Patch-ID# 108363-02


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security sigbus remote login fails mount open buffer overflow
Synopsis: CDE 1.0.2: libDtSvc Patch
Date: Dec/04/2001


Install Requirements: None

Solaris Release: 2.4 2.5 2.5.1

SunOS Release: 5.4 5.5 5.5.1

Unbundled Product: CDE

Unbundled Release: 1.0.2

Xref: This patch available on x86 as patch 108364

Topic: CDE 1.0.2: libDtSvc patch
       NOTE:    Refer to Special Install Instructions section for
                IMPORTANT specific information on this patch.

Relevant Architectures: sparc

Bugs fixed with this patch:

Sun CR # Bug #
122654914906271
124284114912588
125695214918403
405787514941326
409542614950408
409938914951564
410109614952103
411876214957160
452736315087279


Changes incorporated in this version: 4527363

Patches accumulated and obsoleted by this patch: 103728 103728-01 105716-07

Patches which conflict with this patch:

Patches required with this patch:

Obsoleted by:

Files included with this patch:

/usr/dt/lib/libDtSvc.so.1

Problem Description:

4527363 Buffer Overflow in CDE Subprocess Control Service (dtspcd)
 
(from 105716-07)
1226549 DESCRIPTION `command`: "Too many open files"
 
(from 105716-06)
1256952 mount storm typing /net, /home via .DtDirDataType
 
(from 105716-03)
4118762 remote applications die, logging user out and not saving session
 
(from 105716-02)
4099389 Patch 105669-01 breaks CDE.
 
(from 105716-01)
4057875 SIGBUS and security hole if big $HOME.
4095426 Set Home Session in StyleManager causes core dumps.
4101096 Can't login using a host-and-screen-specific session directory.
 
(from 103728-01)
1242841 Action file is rejected if CWD field does not start with /.


Patch Installation Instructions:
-------------------------------- 
Generic 'installpatch' and 'backoutpatch' scripts are provided
within each patch package with instructions appended to this section.
Other specific or unique installation instructions may also be
necessary and should be described below.


Special Install Instructions:
----------------------------- 
 
In order to put in a complete fix for bug:
 
    1256952: mount storm typing /net, /home via .DtDirDataType
 
Please install these additional patches:
 
     104661-09 (or newer) for Solaris 2.5.1
     107717-01 (or newer) for Solaris 2.5.1


README -- Last modified date: Friday, November 9, 2012