1 This file documents some of the problems you may encounter when upgrading
2 your ports. We try our best to minimize these disruptions, but sometimes
5 You should get into the habit of checking this file for changes each time
6 you update your ports collection, before attempting any port upgrades.
9 AFFECTS: users of www/nginx-devel
10 AUTHOR: osa@FreeBSD.org
12 Nginx now creates logs under /var/log/nginx/ and changes default log
13 names from "nginx-access.log" and "nginx-error.log" to "access.log" and
14 "error.log" respectively. This is important for the error log because
15 the location is encoded and touched by nginx during startup regardless
16 of the configured location for the error log.
18 See http://trac.nginx.org/nginx/ticket/147 for additional information
22 AFFECTS: users of deskutils/xfce4-volumed-pulse
23 AUTHOR: olivierd@FreeBSD.org
25 The port has been updated to the latest stable version 0.2.2.
26 Support of xfce4-mixer has been removed, so you can delete
27 its properties with the following command:
29 xfconf-query -c xfce4-mixer -p / -rR
32 AFFECTS: users of security/letsencrypt.sh
33 AUTHOR: riggs@FreeBSD.org
35 The config filename has been changed upstream from "config.sh"
36 to "config". Users must rename the current config file manually.
37 In addition, the default WELLKNOWN location has been changed to
38 %%PREFIX%%/www/letsencrypt. In order to use the previous default
39 location, the config file must be updated manually as well.
42 AFFECTS: users of math/galculator
43 AUTHOR: woodsb02@FreeBSD.org
45 galculator now uses GTK3 by default. An option exists in the port to revert
49 AFFECTS: uses of www/nginx
50 AUTHOR: marino@FreeBSD.org
52 Nginx now creates logs under /var/log/nginx/ and changes default log
53 names from "nginx-access.log" and "nginx-error.log" to "access.log" and
54 "error.log" respectively. This is important for the error log because
55 the location is encoded and touched by nginx during startup regardless
56 of the configured location for the error log.
58 See http://trac.nginx.org/nginx/ticket/147 for additional information
62 AFFECTS: users of databases/postgresql96-server
63 AUTHOR: girgen@FreeBSD.org
65 The default unix user used by the PostgreSQL daemon has changed to
66 `postgres' to reflect the long time upstream's convention. Any scripts
67 you have using the old `pgsql' unix user should be modified when upgrading to
68 PostgreSQL version 9.6. Older versions of PostgreSQL will continue using
69 `pgsql' until their end-of-life.
71 For users with UTF-8 locales in the database: The ICU patch is *activated by
72 default* for the PostgreSQL-9.6 server. For previous versions it was optional
73 and default off, but this has changed. Please read the entry here below from
74 20160811 and understand the consequences of changing between ICU and system
75 locale for database collation (short version: don't). pg_upgrade requires the
76 collation method to be the same (or a reindex), while pg_dump/restore does not.
78 Also, the default home directory for the postgres user is now
79 /var/db/postgres, and the default data directory for PostgreSQL 9.6 is
80 /var/db/postgres/data96.
83 AFFECTS: users of x11/nvidia-driver
84 AUTHOR: cem@FreeBSD.org
86 The NVidia driver has been updated to version 367.35. Starting with
87 version 358.09, new kernel module was added, nvidia-modeset.ko. This
88 new driver component works in conjunction with the nvidia.ko kernel
89 module to program the display engine of the GPU.
91 Users that experience hangs when starting X11 server, or observe
93 (II) NVIDIA(0): Validated MetaModes:
94 (II) NVIDIA(0): "NULL"
96 messages in their /var/log/Xorg.0.log file should replace ``nvidia''
97 with ``nvidia-modeset'' in /boot/loader.conf or /etc/rc.conf files,
98 depending on how they prefer to load NVidia driver kernel module.
101 AFFECTS: users of security/sshguard
102 AUTHOR: feld@FreeBSD.org
104 Sshguard has been updated to 1.7.0. There have been several changes to
105 this release. Notably the hosts and ipfilter backends are no longer
106 supported. If you need these backends to be supported and you missed
107 the survey sent out by upstream I urge you to contact upstream.
109 The hosts backend was previously served by security/sshguard directly.
110 The additional backends were slave ports with package name suffixes. I
111 have opted to keep the master/slave port relationship but not choose a
112 specific backend for security/sshguard. Instead it is now a metaport
113 which will prompt you for which backend you prefer. If no backend is
114 configured it will depend on security/sshguard-ipfw, which is the
115 native FreeBSD firewall. This my be surprising to users who depended
116 on security/sshguard which only provided hosts/TCP Wrappers blocking,
117 but there is no replacement at this time.
119 I would also like to document that sshguard no longer accepts the -e
120 argument which allowed external scripts to run when sshguard finds a
121 match. As a result the null backend can no longer be used to create
122 custom blocking functionality; it only serves as a detection backend.
124 If the removed backends return due to user demand they will be added
125 as slave ports for consistency. I apologize for any inconvenience and
126 lack of notice on the deprecation of these features.
129 AFFECTS: users of mail/rspamd*
130 AUTHOR: vsevolod@FreeBSD.org
132 Rspamd users should update Rspamd to 1.3.3 version as soon as possible
133 and ensure that '/usr/local/etc/rspamd/module.d/fuzzy_check.conf` has
134 the line `algorithm = "mumhash";` for the "rspamd.com" rule. The more
135 detailed information could be found on
136 https://rspamd.com/announce/2016/08/15/rspamd-1.3.3.html
139 AFFECTS: users of dns/powerdns*
140 AUTHOR: junovitch@FreeBSD.org
142 PowerDNS Authoritative Server and Recursor 4.0.0+ introduce significant
143 changes to the configuration files, which need to be handled before
144 restarting the services. As from the Recursor changelog, "The Lua hook
145 infrastructure was redone using LuaWrapper; old scripts will no longer
146 work, but new scripts are easier to write under the new interface."
149 AFFECTS: users of security/libressl
150 AUTHOR: brnrd@FreeBSD.org
152 The port has been updated to the latest stable version 2.4 of LibreSSL.
153 The shared library versions of the libraries have been bumped.
154 With this update, the patch for the OPENSSL_VERSION_NUMBER has been
155 removed. This causes issues with a number of ports. Patches for all
156 ports for which this issues is known can be found on
157 https://wiki.freebsd.org/LibreSSL/Ports#OPENSSL_VERSION_NUMBER
159 After upgrading, manually update all packages that depend on any of the
160 libraries provided by LibreSSL (libssl, libcrypto and libtls) since the
161 versions of these libraries have changed. Normally, you can obtain the
162 list of dependent software by running the following command:
164 # pkg info -r libressl
166 Then you should rebuild all ports depending on libressl to avoid dangling
167 shared library dependencies. Poudriere and pkg handle this correctly,
168 portmaster and portupgrade users can use the following to rebuild all
172 portmaster -r libressl
174 portupgrade -fr security/libressl
177 AFFECTS: users of databases/postgresqlNN-server with ICU patch
178 AUTHOR: girgen@FreeBSD.org
180 The ICU patch is added to the PostgreSQL-9.5 server. Please note that you
181 must never change between using the ICU patch and using system locale for
182 the same database cluster without REINDEXing all TEXT/VARCHAR columns, or
183 dump and restore your database. Failing to do so will result in corrupted
184 indexes due to the differences between the locale definitions. ICU will
185 always be the better choice for speed and correctness.
187 Also, the ICU patch used to support other Unicode encodings than UTF-8,
188 but that has been removed due to lack of demand and the complicated testing
189 required. If you use another Unicode encoding and rely on ICU for collation,
190 please refrain from upgrading the postgresql server and instead contact the
194 AFFECTS: users of emulators/virtualbox-ose
195 AUTHOR: jkim@FreeBSD.org
197 VirtualBox has been updated to 5.0.26 and it is incompatible with old
198 kernel modules. You should upgrade emulators/virtualbox-ose-kmod and
199 load new kernel modules before starting new version, e.g.,
201 # service vboxnet restart
204 AFFECTS: users of games/stonesoup-*
205 AUTHOR: lifanov@mail.lifanov.com
207 The WIZARD option has been renamed to NOWIZARD and is now an opt-out to
208 better reflect the upstream. If you run a shared game server and would
209 like the Wizard mode support disabled, please update port options.
212 AFFECTS: users of www/awstats
213 AUTHOR: adamw@FreeBSD.org
215 The directory containing icons has changed from ".../icons" to ".../icon".
216 awstats has, in its suggested configuration file, contained an alias
217 from /awstatsicons. After applying the awstats-7.5 update, you must
218 update that alias to point to /usr/local/www/awstats/icon (just remove
222 AFFECTS: users of sysutils/screen
223 AUTHOR: cy@FreeBSD.org
225 GNU Screen was updated to version 4.4.0 (r417201). Note that there was
226 fix to screen message structure field responsible for $TERM handling,
227 making it impossible to attach to older versions.
230 AFFECTS: users of databases/mysql57-*
231 AUTHOR: riggs@FreeBSD.org
233 The default location for my.cnf has changed from "/var/db/mysql/my.cnf"
234 to "/usr/local/etc/mysql/my.cnf". Existing my.cnf files must be merged
235 manually with the new default and moved to the new location. To
236 continue using the my.cnf file at the old location, set "mysql_optfile"
237 in /etc/rc.conf to point to the location of the existing my.cnf file.
240 AFFECTS: users of www/node5
241 AUTHOR: bradleythughes@fastmail.fm
243 Node.js v5.x has reached end of life and has been removed. Users that
244 have not yet moved to v6.x should do so now by switching to the www/node
248 AFFECTS: users of sysutils/rsyslog7
249 AUTHOR: brd@FreeBSD.org
251 Rsyslog 7.x has reached end of life status and is being marked as
252 depreciated. Rsyslog 8 has been made the default.
255 AFFECTS: users of www/calendarserver
256 AUTHOR: pi@FreeBSD.org
258 Please note that updating from the previous version (5.1) to the current
259 version (8.0) requires manual steps. Please consult the pkg-message for
263 AFFECTS: users of shells/zsh
264 AUTHOR: adamw@FreeBSD.org
266 zsh now looks for system-wide conf files in ${PREFIX}/etc, instead of
267 /etc. If you have files like zshrc, zshenv, zprofile, zlogin, or zlogout
268 in /etc, either move them to /usr/local/etc or rebuild zsh with the
271 Note that this change only affects system-wide conf files, which are not
272 installed or created by a default installation.
275 AFFECTS: users of www/redmine
276 AUTHOR: tz@FreeBSD.org
278 Redmine was updated from 2.6.9 to 3.2.3. Since this an update over
279 major versions be careful with your update.
280 For further update instructions please have a look at:
281 https://www.redmine.org/projects/redmine/wiki/RedmineUpgrade
284 AFFECTS: users of ftp/wget
285 AUTHOR: vd@FreeBSD.org
287 Wget 1.18 fixes a security vulnerability (CVE-2016-4971) and the fix
288 introduces a backward-incompatibility for HTTP->FTP redirects. Any script that
289 relies on the old behaviour must use --trust-server-names in order to trust
290 the HTTP response and redirect to the new filename.
293 AFFECTS: users of databases/py-apsw
294 AUTHOR: rm@FreeBSD.org
296 SQLite 3.12 completely changed the semantics of VFS.xGetLastError() in an
297 incompatible way. This required a rewrite of the relevant C, Python and test
298 code. If you implement or use this method then you have to rewrite your code
299 too. Also note that running the test suite from an earlier version of APSW
300 against this or future SQLite versions will result in consuming all memory,
301 swap or address space (an underlying integer changed meaning).
304 AFFECTS: users of security/openssl*, security/libressl*
305 AUTHOR: mat@FreeBSD.org
307 Previously, to tell the ports tree, you needed to set:
309 WITH_OPENSSL_PORT=yes
311 And if you wanted a port that was not security/openssl, you needed to add,
314 OPENSSL_PORT= security/libressl
316 Now, all you need to do is:
318 DEFAULT_VERSIONS+= ssl=libressl
320 Valid values are base, openssl, openssl-devel, libressl, and libressl-devel.
323 AFFECTS: users of www/node, www/node5, and www/node4
324 AUTHOR: adamw@FreeBSD.org
326 node now prefers a few libraries from ports to the versions bundled
327 with node. However, node cannot use the libssl from LibreSSL. If you
328 are using LibreSSL as your SSL provider, you must enable the
329 "BUNDLED_SSL" option when building node.
332 AFFECTS: users of textproc/xmlroff
333 AUTHOR: hrs@FreeBSD.org
335 The library part of xmlroff has been separated into textproc/libfo.
336 Remove the installed xmlroff first when upgrading it because older
337 xmlroff than 0.6.2_6 have files which libfo installs. A typical
338 error message is the following:
340 pkg-static: libfo-0.6.2 conflicts with xmlroff-0.6.2_5 (installs files into the same place). Problematic file: /usr/local/include/libfo-0.6/libfo/area/fo-area.h
343 AFFECTS: users of databases/postgresql-repmgr
344 AUTHOR: bofh@FreeBSD.org
346 The port has been repocopied to databases/postgresql-repmgr2 and current
347 post has been updated to 3.x series. If anyone is still looking forward
348 to use the 2.x please upgrade as following.
350 # portmaster -o databases/postgresql-repmgr2 databases/postgresql-repmgr
352 # portupgrade -o databases/postgresql-repmgr2 databases/postgresql-repmgr
354 Otherwise if you want to move on with 3.x series just use
356 # portmaster -r databases/postgresql-repmgr
358 # portupgrade -fr databases/postgresql-repmgr
361 AFFECTS: users of www/h2o
362 AUTHOR: junovitch@FreeBSD.org
364 File paths no longer have a trailing / appended to them. This enables
365 directing specific paths to a file but may break existing configurations.
366 Refer to https://h2o.examp1e.net/configure/file_directives.html and
367 revise your yaml config appropriately.
370 AFFECTS: users of security/libressl-devel
371 AUTHOR: brnrd@FreeBSD.org
373 The port has been updated to the latest "unstable" version of LibreSSL.
374 The shared library versions of the libraries have been bumped.
375 With this update, the patch for the OPENSSL_VERSION_NUMBER has been
376 removed. This causes issues with a number of ports. Patches for many of
377 these issues can be found on
378 https://wiki.freebsd.org/LibreSSL/Ports#OPENSSL_VERSION_NUMBER
380 After upgrading to 2.4.0, manually update all packages that depend on
381 any of the libraries provided by LibreSSL (libssl, libcrypto and
382 libtls) since the versions of these libraries have changed. Normally,
383 you can obtain the list of dependent software by running the following
386 # pkg info -r libressl-devel
388 Then you should rebuild all ports depending on libressl-devel to avoid
389 dangling shared library dependencies. Poudriere and pkg handle this
390 correctly, portmaster and portupgrade users can use the following to
391 rebuild all dependent ports.
394 portmaster -r libressl-devel
396 portupgrade -fr security/libressl-devel
399 AFFECTS: users of mail/opensmtpd-extras (any of them)
400 AUTHOR: adamw@FreeBSD.org
402 The invocation for extras has changed. Some extras might fail unless
403 you pass all options/arguments separated by quotes:
405 filter myfilter dnsbl "-c /var/chroot/dnsbl" "-h my.dnsbl.com"
407 Additionally, extras now run in a chroot. Either pass "-C" to skip the
408 chroot entirely (not recommended), or put all required config files,
409 resolv.conf, and external binaries into the chroot. For example:
411 # mkdir -p /var/chroot/dnsbl/etc
412 # cp /etc/resolv.conf /var/chroot/dnsbl/etc
414 And pass "-c /var/chroot/dnsbl" to the filter.
417 AFFECTS: users of mail/opensmtpd
418 AUTHOR: brnrd@FreeBSD.org
420 Due to changes to the rc-script you must stop smtpd prior to upgrading
421 mail/opensmtpd to version 5.9.2
425 Then upgrade OpenSMTPD to version 5.9.2.
426 Additionally version 5.9.2 changes the file mode bits for two directories.
427 To allow existing installations to start successfully you must apply the
430 # chown -R root:_smtpq /var/spool/smtpd/offline
431 # chmod -R 770 /var/spool/smtpd/offline
432 # chmod -R 700 /var/spool/smtpd/purge
434 After applying the changes, the smtpd daemon can successfully be started.
437 AFFECTS: users of devel/qtcreator
438 AUTHOR: nolden@kde.org
440 QBS (Qt Build System) was previously shipped as part of qtcreator, now
441 it is independently available as devel/qbs. However, on upgrading
442 qtcreator to 3.6.1, the depends will detect qbs through a previously
443 installed qtcreator port and will not build/install correctly
444 (devel/qbs won't be installed automatically as depends)
446 The solution is to pkg remove qtcreator, then building works correctly.
449 AFFECTS: users of databases/db6
450 AUTHOR: mandree@FreeBSD.org
452 The databases/db6 port has been updated to release 6.2.23.
454 This requires manual action in two places:
455 1. dependent applications need to be recompiled,
456 2. SQL databases, if any, need to be reindexed.
458 To obtain a list of ports needing a recompilation,
459 the following command should provide it:
463 Then rebuild db6 and the dependent ports. For pkg users, this should
467 # portmaster -r databases/db6
469 # portupgrade -fr databases/db6
471 In order to reindex SQL databases, a db6-upgrade61.sh script is
472 provided in ${PREFIX}/bin, if and only if the port's SQL option is
473 enabled. For detailed reindexing instructions, see
474 http://docs.oracle.com/cd/E17076_05/html/installation/sqlite_ver61.html
475 and note that the FreeBSD port installs the upgrade61.sh script with a
476 db6- prefix that you need to add.
479 AFFECTS: users of audio/clementine-player
480 AUTHOR: sbruno@FreeBSD.org
482 The audio/clementine-player port has been updated to v1.3.1, the latest
483 upstream release. The music database code now has a hard dependency on
484 databases/sqlite having the FTS3_TOKENIZER option enabled. This has
485 been made the default option in databases/sqlite.
487 Without this option, clementine-player will crash on startup.
490 AFFECTS: users of biology/seqan
491 AUTHOR: junovitch@FreeBSD.org
493 The biology/seqan port has been split into biology/seqan (only the
494 library) and biology/seqan-apps for the programs based on SeqAn. Both
495 ports are based on version 2.1.1 of the SeqAn repository. There is a new
496 biology/seqan1 port with version 1.3 of SeqAn for backwards compatibility,
497 but this port will likely be deprecated in the next year so please update
498 your software to SeqAn2.
501 AFFECTS: users of www/node
502 AUTHOR: bradleythughes@fastmail.fm
504 The www/node port has been updated to node.js v6.0.0, the latest
505 upstream release. Users of node.js v5.x are encouraged to upgrade as
506 soon as possible, as upstream support will end two months from now.
508 The www/node5 port has been created to aid users transition. Use one of
509 the following commands to continue using node.js v5.x:
513 # portmaster -o www/node5 www/node
515 # portupgrade -o www/node5 www/node
518 AFFECTS: users of security/libressl
519 AUTHOR: brnrd@FreeBSD.org
521 LibreSSL 2.3 has removed SSLv3 support completely which leads to issues
522 with a number of ports. Patches for many of these issues can be found
523 on https://wiki.freebsd.org/OpenSSL/No-SSLv3
525 After upgrading to 2.3.4, manually update all packages that depend on
526 any of the libraries provided by LibreSSL (libssl, libcrypto and
527 libtls) since the versions of these libraries have changed. Normally,
528 you can obtain the list of dependent software by running the following
531 # pkg info -r libressl
533 Then you should rebuild all ports depending on libressl to avoid dangling
534 shared library dependencies. Poudriere and pkg handle this correctly,
535 portmaster and portupgrade users can use the following to rebuild all
539 portmaster -r libressl
541 portupgrade -fr security/libressl
544 AFFECTS: users of mail/dspam
545 AUTHOR: junovitch@FreeBSD.org
547 dspam has been modified to no longer run as root:mail by default.
548 Existing configuration must be adjusted to reflect using a non-privileged
549 port and the /var/run/dspam directory for PID and socket files. If you
550 need dspam to run as root for your mail setup, you can use the SETUID
551 config option to enable the old insecure behavior.
554 AFFECTS: users of www/nginx and www/nginx-devel
555 AUTHOR: osa@FreeBSD.org
557 The ${MODULESDIR}, default directory for dynamic modules, has been
558 changed from ${ETCDIR}/modules to ${PREFIX}/libexec/${PORTNAME}.
559 It's highly recommended to review existing configuration files of
560 nginx, i.e. ${PREFIX}/etc/nginx/nginx.conf.
563 AFFECTS: users of net-mgmt/icinga2
564 AUTHOR: lme@FreeBSD.org
566 The creation of Icinga2 directories and files in /var is now controlled
567 by the /etc/rc.conf variable icinga2_mkvar. Earlier ports always
568 created the /var entries, but could slow startup significantly when /var
569 was a normal disk rather than a RAM disk. icinga2_mkvar defaults to
573 AFFECTS: users of audio/chromaprint
574 AUTHOR: jhale@FreeBSD.org
576 chromaprint has been updated to version 1.3.1 and includes a shared
577 library bump. PORTREVISIONS have been bumped on affected ports.
578 If you are using binary pkg, 'pkg upgrade' will do the right thing.
579 Users of portmaster/portupgrade must rebuild all ports which depend
583 portmaster -w -r chromaprint
585 portupgrade -fr audio/chromaprint
588 AFFECTS: users of www/tt-rss
589 AUTHOR: thierry@FreeBSD.org
591 Tiny Tiny RSS can use a database running on a separate server.
592 Previously, in this case, you had to set the option DBLOCAL; this option
593 has been removed and replaced by a settable run-time flag: now you
596 in your /etc/rc.conf .
599 AFFECTS: users of graphics/kipi-plugin-googledrive and graphics/kipi-plugin-picasaweb
600 AUTHOR: kde@FreeBSD.org
602 DigiKam and its related ports have been updated to 4.14.0, the latest
603 stable upstream release.
605 The graphics/kipi-plugin-googledrive and graphics/kipi-plugin-picasaweb
606 have both been merged into the new graphics/kipi-plugin-googleservices
607 following a move done upstream.
609 Those two ports must be removed, and graphics/kipi-plugin-googleservices
610 should be used instead.
613 AFFECTS: users of www/node-devel
614 AUTHOR: bradleythughes@fastmail.fm
616 www/node-devel was outdated and has been removed. Upstream no longer
617 releases a development version. You can use the www/node port to get
618 node.js 5.x by running one of the following commands:
622 # portmaster -o www/node www/node-devel
624 # portupgrade -o www/node www/node-devel
627 AFFECTS: multimedia/x264
628 AUTHOR: jbeich@FreeBSD.org
630 LSMASH replaced GPAC by default. If you use BATCH=y in /etc/make.conf
631 and hit below error make sure to re-run "make config".
633 ====> You cannot select multiple options from the MP4 radio
637 AFFECTS: users of net/samba42 and net/samba/43
638 AUTHOR: timur@FreeBSD.org
640 Samba 4.2.x and 4.3.x ports have been updated to address
641 BadLock(http://badlock.org) vulnerability, as well as few other
644 Please note that Samba 4.1.x and older versions are also affected by
645 the issues fixed with this release but are not supported anymore. It is
646 strongly recommend to upgrade to a recent version at your earliest
649 The security updates include new smb.conf options and a number of
650 stricter behaviours to prevent Man in the Middle attacks. Between these
651 changes, compatibility with a large number of older software versions
652 has been lost in the default configuration.
654 For more information about the related behaviour changes and the
655 security issues please visit:
657 https://www.samba.org/samba/latest_news.html#4.4.2
658 https://www.samba.org/samba/history/samba-4.3.8.html
659 https://www.samba.org/samba/history/samba-4.2.11.html
662 AFFECTS: users of databases/influxdb
663 AUTHOR: cheffo@freebsd-bg.org
665 To upgrade to InfluxDB 0.12, you must be on version 0.10 and all shards must
666 be in TSM format (the default storage engine starting with InfluxDB 0.10).
667 See the 0.10 documentation [1] for how to convert b1 and bz1 shards to TSM. If
668 any b1 or bz1 shards are present, InfluxDB 0.12 will not start.
670 Next, you need to update your metastore *before updating to 0.12.* [2]
672 [1] https://docs.influxdata.com/influxdb/v0.10/administration/upgrading/#convert-b1-and-bz1-shards-to-tsm1
673 [2] https://docs.influxdata.com/influxdb/v0.12/administration/upgrading/
676 AFFECTS: users of www/pecl-http
677 AUTHOR: bofh@FreeBSD.org
679 www/pecl-http has been updated to the latest 3.x stable release, which
680 supports php70+ and a new port www/pecl-http2 has been created for the
683 Should users want to continue to use version 2.x, replace www/pecl-http with
684 www/pecl-http2 as follows:
688 # pkg delete pecl-http
689 # pkg install pecl-http2
693 # portupgrade -o www/pecl-http2 www/pecl-http
697 # portmaster -o www/pecl-http2 www/pecl-http
700 AFFECTS: users of lang/ruby21
701 AUTHOR: swills@FreeBSD.org
703 The default ruby version has been updated from 2.1 to 2.2.
705 If you compile your own ports you may keep 2.1 as the default version by
706 adding the following lines to your /etc/make.conf file:
709 # Keep ruby 2.1 as default version
711 DEFAULT_VERSIONS+=ruby=2.1
713 If you wish to update to the new default version, you need to first stop any
714 software that uses ruby. Then, you will need to follow these steps, depending
715 upon how you manage your system.
717 If you use pkgng, simply upgrade:
720 If you use portmaster, install new ruby, then rebuild all ports that depend
722 # portmaster -o lang/ruby22 lang/ruby21
723 # portmaster -R -r ruby-2.2
725 If you use portupgrade, install new ruby, then rebuild all ports that depend
728 # pkg delete -f ruby portupgrade
729 # make -C /usr/ports/ports-mgmt/portupgrade install clean
730 # pkg set -o lang/ruby21:lang/ruby22
731 # portupgrade -x ruby-2.2.\* -fr lang/ruby22
734 AFFECTS: mail/spamassassin
735 AUTHOR: adamw@FreeBSD.org
737 Support for SSLv3 has been removed from SpamAssassin, because
738 SSLv3 is a Bad Idea. No direct option is provided to re-enable it.
739 If your setup requires use of SSLv3, some instructions are available
740 in FreeBSD PR 208225.
743 AFFECTS: security/clamav-unofficial-sigs
744 AUTHOR: lukasz@wasikowski.net, sf@maxempire.com
746 This version of clamav-unofficial-sigs is eXtremeSHOK's fork.
747 Configuration file location has changed from
748 %PREFIX%/clamav-unofficial-sigs.conf to
749 %PREFIX%/clamav-unofficial-sigs/
751 master.conf and os.conf hold default values, local changes should
752 be placed in user.conf.
755 AFFECTS: print/ghostscript9-base
756 AUTHOR: tijl@FreeBSD.org
758 The default Ghostscript port has changed from print/ghostscript9-base,
759 which is no longer developed, to print/ghostscript9-agpl-base. Package
760 users will upgrade automatically. Ports users can stick with the old
761 port by adding "DEFAULT_VERSIONS+=ghostscript=9" to /etc/make.conf, or
762 move to the new port with:
764 portmaster -o print/ghostscript9-agpl-base ghostscript9-base
765 or: portupgrade -o print/ghostscript9-agpl-base print/ghostscript9-base
767 And if you have ghostscript9-x11 installed:
769 portmaster -o print/ghostscript9-agpl-x11 ghostscript9-x11
770 or: portupgrade -o print/ghostscript9-agpl-x11 print/ghostscript9-x11
772 Note that print/ghostscript9-agpl-base is licensed under the AGPLv3
773 while print/ghostscript9-base is licensed under the GPLv3.
776 AFFECTS: security/openvas-client
777 AUTHOR: tijl@FreeBSD.org
779 The OpenVAS ports have been updated from version 2 to version 8. All
780 components have been renamed and rearranged. The old OpenVAS client
781 no longer exists. Instead there is a web interface provided by
782 security/greenbone-security-assistant or a command-line interface
783 provided by security/openvas-cli.
787 AUTHOR: tijl@FreeBSD.org
789 HPLIP has been updated to verion 3.16.2. As part of the update support
790 for the hpijs/foomatic-rip filter has been dropped. This has long been
791 unsupported upstream. If you used this filter with your printer you'll
792 have to remove the printer with HP Device Manager and then add it back as
796 AFFECTS: print/cups-base, print/cups-client, print/cups-image
797 AUTHOR: tijl@FreeBSD.org
799 The cups-base, cups-client and cups-image packages have been combined
800 into one cups package.
802 If you build your own ports the easiest way to update is to delete these
803 packages first and then build and install print/cups.
805 If you are using binary packages, depending on the packages installed on
806 your system, pkg(8)'s solver might get confused. In this case do not proceed
807 with the upgrade but delete first the packages:
809 pkg delete -fg "cups*"
811 Then usual upgrade process: pkg upgrade
813 The device URI of USB printers has changed so you have to adjust the
814 printer configuration. Go to http://localhost:631/printers/. Click on
815 your printer and select "Modify Printer" in the Administration drop-down.
816 You should then be able to select the new URI of the printer. The web
817 interface requires cookies and JavaScript to function properly so make
818 sure your browser does not block them.
820 The package also installs a devd(8) configuration file now that gives
821 cups access to USB printers. Unless you have any special needs you can
822 remove any devd(8), devfs.conf(5) or devfs.rules(5) configuration related
823 to cups that you may have added in the past.
826 AFFECTS: net-mgmt/yaf
827 AUTHOR: pi@FreeBSD.org
829 YAF is updated to version 2.8.1 with many new OPTIONS. Please use
830 the default options to get same behavior as previous version.
833 AFFECTS: audio/alsa-utils, www/firefox, www/firefox-esr, www/seamonkey
834 AUTHOR: jbeich@FreeBSD.org
836 ALSA backend in libcubeb as used by Firefox has an unresolved issue
837 with the OSS patch in audio/alsa-plugins. To avoid excessive CPU
838 usage when playing HTML5 videos rebuild the port with BUFSZ_P2
839 option enabled or reset options to default.
841 However, with BUFSZ_P2 enabled alsa-utils may crash:
844 Playing WAVE 'test.wav' : Signed 16 bit Little Endian, Rate 48000 Hz, Stereo
845 Assertion failed: (err >= 0), function set_params, file aplay.c, line 1289.
846 Aborted by signal Abort trap...
849 AFFECTS: users of security/openssh-portable-devel
850 AUTHOR: bdrewery@FreeBSD.org
852 openssh-portable-devel has been removed since it is stale, insecure and
853 not worth maintaining any longer.
855 Users should switch back to openssh-portable.
859 # pkg delete openssh-portable-devel
860 # pkg install openssh-portable
864 # portmaster -o security/openssh-portable openssh-portable-devel
868 # portupgrade -o security/openssh-portable security/openssh-portable-devel
871 AFFECTS: users of mail/postfix
872 AUTHOR: ohauer@FreeBSD.org
874 Postfix has been updated to version 3.1, VDA and native SPF is no
877 - if VDA support is needed, users should stay on mail/postfix211
878 - SPF support can be added to postfix via one of the mail/*spf* ports
880 The Dovecot SASL OPTION was removed, Dovecot SASL support is always given
881 from now on. In addition, for each mail/postfix* port there is now a
882 mail/postfix*-sasl slave port providing Cyrus SASL as default.
884 To stay on postfix-2.11.x run the command:
886 # pkg set -o mail/postfix:mail/postfix211
889 AFFECTS: users of www/nginx-devel
890 AUTHOR: osa@FreeBSD.org
892 Dynamic modules support has been enabled for the following third-party
893 modules, in case of usage of these modules please update nginx
894 configuration file for load these modules:
896 load_module "modules/ngx_dynamic_upstream_module.so";
897 load_module "modules/ngx_http_small_light_module.so";
900 AFFECTS: users of www/nginx-devel
901 AUTHOR: osa@FreeBSD.org
903 Dynamic modules support has been enabled for the following third-party
904 modules, in case of usage of these modules please update nginx
905 configuration file for load these modules:
907 load_module "modules/ngx_http_echo_module.so";
908 load_module "modules/ngx_http_headers_more_filter_module.so";
909 load_module "modules/ngx_http_eval_module.so";
910 load_module "modules/ngx_http_lua_module.so";
911 load_module "modules/ngx_http_set_misc_module.so";
914 AFFECTS: users of www/nginx-devel
915 AUTHOR: osa@FreeBSD.org
917 Dynamic modules support has been enabled. In case of usage following
918 modules please update nginx configuration file for load these modules:
920 load_module "modules/ngx_http_geoip_module.so";
921 load_module "modules/ngx_http_image_filter_module.so";
922 load_module "modules/ngx_http_xslt_filter_module.so";
923 load_module "modules/ngx_mail_module.so";
924 load_module "modules/ngx_stream_module.so";
926 See https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ for details.
929 AFFECTS: users of net-im/uTox
930 AUTHOR: amdmi3@FreeBSD.org
932 Before upgrading uTox port, please set maximum font scale in the
936 AFFECTS: users of security/tor, security/tor-devel
937 AUTHOR: amdmi3@FreeBSD.org
939 The tor ports now create /var/log/tor subdirectory for tor logs. If
940 you've used /var/log/tor as a log _file_, you'll need to update your
941 torrc and move the file before updating the port.
944 AFFECTS: users of mail/rspamd and mail/rmilter
945 AUTHOR: vsevolod@FreeBSD.org
947 Rspamd has been updated to the version 1.1.0. If you have used per user
948 statistics, then please consult changelog for details: your configuration
951 Rmilter has been updated to the version 1.7.0. Support of SPF and Spamassassin
952 has been dropped from this project completely. You might also consider
953 migration from memcahched to redis in this version.
956 AFFECTS: users of sysutils/ansible
957 AUTHOR: lifanov@mail.lifanov.com
959 Ansible 2.0.0 introduces a number of incompatible configuration changes.
960 Please read changelog and migrate current configuration:
962 https://raw.githubusercontent.com/ansible/ansible/v2.0.0.0-1/CHANGELOG.md
964 Ansible 1.9.* will be provided as sysutils/ansible1 until the next update
968 AFFECTS: users of security/easy-rsa
969 AUTHOR: mandree@FreeBSD.org
971 The port has been upgraded to version 3. This incurs major changes,
972 please see ${PREFIX}/share/doc/easy-rsa/doc/EasyRSA-Upgrade-Notes.md
975 The old version 2.2.2 has been retained as security/easy-rsa2.
978 AFFECTS: users of games/nethack34
979 AUTHOR: glewis@FreeBSD.org
981 The port name and installation location of games/nethack34 have changed
982 to allow for a port of NetHack 3.6.0. To preserve your save and bones
983 files do the following after updating:
985 # sudo cp -p ${LOCALBASE}/share/nethack/save/* ${LOCALBASE}/share/nethack34/save/
986 # sudo cp -p ${LOCALBASE}/share/nethack/bon* ${LOCALBASE}/share/nethack34/
988 After verifying the files were copied correctly, remove the playground
989 directory (as these files are incompatible with NetHack 3.6.0).
991 # sudo rm -r ${LOCALBASE}/share/nethack
994 AFFECTS: users of net/samba4, net/samba41
995 AUTHOR: timur@FreeBSD.org
997 Given version of Samba were marked as deprecated. Please, consider to upgrade.
999 Samba4 was giving wrong builds with recent version of p5-Parse-Pidl. It was
1000 converted to use bundled version instead and to conflict with the given package.
1001 If you still intend to build net/samba4 - remove p5-Parse-Pidle first.
1004 AFFECTS: users of security/tor, security/tor-devel
1005 AUTHOR: amdmi3@FreeBSD.org
1007 Tor rc.d script no longer overrides or forces logfile configuration,
1008 you now need to setup logging by hand. To preserve old behavior, add
1009 the following line to /usr/local/etc/tor/torrc:
1011 Log notice file /var/log/tor
1014 AFFECTS: all users of www/node
1015 AUTHOR: koobs@FreeBSD.org
1017 www/node has been updated to the latest 5.x stable release, and a new port
1018 www/node4 has been created for the 4.x LTS branch.
1020 Should users want to continue to use version 4.x, replace www/node with
1021 www/node4 as follows:
1030 # portupgrade -o www/node4 www/node
1034 # portmaster -o www/node4 node
1037 AFFECTS: users of comms/gammu
1038 AUTHOR: vanilla@FreeBSD.org
1040 The python binding of comms/gammu were split from the main port. To get them you
1041 need to install comms/py-gammu.
1044 AFFECTS: users of mail/postfixadmin
1045 AUTHOR: riggs@FreeBSD.org
1047 Caveat when updating to version 2.93: If you have an existing
1048 configuration and are NOT using the recommended practice of putting your
1049 settings changes in config.local.php:
1051 Copy config.inc.php to config.local.php prior to upgrading, then revise
1052 config.local.php for the current version afterward.
1054 Postfixadmin will not function correctly unless correct and complete
1055 data structures are placed in config.inc.php. Therefore the file must be
1056 upgraded as part of the package and any changes to config.inc.php will
1059 Detailed information regarding this procedure is provided in step 3 of
1060 the installation instructions in ${DATADIR}/INSTALL.TXT (by default
1061 /usr/local/share/postfixadmin/INSTALL.TXT).
1064 AFFECTS: users of devel/ncurses
1065 AUTHOR: bapt@FreeBSD.org
1067 ncurses has been updated to 6.0.
1068 If you are using binary pkg, 'pkg upgrade' will do the right thing.
1069 Users of portmaster/portupgrade must rebuild all ports which depend
1073 portmaster -w -r ncurses
1075 portupgrade -fr devel/ncurses
1078 AFFECTS: users of x11-toolkits/qt4-gui or x11-toolkits/qt5-gui
1079 AUTHOR: kde@FreeBSD.org
1081 Back in mid-2012, pkg-message was added to the port suggesting changes to the
1082 default shared memory limits in loader.conf(5). Since then, the default
1083 limits have been changed and the values suggested by the port are no longer
1084 sensible. If you have changed the following values in loader.conf(5) due to
1085 qt4-gui's or qt5-gui's pkg-message, please considering removing them and
1086 using the default settings:
1090 See base r209037 and ports PR 202927 for more context.
1093 AFFECTS: users of sysutils/logstash
1094 AUTHOR: junovitch@FreeBSD.org
1096 Logstash has been updated to the 2.1.0 release. The embedded ElasticSearch
1097 instance is no longer supported. If in use, end users must update
1098 logstash.conf to point to the URL of an ElasticSearch instance.
1101 AFFECTS: users of net/samba43
1102 AUTHOR: timur@FreeBSD.org
1104 A new version of Samba server that has better integration with Windows 10.
1105 This is still experimental and there were reports that rolling upgrade from
1106 previous version of Samba fails to work.
1108 Please, backup all relevant files from /var/db/samba4/ directory, as well
1109 as configuration files.
1111 Follow https://wiki.samba.org/index.php/Updating_Samba for the upgrade path.
1114 AFFECTS: users of net/samba4, net/samba41, net/samba42
1115 AUTHOR: timur@FreeBSD.org
1117 Recent versions of devel/talloc, devel/tevent, database/tdb, database/ldb
1118 contained infinit recursive call to the strtol* set of replacement functions,
1119 which lead to coredumps. Unofficial patch was added meanwhile, but now
1120 official version of the fixed libs were released. If your version of
1121 net/samba4 works fine you don't need to recompile it. Other ports were also
1122 upgraded and some bugs were fixed in upstream.
1125 AFFECTS: users of audio/audacity
1126 AUTHOR: riggs@FreeBSD.org
1128 Audacity has been upgraded to version 2.1.1. Changes in its settings
1129 processing may prevent it from starting. If this happens, removing its
1130 user-specific configuration directory ~/.audacity-data resolves this.
1133 AFFECTS: users of mail/rmilter
1134 AUTHOR: vsevolod@FreeBSD.org
1136 Rmilter now has switched from user postfix to user _rmilter for security
1137 and sanity purposes. You might want to fix the ownership of
1138 /var/run/rmilter to user _rmilter and group mail.
1141 AFFECTS: users of deskutils/egroupware
1142 AUTHOR: danilo@FreeBSD.org
1144 EGroupware 1.8 was deprecated and removed from sourceforge.net.
1145 To upgrade to the new version (14.3), make a backup of all files and
1146 database, remove all files from ${PREFIX}/www/eg:
1148 # pkg remove egroupware
1149 # rm -rf ${PREFIX}/www/eg
1151 Install the new egroupware:
1152 # pkg install egroupware
1154 # make -C /usr/ports/deskutils/egroupware install clean
1156 Access the setup page on your browser and run the upgrade process
1157 (eg: http://<server>/eg/setup).
1160 AFFECTS: users of www/codeigniter
1161 AUTHOR: junovitch@FreeBSD.org
1163 CodeIgniter has been updated to the 3.0.x release branch. End users
1164 must ensure their web applications are compliant with the guidance
1165 in the "Upgrading From a Previous Version" document.
1167 http://www.codeigniter.com/user_guide/installation/upgrade_300.html
1169 CodeIgniter 2.2.x has reached EOL as of 31 October 2015 but may be
1170 installed in the interim from the www/codeigniter22 port.
1173 AFFECTS: users of security/keepassx2
1175 Due to a package name change, first remove the existing package
1176 and then reinstall it:
1178 # pkg delete security/keepassx2
1179 # portmaster security/keepassx2
1182 AFFECTS: users of www/varnish4
1183 AUTHOR: feld@FreeBSD.org
1185 Varnish has been updated to 4.1.0. As part of the update an effort has
1186 been made to increase the security of the varnish daemons by utilizing
1187 separate UIDs. Users who upgrade will likely run into a permissions
1188 issue as a result. The simplest solution is to delete files varnish
1189 will recreate with the correct permissions and to adjust permissions
1190 of existing log files.
1192 The following changes will allow you to start varnishd, varnishlog,
1193 and varnishncsa successfully:
1195 # rm -r /usr/local/varnish/$(hostname)
1196 # rm /var/run/varnishlog.pid
1197 # rm /var/run/varnishncsa.pid
1198 # chown varnishlog /var/log/varnish.log
1199 # chown varnishlog /var/log/varnishncsa.log
1201 Please also note that the syntax for binding to additional IPs has
1202 changed in 4.1.0. Multiple listening addresses are now specified by
1203 using multiple -a arguments. In rc.conf it would look like this:
1205 varnishd_listen="x.x.x.x:80 -a y.y.y.y:80"
1208 AFFECTS: users of devel/subversion, its bindings and www/mod_dav_svn
1209 AUTHOR: lev@FreeBSD.org
1211 The subversion upgdate to 1.9 branch introduces new "old" subversion
1212 port devel/subversion18.
1214 If you don't want to update your subversion installation, run
1216 pkg set -n subversion:subversion18
1220 WITH_SUBVERSION_VER=18
1222 to your /etc/make.conf
1225 AFFECTS: users of security/sshguard-ipfw
1226 AUTHOR: feld@FreeBSD.org
1228 The sshguard update to 1.6.2 introduces a rewritten IPFW backend. The
1229 previous approach was to insert individual block rules with a
1230 predefined numbered range. This does not scale well and is not
1231 flexible so the design was scrapped. The new approach utilizes IPFW
1232 tables. The sshguard IPFW backend now inserts offenders into hardcoded
1235 To continue blocking the attackers effectively you will need to add a
1236 block rule like the following:
1238 ipfw add deny all from 'table(22)' to any
1240 The release announcement can be found here:
1241 http://sourceforge.net/p/sshguard/mailman/message/34534861/
1244 AFFECTS: users of emulators/qemu-sbruno, emulators/qemu-user-static
1245 AUTHOR: sbruno@FreeBSD.org
1247 The Jemalloc update at svn r286871 introduced some TLS enhancements
1248 for MIPS targets that require a bit of workaround. Users who want
1249 to build MIPS packages should update their host systems past r286871
1250 prior to upgrading their qemu-user-static/qemu-sbruno ports.
1252 Discussion about this can be found here:
1253 https://lists.freebsd.org/pipermail/freebsd-mips/2015-October/004018.html
1256 AFFECTS: users of www/firefox, www/seamonkey
1257 AUTHOR: gecko@FreeBSD.org
1259 Firefox since 41.0 and SeaMonkey since 2.38 require databases/sqlite3
1260 port built with DBSTAT option enabled (default). Re-run "make config"
1261 if the port(s) fail to build as described in ports/200853.
1264 AFFECTS: users of mail/rspamd
1265 AUTHOR: vsevolod@FreeBSD.org
1267 rspamd has been updated to the version 1.0.
1268 For migration from the previous releases, please read the following document:
1269 https://rspamd.com/doc/migration.html
1272 AFFECTS: users of multimedia/ffmpeg
1273 AUTHOR: riggs@FreeBSD.org
1275 ffmpeg has been updated to the version 2.8.
1276 If you are using binary pkg, 'pkg upgrade' will do the right thing.
1277 Users of portmaster/portupgrade must rebuild all ports which depend
1281 portmaster -w -r ffmpeg
1283 portupgrade -fr multimedia/ffmpeg