OBSOLETE Patch-ID# 112874-40
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security buffer overflow umem lgroup crypt plugin password hashing
Synopsis: Obsoleted by: 112874-41 SunOS 5.9: libc patch
Date: Sep/24/2007
Install Requirements: After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reboot is performed. Unless
otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.
Solaris Release: 9
SunOS Release: 5.9
Unbundled Product:
Unbundled Release:
Xref: This patch available for x86 as patch 114432
Topic: SunOS 5.9: libc patch
Relevant Architectures: sparc
Bugs fixed with this patch:
Changes incorporated in this version: 4124944
Patches accumulated and obsoleted by this patch: 112839-08 112962-01 113165-01 113475-03 115480-01
Patches which conflict with this patch:
Patches required with this patch: 112233-11 (or greater)
Obsoleted by:
Files included with this patch:
/etc/name_to_sysnum
/etc/security/crypt.conf
/etc/security/policy.conf
/usr/include/nss_dbdefs.h
/usr/include/ucontext.h
/usr/lib/abi/abi_libc.so.1
/usr/lib/abi/abi_libthread.so.1
/usr/lib/abi/sparcv9/abi_libc.so.1
/usr/lib/abi/sparcv9/abi_libthread.so.1
/usr/lib/libc.a
/usr/lib/libc.so
/usr/lib/libc.so.1
/usr/lib/libp/libc.a
/usr/lib/libp/sparcv9/libc.so.1
/usr/lib/libthread.so.1
/usr/lib/libthread_db.so.1
/usr/lib/llib-lc
/usr/lib/llib-lc.ln
/usr/lib/mdb/proc/libthread.so
/usr/lib/mdb/proc/sparcv9/libthread.so
/usr/lib/pics/libc_pic.a
/usr/lib/pics/sparcv9/libc_pic.a
/usr/lib/security/crypt_bsdbf.so.1
/usr/lib/security/crypt_bsdmd5.so.1
/usr/lib/security/crypt_sunmd5.so.1
/usr/lib/security/sparcv9/crypt_bsdbf.so.1
/usr/lib/security/sparcv9/crypt_bsdmd5.so.1
/usr/lib/security/sparcv9/crypt_sunmd5.so.1
/usr/lib/sparcv9/libc.so.1
/usr/lib/sparcv9/libthread.so.1
/usr/lib/sparcv9/libthread_db.so.1
/usr/lib/sparcv9/llib-lc.ln
Problem Description:
4124944 bsearch doesn't work if nel == 0 and bs == NULL
(from 112874-39)
6562125 sparcv9 strncmp() dumps core on Solaris 7 8 9 10 and Nevada
(from 112874-38)
6505933 bsearch breaks if the table size is larger than 2GB
(from 112874-37)
6448300 large mnttab can cause stack overrun during Solaris 9 getcwd
(from 112874-36)
4667251 groups command returns number, not name for large group
5080012 ldap: Roles returns NULL if size of roles exceeds 1022 characters
(from 112874-35)
6285218 tls: simple ldap client will cause Segmentation fault with SUNWpool
6390964 pthread_once stub does not work
6390967 pthread_equal stub does not work
6402129 strfmon truncates most significant digit when rounding up
(from 112874-34)
4751182 strtod() with inf or infinity input sets endptr incorrectly
4932869 _nsw_getoneconfig[_v1]() need to check each return from strdup() isn't NULL
(from 112874-33)
6348147 POSIX timezones 2007 transition dates - U.S. Energy Policy Act of 2005
(from 112874-32)
6270398 _nss_XbyY_fgets() does not set errno correctly when group entry has >= 2047 characters
(from 112874-31)
6176463 core dump in printf() functions after patch 108993-35 and kernel patch
6182350 printf() behavior is changed after fixing 4981484
(from 112874-30)
5081268 getcwd returns null for lofs dir whose parent dir is another lofs mount point
(from 112874-29)
5044097 Netra Performance localtime() degradation with patches
5061718 localtime() may fail to reset daylight variable with multiple timezones
5061770 localtime() transitions off with non-standard POSIX timezones rules
(from 112874-28)
4980686 C++ inline functions not properly handled in Solaris archive libraries
(from 112874-27)
5059751 need patch 112874 to accumulate patch 113475 to prevent core dump
(from 112874-26)
5043013 getlogin_r returns bad data in MT context
(from 112874-25)
4915053 nss_setent() always fails for setpwent()
(from 112874-24)
4981484 vsprintf does not perform as well as sprintf
(from 112874-23)
4756148 crypt(3c) processing of policy.conf doesn't follow case conventions
4818401 K2 uncovers sunmd5 bug
4877492 crypt() is unpredictable with unknown encryption algorithms
4878257 sunmd5:crypt_gensalt_impl() issues with undocumented rounds= param
4881606 crypt(3c) abuses the heap in many ways
4894760 can't use crypt() after using strdtod() in same thread
4950403 crypt_alg_magic symbol not required
4961173 crypt modules are not actually lint-clean
(from 112874-22)
4844583 _wdbindf may cause deadlock
(from 112874-21)
4686454 getrusage is much slower on Solaris than competitive boxes
(from 112874-20)
4489885 qsort performance is not competitive
4656492 mktime() is inefficient, 6X slower than Linux 7.0
4795713 strftime is slow on Solaris when compared to Linux
4782294 localtime_r is slow on Solaris when compared to Linux
4828746 POSIX timezones broken if std. offset & alt offset difference not 1 hour
4165723 localtime() is extremely inefficient, 15X slower than on NT4.0
4831309 POSIX 'pst8pdt' Timezone Pulls April Fool's Stunt Every 400 years
4223846 localtime() problem on non-leap centuries
4839080 improperly specified TZ results in inconsistent behavior
4772200 fcntl(2) is slow on Solaris when compared to Linux
4764855 dup is slow on Solaris when compared to Linux
4812362 getenv is slower than it could be
4871054 regex APIs have segv/performance problems
(from 112874-19)
4810810 getcontext(2) could be faster
4888508 fix for bugid 4705942 is incomplete in Solaris 9 (breaks utmp_update)
(from 112874-18)
4797219 pstack is amazingly inefficient for MT targets
4756192 pstack goes into loop, different location than bugid 4524527
4271957 ucontext_t.uc_link points to garbage
4904877 strcmp doesn't work for non-ascii characters on S9U5_05
(from 112874-17)
This patch revision accumulates/obsoletes Solaris Update S9U5
feature point patch 115480-01.
(from 112874-16)
4353836 if more than 255 file descriptors are already open then gethostbyname fails
4152876 getspnam_r() fails due to use of fopen() in libnsl.so in applications under load
(from 112874-15)
4705942 invoke_utmp_update(): buffer-overflow bug and pad field written to utmpx wrong
(from 112874-14)
4530367 after retry timeout - nss_search() no longer retries lookups
4749274 MT-Safe functions such as syslog(3C) and wordexp(3C) cannot use fork()
(from 112874-13)
4254013 need a better mechanism to detect multi-threaded user stack overflow
4533712 makecontext breaks in 64-bit mode
4518988 we should ship libumem
4709984 findleaks warns about partial read failure
4694626 putenv calls realloc with locks held
(from 112874-12)
4767215 incorrect output with kP format, losing significant digits
(from 112874-11)
4221365 readdir_r() is not POSIX compliant
(from 112874-10)
4772960 several patches have pkginfo and patchinfo files that fail consistency checking
(from 112874-09)
4770160 compile fails with unknown file type message
(from 112874-08)
4669963 strong security checks in catgets(3C) break setuid application
(from 112874-07)
4510326 strfmon may cause a stack buffer overflow
4756113 libc version number is incorrect in S9U2
(from 112874-06)
4390053 crypt(3c) needs to interoperate with BSD and Linux
4248430 RFE: NIS+ should support alternate encryption algorithms for the user password
4192824 newkey/chkey should use a configurable crypt() to encrypt the users password
4700602 crypt_gensalt should be version SUNW_1.22 instead of SUNW_1.21
(from 112874-05)
1258570 qsort performs poorly with multiple identical keys
4635556 atexit() does not scale. Can cause very slow startup of C++ programs.
(from 112874-04)
4683320 Solaris 9 gettext(3c) does not recognize mo files built on 2.6 as a valid message
4704190 remove clientusr/clientroot from SUNW_PATCH_PROPERTIES for 112837 & 112874-02
(from 112874-03)
4503048 getutxent_frec sends init looping
(from 112874-02)
4318178 wordexp puts automatic string into environment
4444569 Purify reports memory leaks in wordexp(3C)
(from 112874-01)
4661997 buffer overflow in dbm_open
(from 115480-01)
4845974 lgroup APIs needed for observability and performance optimization
4863473 lgrp_home() should be able to take process or thread ID
(from 113475-03)
4756148 crypt(3c) processing of policy.conf doesn't follow case conventions
4818401 K2 uncovers sunmd5 bug
4877492 crypt() is unpredictable with unknown encryption algorithms
4878257 sunmd5:crypt_gensalt_impl() issues with undocumented rounds= param
4881606 crypt(3c) abuses the heap in many ways
4894760 can't use crypt() after using strdtod() in same thread
4950403 crypt_alg_magic symbol not required
4961173 crypt modules are not actually lint-clean
(from 113475-02)
4715561 crypt_sunmd5 could have a better coin toss algorithm
(from 113475-01)
This patch revision accumulates/obsoletes Solaris Update S9U2
feature point patch 113165-01.
(from 113165-01)
4390053 crypt(3c) needs to interoperate with BSD and Linux
4248430 RFE: NIS+ should support alternate encryption algorithms for the user password
4192824 newkey/chkey should use a configurable crypt() to encrypt the users password
4700602 crypt_gensalt should be version SUNW_1.22 instead of SUNW_1.21
(from 112839-08)
5066336 /usr/lib/lwp/libthread crashes returning in child of fork1()
(from 112839-07)
4855271 x86 CPUs should be "halted" when idle()
4749669 Pentium IV pause optimization
(from 112839-06)
4897700 memory alignment of %sp is set to non 8bytes alignment in _ex_unwind_local()
(from 112839-05)
4769166 x86 libthread could improve current thread references
4524527 pstack goes into a loop
4479187 dtlogin deadlock while invoking Xreset, induced by longjmp()
4679005 thr_stksegment() reports incorrect stack sizes
4688450 VSU TC setcontex4.c dumps core due to setcontext() if linked with libthread
4769150 libthread should not depend on librt
4786566 mdb dumps core when examining a process linked with old_libthread
4792908 new libthread inherits arbitrary restrictions on mutex attributes from old
4819289 threads: ASSERT(sigequalset(&oldset, &self->ul_sigmask))
4768343 fork() in libthread won't clear deferred signal for the child
(from 112839-04)
4795308 additional binaries required for debugging
(from 112839-03)
4254013 need a better mechanism to detect multi-threaded user stack overflow
4533712 makecontext breaks in 64-bit mode
(from 112839-02)
This revision was included in S9 Update2 but really incorporates no
new content; it has the same net effect as installing revision -01.
(from 112839-01)
4647410 SIGCANCEL received (and interrupted door_call) with cancellation OFF
4647927 new libthread thr_suspend/continue behaves differently from the old libthread
(from 112962-01)
4667173 ti_sigmask is all 0's when 64bit dbx debugs 32bit application
Patch Installation Instructions:
--------------------------------
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions. The following example
installs a patch to a standalone machine:
example# patchadd /var/spool/patch/104945-02
The following example removes a patch from a standalone system:
example# patchrm 104945-02
For additional examples please see the appropriate man pages.
Special Install Instructions:
-----------------------------
Perform patch installation in single user mode.
Reboot the system immediately after patch installation.
NOTE 1: To get the complete fix for bugid 4503048 (getutxent_frec sends
init looping), please also install the following patch:
113032-01 (or greater) init patch
NOTE 2: To get the complete Flexible Crypt feature, please also install
the following patches:
113476-01 (or greater) passwdutil.so.1 patch
113480-01 (or greater) pam_unix patch
113481-01 (or greater) nispasswdd patch
113482-01 (or greater) sbin/sulogin patch
113483-01 (or greater) rpc.ypasswdd patch
NOTE 3: To get the complete "umem: A Userland Slab Allocator" feature,
please also install the following patches:
114370-01 (or greater) libumem.so.1 patch
114371-01 (or greater) libumem; mdb components patch
114372-01 (or greater) llib-lumem patch
114373-01 (or greater) abi_libumem.so.1 patch
NOTE 4: To get the complete Stack Update feature, please also install
the following patches:
113471-02 (or greater) truss patch
113275-02 (or greater) procfs patch
NOTE 5: To get the complete fix for bugid 4353836 (if more than 255 file
descriptors are already open then gethostbyname fails), please
also install the following patches:
113319-12 (or greater) libnsl patch
112970-05 (or greater) libresolv patch
115542-01 (or greater) nss_user patch
115544-01 (or greater) nss_compat patch
115545-01 (or greater) nss_files patch
NOTE 6: To get the complete Lgroup APIs feature, please also install the
following patches:
113471-03 (or greater) truss patch
115675-01 (or greater) liblgrp patch
NOTE 7: To get the complete fix for the bugid 4797219 (pstack is amazingly
inefficient for MT targets), please also install the following
patch:
113493-02 (or greater) libproc patch
NOTE 8: To get the complete fix for Atlas support: bugs 4810810, 4865731,
4860183, 4860789, 4785321, 4785304, and 4808811, please also install
the following patches:
116049-01 (or greater) fdfs patch bug 4865731
116047-01 (or greater) hsfs patch bug 4865731
114718-02 (or greater) pcfs patch bug 4865731
113454-13 (or greater) ufs patch bug 4865731 and 4860789
113334-03 (or greater) udfs patch bug 4865731
113328-02 (or greater) tmpfs patch bug 4865731 and 4860183
113318-09 (or greater) nfs patch bug 4865731
112971-05 (or greater) cachefs patch bug 4865731
112955-02 (or greater) autofs patch bug 4865731
NOTE 9: To get the complete fix for bugid 4686454 (getrusage is much slower
on Solaris than competitive boxes), please also install the
following patch:
113471-05 (or greater) truss patch
NOTE 10: To get the complete fix for bugid 4915053 (nss_setent() always fails
for setpwent()), please also install the following patch:
113319-18 (or greater) libnsl patch
NOTE 11: To get the complete fix for "U.S. Energy Policy Act of 2005" which
will change daylight saving time transition dates of United States
timezones, beginning in 2007, please also install the following patch:
113225-03 (or greater) Timezone commands and zoneinfo
database update Patch
Solaris supports two types of timezones: POSIX timezones and zoneinfo
timezones. This patch incorporates the fix for "U.S. Energy Policy Act
of 2005" for POSIX timezones, whereas Patch 113225-03 incorporates the
fix for "U.S. Energy Policy Act of 2005" for zoneinfo timezones. In
Solaris, the default transition dates for POSIX timezones (when the
transition date is not specified) use U.S. rules.
Note this patch does not include the fix for DST changes in 2006
for Australia. Those fixes are in aforementioned Patch 113225-03,
where the zoneinfo timezones for Australia are fixed.
NOTE 12: To get the complete fix for bugids 4667251 (groups command returns
number, not name for large group) and 5080012 (ldap: Roles returns
NULL if size of roles exceeds 1022 characters), please also install
the following patches:
112960-42 (or greater) nss_ldap.so.1 patch
114713-03 (or greater) libproject.so.1 patch
115544-03 (or greater) nss_compat patch
115545-02 (or greater) nss_files.so.1 patch
123370-01 (or greater) libsecdb.so.1 patch
README -- Last modified date: Friday, November 9, 2012