1 <?xml version="1.0" encoding="iso-8859-1" standalone="no"?>
2 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.2-Based Extension//EN" [
3 <!ENTITY % entities PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Entity Set//EN">
6 <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
9 <![ %release.type.current [
10 <!ENTITY release "&release.current;">
12 <![ %release.type.snapshot [
13 <!ENTITY release "&release.prev;">
15 <![ %release.type.release [
16 <!ENTITY release "&release.current;">
21 FreeBSD errata document. Unlike some of the other RELNOTESng
22 files, this file should remain as a single SGML file, so that
23 the dollar FreeBSD dollar header has a meaningful modification
24 time. This file is all but useless without a datestamp on it,
25 so we'll take some extra care to make sure it has one.
27 (If we didn't do this, then the file with the datestamp might
28 not be the one that received the last change in the document.)
34 <title>&os; &release; Errata </title>
40 <pubdate>$FreeBSD$</pubdate>
44 <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder>
47 <legalnotice id="trademarks" role="trademarks">
56 <para>This document lists errata items for &os;
57 <![ %release.type.current [
60 <![ %release.type.snapshot [
63 <![ %release.type.release [
66 containing significant information discovered after the release
67 or too late in the release cycle to be otherwise included in the
68 release documentation.
69 This information includes security advisories, as well as news
70 relating to the software or documentation that could affect its
71 operation or usability. An up-to-date version of this document
72 should always be consulted before installing this version of
75 <para>This errata document for &os;
76 <![ %release.type.current [
79 <![ %release.type.snapshot [
82 <![ %release.type.release [
85 will be maintained until the release of &os; &release.next;.</para>
89 <title>Introduction</title>
91 <para>This errata document contains <quote>late-breaking news</quote>
93 <![ %release.type.current [
96 <![ %release.type.snapshot [
99 <![ %release.type.release [
102 Before installing this version, it is important to consult this
103 document to learn about any post-release discoveries or problems
104 that may already have been found and fixed.</para>
106 <para>Any version of this errata document actually distributed
107 with the release (for example, on a CDROM distribution) will be
108 out of date by definition, but other copies are kept updated on
109 the Internet and should be consulted as the <quote>current
110 errata</quote> for this release. These other copies of the
111 errata are located at <ulink
112 url="http://www.FreeBSD.org/releases/"></ulink>, plus any sites
113 which keep up-to-date mirrors of this location.</para>
115 <para>Source and binary snapshots of &os; &release.branch; also
116 contain up-to-date copies of this document (as of the time of
117 the snapshot).</para>
119 <para>For a list of all &os; CERT security advisories, see <ulink
120 url="http://www.FreeBSD.org/security/"></ulink> or <ulink
121 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"></ulink>.</para>
125 <sect1 id="security">
126 <title>Security Advisories</title>
128 <para>Problems described in the following security advisories have
129 been fixed in &release.current;. For more information, consult
130 the individual advisories available from <ulink
131 url="http://security.FreeBSD.org/"></ulink>.</para>
133 <informaltable frame="none" pgwide="1">
135 <colspec colwidth="1*"/>
136 <colspec colwidth="1*"/>
137 <colspec colwidth="3*"/>
141 <entry>Advisory</entry>
149 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:01.mountd.asc"
150 >SA-11:01.mountd</ulink></entry>
151 <entry>20 April 2011</entry>
152 <entry><para>Network ACL mishandling in &man.mountd.8;</para></entry>
156 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:02.bind.asc"
157 >SA-11:02.bind</ulink></entry>
158 <entry>28 May 2011</entry>
159 <entry><para>BIND remote DoS with large RRSIG RRsets and negative
160 caching</para></entry>
164 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:04.compress.asc"
165 >SA-11:04.compress</ulink></entry>
166 <entry>28 September 2011</entry>
167 <entry><para>Errors handling corrupt compress file in
168 &man.compress.1; and &man.gzip.1;</para></entry>
172 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc"
173 >SA-11:05.unix</ulink></entry>
174 <entry>28 September 2011</entry>
175 <entry><para>Buffer overflow in handling of UNIX socket
176 addresses</para></entry>
180 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:06.bind.asc"
181 >SA-11:06.bind</ulink></entry>
182 <entry>23 December 2011</entry>
183 <entry><para>Remote packet Denial of Service against &man.named.8;
184 servers</para></entry>
188 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:07.chroot.asc"
189 >SA-11:07.chroot</ulink></entry>
190 <entry>23 December 2011</entry>
191 <entry><para>Code execution via chrooted ftpd</para></entry>
195 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc"
196 >SA-11:08.telnetd</ulink></entry>
197 <entry>23 December 2011</entry>
198 <entry><para>telnetd code execution vulnerability</para></entry>
202 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:09.pam_ssh.asc"
203 >SA-11:09.pam_ssh</ulink></entry>
204 <entry>23 December 2011</entry>
205 <entry><para>pam_ssh improperly grants access when user account has
206 unencrypted SSH private keys</para></entry>
210 <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:10.pam.asc"
211 >SA-11:10.pam</ulink></entry>
212 <entry>23 December 2011</entry>
213 <entry><para><function>pam_start()</function> does not validate
214 service names</para></entry>
221 <sect1 id="open-issues">
222 <title>Open Issues</title>
226 <para>In some releases prior to &release.current;, upgrading
227 by using &man.freebsd-update.8; can fail. This issue has
228 been fixed by a change in Errata Notice EN-12:01. For more
229 information, see <ulink
230 url="http://security.freebsd.org/advisories/FreeBSD-EN-12:01.freebsd-update.asc"></ulink></para>
234 <para arch="amd64,i386">&os; &release.current; includes
235 several changes to improve resource management of PCI
236 devices. Some x86 machines may not boot or may have devices
237 that no longer attach when using ACPI as a result of these
238 changes. This can be worked around by setting a
239 &man.loader.8; tunable
240 <varname>debug.acpi.disabled</varname> to
241 <literal>hostres</literal>. To do this, enter the following
242 lines at the loader prompt:</para>
244 <screen>set debug.acpi.disabled="hostres"
247 <para>Or, put the following line into
248 <filename>/boot/loader.conf</filename>:</para>
250 <programlisting>debug.acpi.disabled="hostres"</programlisting>
254 <para>A &man.devctl.4; event upon arrival of a &man.ugen.4;
255 device has been changed. The event now includes
256 <literal>ugen</literal> and <literal>cdev</literal>
257 variables instead of <literal>device-name</literal>. This
258 change can prevent the following &man.devd.8; rule which
259 worked in a previous releases from working:</para>
261 <programlisting>attach 0 {
262 match "device-name" "ugen[0-9]+.[0-9]+";
263 action "/path/to/script /dev/$device-name";
266 <para>This should be updated to the following:</para>
268 <programlisting>attach 0 {
269 match "subsystem" "DEVICE";
270 match "type" "ATTACH";
271 match "cdev" "ugen[0-9]+.[0-9]+";
272 action "/path/to/script /dev/$cdev";
277 <para>The &os; &release.current; Release Notes should have
278 mentioned that SSM (Source-Specific Multicast) MLDv2 now
279 uses <literal>ALLOW_NEW_SOURCES</literal> and
280 <literal>BLOCK_OLD_SOURCES</literal> record types to signal
281 a join or a leave by default. This conforms RFC 4604,
282 <quote>Using Internet Group Management Protocol Version 3
283 (IGMPv3) and Multicast Listener Discovery Protocol Version 2
284 (MLDv2) for Source-Specific Multicast</quote>. A new
285 &man.sysctl.8; variable
286 <varname>net.inet6.mld.use_allow</varname> which controls
287 the behavior has been added. The default value is
288 <literal>1</literal> (use
289 <literal>ALLOW_NEW_SOURCES</literal> and
290 <literal>BLOCK_OLD_SOURCES</literal>).</para>
294 <para>&release.current; fails to configure an interface
295 specified in the &man.rc.conf.5; variable
296 <varname>ipv6_prefix_<replaceable>IF</replaceable></varname>
297 when the interface does not have a corresponding
298 <varname>ifconfig_<replaceable>IF</replaceable>_ipv6</varname>
299 variable. This problem will be fixed in the future
300 releases. To work around this problem on &release.current;,
302 <varname>ifconfig_<replaceable>IF</replaceable>_ipv6</varname>
303 line for each interface specified in
304 <varname>ipv6_prefix_<replaceable>IF</replaceable></varname>
305 as the following:</para>
307 <programlisting>ipv6_prefix_em0="2001:db8:1:0 2001:db8:2:0"
308 ifconfig_em0_ipv6="inet6 auto_linklocal"</programlisting>
312 <para>In &release.current; the &os; USB subsystem supports USB
313 3.0 by the &man.xhci.4; driver. However, a bug that could
314 prevent it from working with a USB 3.0 hub has been found
315 and fixed after the release date. This means
316 &release.current; and prior do not work with a USB 3.0 hub.
317 This problem has been fixed in HEAD and will be merged into
318 the 9-STABLE branch.</para>
323 <sect1 id="late-news">
324 <title>Late-Breaking News</title>
326 <![ %release.type.current [
327 <para>No news.</para>
330 <![ %release.type.release [
331 <para>No news.</para>
334 <![ %release.type.snapshot [
335 <para>No news.</para>