os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Regen from article.sgml 1.1.2.112.

Browse source
This commit is contained in:
Hiroki Sato 2003-10-05 17:11:16 +00:00
parent ca9f11bcc4
commit a864a49704
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/www/; revision=18336
1 changed files with 78 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

119
en/releases/4.8R/errata.html
View file

@ -4,7 +4,7 @@
<head>
<meta name="generator" content="HTML Tidy, see www.w3.org" />
<title>FreeBSD 4.8-RELEASE Errata</title>
<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.73 " />
<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.7" />
<link rel="STYLESHEET" type="text/css" href="docbook.css" />
</head>
<body class="ARTICLE" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#840084"
@ -15,11 +15,11 @@ alink="#0000FF">
<h3 class="CORPAUTHOR">The FreeBSD Project</h3>
<p class="COPYRIGHT">Copyright &copy; 2000, 2001, 2002, 2003 by The FreeBSD Documentation
<p class="COPYRIGHT">Copyright &copy; 2000, 2001, 2002, 2003 The FreeBSD Documentation
Project</p>
<p class="PUBDATE">$FreeBSD: src/release/doc/en_US.ISO8859-1/errata/article.sgml,v
1.1.2.111 2003/09/20 00:20:26 bmah Exp $<br />
1.1.2.112 2003/10/05 16:56:24 hrs Exp $<br />
</p>
<hr />
@ -41,7 +41,7 @@ FreeBSD 4.9-RELEASE.</p>
<div class="SECT1">
<hr />
<h1 class="SECT1"><a id="AEN15" name="AEN15">1 Introduction</a></h1>
<h2 class="SECT1"><a id="AEN15" name="AEN15">1 Introduction</a></h2>
<p>This errata document contains ``late-breaking news'' about FreeBSD 4.8-RELEASE. Before
installing this version, it is important to consult this document to learn about any
@ -67,28 +67,28 @@ target="_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</a>.</p>
<div class="SECT1">
<hr />
<h1 class="SECT1"><a id="AEN26" name="AEN26">2 Security Advisories</a></h1>
<h2 class="SECT1"><a id="AEN26" name="AEN26">2 Security Advisories</a></h2>
<p>A buffer overflow in header parsing exists in older versions of <b
class="APPLICATION">sendmail</b>. It could allow a remote attacker to create a
specially-crafted message that may cause <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sendmail&amp;sektion=8&amp;manpath=FreeBSD+4.7-stable">
href="http://www.FreeBSD.org/cgi/man.cgi?query=sendmail&sektion=8&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sendmail</span>(8)</span></a> to
execute arbitrary code with the privileges of the user running it, typically <tt
class="USERNAME">root</tt>. More information, including pointers to patches, can be found
in security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
target="_top">FreeBSD-SA-03:07</a>. This problem was corrected for FreeBSD 4.8-RELEASE
with a vendor patch and was corrected for FreeBSD 4.9-PRERELEASE with the import of a new
version of <b class="APPLICATION">sendmail</b>. However, these changes may not otherwise
have been noted in the release documentation.</p>
with a vendor patch and was corrected for FreeBSD 4.9-RC with the import of a new version
of <b class="APPLICATION">sendmail</b>. However, these changes may not otherwise have
been noted in the release documentation.</p>
<p>The implementation of the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=realpath&amp;sektion=3&amp;manpath=FreeBSD+4.7-stable">
href="http://www.FreeBSD.org/cgi/man.cgi?query=realpath&sektion=3&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">realpath</span>(3)</span></a>
function contains a single-byte buffer overflow bug. This may have various impacts,
depending on the application using <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=realpath&amp;sektion=3&amp;manpath=FreeBSD+4.7-stable">
href="http://www.FreeBSD.org/cgi/man.cgi?query=realpath&sektion=3&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">realpath</span>(3)</span></a> and
other factors. This bug has been fixed on the 4.8-RELEASE security fix branch and the
4-STABLE development branch. For more information, see security advisory <a
@ -110,7 +110,7 @@ target="_top">FreeBSD-SA-03:10</a>.</p>
<p>A programming error in the <b class="APPLICATION">sendmail</b> implementation of its
``DNS maps'' feature could lead to a <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sendmail&amp;sektion=8&amp;manpath=FreeBSD+4.7-stable">
href="http://www.FreeBSD.org/cgi/man.cgi?query=sendmail&sektion=8&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sendmail</span>(8)</span></a>
child process crashing or behaving incorrectly. This error has been fixed with a patch on
the 4.8-RELEASE security fix branch and with the import of a new version of <b
@ -132,18 +132,57 @@ This bug has been fixed via a vendor-supplied patch on the 4-STABLE development
and the 4.8-RELEASE security fix branch. More details can be found in security advisory
<a href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:13.sendmail.asc"
target="_top">FreeBSD-SA-03:13</a>.</p>
<p>The FreeBSD ARP code contains a bug that could allow the kernel to cause resource
starvation which eventually results in a system panic. This bug has been fixed on the
4-STABLE development branch and the 4.8-RELEASE security fix branch. More information can
be found in security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:14.arp.asc"
target="_top">FreeBSD-SA-03:14</a>.</p>
<p>The implementation of the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=readv&sektion=2&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">readv</span>(2)</span></a> system
call contains a bug which could potentially cause a system crash or privilege escalation.
This bug has been fixed on the 4-STABLE development branch and the 4.8-RELEASE security
fix branch. More information can be found in security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:16.filedesc.asc"
target="_top">FreeBSD-SA-03:16</a>.</p>
<p>The implementation of the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=procfs&sektion=5&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">procfs</span>(5)</span></a> and
the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=linprocfs&sektion=5&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">linprocfs</span>(5)</span></a>
contain a bug that could result in disclosing the contents of kernel memory. This bug has
been fixed on the 4-STABLE development branch and the 4.8-RELEASE security fix branch.
More information can be found in security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:17.procfs.asc"
target="_top">FreeBSD-SA-03:17</a>.</p>
<p><b class="APPLICATION">OpenSSL</b> contains several bugs which could allow a remote
attacker to crash an <b class="APPLICATION">OpenSSL</b>-using application or to execute
arbitrary code with the privileges of the application. These bugs have been fixed with
the import of a new version of <b class="APPLICATION">OpenSSL</b> on the 4-STABLE
development branch and with a vendor-supplied patch on the 4.8-RELEASE security fix
branch. Note that only applications that use <b class="APPLICATION">OpenSSL</b>'s ASN.1
or X.509 handling code are affected (<b class="APPLICATION">OpenSSH</b> is unaffected,
for example). More information can be found in security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:18.openssl.asc"
target="_top">FreeBSD-SA-03:18</a>.</p>
</div>
<div class="SECT1">
<hr />
<h1 class="SECT1"><a id="AEN62" name="AEN62">3 Late-Breaking News</a></h1>
<h2 class="SECT1"><a id="AEN84" name="AEN84">3 Late-Breaking News</a></h2>
<p>Due to some problems discovered very late in the release cycle, the ISO images and FTP
install directories for FreeBSD 4.8-RELEASE/i386 needed to be re-generated and
re-uploaded to the FTP mirror sites. For reference, the final ISO images have checksums
computed via <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=md5&amp;sektion=1&amp;manpath=FreeBSD+4.7-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">md5</span>(1)</span></a> as
href="http://www.FreeBSD.org/cgi/man.cgi?query=md5&sektion=1&manpath=FreeBSD+4.8-stable"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">md5</span>(1)</span></a> as
follows:</p>
<pre class="PROGRAMLISTING">
@ -157,9 +196,9 @@ MD5 (4.8-RELEASE-i386-mini.iso) = 5f0d2576dbb56d6ec85d49ac9fa4bbf9
<p>FreeBSD 4.8-RELEASE restores the ability to install from the installation media to a
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mly&amp;sektion=4&amp;manpath=FreeBSD+4.7-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mly</span>(4)</span></a> device.
(This capability was broken in FreeBSD 4.7-RELEASE.)</p>
href="http://www.FreeBSD.org/cgi/man.cgi?query=mly&sektion=4&manpath=FreeBSD+4.8-stable"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">mly</span>(4)</span></a> device. (This
capability was broken in FreeBSD 4.7-RELEASE.)</p>
<p>After installing <b class="APPLICATION">GNOME</b>, the default terminal font might be
garbled. If this is the case, install the <tt
@ -169,14 +208,13 @@ not, edit the current gnome-terminal profile and select the Bitstream Vera Sans
font.</p>
<p>Due to space limitations, the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=awi&amp;sektion=4&amp;manpath=FreeBSD+4.7-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">awi</span>(4)</span></a> driver
has been removed from the kernel used on the 1.44MB <tt class="FILENAME">kern.flp</tt>
i386 boot floppy. Because no module is available for this driver in FreeBSD 4.8-RELEASE,
this means that it is generally not possible to install FreeBSD 4.8-RELEASE over an <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=awi&amp;sektion=4&amp;manpath=FreeBSD+4.7-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">awi</span>(4)</span></a>
network.</p>
href="http://www.FreeBSD.org/cgi/man.cgi?query=awi&sektion=4&manpath=FreeBSD+4.8-stable"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">awi</span>(4)</span></a> driver has
been removed from the kernel used on the 1.44MB <tt class="FILENAME">kern.flp</tt> i386
boot floppy. Because no module is available for this driver in FreeBSD 4.8-RELEASE, this
means that it is generally not possible to install FreeBSD 4.8-RELEASE over an <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=awi&sektion=4&manpath=FreeBSD+4.8-stable"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">awi</span>(4)</span></a> network.</p>
<p>Due to space limitations, support for ATAPI floppy disks and the DEC AlphaServer 8200
and 8400 (``TurboLaser'') machines has been removed from the kernel used on the 1.44MB
@ -189,38 +227,38 @@ and the 4-STABLE development branch.</p>
<p>FreeBSD supports a hashed form of the login capabilities database, stored in <tt
class="FILENAME">/etc/login.conf.db</tt>. This is generated from the <tt
class="FILENAME">/etc/login.conf</tt> text file. If the hashed database is present, <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=login&amp;sektion=1&amp;manpath=FreeBSD+4.7-stable">
href="http://www.FreeBSD.org/cgi/man.cgi?query=login&sektion=1&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">login</span>(1)</span></a> will
use it in preference to the contents of the text file. FreeBSD 4.8-RELEASE is the first
release that actually includes <tt class="FILENAME">/etc/login.conf.db</tt> on the
distribution media; thus, users modifying <tt class="FILENAME">/etc/login.conf</tt> need
to remember to regenerate the database, using <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=cap_mkdb&amp;sektion=1&amp;manpath=FreeBSD+4.7-stable">
href="http://www.FreeBSD.org/cgi/man.cgi?query=cap_mkdb&sektion=1&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">cap_mkdb</span>(1)</span></a>.
Users performing source upgrades are generally not affected by this change, because <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=mergemaster&amp;sektion=8&amp;manpath=FreeBSD+4.7-stable">
href="http://www.FreeBSD.org/cgi/man.cgi?query=mergemaster&sektion=8&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">mergemaster</span>(8)</span></a>
offers the option to regenerate <tt class="FILENAME">/etc/login.conf.db</tt> during
upgrades. <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=login.conf&amp;sektion=5&amp;manpath=FreeBSD+4.7-stable">
href="http://www.FreeBSD.org/cgi/man.cgi?query=login.conf&sektion=5&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">login.conf</span>(5)</span></a>
has more details on the format and usage of the login capabilities database.</p>
<p>A file that is a part of the <tt class="FILENAME">multimedia/gstreamer-plugins</tt>
port may appear to have a corrupted filename when the ports collection is installed using
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&amp;sektion=8&amp;manpath=FreeBSD+4.7-stable">
href="http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.8-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">sysinstall</span>(8)</span></a>.
This should not affect building the port or installing the corresponding package.
However, it is recommended to rename the file in question, to prevent problems during any
future updates to the installed ports collection:</p>
<pre class="SCREEN">
<tt class="PROMPT">#</tt> <tt
class="USERINPUT"><b>cd /usr/ports/multimedia/gstreamer-plugins/files</b></tt>
<tt class="PROMPT">#</tt> <tt
class="USERINPUT"><b>mv patch-gst-libs_ext_ffmpeg_ffmpeg_libavcodec_alpha_simple_i \
patch-gst-libs_ext_ffmpeg_ffmpeg_libavcodec_alpha_simple_idct_alpha.c</b></tt>
<samp class="PROMPT">#</samp> <kbd
class="USERINPUT">cd /usr/ports/multimedia/gstreamer-plugins/files</kbd>
<samp class="PROMPT">#</samp> <kbd
class="USERINPUT">mv patch-gst-libs_ext_ffmpeg_ffmpeg_libavcodec_alpha_simple_i \
patch-gst-libs_ext_ffmpeg_ffmpeg_libavcodec_alpha_simple_idct_alpha.c</kbd>
</pre>
<p>Recently the mailing lists were changed from majordomo to the currently used Mailman
@ -229,11 +267,10 @@ the <a href="http://www.FreeBSD.org/mailman/listinfo/" target="_top">FreeBSD Mai
Page</a>.</p>
<p>The <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=dc&amp;sektion=4&amp;manpath=FreeBSD+4.7-stable">
<span class="CITEREFENTRY"><span class="REFENTRYTITLE">dc</span>(4)</span></a> driver
does not properly transmit data through Davicom DC9102 cards. This problem, which has
been present since FreeBSD 4.5-RELEASE, has been corrected for FreeBSD
4.9-PRERELEASE.</p>
href="http://www.FreeBSD.org/cgi/man.cgi?query=dc&sektion=4&manpath=FreeBSD+4.8-stable"><span
class="CITEREFENTRY"><span class="REFENTRYTITLE">dc</span>(4)</span></a> driver does not
properly transmit data through Davicom DC9102 cards. This problem, which has been present
since FreeBSD 4.5-RELEASE, has been corrected for FreeBSD 4.9-RC.</p>
</div>
</div>