article.xml revision 123150
1<!-- 2 FreeBSD errata document. Unlike some of the other RELNOTESng 3 files, this file should remain as a single SGML file, so that 4 the dollar FreeBSD dollar header has a meaningful modification 5 time. This file is all but useless without a datestamp on it, 6 so we'll take some extra care to make sure it has one. 7 8 (If we didn't do this, then the file with the datestamp might 9 not be the one that received the last change in the document.) 10 11--> 12 13<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [ 14<!ENTITY % man PUBLIC "-//FreeBSD//ENTITIES DocBook Manual Page Entities//EN"> 15%man; 16<!ENTITY % authors PUBLIC "-//FreeBSD//ENTITIES DocBook Author Entities//EN"> 17%authors; 18<!ENTITY % mlists PUBLIC "-//FreeBSD//ENTITIES DocBook Mailing List Entities//EN"> 19%mlists; 20<!ENTITY % trademarks PUBLIC "-//FreeBSD//ENTITIES DocBook Trademark Entities//EN"> 21%trademarks; 22<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN"> 23%release; 24]> 25 26<article> 27 <articleinfo> 28 <title>&os; 29<![ %release.type.snapshot [ 30 &release.prev; 31]]> 32<![ %release.type.release [ 33 &release.current; 34]]> 35 Errata</title> 36 37 <corpauthor> 38 The &os; Project 39 </corpauthor> 40 41 <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/errata/article.sgml 123150 2003-12-04 23:53:54Z bmah $</pubdate> 42 43 <copyright> 44 <year>2000</year> 45 <year>2001</year> 46 <year>2002</year> 47 <year>2003</year> 48 <holder role="mailto:doc@FreeBSD.org">The FreeBSD Documentation Project</holder> 49 </copyright> 50 51 <legalnotice id="trademarks" role="trademarks"> 52 &tm-attrib.freebsd; 53 &tm-attrib.intel; 54 &tm-attrib.sparc; 55 &tm-attrib.general; 56 </legalnotice> 57 </articleinfo> 58 59 <abstract> 60 <para>This document lists errata items for &os; 61<![ %release.type.snapshot [ 62 &release.prev;, 63]]> 64<![ %release.type.release [ 65 &release.current;, 66]]> 67 containing significant information discovered after the release 68 or too late in the release cycle to be otherwise included in the 69 release documentation. 70 This information includes security advisories, as well as news 71 relating to the software or documentation that could affect its 72 operation or usability. An up-to-date version of this document 73 should always be consulted before installing this version of 74 &os;.</para> 75 76 <para>This errata document for &os; 77<![ %release.type.snapshot [ 78 &release.prev; 79]]> 80<![ %release.type.release [ 81 &release.current; 82]]> 83 will be maintained until the release of &os; &release.next;.</para> 84 </abstract> 85 86 <sect1 id="intro"> 87 <title>Introduction</title> 88 89 <para>This errata document contains <quote>late-breaking news</quote> 90 about &os; 91<![ %release.type.snapshot [ 92 &release.prev;. 93]]> 94<![ %release.type.release [ 95 &release.current;. 96]]> 97 Before installing this version, it is important to consult this 98 document to learn about any post-release discoveries or problems 99 that may already have been found and fixed.</para> 100 101 <para>Any version of this errata document actually distributed 102 with the release (for example, on a CDROM distribution) will be 103 out of date by definition, but other copies are kept updated on 104 the Internet and should be consulted as the <quote>current 105 errata</quote> for this release. These other copies of the 106 errata are located at <ulink 107 url="http://www.FreeBSD.org/releases/"></ulink>, plus any sites 108 which keep up-to-date mirrors of this location.</para> 109 110 <para>Source and binary snapshots of &os; &release.branch; also 111 contain up-to-date copies of this document (as of the time of 112 the snapshot).</para> 113 114 <para>For a list of all &os; CERT security advisories, see <ulink 115 url="http://www.FreeBSD.org/security/"></ulink> or <ulink 116 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"></ulink>.</para> 117 118 </sect1> 119 120 <sect1 id="security"> 121 <title>Security Advisories</title> 122 123<![ %release.type.release [ 124 <para>No advisories.</para> 125]]> 126 127<![ %release.type.snapshot [ 128 <para>The implementation of the &man.realpath.3; function contained 129 a single-byte buffer overflow bug. This had various 130 impacts, depending on the application using &man.realpath.3; and 131 other factors. This bug was fixed on the &release.branch; development 132 branch before &release.prev;; &os; &release.prev; is therefore not affected. However, this change 133 was not noted in the release documentation. For 134 more information, see security advisory 135 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:08.realpath.asc">FreeBSD-SA-03:08</ulink>.</para> 136 137 <para>The kernel contains a bug that could allow it to attempt 138 delivery of invalid signals, leading to a kernel panic or, under 139 some circumstances, unauthorized modification of kernel memory. 140 This bug has been fixed on the &release.branch; development 141 branch and the &release.prev; security fix branch. For more 142 information, see security advisory 143 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:09.signal.asc">FreeBSD-SA-03:09</ulink>.</para> 144 145 <para>A bug in the iBCS2 emulation module could result in 146 disclosing the contents of kernel memory. (Note that this 147 module is not enabled in &os; by default.) This bug has been 148 fixed on the &release.branch; development branch and the 149 &release.prev; security fix branch. More information can be 150 found in security advisory 151 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:10.ibcs2.asc">FreeBSD-SA-03:10</ulink>.</para> 152 153 <para><application>OpenSSH</application> contains a bug in its 154 buffer management code that could potentially cause it to crash. 155 This bug has been fixed via a vendor-supplied patch on the 156 &release.branch; development branch and the &release.prev; 157 security fix branch. For more details, refer to security 158 advisory 159 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:12.openssh.asc">FreeBSD-SA-03:12</ulink>.</para> 160 161 <para><application>sendmail</application> contains a 162 remotely-exploitable buffer overflow. This bug has been fixed 163 via a new version import on the &release.branch; development 164 branch and via a vendor-supplied patch on the &release.prev; 165 security fix branch. More details can be found in security 166 advisory 167 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:13.sendmail.asc">FreeBSD-SA-03:13</ulink>.</para> 168 169 <para>The &os; ARP code contains a bug that could allow the kernel 170 to cause resource starvation which eventually results in a system panic. 171 This bug has been fixed on the &release.branch; development branch and the 172 &release.prev; security fix branch. More information can be 173 found in security advisory 174 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:14.arp.asc">FreeBSD-SA-03:14</ulink>.</para> 175 176 <para>Several bugs in the <application>OpenSSH</application> PAM 177 authentication code could have impacts ranging from incorrect 178 authentication to a stack corruption. These have been corrected 179 via vendor-supplied patches; details can be found in security 180 advisory 181 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:15.openssh.asc">FreeBSD-SA-03:15</ulink>.</para> 182 183 <para>The implementation of the &man.procfs.5; and the &man.linprocfs.5; 184 contain a bug that could result in disclosing the contents of kernel memory. 185 This bug has been fixed on the &release.branch; development branch and the 186 &release.prev; security fix branch. More information can be 187 found in security advisory 188 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:17.procfs.asc">FreeBSD-SA-03:17</ulink>.</para> 189 190 <para><application>OpenSSL</application> contains several bugs 191 which could allow a remote attacker to crash an 192 <application>OpenSSL</application>-using application or 193 to execute arbitrary code with the privileges of the application. 194 These bugs have been fixed via a vendor-supplied patch on the &release.branch; 195 development branch and the &release.prev; security fix branch. 196 Note that only applications that use <application>OpenSSL</application>'s 197 ASN.1 or X.509 handling code are affected (<application>OpenSSH</application> 198 is unaffected, for example). 199 More information can be found in security advisory 200 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:18.openssl.asc">FreeBSD-SA-03:18</ulink>.</para> 201 202 <para><application>BIND</application> contains the potential for a 203 denial-of-service attack. This vulnerability has been addressed 204 by a vendor patch on the &release.prev; security fix branch and 205 by the import of a new version to the &release.branch; 206 development branch. For more information, see 207 <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:19.bind.asc">FreeBSD-SA-03:19</ulink>.</para> 208 209]]> 210 211 </sect1> 212 213 <sect1 id="open-issues"> 214 <title>Open Issues</title> 215 216<![ %release.type.release [ 217 <para>No open issues.</para> 218]]> 219 220<![ %release.type.snapshot [ 221 <para>The RAIDframe disk driver described in &man.raid.4; is 222 non-functional for this release.</para> 223 224 <para>ACPI seems to make some &i386; machines unstable. Turning off 225 ACPI support may help solve some of these problems; see an item 226 in <xref linkend="late-news">.</para> 227 228 <para>An integer overflow could cause kernel panics on PAE-using 229 machines with certain memory sizes. This bug has been corrected 230 on both the <literal>RELENG_5_1</literal> and 231 <literal>HEAD</literal> branches. A workaround for this problem 232 is to remove some memory, update the system in question, and 233 reinstall the memory.</para> 234 235 <para>Attempting to write to an &man.msdosfs.5; file system that 236 has been upgraded from read-only to read-write via 237 <command>mount -u</command> will cause the system to lock up. 238 To work around this problem, unmount the file system first, then 239 mount it again with the appropriate options instead of using 240 <command>mount -u</command>.</para> 241]]> 242 243 </sect1> 244 245 <sect1 id="late-news"> 246 <title>Late-Breaking News</title> 247 248<![ %release.type.release [ 249 <para>No news.</para> 250]]> 251 252<![ %release.type.snapshot [ 253 <para>&man.ipfw.4; should work correctly on strict-alignment 254 64-bit architectures such as alpha and &sparc64;.</para> 255 256 <para>The release notes should have stated that the 257 <filename>libthr</filename> library is built by default for the 258 &i386; platform.</para> 259 260 <para>&os; &release.prev; includes some new boot loader scripts 261 designed to make booting &os; with different options easier. 262 This may help diagnose bootstrapping problems. These scripts 263 build on the existing Forth-based boot loader scripts (thus, 264 <filename>/boot/loader.conf</filename> and other existing loader 265 configuration files still apply). They are only installed by 266 default for new binary installs on &i386; machines. The new 267 scripts present a boot-time menu that controls how &os; is 268 booted, and include options to turn off ACPI, a <quote>safe 269 mode</quote> boot, single-user booting, and verbose booting. 270 <quote>Safe mode</quote> booting can be particularly useful when 271 compatibility with a system's hardware is uncertain, and sets 272 the following kernel tunable variables:</para> 273 274 <programlisting>hint.acpi.0.disabled=1 # disable ACPI (i386 only) 275hw.ata.ata_dma=0 # disable IDE DMA 276hw.ata.atapi_dma=0 # disable ATAPI/IDE DMA 277hw.ata.wc=0 # disable IDE disk write cache 278hw.eisa_slots=0 # disable probing for EISA devices</programlisting> 279 280 <para>For new installs on &i386; architecture machines, 281 &man.sysinstall.8; will try to determine if ACPI was disabled 282 via the new boot loader scripts mentioned above, and if so, 283 ask if this change should be made permanent.</para> 284 285 <para>The release notes should have mentioned that work on the 286 following features was sponsored by the Defense Advanced 287 Research Projects Agency (DARPA): OpenPAM, NSS support, PAE 288 support, various MAC framework updates, the GEOM disk geometry 289 system.</para> 290 291]]> 292 293 </sect1> 294 295</article> 296