OBSOLETE Patch-ID# 114328-09


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security ether_ntohost() ldap rc nss_ldap.so.1
Synopsis: Obsoleted by: 114242-41 SunOS 5.9_x86: nss_ldap.so.1 Patch
Date: Nov/12/2007


Install Requirements: After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reboot is performed. Unless
otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.

Solaris Release: 9_x86

SunOS Release: 5.9_x86

Unbundled Product:

Unbundled Release:

Xref: This patch available for SPARC as patch 112960

Topic: SunOS 5.9_x86: nss_ldap.so.1 Patch

Relevant Architectures: i386

Bugs fixed with this patch:

Sun CR # Bug #
464336615098222
466725115104080
475138615124989
477933315133569
478010915133825
483052515150104
485867315158694
496642315188919
500680115199238
508001215220741
623092715250017
628998615273453
636210615302418
645543115343331
649500715361924


Changes incorporated in this version: 6495007

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch: 114432-26 (or greater)

Obsoleted by: 114242-41

Files included with this patch:

/usr/lib/nss_ldap.so.1

Problem Description:

6495007 memory leak in libsldap:__s_api_get_cachemgr_data()
 
(from 114328-08)
 
4667251 groups command returns number, not name for large group
5080012 ldap: Roles returns NULL if size of roles exceeds 1022 characters
 
(from 114328-07)
 
6289986 ldap backend could be more efficient for netgroup lookups
6362106 ldap netgroup backend does not handle null user information correctly
6455431 improper usage of locale sensitive functions
 
(from 114328-06)
 
6230927 Using multiple netgroups in the nfs_share access list breaks the access
        list
 
(from 114328-05)
 
4858673 innetgr may never return and when it does, may produce incorrect results
 
(from 114328-04)
 
4966423 RBAC exec_attr search in LDAP: everything's wild
 
(from 114328-03)
 
5006801 getprojent(3project) dumps core with LDAP project(4) database
 
(from 114328-02)
 
4643366 Groups with no members broken
4779333 ldap get*ent requests may free already freed memory
4780109 __ns_ldap_firstEntry may return a cookie that is freed
4830525 Buffer overflow in nss_ldap.so.1
 
(from 114328-01)
 
4751386 ether_ntohost() fails with rc 1 when resolving data from LDAP


Patch Installation Instructions:
--------------------------------
 
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
 
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions.  The following example
installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
       example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.


Special Install Instructions:
-----------------------------
 
NOTE 1:  Perform patch installation in single-user mode.
         Reboot the system immediately after patch installation.
 
NOTE 2:  To get the complete fix for 4667251 (groups command returns number,
         not name for large group) and 5080012 (ldap: Roles returns NULL if
         size of roles exceeeds 1022 characters), please make sure to install
         all of the following patches:
 
         114432-26 (or greater)  libc and libc.so.1 patch
         115543-04 (or greater)  nss_compat.so.1 patch
         115546-03 (or greater)  nss_files.so.1 patch
         123371-01 (or greater)  libsecdb.so.1 patch


README -- Last modified date: Saturday, November 10, 2012