2 FreeBSD errata document. Unlike some of the other RELNOTESng
3 files, this file should remain as a single SGML file, so that
4 the dollar FreeBSD dollar header has a meaningful modification
5 time. This file is all but useless without a datestamp on it,
6 so we'll take some extra care to make sure it has one.
8 (If we didn't do this, then the file with the datestamp might
9 not be the one that received the last change in the document.)
12 <?xml version="1.0" encoding="iso-8859-1" standalone="no"?>
13 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.2-Based Extension//EN" [
14 <!ENTITY % entities PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Entity Set//EN">
17 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
23 <![ %release.type.current [
26 <![ %release.type.snapshot [
29 <![ %release.type.release [
38 <pubdate>$FreeBSD$</pubdate>
42 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
45 <legalnotice id="trademarks" role="trademarks">
54 <para>This document lists errata items for &os;
55 <![ %release.type.current [
58 <![ %release.type.snapshot [
61 <![ %release.type.release [
64 containing significant information discovered after the release
65 or too late in the release cycle to be otherwise included in the
66 release documentation.
67 This information includes security advisories, as well as news
68 relating to the software or documentation that could affect its
69 operation or usability. An up-to-date version of this document
70 should always be consulted before installing this version of
73 <para>This errata document for &os;
74 <![ %release.type.current [
77 <![ %release.type.snapshot [
80 <![ %release.type.release [
83 will be maintained until the release of &os; &release.next;.</para>
87 <title>Introduction</title>
89 <para>This errata document contains <quote>late-breaking news</quote>
91 <![ %release.type.current [
94 <![ %release.type.snapshot [
97 <![ %release.type.release [
100 Before installing this version, it is important to consult this
101 document to learn about any post-release discoveries or problems
102 that may already have been found and fixed.</para>
104 <para>Any version of this errata document actually distributed
105 with the release (for example, on a CDROM distribution) will be
106 out of date by definition, but other copies are kept updated on
107 the Internet and should be consulted as the <quote>current
108 errata</quote> for this release. These other copies of the
109 errata are located at <ulink
110 url="http://www.FreeBSD.org/releases/"></ulink>, plus any sites
111 which keep up-to-date mirrors of this location.</para>
113 <para>Source and binary snapshots of &os; &release.branch; also
114 contain up-to-date copies of this document (as of the time of
115 the snapshot).</para>
117 <para>For a list of all &os; CERT security advisories, see <ulink
118 url="http://www.FreeBSD.org/security/"></ulink> or <ulink
119 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"></ulink>.</para>
123 <sect1 id="security">
124 <title>Security Advisories</title>
126 <para>Problems described in the following security advisories have
127 been fixed in &release.current;. For more information, consult
128 the individual advisories available from <ulink
129 url="http://security.FreeBSD.org/"></ulink>.</para>
131 <informaltable frame="none" pgwide="1">
133 <colspec colwidth="1*" />
134 <colspec colwidth="1*" />
135 <colspec colwidth="3*" />
138 <entry>Advisory</entry>
146 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc"
147 >SA-12:01.openssl</ulink></entry>
148 <entry>3 May 2012</entry>
149 <entry><para>OpenSSL multiple vulnerabilities</para></entry>
153 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc"
154 >SA-12:02.crypt</ulink></entry>
155 <entry>30 May 2012</entry>
156 <entry><para>Incorrect <function>crypt()</function> hashing</para></entry>
160 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:03.bind.asc"
161 >SA-12:03.bind</ulink></entry>
162 <entry>12 June 2012</entry>
163 <entry><para>Incorrect handling of zero-length RDATA fields in &man.named.8;</para></entry>
167 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
168 >SA-12:04.sysret</ulink></entry>
169 <entry>12 June 2012</entry>
170 <entry><para>Privilege escalation when returning from kernel</para></entry>
174 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:05.bind.asc"
175 >SA-12:05.bind</ulink></entry>
176 <entry>6 August 2012</entry>
177 <entry><para>&man.named.8; DNSSEC validation Denial of Service</para></entry>
181 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:06.bind.asc"
182 >SA-12:06.bind</ulink></entry>
183 <entry>22 November 2012</entry>
184 <entry><para>Multiple Denial of Service vulnerabilities with &man.named.8;</para></entry>
188 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:07.hostapd.asc"
189 >SA-12:07.hostapd</ulink></entry>
190 <entry>22 November 2012</entry>
191 <entry><para>Insufficient message length validation for EAP-TLS messages</para></entry>
195 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-12:08.linux.asc"
196 >SA-12:08.linux</ulink></entry>
197 <entry>22 November 2012</entry>
198 <entry><para>Linux compatibility layer input validation error</para></entry>
205 <sect1 id="late-news">
206 <title>Late-Breaking News</title>
208 <para>[November 2, 2012] The current &man.mfi.4; driver has an
209 overflow bug when handling disks larger than 2^32 sectors in
210 SYSPD volumes, also known as JBODs, which will cause data
211 corruption. This bug has been fixed on this &os;-CURRENT but
212 was too late for inclusion in this release. An Errata Notice
213 for &release.current; is planned.</para>
215 <para>[December 25, 2012] The Installtion Instructions had the
216 following wrong information about upgrading procedure. All of
217 them have been fixed in the online version.</para>
221 <para>The link URL of <quote>upgrading section in the Release
222 Notes</quote>, branch names where upcoming Security
223 Advisories or Errata Notices will be applied, and a
224 command line argument of &man.freebsd-update.8; were ones
225 for 9.0-RELEASE, not for &release.current;.</para>
229 <para>The list of releases supported by &man.freebsd-update.8;
230 utility were incorrect. For 9.X, The following versions are
231 supported: <literal>9.0-RELEASE</literal>,
232 <literal>9.1-BETA1</literal>, and
233 <literal>9.1-RC[123]</literal>.</para>