script changes from the mysql57-server port. This broke mysql_optfile in
90 rc.conf and also forced a sample my.cnf if none existed. MySQL has
91 some parameters which cannot be changed after a database has been
92 created, so this caused MySQL to fail to start.
94 This change was reverted in mysql56-server-5.6.35_1
96 An additional change was made in mysql56-server-5.6.35_2 to prevent
97 automatic loading of a sample my.cnf which was causing issues for
98 users who were running without a my.cnf.
101 AFFECTS: users of EoL'ed FreeBSD versions (<10.3, 11 prior to 11.0)
102 AUTHOR: amdmi3@FreeBSD.org
104 The ports system will now refuse to build anything if it's run on
105 outdated system version. This protects users from unexpected build
106 failures after code to support EoL'ed systems is removed from the
107 tree. You may define ALLOW_UNSUPPORTED_SYSTEM to override this and
108 allow builds, but no support will be provided in case of failures.
111 AFFECTS: users of java/wildfly10
112 AUTHOR: olgeni@FreeBSD.org
114 The java/wildfly10 port has been updated to 10.1.0. To complete the
115 migration you must copy your existing configuration (directories
116 "appclient", "standalone", and "domain") from /usr/local/wildfly-10.0.0
117 to /usr/local/wildfly10.
120 AFFECTS: users of net-mgmt/librenms
121 AUTHOR: dvl@FreeBSD.org
123 The following is recommended for /var/db/mysql/my.cnf
125 NOTE: these are global settings. Please read this first:
127 http://dev.mysql.com/doc/refman/5.7/en/sql-mode.html
130 innodb_file_per_table=1
134 AFFECTS: users of lang/ruby22
135 AUTHOR: swills@FreeBSD.org
137 The default ruby version has been updated from 2.2 to 2.3.
139 If you compile your own ports you may keep 2.2 as the default version by
140 adding the following lines to your /etc/make.conf file:
143 # Keep ruby 2.2 as default version
145 DEFAULT_VERSIONS+=ruby=2.2
147 If you wish to update to the new default version, you need to first stop any
148 software that uses ruby. Then, you will need to follow these steps, depending
149 upon how you manage your system.
151 If you use pkgng, simply upgrade:
154 If you use portmaster, install new ruby, then rebuild all ports that depend
156 # portmaster -o lang/ruby23 lang/ruby22
157 # portmaster -R -r ruby-2.3
159 If you use portupgrade, install new ruby, then rebuild all ports that depend
162 # pkg delete -f ruby portupgrade
163 # make -C /usr/ports/ports-mgmt/portupgrade install clean
164 # pkg set -o lang/ruby22:lang/ruby23
165 # portupgrade -x ruby-2.3.\* -fr lang/ruby23
168 AFFECTS: multimedia/ffmpeg
169 AUTHOR: jbeich@FreeBSD.org
171 OPTIMIZED_CFLAGS switched to only use vendor optimizations which
172 means -ffast-math -fno-finite-math-only are no longer applied. If
173 you did like the former behavior consider adding
175 # multimedia/ffmpeg/Makefile.local
176 OPTIMIZED_CFLAGS_CFLAGS += -ffast-math -fno-finite-math-only
181 .if ${.CURDIR:M*/multimedia/ffmpeg}
182 CFLAGS += -ffast-math -fno-finite-math-only
186 AFFECTS: users of x11/xfce4-terminal
187 AUTHOR: olivierd@FreeBSD.org
189 The port has been updated to the latest stable version 0.8.2.
190 Please, don't active the hidden 'MiscSlimTabs' option in
191 ~/.config/xfce4/terminal/terminalrc, it requires Gtk+ > 3.20.
194 AFFECTS: users of multimedia/mlt
195 AUTHOR: avilla@FreeBSD.org
197 MLT Qt plugins have been moved to their own ports, mlt-qt4 and
198 mlt-qt5. Please, uninstall multimedia/mlt before you update:
203 AFFECTS: users of security/openvpn, security/openvpn-polarssl
204 AUTHOR: Matthias Andree <mandree@FreeBSD.org>
206 The OpenVPN ports have been updated to the new upstream release v2.4,
207 and their predecessors preserved as openvpn23 and openvpn23-polarssl,
208 respectively. Note that for the new v2.4 release, the
209 openvpn-polarssl port has been renamed to openvpn-mbedtls to match the
210 upstream library's new name.
213 AFFECTS: users of www/nghttp2
214 AUTHOR: sunpoet@FreeBSD.org
216 nghttp2 has been split into 2 ports: www/libnghttp2 for core library and
217 www/nghttp2 for the rest. Please uninstall nghttp2 before you update
221 AFFECTS: mail/thunderbird, www/seamonkey
222 AUTHOR: gecko@FreeBSD.org
224 ENIGMAIL is no longer provided as part of the ports after upstream
225 dropped binary components in 1.9. Go to Tools -> Add-ons Manager
226 then type "enigmail" in the search box to install.
229 AFFECTS: users of devel/skalibs, lang/execline, sysutils/s6
230 AUTHOR: Colin Booth <colin-ports@heliocat.net>
232 skalibs has undergone a major version bump and compatibility is not
233 guaranteed for software with a runtime dependency on
234 libskarnet.so.2.3.9.0. This will not affect lang/execline or
235 sysutils/s6 as those are statically linked against libskarnet.a.
237 execline has undergone a major version bump and compatibility is not
238 guaranteed for software with a runtime dependency on
239 libexecline.so.2.1.4.5. This will not affect sysutils/s6 as all s6
240 programs are statically linked against libexecline.a.
242 s6 has undergone a major version bump and compatibility is not
243 guaranteed for software with a runtime dependency on
244 libs6.so.2.2.4.3. Additionally, s6-applyuidgid and s6-setuidgid
245 have moved from $PREFIX/sbin to $PREFIX/bin. Any scripts calling
246 those utilities that are not relying on $PATH resolution to find
247 them will need to be rewritten.
250 AFFECTS: users of www/node
251 AUTHOR: bradleythughes@fastmail.fm
253 The www/node port has been updated to node.js v7.2.0, the latest
254 upstream release. A new port, www/node6, has been created for the
255 v6.x LTS branch. Users wanting to stay on v6.x can replace www/node
256 with www/node6 with one of the following commands:
258 # pkg set -o www/node:www/node6
260 # portmaster -o www/node6 www/node
262 # portupgrade -o www/node6 www/node
265 AFFECTS: Users of textproc/p5-Search-Elasticsearch
266 AUTHOR: tj@FreeBSD.org
268 As of the 5.01 release of ths package, the client libraries for older
269 versions of Elasticsearch have started to be shipped seperately. If you are
270 using this library to access a none 5.X server you will need to install one of
271 the textproc/p5-Search-Elasticsearch-Client-* ports.
274 AFFECTS: Users of security/gpgme-*
275 AUTHOR: jhale@FreeBSD.org
277 Gpgme has been updated to 1.8.0.
278 With it comes the removal of libgpgme-pthread.so in favor of using
279 libgpgme.so itself as the thread-safe library. Ports that may have
280 linked to -lgpgme-pthread will now just link to -lgpgme. PORTREVISION
281 has been bumped on all ports with a dependency on security/gpgme.
283 The Python module provided by security/py-gpgme has been renamed
284 from pyme3 to gpg, as well.
289 portupgrade -fr security/gpgme
292 AFFECTS: Users of graphics/tiff
293 AUTHOR: antoine@FreeBSD.org
295 The tiff port was updated to 4.0.7.
296 The following tools are removed from this release: bmp2tiff, gif2tiff, ras2tiff, rgb2ycbcr and thumbnail.
299 AFFECTS: Users of sysutils/bareos-*
300 AUTHOR: rand@iteris.com
302 Bareos v1.6.x changed the configuration scheme, from one configuration
303 file per Bareos component (file daemon, storage daemon, and director)
304 to several configuration files, in several directories, for each
305 component. See http://doc.bareos.org/master/html/bareos-manual-main-reference.html
307 The new scheme will use all files named *.conf in the directory
308 hierarchies for each component:
310 /usr/local/etc/bareos/bareos-dir.d/
311 /usr/local/etc/bareos/bareos-fd.d/
312 /usr/local/etc/bareos/bareos-sd.d/
314 To retain the old configuration scheme of one file per component add
315 appropriate lines such as these to your /etc/rc.conf:
317 bareos_dir_config="/usr/local/etc/bareos/bareos-dir.conf"
318 bareos_fd_config="/usr/local/etc/bareos/bareos-fd.conf"
319 bareos_sd_config="/usr/local/etc/bareos/bareos-sd.conf"
322 AFFECTS: users of devel/libosinfo
323 AUTHOR: novel@FreeBSD.org
325 The libosinfo port was separated into three different ports
326 to follow the upstream split:
328 - sysutils/osinfo-db-tools: contains the CLI tools
329 - misc/osinfo-db: contains database with OS data
330 - devel/libosinfo: the library
332 As osinfo-db-tools now ships binaries that previously were
333 part of libosinfo, it's required to delete the old libosinfo
334 package to prevent conflict because of same files installation:
336 # pkg delete libosinfo
338 And then install the new version.
341 AFFECTS: users of security/heimdal
342 AUTHOR: hrs@FreeBSD.org
344 Heimdal in the base system and security/heimdal <= 1.5.3_6 use
345 Berkeley DB to store principals into /var/heimdal/heimdal.db and
346 the database format is version 3 by default. On the other hand,
347 security/heimdal 1.5.3_7 or newer use the newer version of
348 Berkeley DB and the database format is version 9.
349 These two versions are not compatible with each other. If there is
350 a mismatch between Heimdal utilities and its database format,
351 you will get an error like the following:
353 # /usr/local/sbin/kadmin -l dump
354 BDB0641 __db_meta_setup: /var/heimdal/heimdal.db: unexpected file type or format
355 kadmin: hdb_open: opening /var/heimdal/heimdal: Invalid argument
357 This mismatch can occur in the following three cases:
359 1. You used Heimdal in the base system and switch to use security/heimdal
360 after creating /var/db/heimdal.db.
362 2. You used security/heimdal >= 1.5.3_7 and switch to use one in the
365 3. You used security/heimdal < 1.5.3_7 and upgrade it to 1.5.3_7 or later.
367 To fix this mismatch, you need to dump contents of heimdal.db and
368 rebuild the database by using kadmin(8) utility.
370 If you use Heimdal in the base system or older versions of
371 security/heimdal, and plan to switch to use
372 security/heimdal >= 1.5.3_7, execute the following command
373 *after* creating a backup copy of /var/heimdal and installing
376 # /usr/bin/kadmin -l dump /var/heimdal/heimdal.db.dump
377 # rm /var/heimdal/heimdal.db
378 # /usr/local/sbin/kadmin -l load /var/heimdal/heimdal.db.dump
379 # rm /var/heimdal/heimdal.db.dump
381 The above example assumes security/heimdal is installed into
382 /usr/local. If your base system is compiled with WITHOUT_KERBEROS
383 use the following instead:
385 # db_dump185-5 /var/heimdal/heimdal.db | db_load-5 /var/heimdal/heimdal.db.new
386 # chown 0600 /var/heimdal/heimdal.db.new
387 # mv /var/heimdal/heimdal.db.new /var/heimdal/heimdal.db
389 db_dump and db_load utilitites are installed by database/db5 as
390 dependency of security/heimdal.
392 If you want to switch from security/heimdal to Heimdal in the base
393 system, use the following:
395 # /usr/local/sbin/kadmin -l dump /var/heimdal/heimdal.db.dump
396 # rm /var/heimdal/heimdal.db
397 # /usr/bin/kadmin -l load /var/heimdal/heimdal.db.dump
398 # rm /var/heimdal/heimdal.db.dump
401 AFFECTS: users of security/heimdal
402 AUTHOR: hrs@FreeBSD.org
404 kadmin(8) in heimdal-1.5.3_5 and prior did not create a database
405 in /var/heimdal in Berkeley DB format which kdc(8) required. This
406 problem has been fixed in heimdal-1.5.3_6.
409 AFFECTS: users of mail/mu4e and mail/mu4e-maildirs
410 AUTHOR: hrs@FreeBSD.org
412 The package name of mail/mu4e* have been changed from mu4e* to
413 mu4e*-emacsNN. When upgrading the older versions, this change can
414 cause the following error which prevents it from upgrading:
416 pkg-static: mu4e-emacs25-0.9.16 conflicts with mu4e-0.9.16 (installs files into the same place).
418 If this error occurs, please remove the old packages by using
419 "pkg delete" manually:
421 # pkg delete mu4e-0.9.16 mu4e-maildirs-0.8.20160126_1
424 AFFECTS: users of lang/perl5*
425 AUTHOR: mat@FreeBSD.org
427 The default Perl version has been switched to Perl 5.24. If you are using
428 binary packages to upgrade your system, you do not have anything to do, pkg
429 upgrade will do the right thing. For the other people, assuming you are
430 migrating from 5.20 to 5.24, do:
432 First, add to /etc/make.conf:
434 DEFAULT_VERSIONS+= perl5=5.24
437 portupgrade -o lang/perl5.24 -f lang/perl5.20
439 You can now remove the DEFAULT_VERSIONS line added earlier
442 Then you will need to rebuild everything that uses libperl.so, you
445 portupgrade -f `pkg shlib -qR libperl.so.5.20`
448 portmaster -o lang/perl5.24 lang/perl5.20
450 You can now remove the DEFAULT_VERSIONS line added earlier
453 Then you will need to rebuild everything that uses libperl.so, you
456 portmaster -f `pkg shlib -qR libperl.so.5.20`
459 AFFECTS: users of security/acme-client
460 AUTHOR: brnrd@FreeBSD.org
462 The default configuration paths have changed from 'letsencrypt' to
463 'acme'. Rename the directories used accordingly
465 mv /usr/local/etc/letsencrypt /usr/local/etc/acme
466 mv /usr/local/etc/ssl/letsencrypt /usr/local/etc/ssl/acme
467 mv /usr/local/www/letsencrypt /usr/local/www/acme
469 Check your scripts to ensure proper operation.
472 AFFECTS: users of mail/squirrelmail
473 AUTHOR: adamw@FreeBSD.org
475 For better php70 support, the squirrelmail port has switched from
476 PEAR database access to PDO. If you are using squirrelmail with
477 a database backend, you'll need to install a corresponding PDO
478 database module, such as php56-pdo_sqlite.
481 AFFECTS: users of security/srm
482 AUTHOR: rakuco@FreeBSD.org
484 srm has been updated from 1.2.12 to 1.2.15. Since version 1.2.14,
485 srm defaults to using its "simple" mode to overwrite files (one pass
486 writing 0x00 to the files) instead of the 35-pass Gutmann method.
489 AFFECTS: users of irc/quassel
490 AUTHOR: woodsb02@freebsd.org
492 Quassel is now split into two ports / packages; one for providing
493 the server backend (irc/quassel-core), and one for providing the
494 client front-end (irc/quassel). Alternatively, the irc/quassel
495 port can be built with the MONO option enabled to also install
496 the client and server combined into a single monolithic binary.
499 AFFECTS: users of security/openssl and security/openssl-devel
500 AUTHOR: brnrd@freebsd.org
502 The shared library versions of OpenSSL have been bumped to avoid
503 issues with ports' and base's OpenSSL not being binary compatible.
505 Please rebuild all ports that depend on OpenSSL if you use OpenSSL
508 If you use portmaster:
509 portmaster -r openssl
510 If you use portupgrade:
511 portupgrade -fr security/openssl
514 AFFECTS: users of net-p2p/deluge
515 AUTHOR: rm@FreeBSD.org
517 Deluge port has been split out onto CLI part and GUI part. So if user
518 only needs deluged, net-p2p/deluge-cli should be installed. For full
519 deluge installation, including GTK+ GUI client, net-p2p/deluge should
520 be installed as a usual.
522 Old deluge package should be removed manually first:
526 After that install preferred deluge package as usual.
529 AFFECTS: users of x11/xfce4-terminal
530 AUTHOR: olivierd@FreeBSD.org
532 The port has been updated to the latest stable version 0.8.0.
533 A warning appears each time we open new tab:
535 Gtk-WARNING **: gtk_widget_size_allocate(): attempt to allocate
538 This issue will disappear with Gtk > 3.21.
541 AFFECTS: users of lang/python3
542 AUTHOR: antoine@FreeBSD.org
544 The default version of python3 has changed from 3.4 to 3.5.
545 If you wish to stick with older version, add "python3=3.4" to your
546 DEFAULT_VERSIONS variable in /etc/make.conf. To upgrade:
548 If using portupgrade:
549 # portupgrade -o lang/python35 lang/python34
552 # portmaster -o lang/python35 lang/python34
555 AFFECTS: Users of net-im/ejabberd
556 AUTHOR: ashish@FreeBSD.org
558 Before upgrading ejabberd to 16.09, please make sure to backup your
561 % sudo -u ejabberd -H ejabberdctl backup /path/to/backup/file
563 In some cases, ejabberd may fail to start, for which a workaround is to
564 remove the schema.DAT file from /var/spool/ejabberd before starting, and
565 then restoring everything from the backup using:
567 % sudo -u ejabberd -H ejabberdctl restore /path/to/backup/file
571 https://github.com/processone/ejabberd/issues/1305
574 AFFECTS: Users of audio/squeezeboxserver (now audio/logitechmediaserver)
575 AUTHOR: woodsb02@FreeBSD.org
577 With the rename of the audio/squeezeboxserver port to
578 audio/logitechmediaserver, the server and database are now installed in
579 different locations by default (/usr/local/share/logitechmediaserver and
580 /var/db/logitechmediaserver respectively).
582 If you were an existing user of audio/squeezeboxserver, you should
583 consider backing up you server configuration files and database before
584 upgrading to audio/logitechmediaserver. If you wish to override the
585 default locations for storing the server and database, you can set the
586 SLIMDIR and SLIMDBDIR variables in your /etc/make.conf when building
587 the audio/logitechmediaserver port.
590 AFFECTS: mail/roundcube-carddav
591 AUTHOR: gahr@FreeBSD.org
593 There is no upgrade path from the 1.0 version. You'll need to:
595 1. Log off from Roundcube.
596 2. Manually drop all carddav_* tables from your db backend.
597 3. Upgrade the mail/roundcube-carddav port.
599 The new tables will be created upon login. The CardDAV plugin will need to be
602 If you are running php < 7.0.0, you'll need to set the plugin option:
603 $prefs['_GLOBAL']['suppress_version_warning'] = true;
605 See https://github.com/blind-coder/rcmcarddav/issues/165 for details.
608 AFFECTS: emulators/ppsspp
609 AUTHOR: jbeich@FreeBSD.org
611 Qt* GUI was split into separate ports:
617 AFFECTS: sysutils/android-file-transfer
618 AUTHOR: jbeich@FreeBSD.org
620 Qt* GUI was split into separate ports:
622 sysutils/android-file-transfer-qt4
623 sysutils/android-file-transfer-qt5
626 AFFECTS: users of databases/pglogical, databases/pglogical-output
627 AUTHOR: matthew@FreeBSD.org
629 As of version 1.2.0, databases/pglogical-output has been merged into
630 databases/pglogical. portmaster or portupgrade users should delete
631 pglogical-output manually before upgrading.
634 AFFECTS: users of mail/sieve-connect
635 AUTHOR: alexey@renatasystems.org
637 Version 0.88 contains two breaking changes:
638 1. If the Sieve server does not offer STARTTLS, then connections should now
640 2. When deriving a remote script name from the local filename, use the
641 basename and strip off directories.
643 For additional information see:
644 http://mail.globnix.net/pipermail/sieve-connect-announce/2016/000012.html
647 AFFECTS: users of net/vtun
648 AUTHOR: cy@FreeBSD.org
650 The VTUN_EXTENDED_MODE option has been replaced by -e command line
654 AFFECTS: users of www/nginx-devel
655 AUTHOR: osa@FreeBSD.org
657 Nginx now creates logs under /var/log/nginx/ and changes default log
658 names from "nginx-access.log" and "nginx-error.log" to "access.log" and
659 "error.log" respectively. This is important for the error log because
660 the location is encoded and touched by nginx during startup regardless
661 of the configured location for the error log.
663 See http://trac.nginx.org/nginx/ticket/147 for additional information
667 AFFECTS: users of deskutils/xfce4-volumed-pulse
668 AUTHOR: olivierd@FreeBSD.org
670 The port has been updated to the latest stable version 0.2.2.
671 Support of xfce4-mixer has been removed, so you can delete
672 its properties with the following command:
674 xfconf-query -c xfce4-mixer -p / -rR
677 AFFECTS: users of security/letsencrypt.sh
678 AUTHOR: riggs@FreeBSD.org
680 The config filename has been changed upstream from "config.sh"
681 to "config". Users must rename the current config file manually.
682 In addition, the default WELLKNOWN location has been changed to
683 %%PREFIX%%/www/letsencrypt. In order to use the previous default
684 location, the config file must be updated manually as well.
687 AFFECTS: users of math/galculator
688 AUTHOR: woodsb02@FreeBSD.org
690 galculator now uses GTK3 by default. An option exists in the port to revert
694 AFFECTS: uses of www/nginx
695 AUTHOR: marino@FreeBSD.org
697 Nginx now creates logs under /var/log/nginx/ and changes default log
698 names from "nginx-access.log" and "nginx-error.log" to "access.log" and
699 "error.log" respectively. This is important for the error log because
700 the location is encoded and touched by nginx during startup regardless
701 of the configured location for the error log.
703 See http://trac.nginx.org/nginx/ticket/147 for additional information
707 AFFECTS: users of databases/postgresql96-server
708 AUTHOR: girgen@FreeBSD.org
710 The default unix user used by the PostgreSQL daemon has changed to
711 `postgres' to reflect the long time upstream's convention. Any scripts
712 you have using the old `pgsql' unix user should be modified when upgrading to
713 PostgreSQL version 9.6. Older versions of PostgreSQL will continue using
714 `pgsql' until their end-of-life.
716 For users with UTF-8 locales in the database: The ICU patch is *activated by
717 default* for the PostgreSQL-9.6 server. For previous versions it was optional
718 and default off, but this has changed. Please read the entry here below from
719 20160811 and understand the consequences of changing between ICU and system
720 locale for database collation (short version: don't). pg_upgrade requires the
721 collation method to be the same (or a reindex), while pg_dump/restore does not.
723 Also, the default home directory for the postgres user is now
724 /var/db/postgres, and the default data directory for PostgreSQL 9.6 is
725 /var/db/postgres/data96.
728 AFFECTS: users of x11/nvidia-driver
729 AUTHOR: cem@FreeBSD.org
731 The NVidia driver has been updated to version 367.35. Starting with
732 version 358.09, new kernel module was added, nvidia-modeset.ko. This
733 new driver component works in conjunction with the nvidia.ko kernel
734 module to program the display engine of the GPU.
736 Users that experience hangs when starting X11 server, or observe
738 (II) NVIDIA(0): Validated MetaModes:
739 (II) NVIDIA(0): "NULL"
741 messages in their /var/log/Xorg.0.log file should replace ``nvidia''
742 with ``nvidia-modeset'' in /boot/loader.conf or /etc/rc.conf files,
743 depending on how they prefer to load NVidia driver kernel module.
746 AFFECTS: users of security/sshguard
747 AUTHOR: feld@FreeBSD.org
749 Sshguard has been updated to 1.7.0. There have been several changes to
750 this release. Notably the hosts and ipfilter backends are no longer
751 supported. If you need these backends to be supported and you missed
752 the survey sent out by upstream I urge you to contact upstream.
754 The hosts backend was previously served by security/sshguard directly.
755 The additional backends were slave ports with package name suffixes. I
756 have opted to keep the master/slave port relationship but not choose a
757 specific backend for security/sshguard. Instead it is now a metaport
758 which will prompt you for which backend you prefer. If no backend is
759 configured it will depend on security/sshguard-ipfw, which is the
760 native FreeBSD firewall. This my be surprising to users who depended
761 on security/sshguard which only provided hosts/TCP Wrappers blocking,
762 but there is no replacement at this time.
764 I would also like to document that sshguard no longer accepts the -e
765 argument which allowed external scripts to run when sshguard finds a
766 match. As a result the null backend can no longer be used to create
767 custom blocking functionality; it only serves as a detection backend.
769 If the removed backends return due to user demand they will be added
770 as slave ports for consistency. I apologize for any inconvenience and
771 lack of notice on the deprecation of these features.
774 AFFECTS: users of mail/rspamd*
775 AUTHOR: vsevolod@FreeBSD.org
777 Rspamd users should update Rspamd to 1.3.3 version as soon as possible
778 and ensure that '/usr/local/etc/rspamd/module.d/fuzzy_check.conf` has
779 the line `algorithm = "mumhash";` for the "rspamd.com" rule. The more
780 detailed information could be found on
781 https://rspamd.com/announce/2016/08/15/rspamd-1.3.3.html
784 AFFECTS: users of dns/powerdns*
785 AUTHOR: junovitch@FreeBSD.org
787 PowerDNS Authoritative Server and Recursor 4.0.0+ introduce significant
788 changes to the configuration files, which need to be handled before
789 restarting the services. As from the Recursor changelog, "The Lua hook
790 infrastructure was redone using LuaWrapper; old scripts will no longer
791 work, but new scripts are easier to write under the new interface."
794 AFFECTS: users of security/libressl
795 AUTHOR: brnrd@FreeBSD.org
797 The port has been updated to the latest stable version 2.4 of LibreSSL.
798 The shared library versions of the libraries have been bumped.
799 With this update, the patch for the OPENSSL_VERSION_NUMBER has been
800 removed. This causes issues with a number of ports. Patches for all
801 ports for which this issues is known can be found on
802 https://wiki.freebsd.org/LibreSSL/Ports#OPENSSL_VERSION_NUMBER
804 After upgrading, manually update all packages that depend on any of the
805 libraries provided by LibreSSL (libssl, libcrypto and libtls) since the
806 versions of these libraries have changed. Normally, you can obtain the
807 list of dependent software by running the following command:
809 # pkg info -r libressl
811 Then you should rebuild all ports depending on libressl to avoid dangling
812 shared library dependencies. Poudriere and pkg handle this correctly,
813 portmaster and portupgrade users can use the following to rebuild all
817 portmaster -r libressl
819 portupgrade -fr security/libressl
822 AFFECTS: users of databases/postgresqlNN-server with ICU patch
823 AUTHOR: girgen@FreeBSD.org
825 The ICU patch is added to the PostgreSQL-9.5 server. Please note that you
826 must never change between using the ICU patch and using system locale for
827 the same database cluster without REINDEXing all TEXT/VARCHAR columns, or
828 dump and restore your database. Failing to do so will result in corrupted
829 indexes due to the differences between the locale definitions. ICU will
830 always be the better choice for speed and correctness.
832 Also, the ICU patch used to support other Unicode encodings than UTF-8,
833 but that has been removed due to lack of demand and the complicated testing
834 required. If you use another Unicode encoding and rely on ICU for collation,
835 please refrain from upgrading the postgresql server and instead contact the
839 AFFECTS: users of emulators/virtualbox-ose
840 AUTHOR: jkim@FreeBSD.org
842 VirtualBox has been updated to 5.0.26 and it is incompatible with old
843 kernel modules. You should upgrade emulators/virtualbox-ose-kmod and
844 load new kernel modules before starting new version, e.g.,
846 # service vboxnet restart
849 AFFECTS: users of games/stonesoup-*
850 AUTHOR: lifanov@mail.lifanov.com
852 The WIZARD option has been renamed to NOWIZARD and is now an opt-out to
853 better reflect the upstream. If you run a shared game server and would
854 like the Wizard mode support disabled, please update port options.
857 AFFECTS: users of www/awstats
858 AUTHOR: adamw@FreeBSD.org
860 The directory containing icons has changed from ".../icons" to ".../icon".
861 awstats has, in its suggested configuration file, contained an alias
862 from /awstatsicons. After applying the awstats-7.5 update, you must
863 update that alias to point to /usr/local/www/awstats/icon (just remove
867 AFFECTS: users of sysutils/screen
868 AUTHOR: cy@FreeBSD.org
870 GNU Screen was updated to version 4.4.0 (r417201). Note that there was
871 fix to screen message structure field responsible for $TERM handling,
872 making it impossible to attach to older versions.
875 AFFECTS: users of databases/mysql57-*
876 AUTHOR: riggs@FreeBSD.org
878 The default location for my.cnf has changed from "/var/db/mysql/my.cnf"
879 to "/usr/local/etc/mysql/my.cnf". Existing my.cnf files must be merged
880 manually with the new default and moved to the new location. To
881 continue using the my.cnf file at the old location, set "mysql_optfile"
882 in /etc/rc.conf to point to the location of the existing my.cnf file.
885 AFFECTS: users of www/node5
886 AUTHOR: bradleythughes@fastmail.fm
888 Node.js v5.x has reached end of life and has been removed. Users that
889 have not yet moved to v6.x should do so now by switching to the www/node
893 AFFECTS: users of sysutils/rsyslog7
894 AUTHOR: brd@FreeBSD.org
896 Rsyslog 7.x has reached end of life status and is being marked as
897 depreciated. Rsyslog 8 has been made the default.
900 AFFECTS: users of www/calendarserver
901 AUTHOR: pi@FreeBSD.org
903 Please note that updating from the previous version (5.1) to the current
904 version (8.0) requires manual steps. Please consult the pkg-message for
908 AFFECTS: users of shells/zsh
909 AUTHOR: adamw@FreeBSD.org
911 zsh now looks for system-wide conf files in ${PREFIX}/etc, instead of
912 /etc. If you have files like zshrc, zshenv, zprofile, zlogin, or zlogout
913 in /etc, either move them to /usr/local/etc or rebuild zsh with the
916 Note that this change only affects system-wide conf files, which are not
917 installed or created by a default installation.
920 AFFECTS: users of www/redmine
921 AUTHOR: tz@FreeBSD.org
923 Redmine was updated from 2.6.9 to 3.2.3. Since this an update over
924 major versions be careful with your update.
925 For further update instructions please have a look at:
926 https://www.redmine.org/projects/redmine/wiki/RedmineUpgrade
929 AFFECTS: users of ftp/wget
930 AUTHOR: vd@FreeBSD.org
932 Wget 1.18 fixes a security vulnerability (CVE-2016-4971) and the fix
933 introduces a backward-incompatibility for HTTP->FTP redirects. Any script that
934 relies on the old behaviour must use --trust-server-names in order to trust
935 the HTTP response and redirect to the new filename.
938 AFFECTS: users of databases/py-apsw
939 AUTHOR: rm@FreeBSD.org
941 SQLite 3.12 completely changed the semantics of VFS.xGetLastError() in an
942 incompatible way. This required a rewrite of the relevant C, Python and test
943 code. If you implement or use this method then you have to rewrite your code
944 too. Also note that running the test suite from an earlier version of APSW
945 against this or future SQLite versions will result in consuming all memory,
946 swap or address space (an underlying integer changed meaning).
949 AFFECTS: users of security/openssl*, security/libressl*
950 AUTHOR: mat@FreeBSD.org
952 Previously, to tell the ports tree, you needed to set:
954 WITH_OPENSSL_PORT=yes
956 And if you wanted a port that was not security/openssl, you needed to add,
959 OPENSSL_PORT= security/libressl
961 Now, all you need to do is:
963 DEFAULT_VERSIONS+= ssl=libressl
965 Valid values are base, openssl, openssl-devel, libressl, and libressl-devel.
968 AFFECTS: users of www/node, www/node5, and www/node4
969 AUTHOR: adamw@FreeBSD.org
971 node now prefers a few libraries from ports to the versions bundled
972 with node. However, node cannot use the libssl from LibreSSL. If you
973 are using LibreSSL as your SSL provider, you must enable the
974 "BUNDLED_SSL" option when building node.
977 AFFECTS: users of textproc/xmlroff
978 AUTHOR: hrs@FreeBSD.org
980 The library part of xmlroff has been separated into textproc/libfo.
981 Remove the installed xmlroff first when upgrading it because older
982 xmlroff than 0.6.2_6 have files which libfo installs. A typical
983 error message is the following:
985 pkg-static: libfo-0.6.2 conflicts with xmlroff-0.6.2_5 (installs files into the same place). Problematic file: /usr/local/include/libfo-0.6/libfo/area/fo-area.h
988 AFFECTS: users of databases/postgresql-repmgr
989 AUTHOR: bofh@FreeBSD.org
991 The port has been repocopied to databases/postgresql-repmgr2 and current
992 post has been updated to 3.x series. If anyone is still looking forward
993 to use the 2.x please upgrade as following.
995 # portmaster -o databases/postgresql-repmgr2 databases/postgresql-repmgr
997 # portupgrade -o databases/postgresql-repmgr2 databases/postgresql-repmgr
999 Otherwise if you want to move on with 3.x series just use
1001 # portmaster -r databases/postgresql-repmgr
1003 # portupgrade -fr databases/postgresql-repmgr
1006 AFFECTS: users of www/h2o
1007 AUTHOR: junovitch@FreeBSD.org
1009 File paths no longer have a trailing / appended to them. This enables
1010 directing specific paths to a file but may break existing configurations.
1011 Refer to https://h2o.examp1e.net/configure/file_directives.html and
1012 revise your yaml config appropriately.
1015 AFFECTS: users of security/libressl-devel
1016 AUTHOR: brnrd@FreeBSD.org
1018 The port has been updated to the latest "unstable" version of LibreSSL.
1019 The shared library versions of the libraries have been bumped.
1020 With this update, the patch for the OPENSSL_VERSION_NUMBER has been
1021 removed. This causes issues with a number of ports. Patches for many of
1022 these issues can be found on
1023 https://wiki.freebsd.org/LibreSSL/Ports#OPENSSL_VERSION_NUMBER
1025 After upgrading to 2.4.0, manually update all packages that depend on
1026 any of the libraries provided by LibreSSL (libssl, libcrypto and
1027 libtls) since the versions of these libraries have changed. Normally,
1028 you can obtain the list of dependent software by running the following
1031 # pkg info -r libressl-devel
1033 Then you should rebuild all ports depending on libressl-devel to avoid
1034 dangling shared library dependencies. Poudriere and pkg handle this
1035 correctly, portmaster and portupgrade users can use the following to
1036 rebuild all dependent ports.
1039 portmaster -r libressl-devel
1041 portupgrade -fr security/libressl-devel
1044 AFFECTS: users of mail/opensmtpd-extras (any of them)
1045 AUTHOR: adamw@FreeBSD.org
1047 The invocation for extras has changed. Some extras might fail unless
1048 you pass all options/arguments separated by quotes:
1050 filter myfilter dnsbl "-c /var/chroot/dnsbl" "-h my.dnsbl.com"
1052 Additionally, extras now run in a chroot. Either pass "-C" to skip the
1053 chroot entirely (not recommended), or put all required config files,
1054 resolv.conf, and external binaries into the chroot. For example:
1056 # mkdir -p /var/chroot/dnsbl/etc
1057 # cp /etc/resolv.conf /var/chroot/dnsbl/etc
1059 And pass "-c /var/chroot/dnsbl" to the filter.
1062 AFFECTS: users of mail/opensmtpd
1063 AUTHOR: brnrd@FreeBSD.org
1065 Due to changes to the rc-script you must stop smtpd prior to upgrading
1066 mail/opensmtpd to version 5.9.2
1068 # service smtpd stop
1070 Then upgrade OpenSMTPD to version 5.9.2.
1071 Additionally version 5.9.2 changes the file mode bits for two directories.
1072 To allow existing installations to start successfully you must apply the
1075 # chown -R root:_smtpq /var/spool/smtpd/offline
1076 # chmod -R 770 /var/spool/smtpd/offline
1077 # chmod -R 700 /var/spool/smtpd/purge
1079 After applying the changes, the smtpd daemon can successfully be started.
1082 AFFECTS: users of devel/qtcreator
1083 AUTHOR: nolden@kde.org
1085 QBS (Qt Build System) was previously shipped as part of qtcreator, now
1086 it is independently available as devel/qbs. However, on upgrading
1087 qtcreator to 3.6.1, the depends will detect qbs through a previously
1088 installed qtcreator port and will not build/install correctly
1089 (devel/qbs won't be installed automatically as depends)
1091 The solution is to pkg remove qtcreator, then building works correctly.
1094 AFFECTS: users of databases/db6
1095 AUTHOR: mandree@FreeBSD.org
1097 The databases/db6 port has been updated to release 6.2.23.
1099 This requires manual action in two places:
1100 1. dependent applications need to be recompiled,
1101 2. SQL databases, if any, need to be reindexed.
1103 To obtain a list of ports needing a recompilation,
1104 the following command should provide it:
1108 Then rebuild db6 and the dependent ports. For pkg users, this should
1112 # portmaster -r databases/db6
1114 # portupgrade -fr databases/db6
1116 In order to reindex SQL databases, a db6-upgrade61.sh script is
1117 provided in ${PREFIX}/bin, if and only if the port's SQL option is
1118 enabled. For detailed reindexing instructions, see
1119 http://docs.oracle.com/cd/E17076_05/html/installation/sqlite_ver61.html
1120 and note that the FreeBSD port installs the upgrade61.sh script with a
1121 db6- prefix that you need to add.
1124 AFFECTS: users of audio/clementine-player
1125 AUTHOR: sbruno@FreeBSD.org
1127 The audio/clementine-player port has been updated to v1.3.1, the latest
1128 upstream release. The music database code now has a hard dependency on
1129 databases/sqlite having the FTS3_TOKENIZER option enabled. This has
1130 been made the default option in databases/sqlite.
1132 Without this option, clementine-player will crash on startup.
1135 AFFECTS: users of biology/seqan
1136 AUTHOR: junovitch@FreeBSD.org
1138 The biology/seqan port has been split into biology/seqan (only the
1139 library) and biology/seqan-apps for the programs based on SeqAn. Both
1140 ports are based on version 2.1.1 of the SeqAn repository. There is a new
1141 biology/seqan1 port with version 1.3 of SeqAn for backwards compatibility,
1142 but this port will likely be deprecated in the next year so please update
1143 your software to SeqAn2.
1146 AFFECTS: users of www/node
1147 AUTHOR: bradleythughes@fastmail.fm
1149 The www/node port has been updated to node.js v6.0.0, the latest
1150 upstream release. Users of node.js v5.x are encouraged to upgrade as
1151 soon as possible, as upstream support will end two months from now.
1153 The www/node5 port has been created to aid users transition. Use one of
1154 the following commands to continue using node.js v5.x:
1158 # portmaster -o www/node5 www/node
1160 # portupgrade -o www/node5 www/node
1163 AFFECTS: users of security/libressl
1164 AUTHOR: brnrd@FreeBSD.org
1166 LibreSSL 2.3 has removed SSLv3 support completely which leads to issues
1167 with a number of ports. Patches for many of these issues can be found
1168 on https://wiki.freebsd.org/OpenSSL/No-SSLv3
1170 After upgrading to 2.3.4, manually update all packages that depend on
1171 any of the libraries provided by LibreSSL (libssl, libcrypto and
1172 libtls) since the versions of these libraries have changed. Normally,
1173 you can obtain the list of dependent software by running the following
1176 # pkg info -r libressl
1178 Then you should rebuild all ports depending on libressl to avoid dangling
1179 shared library dependencies. Poudriere and pkg handle this correctly,
1180 portmaster and portupgrade users can use the following to rebuild all
1184 portmaster -r libressl
1186 portupgrade -fr security/libressl
1189 AFFECTS: users of mail/dspam
1190 AUTHOR: junovitch@FreeBSD.org
1192 dspam has been modified to no longer run as root:mail by default.
1193 Existing configuration must be adjusted to reflect using a non-privileged
1194 port and the /var/run/dspam directory for PID and socket files. If you
1195 need dspam to run as root for your mail setup, you can use the SETUID
1196 config option to enable the old insecure behavior.
1199 AFFECTS: users of www/nginx and www/nginx-devel
1200 AUTHOR: osa@FreeBSD.org
1202 The ${MODULESDIR}, default directory for dynamic modules, has been
1203 changed from ${ETCDIR}/modules to ${PREFIX}/libexec/${PORTNAME}.
1204 It's highly recommended to review existing configuration files of
1205 nginx, i.e. ${PREFIX}/etc/nginx/nginx.conf.
1208 AFFECTS: users of net-mgmt/icinga2
1209 AUTHOR: lme@FreeBSD.org
1211 The creation of Icinga2 directories and files in /var is now controlled
1212 by the /etc/rc.conf variable icinga2_mkvar. Earlier ports always
1213 created the /var entries, but could slow startup significantly when /var
1214 was a normal disk rather than a RAM disk. icinga2_mkvar defaults to
1218 AFFECTS: users of audio/chromaprint
1219 AUTHOR: jhale@FreeBSD.org
1221 chromaprint has been updated to version 1.3.1 and includes a shared
1222 library bump. PORTREVISIONS have been bumped on affected ports.
1223 If you are using binary pkg, 'pkg upgrade' will do the right thing.
1224 Users of portmaster/portupgrade must rebuild all ports which depend
1228 portmaster -w -r chromaprint
1230 portupgrade -fr audio/chromaprint
1233 AFFECTS: users of www/tt-rss
1234 AUTHOR: thierry@FreeBSD.org
1236 Tiny Tiny RSS can use a database running on a separate server.
1237 Previously, in this case, you had to set the option DBLOCAL; this option
1238 has been removed and replaced by a settable run-time flag: now you
1240 ttrssd_local_db="NO"
1241 in your /etc/rc.conf .
1244 AFFECTS: users of graphics/kipi-plugin-googledrive and graphics/kipi-plugin-picasaweb
1245 AUTHOR: kde@FreeBSD.org
1247 DigiKam and its related ports have been updated to 4.14.0, the latest
1248 stable upstream release.
1250 The graphics/kipi-plugin-googledrive and graphics/kipi-plugin-picasaweb
1251 have both been merged into the new graphics/kipi-plugin-googleservices
1252 following a move done upstream.
1254 Those two ports must be removed, and graphics/kipi-plugin-googleservices
1255 should be used instead.
1258 AFFECTS: users of www/node-devel
1259 AUTHOR: bradleythughes@fastmail.fm
1261 www/node-devel was outdated and has been removed. Upstream no longer
1262 releases a development version. You can use the www/node port to get
1263 node.js 5.x by running one of the following commands:
1267 # portmaster -o www/node www/node-devel
1269 # portupgrade -o www/node www/node-devel
1272 AFFECTS: multimedia/x264
1273 AUTHOR: jbeich@FreeBSD.org
1275 LSMASH replaced GPAC by default. If you use BATCH=y in /etc/make.conf
1276 and hit below error make sure to re-run "make config".
1278 ====> You cannot select multiple options from the MP4 radio
1282 AFFECTS: users of net/samba42 and net/samba/43
1283 AUTHOR: timur@FreeBSD.org
1285 Samba 4.2.x and 4.3.x ports have been updated to address
1286 BadLock(http://badlock.org) vulnerability, as well as few other
1289 Please note that Samba 4.1.x and older versions are also affected by
1290 the issues fixed with this release but are not supported anymore. It is
1291 strongly recommend to upgrade to a recent version at your earliest
1294 The security updates include new smb.conf options and a number of
1295 stricter behaviours to prevent Man in the Middle attacks. Between these
1296 changes, compatibility with a large number of older software versions
1297 has been lost in the default configuration.
1299 For more information about the related behaviour changes and the
1300 security issues please visit:
1302 https://www.samba.org/samba/latest_news.html#4.4.2
1303 https://www.samba.org/samba/history/samba-4.3.8.html
1304 https://www.samba.org/samba/history/samba-4.2.11.html
1307 AFFECTS: users of databases/influxdb
1308 AUTHOR: cheffo@freebsd-bg.org
1310 To upgrade to InfluxDB 0.12, you must be on version 0.10 and all shards must
1311 be in TSM format (the default storage engine starting with InfluxDB 0.10).
1312 See the 0.10 documentation [1] for how to convert b1 and bz1 shards to TSM. If
1313 any b1 or bz1 shards are present, InfluxDB 0.12 will not start.
1315 Next, you need to update your metastore *before updating to 0.12.* [2]
1317 [1] https://docs.influxdata.com/influxdb/v0.10/administration/upgrading/#convert-b1-and-bz1-shards-to-tsm1
1318 [2] https://docs.influxdata.com/influxdb/v0.12/administration/upgrading/
1321 AFFECTS: users of www/pecl-http
1322 AUTHOR: bofh@FreeBSD.org
1324 www/pecl-http has been updated to the latest 3.x stable release, which
1325 supports php70+ and a new port www/pecl-http2 has been created for the
1328 Should users want to continue to use version 2.x, replace www/pecl-http with
1329 www/pecl-http2 as follows:
1333 # pkg delete pecl-http
1334 # pkg install pecl-http2
1338 # portupgrade -o www/pecl-http2 www/pecl-http
1342 # portmaster -o www/pecl-http2 www/pecl-http
1345 AFFECTS: users of lang/ruby21
1346 AUTHOR: swills@FreeBSD.org
1348 The default ruby version has been updated from 2.1 to 2.2.
1350 If you compile your own ports you may keep 2.1 as the default version by
1351 adding the following lines to your /etc/make.conf file:
1354 # Keep ruby 2.1 as default version
1356 DEFAULT_VERSIONS+=ruby=2.1
1358 If you wish to update to the new default version, you need to first stop any
1359 software that uses ruby. Then, you will need to follow these steps, depending
1360 upon how you manage your system.
1362 If you use pkgng, simply upgrade:
1365 If you use portmaster, install new ruby, then rebuild all ports that depend
1367 # portmaster -o lang/ruby22 lang/ruby21
1368 # portmaster -R -r ruby-2.2
1370 If you use portupgrade, install new ruby, then rebuild all ports that depend
1373 # pkg delete -f ruby portupgrade
1374 # make -C /usr/ports/ports-mgmt/portupgrade install clean
1375 # pkg set -o lang/ruby21:lang/ruby22
1376 # portupgrade -x ruby-2.2.\* -fr lang/ruby22
1379 AFFECTS: mail/spamassassin
1380 AUTHOR: adamw@FreeBSD.org
1382 Support for SSLv3 has been removed from SpamAssassin, because
1383 SSLv3 is a Bad Idea. No direct option is provided to re-enable it.
1384 If your setup requires use of SSLv3, some instructions are available
1385 in FreeBSD PR 208225.
1388 AFFECTS: security/clamav-unofficial-sigs
1389 AUTHOR: lukasz@wasikowski.net, sf@maxempire.com
1391 This version of clamav-unofficial-sigs is eXtremeSHOK's fork.
1392 Configuration file location has changed from
1393 %PREFIX%/clamav-unofficial-sigs.conf to
1394 %PREFIX%/clamav-unofficial-sigs/
1396 master.conf and os.conf hold default values, local changes should
1397 be placed in user.conf.
1400 AFFECTS: print/ghostscript9-base
1401 AUTHOR: tijl@FreeBSD.org
1403 The default Ghostscript port has changed from print/ghostscript9-base,
1404 which is no longer developed, to print/ghostscript9-agpl-base. Package
1405 users will upgrade automatically. Ports users can stick with the old
1406 port by adding "DEFAULT_VERSIONS+=ghostscript=9" to /etc/make.conf, or
1407 move to the new port with:
1409 portmaster -o print/ghostscript9-agpl-base ghostscript9-base
1410 or: portupgrade -o print/ghostscript9-agpl-base print/ghostscript9-base
1412 And if you have ghostscript9-x11 installed:
1414 portmaster -o print/ghostscript9-agpl-x11 ghostscript9-x11
1415 or: portupgrade -o print/ghostscript9-agpl-x11 print/ghostscript9-x11
1417 Note that print/ghostscript9-agpl-base is licensed under the AGPLv3
1418 while print/ghostscript9-base is licensed under the GPLv3.
1421 AFFECTS: security/openvas-client
1422 AUTHOR: tijl@FreeBSD.org
1424 The OpenVAS ports have been updated from version 2 to version 8. All
1425 components have been renamed and rearranged. The old OpenVAS client
1426 no longer exists. Instead there is a web interface provided by
1427 security/greenbone-security-assistant or a command-line interface
1428 provided by security/openvas-cli.
1431 AFFECTS: print/hplip
1432 AUTHOR: tijl@FreeBSD.org
1434 HPLIP has been updated to verion 3.16.2. As part of the update support
1435 for the hpijs/foomatic-rip filter has been dropped. This has long been
1436 unsupported upstream. If you used this filter with your printer you'll
1437 have to remove the printer with HP Device Manager and then add it back as
1441 AFFECTS: print/cups-base, print/cups-client, print/cups-image
1442 AUTHOR: tijl@FreeBSD.org
1444 The cups-base, cups-client and cups-image packages have been combined
1445 into one cups package.
1447 If you build your own ports the easiest way to update is to delete these
1448 packages first and then build and install print/cups.
1450 If you are using binary packages, depending on the packages installed on
1451 your system, pkg(8)'s solver might get confused. In this case do not proceed
1452 with the upgrade but delete first the packages:
1454 pkg delete -fg "cups*"
1456 Then usual upgrade process: pkg upgrade
1458 The device URI of USB printers has changed so you have to adjust the
1459 printer configuration. Go to http://localhost:631/printers/. Click on
1460 your printer and select "Modify Printer" in the Administration drop-down.
1461 You should then be able to select the new URI of the printer. The web
1462 interface requires cookies and JavaScript to function properly so make
1463 sure your browser does not block them.
1465 The package also installs a devd(8) configuration file now that gives
1466 cups access to USB printers. Unless you have any special needs you can
1467 remove any devd(8), devfs.conf(5) or devfs.rules(5) configuration related
1468 to cups that you may have added in the past.
1471 AFFECTS: net-mgmt/yaf
1472 AUTHOR: pi@FreeBSD.org
1474 YAF is updated to version 2.8.1 with many new OPTIONS. Please use
1475 the default options to get same behavior as previous version.
1478 AFFECTS: audio/alsa-utils, www/firefox, www/firefox-esr, www/seamonkey
1479 AUTHOR: jbeich@FreeBSD.org
1481 ALSA backend in libcubeb as used by Firefox has an unresolved issue
1482 with the OSS patch in audio/alsa-plugins. To avoid excessive CPU
1483 usage when playing HTML5 videos rebuild the port with BUFSZ_P2
1484 option enabled or reset options to default.
1486 However, with BUFSZ_P2 enabled alsa-utils may crash:
1489 Playing WAVE 'test.wav' : Signed 16 bit Little Endian, Rate 48000 Hz, Stereo
1490 Assertion failed: (err >= 0), function set_params, file aplay.c, line 1289.
1491 Aborted by signal Abort trap...
1494 AFFECTS: users of security/openssh-portable-devel
1495 AUTHOR: bdrewery@FreeBSD.org
1497 openssh-portable-devel has been removed since it is stale, insecure and
1498 not worth maintaining any longer.
1500 Users should switch back to openssh-portable.
1504 # pkg delete openssh-portable-devel
1505 # pkg install openssh-portable
1509 # portmaster -o security/openssh-portable openssh-portable-devel
1513 # portupgrade -o security/openssh-portable security/openssh-portable-devel
1516 AFFECTS: users of mail/postfix
1517 AUTHOR: ohauer@FreeBSD.org
1519 Postfix has been updated to version 3.1, VDA and native SPF is no
1522 - if VDA support is needed, users should stay on mail/postfix211
1523 - SPF support can be added to postfix via one of the mail/*spf* ports
1525 The Dovecot SASL OPTION was removed, Dovecot SASL support is always given
1526 from now on. In addition, for each mail/postfix* port there is now a
1527 mail/postfix*-sasl slave port providing Cyrus SASL as default.
1529 To stay on postfix-2.11.x run the command:
1531 # pkg set -o mail/postfix:mail/postfix211
1534 AFFECTS: users of www/nginx-devel
1535 AUTHOR: osa@FreeBSD.org
1537 Dynamic modules support has been enabled for the following third-party
1538 modules, in case of usage of these modules please update nginx
1539 configuration file for load these modules:
1541 load_module "modules/ngx_dynamic_upstream_module.so";
1542 load_module "modules/ngx_http_small_light_module.so";
1545 AFFECTS: users of www/nginx-devel
1546 AUTHOR: osa@FreeBSD.org
1548 Dynamic modules support has been enabled for the following third-party
1549 modules, in case of usage of these modules please update nginx
1550 configuration file for load these modules:
1552 load_module "modules/ngx_http_echo_module.so";
1553 load_module "modules/ngx_http_headers_more_filter_module.so";
1554 load_module "modules/ngx_http_eval_module.so";
1555 load_module "modules/ngx_http_lua_module.so";
1556 load_module "modules/ngx_http_set_misc_module.so";
1559 AFFECTS: users of www/nginx-devel
1560 AUTHOR: osa@FreeBSD.org
1562 Dynamic modules support has been enabled. In case of usage following
1563 modules please update nginx configuration file for load these modules:
1565 load_module "modules/ngx_http_geoip_module.so";
1566 load_module "modules/ngx_http_image_filter_module.so";
1567 load_module "modules/ngx_http_xslt_filter_module.so";
1568 load_module "modules/ngx_mail_module.so";
1569 load_module "modules/ngx_stream_module.so";
1571 See https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ for details.