1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
|
<!--
FreeBSD errata document. Unlike some of the other RELNOTESng
files, this file should remain as a single SGML file, so that
the dollar FreeBSD dollar header has a meaningful modification
time. This file is all but useless without a datestamp on it,
so we'll take some extra care to make sure it has one.
(If we didn't do this, then the file with the datestamp might
not be the one that received the last change in the document.)
-->
<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
<!ENTITY % man PUBLIC "-//FreeBSD//ENTITIES DocBook Manual Page Entities//EN">
%man;
<!ENTITY % authors PUBLIC "-//FreeBSD//ENTITIES DocBook Author Entities//EN">
%authors;
<!ENTITY % mlists PUBLIC "-//FreeBSD//ENTITIES DocBook Mailing List Entities//EN">
%mlists;
<!ENTITY % trademarks PUBLIC "-//FreeBSD//ENTITIES DocBook Trademark Entities//EN">
%trademarks;
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
%release;
]>
<article>
<articleinfo>
<title>&os;
<![ %release.type.snapshot [
&release.prev;
]]>
<![ %release.type.release [
&release.current;
]]>
Errata</title>
<corpauthor>
The &os; Project
</corpauthor>
<pubdate>$FreeBSD$</pubdate>
<copyright>
<year>2000</year>
<year>2001</year>
<year>2002</year>
<year>2003</year>
<year>2004</year>
<holder role="mailto:doc@FreeBSD.org">The FreeBSD Documentation Project</holder>
</copyright>
<legalnotice id="trademarks" role="trademarks">
&tm-attrib.freebsd;
&tm-attrib.intel;
&tm-attrib.general;
</legalnotice>
</articleinfo>
<abstract>
<para>This document lists errata items for &os;
<![ %release.type.snapshot [
&release.prev;,
]]>
<![ %release.type.release [
&release.current;,
]]>
containing significant information discovered after the release
or too late in the release cycle to be otherwise included in the
release documentation.
This information includes security advisories, as well as news
relating to the software or documentation that could affect its
operation or usability. An up-to-date version of this document
should always be consulted before installing this version of
&os;.</para>
<para>This errata document for &os;
<![ %release.type.snapshot [
&release.prev;
]]>
<![ %release.type.release [
&release.current;
]]>
will be maintained until the release of &os; &release.next;.</para>
</abstract>
<sect1>
<title>Introduction</title>
<para>This errata document contains <quote>late-breaking news</quote>
about &os;
<![ %release.type.snapshot [
&release.prev;.
]]>
<![ %release.type.release [
&release.current;.
]]>
Before installing this version, it is important to consult this
document to learn about any post-release discoveries or problems
that may already have been found and fixed.</para>
<para>Any version of this errata document actually distributed
with the release (for example, on a CDROM distribution) will be
out of date by definition, but other copies are kept updated on
the Internet and should be consulted as the <quote>current
errata</quote> for this release. These other copies of the
errata are located at <ulink
url="http://www.FreeBSD.org/releases/"></ulink>, plus any sites
which keep up-to-date mirrors of this location.</para>
<para>Source and binary snapshots of &os; &release.branch; also
contain up-to-date copies of this document (as of the time of
the snapshot).</para>
<para>For a list of all &os; CERT security advisories, see <ulink
url="http://www.FreeBSD.org/security/"></ulink> or <ulink
url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"></ulink>.</para>
</sect1>
<sect1>
<title>Security Advisories</title>
<![ %release.type.release [
<para>No active security advisories.</para>
]]>
<![ %release.type.snapshot [
<para>No active security advisories.</para>
]]>
</sect1>
<sect1>
<title>Late-Breaking News</title>
<![ %release.type.release [
<para>(20 May 2004) A security problem was discovered
in <application>CVS</application> but the release notes
did not state that since it was very late in the release cycle.
&os; &release.prev; includes a fix for it and is not vulnerable.
For the details, see the security advisory
<ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc">FreeBSD-SA-04:10</ulink>.</para>
<para>(23 May 2004) As a side effect of closing a security problem
related to &man.msync.2;, the <literal>MS_INVALIDATE</literal>
flag no longer guarantees that all pages in the range are
invalidated. This can cause problems when pages are backed by a remote file
(e.g. via NFS) where other machines can write to the permanent storage since
the local pages not being invalidated might then contain stale data. The
security problem being addressed is a strictly local exploit, and only
allows a local user to block the writing of data to a file under certain
circumstances. Users who require the old semantics of
<literal>MS_INVALIDATE</literal> and are not concerned with
the security issue being fixed can set the
<literal>vm.old_msync</literal> sysctl to <literal>1</literal>
which will revert to the old (insecure) behavior.</para>
<para>(25 May 2004) The &man.twe.4; driver was recently updated by the
vendor. Problems have been reported in rare circumstances under
conditions that are hard to reproduce. Work is ongoing to isolate
these problems and determine their source.</para>
]]>
<![ %release.type.snapshot [
<para>No news.</para>
]]>
</sect1>
</article>
|
