diff --git a/en/releases/6.0R/errata.html b/en/releases/6.0R/errata.html index 340b620b07..477e8cfe80 100644 --- a/en/releases/6.0R/errata.html +++ b/en/releases/6.0R/errata.html @@ -20,7 +20,7 @@ alink="#0000FF"> FreeBSD Documentation Project</p> <p class="PUBDATE">$FreeBSD: src/release/doc/en_US.ISO8859-1/errata/article.sgml,v -1.73.2.12 2006/01/25 10:35:54 simon Exp $<br /> +1.73.2.13 2006/02/05 20:41:34 bmah Exp $<br /> </p> <div class="LEGALNOTICE"><a id="TRADEMARKS" name="TRADEMARKS"></a> @@ -117,18 +117,18 @@ target="_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/</a>.</p> <tr> <td><a href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:07.pf.asc" target="_top">06:07.pf</a></td> -<td>25 Janurary 2006</td> +<td>25 January 2006</td> <td> <p>IP fragment handling panic in <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=pf&sektion=4&manpath=FreeBSD+6.0-stable"><span - class="CITEREFENTRY"><span class="REFENTRYTITLE">pf</span>(4)</span></a></p> +href="http://www.FreeBSD.org/cgi/man.cgi?query=pf&sektion=4&manpath=FreeBSD+6.0-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pf</span>(4)</span></a></p> </td> </tr> <tr> <td><a href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc" target="_top">06:06.kmem</a></td> -<td>25 Janurary 2006</td> +<td>25 January 2006</td> <td> <p>Local kernel memory disclosure</p> </td> @@ -138,7 +138,7 @@ target="_top">06:06.kmem</a></td> <td><a href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:05.80211.asc" target="_top">06:05.80211</a></td> -<td>18 Janurary 2006</td> +<td>18 January 2006</td> <td> <p>IEEE 802.11 buffer overflow</p> </td> @@ -147,10 +147,10 @@ target="_top">06:05.80211</a></td> <tr> <td><a href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:04.ipfw.asc" target="_top">06:04.ipfw</a></td> -<td>11 Janurary 2006</td> +<td>11 January 2006</td> <td> <p><a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> IP fragment denial of service</p> </td> @@ -159,10 +159,10 @@ fragment denial of service</p> <tr> <td><a href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:03.cpio.asc" target="_top">06:03.cpio</a></td> -<td>11 Janurary 2006</td> +<td>11 January 2006</td> <td> <p>Multiple vulnerabilities in <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=cpio&sektion=1&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=cpio&sektion=1&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">cpio</span>(1)</span></a></p> </td> </tr> @@ -170,12 +170,12 @@ href="http://www.FreeBSD.org/cgi/man.cgi?query=cpio&sektion=1&manpath=FreeBSD+6. <tr> <td><a href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:02.ee.asc" target="_top">06:02.eex</a></td> -<td>11 Janurary 2006</td> +<td>11 January 2006</td> <td> <p><a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ee&sektion=1&manpath=FreeBSD+6.0-stable"><span - class="CITEREFENTRY"><span class="REFENTRYTITLE">ee</span>(1)</span></a> temporary file -privilege escalation</p> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ee&sektion=1&manpath=FreeBSD+6.0-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">ee</span>(1)</span></a> temporary +file privilege escalation</p> </td> </tr> @@ -183,7 +183,7 @@ privilege escalation</p> <td><a href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:01.texindex.asc" target="_top">06:01.texindex</a></td> -<td>11 Janurary 2006</td> +<td>11 January 2006</td> <td> <p>Texindex temporary file privilege escalation</p> </td> @@ -199,7 +199,7 @@ target="_top">06:01.texindex</a></td> Solutions</a></h2> <p>(2005/11/26) On 6.0-RELEASE, the following <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> rule is interpreted in a different way from the previous releases:</p> @@ -208,41 +208,41 @@ allow ipv6 from 192.168.0.2 to me </pre> <p>When <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> does not support IPv6 (see the next entry for the details), <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(8)</span></a> accepts this rule and this blocks an IPv6 packet encapsulated in an IPv4 packet (IPv6-over-IPv4 tunneling, protocol number 41) whose source address is <tt class="LITERAL">192.168.0.2</tt>. When it supports IPv6, on the other hand, this means a rule to allow an IPv6 packet from <tt class="LITERAL">192.168.0.2</tt>, and actually <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(8)</span></a> rejects this rule because the syntax is incorrect (“an IPv6 packet from an IPv4 address” never happens). Unfortunately there is no simple workaround for this problem.</p> <p>The <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> IPv6 support still has rough edges and there are other problems due to incompatibility between the two. As a workaround for them, you can use a combination of IPv4-only <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> and <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ip6fw&sektion=8&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ip6fw&sektion=8&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ip6fw</span>(8)</span></a>, which is almost compatible with the prior releases, instead of <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> with IPv6 support. To disable IPv6 support of <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a>, use the <tt class="FILENAME">ipfw.ko</tt> kernel module and do not use the kernel option <tt class="LITERAL">IPFIREWALL</tt>.</p> <p>(2005/11/19) Although the FreeBSD 6.0-RELEASE Release Notes states that <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> subsystem now supports IPv6, the combination of the <tt class="FILENAME">GENERIC</tt> kernel and a kernel module <tt class="FILENAME">ipfw.ko</tt> does not support the <tt @@ -250,39 +250,39 @@ class="LITERAL">ip6</tt> protocol keyword for packet filtering rule. This is bec kernel option <tt class="LITERAL">INET6</tt> in the kernel configuration file is not recognized when the <tt class="FILENAME">ipfw.ko</tt> is built. To enable IPv6 support of <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a>, rebuild the kernel with kernel options <tt class="LITERAL">INET6</tt> and <tt class="LITERAL">IPFIREWALL</tt> instead of using the <tt class="FILENAME">ipfw.ko</tt> module.</p> <p>(2005/11/16) Using <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=if_bridge&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=if_bridge&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">if_bridge</span>(4)</span></a> in combination with a packet filter such as <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> and <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=pf&sektion=4&manpath=FreeBSD+6.0-stable"><span - class="CITEREFENTRY"><span class="REFENTRYTITLE">pf</span>(4)</span></a> can prevent the -network stack from working and/or lead to a system panic after a certain period of time. -This is because it allocates <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=mbuf&sektion=9&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=pf&sektion=4&manpath=FreeBSD+6.0-stable"> +<span class="CITEREFENTRY"><span class="REFENTRYTITLE">pf</span>(4)</span></a> can +prevent the network stack from working and/or lead to a system panic after a certain +period of time. This is because it allocates <a +href="http://www.FreeBSD.org/cgi/man.cgi?query=mbuf&sektion=9&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">mbuf</span>(9)</span></a> buffers for network packets and never releases a part of them, so eventually all of the buffer memory will be exhausted. This problem has been fixed in the HEAD and the RELENG_6 branch after 10:17:15 2005/11/16 UTC.</p> <p>(2005/11/16, updated on 2005/11/19) When an <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(4)</span></a> <tt class="LITERAL">divert</tt> rule is specified with the protocol keyword <tt class="LITERAL">ip</tt> or <tt class="LITERAL">all</tt>, IPv6 packets are silently discarded at that rule since the <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=divert&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=divert&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">divert</span>(4)</span></a> socket does not support IPv6. This can be a problem especially for an IPv4 and IPv6 dual-stack host with <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=natd&sektion=8&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=natd&sektion=8&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">natd</span>(8)</span></a> enabled. <span class="bold"><b class="EMPHASIS">Note that the kernel module <tt class="FILENAME">ipfw.ko</tt> does not have this problem because it does not support @@ -292,7 +292,7 @@ all</tt>.</p> <p>(2005/11/6) The FreeBSD 6.0-RELEASE Release Notes wrongly states a kernel option related to <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">ipfw</span>(8)</span></a> as <tt class="LITERAL">IPFIRWALL_FORWARD</tt>. The correct option keyword is <tt class="LITERAL">IPFIREWALL_FORWARD</tt>.</p> @@ -309,13 +309,13 @@ wrong, they can be safely ignored because a checksum for the checksum file never corresponds to one in the file. This problem will be fixed in the next releases.</p> <p>(2005/11/5, FreeBSD/amd64 specific) The <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=pmcstat&sektion=8&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=pmcstat&sektion=8&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">pmcstat</span>(8)</span></a> utility cannot yet handle 32-bit executables when converting <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=hwpmc&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=hwpmc&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">hwpmc</span>(4)</span></a> log files to <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=gprof&sektion=1&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=gprof&sektion=1&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">gprof</span>(1)</span></a> format.</p> @@ -335,7 +335,7 @@ KDB: enter panic <p>(2005/11/5) Changes of on-disk format of <tt class="FILENAME">/usr/share/locale/*/LC_*</tt> files in 6.0-RELEASE prevent third-party software which uses <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=setlocale&sektion=3&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=setlocale&sektion=3&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">setlocale</span>(3)</span></a> for its localization from working after a 5.x system upgraded. The software includes ones installed into the 5.x system by using FreeBSD Ports Collection and so on. To solve this @@ -364,7 +364,7 @@ Aug 26 19:31:27 hostname getty[429]: open /dev/ttyv1: No such file or directory </pre> <p>This is because the machine with no supported graphics hardware does not recognize <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=syscons&sektion=4&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=syscons&sektion=4&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">syscons</span>(4)</span></a> and <tt class="FILENAME">/dev/ttyv*</tt> device nodes are not created. This is not a harmful error and can be suppressed by disabling <tt class="FILENAME">/dev/ttyv*</tt> entries in @@ -375,7 +375,7 @@ than 4GB memory. There is no workaround for this issue except for compiling the statically into your custom kernel in advance.</p> <p>(2005/10/3) The <a -href="http://www.FreeBSD.org/cgi/man.cgi?query=kgdb&sektion=1&manpath=FreeBSD+6.0-stable"> +href="http://www.FreeBSD.org/cgi/man.cgi?query=kgdb&sektion=1&manpath=FreeBSD+6.0-stable"> <span class="CITEREFENTRY"><span class="REFENTRYTITLE">kgdb</span>(1)</span></a> utility does not work properly on FreeBSD/sparc64 for debugging panics which include traps. As a workaround you can use <tt class="FILENAME">devel/gdb53</tt>.</p>