After nearly three years of development, FreeBSD 11.0 was officially released on October 10. The FreeBSD 11.0 release follows the FreeBSD 10.0 update that debuted in January 2014.
“FreeBSD 11.0-RELEASE is now available for the amd64, i386, powerpc, powerpc64, sparc64, armv6, and aarch64 architectures,” Glen Barber, Release Engineering Lead for FreeBSD 11.0, wrote in his release announcement.
Support for AArch64, which is also known as arm64, is a new architecture and helps extend FreeBSD into the ARM market.
One of the major new items in the previous FreeBSD 10.0 milestone was the inclusion of the byhyve hypervisor.
With FreeBSD 11.0 byhyve has now benefited from several years of production deployments and bug fixes. Of note in FreeBSD 11.0, byhyve now has native graphics support.
Security Improvements in FreeBSD 11
On the security front, SSHv1 support has been removed from OpenSSH.
“Upstream did this a long time ago, but we kept DSA and SSH1 in FreeBSD for reasons that boil down to POLA (principle of least authority),” the FreeBSD subversion change request states. “Now is a good time to catch up.”
FreeBSD 11.0 security also benefits from the libblacklist library that was ported from the NetBSD Project.
“The blacklist system provides the blacklistd daemon, the helper script blacklistd-helper to make changes to the running packet filter system and the blacklistctl control program,” the FreeBSD 11.0 release notes state. “A selection of system daemons, including fingerd, ftpd, rlogind, and rshd, have been modified to support sending notifications to the blacklistd daemon.”
Additionally, FreeBSD 11.0 benefits from a new system hardening menu and options to bsdinstall.
“This patch adds a new ‘hardening’ file responsible for the new bsdinstall ‘System Hardening’ menu, which allows users to set some sane and carefully-picked system security options (like random process id’s, hiding other users/groups processes and others),” FreeBSD revision 303447 states.
The bsdinstall installation and partition editor has also been updated to include native ZFS filesystem support.
FreeBSD 11 Adds Networking Enhancements as Well
On the networking side, FreeBSD 11.0 benefits from a new VXLAN networking driver.
“The vxlan driver has been added, which creates a virtual Layer 2 (Ethernet) network overlaid in a Layer 3 (IP/UDP) network,” the FreeBSD 11.0 release notes state. “The vxlan driver is analogous to vlan, but is designed to be better suited for large, multiple-tenant datacenter environments.”
The FreeBSD 11 release series is expected to be supported by the FreeBSD Foundation until at least September 30, 2021.
Sean Michael Kerner is a senior editor at ServerWatch and InternetNews.com. Follow him on Twitter @TechJournalist