MFC: r265585

[FreeBSD/stable/9.git] / release / doc / en_US.ISO8859-1 / errata / article.xml

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
        "../../../share/xml/freebsd50.dtd" [
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
%release;
]>
<!--
        FreeBSD errata document.  Unlike some of the other RELNOTESng
        files, this file should remain as a single SGML file, so that
        the dollar FreeBSD dollar header has a meaningful modification
        time.  This file is all but useless without a datestamp on it,
        so we'll take some extra care to make sure it has one.

        (If we didn't do this, then the file with the datestamp might
        not be the one that received the last change in the document.)

-->
<article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
  <info><title>&os; &release.current; Errata</title>
    

    <author><orgname>
    The &os; Project
    </orgname></author>

    <pubdate>$FreeBSD$</pubdate>

    <copyright>
      <year>2014</year>
      <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
    </copyright>

    <legalnotice xml:id="trademarks" role="trademarks">
      &tm-attrib.freebsd;
      &tm-attrib.intel;
      &tm-attrib.sparc;
      &tm-attrib.general;
    </legalnotice>

    <abstract>
      <para>This document lists errata items for &os; &release.current;,
        containing significant information discovered after the release
        or too late in the release cycle to be otherwise included in the
        release documentation.
        This information includes security advisories, as well as news
        relating to the software or documentation that could affect its
        operation or usability.  An up-to-date version of this document
        should always be consulted before installing this version of
        &os;.</para>

      <para>This errata document for &os; &release.current;
        will be maintained until the release of &os; &release.next;.</para>
    </abstract>
  </info>

  <sect1 xml:id="intro">
    <title>Introduction</title>

    <para>This errata document contains <quote>late-breaking news</quote>
      about &os; &release.current;
      Before installing this version, it is important to consult this
      document to learn about any post-release discoveries or problems
      that may already have been found and fixed.</para>

    <para>Any version of this errata document actually distributed
      with the release (for example, on a CDROM distribution) will be
      out of date by definition, but other copies are kept updated on
      the Internet and should be consulted as the <quote>current
      errata</quote> for this release.  These other copies of the
      errata are located at <uri xlink:href="http://www.FreeBSD.org/releases/">http://www.FreeBSD.org/releases/</uri>, plus any sites
      which keep up-to-date mirrors of this location.</para>

    <para>Source and binary snapshots of &os; &release.branch; also
      contain up-to-date copies of this document (as of the time of
      the snapshot).</para>

    <para>For a list of all &os; CERT security advisories, see <uri xlink:href="http://www.FreeBSD.org/security/">http://www.FreeBSD.org/security/</uri> or <uri xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</uri>.</para>

  </sect1>

  <sect1 xml:id="security">
    <title>Security Advisories</title>

    <para>Problems described in the following security advisories have
      been fixed in &release.current;. For more information, consult
      the individual advisories available from
      <uri xlink:href="http://security.FreeBSD.org/">http://security.FreeBSD.org/</uri>.</para>

    <informaltable frame="none" pgwide="1">
      <tgroup cols="3">
        <colspec colwidth="1*"/>
        <colspec colwidth="1*"/>
        <colspec colwidth="3*"/>
        <thead>
          <row>
            <entry>Advisory</entry>
            <entry>Date</entry>
            <entry>Topic</entry>
          </row>
        </thead>

        <tbody>
          <row>
            <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc">SA-12:01.openssl</link></entry>
            <entry>3&nbsp;May&nbsp;2012</entry>
            <entry><para>OpenSSL multiple vulnerabilities</para></entry>
          </row>

          <row>
            <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc">SA-12:02.crypt</link></entry>
            <entry>30&nbsp;May&nbsp;2012</entry>
            <entry><para>Incorrect <function>crypt()</function> hashing</para></entry>
          </row>

          <row>
            <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:03.bind.asc">SA-12:03.bind</link></entry>
            <entry>12&nbsp;June&nbsp;2012</entry>
            <entry><para>Incorrect handling of zero-length RDATA fields in &man.named.8;</para></entry>
          </row>

          <row>
            <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc">SA-12:04.sysret</link></entry>
            <entry>12&nbsp;June&nbsp;2012</entry>
            <entry><para>Privilege escalation when returning from kernel</para></entry>
          </row>

          <row>
            <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:05.bind.asc">SA-12:05.bind</link></entry>
            <entry>6&nbsp;August&nbsp;2012</entry>
            <entry><para>&man.named.8; DNSSEC validation Denial of Service</para></entry>
          </row>

          <row>
            <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:06.bind.asc">SA-12:06.bind</link></entry>
            <entry>22&nbsp;November&nbsp;2012</entry>
            <entry><para>Multiple Denial of Service vulnerabilities with &man.named.8;</para></entry>
          </row>

          <row>
            <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:07.hostapd.asc">SA-12:07.hostapd</link></entry>
            <entry>22&nbsp;November&nbsp;2012</entry>
            <entry><para>Insufficient message length validation for EAP-TLS messages</para></entry>
          </row>

          <row>
            <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:08.linux.asc">SA-12:08.linux</link></entry>
            <entry>22&nbsp;November&nbsp;2012</entry>
            <entry><para>Linux compatibility layer input validation error</para></entry>
          </row>
        </tbody>
      </tgroup>
    </informaltable>
  </sect1>

  <sect1 xml:id="late-news">
    <title>Late-Breaking News</title>

    <para>[November 2, 2012] The current &man.mfi.4; driver has an
      overflow bug when handling disks larger than 2^32 sectors in
      SYSPD volumes, also known as JBODs, which will cause data
      corruption.  This bug has been fixed on this &os;-CURRENT but
      was too late for inclusion in this release.  An Errata Notice
      for &release.current; is planned.</para>

    <para>[December 25, 2012] The Installtion Instructions had the
      following wrong information about upgrading procedure.  All of
      them have been fixed in the online version.</para>

    <itemizedlist>
      <listitem>
        <para>The link URL of <quote>upgrading section in the Release
            Notes</quote>, branch names where upcoming Security
          Advisories or Errata Notices will be applied, and a
          command line argument of &man.freebsd-update.8; were ones
          for 9.0-RELEASE, not for &release.current;.</para>
      </listitem>

      <listitem>
        <para>The list of releases supported by &man.freebsd-update.8;
          utility were incorrect.  For 9.X, The following versions are
          supported: <literal>9.0-RELEASE</literal>,
          <literal>9.1-BETA1</literal>, and
          <literal>9.1-RC[123]</literal>.</para>
      </listitem>
    </itemizedlist>
  </sect1>
</article>