FreeBSD 12.0-RELEASE Errata
Abstract
This document lists errata items for FreeBSD 12.0-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD.
This errata document for FreeBSD 12.0-RELEASE will be maintained until the release of FreeBSD 13.0-RELEASE.
Table of Contents
Introduction
This errata document contains "late-breaking news" about FreeBSD 12.0-RELEASE Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed.
Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the "current errata" for this release. These other copies of the errata are located at https://www.FreeBSD.org/releases/, plus any sites which keep up-to-date mirrors of this location.
Source and binary snapshots of FreeBSD 12-STABLE also contain up-to-date copies of this document (as of the time of the snapshot).
For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/security/.
Security Advisories
Advisory | Date | Topic |
---|---|---|
19 December 2018 |
Buffer overflow |
|
5 February 2019 |
Kernel data register leak |
|
5 February 2019 |
File description reference count leak |
|
14 May 2019 |
Multiple vulnerabilities |
|
14 May 2019 |
Authenticated denial of service in ntpd(8) |
|
14 May 2019 |
IPv6 fragment reassembly panic in pf(3) |
|
14 May 2019 |
ICMP/ICMP6 packet filter bypass in pf(3) |
|
14 May 2019 |
Microarchitectural Data Sampling |
|
19 June 2019 |
Resource exhaustion in non-default RACK TCP stack |
|
2 July 2019 |
iconv(3) buffer overflow |
|
2 July 2019 |
Kernel stack disclosure |
|
2 July 2019 |
Privilege escalation in cd(4) |
|
24 July 2019 |
Multiple vulnerabilities |
|
24 July 2019 |
Write-after-free vulnerability |
|
24 July 2019 |
Reference count overflow |
|
24 July 2019 |
xhci(4) out-of-bounds read |
|
24 July 2019 |
Reference count leak |
|
6 August 2019 |
Multiple vulnerabilities |
|
6 August 2019 |
Out-of-bounds memory access |
|
6 August 2019 |
Insufficient message length validation |
|
6 August 2019 |
Insufficient validation of guest-supplied data |
|
20 August 2019 |
IPv6 remove denial-of-service |
|
20 August 2019 |
Kernel memory disclosure |
|
20 August 2019 |
Reference count overflow |
|
12 November 2019 |
Machine Check Exception on Page Size Change |
|
12 November 2019 |
Intel CPU Microcode Update |
|
28 January 2020 |
fetch(3) buffer overflow |
|
28 January 2020 |
Missing anti-replay window check |
|
28 January 2020 |
Kernel stack data disclosure |
Errata Notices
Errata | Date | Topic |
---|---|---|
9 January 2019 |
Connection stalls with CUBIC congestion control |
|
9 January 2019 |
TCP connections may stall and eventually fail in case of packet loss |
|
9 January 2019 |
sqlite update |
|
9 January 2019 |
Timezone database information update |
|
5 February 2019 |
DTrace incompatibility with SMAP-enabled systems |
|
5 February 2019 |
LLE table lookup code race condition |
|
14 May 2019 |
Timezone database information update |
|
14 May 2019 |
install(1) broken with partially matching relative paths |
|
14 May 2019 |
Insufficient filename validation in scp(1) client |
|
19 June 2019 |
Incorrect locking in networking stack |
|
2 July 2019 |
Timezone database information update |
|
24 July 2019 |
System crash from Intel CPU vulnerability mitigation |
|
6 August 2019 |
Incorrect locking |
|
6 August 2019 |
Incorrect exception handling |
|
20 August 2019 |
Instruction emulation improvements |
|
20 August 2019 |
"jail" keyword fix |
|
23 October 2019 |
Timezone database information update |
|
12 November 2019 |
UEFI Loader Memory Fragmentation |
|
28 January 2020 |
Imprecise orderring of canary initialization |
|
28 January 2020 |
Invalid pointer dereference |
Open Issues
-
[2018-12-11] Some Intel® J1900 systems may hang on boot in UEFI mode. An observed workaround is to set
kern.vty=sc
at the loader(8) prompt. To have the setting persist after reboot(8), addkern.vty=sc
to loader(5).See PR 230172 for more information.
-
[2018-12-11] OpenSSL version 1.1.1 disables use of hardware cryptography accelerator cards provided by crypto(4) by default. Systems that have cryptography devices such as hifn(4), padlock(4), safe(4), and ubsec(4) currently will not take advantage of hardware cryptography offloading.
It is currently unclear if an Errata Notice will be issued to re-enable use of crypto(4).
-
[2018-12-13] Due to the size of the base system of FreeBSD 12.0, the disc1.iso images for amd64 and i386 do not fit onto a 700 MB CD-ROM. As of FreeBSD 12.0-RELEASE, however, disc1.iso for these architectures can be written to a flash drive, or to a DVD.
See PR 233989 for more information.
-
[2018-12-13] Some users have reported FreeBSD 12.0-RELEASE boot messages do not report CPUs other than
CPU0
. This is expected behavior introduced inr333334
, and results in boot-time reduction. -
[2018-12-13] The FreeBSD 12.0 release notes mention use of
graphics/drm-stable-kmod
andgraphics/drm-legacy-kmod
for modern graphics cards. These ports have been changed to a "meta port" in the Ports Collection, and will be renamed in the2019Q1
quarterly branch, after whichgraphics/drm-kmod
should be used instead.
Late-Breaking News
No news.