1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
|
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator" content="HTML Tidy, see www.w3.org" />
<title>FreeBSD 7.0-RELEASE Errata</title>
<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.79" />
<link rel="STYLESHEET" type="text/css" href="docbook.css" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>
<body class="ARTICLE" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#840084"
alink="#0000FF">
<div class="ARTICLE">
<div class="TITLEPAGE">
<h1 class="TITLE"><a id="AEN2" name="AEN2">FreeBSD 7.0-RELEASE Errata</a></h1>
<h3 class="CORPAUTHOR">The FreeBSD Project</h3>
<p class="COPYRIGHT">Copyright © 2008 The FreeBSD Documentation Project</p>
<p class="PUBDATE">$FreeBSD: stable/7/release/doc/en_US.ISO8859-1/errata/article.sgml
186442 2008-12-23 17:55:07Z hrs $<br />
</p>
<div class="LEGALNOTICE"><a id="TRADEMARKS" name="TRADEMARKS"></a>
<p>FreeBSD is a registered trademark of the FreeBSD Foundation.</p>
<p>Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or
registered trademarks of Intel Corporation or its subsidiaries in the United States and
other countries.</p>
<p>Sparc, Sparc64, SPARCEngine, and UltraSPARC are trademarks of SPARC International, Inc
in the United States and other countries. Products bearing SPARC trademarks are based
upon architecture developed by Sun Microsystems, Inc.</p>
<p>Many of the designations used by manufacturers and sellers to distinguish their
products are claimed as trademarks. Where those designations appear in this document, and
the FreeBSD Project was aware of the trademark claim, the designations have been followed
by the “™” or the “®” symbol.</p>
</div>
<hr />
</div>
<blockquote class="ABSTRACT">
<div class="ABSTRACT"><a id="AEN16" name="AEN16"></a>
<p>This document lists errata items for FreeBSD 7.0-RELEASE, containing significant
information discovered after the release or too late in the release cycle to be otherwise
included in the release documentation. This information includes security advisories, as
well as news relating to the software or documentation that could affect its operation or
usability. An up-to-date version of this document should always be consulted before
installing this version of FreeBSD.</p>
<p>This errata document for FreeBSD 7.0-RELEASE will be maintained until the release of
FreeBSD 7.1-RELEASE.</p>
</div>
</blockquote>
<div class="SECT1">
<hr />
<h2 class="SECT1"><a id="INTRO" name="INTRO">1 Introduction</a></h2>
<p>This errata document contains “late-breaking news” about FreeBSD
7.0-RELEASE. Before installing this version, it is important to consult this document to
learn about any post-release discoveries or problems that may already have been found and
fixed.</p>
<p>Any version of this errata document actually distributed with the release (for
example, on a CDROM distribution) will be out of date by definition, but other copies are
kept updated on the Internet and should be consulted as the “current errata”
for this release. These other copies of the errata are located at <a
href="http://www.FreeBSD.org/releases/"
target="_top">http://www.FreeBSD.org/releases/</a>, plus any sites which keep up-to-date
mirrors of this location.</p>
<p>Source and binary snapshots of FreeBSD 7-STABLE also contain up-to-date copies of this
document (as of the time of the snapshot).</p>
<p>For a list of all FreeBSD CERT security advisories, see <a
href="http://www.FreeBSD.org/security/"
target="_top">http://www.FreeBSD.org/security/</a> or <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"
target="_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</a>.</p>
</div>
<div class="SECT1">
<hr />
<h2 class="SECT1"><a id="SECURITY" name="SECURITY">2 Security Advisories</a></h2>
<p>The following security advisories pertain to FreeBSD 7.0-RELEASE. For more
information, consult the individual advisories available from <a
href="http://security.FreeBSD.org/" target="_top">http://security.FreeBSD.org/</a>.</p>
<div class="INFORMALTABLE"><a id="AEN34" name="AEN34"></a>
<table border="0" frame="void" class="CALSTABLE">
<col width="1*" />
<col width="1*" />
<col width="3*" />
<thead>
<tr>
<th>Advisory</th>
<th>Date</th>
<th>Topic</th>
</tr>
</thead>
<tbody>
<tr>
<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-08:05.openssh.asc"
target="_top">SA-08:05.openssh</a></td>
<td>17 April 2008</td>
<td>
<p>OpenSSH X11-forwarding privilege escalation</p>
</td>
</tr>
<tr>
<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc"
target="_top">SA-08:06.bind</a></td>
<td>13 July 2008</td>
<td>
<p>DNS cache poisoning</p>
</td>
</tr>
<tr>
<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-08:07.amd64.asc"
target="_top">SA-08:07.amd64</a></td>
<td>3 September 2008</td>
<td>
<p>amd64 swapgs local privilege escalation</p>
</td>
</tr>
<tr>
<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-08:08.nmount.asc"
target="_top">SA-08:08.nmount</a></td>
<td>3 September 2008</td>
<td>
<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=nmount&sektion=2&manpath=FreeBSD+7.0-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">nmount</span>(2)</span></a> local
arbitrary code execution</p>
</td>
</tr>
<tr>
<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
target="_top">SA-08:09.icmp6</a></td>
<td>3 September 2008</td>
<td>
<p>Remote kernel panics on IPv6 connections</p>
</td>
</tr>
<tr>
<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc"
target="_top">SA-08:10.nd6</a></td>
<td>1 October 2008</td>
<td>
<p>IPv6 Neighbor Discovery Protocol routing vulnerability</p>
</td>
</tr>
<tr>
<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-08:11.arc4random.asc"
target="_top">SA-08:11.arc4random</a></td>
<td>24 November 2008</td>
<td>
<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=arc4random&sektion=9&manpath=FreeBSD+7.0-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">arc4random</span>(9)</span></a>
predictable sequence vulnerability</p>
</td>
</tr>
<tr>
<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-08:12.ftpd.asc"
target="_top">SA-08:12.ftpd</a></td>
<td>23 December 2008</td>
<td>
<p>Cross-site request forgery in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ftpd&sektion=8&manpath=FreeBSD+7.0-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ftpd</span>(8)</span></a></p>
</td>
</tr>
<tr>
<td><a href="http://security.freebsd.org/advisories/FreeBSD-SA-08:13.protosw.asc"
target="_top">SA-08:13.protosw</a></td>
<td>23 December 2008</td>
<td>
<p>netgraph / bluetooth privilege escalation</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="SECT1">
<hr />
<h2 class="SECT1"><a id="OPEN-ISSUES" name="OPEN-ISSUES">3 Open Issues</a></h2>
<p>[20080229] <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=tcpdump&sektion=1&manpath=FreeBSD+7.0-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">tcpdump</span>(1)</span></a> does
not correctly print the TX/RX rates for 802.11 frames. This issue has been fixed on the
HEAD and RELENG_7 branches.</p>
<p>[20080229] A bug in Linux emulation may cause segmentation faults for some Linux
programs using <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mmap&sektion=2&manpath=FreeBSD+7.0-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mmap</span>(2)</span></a>. This
issue has been fixed on the HEAD and RELENG_7 branches.</p>
<p>[20080229] Instances of packet corruption and instability have been observed with the
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=re&sektion=4&manpath=FreeBSD+7.0-stable"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">re</span>(4)</span></a> network driver.
Some users have reported that using a newer version of this driver (on HEAD) has solved
their problems, or at least mitigated them.</p>
<p>[20080229, updated 20080817] A change in the way that FreeBSD sends TCP options has
been reported to cause connectivity issues. This problem has been corrected on HEAD and
the RELENG_7 and RELENG_7_0 branches.. Further details are contained in errta notice <a
href="http://security.FreeBSD.org/advisories/FreeBSD-EN-08:02.tcp.asc"
target="_top">FreeBSD-EN-08:02.tcp</a>.</p>
<p>[20080307] The FreeBSD implementation of SCTP currently depends on having <tt
class="LITERAL">INET6</tt> support compiled into the kernel. This requirement is planned
to be removed in future releases.</p>
<p>[20080307] Source upgrades from FreeBSD 6.<tt class="REPLACEABLE"><i>X</i></tt> to
FreeBSD 7.0-RELEASE will generate warnings from <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=kldxref&sektion=8&manpath=FreeBSD+7.0-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">kldxref</span>(8)</span></a>
during the <tt class="LITERAL">installkernel</tt> step. These warnings are harmless and
can be ignored.</p>
<p>[20080307] The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=crypto&sektion=4&manpath=FreeBSD+7.0-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">crypto</span>(4)</span></a>
driver, which is required for IPsec functionality, has severe problems on FreeBSD/powerpc
(a kernel with <tt class="LITERAL">device crypto</tt> included in its configuration will
be non-functional).</p>
</div>
<div class="SECT1">
<hr />
<h2 class="SECT1"><a id="LATE-NEWS" name="LATE-NEWS">4 Late-Breaking News and
Corrections</a></h2>
<p>[20080229] The FreeBSD 7.0-RELEASE release documentation (release notes, hardware
notes, and so forth) all contained a note that users of FreeBSD 7-STABLE should be
subscribed to the <tt class="LITERAL">freebsd-current</tt> mailing list. This note should
not have appeared.</p>
<p>[20080229] The release notes gave an incorrect version number for KDE. The correct
version number is 3.5.8.</p>
</div>
</div>
<hr />
<p align="center"><small>This file, and other release-related documents, can be
downloaded from <a
href="http://www.FreeBSD.org/snapshots/">http://www.FreeBSD.org/snapshots/</a>.</small></p>
<p align="center"><small>For questions about FreeBSD, read the <a
href="http://www.FreeBSD.org/docs.html">documentation</a> before contacting <<a
href="mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>>.</small></p>
<p align="center"><small>All users of FreeBSD 7-STABLE should subscribe to the <<a
href="mailto:stable@FreeBSD.org">stable@FreeBSD.org</a>> mailing list.</small></p>
<p align="center"><small>For questions about this documentation, e-mail <<a
href="mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>>.</small></p>
</body>
</html>
|
