FreeBSD 7.4-RELEASE Errata
The FreeBSD Project
Copyright © 2011 The FreeBSD Documentation Project
2011-02-23 20:50:42Z hrs $
FreeBSD is a registered trademark of the FreeBSD Foundation.
Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
SPARC, SPARC64, SPARCengine, and UltraSPARC are trademarks of SPARC International, Inc in the United States and other countries. SPARC International, Inc owns all of the SPARC trademarks and under licensing agreements allows the proper use of these trademarks by its members.
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the “™” or the “®” symbol.
This document lists errata items for FreeBSD 7.4-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD.
This errata document for FreeBSD 7.4-RELEASE will be maintained until the release of FreeBSD 7.5-RELEASE.
This errata document contains “late-breaking news” about FreeBSD 7.4-RELEASE. Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed.
Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the “current errata” for this release. These other copies of the errata are located at http://www.FreeBSD.org/releases/, plus any sites which keep up-to-date mirrors of this location.
Source and binary snapshots of FreeBSD 7.4-STABLE also contain up-to-date copies of this document (as of the time of the snapshot).
For a list of all FreeBSD CERT security advisories, see http://www.FreeBSD.org/security/ or ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/.
2 Security Advisories
3 Open Issues
4 Late-Breaking News and Corrections
A bug in OpenSSL that could cause it to parse past the end of the message was found at the late stage of 7.4-RELEASE release process. The 7.4-RELEASE includes a fix for this issue by importing relevant parts from the OpenSSL CVS. This could be triggered by an incorrectly formatted ClientHello SSL/TLS handshake messages. The details can be found at http://www.openssl.org/news/secadv_20110208.txt.
The shared object version numbers of libcrypto and libssl have been decreased from 6 to 5. These are accidentaly increased on 28 November, 2010 (r215997) as OpenSSL 0.9.8p was merged. Note that this affects systems running 7-STABLE after that date (after 7.3-RELEASE), not 7.3-RELEASE and the security branch. Also note that in FreeBSD 7.4-RELEASE, the library files with the version number 6 are still provided as symbolic links to prevent binaries built in the time window with the accidentaly increased version number from being broken after the system gets updated to 7.4-RELEASE.
This file, and other release-related documents, can be downloaded from ftp://ftp.FreeBSD.org/.
For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.
All users of FreeBSD 7.4-STABLE should subscribe to the <stable@FreeBSD.org> mailing list.
For questions about this documentation, e-mail <doc@FreeBSD.org>.
Last modified on: May 15, 2021 by Allan Jude