--- title: "FreeBSD 11.3-RELEASE Errata" sidenav: download --- = FreeBSD 11.3-RELEASE Errata == Abstract This document lists errata items for FreeBSD 11.3-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD. This errata document for FreeBSD 11.3-RELEASE will be maintained until the release of FreeBSD 11.4-STABLE (if applicable). === Table of Contents * <> * <> * <> * <> * <> [[intro]] == Introduction This errata document contains "late-breaking news" about FreeBSD 11.3-RELEASE. Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed. Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the "current errata" for this release. These other copies of the errata are located at https://www.FreeBSD.org/releases/, plus any sites which keep up-to-date mirrors of this location. Source and binary snapshots of FreeBSD 11.3-STABLE also contain up-to-date copies of this document (as of the time of the snapshot). For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/security/. [[security]] == Security Advisories [width="100%",cols="40%,30%,30%",options="header",] |=== |Advisory |Date |Topic |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:12.telnet.asc[FreeBSD-SA-19:12.telnet] |24 July 2019 |Multiple vulnerabilities |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:13.pts.asc[FreeBSD-SA-19:13.pts] |24 July 2019 |Write-after-free vulnerability |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:14.freebsd32.asc[FreeBSD-SA-19:14.freebsd32] |24 July 2019 |Kernel memory disclosure |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:15.mqueuefs.asc[FreeBSD-SA-19:15.mqueuefs] |24 July 2019 |Reference count overflow |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:16.bhyve.asc[FreeBSD-SA-19:16.bhyve] |24 July 2019 |https://www.FreeBSD.org/cgi/man.cgi?query=xhci&sektion=4&manpath=freebsd-release-ports[xhci(4)] out-of-bounds read |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:17.fd.asc[FreeBSD-SA-19:17.fd] |24 July 2019 |Reference count leak |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:18.bzip2.asc[FreeBSD-SA-19:18.bzip2] |6 August 2019 |Multiple vulnerabilities |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:19.mldv2.asc[FreeBSD-SA-19:19.mldv2] |6 August 2019 |Out-of-bounds memory access |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:20.bsnmp.asc[FreeBSD-SA-19:20.bsnmp] |6 August 2019 |Insufficient message length validation |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:21.bhyve.asc[FreeBSD-SA-19:21.bhyve] |6 August 2019 |Insufficient validation of guest-supplied data |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:22.mbuf.asc[FreeBSD-SA-19:22.mbuf] |20 August 2019 |IPv6 remove denial-of-service |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:23.midi.asc[FreeBSD-SA-19:23.midi] |20 August 2019 |Kernel memory disclosure |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:24.mqueuefs.asc[FreeBSD-SA-19:24.mqueuefs] |20 August 2019 |Reference count overflow |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:25.mcepsc.asc[FreeBSD-SA-19:25.mcepce] |12 November 2019 |Machine Check Exception on Page Size Change |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-19:26.mcu.asc[FreeBSD-SA-19:26.mcu] |12 November 2019 |Intel CPU Microcode Update |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:01.libfetch.asc[FreeBSD-SA-20:01.libfetch] |28 January 2020 |https://www.FreeBSD.org/cgi/man.cgi?query=fetch&sektion=3&manpath=freebsd-release-ports[fetch(3)] buffer overflow |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:03.thrmisc.asc[FreeBSD-SA-20:03.thrmisc] |28 January 2020 |Kernel stack data disclosure |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:04.tcp.asc[FreeBSD-SA-20:04.tcp] |18 March 2020 |TCP IPv6 SYN cache kernel information disclosure |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:05.if_oce_ioctl.asc[FreeBSD-SA-20:05.if_oce_ioctl] |18 March 2020 |Insufficient https://www.FreeBSD.org/cgi/man.cgi?query=ioctl&sektion=2&manpath=freebsd-release-ports[ioctl(2)] privilege checking |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:07.epair.asc[FreeBSD-SA-20:07.epair] |18 March 2020 |Incorrect user-controlled pointer use |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:08.jail.asc[FreeBSD-SA-20:08.jail] |18 March 2020 |Kernel memory disclosure with nested jails |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:09.ntp.asc[FreeBSD-SA-20:09.ntp] |18 March 2020 |Multiple denial of service |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:10.ipfw.asc[FreeBSD-SA-20:10.ipfw] |21 April 2020 |Invalid https://www.FreeBSD.org/cgi/man.cgi?query=mbuf&sektion=9&manpath=freebsd-release-ports[mbuf(9)] handling |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:12.libalias.asc[FreeBSD-SA-20:12.libalias] |12 May 2020 |Insufficient packet length validation |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:13.libalias.asc[FreeBSD-SA-20:13.libalias] |12 May 2020 |Memory disclosure vulnerability |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:14.sctp.asc[FreeBSD-SA-20:14.sctp] |12 May 2020 |Improper checking in shared key update |https://www.FreeBSD.org/security/advisories/FreeBSD-SA-20:14.cryptodev.asc[FreeBSD-SA-20:14.cryptodev] |12 May 2020 |Use-after-free condition |=== [[errata]] == Errata Notices [width="100%",cols="40%,30%,30%",options="header",] |=== |Errata |Date |Topic |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-19:13.mds.asc[FreeBSD-EN-19:13.mds] |24 July 2019 |System crash from Intel CPU vulnerability mitigation |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-19:15.libunwind.asc[FreeBSD-EN-19:15.libunwind] |6 August 2019 |Incorrect exception handling |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-19:16.bhyve.asc[FreeBSD-EN-19:16.bhyve] |20 August 2019 |Instruction emulation improvements |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-19:17.ipfw.asc[FreeBSD-EN-19:17.ipfw] |20 August 2019 |"jail" keyword fix |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-19:18.tzdata.asc[FreeBSD-EN-19:18.tzdata] |23 October 2019 |Timezone database information update |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-20:01.ssp.asc[FreeBSD-EN-20:01.ssp] |28 January 2020 |Imprecise orderring of canary initialization |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-20:02.nmount.asc[FreeBSD-EN-20:02.nmount] |28 January 2020 |Invalid pointer dereference |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-20:04.pfctl.asc[FreeBSD-EN-20:04.pfctl] |18 March 2020 |Missing https://www.FreeBSD.org/cgi/man.cgi?query=pfctl&sektion=8&manpath=freebsd-release-ports[pfctl(8)] tunable |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-20:06.ipv6.asc[FreeBSD-EN-20:06.ipv6] |18 March 2020 |Incorrect checksum calculations |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-20:07.quotad.asc[FreeBSD-EN-20:07.quotad] |21 April 2020 |Regression with certain NFS servers |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-20:08.tzdata.asc[FreeBSD-EN-20:08.tzdata] |12 May 2020 |Timezone database update |https://www.FreeBSD.org/security/advisories/FreeBSD-EN-20:10.build.asc[FreeBSD-EN-20:10.build] |12 May 2020 |Incorrect build host clang version detection |=== [[open-issues]] == Open Issues * [2019-07-04] An issue which can cause a crash when connecting to a https://www.FreeBSD.org/cgi/man.cgi?query=bhyve&sektion=4&manpath=freebsd-release-ports[bhyve(4)] instance with a VNC client under certain circumstances had been reported. An errata notice is planned post-release. * [2019-07-04] An issue booting https://www.FreeBSD.org/cgi/man.cgi?query=bhyve&sektion=4&manpath=freebsd-release-ports[bhyve(4)] virtual machines compiled with https://www.FreeBSD.org/cgi/man.cgi?query=clang&sektion=1&manpath=freebsd-release-ports[clang(1)] version 8.0.0 or later had been reported late in the release cycle. An errata notice is planned post-release. + This issue is believed to only affect OpenBSD virtual machines compiled with https://www.FreeBSD.org/cgi/man.cgi?query=clang&sektion=1&manpath=freebsd-release-ports[clang(1)]. * [2019-07-04] An issue when upgrading from FreeBSD 11.3 to FreeBSD 12.0 (which occurred earlier in time, comparatively), had been reported where the `com.delphix:spacemap_v2` https://www.FreeBSD.org/cgi/man.cgi?query=zpool&sektion=8&manpath=freebsd-release-ports[zpool(8)] feature does not exist on FreeBSD 12.0, will fail to import the ZFS pool. + At this time, it is advised to defer migrating from FreeBSD 11.3 to FreeBSD 12.x until FreeBSD 12.1 is available. + Upgrading from earlier FreeBSD 11.x releases to FreeBSD 12.0 are believed to be unaffected. [[late-news]] == Late-Breaking News * [2019-12-06] An issue has been reported with the FreeBSD 11.3-RELEASE images on the Google Compute Engine platform which causes virtual machines to fail to start properly. + While we intend to investigate how to handle similar situations should they arise in the future, updated images will not be provided as of this time. + Users wanting to use FreeBSD in Google Compute Engine are advised to use 12.0-RELEASE or 12.1-RELEASE, or for those who wish to track 11._`X`_, the `freebsd-11-3-stable-amd64-v20190801` snapshot from `stable/11` has been https://github.com/cirruslabs/cirrus-ci-docs/issues/359#issuecomment-519314652[reported to work correctly]. + More details can be found in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=242303[PR 242303].