article.xml revision 123150 
1<!-- 
2	FreeBSD errata document.  Unlike some of the other RELNOTESng
3	files, this file should remain as a single SGML file, so that
4	the dollar FreeBSD dollar header has a meaningful modification
5	time.  This file is all but useless without a datestamp on it,
6	so we'll take some extra care to make sure it has one.
7
8	(If we didn't do this, then the file with the datestamp might
9	not be the one that received the last change in the document.)
10
11-->
12
13<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
14<!ENTITY % man PUBLIC "-//FreeBSD//ENTITIES DocBook Manual Page Entities//EN">
15%man;
16<!ENTITY % authors PUBLIC  "-//FreeBSD//ENTITIES DocBook Author Entities//EN">
17%authors;
18<!ENTITY % mlists PUBLIC "-//FreeBSD//ENTITIES DocBook Mailing List Entities//EN">
19%mlists;
20<!ENTITY % trademarks PUBLIC "-//FreeBSD//ENTITIES DocBook Trademark Entities//EN">
21%trademarks;
22<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
23%release;
24]>
25
26<article>
27  <articleinfo>
28    <title>&os;
29<![ %release.type.snapshot [
30    &release.prev;
31]]>
32<![ %release.type.release [
33    &release.current;
34]]>
35    Errata</title>
36
37    <corpauthor>
38    The &os; Project
39    </corpauthor>
40
41    <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/errata/article.sgml 123150 2003-12-04 23:53:54Z bmah $</pubdate>
42
43    <copyright>
44      <year>2000</year>
45      <year>2001</year>
46      <year>2002</year>
47      <year>2003</year>
48      <holder role="mailto:doc@FreeBSD.org">The FreeBSD Documentation Project</holder>
49    </copyright>
50
51    <legalnotice id="trademarks" role="trademarks">
52      &tm-attrib.freebsd;
53      &tm-attrib.intel;
54      &tm-attrib.sparc;
55      &tm-attrib.general;
56    </legalnotice>
57  </articleinfo>
58
59  <abstract>
60    <para>This document lists errata items for &os; 
61<![ %release.type.snapshot [
62      &release.prev;,
63]]>
64<![ %release.type.release [
65      &release.current;,
66]]>
67      containing significant information discovered after the release
68      or too late in the release cycle to be otherwise included in the
69      release documentation.
70      This information includes security advisories, as well as news
71      relating to the software or documentation that could affect its
72      operation or usability.  An up-to-date version of this document
73      should always be consulted before installing this version of
74      &os;.</para>
75
76    <para>This errata document for &os; 
77<![ %release.type.snapshot [
78      &release.prev;
79]]>
80<![ %release.type.release [
81      &release.current;
82]]>
83      will be maintained until the release of &os; &release.next;.</para>
84  </abstract>
85
86  <sect1 id="intro">
87    <title>Introduction</title>
88
89    <para>This errata document contains <quote>late-breaking news</quote>
90      about &os;
91<![ %release.type.snapshot [
92      &release.prev;.
93]]>
94<![ %release.type.release [
95      &release.current;.
96]]>
97      Before installing this version, it is important to consult this
98      document to learn about any post-release discoveries or problems
99      that may already have been found and fixed.</para>
100
101    <para>Any version of this errata document actually distributed
102      with the release (for example, on a CDROM distribution) will be
103      out of date by definition, but other copies are kept updated on
104      the Internet and should be consulted as the <quote>current
105      errata</quote> for this release.  These other copies of the
106      errata are located at <ulink
107      url="http://www.FreeBSD.org/releases/"></ulink>, plus any sites
108      which keep up-to-date mirrors of this location.</para>
109
110    <para>Source and binary snapshots of &os; &release.branch; also
111      contain up-to-date copies of this document (as of the time of
112      the snapshot).</para>
113
114    <para>For a list of all &os; CERT security advisories, see <ulink
115      url="http://www.FreeBSD.org/security/"></ulink> or <ulink
116      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"></ulink>.</para>
117
118  </sect1>
119
120  <sect1 id="security">
121    <title>Security Advisories</title>
122
123<![ %release.type.release [
124    <para>No advisories.</para>
125]]>
126
127<![ %release.type.snapshot [
128    <para>The implementation of the &man.realpath.3; function contained
129      a single-byte buffer overflow bug.  This had various
130      impacts, depending on the application using &man.realpath.3; and
131      other factors.  This bug was fixed on the &release.branch; development
132      branch before &release.prev;; &os; &release.prev; is therefore not affected.  However, this change
133      was not noted in the release documentation.  For
134      more information, see security advisory
135      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:08.realpath.asc">FreeBSD-SA-03:08</ulink>.</para>
136
137    <para>The kernel contains a bug that could allow it to attempt
138      delivery of invalid signals, leading to a kernel panic or, under
139      some circumstances, unauthorized modification of kernel memory.
140      This bug has been fixed on the &release.branch; development
141      branch and the &release.prev; security fix branch.  For more
142      information, see security advisory
143      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:09.signal.asc">FreeBSD-SA-03:09</ulink>.</para>
144
145    <para>A bug in the iBCS2 emulation module could result in
146      disclosing the contents of kernel memory.  (Note that this
147      module is not enabled in &os; by default.)  This bug has been
148      fixed on the &release.branch; development branch and the
149      &release.prev; security fix branch.  More information can be
150      found in security advisory
151      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:10.ibcs2.asc">FreeBSD-SA-03:10</ulink>.</para>
152
153    <para><application>OpenSSH</application> contains a bug in its
154      buffer management code that could potentially cause it to crash.
155      This bug has been fixed via a vendor-supplied patch on the
156      &release.branch; development branch and the &release.prev;
157      security fix branch.  For more details, refer to security
158      advisory
159      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:12.openssh.asc">FreeBSD-SA-03:12</ulink>.</para>
160
161    <para><application>sendmail</application> contains a
162      remotely-exploitable buffer overflow.  This bug has been fixed
163      via a new version import on the &release.branch; development
164      branch and via a vendor-supplied patch on the &release.prev;
165      security fix branch.  More details can be found in security
166      advisory
167      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:13.sendmail.asc">FreeBSD-SA-03:13</ulink>.</para>
168
169    <para>The &os; ARP code contains a bug that could allow the kernel
170      to cause resource starvation which eventually results in a system panic.
171      This bug has been fixed on the &release.branch; development branch and the
172      &release.prev; security fix branch.  More information can be
173      found in security advisory
174      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:14.arp.asc">FreeBSD-SA-03:14</ulink>.</para>
175
176    <para>Several bugs in the <application>OpenSSH</application> PAM
177      authentication code could have impacts ranging from incorrect
178      authentication to a stack corruption.  These have been corrected
179      via vendor-supplied patches; details can be found in security
180      advisory
181      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:15.openssh.asc">FreeBSD-SA-03:15</ulink>.</para>
182
183    <para>The implementation of the &man.procfs.5; and the &man.linprocfs.5;
184      contain a bug that could result in disclosing the contents of kernel memory.
185      This bug has been fixed on the &release.branch; development branch and the
186      &release.prev; security fix branch.  More information can be
187      found in security advisory
188      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:17.procfs.asc">FreeBSD-SA-03:17</ulink>.</para>
189
190    <para><application>OpenSSL</application> contains several bugs
191      which could allow a remote attacker to crash an
192      <application>OpenSSL</application>-using application or
193      to execute arbitrary code with the privileges of the application.
194      These bugs have been fixed via a vendor-supplied patch on the &release.branch;
195      development branch and the &release.prev; security fix branch.
196      Note that only applications that use <application>OpenSSL</application>'s
197      ASN.1 or X.509 handling code are affected (<application>OpenSSH</application>
198      is unaffected, for example).
199      More information can be found in security advisory 
200      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:18.openssl.asc">FreeBSD-SA-03:18</ulink>.</para>
201
202    <para><application>BIND</application> contains the potential for a
203      denial-of-service attack.  This vulnerability has been addressed
204      by a vendor patch on the &release.prev; security fix branch and
205      by the import of a new version to the &release.branch;
206      development branch.  For more information, see 
207      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:19.bind.asc">FreeBSD-SA-03:19</ulink>.</para>
208
209]]>
210
211  </sect1>
212
213  <sect1 id="open-issues">
214    <title>Open Issues</title>
215
216<![ %release.type.release [
217    <para>No open issues.</para>
218]]>
219
220<![ %release.type.snapshot [
221    <para>The RAIDframe disk driver described in &man.raid.4; is
222      non-functional for this release.</para>
223
224    <para>ACPI seems to make some &i386; machines unstable.  Turning off
225      ACPI support may help solve some of these problems; see an item
226      in <xref linkend="late-news">.</para>
227
228    <para>An integer overflow could cause kernel panics on PAE-using
229      machines with certain memory sizes.  This bug has been corrected
230      on both the <literal>RELENG_5_1</literal> and
231      <literal>HEAD</literal> branches.  A workaround for this problem
232      is to remove some memory, update the system in question, and
233      reinstall the memory.</para>
234
235    <para>Attempting to write to an &man.msdosfs.5; file system that
236      has been upgraded from read-only to read-write via
237      <command>mount -u</command> will cause the system to lock up.
238      To work around this problem, unmount the file system first, then
239      mount it again with the appropriate options instead of using
240      <command>mount -u</command>.</para>
241]]>
242
243  </sect1>
244
245  <sect1 id="late-news">
246    <title>Late-Breaking News</title>
247
248<![ %release.type.release [
249    <para>No news.</para>
250]]>
251
252<![ %release.type.snapshot [
253    <para>&man.ipfw.4; should work correctly on strict-alignment
254      64-bit architectures such as alpha and &sparc64;.</para>
255
256    <para>The release notes should have stated that the
257      <filename>libthr</filename> library is built by default for the
258      &i386; platform.</para>
259
260    <para>&os; &release.prev; includes some new boot loader scripts
261      designed to make booting &os; with different options easier.
262      This may help diagnose bootstrapping problems.  These scripts
263      build on the existing Forth-based boot loader scripts (thus,
264      <filename>/boot/loader.conf</filename> and other existing loader
265      configuration files still apply).  They are only installed by
266      default for new binary installs on &i386; machines.  The new
267      scripts present a boot-time menu that controls how &os; is
268      booted, and include options to turn off ACPI, a <quote>safe
269      mode</quote> boot, single-user booting, and verbose booting.
270      <quote>Safe mode</quote> booting can be particularly useful when
271      compatibility with a system's hardware is uncertain, and sets
272      the following kernel tunable variables:</para>
273
274      <programlisting>hint.acpi.0.disabled=1 # disable ACPI (i386 only)
275hw.ata.ata_dma=0       # disable IDE DMA
276hw.ata.atapi_dma=0     # disable ATAPI/IDE DMA
277hw.ata.wc=0            # disable IDE disk write cache
278hw.eisa_slots=0        # disable probing for EISA devices</programlisting>
279
280    <para>For new installs on &i386; architecture machines,
281      &man.sysinstall.8; will try to determine if ACPI was disabled
282      via the new boot loader scripts mentioned above, and if so,
283      ask if this change should be made permanent.</para>
284
285    <para>The release notes should have mentioned that work on the
286      following features was sponsored by the Defense Advanced
287      Research Projects Agency (DARPA): OpenPAM, NSS support, PAE
288      support, various MAC framework updates, the GEOM disk geometry
289      system.</para>
290
291]]>
292
293  </sect1>
294
295</article>
296