$FreeBSD:
src/release/doc/en_US.ISO8859-1/errata/article.sgml,v
- 1.1.2.67 2002/05/29 19:02:43 bmah Exp $
+ 1.1.2.79 2002/08/17 22:53:44 bmah Exp $
This document lists errata items for FreeBSD - 4.6.2-RELEASE, containing significant information + 4.6-RELEASE, containing significant information discovered after the release. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation @@ -40,7 +40,12 @@ should always be consulted before installing this version of FreeBSD.
-This errata document for FreeBSD 4.6.2-RELEASE will be +
Unless otherwise noted, items listed here also pertain + to FreeBSD 4.6.2-RELEASE, which was designed to fix + certain, specific problems in 4.6-RELEASE (see the + release notes for more details).
+ +This errata document for FreeBSD 4.6-RELEASE will be maintained until the release of FreeBSD 4.7-RELEASE.
This errata document contains ``late-breaking news'' - about FreeBSD 4.6.2-RELEASE. Before installing this - version, it is important to consult this document to learn - about any post-release discoveries or problems that may - already have been found and fixed.
+ about FreeBSD 4.6-RELEASE. Before installing this version, + it is important to consult this document to learn about any + post-release discoveries or problems that may already have + been found and fixed.Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) @@ -80,35 +85,309 @@
No active security advisories.
+FreeBSD 4.6-RELEASE contains a fix for a bug described + in security advisory SA-02:23 (which addressed the use of + file descriptors by set-user-id or set-group-id programs). + An error has been discovered in the bugfix; it is still + possible for systems using + procfs(5) or + linprocfs(5) to be + exploited. A revised version of security advisory FreeBSD-SA-02:23 contains a corrected + bugfix. This problem was corrected in FreeBSD + 4.6.2-RELEASE.
+ +A buffer overflow in the resolver could be exploited by + a malicious domain name server or an attacker forging DNS + messages. This could potentially be used to force arbitrary + code to run on a client machine with the privileges of a + resolver-using application. See security advisory FreeBSD-SA-02:28 for more information + and a fix. This problem was corrected in FreeBSD + 4.6.2-RELEASE.
+ +Badly-formed NFS packets could trigger a buffer overflow + in + tcpdump(1). For a fix to + this problem, see security advisory FreeBSD-SA-02:29. This problem was + corrected in FreeBSD 4.6.2-RELEASE.
+ ++ ktrace(1) can be used to + trace the operation of formerly-privileged processes. This + is undesirable, as it is then possible to leak information + obtained while these processes had elevated privileges. See + security advisory FreeBSD-SA-02:30 for a workaround and a + fix. This problem was corrected in FreeBSD + 4.6.2-RELEASE.
+ +A race condition in + pppd(8) can be used to + change the permissions of an arbitrary file. For more + details, a workaround, and bugfix information, see security + advisory FreeBSD-SA-02:32. This problem was + corrected in FreeBSD 4.6.2-RELEASE.
+ +Multiple buffer overflows have been discovered in OpenSSL. More details (including + workarounds and bugfixes) can be found in security advisory + FreeBSD-SA-02:33. This problem was + corrected in FreeBSD 4.6.2-RELEASE.
+ +A bug in the XDR decoder (used by Sun RPC) could result + in a heap buffer overflow. Security advisory FreeBSD-SA-02:34 contains workaround and + bugfix information. This problem was corrected in FreeBSD + 4.6.2-RELEASE.
+ +Local users can, under certain circumstances, read and + write arbitrary blocks on an FFS filesystem has been + corrected. More details can be found in security advisory + FreeBSD-SA-02:35, which contains a + workaround and bugfix information. This problem was + corrected in FreeBSD 4.6.2-RELEASE.
+ +A bug in the NFS server code could allow a remote denial + of service attack. Security advisory FreeBSD-SA-02:36 has information on a + fix and a workaround. This problem was corrected in FreeBSD + 4.6.2-RELEASE.
+ +A bug in + kqueue(2) could allow + local users to panic a system. Correction information is + contained in security advisory FreeBSD-SA-02:37. This problem was + corrected in FreeBSD 4.6.2-RELEASE.
No active updates.
+In FreeBSD 4.6-RELEASE, the default maximum TCP window + size was lowered from 65536 bytes to 57334 bytes, for + better compatability with some versions of IPFilter.
+ +A recently-discovered interaction between the FreeBSD + kernel and the archivers/zip port + can result in some errors on the alpha platform. A + post-release fix has been committed to the FreeBSD ports + tree; versions of the archivers/zip port beginning with 2.3_1 + will function correctly.
+ +On the alpha platform, the + de(4) and + txp(4) drivers were moved + from the boot kernel on the floppy images to modules on the + mfsroot floppy. This change was + made in order to get the alpha kernel to fit onto the boot + floppy. It should be transparent to all users, as + sysinstall(8) will + automatically load any kernel modules it finds on the mfsroot floppy.
+ +Several last-minute patches were made to the x11-servers/XFree86-4-Server package. These + allow the various server configuration programs to give + better support for the sysmouse + device supported by + moused(8). The binary + packages on the CDROMs and the FTP sites incoporate this + patch and bear the version number 4.2.0_3. However, the + ports collection included in the distribution does not + contain this patch. To get an updated version, use CVSup to obtain a more recent ports + collection.
+ +Some FreeBSD/i386 users have experienced difficulties + reading from certain ATA CDROM drives. Specific models on + which this problem has been observed include the AOpen 48x, + 52x, and 56x CDROM drives, as well as the Mitsumi Slim + CRMC-SR242S CDROM drive. A typical symptom is the following + error message on the console and/or + dmesg(8) buffer + (sometimes accompanied by a kernel panic):
++ acd0: READ_BIG command timeout - resetting + ata1: resetting devices .. done ++ +
In some cases, this bug can prevent installation of + FreeBSD from an affected CDROM drive. It can cause + sysinstall(8) to hang + while extracting distribution files from CD media.
+ +A two-part workaround listed here has shown to be + helpful in some (but not necessarily all) cases. First, to + allow a CDROM installation, it is necessary to modify the + normal CDROM installation procedure:
+ +Start the computer with a FreeBSD installation + CDROM in the drive.
+Wait for a console message similar to:
++ Hit [Enter] to boot immediately, or any other key for command prompt. + Booting [kernel] in 9 seconds... ++
Immediately interrupt the boot process by pressing + the Space bar on the + keyboard.
+Enter the following three lines at the ok prompt:
++ ok set hw.ata.ata_dma="1" ++
+ ok set hw.ata.atapi_dma="1" ++
+ ok boot ++
Continue the installation as normal.
+The second part of the workaround takes place after + completing the CDROM installation (or a successful source + upgrade). It consists of configuring the + ata(4) driver so that + future CDROM reads work correctly:
+ +Add the following two lines to /boot/loader.conf (creating this file + if it does not already exist):
++ hw.ata.ata_dma="1" + hw.ata.atapi_dma="1" ++
Reboot the machine.
+This problem was fixed in FreeBSD 4.6-STABLE on 31 July + 2002, as well as FreeBSD 4.6.2-RELEASE.
+ +Due to a bug in the release generation process, some of + the directories under /usr/share/examples are empty (most notably + /usr/share/examples/cvsup). A + partial workaround is to install the sshare distribution via + sysinstall(8) (from the + main menu, choose Configure, Distributions, src, then share). /usr/src/share/examples will then contain + the missing files. This problem was corrected in FreeBSD + 4.6-STABLE on 16 July 2002, as well as FreeBSD + 4.6.2-RELEASE.
+ +The item in the ``Filesystems'' section of the release + notes contains a small grammatical error. It should read: + ``A bug has been fixed in soft updates that could cause + occasional filesystem corruption if the system is shut down + immediately after performing heavy filesystem activities, + such as installing a new kernel or other software.''
This file, and other release-related documents, can be downloaded from ftp://ftp.FreeBSD.org/pub/FreeBSD/releases.
+ "http://snapshots.jp.FreeBSD.org/">http://snapshots.jp.FreeBSD.org/.For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.
-For questions about this - documentation, e-mail <doc@FreeBSD.org>.
+All users of FreeBSD 4-STABLE + should subscribe to the <stable@FreeBSD.org> mailing + list.
+ +For questions about this documentation, + e-mail <doc@FreeBSD.org>.
$FreeBSD:
src/release/doc/en_US.ISO8859-1/errata/article.sgml,v
- 1.1.2.76 2002/08/06 16:52:39 bmah Exp $
+ 1.1.2.79 2002/08/17 22:53:44 bmah Exp $
Unless otherwise noted, items listed here also pertain + to FreeBSD 4.6.2-RELEASE, which was designed to fix + certain, specific problems in 4.6-RELEASE (see the + release notes for more details).
+This errata document for FreeBSD 4.6-RELEASE will be maintained until the release of FreeBSD 4.7-RELEASE.
This errata document contains ``late-breaking news'' about FreeBSD 4.6-RELEASE. Before installing this version, @@ -80,7 +85,7 @@
FreeBSD 4.6-RELEASE contains a fix for a bug described @@ -97,7 +102,8 @@ exploited. A revised version of security advisory FreeBSD-SA-02:23 contains a corrected - bugfix.
+ bugfix. This problem was corrected in FreeBSD + 4.6.2-RELEASE.A buffer overflow in the resolver could be exploited by a malicious domain name server or an attacker forging DNS @@ -106,7 +112,8 @@ resolver-using application. See security advisory FreeBSD-SA-02:28 for more information - and a fix.
+ and a fix. This problem was corrected in FreeBSD + 4.6.2-RELEASE.Badly-formed NFS packets could trigger a buffer overflow in tcpdump(1). For a fix to this problem, see security advisory FreeBSD-SA-02:29.
+ target="_top">FreeBSD-SA-02:29. This problem was + corrected in FreeBSD 4.6.2-RELEASE.@@ -127,7 +135,8 @@ security advisory FreeBSD-SA-02:30 for a workaround and a - fix.
+ fix. This problem was corrected in FreeBSD + 4.6.2-RELEASE.A race condition in @@ -137,20 +146,23 @@ details, a workaround, and bugfix information, see security advisory FreeBSD-SA-02:32.
+ target="_top">FreeBSD-SA-02:32. This problem was + corrected in FreeBSD 4.6.2-RELEASE.Multiple buffer overflows have been discovered in OpenSSL. More details (including workarounds and bugfixes) can be found in security advisory FreeBSD-SA-02:33.
+ target="_top">FreeBSD-SA-02:33. This problem was + corrected in FreeBSD 4.6.2-RELEASE.A bug in the XDR decoder (used by Sun RPC) could result in a heap buffer overflow. Security advisory FreeBSD-SA-02:34 contains workaround and - bugfix information.
+ bugfix information. This problem was corrected in FreeBSD + 4.6.2-RELEASE.Local users can, under certain circumstances, read and write arbitrary blocks on an FFS filesystem has been @@ -158,13 +170,15 @@ FreeBSD-SA-02:35, which contains a - workaround and bugfix information.
+ workaround and bugfix information. This problem was + corrected in FreeBSD 4.6.2-RELEASE.A bug in the NFS server code could allow a remote denial of service attack. Security advisory FreeBSD-SA-02:36 has information on a - fix and a workaround.
+ fix and a workaround. This problem was corrected in FreeBSD + 4.6.2-RELEASE.A bug in @@ -173,13 +187,14 @@ local users to panic a system. Correction information is contained in security advisory FreeBSD-SA-02:37.
+ target="_top">FreeBSD-SA-02:37. This problem was + corrected in FreeBSD 4.6.2-RELEASE.In FreeBSD 4.6-RELEASE, the default maximum TCP window @@ -325,7 +340,7 @@
This problem was fixed in FreeBSD 4.6-STABLE on 31 July - 2002.
+ 2002, as well as FreeBSD 4.6.2-RELEASE.Due to a bug in the release generation process, some of the directories under share). /usr/src/share/examples will then contain the missing files. This problem was corrected in FreeBSD - 4.6-STABLE on 16 July 2002.
+ 4.6-STABLE on 16 July 2002, as well as FreeBSD + 4.6.2-RELEASE. + +The item in the ``Filesystems'' section of the release + notes contains a small grammatical error. It should read: + ``A bug has been fixed in soft updates that could cause + occasional filesystem corruption if the system is shut down + immediately after performing heavy filesystem activities, + such as installing a new kernel or other software.''