Patch-ID# 103882-16


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security password xsun command keyserv helpviewer dtlogin chmod
Synopsis: CDE 1.0.2: dtlogin patch
Date: Aug/08/2000


Install Requirements: NA

Solaris Release: 2.4 2.5 2.5.1

SunOS Release: 5.4 5.5 5.5.1

Unbundled Product: CDE

Unbundled Release: 1.0.2

Xref: This patch available for x86 as patch 103886

Topic:

Relevant Architectures: sparc

Bugs fixed with this patch:

Sun CR # Bug #
120563114895271
124924014915226
125362414916897
125814314918824
400573514923784
406222014942657
406736614943887
408037114946595
409569614950534
413982314962535
414898314964463
414957514964578
415057514964800
421234214981279
423784814988563
424888814991770
427525815000486
427632615000912


Changes incorporated in this version: 4062220

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch:

Obsoleted by:

Files included with this patch:

/usr/dt/config/dtlogin.rc
/usr/dt/bin/dtlogin

Problem Description:

4062220 dtlogin should not be doing a ``chmod("/var", 040775)'''
(from 103882-15)
4276326 Dtlogin patch 107180-12 won''t allow connections to indirect CDE_login_
(from 103882-14)
4275258 dtlogin X-server can not be started
(from 103882-13)
4237848 Action ''Return to Local Host'' sometimes does not work fine in dtl
(from 103882-12)
4248888 Dtlogin sometimes ignores all child death signals
(from 103882-11)
4149575 tt_open() in helpviewer does not work under that a system has 2 ip ports
4150575 dtlogin fails to set user authorization correctly when there are more than 64 vi
4212342 Dtpad action fails with tooltalk error
(from 103882-10)
4139823 After installing dtlogin patch 103882-07 no key is set in keyserv
(from 103882-09)
4148983 Cannot start command line login
(from 103882-08)
1249240 /var/dt and a few subdirs are world writable
4080371 dtlogin tmpfile vulnerability
(from 103882-07)
4095696  Xsun -query <localhost> doesn''t work with Solaris 2.5.1
(from 103882-06)
synced up revision to match the sparc version
(from 103882-05)
4067366 Core file from dtlogin expose user''s unencrypted passwd.
(from 103882-04)
repacked for patch install problem
(from 103882-03)
4005735 CDE 1.1 dtlogin on Solaris 2.4 (and 1.0.x patch) has serious
security hole.
(from 103882-02)
1205631 Dtlogin failed to detect an expired account.
1253624 Keyboard lockup fix for console logins.
(from 103882-01)
1258143 Authenticate NIS+ passwords longer than 8 characters.


Patch Installation Instructions:
-------------------------------- 
Refer to the Install.info file for instructions on using the
generic ''installpatch'' and ''backoutpatch'' scripts provided with
each patch.  Any other special or non-generic installation
instructions should be described below as special instructions.


Special Install Instructions:
----------------------------- 
None.


README -- Last modified date: Friday, November 9, 2012