OBSOLETE Patch-ID# 112970-12


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security libresolv.so.2 leaks memory multi-threaded fd
Synopsis: Obsoleted by: 112837-13 SunOS 5.9: libresolv patch
Date: Jun/05/2007


Install Requirements: Reboot after installing this patch to activate the changes delivered. An alternative may be specified in the Special Install Instructions.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.

Solaris Release: 9

SunOS Release: 5.9

Unbundled Product:

Unbundled Release:

Xref: This patch available for x86 as patch 114354

Topic: SunOS 5.9: libresolv patch

Relevant Architectures: sparc

Bugs fixed with this patch:

Sun CR # Bug #
435383615032080
464634915098884
470030515111249
470891315113512
477771515133084
479332715137855
479659615139019
480581215142295
481089315143950
486330715159863
492875815178716
620505615239844
624870015257533
630085315277823
631514315283514
633759515292372
652702015379909


Changes incorporated in this version: 6248700 6337595

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch: 113319-14 (or greater)

Obsoleted by: 112837-13

Files included with this patch:

/usr/include/arpa/nameser.h
/usr/include/arpa/nameser_compat.h
/usr/include/netdb.h
/usr/include/resolv.h
/usr/lib/abi/abi_libresolv.so.2
/usr/lib/abi/sparcv9/abi_libresolv.so.2
/usr/lib/dns/cylink.so.1
/usr/lib/dns/dnssafe.so.1
/usr/lib/dns/irs.so.1
/usr/lib/dns/sparcv9/cylink.so.1
/usr/lib/dns/sparcv9/dnssafe.so.1
/usr/lib/dns/sparcv9/irs.so.1
/usr/lib/libresolv.so.2
/usr/lib/llib-lresolv
/usr/lib/llib-lresolv.ln
/usr/lib/sparcv9/libresolv.so.2
/usr/lib/sparcv9/llib-lresolv.ln
/usr/sbin/dig
/usr/sbin/dnskeygen
/usr/sbin/in.named
/usr/sbin/named-xfer
/usr/sbin/ndc
/usr/sbin/nslookup
/usr/sbin/nsupdate

Problem Description:

6248700 (rework) memory leak in libresolv
6337595 core dump - res_nsend() always assumes statp->_u._ext.ext not being NULL
 
(from 112970-11)
 
6300853 libresolv net_data_init should not increment once until it is done initializing
6527020 libresolv does not handle mutexes correctly
 
(from 112970-10)
 
6248700 memory leak in libresolv
 
(from 112970-09)
 
6315143 named could make unnecessary queries for glue if the additional section was full
 
(from 112970-08)
 
6205056 res_nint should return true when last interface has only 1 ip address and is deprecated
 
(from 112970-07)
 
4863307 nsupdate fails with more than 14 NS records for Bind 8.2.2 and 8.2.4
 
(from 112970-06)
 
4928758 Negative Cache Poison Attack
 
(from 112970-05)
 
4353836 if more than 255 file descriptors are already open then gethostbyname fails
 
(from 112970-04)
 
4793327 BIND needs to be upgraded to BIND 8.3 to support IPv6
4796596 BIND 8.3.3 server handling of TSIG HMAC-MD5 broken
4805812 in.named version needs to reflect putback of BIND 8.3.3
4810893 UNIX98: *netdb.h* VSU test fails due to violation of X/Open namespace
 
(from 112970-03)
 
4777715 Multiple Remote Vulnerabilities in BIND - CERT Advisory CA-2002-31
4700305 nslookup does not follow its 'srchlist' under some circumstances
 
(from 112970-02)
 
4708913 CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNS Resolver Libraries
 
(from 112970-01)
 
4646349 libresolv.so.2 leaks memory in multi-threaded programs


Patch Installation Instructions:
--------------------------------
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
 
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions.  The following example
installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
       example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.


Special Install Instructions:
-----------------------------
 
NOTE 1:  To get the complete fix for bugid 4353836 (if more than 255 file
         descriptors are open then gethostbyname fails), please also install
         the following patches:
 
         115545-01 (or greater)  nss_files patch
         115542-01 (or greater)  nss_user patch
         115544-01 (or greater)  nss_compat patch


NOTE: The list of 'patches required with this patch' (above) has been
modified from the list specified at patch creation time. The reason for
the modification is that one or more of the required patches was
either never released or withdrawn after its release. The following
substitutions (which are guaranteed to satisfy the original requirements)
were therefore made:

113319-14 replaces 113319-12




README -- Last modified date: Friday, November 9, 2012