From 3f02e3f294f88693fced8037488ca216f0d725af Mon Sep 17 00:00:00 2001
From: "Bruce A. Mah" 
$FreeBSD:
-        src/release/doc/en_US.ISO8859-1/errata/article.sgml,v 1.32
-        2003/03/20 18:57:30 bmah Exp $
+        src/release/doc/en_US.ISO8859-1/errata/article.sgml,v 1.35
+        2003/03/31 18:12:56 bmah Exp $
         
This document lists errata items for FreeBSD 5.0-RELEASE, containing significant information - discovered after the release. This information includes - security advisories, as well as news relating to the - software or documentation that could affect its operation - or usability. An up-to-date version of this document - should always be consulted before installing this version - of FreeBSD.
+ discovered after the release or too late in the release + cycle to be otherwise included in the release + documentation. This information includes security + advisories, as well as news relating to the software or + documentation that could affect its operation or + usability. An up-to-date version of this document should + always be consulted before installing this version of + FreeBSD.This errata document for FreeBSD 5.0-RELEASE will be maintained until the release of FreeBSD 5.1-RELEASE.
@@ -113,18 +115,20 @@ href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc" target="_top">FreeBSD-SA-03:03. -Due to a buffer overflow in header parsing in Due to buffer overflows in header parsing in sendmail, a remote attacker can create a specially-crafted message that may cause + href="http://www.FreeBSD.org/cgi/man.cgi?query=sendmail&sektion=8&manpath=FreeBSD+5.0-current"> sendmail(8) to execute arbitrary code with the privileges of the user running it, typically root. More information, including pointers to patches, can be found in - security advisory FreeBSD-SA-03:04.
+ target="_top">FreeBSD-SA-03:04 and FreeBSD-SA-03:07.The XDR encoder/decoder does incorrect bounds-checking, which could allow a remote attacker to cause a @@ -132,6 +136,13 @@ advisory FreeBSD-SA-03:05.
+ +OpenSSL has been found + vulnerable to two recently-disclosed attacks. Information + on workarounds and patches for supported security branches + is contained in security advisory FreeBSD-SA-03:06.
The + href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.0-current"> geom(4)-based disk partitioning code in the kernel will not allow an open @@ -155,18 +166,18 @@ stored. A suggested workaround is to boot from an alternate disk, a CDROM, or a fixit floppy.
-When using disk media with sector sizes larger than 512 bytes (for instance, + href="http://www.FreeBSD.org/cgi/man.cgi?query=gbde&sektion=4&manpath=FreeBSD+5.0-current"> gbde(4) encrypted disks), the + href="http://www.FreeBSD.org/cgi/man.cgi?query=dump&sektion=8&manpath=FreeBSD+5.0-current"> dump(8) program fails to respect the larger sector size and cannot dump the @@ -182,83 +193,83 @@ class="USERINPUT">dump 0f - /junk/ad0.dd | ...
A simpler workaround is to use + href="http://www.FreeBSD.org/cgi/man.cgi?query=tar&sektion=1&manpath=FreeBSD+5.0-current"> tar(1) or + href="http://www.FreeBSD.org/cgi/man.cgi?query=cpio&sektion=1&manpath=FreeBSD+5.0-current"> cpio(1) to make backup copies.
-Hangs were reported during FreeBSD 5.0 snapshot installations when installing to + href="http://www.FreeBSD.org/cgi/man.cgi?query=mly&sektion=4&manpath=FreeBSD+5.0-current"> mly(4)-supported RAID arrays, in hardware configurations that appear to work fine under FreeBSD 4.7-RELEASE. These problems have been corrected in FreeBSD 5.0-CURRENT.
-NETNCP and nwfs appear to be as-yet unadapted for KSE, and hence not working. These have been fixed in FreeBSD 5.0-CURRENT.
-During installation, the + href="http://www.FreeBSD.org/cgi/man.cgi?query=iir&sektion=4&manpath=FreeBSD+5.0-current"> iir(4) controller appears to probe correctly, but finds no disk devices.
-+ href="http://www.FreeBSD.org/cgi/man.cgi?query=truss&sektion=1&manpath=FreeBSD+5.0-current"> truss(1) appears to contain a race condition during the start-up of debugging, which can result in + href="http://www.FreeBSD.org/cgi/man.cgi?query=truss&sektion=1&manpath=FreeBSD+5.0-current"> truss(1) failing to attach to the process before it exists. The symptom is that + href="http://www.FreeBSD.org/cgi/man.cgi?query=truss&sektion=1&manpath=FreeBSD+5.0-current"> truss(1) reports that it cannot open the + href="http://www.FreeBSD.org/cgi/man.cgi?query=procfs&sektion=5&manpath=FreeBSD+5.0-current"> procfs(5) node supporting the process being debugged. A bug also appears to exist wherein + href="http://www.FreeBSD.org/cgi/man.cgi?query=truss&sektion=1&manpath=FreeBSD+5.0-current"> truss(1) will hang if + href="http://www.FreeBSD.org/cgi/man.cgi?query=execve&sektion=2&manpath=FreeBSD+5.0-current"> execve(2) returns ENOENT A further race appears to exist in which + href="http://www.FreeBSD.org/cgi/man.cgi?query=truss&sektion=1&manpath=FreeBSD+5.0-current"> truss(1) will return ``PIOCWAIT: Input/output @@ -266,33 +277,33 @@ class="USERINPUT">dump 0f - /junk/ad0.dd | ... sufficiently changes process execution handling that it has been deferred until after 5.0.
-Some bugs have been reported in + href="http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+5.0-current"> sysinstall(8) disk partitioning. One observed problem on the i386 is that + href="http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+5.0-current"> sysinstall(8) cannot recalculate the free space left on a disk after changing the type of an FDISK-type partition.
-In some case, documentation (such as the FAQ or Handbook) has not been updated to take into account FreeBSD 5.0-RELEASE features. Examples of areas where documentation is still needed include + href="http://www.FreeBSD.org/cgi/man.cgi?query=gbde&sektion=8&manpath=FreeBSD+5.0-current"> gbde(8) and the new ``fast IPsec'' implementation.
-Attempting to unmount smbfs shares may fail with ``dump 0f - /junk/ad0.dd | ... -f) smbfs shares may cause a kernel panic. This bug has been fixed in 5.0-CURRENT.
-When called on a connected socket file descriptor, + href="http://www.FreeBSD.org/cgi/man.cgi?query=fstat&sektion=2&manpath=FreeBSD+5.0-current"> fstat(2) is supposed to return the number of bytes available to read in @@ -321,11 +332,11 @@ class="USERINPUT">dump 0f - /junk/ad0.dd | ... as 0 on TCP sockets. This bug has been fixed in 5.0-CURRENT.
-The + href="http://www.FreeBSD.org/cgi/man.cgi?query=kqueue&sektion=2&manpath=FreeBSD+5.0-current"> kqueue(2) EVFILT_READ filter erroneously @@ -336,24 +347,24 @@ class="USERINPUT">dump 0f - /junk/ad0.dd | ... class="LITERAL">EVFILT_READ is also broken on TCP sockets. This bug has been fixed in 5.0-CURRENT.
-FreeBSD 5.0-RELEASE introduced support for POSIX named semaphores but the implementation contains a critical bug that causes + href="http://www.FreeBSD.org/cgi/man.cgi?query=sem_open&sektion=3&manpath=FreeBSD+5.0-current"> sem_open(3) to incorrectly handle the opening of the same semaphore multiple times by the same process, and that causes + href="http://www.FreeBSD.org/cgi/man.cgi?query=sem_close&sektion=3&manpath=FreeBSD+5.0-current"> sem_close(3) to crash calling programs. This bug has been fixed in 5.0-CURRENT.
-FreeBSD 5.0-RELEASE has a minor bug in how the @@ -361,83 +372,83 @@ class="USERINPUT">dump 0f - /junk/ad0.dd | ... handled. This can be triggered by logging in as a non-root, non-tty group user, and using + href="http://www.FreeBSD.org/cgi/man.cgi?query=su&sektion=1&manpath=FreeBSD+5.0-current"> su(1) to switch to a second non-root, non-tty group user. + href="http://www.FreeBSD.org/cgi/man.cgi?query=ssh&sektion=1&manpath=FreeBSD+5.0-current"> ssh(1) will fail because it cannot open /dev/tty. This bug has been fixed in 5.0-CURRENT.
-+ href="http://www.FreeBSD.org/cgi/man.cgi?query=growfs&sektion=8&manpath=FreeBSD+5.0-current"> growfs(8) no longer works on + href="http://www.FreeBSD.org/cgi/man.cgi?query=vinum&sektion=4&manpath=FreeBSD+5.0-current"> vinum(4) volumes (and presumably, on + href="http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.0-current"> geom(4) entities) since these subsystems no longer fake disklabels, but + href="http://www.FreeBSD.org/cgi/man.cgi?query=growfs&sektion=8&manpath=FreeBSD+5.0-current"> growfs(8) insists on examining a label.
-+ href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+5.0-current"> ipfw(4) skipto rules do not work when coupled with the log keyword. + href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+5.0-current"> ipfw(4) uid rules also do not work properly. These bugs have been fixed in 5.0-CURRENT.
-+ href="http://www.FreeBSD.org/cgi/man.cgi?query=adduser&sektion=8&manpath=FreeBSD+5.0-current"> adduser(8) does not correctly handle setting user passwords containing special shell characters. This problem has been corrected in 5.0-CURRENT.
-The + href="http://www.FreeBSD.org/cgi/man.cgi?query=xl&sektion=4&manpath=FreeBSD+5.0-current"> xl(4) driver has a timing bug that may cause a kernel panic (or other problems) when attempting to configure an interface. This bug has been fixed in 5.0-CURRENT.
-ISC DHCP was updated to @@ -445,8 +456,8 @@ class="USERINPUT">dump 0f - /junk/ad0.dd | ... 5.0-RELEASE, but was not documented in the release notes.
-5.0-RELEASE contains some bugs in its non-blocking RPC code. The most noticeable side-effect of these bugs was that + href="http://www.FreeBSD.org/cgi/man.cgi?query=amd&sektion=8&manpath=FreeBSD+5.0-current"> amd(8) users were not able to mount volumes from a 5.0-RELEASE server. This