aboutsummaryrefslogtreecommitdiffstats
path: root/release/doc/en_US.ISO8859-1/errata/article.sgml
blob: dff2a152f32f26925e29d54e5234f576c5440e9e (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
<!--
	FreeBSD errata document.  Unlike some of the other RELNOTESng
	files, this file should remain as a single SGML file, so that
	the dollar FreeBSD dollar header has a meaningful modification
	time.  This file is all but useless without a datestamp on it,
	so we'll take some extra care to make sure it has one.

	(If we didn't do this, then the file with the datestamp might
	not be the one that received the last change in the document.)

-->

<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
<!ENTITY % man PUBLIC "-//FreeBSD//ENTITIES DocBook Manual Page Entities//EN">
%man;
<!ENTITY % authors PUBLIC  "-//FreeBSD//ENTITIES DocBook Author Entities//EN">
%authors;
<!ENTITY % mlists PUBLIC "-//FreeBSD//ENTITIES DocBook Mailing List Entities//EN">
%mlists;
<!ENTITY % trademarks PUBLIC "-//FreeBSD//ENTITIES DocBook Trademark Entities//EN">
%trademarks;
<!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN">
%release;

]>

<article>
  <articleinfo>
    <title>&os;
<![ %release.type.snapshot [
    &release.prev;
]]>
<![ %release.type.release [
    &release.current;
]]>
    Errata</title>

    <corpauthor>
    The &os; Project
    </corpauthor>

    <pubdate>$FreeBSD$</pubdate>

    <copyright>
      <year>2000</year>
      <year>2001</year>
      <year>2002</year>
      <year>2003</year>
      <year>2004</year>
      <holder role="mailto:doc@FreeBSD.org">The FreeBSD Documentation Project</holder>
    </copyright>

    <legalnotice id="trademarks" role="trademarks">
      &tm-attrib.freebsd;
      &tm-attrib.intel;
      &tm-attrib.general;
    </legalnotice>
  </articleinfo>

  <abstract>
    <para>This document lists errata items for &os; 
<![ %release.type.snapshot [
      &release.prev;,
]]>
<![ %release.type.release [
      &release.current;,
]]>
      containing significant information discovered after the release
      or too late in the release cycle to be otherwise included in the
      release documentation.
      This information includes security advisories, as well as news
      relating to the software or documentation that could affect its
      operation or usability.  An up-to-date version of this document
      should always be consulted before installing this version of
      &os;.</para>

    <para>This errata document for &os; 
<![ %release.type.snapshot [
      &release.prev;
]]>
<![ %release.type.release [
      &release.current;
]]>
      will be maintained until the release of &os; &release.next;.</para>
  </abstract>

  <sect1>
    <title>Introduction</title>

    <para>This errata document contains <quote>late-breaking news</quote>
      about &os;
<![ %release.type.snapshot [
      &release.prev;.
]]>
<![ %release.type.release [
      &release.current;.
]]>
      Before installing this version, it is important to consult this
      document to learn about any post-release discoveries or problems
      that may already have been found and fixed.</para>

    <para>Any version of this errata document actually distributed
      with the release (for example, on a CDROM distribution) will be
      out of date by definition, but other copies are kept updated on
      the Internet and should be consulted as the <quote>current
      errata</quote> for this release.  These other copies of the
      errata are located at <ulink
      url="http://www.FreeBSD.org/releases/"></ulink>, plus any sites
      which keep up-to-date mirrors of this location.</para>

    <para>Source and binary snapshots of &os; &release.branch; also
      contain up-to-date copies of this document (as of the time of
      the snapshot).</para>

    <para>For a list of all &os; CERT security advisories, see <ulink
      url="http://www.FreeBSD.org/security/"></ulink> or <ulink
      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/"></ulink>.</para>

  </sect1>

  <sect1>
    <title>Security Advisories</title>

<![ %release.type.release [
    <para>No active security advisories.</para>
]]>

<![ %release.type.snapshot [
    <para>No active security advisories.</para>
]]>

  </sect1>

  <sect1>
    <title>Late-Breaking News</title>

<![ %release.type.release [
    <para>No news.</para>
]]>

<![ %release.type.snapshot [

    <para>(20 May 2004) A security problem was discovered
      in <application>CVS</application> but the release notes
      did not state that since it was very late in the release cycle.
      &os; &release.prev; includes a fix for it and is not vulnerable.
      For the details, see the security advisory
      <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc">FreeBSD-SA-04:10</ulink>.</para>

    <para>(23 May 2004) As a side effect of closing a security problem
      related to &man.msync.2;, the <literal>MS_INVALIDATE</literal>
      flag no longer guarantees that all pages in the range are
      invalidated.  This can cause problems when pages are backed by a remote file
      (e.g. via NFS) where other machines can write to the permanent storage since
      the local pages not being invalidated might then contain stale data.  The
      security problem being addressed is a strictly local exploit, and only
      allows a local user to block the writing of data to a file under certain
      circumstances.  Users who require the old semantics of
      <literal>MS_INVALIDATE</literal> and are not concerned with
      the security issue being fixed can set the
      <literal>vm.old_msync</literal> sysctl to <literal>1</literal>
      which will revert to the old (insecure) behavior.</para>

    <para>(25 May 2004) The &man.twe.4; driver was recently updated by the
      vendor.  Problems have been reported in rare circumstances under
      conditions that are hard to reproduce.  Work is ongoing to isolate
      these problems and determine their source.</para>

    <para>(27 May 2004) The &man.bfe.4; driver for Broadcom BCM4401
      based Fast Ethernet adapters has been added but the release notes
      did not mention that.</para>
]]>
  </sect1>
</article>