article.xml revision 114253
1<!-- 2 FreeBSD errata document. Unlike some of the other RELNOTESng 3 files, this file should remain as a single SGML file, so that 4 the dollar FreeBSD dollar header has a meaningful modification 5 time. This file is all but useless without a datestamp on it, 6 so we'll take some extra care to make sure it has one. 7 8 (If we didn't do this, then the file with the datestamp might 9 not be the one that received the last change in the document.) 10 11--> 12 13<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [ 14<!ENTITY % man PUBLIC "-//FreeBSD//ENTITIES DocBook Manual Page Entities//EN"> 15%man; 16<!ENTITY % authors PUBLIC "-//FreeBSD//ENTITIES DocBook Author Entities//EN"> 17%authors; 18<!ENTITY % mlists PUBLIC "-//FreeBSD//ENTITIES DocBook Mailing List Entities//EN"> 19%mlists; 20<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN"> 21%release; 22]> 23 24<article> 25 <articleinfo> 26 <title>&os; 27<![ %release.type.snapshot [ 28 &release.prev; 29]]> 30<![ %release.type.release [ 31 &release.current; 32]]> 33 Errata</title> 34 35 <corpauthor> 36 The &os; Project 37 </corpauthor> 38 39 <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/errata/article.sgml 114253 2003-04-29 20:39:38Z hrs $</pubdate> 40 41 <copyright> 42 <year>2000</year> 43 <year>2001</year> 44 <year>2002</year> 45 <year>2003</year> 46 <holder role="mailto:doc@FreeBSD.org">The FreeBSD Documentation Project</holder> 47 </copyright> 48 </articleinfo> 49 50 <abstract> 51 <para>This document lists errata items for &os; 52<![ %release.type.snapshot [ 53 &release.prev;, 54]]> 55<![ %release.type.release [ 56 &release.current;, 57]]> 58 containing significant information discovered after the release 59 or too late in the release cycle to be otherwise included in the 60 release documentation. 61 This information includes security advisories, as well as news 62 relating to the software or documentation that could affect its 63 operation or usability. An up-to-date version of this document 64 should always be consulted before installing this version of 65 &os;.</para> 66 67 <para>This errata document for &os; 68<![ %release.type.snapshot [ 69 &release.prev; 70]]> 71<![ %release.type.release [ 72 &release.current; 73]]> 74 will be maintained until the release of &os; 5.1-RELEASE.</para> 75 </abstract> 76 77 <sect1 id="intro"> 78 <title>Introduction</title> 79 80 <para>This errata document contains <quote>late-breaking news</quote> 81 about &os; 82<![ %release.type.snapshot [ 83 &release.prev;. 84]]> 85<![ %release.type.release [ 86 &release.current;. 87]]> 88 Before installing this version, it is important to consult this 89 document to learn about any post-release discoveries or problems 90 that may already have been found and fixed.</para> 91 92 <para>Any version of this errata document actually distributed 93 with the release (for example, on a CDROM distribution) will be 94 out of date by definition, but other copies are kept updated on 95 the Internet and should be consulted as the <quote>current 96 errata</quote> for this release. These other copies of the 97 errata are located at <ulink 98 url="http://www.FreeBSD.org/releases/"></ulink>, plus any sites 99 which keep up-to-date mirrors of this location.</para> 100 101 <para>Source and binary snapshots of &os; &release.branch; also 102 contain up-to-date copies of this document (as of the time of 103 the snapshot).</para> 104 105 <para>For a list of all &os; CERT security advisories, see <ulink 106 url="http://www.FreeBSD.org/security/"></ulink> or <ulink 107 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"></ulink>.</para> 108 109 </sect1> 110 111 <sect1 id="security"> 112 <title>Security Advisories</title> 113 114 <para>Remotely exploitable vulnerabilities in 115 <application>CVS</application> could allow an attacker to 116 execute arbitrary comands on a CVS server. More details can be 117 found in security advisory <ulink 118 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:01.cvs.asc">FreeBSD-SA-03:01</ulink>.</para> 119 120 <para>A timing-based attack on <application>OpenSSL</application>, 121 could allow a very powerful attacker access to plaintext 122 under certain circumstances. This problem has been corrected in 123 &os; &release.current; with an upgrade 124 to <application>OpenSSL</application> 0.9.7. On supported 125 security fix branches, this problem has been corrected with the 126 import of <application>OpenSSL</application> 0.9.6i. See security 127 advisory <ulink 128 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:02.openssl.asc">FreeBSD-SA-03:02</ulink> 129 for more details.</para> 130 131 <para>It may be possible to recover the shared secret key used by 132 the implementation of the <quote>syncookies</quote> feature. 133 This reduces its effectiveness in dealing with TCP SYN flood 134 denial-of-service attacks. Workaround information and fixes are 135 given in security advisory <ulink 136 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc">FreeBSD-SA-03:03</ulink>.</para> 137 138 <para>Due to buffer overflows in header parsing in <application>sendmail</application>, a remote 139 attacker can create a specially-crafted message that may cause 140 &man.sendmail.8; to execute arbitrary code 141 with the privileges of the user running it, typically 142 <username>root</username>. More information, including pointers 143 to patches, can be found in security advisories <ulink 144 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink> 145 and <ulink 146 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc">FreeBSD-SA-03:07</ulink>.</para> 147 148 <para>The XDR encoder/decoder does incorrect bounds-checking, 149 which could allow a remote attacker to cause a 150 denial-of-service. For bugfix information, see security 151 advisory <ulink 152 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:05.xdr.asc">FreeBSD-SA-03:05</ulink>.</para> 153 154 <para><application>OpenSSL</application> has been found 155 vulnerable to two recently-disclosed attacks. Information 156 on workarounds and patches for supported security branches is 157 contained in security advisory <ulink 158 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:06.openssl.asc">FreeBSD-SA-03:06</ulink>.</para> 159 160 </sect1> 161 162 <sect1 id="late-news"> 163 <title>Late-Breaking News</title> 164 165 <bridgehead renderas="sect3">GEOM</bridgehead> 166 167 <para>The &man.geom.4;-based disk partitioning code in the kernel 168 will not allow an open partition to be overwritten. This 169 usually prevents the use of <command>disklabel -B</command> to 170 update the boot blocks on a disk because the 171 <literal>a</literal> partition overlaps the space where the boot 172 blocks are stored. A suggested workaround is to boot from an 173 alternate disk, a CDROM, or a fixit floppy.</para> 174 175 <bridgehead renderas="sect3">&man.dump.8;</bridgehead> 176 177 <para>When using disk media with sector sizes larger than 512 178 bytes (for instance, &man.gbde.4; encrypted disks), the 179 &man.dump.8; program fails to respect the larger sector size and 180 cannot dump the partition. One possible workaround is to copy 181 the entire file system in raw format and dump the copy. It is, 182 for instance, possible to dump a file system stored in a regular 183 file:</para> 184 185 <screen>&prompt.root; <userinput>dd if=/dev/ad0s1d.bde of=/junk/ad0.dd bs=1m</userinput> 186&prompt.root; <userinput>dump 0f - /junk/ad0.dd | ...</userinput></screen> 187 188 <para>A simpler workaround is to use &man.tar.1; or &man.cpio.1; 189 to make backup copies.</para> 190 191 <bridgehead renderas="sect3">&man.mly.4;</bridgehead> 192 193 <para>Hangs were reported during &os; 5.0 snapshot 194 installations when installing to &man.mly.4;-supported RAID 195 arrays, in hardware configurations that appear to work fine 196 under &os; 4.7-RELEASE. These problems have been corrected 197 in &os; &release.current;.</para> 198 199 <bridgehead renderas="sect3">NETNCP/Netware File System 200 Support</bridgehead> 201 202 <para>NETNCP and nwfs appear to be as-yet unadapted for KSE, and 203 hence not working. These have been fixed in &os; 204 &release.current;.</para> 205 206 <bridgehead renderas="sect3">&man.iir.4; controller</bridgehead> 207 208 <para>During installation, the &man.iir.4; controller appears to 209 probe correctly, but finds no disk devices.</para> 210 211 <bridgehead renderas="sect3">&man.truss.1; race condition</bridgehead> 212 213 <para>&man.truss.1; appears to contain a race condition during the 214 start-up of debugging, which can result in &man.truss.1; failing 215 to attach to the process before it exists. The symptom is that 216 &man.truss.1; reports that it cannot open the &man.procfs.5; 217 node supporting the process being debugged. A bug also appears 218 to exist wherein &man.truss.1; will hang if &man.execve.2; 219 returns <literal>ENOENT</literal> A further race appears to 220 exist in which &man.truss.1; will return <errorname>PIOCWAIT: 221 Input/output error</errorname> occasionally on startup. The fix 222 for this sufficiently changes process execution handling that it 223 has been deferred until after 5.0.</para> 224 225 <bridgehead renderas="sect3">Disk Partitioning in Installer</bridgehead> 226 227 <para>Some bugs have been reported in &man.sysinstall.8; disk 228 partitioning. One observed problem on the i386 is that 229 &man.sysinstall.8; cannot recalculate the free space left on a 230 disk after changing the type of an FDISK-type partition.</para> 231 232 <bridgehead renderas="sect3">Stale Documentation</bridgehead> 233 234 <para>In some case, documentation (such as the FAQ or Handbook) 235 has not been updated to take into account &os; &release.prev; 236 features. Examples of areas where documentation is still 237 needed include &man.gbde.8; and the new <quote>fast 238 IPsec</quote> implementation.</para> 239 240 <bridgehead renderas="sect3">SMB File System</bridgehead> 241 242 <para>Attempting to unmount smbfs shares may fail with 243 <errorname>Device busy</errorname> errors even when the 244 mount-point is not really busy. A workaround is to keep trying 245 to unmount the share until it eventually succeeds. This bug has 246 been fixed in &release.current;.</para> 247 248 <para>Forcefully unmounting (<command>umount -f</command>) smbfs 249 shares may cause a kernel panic. This bug has been fixed in 250 &release.current;.</para> 251 252 <bridgehead renderas="sect3">&man.fstat.2;</bridgehead> 253 254 <para>When called on a connected socket file descriptor, 255 &man.fstat.2; is supposed to return the number of bytes 256 available to read in the <varname>st_size</varname> member of 257 <varname>struct stat</varname>. However, 258 <varname>st_size</varname> is always erroneously reported as 259 <literal>0</literal> on TCP sockets. This bug has been fixed in 260 &release.current;.</para> 261 262 <bridgehead renderas="sect3">Kernel Event Queues</bridgehead> 263 264 <para>The &man.kqueue.2; <literal>EVFILT_READ</literal> filter 265 erroneously indicates that <literal>0</literal> bytes are 266 available to be read on TCP sockets, regardless of the number of 267 bytes that are actually available. The 268 <literal>NOTE_LOWAT</literal> flag for 269 <literal>EVFILT_READ</literal> is also broken on TCP sockets. 270 This bug has been fixed in &release.current;.</para> 271 272 <bridgehead renderas="sect3">POSIX Named Semaphores</bridgehead> 273 274 <para>&os; &release.prev; introduced support for POSIX named semaphores 275 but the implementation contains a critical bug that causes 276 &man.sem.open.3; to incorrectly handle the opening of the same 277 semaphore multiple times by the same process, and that causes 278 &man.sem.close.3; to crash calling programs. This bug has been 279 fixed in &release.current;.</para> 280 281 <bridgehead renderas="sect3"><filename>/dev/tty</filename> 282 Permissions</bridgehead> 283 284 <para>&os; &release.prev; has a minor bug in how the permissions of 285 <filename>/dev/tty</filename> are handled. This can be 286 triggered by logging in as a non-<username>root</username>, 287 non-<groupname>tty</groupname> group user, and using &man.su.1; 288 to switch to a second non-<username>root</username>, 289 non-<groupname>tty</groupname> group user. &man.ssh.1; will 290 fail because it cannot open <filename>/dev/tty</filename>. This 291 bug has been fixed in &release.current;.</para> 292 293 <bridgehead renderas="sect3">&man.growfs.8;</bridgehead> 294 295 <para>&man.growfs.8; no longer works on &man.vinum.4; volumes (and 296 presumably, on &man.geom.4; entities) since these subsystems no 297 longer fake disklabels, but &man.growfs.8; insists on examining 298 a label.</para> 299 300 <bridgehead renderas="sect3">IPFW</bridgehead> 301 302 <para>&man.ipfw.4; <literal>skipto</literal> rules do not work 303 when coupled with the <literal>log</literal> keyword. 304 &man.ipfw.4; <literal>uid</literal> rules also do not work 305 properly. These bugs 306 have been fixed in &release.current;.</para> 307 308 <bridgehead renderas="sect3">Passwords and &man.adduser.8;</bridgehead> 309 310 <para>&man.adduser.8; does not correctly handle setting user 311 passwords containing special shell characters. This problem has 312 been corrected in &release.current;.</para> 313 314 <bridgehead renderas="sect3">&man.xl.4;</bridgehead> 315 316 <para>The &man.xl.4; driver has a timing bug that may cause a 317 kernel panic (or other problems) when attempting to configure an 318 interface. This bug has been fixed in &release.current;.</para> 319 320 <bridgehead renderas="sect3">ISC DHCP</bridgehead> 321 322 <para><application>ISC DHCP</application> was updated to 323 3.0.1rc11. This update was actually a part of &os; 324 &release.prev;, but was not documented in the release 325 notes.</para> 326 327 <bridgehead renderas="sect3">&man.amd.8; 328 Interoperability</bridgehead> 329 330 <para>&release.prev; contains some bugs in its non-blocking RPC 331 code. The most noticeable side-effect of these bugs was that 332 &man.amd.8; users were not able to mount volumes from a 333 &release.prev; server. This bug has been fixed in 334 &release.current;.</para> 335 336 <bridgehead renderas="sect3">nsswitch</bridgehead> 337 338 <para>The release note documenting the addition of 339 <application>nsswitch</application> support gave an incorrect 340 name for the old resolver configuration file. It should have 341 been listed as <filename>/etc/host.conf</filename>.</para> 342 343 <bridgehead renderas="sect3">Mailman</bridgehead> 344 345 <para>Recently the mailing lists were changed from majordomo 346 to the currently used Mailman list server. More information 347 about using the new mailing lists can be found by visiting the 348 <ulink url="http://www.FreeBSD.org/mailman/listinfo/">FreeBSD 349 Mailman Info Page</ulink>.</para> 350 351 </sect1> 352</article> 353