Copyright � 2016 The FreeBSD Documentation Project
FreeBSD is a registered trademark of the FreeBSD Foundation.
Intel, Celeron, Centrino, Core, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
SPARC, SPARC64, and UltraSPARC are trademarks of SPARC International, Inc in the United States and other countries. SPARC International, Inc owns all of the SPARC trademarks and under licensing agreements allows the proper use of these trademarks by its members.
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the “™” or the “�” symbol.
This document lists errata items for FreeBSD 11.0-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD.
This errata document for FreeBSD 11.0-RELEASE will be maintained until the release of FreeBSD 11.1-RELEASE.
This errata document contains “late-breaking news” about FreeBSD 11.0-RELEASE Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed.
Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the “current errata” for this release. These other copies of the errata are located at https://www.FreeBSD.org/releases/, plus any sites which keep up-to-date mirrors of this location.
Source and binary snapshots of FreeBSD 11.0-STABLE also contain up-to-date copies of this document (as of the time of the snapshot).
For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/security/.
| Advisory | Date | Topic |
|---|---|---|
| FreeBSD-SA-16:32.bhyve | 25�October�2016 | Privilege escalation vulnerability |
| FreeBSD-SA-16:33.openssh | 2�November�2016 | Remote Denial of Service vulnerability |
| FreeBSD-SA-16:36.telnetd | 6�December�2016 | Possible login(1) argument injection |
| FreeBSD-SA-16:37.libc | 6�December�2016 | link_ntoa(3) buffer overflow |
| FreeBSD-SA-16:38.bhyve | 6�December�2016 | Possible escape from bhyve(8) virtual machine |
| FreeBSD-SA-16:39.ntp | 22�December�2016 | Multiple vulnerabilities |
| FreeBSD-SA-17:01.openssh | 10�January�2017 | Multiple vulnerabilities |
| FreeBSD-SA-17:02.openssl | 23�February�2017 | Multiple vulnerabilities |
| FreeBSD-SA-17:03.ntp | 12�April�2017 | Multiple vulnerabilities |
| FreeBSD-SA-17:04.ipfilter | 27�April�2017 | Fix fragment handling panic |
| FreeBSD-SA-17:05.heimdal | 12�July�2017 | Fix KDC-REP service name validation vulnerability |
| Errata | Date | Topic |
|---|---|---|
| FreeBSD-EN-16:18.loader | 25�October�2016 | Loader may hang during boot |
| FreeBSD-EN-16:19.tzcode | 6�December�2016 | Fix warnings about invalid timezone abbreviations |
| FreeBSD-EN-16:20.tzdata | 6�December�2016 | Update timezone database information |
| FreeBSD-EN-16:21.localedef | 6�December�2016 | Fix incorrectly defined unicode characters |
| FreeBSD-EN-17:01.pcie | 23�February�2017 | Fix system hang when booting when PCI-express HotPlug is enabled |
| FreeBSD-EN-17:02.yp | 23�February�2017 | Fix NIS master updates are not pushed to an NIS slave |
| FreeBSD-EN-17:03.hyperv | 23�February�2017 | Fix compatibility with Hyper-V/storage after KB3172614 or KB3179574 |
| FreeBSD-EN-17:04.mandoc | 23�February�2017 | Make makewhatis(1) output reproducible |
| FreeBSD-EN-17:05.xen | 23�February�2017 | Xen migration enhancements |
An issue was discovered with Amazon� EC2™ images which would cause the virtual machine to hang during boot when upgrading from previous FreeBSD versions. New EC2™ installations are not affected, but existing installations running earlier releases are advised to wait until the issue is resolved in an Errata Notice before upgrading. An Errata Notice to address this is planned following the release.
FreeBSD/i386 installed on ZFS may crash during boot
when the ZFS pool mount is attempted while booting an
unmodified GENERIC kernel.
A system tunable has been added as of revision
r286584 to make the
kern.kstack_pages tunable configurable
without recompiling the kernel.
To mitigate system crashes with such configurations,
chose Escape to loader prompt in the boot
menu and enter the following lines from loader(8)
prompt, after an OK:
set kern.kstack_pages=4 boot
Add this line to
/boot/loader.conf for the change to
persist across reboots:
kern.kstack_pages=4
A bug was diagnosed in interaction of the
pmap_activate() function and
TLB shootdown IPI
handler on amd64 systems which have PCID
features but do not implement the INVPCID
instruction. On such machines, such as SandyBridge™
and IvyBridge™ microarchitectures, set the loader
tunable vm.pmap.pcid_enabled=0 during
boot:
set vm.pmap.pcid_enabled=0 boot
Add this line to
/boot/loader.conf for the change to
persist across reboots:
To check if the system is affected, check dmesg(8) for PCID listed in the "Features2", and absence of INVPCID in the "Structured Extended Features". If the PCID feature is not present, or INVPCID is present, system is not affected.
vm.pmap.pcid_enabled=0
The Release Notes erroneously states the
WITH_SYSTEM_COMPILER src.conf(5)
option is enabled by default, however this was disabled
prior to the final release build.
The release announcement stated "Wireless support for 802.11n has been added." This was intended to state "Wireless support for 802.11n has been added for additional wireless network drivers."
Some release notes pertaining to the Cavium ThunderX platform (the FreeBSD/arm64 reference platform) were omitted:
[2016-10-20] Several recent Dell systems fail to find a bootable disk when the system boots in Legacy/BIOS/CSM mode, the boot disk is partitioned with GPT, and the Active flag in the Protective MBR is not set. To work around this issue, either configure the system to boot in UEFI mode, or choose the "GPT + Active" scheme. [r293860]
[2016-10-21] Support for sha512 and
skein checksumming has been added to the
ZFS filesystem. This was not mentioned
in the release notes.
Systems being upgraded from earlier FreeBSD releases with
ZFS will see a message in zpool
status output noting the pool is not at the
latest version, and some features may not be enabled.
Additional instructions on how to update
ZFS pools to the latest version and
update the boot blocks for all boot drives in the pool will
also be provided in the output.
This information is also documented in
/usr/src/UPDATING, which is included if
the src component is selected during
installation.
[2016-10-21] The size of the GPT
enabled ZFS boot blocks
(/boot/gptzfsboot) has increased past
64K. Systems upgraded from older releases may experience
a problem where the size of the existing
"freebsd-boot" partition is too small to hold the
new gptzfsboot.
Systems where the boot partition is immediately followed
by the swap partition, such as those installed via
bsdinstall(8), can resize the swap partition slightly
using the gpart(8) resize command,
so space can be reclaimed to increase the size of the
freebsd-boot partition.
[2016-10-21] Due to a bug in earlier versions of clang(1) that is difficult to work around in the upgrade process, to upgrade the system from sources via buildworld to -CURRENT or 11.0-RELEASE, it is necessary to upgrade machines running 9.x to at least revision r286035, or machines running 10.x to revision r286033. Source-based upgrades from 10.3-RELEASE are not affected. This differs from the historical situation where one could generally upgrade from anywhere on earlier stable branches, so caution should be exercised.
This file, and other release-related documents, can be downloaded from https://www.FreeBSD.org/snapshots/.
For questions about FreeBSD, read the documentation before contacting <[email protected]>.
All users of FreeBSD 11.0-STABLE should subscribe to the <[email protected]> mailing list.
For questions about this documentation, e-mail <[email protected]>.