os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
doc/en/releases/4.7R/errata.html
Bruce A. Mah 384a8b18d0 Regen from article.sgml 1.1.2.93. 
Large size of this delta may be due to changes in the FDP
infrastructure that now generate XHTML rather than HTML 4.
2003-01-10 17:09:51 +00:00

237 lines
11 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator" content="HTML Tidy, see www.w3.org" />
<title>FreeBSD 4.7-RELEASE Errata</title>
<meta name="GENERATOR"
content="Modular DocBook HTML Stylesheet Version 1.73 " />
<link rel="STYLESHEET" type="text/css" href="docbook.css" />
</head>
<body class="ARTICLE" bgcolor="#FFFFFF" text="#000000"
link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="ARTICLE">
<div class="TITLEPAGE">
<h1 class="TITLE"><a id="AEN2" name="AEN2">FreeBSD
4.7-RELEASE Errata</a></h1>
<h3 class="CORPAUTHOR">The FreeBSD Project</h3>
<p class="COPYRIGHT">Copyright &copy; 2000, 2001, 2002,
2003 by The FreeBSD Documentation Project</p>
<p class="PUBDATE">$FreeBSD:
src/release/doc/en_US.ISO8859-1/errata/article.sgml,v
1.1.2.93 2003/01/10 17:07:05 bmah Exp $<br />
</p>
<hr />
</div>
<blockquote class="ABSTRACT">
<div class="ABSTRACT">
<a id="AEN12" name="AEN12"></a>
<p>This document lists errata items for FreeBSD
4.7-RELEASE, containing significant information
discovered after the release. This information includes
security advisories, as well as news relating to the
software or documentation that could affect its operation
or usability. An up-to-date version of this document
should always be consulted before installing this version
of FreeBSD.</p>
<p>This errata document for FreeBSD 4.7-RELEASE will be
maintained until the release of FreeBSD 4.8-RELEASE.</p>
</div>
</blockquote>
<div class="SECT1">
<hr />
<h1 class="SECT1"><a id="AEN15" name="AEN15">1
Introduction</a></h1>
<p>This errata document contains ``late-breaking news''
about FreeBSD 4.7-RELEASE. Before installing this version,
it is important to consult this document to learn about any
post-release discoveries or problems that may already have
been found and fixed.</p>
<p>Any version of this errata document actually distributed
with the release (for example, on a CDROM distribution)
will be out of date by definition, but other copies are
kept updated on the Internet and should be consulted as the
``current errata'' for this release. These other copies of
the errata are located at <a
href="http://www.FreeBSD.org/releases/"
target="_top">http://www.FreeBSD.org/releases/</a>, plus
any sites which keep up-to-date mirrors of this
location.</p>
<p>Source and binary snapshots of FreeBSD 4-STABLE also
contain up-to-date copies of this document (as of the time
of the snapshot).</p>
<p>For a list of all FreeBSD CERT security advisories, see
<a href="http://www.FreeBSD.org/security/"
target="_top">http://www.FreeBSD.org/security/</a> or <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"
target="_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</a>.</p>
</div>
<div class="SECT1">
<hr />
<h1 class="SECT1"><a id="AEN26" name="AEN26">2 Security
Advisories</a></h1>
<p>Buffer overflows in kadmind(8) and k5admin could
potentially cause the administrative server to execute
arbitrary code. Bugfix and workaround information can be
found in security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:40.kadmind.asc"
target="_top">FreeBSD-SA-02:40</a>.</p>
<p>Errors in <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=smrsh&sektion=8&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">smrsh</span>(8)</span></a>, which
could allow users to circumvent restrictions on what
programs can be executed, were fixed in FreeBSD
4.7-RELEASE. Because the applicable security advisory (<a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:41.smrsh.asc"
target="_top">FreeBSD-SA-02:41</a>) was not issued after
the release, this fact was not included in the release
notes.</p>
<p>Buffer overflows in the DNS <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=resolver&sektion=3&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">resolver</span>(3)</span></a>, which
could cause some applications to fail, have been corrected.
This change was not mentioned in the release notes, as the
applicable security advisory (<a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:42.resolv.asc"
target="_top">FreeBSD-SA-02:42</a>) was not issued until
after the release.</p>
<p>Several vulnerabilities exist in the version of <b
class="APPLICATION">BIND</b> included with FreeBSD
4.7-RELEASE. More information, including bugfixes and
workaround suggestions, can be found in security advisory
<a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:43.bind.asc"
target="_top">FreeBSD-SA-02:43</a>.</p>
<p>A file descriptor leak in the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=fpathconf&sektion=2&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">fpathconf</span>(2)</span></a> system
call, can allow a local user to crash the system or cause a
privilege escalation. Bugfix information can be found in
security advisory <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:44.filedesc.asc"
target="_top">FreeBSD-SA-02:44</a>.</p>
</div>
<div class="SECT1">
<hr />
<h1 class="SECT1"><a id="AEN48" name="AEN48">3
Late-Breaking News</a></h1>
<p>Due to concerns over the licensing terms for the <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=matcd&sektion=4&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">matcd</span>(4)</span></a> driver
uncovered late in FreeBSD 4.7-RELEASE's release cycle, the
<a
href="http://www.FreeBSD.org/cgi/man.cgi?query=matcd&sektion=4&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">matcd</span>(4)</span></a> driver was
removed. These issues are being addressed and this driver
may reappear in a future release of FreeBSD.</p>
<p>The <tt class="FILENAME">srelease</tt> distribution
contains object files for <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">sysinstall</span>(8)</span></a> in
the <tt class="FILENAME">release/sysinstall</tt> directory.
These files were generated during the release building
process but, for some reason, were not removed from the
distribution files. They are harmless.</p>
<p>The <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/databases/rdfdb/pkg-descr">
<tt class="FILENAME">databases/rdfdb</tt></a> and <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/mail/ssmtp/pkg-descr">
<tt class="FILENAME">mail/ssmtp</tt></a> packages included
in the 4.7-RELEASE package set cannot be installed
correctly. A workaround is to build and install these
programs using the Ports Collection.</p>
<p>The <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/net/gnomeicu/pkg-descr">
<tt class="FILENAME">net/gnomeicu</tt></a> package included
in the 4.7-RELEASE package set may not run correctly, due
to a missing dependency on the <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/net/gnet/pkg-descr">
<tt class="FILENAME">net/gnet</tt></a> package. To work
around this problem, install <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/net/gnet/pkg-descr">
<tt class="FILENAME">net/gnet</tt></a> either from a
package or the Ports Collection, preferably before
installing <a
href="http://www.FreeBSD.org/cgi/url.cgi?ports/net/gnomeicu/pkg-descr">
<tt class="FILENAME">net/gnomeicu</tt></a>.</p>
<p>The release notes for FreeBSD 4.7-RELEASE incorrectly
stated that the <tt class="OPTION">-J</tt> option to <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=xargs&sektion=1&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">xargs</span>(1)</span></a> is
deprecated. In fact, there are no plans to remove this
option.</p>
<p><a
href="http://www.FreeBSD.org/cgi/man.cgi?query=ftpd&sektion=8&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">ftpd</span>(8)</span></a> has a bug
in its virtual hosting function triggered if <tt
class="FILENAME">/etc/ftphosts</tt> defines a virtual host
whose IP address can resolve back to a hostname. In that
case the daemon will be exiting on <tt
class="LITERAL">SIGSEGV</tt> (signal 11) if started from <a
href="http://www.FreeBSD.org/cgi/man.cgi?query=inetd&sektion=8&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span
class="REFENTRYTITLE">inetd</span>(8)</span></a>, or may
malfunction unpredictably if running stand-alone. This bug
has been fixed in FreeBSD 4.7-STABLE.</p>
</div>
</div>
<hr />
<p align="center"><small>This file, and other release-related
documents, can be downloaded from <a
href="http://snapshots.jp.FreeBSD.org/">http://snapshots.jp.FreeBSD.org/</a>.</small></p>
<p align="center"><small>For questions about FreeBSD, read the
<a href="http://www.FreeBSD.org/docs.html">documentation</a>
before contacting &#60;<a
href="mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>&#62;.</small></p>
<p align="center"><small><small>All users of FreeBSD 4-STABLE
should subscribe to the &#60;<a
href="mailto:stable@FreeBSD.org">stable@FreeBSD.org</a>&#62;
mailing list.</small></small></p>
<p align="center">For questions about this documentation,
e-mail &#60;<a
href="mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>&#62;.</p>
<br />
<br />
</body>
</html>
Reference in a new issue View git blame Copy permalink