English
FreeBSD 9.3-RELEASE Errata
Abstract
This document lists errata items for FreeBSD 9.3-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD.
This errata document for FreeBSD 9.3-RELEASE will be maintained until the EoL of FreeBSD 9.3-STABLE.
'''''
Table of Contents
<<intro, Introduction>>
<<security, Security Advisories>>
<<errata, Errata Notices>>
<<late-news, Late-Breaking News>>
Introduction
This errata document contains "late-breaking news" about FreeBSD 9.3-RELEASE Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed.
Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the "current errata" for this release. These other copies of the errata are located at `https://www.FreeBSD.org/releases/`, plus any sites which keep up-to-date mirrors of this location.
Source and binary snapshots of FreeBSD 9.3-STABLE also contain up-to-date copies of this document (as of the time of the snapshot).
For a list of all FreeBSD CERT security advisories, see `https://www.FreeBSD.org/security/`.
Security Advisories
Problems described in the following security advisories have been fixed in 9.3-RELEASE. For more information, consult the individual advisories available from `http://security.FreeBSD.org/`.
|Advisory |Date |Topic
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:18.openssl.asc[FreeBSD-SA-14:18.openssl] |9 September 2014 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:19.tcp.asc[FreeBSD-SA-14:19.tcp] |16 September 2014 |Denial of Service in TCP packet processing.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:20.rtsold.asc[FreeBSD-SA-14:20.rtsold] |21 October 2014 |Remote buffer overflow vulnerability.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:21.routed.asc[FreeBSD-SA-14:21.routed] |21 October 2014 |Remote denial of service vulnerability.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:22.namei.asc[FreeBSD-SA-14:22.namei] |21 October 2014 |Memory leak in sandboxed namei lookup.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:23.openssl.asc[FreeBSD-SA-14:23.openssl] |21 October 2014 |Multiple vulerabilities.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:25.setlogin.asc[FreeBSD-SA-14:25.setlogin] |04 November 2014 |Kernel stack disclosure.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:26.ftp.asc[FreeBSD-SA-14:26.ftp] |04 November 2014 |Remote code execution.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:28.file.asc[FreeBSD-SA-14:28.file] |10 December 2014 |Multiple vulnerabilities in man:file[1] and man:libmagic[3]
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:29.bind.asc[FreeBSD-SA-14:29.bind] |10 December 2014 |Remote denial of service vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-14:31.ntp.asc[FreeBSD-SA-14:31.ntp] |23 December 2014 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:01.openssl.asc[FreeBSD-SA-15:01.openssl] |14 January 2015 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:02.kmem.asc[FreeBSD-SA-15:02.kmem] |27 January 2015 |SCTP kernel memory corruption and disclosure vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:03.sctp.asc[FreeBSD-SA-15:03.sctp] |27 January 2015 |SCTP stream reset vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:04.igmp.asc[FreeBSD-SA-15:04.igmp] |25 February 2015 |Integer overflow in IGMP protocol
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:05.bind.asc[FreeBSD-SA-15:05.igmp] |25 February 2015 |Remote denial of service vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:06.openssl.asc[FreeBSD-SA-15:06.openssl] |19 March 2015 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:07.ntp.asc[FreeBSD-SA-15:07.ntp] |7 April 2015 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:09.ipv6.asc[FreeBSD-SA-15:09.ipv6] |7 April 2015 |Router advertisement Denial of Service
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:10.openssl.asc[FreeBSD-SA-15:10.openssl] |16 June 2015 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:11.bind.asc[FreeBSD-SA-15:11.bind] |7 July 2015 |Resolver remote denial of service
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:13.tcp.asc[FreeBSD-SA-15:13.tcp] |21 July 2015 |resource exhaustion due to sessions stuck in `LAST_ACK` state.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:15.tcp.asc[FreeBSD-SA-15:15.tcp] |28 July 2015 |resource exhaustion in TCP reassembly
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:16.openssh.asc[FreeBSD-SA-15:16.openssh] |28 July 2015 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:17.bind.asc[FreeBSD-SA-15:17.bind] |28 July 2015 |Remote denial of service vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:19.routed.asc[FreeBSD-SA-15:19.routed] |5 August 2015 |Remote denial of service vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:20.expat.asc[FreeBSD-SA-15:20.expat] |18 August 2015 |Fix multiple integer overflows in man:libbsdxml[3].
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:21.amd64.asc[FreeBSD-SA-15:21.amd64] |25 August 2015 |Fix local privilege escalation in IRET handler.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:22.openssh.asc[FreeBSD-SA-15:22.openssh] |25 August 2015 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:23.bind.asc[FreeBSD-SA-15:23.bind] |2 September 2015 |Remote denial of service vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:24.rpcbind.asc[FreeBSD-SA-15:24.rpcbind] |29 September 2015 |Remote denial of service
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:25.ntp.asc[FreeBSD-SA-15:25.ntp] |26 October 2015 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:26.openssl.asc[FreeBSD-SA-15:26.openssl] |5 December 2015 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-15:27.bind.asc[FreeBSD-SA-15:27.bind] |16 December 2015 |Remote denial of service
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:01.sctp.asc[FreeBSD-SA-16:01.sctp] |14 January 2016 |ICMPv6 error message vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:02.ntp.asc[FreeBSD-SA-16:02.ntp] |14 January 2016 |Panic threshold bypass vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:03.linux.asc[FreeBSD-SA-16:03.linux] |14 January 2016 |Incorrect `futex` handling
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:04.linux.asc[FreeBSD-SA-16:04.linux] |14 January 2016 |man:setgroups[2] system call vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:05.tcp.asc[FreeBSD-SA-16:05.tcp] |14 January 2016 |MD5 signature denial of service
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:06.bsnmpd.asc[FreeBSD-SA-16:06.bsnmpd] |14 January 2016 |Insecure default configuration file permissions
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:07.openssh.asc[FreeBSD-SA-16:07.openssh] |14 January 2016 |OpenSSH client information leak
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:08.bind.asc[FreeBSD-SA-16:08.bind] |27 January 2016 |Remote denial of service vulnerability.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:09.ntp.asc[FreeBSD-SA-16:09.ntp] |27 January 2016 |Multiple vulnerabilities.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:10.linux.asc[FreeBSD-SA-16:10.linux] |27 January 2016 |man:issetugid[2] system call vulnerability.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:11.openssl.asc[FreeBSD-SA-16:11.openssl] |30 January 2016 |SSLv2 cipher suite downgrade vulnerability.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:12.openssl.asc[FreeBSD-SA-16:12.openssl] |7 March 2016 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:13.bind.asc[FreeBSD-SA-16:13.bind] |10 March 2016 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:14.openssh-xauth.asc[FreeBSD-SA-16:14.openssh-xauth] |16 March 2016 |OpenSSH xauth injection vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:15.sysarch.asc[FreeBSD-SA-16:15.sysarch] |16 March 2016 |Incorrect argument validation in man:sysarch[2]
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:09.ntp.asc[FreeBSD-SA-16:09.ntp] |29 April 2016 |Multiple ntp vulnerabilities.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:17.openssl.asc[FreeBSD-SA-16:17.openssl] |29 April 2016 |Multiple OpenSSL vulnerabilities.
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:18.atkbd.asc[FreeBSD-SA-16:18.atkbd] |17 May 2016 |Keyboard driver buffer overflow
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:19.sendmsg.asc[FreeBSD-SA-16:19.sendmsg] |17 May 2016 |Incorrect argument handling in man:sendmsg[2]
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:20.linux.asc[FreeBSD-SA-16:20.linux] |31 May 2016 |Kernel stack disclosure in Linux compatibility layer
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:21.43bsd.asc[FreeBSD-SA-16:21.43bsd] |31 May 2016 |Kernel stack disclosure in 4.3BSD compatibility layer
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:22.libarchive.asc[FreeBSD-SA-16:22.libarchive] |31 May 2016 |Absolute path traversal vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:23.libarchive.asc[FreeBSD-SA-16:23.libarchive] |31 May 2016 |Absolute path traversal vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:24.ntp.asc[FreeBSD-SA-16:24.ntp] |3 June 2016 |Multiple ntp vulnerabilties
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:25.bspatch.asc[FreeBSD-SA-16:25.bspatch] |25 July 2016 |heap overflow vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:26.openssl.asc[FreeBSD-SA-16:26.openssl] |23 September 2016 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:27.openssl.asc[FreeBSD-SA-16:27.openssl] |26 September 2016 |Regression in OpenSSL suite
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:28.bind.asc[FreeBSD-SA-16:28.bind] |10 October 2016 |BIND denial of service
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:29.bspatch.asc[FreeBSD-SA-16:29.bspatch] |10 October 2016 |Heap overflow vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:30.portsnap.asc[FreeBSD-SA-16:30.portsnap] |10 October 2016 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:31.libarchive.asc[FreeBSD-SA-16:31.libarchive] |10 October 2016 |Multiple vulnerabilities
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:34.bind.asc[FreeBSD-SA-16:34.bind] |2 November 2016 |Remote Denial of Service vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:35.openssl.asc[FreeBSD-SA-16:35.openssl] |2 November 2016 |Remote Denial of Service vulnerability
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:36.telnetd.asc[FreeBSD-SA-16:36.telnetd] |6 December 2016 |Possible man:login[1] argument injection
|https://www.FreeBSD.org/security/advisories/FreeBSD-SA-16:37.libc.asc[FreeBSD-SA-16:37.libc] |6 December 2016 |man:link_ntoa[3] buffer overflow
Errata Notices
|Errata |Date |Topic
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:10.tzdata.asc[FreeBSD-EN-14:10.tzdata] |21 October 2014 |Time zone data file update
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:11.crypt.asc[FreeBSD-EN-14:11.crypt] |21 October 2014 |Change man:crypt[3] default hashing algorithm back to DES
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:12.zfs.asc[FreeBSD-EN-14:12.zfs] |11 November 2014 |Fix NFSv4 and ZFS cache consistency issue
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-14:13.freebsd-update.asc[FreeBSD-EN-14:13.freebsd-update] |23 December 2014 |Fixed directory deletion issue in man:freebsd-update[8]
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:01.vt.asc[FreeBSD-EN-15:01.vt] |25 February 2015 |man:vt[4] crash with improper ioctl parameters
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:02.openssl.asc[FreeBSD-EN-15:02.openssl] |25 February 2015 |OpenSSL update
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:03.freebsd-update.asc[FreeBSD-EN-15:03.freebsd-update] |25 February 2015 |man:freebsd-update[8] updates libraries in suboptimal order
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:04.freebsd-update.asc[FreeBSD-EN-15:04.freebsd-update] |13 May 2015 |man:freebsd-update[8] does not ensure the previous upgrade has completed
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:06.file.asc[FreeBSD-EN-15:06.file] |9 June 2015 |Multiple denial of service issues
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:08.sendmail.asc[FreeBSD-EN-15:08.sendmail] |30 June 2015 (revised) |Sendmail TLS/DH interoperability improvement
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:09.xlocale.asc[FreeBSD-EN-15:09.xlocale] |30 June 2015 |Fix inconsistency between locale and rune locale states
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:15.pkg.asc[FreeBSD-EN-15:15.pkg] |25 August 2015 |Insufficient check of supported man:pkg[7] signature methods.
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:18.pkg.asc[FreeBSD-EN-15:18.pkg] |16 September 2015 |Implement `pubkey` support for man:pkg[7] bootstrap.
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:19.kqueue.asc[FreeBSD-EN-15:19.kqueue] |4 November 2015 |man:kqueue[2] write events never fire for files larger than 2GB.
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-15:20.vm.asc[FreeBSD-EN-15:20.vm] |4 November 2015 |Applications exiting due to segmentation violation on a correct memory address.
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-16:02.pf.asc[FreeBSD-EN-16:02.pf] |14 January 2016 |Invalid TCP checksum issue.
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-16:03.yplib.asc[FreeBSD-EN-16:03.yplib] |14 January 2016 |YP/NIS library bug.
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-16:08.zfs.asc[FreeBSD-EN-16:08.zfs] |4 May 2016 |Memory leak in ZFS
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-16:09.freebsd-update.asc[FreeBSD-EN-16:09.freebsd-update] |25 July 2016 |Fix man:freebsd-update[8] support of FreeBSD 11.0-RELEASE
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-16:19.tzcode.asc[FreeBSD-EN-16:19.tzcode] |6 December 2016 |Fix warnings about invalid timezone abbreviations
|https://www.FreeBSD.org/security/advisories/FreeBSD-EN-16:20.tzdata.asc[FreeBSD-EN-16:20.tzdata] |6 December 2016 |Update timezone database information