FreeBSD 11.3-RELEASE Errata

The FreeBSD Project

FreeBSD is a registered trademark of the FreeBSD Foundation.

Intel, Celeron, Centrino, Core, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

SPARC, SPARC64, and UltraSPARC are trademarks of SPARC International, Inc in the United States and other countries. SPARC International, Inc owns all of the SPARC trademarks and under licensing agreements allows the proper use of these trademarks by its members.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the symbol.

Last modified on 2020-01-28 15:56:41 EST by gjb.
Abstract

This document lists errata items for FreeBSD 11.3-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD.

This errata document for FreeBSD 11.3-RELEASE will be maintained until the release of FreeBSD 11.4-STABLE (if applicable).


Table of Contents
1. Introduction
2. Security Advisories
3. Errata Notices
4. Open Issues
5. Late-Breaking News

1.�Introduction

This errata document contains late-breaking news about FreeBSD 11.3-RELEASE. Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed.

Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the current errata for this release. These other copies of the errata are located at https://www.FreeBSD.org/releases/, plus any sites which keep up-to-date mirrors of this location.

Source and binary snapshots of FreeBSD 11.4-STABLE also contain up-to-date copies of this document (as of the time of the snapshot).

For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/security/.

2.�Security Advisories

AdvisoryDateTopic
FreeBSD-SA-19:12.telnet24�July�2019

Multiple vulnerabilities

FreeBSD-SA-19:13.pts24�July�2019

Write-after-free vulnerability

FreeBSD-SA-19:14.freebsd3224�July�2019

Kernel memory disclosure

FreeBSD-SA-19:15.mqueuefs24�July�2019

Reference count overflow

FreeBSD-SA-19:16.bhyve24�July�2019

xhci(4) out-of-bounds read

FreeBSD-SA-19:17.fd24�July�2019

Reference count leak

FreeBSD-SA-19:18.bzip26�August�2019

Multiple vulnerabilities

FreeBSD-SA-19:19.mldv26�August�2019

Out-of-bounds memory access

FreeBSD-SA-19:20.bsnmp6�August�2019

Insufficient message length validation

FreeBSD-SA-19:21.bhyve6�August�2019

Insufficient validation of guest-supplied data

FreeBSD-SA-19:22.mbuf20�August�2019

IPv6 remove denial-of-service

FreeBSD-SA-19:23.midi20�August�2019

Kernel memory disclosure

FreeBSD-SA-19:24.mqueuefs20�August�2019

Reference count overflow

FreeBSD-SA-19:25.mcepce12�November�2019

Machine Check Exception on Page Size Change

FreeBSD-SA-19:26.mcu12�November�2019

Intel CPU Microcode Update

FreeBSD-SA-20:01.libfetch28�January�2020

fetch(3) buffer overflow

FreeBSD-SA-20:03.thrmisc28�January�2020

Kernel stack data disclosure

FreeBSD-SA-20:04.tcp18�March�2020

TCP IPv6 SYN cache kernel information disclosure

FreeBSD-SA-20:05.if_oce_ioctl18�March�2020

Insufficient ioctl(2) privilege checking

FreeBSD-SA-20:07.epair18�March�2020

Incorrect user-controlled pointer use

FreeBSD-SA-20:08.jail18�March�2020

Kernel memory disclosure with nested jails

FreeBSD-SA-20:09.ntp18�March�2020

Multiple denial of service

FreeBSD-SA-20:10.ipfw21�April�2020

Invalid mbuf(9) handling

FreeBSD-SA-20:12.libalias12�May�2020

Insufficient packet length validation

FreeBSD-SA-20:13.libalias12�May�2020

Memory disclosure vulnerability

FreeBSD-SA-20:14.sctp12�May�2020

Improper checking in shared key update

FreeBSD-SA-20:14.cryptodev12�May�2020

Use-after-free condition

3.�Errata Notices

ErrataDateTopic
FreeBSD-EN-19:13.mds24�July�2019

System crash from Intel CPU vulnerability mitigation

FreeBSD-EN-19:15.libunwind6�August�2019

Incorrect exception handling

FreeBSD-EN-19:16.bhyve20�August�2019

Instruction emulation improvements

FreeBSD-EN-19:17.ipfw20�August�2019

"jail" keyword fix

FreeBSD-EN-19:18.tzdata23�October�2019

Timezone database information update

FreeBSD-EN-20:01.ssp28�January�2020

Imprecise orderring of canary initialization

FreeBSD-EN-20:02.nmount28�January�2020

Invalid pointer dereference

FreeBSD-EN-20:04.pfctl18�March�2020

Missing pfctl(8) tunable

FreeBSD-EN-20:06.ipv618�March�2020

Incorrect checksum calculations

FreeBSD-EN-20:07.quotad21�April�2020

Regression with certain NFS servers

FreeBSD-EN-20:08.tzdata12�May�2020

Timezone database update

FreeBSD-EN-20:10.build12�May�2020

Incorrect build host clang version detection

4.�Open Issues

  • [2019-07-04] An issue which can cause a crash when connecting to a bhyve(4) instance with a VNC client under certain circumstances had been reported. An errata notice is planned post-release.

  • [2019-07-04] An issue booting bhyve(4) virtual machines compiled with clang(1) version 8.0.0 or later had been reported late in the release cycle. An errata notice is planned post-release.

    This issue is believed to only affect OpenBSD virtual machines compiled with clang(1).

  • [2019-07-04] An issue when upgrading from FreeBSD�11.3 to FreeBSD�12.0 (which occurred earlier in time, comparatively), had been reported where the com.delphix:spacemap_v2 zpool(8) feature does not exist on FreeBSD�12.0, will fail to import the ZFS pool.

    At this time, it is advised to defer migrating from FreeBSD�11.3 to FreeBSD�12.x until FreeBSD�12.1 is available.

    Upgrading from earlier FreeBSD�11.x releases to FreeBSD�12.0 are believed to be unaffected.

5.�Late-Breaking News

  • [2019-12-06] An issue has been reported with the FreeBSD�11.3-RELEASE images on the Google Compute Engine platform which causes virtual machines to fail to start properly.

    While we intend to investigate how to handle similar situations should they arise in the future, updated images will not be provided as of this time.

    Users wanting to use FreeBSD in Google Compute Engine are advised to use 12.0-RELEASE or 12.1-RELEASE, or for those who wish to track 11.X, the freebsd-11-3-stable-amd64-v20190801 snapshot from stable/11 has been reported to work correctly.

    More details can be found in PR 242303.

This file, and other release-related documents, can be downloaded from https://www.FreeBSD.org/snapshots/.

For questions about FreeBSD, read the documentation before contacting <[email protected]>.

All users of FreeBSD 11.4-STABLE should subscribe to the <[email protected]> mailing list.

For questions about this documentation, e-mail <[email protected]>.