1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
3 "../../../share/xml/freebsd45.dtd" [
4 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent">
9 FreeBSD errata document. Unlike some of the other RELNOTESng
10 files, this file should remain as a single SGML file, so that
11 the dollar FreeBSD dollar header has a meaningful modification
12 time. This file is all but useless without a datestamp on it,
13 so we'll take some extra care to make sure it has one.
15 (If we didn't do this, then the file with the datestamp might
16 not be the one that received the last change in the document.)
22 <title>&os; &release.current; Errata</title>
28 <pubdate>$FreeBSD$</pubdate>
32 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
35 <legalnotice id="trademarks" role="trademarks">
44 <para>This document lists errata items for &os; &release.current;,
45 containing significant information discovered after the release
46 or too late in the release cycle to be otherwise included in the
47 release documentation.
48 This information includes security advisories, as well as news
49 relating to the software or documentation that could affect its
50 operation or usability. An up-to-date version of this document
51 should always be consulted before installing this version of
54 <para>This errata document for &os; &release.current;
55 will be maintained until the release of &os; &release.next;.</para>
59 <title>Introduction</title>
61 <para>This errata document contains <quote>late-breaking news</quote>
62 about &os; &release.current;
63 Before installing this version, it is important to consult this
64 document to learn about any post-release discoveries or problems
65 that may already have been found and fixed.</para>
67 <para>Any version of this errata document actually distributed
68 with the release (for example, on a CDROM distribution) will be
69 out of date by definition, but other copies are kept updated on
70 the Internet and should be consulted as the <quote>current
71 errata</quote> for this release. These other copies of the
72 errata are located at <ulink
73 url="http://www.FreeBSD.org/releases/"></ulink>, plus any sites
74 which keep up-to-date mirrors of this location.</para>
76 <para>Source and binary snapshots of &os; &release.branch; also
77 contain up-to-date copies of this document (as of the time of
80 <para>For a list of all &os; CERT security advisories, see <ulink
81 url="http://www.FreeBSD.org/security/"></ulink> or <ulink
82 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"></ulink>.</para>
87 <title>Security Advisories</title>
89 <para>Problems described in the following security advisories have
90 been fixed in &release.current;. For more information, consult
91 the individual advisories available from
92 <ulink url="http://security.FreeBSD.org/" />.</para>
94 <informaltable frame="none" pgwide="1">
96 <colspec colwidth="1*" />
97 <colspec colwidth="1*" />
98 <colspec colwidth="3*" />
101 <entry>Advisory</entry>
109 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc"
110 >SA-12:01.openssl</ulink></entry>
111 <entry>3 May 2012</entry>
112 <entry><para>OpenSSL multiple vulnerabilities</para></entry>
116 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc"
117 >SA-12:02.crypt</ulink></entry>
118 <entry>30 May 2012</entry>
119 <entry><para>Incorrect <function>crypt()</function> hashing</para></entry>
123 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:03.bind.asc"
124 >SA-12:03.bind</ulink></entry>
125 <entry>12 June 2012</entry>
126 <entry><para>Incorrect handling of zero-length RDATA fields in &man.named.8;</para></entry>
130 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
131 >SA-12:04.sysret</ulink></entry>
132 <entry>12 June 2012</entry>
133 <entry><para>Privilege escalation when returning from kernel</para></entry>
137 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:05.bind.asc"
138 >SA-12:05.bind</ulink></entry>
139 <entry>6 August 2012</entry>
140 <entry><para>&man.named.8; DNSSEC validation Denial of Service</para></entry>
144 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:06.bind.asc"
145 >SA-12:06.bind</ulink></entry>
146 <entry>22 November 2012</entry>
147 <entry><para>Multiple Denial of Service vulnerabilities with &man.named.8;</para></entry>
151 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:07.hostapd.asc"
152 >SA-12:07.hostapd</ulink></entry>
153 <entry>22 November 2012</entry>
154 <entry><para>Insufficient message length validation for EAP-TLS messages</para></entry>
158 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:08.linux.asc"
159 >SA-12:08.linux</ulink></entry>
160 <entry>22 November 2012</entry>
161 <entry><para>Linux compatibility layer input validation error</para></entry>
168 <sect1 id="late-news">
169 <title>Late-Breaking News</title>
171 <para>[November 2, 2012] The current &man.mfi.4; driver has an
172 overflow bug when handling disks larger than 2^32 sectors in
173 SYSPD volumes, also known as JBODs, which will cause data
174 corruption. This bug has been fixed on this &os;-CURRENT but
175 was too late for inclusion in this release. An Errata Notice
176 for &release.current; is planned.</para>
178 <para>[December 25, 2012] The Installtion Instructions had the
179 following wrong information about upgrading procedure. All of
180 them have been fixed in the online version.</para>
184 <para>The link URL of <quote>upgrading section in the Release
185 Notes</quote>, branch names where upcoming Security
186 Advisories or Errata Notices will be applied, and a
187 command line argument of &man.freebsd-update.8; were ones
188 for 9.0-RELEASE, not for &release.current;.</para>
192 <para>The list of releases supported by &man.freebsd-update.8;
193 utility were incorrect. For 9.X, The following versions are
194 supported: <literal>9.0-RELEASE</literal>,
195 <literal>9.1-BETA1</literal>, and
196 <literal>9.1-RC[123]</literal>.</para>