FreeBSD The Power to Serve

FreeBSD 11.4-RELEASE Errata

Abstract

This document lists errata items for FreeBSD 11.4-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD.

This errata document for FreeBSD 11.4-RELEASE will be maintained until FreeBSD 11.4-RELEASE reaches end-of-life.

Introduction

This errata document contains "late-breaking news" about FreeBSD 11.4-RELEASE. Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed.

Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the "current errata" for this release. These other copies of the errata are located at https://www.FreeBSD.org/releases/, plus any sites which keep up-to-date mirrors of this location.

Source and binary snapshots of FreeBSD 11.4-STABLE also contain up-to-date copies of this document (as of the time of the snapshot).

For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/security/.

Security Advisories

Advisory Date Topic

FreeBSD-SA-20:18.posix_spawnp

8 July 2020

Buffer overflow

FreeBSD-SA-20:19.unbound

8 July 2020

Multiple vulnerabilities

FreeBSD-SA-20:20.ipv6

8 July 2020

Race condition and use-after-free

FreeBSD-SA-20:21.usb_net

5 August 2020

Memory corruption

FreeBSD-SA-20:22.sqlite

5 August 2020

Multiple vulnerabilities

FreeBSD-SA-20:23.sendmsg

5 August 2020

Privilege escalation

FreeBSD-SA-20:24.ipv6

2 September 2020

Use-after-free bug

FreeBSD-SA-20:25.sctp

2 September 2020

Use-after-free bug

FreeBSD-SA-20:26.dhclient

2 September 2020

Heap overflow

FreeBSD-SA-20:27.ure

15 September 2020

Packet-in-packet attack

FreeBSD-SA-20:28.bhyve_vmcs

15 September 2020

Privilege escalation via VMCS

FreeBSD-SA-20:29.bhyve_svm

15 September 2020

SVM guest escape

FreeBSD-SA-20:30.ftpd

15 September 2020

Privilege escalation

FreeBSD-SA-20:31.icmp6

1 December 2020

Use-after-free in error message handling

FreeBSD-SA-20:32.rtsold

1 December 2020

Multiple vulnerabilities

FreeBSD-SA-20:33.openssl

8 December 2020

NULL-pointer dereference

FreeBSD-SA-21:01.fsdisclosure

29 January 2021

Kernel stack disclosure

FreeBSD-SA-21:02.xenoom

29 January 2021

Kernel panic

FreeBSD-SA-21:03.pam_login_access

24 February 2021

Privilege escalation

FreeBSD-SA-21:04.jail_remove

24 February 2021

Privilege escalation

FreeBSD-SA-21:05.jail_chdir

24 February 2021

Privilege escalation

FreeBSD-SA-21:06.xen

24 February 2021

Resource leaks

FreeBSD-SA-21:08.vm

6 April 2021

Kernel memory disclosure

FreeBSD-SA-21:10.jail_mount

6 April 2021

Privilege escalation

FreeBSD-SA-21:12.libradius

26 May 2021

Denial of service

FreeBSD-SA-21:13.bhyve

24 August 2021

Missing error handling in bhyve(8) device models

FreeBSD-SA-21:14.ggatec

24 August 2021

Remote code execution in ggatec(8)

FreeBSD-SA-21:15.libfetch

24 August 2021

libfetch out of bounds read

FreeBSD-SA-21:17.openssl

24 August 2021

Multiple vulnerabilities in OpenSSL

Errata Notices

Errata Date Topic

FreeBSD-EN-20:15.mps

8 July 2020

Kernel panic

FreeBSD-EN-20:17.linuxthread

2 September 2020

Kernel panic

FreeBSD-EN-20:18.getfsstat

2 September 2020

Kernel panic

FreeBSD-EN-20:20.tzdata

1 December 2020

Timezone database information update

FreeBSD-EN-21:01.tzdata

29 January 2021

Timezone database information update

FreeBSD-EN-21:02.extattr

29 January 2021

UFS extattr corruption

FreeBSD-EN-21:05.libatomic

29 January 2021

Addition of atomic and bswap functions to libcompiler_rt

FreeBSD-EN-21:08.freebsd-update

24 February 2021

freebsd-update passwd regeneration

FreeBSD-EN-21:17.libradius

1 June 2021

Incorrect validation in rad_get_attr(3)

FreeBSD-EN-21:19.libcasper

30 June 2021

libcasper assertion failure

FreeBSD-EN-21:22.linux_futex

30 June 2021

Linux compatibility layer futex(2) system call vulnerability

Open Issues

  • [2020-06-11] Source-based upgrades from FreeBSD 11.2 on the i386 architecture may fail to compile clang due to the amount of RAM consumed.

    Adding CFLAGS+=-O1 to /etc/make.con+ or /etc/src.conf has been observed to work around the compile-time RAM exhaustion.

    See PR 246274 for additional details.

  • [2020-06-16] The FreeBSD 11.4 release notes erroneously state the KDE desktop environment has been updated to version 5.8.4.1.19.12.3. The correct version is 5.18.4.1.19.12.3.

Late-Breaking News

  • No late-breaking news.