diff options
Diffstat (limited to 'website/content/en/releases/9.0R/errata.html')
-rw-r--r-- | website/content/en/releases/9.0R/errata.html | 347 |
1 files changed, 347 insertions, 0 deletions
diff --git a/website/content/en/releases/9.0R/errata.html b/website/content/en/releases/9.0R/errata.html new file mode 100644 index 0000000000..55e62bca7b --- /dev/null +++ b/website/content/en/releases/9.0R/errata.html @@ -0,0 +1,347 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> +<meta name="generator" content="HTML Tidy, see www.w3.org" /> +<title>FreeBSD 9.0-RELEASE Errata</title> +<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.79" /> +<link rel="STYLESHEET" type="text/css" href="docbook.css" /> +<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> +<script type="text/javascript" src="http://www.FreeBSD.org/layout/js/google.js"> +</script> +</head> +<body class="ARTICLE" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#840084" +alink="#0000FF"> +<div class="ARTICLE"> +<div class="TITLEPAGE"> +<h1 class="TITLE"><a id="AEN2" name="AEN2">FreeBSD 9.0-RELEASE Errata</a></h1> + +<h3 class="CORPAUTHOR">The FreeBSD Project</h3> + +<p class="COPYRIGHT">Copyright © 2012 The FreeBSD Documentation Project</p> + +<p class="PUBDATE">$FreeBSD: stable/9/release/doc/en_US.ISO8859-1/errata/article.sgml +230254 2012-01-17 02:49:23Z hrs $<br /> +</p> + +<div class="LEGALNOTICE"><a id="TRADEMARKS" name="TRADEMARKS"></a> +<p>FreeBSD is a registered trademark of the FreeBSD Foundation.</p> + +<p>Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or +registered trademarks of Intel Corporation or its subsidiaries in the United States and +other countries.</p> + +<p>SPARC, SPARC64, SPARCengine, and UltraSPARC are trademarks of SPARC International, Inc +in the United States and other countries. SPARC International, Inc owns all of the SPARC +trademarks and under licensing agreements allows the proper use of these trademarks by +its members.</p> + +<p>Many of the designations used by manufacturers and sellers to distinguish their +products are claimed as trademarks. Where those designations appear in this document, and +the FreeBSD Project was aware of the trademark claim, the designations have been followed +by the “™” or the “®” symbol.</p> +</div> + +<hr /> +</div> + +<blockquote class="ABSTRACT"> +<div class="ABSTRACT"><a id="AEN16" name="AEN16"></a> +<p>This document lists errata items for FreeBSD 9.0-RELEASE, containing significant +information discovered after the release or too late in the release cycle to be otherwise +included in the release documentation. This information includes security advisories, as +well as news relating to the software or documentation that could affect its operation or +usability. An up-to-date version of this document should always be consulted before +installing this version of FreeBSD.</p> + +<p>This errata document for FreeBSD 9.0-RELEASE will be maintained until the release of +FreeBSD 9.1-RELEASE.</p> +</div> +</blockquote> + +<div class="SECT1"> +<hr /> +<h2 class="SECT1"><a id="INTRO" name="INTRO">1 Introduction</a></h2> + +<p>This errata document contains “late-breaking news” about FreeBSD +9.0-RELEASE. Before installing this version, it is important to consult this document to +learn about any post-release discoveries or problems that may already have been found and +fixed.</p> + +<p>Any version of this errata document actually distributed with the release (for +example, on a CDROM distribution) will be out of date by definition, but other copies are +kept updated on the Internet and should be consulted as the “current errata” +for this release. These other copies of the errata are located at <a +href="http://www.FreeBSD.org/releases/" +target="_top">http://www.FreeBSD.org/releases/</a>, plus any sites which keep up-to-date +mirrors of this location.</p> + +<p>Source and binary snapshots of FreeBSD 9.0-STABLE also contain up-to-date copies of +this document (as of the time of the snapshot).</p> + +<p>For a list of all FreeBSD CERT security advisories, see <a +href="http://www.FreeBSD.org/security/" +target="_top">http://www.FreeBSD.org/security/</a> or <a +href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/" +target="_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</a>.</p> +</div> + +<div class="SECT1"> +<hr /> +<h2 class="SECT1"><a id="SECURITY" name="SECURITY">2 Security Advisories</a></h2> + +<p>Problems described in the following security advisories have been fixed in +9.0-RELEASE. For more information, consult the individual advisories available from <a +href="http://security.FreeBSD.org/" target="_top">http://security.FreeBSD.org/</a>.</p> + +<div class="INFORMALTABLE"><a id="AEN34" name="AEN34"></a> +<table border="0" frame="void" width="100%" class="CALSTABLE"> +<col width="20%" /> +<col width="20%" /> +<col width="60%" /> +<thead> +<tr> +<th>Advisory</th> +<th>Date</th> +<th>Topic</th> +</tr> +</thead> + +<tbody> +<tr> +<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-11:01.mountd.asc" +target="_top">SA-11:01.mountd</a></td> +<td>20 April 2011</td> +<td> +<p>Network ACL mishandling in <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=mountd&sektion=8&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mountd</span>(8)</span></a></p> +</td> +</tr> + +<tr> +<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-11:02.bind.asc" +target="_top">SA-11:02.bind</a></td> +<td>28 May 2011</td> +<td> +<p>BIND remote DoS with large RRSIG RRsets and negative caching</p> +</td> +</tr> + +<tr> +<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-11:04.compress.asc" +target="_top">SA-11:04.compress</a></td> +<td>28 September 2011</td> +<td> +<p>Errors handling corrupt compress file in <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=compress&sektion=1&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">compress</span>(1)</span></a> and +<a +href="http://www.FreeBSD.org/cgi/man.cgi?query=gzip&sektion=1&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">gzip</span>(1)</span></a></p> +</td> +</tr> + +<tr> +<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc" +target="_top">SA-11:05.unix</a></td> +<td>28 September 2011</td> +<td> +<p>Buffer overflow in handling of UNIX socket addresses</p> +</td> +</tr> + +<tr> +<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-11:06.bind.asc" +target="_top">SA-11:06.bind</a></td> +<td>23 December 2011</td> +<td> +<p>Remote packet Denial of Service against <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=named&sektion=8&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">named</span>(8)</span></a> +servers</p> +</td> +</tr> + +<tr> +<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-11:07.chroot.asc" +target="_top">SA-11:07.chroot</a></td> +<td>23 December 2011</td> +<td> +<p>Code execution via chrooted ftpd</p> +</td> +</tr> + +<tr> +<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc" +target="_top">SA-11:08.telnetd</a></td> +<td>23 December 2011</td> +<td> +<p>telnetd code execution vulnerability</p> +</td> +</tr> + +<tr> +<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-11:09.pam_ssh.asc" +target="_top">SA-11:09.pam_ssh</a></td> +<td>23 December 2011</td> +<td> +<p>pam_ssh improperly grants access when user account has unencrypted SSH private +keys</p> +</td> +</tr> + +<tr> +<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-11:10.pam.asc" +target="_top">SA-11:10.pam</a></td> +<td>23 December 2011</td> +<td> +<p><code class="FUNCTION">pam_start()</code> does not validate service names</p> +</td> +</tr> +</tbody> +</table> +</div> +</div> + +<div class="SECT1"> +<hr /> +<h2 class="SECT1"><a id="OPEN-ISSUES" name="OPEN-ISSUES">3 Open Issues</a></h2> + +<ul> +<li> +<p>In some releases prior to 9.0-RELEASE, upgrading by using <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=freebsd-update&sektion=8&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span +class="REFENTRYTITLE">freebsd-update</span>(8)</span></a> can fail. This issue has been +fixed by a change in Errata Notice EN-12:01. For more information, see <a +href="http://security.freebsd.org/advisories/FreeBSD-EN-12:01.freebsd-update.asc" +target="_top">http://security.freebsd.org/advisories/FreeBSD-EN-12:01.freebsd-update.asc</a></p> +</li> + +<li> +<p>[amd64, i386] FreeBSD 9.0-RELEASE includes several changes to improve resource +management of PCI devices. Some x86 machines may not boot or may have devices that no +longer attach when using ACPI as a result of these changes. This can be worked around by +setting a <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=loader&sektion=8&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">loader</span>(8)</span></a> +tunable <code class="VARNAME">debug.acpi.disabled</code> to <tt +class="LITERAL">hostres</tt>. To do this, enter the following lines at the loader +prompt:</p> + +<pre class="SCREEN"> +set debug.acpi.disabled="hostres" +boot +</pre> + +<p>Or, put the following line into <tt class="FILENAME">/boot/loader.conf</tt>:</p> + +<pre class="PROGRAMLISTING"> +debug.acpi.disabled="hostres" +</pre> +</li> + +<li> +<p>A <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=devctl&sektion=4&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">devctl</span>(4)</span></a> event +upon arrival of a <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=ugen&sektion=4&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ugen</span>(4)</span></a> device +has been changed. The event now includes <tt class="LITERAL">ugen</tt> and <tt +class="LITERAL">cdev</tt> variables instead of <tt class="LITERAL">device-name</tt>. This +change can prevent the following <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=devd&sektion=8&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">devd</span>(8)</span></a> rule +which worked in a previous releases from working:</p> + +<pre class="PROGRAMLISTING"> +attach 0 { + match "device-name" "ugen[0-9]+.[0-9]+"; + action "/path/to/script /dev/$device-name"; +} +</pre> + +<p>This should be updated to the following:</p> + +<pre class="PROGRAMLISTING"> +attach 0 { + match "subsystem" "DEVICE"; + match "type" "ATTACH"; + match "cdev" "ugen[0-9]+.[0-9]+"; + action "/path/to/script /dev/$cdev"; +} +</pre> +</li> + +<li> +<p>The FreeBSD 9.0-RELEASE Release Notes should have mentioned that SSM (Source-Specific +Multicast) MLDv2 now uses <tt class="LITERAL">ALLOW_NEW_SOURCES</tt> and <tt +class="LITERAL">BLOCK_OLD_SOURCES</tt> record types to signal a join or a leave by +default. This conforms RFC 4604, “Using Internet Group Management Protocol Version +3 (IGMPv3) and Multicast Listener Discovery Protocol Version 2 (MLDv2) for +Source-Specific Multicast”. A new <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=sysctl&sektion=8&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sysctl</span>(8)</span></a> +variable <code class="VARNAME">net.inet6.mld.use_allow</code> which controls the behavior +has been added. The default value is <tt class="LITERAL">1</tt> (use <tt +class="LITERAL">ALLOW_NEW_SOURCES</tt> and <tt +class="LITERAL">BLOCK_OLD_SOURCES</tt>).</p> +</li> + +<li> +<p>9.0-RELEASE fails to configure an interface specified in the <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=rc.conf&sektion=5&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">rc.conf</span>(5)</span></a> +variable <code class="VARNAME">ipv6_prefix_<tt class="REPLACEABLE"><i>IF</i></tt></code> +when the interface does not have a corresponding <code class="VARNAME">ifconfig_<tt +class="REPLACEABLE"><i>IF</i></tt>_ipv6</code> variable. This problem will be fixed in +the future releases. To work around this problem on 9.0-RELEASE, add an <code +class="VARNAME">ifconfig_<tt class="REPLACEABLE"><i>IF</i></tt>_ipv6</code> line for each +interface specified in <code class="VARNAME">ipv6_prefix_<tt +class="REPLACEABLE"><i>IF</i></tt></code> as the following:</p> + +<pre class="PROGRAMLISTING"> +ipv6_prefix_em0="2001:db8:1:0 2001:db8:2:0" +ifconfig_em0_ipv6="inet6 auto_linklocal" +</pre> +</li> + +<li> +<p>In 9.0-RELEASE the FreeBSD USB subsystem supports USB 3.0 by the <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=xhci&sektion=4&manpath=FreeBSD+9.0-RELEASE"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">xhci</span>(4)</span></a> driver. +However, a bug that could prevent it from working with a USB 3.0 hub has been found and +fixed after the release date. This means 9.0-RELEASE and prior do not work with a USB 3.0 +hub. This problem has been fixed in HEAD and will be merged into the 9-STABLE branch.</p> +</li> +</ul> +</div> + +<div class="SECT1"> +<hr /> +<h2 class="SECT1"><a id="LATE-NEWS" name="LATE-NEWS">4 Late-Breaking News</a></h2> + +<p>No news.</p> +</div> +</div> + +<hr /> +<p align="center"><small>This file, and other release-related documents, can be +downloaded from <a +href="http://www.FreeBSD.org/releases/">http://www.FreeBSD.org/releases/</a>.</small></p> + +<p align="center"><small>For questions about FreeBSD, read the <a +href="http://www.FreeBSD.org/docs.html">documentation</a> before contacting <<a +href="mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>>.</small></p> + +<p align="center"><small>All users of FreeBSD 9.0-STABLE should subscribe to the <<a +href="mailto:stable@FreeBSD.org">stable@FreeBSD.org</a>> mailing list.</small></p> + +<p align="center"><small>For questions about this documentation, e-mail <<a +href="mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>>.</small></p> +</body> +</html> + |