os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Regen from r251576.

Browse source
This commit is contained in:
Hiroki Sato 2013-06-09 15:10:55 +00:00
parent 3099328a2d
commit 5c9ad25656
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=41887
1 changed files with 37 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
en_US.ISO8859-1/htdocs/releases/8.4R/errata.html
View file

@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>FreeBSD 8.4-RELEASE Errata</title><link rel="stylesheet" href="docbook.css" type="text/css" /><link rev="made" href="doc@FreeBSD.org" /><meta name="generator" content="DocBook XSL Stylesheets V1.75.2" /></head><body><div class="article" title="FreeBSD 8.4-RELEASE Errata"><div xmlns="" class="titlepage"><div><div><h2 xmlns="http://www.w3.org/1999/xhtml" class="title"><a id="idp53952848"></a>FreeBSD 8.4-RELEASE Errata </h2></div><div><h3 xmlns="http://www.w3.org/1999/xhtml" class="corpauthor"> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>FreeBSD 8.4-RELEASE Errata</title><link rel="stylesheet" href="docbook.css" type="text/css" /><link rev="made" href="doc@FreeBSD.org" /><meta name="generator" content="DocBook XSL Stylesheets V1.75.2" /></head><body><div class="article" title="FreeBSD 8.4-RELEASE Errata"><div xmlns="" class="titlepage"><div><div><h2 xmlns="http://www.w3.org/1999/xhtml" class="title"><a id="idp53953232"></a>FreeBSD 8.4-RELEASE Errata </h2></div><div><h3 xmlns="http://www.w3.org/1999/xhtml" class="corpauthor">
The FreeBSD Project The FreeBSD Project
</h3></div><div><p xmlns="http://www.w3.org/1999/xhtml" class="copyright">Copyright © 2013 The FreeBSD Documentation Project</p></div><div><div xmlns="http://www.w3.org/1999/xhtml" class="legalnotice" title="Legal Notice"><a id="trademarks"></a><p>FreeBSD is a registered trademark of </h3></div><div><p xmlns="http://www.w3.org/1999/xhtml" class="copyright">Copyright © 2013 The FreeBSD Documentation Project</p></div><div><div xmlns="http://www.w3.org/1999/xhtml" class="legalnotice" title="Legal Notice"><a id="trademarks"></a><p>FreeBSD is a registered trademark of
the FreeBSD Foundation.</p><p>Intel, Celeron, EtherExpress, i386, the FreeBSD Foundation.</p><p>Intel, Celeron, EtherExpress, i386,
@ -14,7 +14,7 @@
as trademarks. Where those designations appear in this document, as trademarks. Where those designations appear in this document,
and the FreeBSD Project was aware of the trademark claim, the and the FreeBSD Project was aware of the trademark claim, the
designations have been followed by the <span class="quote"><span class="quote"></span></span> or the designations have been followed by the <span class="quote"><span class="quote"></span></span> or the
<span class="quote"><span class="quote">®</span></span> symbol.</p></div></div><div>Last modified on 2013-06-08 by hrs.</div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="#intro">1. Introduction</a></span></dt><dt><span class="sect1"><a href="#security">2. Security Advisories</a></span></dt><dt><span class="sect1"><a href="#open-issues">3. Open Issues</a></span></dt><dt><span class="sect1"><a href="#late-news">4. Late-Breaking News and Corrections</a></span></dt></dl></div><div class="abstract" title="Abstract"><p class="title"><b>Abstract</b></p><p>This document lists errata items for FreeBSD 8.4-RELEASE, <span class="quote"><span class="quote">®</span></span> symbol.</p></div></div><div>Last modified on 2013-06-09 by hrs.</div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="#intro">1. Introduction</a></span></dt><dt><span class="sect1"><a href="#security">2. Security Advisories</a></span></dt><dt><span class="sect1"><a href="#open-issues">3. Open Issues</a></span></dt><dt><span class="sect1"><a href="#late-news">4. Late-Breaking News and Corrections</a></span></dt></dl></div><div class="abstract" title="Abstract"><p class="title"><b>Abstract</b></p><p>This document lists errata items for FreeBSD 8.4-RELEASE,
containing significant information discovered after the release containing significant information discovered after the release
or too late in the release cycle to be otherwise included in the or too late in the release cycle to be otherwise included in the
release documentation. release documentation.
@ -37,7 +37,39 @@
contain up-to-date copies of this document (as of the time of contain up-to-date copies of this document (as of the time of
the snapshot).</p><p>For a list of all FreeBSD CERT security advisories, see <a class="ulink" href="http://www.FreeBSD.org/security/" target="_top">http://www.FreeBSD.org/security/</a> or <a class="ulink" href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/" target="_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</a>.</p></div><div class="sect1" title="2. Security Advisories"><div xmlns="" class="titlepage"><div><div><h2 xmlns="http://www.w3.org/1999/xhtml" class="title" style="clear: both"><a id="security"></a>2. Security Advisories</h2></div></div></div><p>The following security advisories pertain to FreeBSD 8.4-RELEASE. the snapshot).</p><p>For a list of all FreeBSD CERT security advisories, see <a class="ulink" href="http://www.FreeBSD.org/security/" target="_top">http://www.FreeBSD.org/security/</a> or <a class="ulink" href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/" target="_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</a>.</p></div><div class="sect1" title="2. Security Advisories"><div xmlns="" class="titlepage"><div><div><h2 xmlns="http://www.w3.org/1999/xhtml" class="title" style="clear: both"><a id="security"></a>2. Security Advisories</h2></div></div></div><p>The following security advisories pertain to FreeBSD 8.4-RELEASE.
For more information, consult the individual advisories available from For more information, consult the individual advisories available from
<a class="ulink" href="http://security.FreeBSD.org/" target="_top">http://security.FreeBSD.org/</a>.</p><div class="informaltable"><table width="100%" border="0"><colgroup><col /><col /><col /></colgroup><thead><tr><th>Advisory</th><th>Date</th><th>Topic</th></tr></thead><tbody><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc" target="_top">SA-12:01.openssl</a></td><td>03 May 2012</td><td><p>OpenSSL multiple vulnerabilities</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc" target="_top">SA-12:02.crypt</a></td><td>30 May 2012</td><td><p>Incorrect crypt() hashing</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:03.bind.asc" target="_top">SA-12:03.bind</a></td><td>12 June 2012</td><td><p>Incorrect handling of zero-length RDATA fields in named(8)</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc" target="_top">SA-12:04.sysret</a></td><td>12 June 2012</td><td><p>Privilege escalation when returning from kernel</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:05.bind.asc" target="_top">SA-12:05.bind</a></td><td>06 August 2012</td><td><p>named(8) DNSSEC validation Denial of Service</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:06.bind.asc" target="_top">SA-12:06.bind</a></td><td>22 November 2012</td><td><p>Multiple Denial of Service vulnerabilities with named(8)</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:07.hostapd.asc" target="_top">SA-12:07.hostapd</a></td><td>22 November 2012</td><td><p>Insufficient message length validation for EAP-TLS messages</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:08.linux.asc" target="_top">SA-12:08.linux</a></td><td>22 November 2012</td><td><p>Linux compatibility layer input validation error</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-13:02.libc.asc" target="_top">SA-13:02.libc</a></td><td>19 February 2013</td><td><p>glob(3) related resource exhaustion</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-13:03.openssl.asc" target="_top">SA-13:03.openssl</a></td><td>02 April 2013</td><td><p>OpenSSL multiple vulnerabilities</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-13:04.bind.asc" target="_top">SA-13:04.bind</a></td><td>02 April 2013</td><td><p>BIND remote denial of service</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-13:05.nfsserver.asc" target="_top">SA-13:05.nfsserver</a></td><td>29 April 2013</td><td><p>Insufficient input validation in the NFS server</p></td></tr></tbody></table></div></div><div class="sect1" title="3. Open Issues"><div xmlns="" class="titlepage"><div><div><h2 xmlns="http://www.w3.org/1999/xhtml" class="title" style="clear: both"><a id="open-issues"></a>3. Open Issues</h2></div></div></div><p>[20130608] FreeBSD 8.4-RELEASE no longer supports FreeBSD CVS <a class="ulink" href="http://security.FreeBSD.org/" target="_top">http://security.FreeBSD.org/</a>.</p><div class="informaltable"><table width="100%" border="0"><colgroup><col /><col /><col /></colgroup><thead><tr><th>Advisory</th><th>Date</th><th>Topic</th></tr></thead><tbody><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc" target="_top">SA-12:01.openssl</a></td><td>03 May 2012</td><td><p>OpenSSL multiple vulnerabilities</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc" target="_top">SA-12:02.crypt</a></td><td>30 May 2012</td><td><p>Incorrect crypt() hashing</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:03.bind.asc" target="_top">SA-12:03.bind</a></td><td>12 June 2012</td><td><p>Incorrect handling of zero-length RDATA fields in named(8)</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc" target="_top">SA-12:04.sysret</a></td><td>12 June 2012</td><td><p>Privilege escalation when returning from kernel</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:05.bind.asc" target="_top">SA-12:05.bind</a></td><td>06 August 2012</td><td><p>named(8) DNSSEC validation Denial of Service</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:06.bind.asc" target="_top">SA-12:06.bind</a></td><td>22 November 2012</td><td><p>Multiple Denial of Service vulnerabilities with named(8)</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:07.hostapd.asc" target="_top">SA-12:07.hostapd</a></td><td>22 November 2012</td><td><p>Insufficient message length validation for EAP-TLS messages</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-12:08.linux.asc" target="_top">SA-12:08.linux</a></td><td>22 November 2012</td><td><p>Linux compatibility layer input validation error</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-13:02.libc.asc" target="_top">SA-13:02.libc</a></td><td>19 February 2013</td><td><p>glob(3) related resource exhaustion</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-13:03.openssl.asc" target="_top">SA-13:03.openssl</a></td><td>02 April 2013</td><td><p>OpenSSL multiple vulnerabilities</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-13:04.bind.asc" target="_top">SA-13:04.bind</a></td><td>02 April 2013</td><td><p>BIND remote denial of service</p></td></tr><tr><td><a class="ulink" href="http://security.freebsd.org/advisories/FreeBSD-SA-13:05.nfsserver.asc" target="_top">SA-13:05.nfsserver</a></td><td>29 April 2013</td><td><p>Insufficient input validation in the NFS server</p></td></tr></tbody></table></div></div><div class="sect1" title="3. Open Issues"><div xmlns="" class="titlepage"><div><div><h2 xmlns="http://www.w3.org/1999/xhtml" class="title" style="clear: both"><a id="open-issues"></a>3. Open Issues</h2></div></div></div><p>[20130609] There is incompatibility in <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&amp;amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">jail</span>(8)</span></a>
configuration because the <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&amp;amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">jail</span>(8)</span></a> utility and
<code class="filename">rc.d/jail</code> script has been changed. More
specifically, the following <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=sysctl&amp;amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">sysctl</span>(8)</span></a> variables cannot be
used to set the default parameters for jails:</p><pre class="programlisting">security.jail.mount_zfs_allowed
security.jail.mount_procfs_allowed
security.jail.mount_nullfs_allowed
security.jail.mount_devfs_allowed
security.jail.mount_allowed
security.jail.chflags_allowed
security.jail.allow_raw_sockets
security.jail.sysvipc_allowed
security.jail.socket_unixiproute_only
security.jail.set_hostname_allowed</pre><p>These could be set by manually using <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=sysctl&amp;amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">sysctl</span>(8)</span></a> utility,
the <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=sysctl.conf&amp;amp;sektion=5"><span class="citerefentry"><span class="refentrytitle">sysctl.conf</span>(5)</span></a> file, or for some of them the following
variables in <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=rc.conf&amp;amp;sektion=5"><span class="citerefentry"><span class="refentrytitle">rc.conf</span>(5)</span></a>:</p><pre class="programlisting">jail_set_hostname_allow="yes"
jail_socket_unixiproute_only="yes"
jail_sysvipc_allow="yes"</pre><p>These parameters must now be specified in
<code class="varname">jail_parameters</code> (or
<code class="varname">jail_<em class="replaceable"><code>jailname</code></em>_parameters</code>
for per-jail configuration) in <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=rc.conf&amp;amp;sektion=5"><span class="citerefentry"><span class="refentrytitle">rc.conf</span>(5)</span></a>. For
example:</p><pre class="programlisting">jail_parameters="allow.sysvipc allow.raw_sockets"</pre><p>The valid keywords are the following. For more detail, see
<a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=jail&amp;amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">jail</span>(8)</span></a> manual page.</p><pre class="programlisting">allow.set_hostname
allow.sysvipc
allow.raw_sockets
allow.chflags
allow.mount
allow.mount.devfs
allow.mount.nullfs
allow.mount.procfs
allow.mount.zfs
allow.quotas
allow.socket_af</pre><p>[20130608] FreeBSD 8.4-RELEASE no longer supports FreeBSD CVS
repository. Some documents mistakenly refer to repository. Some documents mistakenly refer to
<code class="literal">RELENG_8_4_0_RELEASE</code> as CVS tag for the release and <code class="literal">RELENG_8_4_0_RELEASE</code> as CVS tag for the release and
<code class="literal">RELENG_8_4</code> as CVS branch tag for the <code class="literal">RELENG_8_4</code> as CVS branch tag for the
@ -49,12 +81,8 @@
<code class="literal">RELENG_8_4_0_RELEASE</code> corresponds to <code class="literal">RELENG_8_4_0_RELEASE</code> corresponds to
<code class="literal">svn://svn.FreeBSD.org/base/release/8.4.0</code>. <code class="literal">svn://svn.FreeBSD.org/base/release/8.4.0</code>.
Please note that FreeBSD source tree for 8.4-RELEASE and its security Please note that FreeBSD source tree for 8.4-RELEASE and its security
branch cannot be updated by using official CVSup servers.</p><p>[20130607] The <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=bge&amp;amp;sektion=4"><span class="citerefentry"><span class="refentrytitle">bge</span>(4)</span></a> network interface driver has an branch cannot be updated by using official CVSup servers.</p><p>[20130607] (removed about a <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=bge&amp;amp;sektion=4"><span class="citerefentry"><span class="refentrytitle">bge</span>(4)</span></a> network interface
issue when TSO (TCP Segmentation Offload) is enabled. It causes driver issue because it was incorrect)</p><p>[20130606] The <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=fxp&amp;amp;sektion=4"><span class="citerefentry"><span class="refentrytitle">fxp</span>(4)</span></a> network interface driver may not
intermittent reset and re-initialization.</p><p>A workaround is disabling the TSO feature. One can disable
it by adding the following line into the <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=rc.conf&amp;amp;sektion=5"><span class="citerefentry"><span class="refentrytitle">rc.conf</span>(5)</span></a>
file:</p><pre class="programlisting">ifconfig_<em class="replaceable"><code>bge0</code></em>="-tso"</pre><p>or by using the <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&amp;amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">ifconfig</span>(8)</span></a> utility manually:</p><pre class="screen"><code class="prompt">#</code> <code class="userinput">ifconfig <em class="replaceable"><code>bge0</code></em> -tso</code></pre><p>A patch to fix this issue will be released as an Errata
Notice.</p><p>[20130606] The <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=fxp&amp;amp;sektion=4"><span class="citerefentry"><span class="refentrytitle">fxp</span>(4)</span></a> network interface driver may not
work well with the <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=dhclient&amp;amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">dhclient</span>(8)</span></a> utility. More specifically, work well with the <a class="citerefentry" href="http://www.FreeBSD.org/cgi/man.cgi?query=dhclient&amp;amp;sektion=8"><span class="citerefentry"><span class="refentrytitle">dhclient</span>(8)</span></a> utility. More specifically,
if the <code class="filename">/etc/rc.conf</code> has the following if the <code class="filename">/etc/rc.conf</code> has the following
line:</p><pre class="programlisting">ifconfig_fxp0="DHCP"</pre><p>to activate a DHCP client to configure the network line:</p><pre class="programlisting">ifconfig_fxp0="DHCP"</pre><p>to activate a DHCP client to configure the network