article.xml revision 111834
1<!-- 2 FreeBSD errata document. Unlike some of the other RELNOTESng 3 files, this file should remain as a single SGML file, so that 4 the dollar FreeBSD dollar header has a meaningful modification 5 time. This file is all but useless without a datestamp on it, 6 so we'll take some extra care to make sure it has one. 7 8 (If we didn't do this, then the file with the datestamp might 9 not be the one that received the last change in the document.) 10 11--> 12 13<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [ 14<!ENTITY % man PUBLIC "-//FreeBSD//ENTITIES DocBook Manual Page Entities//EN"> 15%man; 16<!ENTITY % authors PUBLIC "-//FreeBSD//ENTITIES DocBook Author Entities//EN"> 17%authors; 18<!ENTITY % mlists PUBLIC "-//FreeBSD//ENTITIES DocBook Mailing List Entities//EN"> 19%mlists; 20<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN"> 21%release; 22]> 23 24<article> 25 <articleinfo> 26 <title>&os; 27<![ %release.type.snapshot [ 28 &release.prev; 29]]> 30<![ %release.type.release [ 31 &release.current; 32]]> 33 Errata</title> 34 35 <corpauthor> 36 The &os; Project 37 </corpauthor> 38 39 <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/errata/article.sgml 111834 2003-03-03 18:20:00Z bmah $</pubdate> 40 41 <copyright> 42 <year>2000</year> 43 <year>2001</year> 44 <year>2002</year> 45 <year>2003</year> 46 <holder role="mailto:doc@FreeBSD.org">The FreeBSD Documentation Project</holder> 47 </copyright> 48 </articleinfo> 49 50 <abstract> 51 <para>This document lists errata items for &os; 52<![ %release.type.snapshot [ 53 &release.prev;, 54]]> 55<![ %release.type.release [ 56 &release.current;, 57]]> 58 containing significant information discovered after the release. 59 This information includes security advisories, as well as news 60 relating to the software or documentation that could affect its 61 operation or usability. An up-to-date version of this document 62 should always be consulted before installing this version of 63 &os;.</para> 64 65 <para>This errata document for &os; 66<![ %release.type.snapshot [ 67 &release.prev; 68]]> 69<![ %release.type.release [ 70 &release.current; 71]]> 72 will be maintained until the release of &os; 5.1-RELEASE.</para> 73 </abstract> 74 75 <sect1 id="intro"> 76 <title>Introduction</title> 77 78 <para>This errata document contains <quote>late-breaking news</quote> 79 about &os; 80<![ %release.type.snapshot [ 81 &release.prev;. 82]]> 83<![ %release.type.release [ 84 &release.current;. 85]]> 86 Before installing this version, it is important to consult this 87 document to learn about any post-release discoveries or problems 88 that may already have been found and fixed.</para> 89 90 <para>Any version of this errata document actually distributed 91 with the release (for example, on a CDROM distribution) will be 92 out of date by definition, but other copies are kept updated on 93 the Internet and should be consulted as the <quote>current 94 errata</quote> for this release. These other copies of the 95 errata are located at <ulink 96 url="http://www.FreeBSD.org/releases/"></ulink>, plus any sites 97 which keep up-to-date mirrors of this location.</para> 98 99 <para>Source and binary snapshots of &os; &release.branch; also 100 contain up-to-date copies of this document (as of the time of 101 the snapshot).</para> 102 103 <para>For a list of all &os; CERT security advisories, see <ulink 104 url="http://www.FreeBSD.org/security/"></ulink> or <ulink 105 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"></ulink>.</para> 106 107 </sect1> 108 109 <sect1 id="security"> 110 <title>Security Advisories</title> 111 112 <para>Remotely exploitable vulnerabilities in 113 <application>CVS</application> could allow an attacker to 114 execute arbitrary comands on a CVS server. More details can be 115 found in security advisory <ulink 116 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:01.cvs.asc">FreeBSD-SA-03:01</ulink>.</para> 117 118 <para>A timing-based attack on <application>OpenSSL</application>, 119 could allow a very powerful attacker access to plaintext 120 under certain circumstances. This problem has been corrected in 121 &os; &release.current; with an upgrade 122 to <application>OpenSSL</application> 0.9.7. On supported 123 security fix branches, this problem has been corrected with the 124 import of <application>OpenSSL</application> 0.9.6i. See security 125 advisory <ulink 126 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:02.openssl.asc">FreeBSD-SA-03:02</ulink> 127 for more details.</para> 128 129 <para>It may be possible to recover the shared secret key used by 130 the implementation of the <quote>syncookies</quote> feature. 131 This reduces its effectiveness in dealing with TCP SYN flood 132 denial-of-service attacks. Workaround information and fixes are 133 given in security advisory <ulink 134 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc">FreeBSD-SA-03:03</ulink>.</para> 135 136 <para>Due to a buffer overflow in header parsing, a remote 137 attacker could create a specially crafted message that may cause 138 <application>sendmail</application> to execute arbitrary code 139 with the privileges of the user running sendmail, typically 140 <username>root</username>. More information, including pointers 141 to patches, can be found in security advisory <ulink 142 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink>.</para> 143 144 </sect1> 145 146 <sect1 id="late-news"> 147 <title>Late-Breaking News</title> 148 149 <bridgehead renderas="sect3">GEOM</bridgehead> 150 151 <para>The &man.geom.4;-based disk partitioning code in the kernel 152 will not allow an open partition to be overwritten. This 153 usually prevents the use of <command>disklabel -B</command> to 154 update the boot blocks on a disk because the 155 <literal>a</literal> partition overlaps the space where the boot 156 blocks are stored. A suggested workaround is to boot from an 157 alternate disk, a CDROM, or a fixit floppy.</para> 158 159 <bridgehead renderas="sect3">&man.dump.8;</bridgehead> 160 161 <para>When using disk media with sector sizes larger than 512 162 bytes (for instance, &man.gbde.4; encrypted disks), the 163 &man.dump.8; program fails to respect the larger sector size and 164 cannot dump the partition. One possible workaround is to copy 165 the entire file system in raw format and dump the copy. It is, 166 for instance, possible to dump a file system stored in a regular 167 file:</para> 168 169 <screen>&prompt.root; <userinput>dd if=/dev/ad0s1d.bde of=/junk/ad0.dd bs=1m</userinput> 170&prompt.root; <userinput>dump 0f - /junk/ad0.dd | ...</userinput></screen> 171 172 <para>A simpler workaround is to use &man.tar.1; or &man.cpio.1; 173 to make backup copies.</para> 174 175 <bridgehead renderas="sect3">&man.mly.4;</bridgehead> 176 177 <para>Hangs were reported during &os; 5.0 snapshot 178 installations when installing to &man.mly.4;-supported RAID 179 arrays, in hardware configurations that appear to work fine 180 under &os; 4.7-RELEASE. These problems have been corrected 181 in &os; &release.current;.</para> 182 183 <bridgehead renderas="sect3">NETNCP/Netware File System 184 Support</bridgehead> 185 186 <para>NETNCP and nwfs appear to be as-yet unadapted for KSE, and 187 hence not working. These have been fixed in &os; 188 &release.current;.</para> 189 190 <bridgehead renderas="sect3">&man.iir.4; controller</bridgehead> 191 192 <para>During installation, the &man.iir.4; controller appears to 193 probe correctly, but finds no disk devices.</para> 194 195 <bridgehead renderas="sect3">&man.truss.1; race condition</bridgehead> 196 197 <para>&man.truss.1; appears to contain a race condition during the 198 start-up of debugging, which can result in &man.truss.1; failing 199 to attach to the process before it exists. The symptom is that 200 &man.truss.1; reports that it cannot open the &man.procfs.5; 201 node supporting the process being debugged. A bug also appears 202 to exist wherein &man.truss.1; will hang if &man.execve.2; 203 returns <literal>ENOENT</literal> A further race appears to 204 exist in which &man.truss.1; will return <errorname>PIOCWAIT: 205 Input/output error</errorname> occasionally on startup. The fix 206 for this sufficiently changes process execution handling that it 207 has been deferred until after 5.0.</para> 208 209 <bridgehead renderas="sect3">Disk Partitioning in Installer</bridgehead> 210 211 <para>Some bugs have been reported in &man.sysinstall.8; disk 212 partitioning. One observed problem on the i386 is that 213 &man.sysinstall.8; cannot recalculate the free space left on a 214 disk after changing the type of an FDISK-type partition.</para> 215 216 <bridgehead renderas="sect3">Stale Documentation</bridgehead> 217 218 <para>In some case, documentation (such as the FAQ or Handbook) 219 has not been updated to take into account &os; &release.prev; 220 features. Examples of areas where documentation is still 221 needed include &man.gbde.8; and the new <quote>fast 222 IPsec</quote> implementation.</para> 223 224 <bridgehead renderas="sect3">SMB File System</bridgehead> 225 226 <para>Attempting to unmount smbfs shares may fail with 227 <errorname>Device busy</errorname> errors even when the 228 mount-point is not really busy. A workaround is to keep trying 229 to unmount the share until it eventually succeeds. This bug has 230 been fixed in &release.current;.</para> 231 232 <para>Forcefully unmounting (<command>umount -f</command>) smbfs 233 shares may cause a kernel panic. This bug has been fixed in 234 &release.current;.</para> 235 236 <bridgehead renderas="sect3">&man.fstat.2;</bridgehead> 237 238 <para>When called on a connected socket file descriptor, 239 &man.fstat.2; is supposed to return the number of bytes 240 available to read in the <varname>st_size</varname> member of 241 <varname>struct stat</varname>. However, 242 <varname>st_size</varname> is always erroneously reported as 243 <literal>0</literal> on TCP sockets. This bug has been fixed in 244 &release.current;.</para> 245 246 <bridgehead renderas="sect3">Kernel Event Queues</bridgehead> 247 248 <para>The &man.kqueue.2; <literal>EVFILT_READ</literal> filter 249 erroneously indicates that <literal>0</literal> bytes are 250 available to be read on TCP sockets, regardless of the number of 251 bytes that are actually available. The 252 <literal>NOTE_LOWAT</literal> flag for 253 <literal>EVFILT_READ</literal> is also broken on TCP sockets. 254 This bug has been fixed in &release.current;.</para> 255 256 <bridgehead renderas="sect3">POSIX Named Semaphores</bridgehead> 257 258 <para>&os; &release.prev; introduced support for POSIX named semaphores 259 but the implementation contains a critical bug that causes 260 &man.sem.open.3; to incorrectly handle the opening of the same 261 semaphore multiple times by the same process, and that causes 262 &man.sem.close.3; to crash calling programs. This bug has been 263 fixed in &release.current;.</para> 264 265 <bridgehead renderas="sect3"><filename>/dev/tty</filename> 266 Permissions</bridgehead> 267 268 <para>&os; &release.prev; has a minor bug in how the permissions of 269 <filename>/dev/tty</filename> are handled. This can be 270 triggered by logging in as a non-<username>root</username>, 271 non-<groupname>tty</groupname> group user, and using &man.su.1; 272 to switch to a second non-<username>root</username>, 273 non-<groupname>tty</groupname> group user. &man.ssh.1; will 274 fail because it cannot open <filename>/dev/tty</filename>. This 275 bug has been fixed in &release.current;.</para> 276 277 <bridgehead renderas="sect3">&man.growfs.8;</bridgehead> 278 279 <para>&man.growfs.8; no longer works on &man.vinum.4; volumes (and 280 presumably, on &man.geom.4; entities) since these subsystems no 281 longer fake disklabels, but &man.growfs.8; insists on examining 282 a label.</para> 283 284 <bridgehead renderas="sect3">IPFW</bridgehead> 285 286 <para>&man.ipfw.4; <literal>skipto</literal> rules do not work 287 when coupled with the <literal>log</literal> keyword. 288 &man.ipfw.4; <literal>uid</literal> rules also do not work 289 properly. These bugs 290 have been fixed in &release.current;.</para> 291 292 <bridgehead renderas="sect3">Passwords and &man.adduser.8;</bridgehead> 293 294 <para>&man.adduser.8; does not correctly handle setting user 295 passwords containing special shell characters. This problem has 296 been corrected in &release.current;.</para> 297 298 <bridgehead renderas="sect3">&man.xl.4;</bridgehead> 299 300 <para>The &man.xl.4; driver has a timing bug that may cause a 301 kernel panic (or other problems) when attempting to configure an 302 interface. This bug has been fixed in &release.current;.</para> 303 304 <bridgehead renderas="sect3">ISC DHCP</bridgehead> 305 306 <para><application>ISC DHCP</application> was updated to 307 3.0.1rc11. This update was actually a part of &os; 308 &release.prev;, but was not documented in the release 309 notes.</para> 310 311 <bridgehead renderas="sect3">&man.amd.8; 312 Interoperability</bridgehead> 313 314 <para>&release.prev; contains some bugs in its non-blocking RPC 315 code. The most noticeable side-effect of these bugs was that 316 &man.amd.8; users were not able to mount volumes from a 317 &release.prev; server. This bug has been fixed in 318 &release.current;.</para> 319 320 </sect1> 321</article> 322