diff options
Diffstat (limited to 'en_US.ISO8859-1/htdocs/releases/4.8R/errata.html')
| -rw-r--r-- | en_US.ISO8859-1/htdocs/releases/4.8R/errata.html | 304 |
1 files changed, 304 insertions, 0 deletions
diff --git a/en_US.ISO8859-1/htdocs/releases/4.8R/errata.html b/en_US.ISO8859-1/htdocs/releases/4.8R/errata.html new file mode 100644 index 0000000000..9392e8d5c6 --- /dev/null +++ b/en_US.ISO8859-1/htdocs/releases/4.8R/errata.html @@ -0,0 +1,304 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> +<meta name="generator" content="HTML Tidy, see www.w3.org" /> +<title>FreeBSD 4.8-RELEASE Errata</title> +<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.73 " /> +<link rel="STYLESHEET" type="text/css" href="docbook.css" /> +</head> +<body class="ARTICLE" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#840084" +alink="#0000FF"> +<div class="ARTICLE"> +<div class="TITLEPAGE"> +<h1 class="TITLE"><a id="AEN2" name="AEN2">FreeBSD 4.8-RELEASE Errata</a></h1> + +<h3 class="CORPAUTHOR">The FreeBSD Project</h3> + +<p class="COPYRIGHT">Copyright © 2000, 2001, 2002, 2003 by The FreeBSD Documentation +Project</p> + +<p class="PUBDATE">$FreeBSD: src/release/doc/en_US.ISO8859-1/errata/article.sgml,v +1.1.2.113 2003/10/06 04:21:21 bmah Exp $<br /> +</p> + +<hr /> +</div> + +<blockquote class="ABSTRACT"> +<div class="ABSTRACT"><a id="AEN12" name="AEN12"></a> +<p>This document lists errata items for FreeBSD 4.8-RELEASE, containing significant +information discovered after the release or too late in the release cycle to be otherwise +included in the release documentation. This information includes security advisories, as +well as news relating to the software or documentation that could affect its operation or +usability. An up-to-date version of this document should always be consulted before +installing this version of FreeBSD.</p> + +<p>This errata document for FreeBSD 4.8-RELEASE will be maintained until the release of +FreeBSD 4.9-RELEASE.</p> +</div> +</blockquote> + +<div class="SECT1"> +<hr /> +<h1 class="SECT1"><a id="AEN15" name="AEN15">1 Introduction</a></h1> + +<p>This errata document contains ``late-breaking news'' about FreeBSD 4.8-RELEASE. Before +installing this version, it is important to consult this document to learn about any +post-release discoveries or problems that may already have been found and fixed.</p> + +<p>Any version of this errata document actually distributed with the release (for +example, on a CDROM distribution) will be out of date by definition, but other copies are +kept updated on the Internet and should be consulted as the ``current errata'' for this +release. These other copies of the errata are located at <a +href="http://www.FreeBSD.org/releases/" +target="_top">http://www.FreeBSD.org/releases/</a>, plus any sites which keep up-to-date +mirrors of this location.</p> + +<p>Source and binary snapshots of FreeBSD 4-STABLE also contain up-to-date copies of this +document (as of the time of the snapshot).</p> + +<p>For a list of all FreeBSD CERT security advisories, see <a +href="http://www.FreeBSD.org/security/" +target="_top">http://www.FreeBSD.org/security/</a> or <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/" +target="_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</a>.</p> +</div> + +<div class="SECT1"> +<hr /> +<h1 class="SECT1"><a id="AEN26" name="AEN26">2 Security Advisories</a></h1> + +<p>A buffer overflow in header parsing exists in older versions of <b +class="APPLICATION">sendmail</b>. It could allow a remote attacker to create a +specially-crafted message that may cause <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=sendmail&sektion=8&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sendmail</span>(8)</span></a> to +execute arbitrary code with the privileges of the user running it, typically <tt +class="USERNAME">root</tt>. More information, including pointers to patches, can be found +in security advisory <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc" +target="_top">FreeBSD-SA-03:07</a>. This problem was corrected for FreeBSD 4.8-RELEASE +with a vendor patch and was corrected for FreeBSD 4.9-RC with the import of a new version +of <b class="APPLICATION">sendmail</b>. However, these changes may not otherwise have +been noted in the release documentation.</p> + +<p>The implementation of the <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=realpath&sektion=3&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">realpath</span>(3)</span></a> +function contains a single-byte buffer overflow bug. This may have various impacts, +depending on the application using <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=realpath&sektion=3&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">realpath</span>(3)</span></a> and +other factors. This bug has been fixed on the 4.8-RELEASE security fix branch and the +4-STABLE development branch. For more information, see security advisory <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:08.realpath.asc" +target="_top">FreeBSD-SA-03:08</a>.</p> + +<p>The kernel contains a bug that could allow it to attempt delivery of invalid signals, +leading to a kernel panic. This bug has been fixed on the 4-STABLE development branch and +the 4.8-RELEASE security fix branch. For more information, see security advisory <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:09.signal.asc" +target="_top">FreeBSD-SA-03:09</a>.</p> + +<p>A bug in the iBCS2 emulation module could result in disclosing the contents of kernel +memory. (Note that this module is not enabled in FreeBSD by default.) This bug has been +fixed on the 4-STABLE development branch and the 4.8-RELEASE security fix branch. More +information can be found in security advisory <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:10.ibcs2.asc" +target="_top">FreeBSD-SA-03:10</a>.</p> + +<p>A programming error in the <b class="APPLICATION">sendmail</b> implementation of its +``DNS maps'' feature could lead to a <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=sendmail&sektion=8&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sendmail</span>(8)</span></a> +child process crashing or behaving incorrectly. This error has been fixed with a patch on +the 4.8-RELEASE security fix branch and with the import of a new version of <b +class="APPLICATION">sendmail</b> on the 4-STABLE development branch. (Note that the DNS +maps feature is not used by the default configuration files shipped with FreeBSD.) More +information can be found in security advisory <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:11.sendmail.asc" +target="_top">FreeBSD-SA-03:11</a>.</p> + +<p><b class="APPLICATION">OpenSSH</b> contains a bug in its buffer management code that +could potentially cause it to crash. This bug has been fixed via a vendor-supplied patch +on the 4-STABLE development branch and the 4.8-RELEASE security fix branch. For more +details, refer to security advisory <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:12.openssh.asc" +target="_top">FreeBSD-SA-03:12</a>.</p> + +<p><b class="APPLICATION">sendmail</b> contains a remotely-exploitable buffer overflow. +This bug has been fixed via a vendor-supplied patch on the 4-STABLE development branch +and the 4.8-RELEASE security fix branch. More details can be found in security advisory +<a href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:13.sendmail.asc" +target="_top">FreeBSD-SA-03:13</a>.</p> + +<p>The FreeBSD ARP code contains a bug that could allow the kernel to cause resource +starvation which eventually results in a system panic. This bug has been fixed on the +4-STABLE development branch and the 4.8-RELEASE security fix branch. More information can +be found in security advisory <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:14.arp.asc" +target="_top">FreeBSD-SA-03:14</a>.</p> + +<p>Several bugs in the <b class="APPLICATION">OpenSSH</b> PAM authentication code could +have impacts ranging from incorrect authentication to a stack corruption. These have been +corrected via vendor-supplied patches; details can be found in security advisory <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:15.openssh.asc" +target="_top">FreeBSD-SA-03:15</a>.</p> + +<p>The implementation of the <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=readv&sektion=2&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">readv</span>(2)</span></a> system +call contains a bug which could potentially cause a system crash or privilege escalation. +This bug has been fixed on the 4-STABLE development branch and the 4.8-RELEASE security +fix branch. More information can be found in security advisory <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:16.filedesc.asc" +target="_top">FreeBSD-SA-03:16</a>.</p> + +<p>The implementation of the <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=procfs&sektion=5&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">procfs</span>(5)</span></a> and +the <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=linprocfs&sektion=5&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">linprocfs</span>(5)</span></a> +contain a bug that could result in disclosing the contents of kernel memory. This bug has +been fixed on the 4-STABLE development branch and the 4.8-RELEASE security fix branch. +More information can be found in security advisory <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:17.procfs.asc" +target="_top">FreeBSD-SA-03:17</a>.</p> + +<p><b class="APPLICATION">OpenSSL</b> contains several bugs which could allow a remote +attacker to crash an <b class="APPLICATION">OpenSSL</b>-using application or to execute +arbitrary code with the privileges of the application. These bugs have been fixed with +the import of a new version of <b class="APPLICATION">OpenSSL</b> on the 4-STABLE +development branch and with a vendor-supplied patch on the 4.8-RELEASE security fix +branch. Note that only applications that use <b class="APPLICATION">OpenSSL</b>'s ASN.1 +or X.509 handling code are affected (<b class="APPLICATION">OpenSSH</b> is unaffected, +for example). More information can be found in security advisory <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:18.openssl.asc" +target="_top">FreeBSD-SA-03:18</a>.</p> +</div> + +<div class="SECT1"> +<hr /> +<h1 class="SECT1"><a id="AEN87" name="AEN87">3 Late-Breaking News</a></h1> + +<p>Due to some problems discovered very late in the release cycle, the ISO images and FTP +install directories for FreeBSD 4.8-RELEASE/i386 needed to be re-generated and +re-uploaded to the FTP mirror sites. For reference, the final ISO images have checksums +computed via <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=md5&sektion=1&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">md5</span>(1)</span></a> as +follows:</p> + +<pre class="PROGRAMLISTING"> +MD5 (4.8-RELEASE-i386-disc1.iso) = c4e34b6a6be5cd1977ca206bf821c7fc +MD5 (4.8-RELEASE-i386-disc2.iso) = 93b09f97c01deead302557d7d24f87cb +MD5 (4.8-RELEASE-i386-mini.iso) = 5f0d2576dbb56d6ec85d49ac9fa4bbf9 +</pre> + +<p>Some parts of the documentation may incorrectly give the release date of FreeBSD +4.8-RELEASE as March 2003, rather than April 2003.</p> + +<p>FreeBSD 4.8-RELEASE restores the ability to install from the installation media to a +<a +href="http://www.FreeBSD.org/cgi/man.cgi?query=mly&sektion=4&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mly</span>(4)</span></a> device. +(This capability was broken in FreeBSD 4.7-RELEASE.)</p> + +<p>After installing <b class="APPLICATION">GNOME</b>, the default terminal font might be +garbled. If this is the case, install the <tt +class="FILENAME">x11-fonts/bitstream-vera</tt> port, then restart <b +class="APPLICATION">GNOME</b>. The new fonts should take effect automatically. If they do +not, edit the current gnome-terminal profile and select the Bitstream Vera Sans Mono +font.</p> + +<p>Due to space limitations, the <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=awi&sektion=4&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">awi</span>(4)</span></a> driver +has been removed from the kernel used on the 1.44MB <tt class="FILENAME">kern.flp</tt> +i386 boot floppy. Because no module is available for this driver in FreeBSD 4.8-RELEASE, +this means that it is generally not possible to install FreeBSD 4.8-RELEASE over an <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=awi&sektion=4&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">awi</span>(4)</span></a> +network.</p> + +<p>Due to space limitations, support for ATAPI floppy disks and the DEC AlphaServer 8200 +and 8400 (``TurboLaser'') machines has been removed from the kernel used on the 1.44MB +<tt class="FILENAME">kern.flp</tt> alpha boot floppy.</p> + +<p>A bug in the FreeBSD 4.8-RELEASE kernel prevents it from booting on an Intel 80386 +processor. This problem has been corrected on both the 4.8-RELEASE security fix branch +and the 4-STABLE development branch.</p> + +<p>FreeBSD supports a hashed form of the login capabilities database, stored in <tt +class="FILENAME">/etc/login.conf.db</tt>. This is generated from the <tt +class="FILENAME">/etc/login.conf</tt> text file. If the hashed database is present, <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=login&sektion=1&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">login</span>(1)</span></a> will +use it in preference to the contents of the text file. FreeBSD 4.8-RELEASE is the first +release that actually includes <tt class="FILENAME">/etc/login.conf.db</tt> on the +distribution media; thus, users modifying <tt class="FILENAME">/etc/login.conf</tt> need +to remember to regenerate the database, using <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=cap_mkdb&sektion=1&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">cap_mkdb</span>(1)</span></a>. +Users performing source upgrades are generally not affected by this change, because <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=mergemaster&sektion=8&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mergemaster</span>(8)</span></a> +offers the option to regenerate <tt class="FILENAME">/etc/login.conf.db</tt> during +upgrades. <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=login.conf&sektion=5&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">login.conf</span>(5)</span></a> +has more details on the format and usage of the login capabilities database.</p> + +<p>A file that is a part of the <tt class="FILENAME">multimedia/gstreamer-plugins</tt> +port may appear to have a corrupted filename when the ports collection is installed using +<a +href="http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sysinstall</span>(8)</span></a>. +This should not affect building the port or installing the corresponding package. +However, it is recommended to rename the file in question, to prevent problems during any +future updates to the installed ports collection:</p> + +<pre class="SCREEN"> +<tt class="PROMPT">#</tt> <tt +class="USERINPUT"><b>cd /usr/ports/multimedia/gstreamer-plugins/files</b></tt> +<tt class="PROMPT">#</tt> <tt +class="USERINPUT"><b>mv patch-gst-libs_ext_ffmpeg_ffmpeg_libavcodec_alpha_simple_i \ +patch-gst-libs_ext_ffmpeg_ffmpeg_libavcodec_alpha_simple_idct_alpha.c</b></tt> +</pre> + +<p>Recently the mailing lists were changed from majordomo to the currently used Mailman +list server. More information about using the new mailing lists can be found by visiting +the <a href="http://www.FreeBSD.org/mailman/listinfo/" target="_top">FreeBSD Mailman Info +Page</a>.</p> + +<p>The <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=dc&sektion=4&manpath=FreeBSD+4.8-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">dc</span>(4)</span></a> driver +does not properly transmit data through Davicom DC9102 cards. This problem, which has +been present since FreeBSD 4.5-RELEASE, has been corrected for FreeBSD 4.9-RC.</p> +</div> +</div> + +<hr /> +<p align="center"><small>This file, and other release-related documents, can be +downloaded from <a +href="http://snapshots.jp.FreeBSD.org/">http://snapshots.jp.FreeBSD.org/</a>.</small></p> + +<p align="center"><small>For questions about FreeBSD, read the <a +href="http://www.FreeBSD.org/docs.html">documentation</a> before contacting <<a +href="mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>>.</small></p> + +<p align="center"><small><small>All users of FreeBSD 4-STABLE should subscribe to the +<<a href="mailto:stable@FreeBSD.org">stable@FreeBSD.org</a>> mailing +list.</small></small></p> + +<p align="center">For questions about this documentation, e-mail <<a +href="mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>>.</p> + +<br /> +<br /> +</body> +</html> + |