Patch-ID# 113241-13


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security session crash nscm sunrays cleared screen
Synopsis: CDE 1.5_x86: dtsession patch
Date: Jun/20/2007


Install Requirements: NA

Solaris Release: 9_x86

SunOS Release: 5.9_x86

Unbundled Product: CDE

Unbundled Release: 1.5_x86

Xref: This patch is available for SPARC as patch 113240

Topic:

Relevant Architectures: i386

Bugs fixed with this patch:

Sun CR # Bug #
470118515111475
474354615122677
476373315128651
478821215136286
483764015152423
484530215154733
488023215164700
494440015182718
502365915204024
506414015215669
649401215361436
654767815391374


Changes incorporated in this version: 6547678

Patches accumulated and obsoleted by this patch: 114498-01

Patches which conflict with this patch:

Patches required with this patch:

Obsoleted by:

Files included with this patch:

/usr/dt/bin/dtsession

Problem Description:

6547678 dtsession buffer overflow
 
(from 113241-12)
 
6494012 Smartcard, Solaris 9 CDE, click on the lock screen icon crashes the session - no sunray
 
(from 113241-11)
 
5064140 bad passwd is repeated when trying to unlock cde. dtsession
 
(from 113241-10)
 
4880232 (rework) security: dtsession screen lock deferred until PAM conversation function runs
5023659 logout confirmation exits session before user input
 
(from 113241-09)
 
REMOVED bug fixes for 4944400, 4880232 and 4845302
 
(from 113241-08)
 
4944400 User's CDE session does not terminate/lock after removing smart card
 
(from 113241-07)
 
4845302 dtsession should use SCF for smartcard operations
4880232 security: dtsession screen lock deferred until PAM conversation function runs
 
(from 113241-06)
 
4837640 dtsession should not use OCF_TimeSinceValidated and OCF_UserInfoCardService
 
(from 113241-05)
 
        This patch revision accumulates/obsoletes patch 114498-01.
 
(from 113241-04)
 
        Merging 113241-03 and 114498-01
 
(from 113241-03)
 
4763733 dtsession crash on restoring session with very long lines
 
(from 113241-02)
 
4743546 With 105634-08 (or newer), DIALOG_SYSTEM_MODAL can be cleared by screen saver.
 
(from 113241-01)
 
4701185 Session disconnects on logging in with NSCM from SunRays
 
(from 114498-01)
 
4788212 /usr/dt/bin/dtsession $HOME env overflow


Patch Installation Instructions:
-------------------------------- 
Refer to the man pages for instructions on using 'patchadd' and 'patchrm'
scripts provided with Solaris.  Any other special or non-generic
installation instructions should be described below as special
instructions.  The following example installs a patch to a standalone
machine:
 
	example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
	example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.


Special Install Instructions:
----------------------------- 
 
NOTE 1:  In order to get the complete fix for BugID 4743546 (with 105634-08 
         or greater, DIALOG_SYSTEM_MODAL can be cleared by screen saver), 
         please also install the following patch:
 
         113245-01 (or greater)  CDE 1.5_x86: dtwm patch
 
NOTE 2:  In order to get the complete fix for BugID 4763733 (dtsession crash 
         on restoring session with very long lines), logout and relogin to 
         make code changes take effect.


README -- Last modified date: Friday, November 9, 2012