os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
doc/en_US.ISO8859-1/htdocs/releases/4.6.2R/errata.html
Hiroki Sato 282a032540 - Remove junk directories. 
- Repocopy from www/<lang> to head/<lang>/htdocs to eliminate duplicate
  information in the www and the doc directory.
- Add various administration files to svnadmin.
 
Approved by:	doceng (implicit)
2012-05-17 02:51:08 +00:00

433 lines
19 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta name="generator" content="HTML Tidy, see www.w3.org">
<title>FreeBSD 4.6-RELEASE/4.6.2-RELEASE Errata</title>
<meta name="GENERATOR" content=
"Modular DocBook HTML Stylesheet Version 1.73 ">
<link rel="STYLESHEET" type="text/css" href="docbook.css">
</head>
<body class="ARTICLE" bgcolor="#FFFFFF" text="#000000" link=
"#0000FF" vlink="#840084" alink="#0000FF">
<div class="ARTICLE">
<div class="TITLEPAGE">
<h1 class="TITLE"><a name="AEN2">FreeBSD
4.6-RELEASE/4.6.2-RELEASE Errata</a></h1>
<h3 class="CORPAUTHOR">The FreeBSD Project</h3>
<p class="COPYRIGHT">Copyright &copy; 2000, 2001, 2002 by
The FreeBSD Documentation Project</p>
<p class="PUBDATE">$FreeBSD:
src/release/doc/en_US.ISO8859-1/errata/article.sgml,v
1.1.2.82 2002/09/16 23:08:45 bmah Exp $<br>
</p>
<hr>
</div>
<blockquote class="ABSTRACT">
<div class="ABSTRACT">
<a name="AEN11"></a>
<p>This document lists errata items for FreeBSD
4.6-RELEASE, containing significant information
discovered after the release. This information includes
security advisories, as well as news relating to the
software or documentation that could affect its operation
or usability. An up-to-date version of this document
should always be consulted before installing this version
of FreeBSD.</p>
<p>Unless otherwise noted, items listed here also pertain
to FreeBSD 4.6.2-RELEASE, which was designed to fix
certain, specific problems in 4.6-RELEASE (see the
release notes for more details).</p>
<p>This errata document for FreeBSD 4.6-RELEASE will be
maintained until the release of FreeBSD 4.7-RELEASE.</p>
</div>
</blockquote>
<div class="SECT1">
<hr>
<h1 class="SECT1"><a name="AEN15">1 Introduction</a></h1>
<p>This errata document contains ``late-breaking news''
about FreeBSD 4.6-RELEASE. Before installing this version,
it is important to consult this document to learn about any
post-release discoveries or problems that may already have
been found and fixed.</p>
<p>Any version of this errata document actually distributed
with the release (for example, on a CDROM distribution)
will be out of date by definition, but other copies are
kept updated on the Internet and should be consulted as the
``current errata'' for this release. These other copies of
the errata are located at <a href=
"http://www.FreeBSD.org/releases/" target=
"_top">http://www.FreeBSD.org/releases/</a>, plus any sites
which keep up-to-date mirrors of this location.</p>
<p>Source and binary snapshots of FreeBSD 4-STABLE also
contain up-to-date copies of this document (as of the time
of the snapshot).</p>
<p>For a list of all FreeBSD CERT security advisories, see
<a href="http://www.FreeBSD.org/security/" target=
"_top">http://www.FreeBSD.org/security/</a> or <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/" target=
"_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</a>.</p>
</div>
<div class="SECT1">
<hr>
<h1 class="SECT1"><a name="AEN26">2 Security
Advisories</a></h1>
<p>FreeBSD 4.6-RELEASE contains a fix for a bug described
in security advisory SA-02:23 (which addressed the use of
file descriptors by set-user-id or set-group-id programs).
An error has been discovered in the bugfix; it is still
possible for systems using <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=procfs&sektion=5&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">procfs</span>(5)</span></a> or <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=linprocfs&sektion=5&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">linprocfs</span>(5)</span></a> to be
exploited. A revised version of security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc"
target="_top">FreeBSD-SA-02:23</a> contains a corrected
bugfix. This problem was corrected in FreeBSD
4.6.2-RELEASE.</p>
<p>A buffer overflow in the resolver could be exploited by
a malicious domain name server or an attacker forging DNS
messages. This could potentially be used to force arbitrary
code to run on a client machine with the privileges of a
resolver-using application. See security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:28.resolv.asc"
target="_top">FreeBSD-SA-02:28</a> for more information
and a fix. This problem was corrected in FreeBSD
4.6.2-RELEASE.</p>
<p>Badly-formed NFS packets could trigger a buffer overflow
in <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=tcpdump&sektion=1&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">tcpdump</span>(1)</span></a>. For a fix to
this problem, see security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:29.tcpdump.asc"
target="_top">FreeBSD-SA-02:29</a>. This problem was
corrected in FreeBSD 4.6.2-RELEASE.</p>
<p><a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ktrace&sektion=1&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ktrace</span>(1)</span></a> can be used to
trace the operation of formerly-privileged processes. This
is undesirable, as it is then possible to leak information
obtained while these processes had elevated privileges. See
security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:30.ktrace.asc"
target="_top">FreeBSD-SA-02:30</a> for a workaround and a
fix. This problem was corrected in FreeBSD
4.6.2-RELEASE.</p>
<p>A race condition in <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=pppd&sektion=8&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">pppd</span>(8)</span></a> can be used to
change the permissions of an arbitrary file. For more
details, a workaround, and bugfix information, see security
advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:32.pppd.asc"
target="_top">FreeBSD-SA-02:32</a>. This problem was
corrected in FreeBSD 4.6.2-RELEASE.</p>
<p>Multiple buffer overflows have been discovered in <b
class="APPLICATION">OpenSSL</b>. More details (including
workarounds and bugfixes) can be found in security advisory
<a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc"
target="_top">FreeBSD-SA-02:33</a>. This problem was
corrected in FreeBSD 4.6.2-RELEASE.</p>
<p>A bug in the XDR decoder (used by Sun RPC) could result
in a heap buffer overflow. Security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:34.rpc.asc"
target="_top">FreeBSD-SA-02:34</a> contains workaround and
bugfix information. This problem was corrected in FreeBSD
4.6.2-RELEASE.</p>
<p>Local users can, under certain circumstances, read and
write arbitrary blocks on an FFS filesystem has been
corrected. More details can be found in security advisory
<a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:35.ffs.asc"
target="_top">FreeBSD-SA-02:35</a>, which contains a
workaround and bugfix information. This problem was
corrected in FreeBSD 4.6.2-RELEASE.</p>
<p>A bug in the NFS server code could allow a remote denial
of service attack. Security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:36.nfs.asc"
target="_top">FreeBSD-SA-02:36</a> has information on a
fix and a workaround. This problem was corrected in FreeBSD
4.6.2-RELEASE.</p>
<p>A bug in <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=kqueue&sektion=2&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">kqueue</span>(2)</span></a> could allow
local users to panic a system. Correction information is
contained in security advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:37.kqueue.asc"
target="_top">FreeBSD-SA-02:37</a>. This problem was
corrected in FreeBSD 4.6.2-RELEASE.</p>
<p>Several bounds-checking bugs in system calls could
result in some system calls returning a large portion of
kernel memory. More details can be found in security
advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:38.signed-error.asc"
target="_top">FreeBSD-SA-02:38</a>. This problem was
corrected in time for FreeBSD 4.6.2-RELEASE, although not
mentioned in the accompanying release documentation.</p>
<p>A bug in <tt class="FILENAME">libkvm</tt> could result
in some applications leaking file descriptors with access
to potentially sensitive information. More details, as well
as a bugfix and a workaround, can be found in security
advisory <a href=
"ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:39.libkvm.asc"
target="_top">FreeBSD-SA-02:39</a>.</p>
</div>
<div class="SECT1">
<hr>
<h1 class="SECT1"><a name="AEN72">3 Late-Breaking
News</a></h1>
<p>In FreeBSD 4.6-RELEASE, the default maximum TCP window
size was lowered from 65536 bytes to 57334 bytes, for
better compatability with some versions of <b class=
"APPLICATION">IPFilter</b>.</p>
<p>A recently-discovered interaction between the FreeBSD
kernel and the <tt class="FILENAME">archivers/zip</tt> port
can result in some errors on the alpha platform. A
post-release fix has been committed to the FreeBSD ports
tree; versions of the <tt class=
"FILENAME">archivers/zip</tt> port beginning with 2.3_1
will function correctly.</p>
<p>On the alpha platform, the <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=de&sektion=4&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">de</span>(4)</span></a> and <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=txp&sektion=4&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">txp</span>(4)</span></a> drivers were moved
from the boot kernel on the floppy images to modules on the
<tt class="FILENAME">mfsroot</tt> floppy. This change was
made in order to get the alpha kernel to fit onto the boot
floppy. It should be transparent to all users, as <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">sysinstall</span>(8)</span></a> will
automatically load any kernel modules it finds on the <tt
class="FILENAME">mfsroot</tt> floppy.</p>
<p>Several last-minute patches were made to the <tt class=
"FILENAME">x11-servers/XFree86-4-Server</tt> package. These
allow the various server configuration programs to give
better support for the <tt class="FILENAME">sysmouse</tt>
device supported by <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=moused&sektion=8&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">moused</span>(8)</span></a>. The binary
packages on the CDROMs and the FTP sites incoporate this
patch and bear the version number 4.2.0_3. However, the
ports collection included in the distribution does not
contain this patch. To get an updated version, use <b
class="APPLICATION">CVSup</b> to obtain a more recent ports
collection.</p>
<p>Some FreeBSD/i386 users have experienced difficulties
reading from certain ATA CDROM drives. Specific models on
which this problem has been observed include the AOpen 48x,
52x, and 56x CDROM drives, as well as the Mitsumi Slim
CRMC-SR242S CDROM drive. A typical symptom is the following
error message on the console and/or <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=dmesg&sektion=8&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">dmesg</span>(8)</span></a> buffer
(sometimes accompanied by a kernel panic):</p>
<pre class="SCREEN">
acd0: READ_BIG command timeout - resetting
ata1: resetting devices .. done
</pre>
<p>In some cases, this bug can prevent installation of
FreeBSD from an affected CDROM drive. It can cause <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">sysinstall</span>(8)</span></a> to hang
while extracting distribution files from CD media.</p>
<p>A two-part workaround listed here has shown to be
helpful in some (but not necessarily all) cases. First, to
allow a CDROM installation, it is necessary to modify the
normal CDROM installation procedure:</p>
<div class="PROCEDURE">
<ol type="1">
<li>
<p>Start the computer with a FreeBSD installation
CDROM in the drive.</p>
</li>
<li>
<p>Wait for a console message similar to:</p>
<pre class="SCREEN">
Hit [Enter] to boot immediately, or any other key for command prompt.
Booting [kernel] in 9 seconds...
</pre>
</li>
<li>
<p>Immediately interrupt the boot process by pressing
the <b class="KEYCAP">Space</b> bar on the
keyboard.</p>
</li>
<li>
<p>Enter the following three lines at the <tt class=
"LITERAL">ok</tt> prompt:</p>
<pre class="SCREEN">
<tt class="PROMPT">ok</tt> <tt class=
"USERINPUT"><b>set hw.ata.ata_dma="1"</b></tt>
</pre>
<pre class="SCREEN">
<tt class="PROMPT">ok</tt> <tt class=
"USERINPUT"><b>set hw.ata.atapi_dma="1"</b></tt>
</pre>
<pre class="SCREEN">
<tt class="PROMPT">ok</tt> <tt class=
"USERINPUT"><b>boot</b></tt>
</pre>
</li>
<li>
<p>Continue the installation as normal.</p>
</li>
</ol>
</div>
<p>The second part of the workaround takes place after
completing the CDROM installation (or a successful source
upgrade). It consists of configuring the <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">ata</span>(4)</span></a> driver so that
future CDROM reads work correctly:</p>
<div class="PROCEDURE">
<ol type="1">
<li>
<p>Add the following two lines to <tt class=
"FILENAME">/boot/loader.conf</tt> (creating this file
if it does not already exist):</p>
<pre class="PROGRAMLISTING">
hw.ata.ata_dma="1"
hw.ata.atapi_dma="1"
</pre>
</li>
<li>
<p>Reboot the machine.</p>
</li>
</ol>
</div>
<p>This problem was fixed in FreeBSD 4.7-PRERELEASE on 31
July 2002, as well as FreeBSD 4.6.2-RELEASE.</p>
<p>Due to a bug in the release generation process, some of
the directories under <tt class=
"FILENAME">/usr/share/examples</tt> are empty (most notably
<tt class="FILENAME">/usr/share/examples/cvsup</tt>). A
partial workaround is to install the <tt class=
"FILENAME">sshare</tt> distribution via <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">sysinstall</span>(8)</span></a> (from the
main menu, choose <span class=
"GUIMENUITEM">Configure</span>, <span class=
"GUIMENUITEM">Distributions</span>, <span class=
"GUIMENUITEM">src</span>, then <span class=
"GUIMENUITEM">share</span>). <tt class=
"FILENAME">/usr/src/share/examples</tt> will then contain
the missing files. This problem was corrected in FreeBSD
4.7-PRERELEASE on 16 July 2002, as well as FreeBSD
4.6.2-RELEASE.</p>
<p>The item in the ``Filesystems'' section of the release
notes contains a small grammatical error. It should read:
``A bug has been fixed in soft updates that could cause
occasional filesystem corruption if the system is shut down
immediately after performing heavy filesystem activities,
such as installing a new kernel or other software.''</p>
<p>Due to an omission, <tt class="COMMAND">pkg_add -r</tt>
on 4.6-RELEASE or 4.6.2-RELEASE may attempt to fetch
packages built for FreeBSD -STABLE, rather than for the
appropriate release. As a workaround, set the <tt class=
"VARNAME">PACKAGESITE</tt> environment variable
appropriately before invoking <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=pkg_add&sektion=1&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">pkg_add</span>(1)</span></a>. For example,
a <a href=
"http://www.FreeBSD.org/cgi/man.cgi?query=csh&sektion=1&manpath=FreeBSD+4.6-stable">
<span class="CITEREFENTRY"><span class=
"REFENTRYTITLE">csh</span>(1)</span></a> user on
4.6.2-RELEASE could use:</p>
<pre class="PROGRAMLISTING">
<tt class="PROMPT">%</tt> <tt class=
"USERINPUT"><b>setenv PACKAGESITE \</b></tt>
<tt class=
"USERINPUT"><b>ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4.6.2-release/Latest/</b></tt>
</pre>
</div>
</div>
<hr>
<p align="center"><small>This file, and other release-related
documents, can be downloaded from <a href=
"http://snapshots.jp.FreeBSD.org/">http://snapshots.jp.FreeBSD.org/</a>.</small></p>
<p align="center"><small>For questions about FreeBSD, read the
<a href="http://www.FreeBSD.org/docs.html">documentation</a>
before contacting &#60;<a href=
"mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>&#62;.</small></p>
<p align="center"><small><small>All users of FreeBSD 4-STABLE
should subscribe to the &#60;<a href=
"mailto:stable@FreeBSD.org">stable@FreeBSD.org</a>&#62; mailing
list.</small></small></p>
<p align="center">For questions about this documentation,
e-mail &#60;<a href=
"mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>&#62;.</p>
<br>
<br>
</body>
</html>
Reference in a new issue View git blame Copy permalink