OBSOLETE Patch-ID# 109320-22
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security in.lpd core printd jobs setuid initgroups lpr ioctl lpstat
Synopsis: Obsoleted by: 109320-23 SunOS 5.8: lp patch
Date: Nov/07/2008
Install Requirements: NA
Solaris Release: 8
SunOS Release: 5.8
Unbundled Product:
Unbundled Release:
Xref: This patch available for x86 as patch 109321
Topic: SunOS 5.8: lp patch
Relevant Architectures: sparc
Bugs fixed with this patch:
Changes incorporated in this version: 6688176
Patches accumulated and obsoleted by this patch:
Patches which conflict with this patch:
Patches required with this patch:
Obsoleted by:
Files included with this patch:
/etc/security/exec_attr
/usr/bin/lp
/usr/bin/lpstat
/usr/lib/libprint.so.2
/usr/lib/lp/bin/netpr
/usr/lib/lp/local/lpadmin
/usr/lib/lp/local/lpmove
/usr/lib/lp/local/lpstat
/usr/lib/lp/lpsched
/usr/lib/lp/model/netstandard
/usr/lib/lp/postscript/postprint
/usr/lib/lp/postscript/postprint.ps
/usr/lib/lp/postscript/postreverse
/usr/lib/print/bsd-adaptor/bsd_cascade.so.1
/usr/lib/print/bsd-adaptor/bsd_lpsched.so.1
/usr/lib/print/conv_fix
/usr/lib/print/in.lpd
/usr/sadm/admin/printmgr/lib/libpmgr.so.1
/usr/sbin/lpadmin
/usr/sbin/lpmove
/usr/ucb/lpc
Problem Description:
6688176 in.lpd dumps core
(from 109320-21)
6323244 113329-05 and higher causes remote printing to reprint large jobs
(from 109320-20)
6599099 fix for 4383387 should reuse existing memory
6599950 print localhost checking should be shared
(from 109320-19)
6297318 orphan dfA files found on cascading SUN print host
(from 109320-18)
5065608 cascading is broken with latest Solaris printing patch
(from 109320-17)
6314243 lpsched should sanity-check request files
6314245 racy chown/chmod in lpsched
(from 109320-16)
6289134 lp subsystem remote file removal issue
(from 109320-15)
6208058 in.lpd failed to print files when umask is set to 077
(from 109320-14)
4706351 lpadmin: no warning when creating printer on user-owned symlink
5064120 ERROR: "/dev/cua/a" a symlink that points to file with different owner
6186040 redundant check in lpadmin for device owner
5060450 lp/printd: net_send_file() does not munmap() buffer for data file
(from 109320-13)
5043034 large print jobs timeout on network printers and are continually rescheduled
(from 109320-12)
4761791 default timeout in netpr should be initialized
4930119 network printer timeout does not reset on fault clearance
4986866 lpmove incorrectly reports usage error for remote print jobs
(from 109320-11)
4307689 printd slowly consumes all of swap
4809690 submitted print jobs don't seem to disappear after printing
(from 109320-10)
BAD PATCH - bad patched due to missing binary deliverables.
(from 109320-09)
4697460 hanging printd should not block all printjobs to remote
4705948 conv_fix: unsafe use of fopen()
4705947 conv_fix: should use strlcat
(from 109320-08)
4902916 cancel cmd does not work well with RBAC Printer Management
(from 109320-07)
4648825 Printer Management profile in exec_attr file is ineffective
4704812 lpstat: cftime() is deprecated in favor of strftime()
4704824 lpstat: potential buffer overrun
4705899 libprint: nss_write.c uses fopen() to create temp file
4705911 lib/print/job.c: makes unsafe use of access()
4714952 bsd-gw gives "dfAnnnhostname file exists" from a previous job
4761753 filedescriptor "fd" is not closed in job_retrieve()
(from 109320-06)
4529640 Euro symbol not printing on postscript printers
4640166 lp: when hold a request during slow-filtering, request could be canceled
(from 109320-05)
4422628 lpstat shows old output (host!user) for remote queues
4488655 lp translates backquote in filename to underscore
4499302 lpstat -p doesn't report printer status correctly
4501950 Solaris lpd Remote Command Execution Vulnerability
4504977 netpr uses 100% CPU if network printer disappears during printing
4512799 lp dumps core if more than 61 files are specified
(from 109320-04)
4309558 lp, lpstat and cancel: inconsistent request-ID of moved jobs
4342893 lpsched exits with Memory Allocation failed error message
4343460 problem handling interface script exit codes 1 to 127
4351942 lpstat consumes ~100% CPU in standalone mode
4367433 netpr stuck in endless loop when network printer is rebooted
4374037 corrupted xfa files in /var/spool/print
4381196 *postreverse* SEGV if file size a multiple of system pagesize
4383387 lp subsystem vulnerable to printing any file readable by lp
4386671 lpstat handles aliases differently in Solaris 7 and Solaris 8
4390810 lpsched has trouble handling BS2000 print jobs
4434247 lpmove cannot move jobs with job-id of 0 (zero)
4446925 in.lpd contains remote exploitable overflow
(from 109320-03)
4411642 regression in bugfix 4303242
(from 109320-02)
4187773 lpmove corrupts request ID
4303242 lpmove doesn't allow special character "-" in source
4319723 lpstat -a ignores aliases and secondary queue entries
4324679 lpstat formats output incorrectly when receiving data from Novell client
4325537 customer using sap and losing print jobs
4337699 cancel kills pid 99
(from 109320-01)
4188167 in.lpd core dumps every time when receiving job from a Stratus client
4235953 printd fails to start manually for jobs submitted with "lp -c"
4260829 Solaris printing does not support lpr -C for local printing
4263321 OW hangs when running printd
4265529 lpstat order changes when print job is modified
4281487 lpsched dies without error message
4302705 lp dumps core on client-side request-id collision
4310991 netpr: buffer overflow in netpr_send_message()
Patch Installation Instructions:
--------------------------------
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions. The following example
installs a patch to a standalone machine:
example# patchadd /var/spool/patch/104945-02
The following example removes a patch from a standalone system:
example# patchrm 104945-02
For additional examples please see the appropriate man pages.
Special Install Instructions:
-----------------------------
NOTE 1: After patch installation, the lpsched daemon should be stopped and
restarted.
As root:
# /etc/init.d/lp stop
# /etc/init.d/lp start
NOTE 2: BugID 4153128 (lpsched(1M) sends mail to antiquated "system!user")
Following installation of this patch, notification emails sent by
the lpsched daemon will be only to users of the form user@hostname
and not hostname!user as previously.
README -- Last modified date: Friday, November 9, 2012