OBSOLETE Patch-ID# 110286-16
Download this patch from My Oracle Support
|
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
|
For further information on patching best practices and resources, please
see the following links:
|
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security core clients tooltalk database server buffer overflow
Synopsis: Obsoleted by: 110286-17 OpenWindows 3.6.2: Tooltalk patch
Date: Jul/03/2008
Install Requirements: NA
Solaris Release: 8
SunOS Release: 5.8
Unbundled Product: OpenWindows
Unbundled Release: 3.6.2
Xref: This patch is available for x86 as patch 110287
Topic:
Relevant Architectures: sparc
Bugs fixed with this patch:
Changes incorporated in this version: 5039043
Patches accumulated and obsoleted by this patch:
Patches which conflict with this patch:
Patches required with this patch:
Obsoleted by:
Files included with this patch:
/usr/dt/lib/nls/msg/C/SUNW_TOOLTALK.cat
/usr/openwin/bin/rpc.ttdbserverd
/usr/openwin/bin/ttsession
/usr/openwin/lib/libtt.so.2
/usr/openwin/lib/sparcv9/libtt.so.2
Problem Description:
5039043 remote display of ToolTalk application fails if 112808-04 on remote system.
(from 110286-15)
6257227 ttsession grows in heap memory, and response times increase
(from 110286-14)
6328571 inefficient code in while loop
(from 110286-13)
6235250 ttsession cores with a corrupted .TTauthority file
(from 110286-12)
4284511 XSUNTRANSPORT=shmem can crash dtsession
(from 110286-11)
4871091 dtmail cannot open attached mail
(from 110286-10)
4713445 buffer overflow in the ToolTalk library
(from 110286-09)
4707187 multiple vulnerabilities in Tooltalk database server
(from 110286-08)
4668701 64bit ToolTalk clients cannot connect with ttsession
(from 110286-07)
4476458 _Tt_c_procid::set_default_session dumps core on Solaris 7 & 8
(from 110286-06)
4522203 libtt crashes and burns when ttsession cannot be reached
(from 110286-05)
4518469 pkgadd of SUNWtltk fails in the latest S8U7 nightly build
(from 110286-04)
4499995 format string vulnerability in ToolTalk Database Server
(from 110286-03)
4417781 login failed after patchadd of 105802-14
(from 110286-02)
4379430 after patchadd of 105802-12, login failed
4363822 ttsession memory leak
(from 110286-01)
4334998 loopback automount maps and 107893-07 cause failed CDE logins, hangs
Patch Installation Instructions:
--------------------------------
Refer to the man pages for instructions on using 'patchadd' and 'patchrm'
scripts provided with Solaris. Any other special or non-generic
installation instructions should be described below as special
instructions. The following example installs a patch to a standalone
machine:
example# patchadd /var/spool/patch/104945-02
The following example removes a patch from a standalone system:
example# patchrm 104945-02
For additional examples please see the appropriate man pages.
Special Install Instructions:
-----------------------------
NOTE 1: After applying the patch to enable -Q option to set the warn and disconnect
message counts, change line below in /usr/dt/bin/Xsession file
from:
dtstart_ttsession="$DT_BINPATH/ttsession"
to:
dtstart_ttsession="$DT_BINPATH/ttsession -Q warn=<value>,discon=<value>"
where <value> is an integer. Then logout and login through dtlogin for the
patch to take effect.
NOTE 2: After doing (1) to enable/disable logging of messages on the fly.
kill -s SIGUSR1 <ttsession PID>.
The warn/disconnect messages will get logged in /var/adm/messages.
NOTE 3: To get Ttsession usage list please run
/usr/openwin/bin/ttsession --usage
README -- Last modified date: Friday, November 9, 2012