OBSOLETE Patch-ID# 115696-06


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security inityp2l config n2l domains nsswitch domainname sigbus init ldapclient ssd gethostbyname rpc.nispasswdd rpc.yppasswdd nis to ldap idsconfig ldap rootdn password ds5.2
Synopsis: Obsoleted by: 122301-63 SunOS 5.9_x86: ldap library Patch
Date: Sep/29/2011


Install Requirements: See Special Install Instructions
After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reconfigure reboot is performed. Unless otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reconfigure reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.

Solaris Release: 9_x86

SunOS Release: 5.9_x86

Unbundled Product:

Unbundled Release:

Xref: This patch available for SPARC as patch 115695

Topic: SunOS 5.9_x86: ldap library Patch

Relevant Architectures: i386

Bugs fixed with this patch:

Sun CR # Bug #
415287614965391
428335515003646
430032615009963
435383615032080
441942815054393
450371415079413
452393615086285
462445815093495
462686115094159
463173415095445
463623315096532
463988015097466
464336615098222
464430815098458
465547215100889
465856915101828
466008415102257
466045515102376
466725115104080
466869915104390
467403615105490
468455815107585
468696015108038
468777815108165
468844715108293
468875215108394
469836615110747
469837915110751
469838715110752
470175515111616
470181115111626
470256815111824
471092815114004
472081815116342
472336115117052
472435715117317
472772615118150
473885215121270
473944715121465
474370715122748
474590915123360
474611415123422
474744115123814
475138615124989
475139415124992
475463415125999
475558215126238
475619315126422
475728215126769
475738715126822
476550615129205
476553015129212
476727615129811
476814015130134
476875815130327
477460715132194
477657115132758
477933315133569
478010915133825
478432415135158
478748815136085
479100615137131
479371915137997
480241415141174
480563515142235
480691415142655
481783315146168
482297815147834
482355315147994
482827115149381
483040615150065
483052515150104
485424115157327
485706315158260
485867315158694
486564315160559
487393915162814
487474915163012
487475215163013
487475715163017
487489515163046
487779615163918
488202915165185
488252815165358
488293715165474
488492715166045
488492915166048
488738015166744
488790615166914
489023315167626
489030315167648
489053015167714
489451815168963
489458315168992
490545415172351
490924715173426
491343715174523
491505315174948
492044415176432
492631815178039
493720715181032
494166915182111
495139915184614
496021715187155
496642315188919
496652615188959
497353615190884
497400515190983
497711015191805
497797815192040
498044115192695
498885915195177
498945415195320
499022215195537
499633715197191
499710815197389
500395315198460
500560215198893
500680115199238
500789115199560
501251415201110
501492215201851
501499315201874
501662915202333
502207615203697
502215015203713
504452215210452
504725015211189
505574815213546
506733315216565
507175915217900
507709815219661
508001215220741
509673615225958
510672515229066
510943915229946
619550915236672
621641015243952
621914315245148
622511715247587
622677615248306
623092715250017
623256415250740
623257915250744
623746615252728
625460515259954
626129015262233
626212115262543
626215315262550
627451715267412
627652515268190
627806815268771
628998615273453
629472815275377
629503715275504
630176615278164
631101015281758
631694615284286
632924015289042
633290615290401
636210615302418
636588215303974
637193215306632
637327115307175
638024815310392
638464215312447
638677015313434
640433715321571
640615315322457
642580815330472
643459515334067
643996015336342
645364115342377
645543115343331
645711015344267
646616015348463
646753915349115
647497815352459
648134215355309
649164115360353
649351315361194
649475015361789
649500715361924
649565115362285
649568315362308
649671915362855
650068415364993
650844215369118
652247515377403
652889915380991
652986015381467
653951615386877
654020915387255
655523915395654
655737115397103
656041015398798
656447715400994
656601915401877
656982415403863
658019215409663
659168015415940
660914415426076
661011715426552
662638115436456
662906415438056
664445015447373
667455315464539
667754715466241
674047415503522
675020615509469
679374215535321
689068115595970
689361015598107
689978115602460
696050315649268
700049515681771
704234115713801


Changes incorporated in this version: 7042341

Patches accumulated and obsoleted by this patch: 113719-22 114241-15 114242-55 114328-09 114342-12 115166-05 115491-01 115493-01 116524-01 121322-03

Patches which conflict with this patch:

Patches required with this patch: 114432-26 119435-20 (or greater)

Obsoleted by: 122301-63

Files included with this patch:

/usr/bin/ldapadd
/usr/bin/ldapdelete
/usr/bin/ldaplist
/usr/bin/ldapmodify
/usr/bin/ldapmodrdn
/usr/bin/ldapsearch
/usr/bin/passwd
/usr/include/crypt.h
/usr/include/ldap.h
/usr/include/rpcsvc/nis.x
/usr/include/rpcsvc/nislib.h
/usr/lib/abi/abi_libldap.so.5
/usr/lib/abi/abi_libnsl.so.1
/usr/lib/abi/abi_libsldap.so.1
/usr/lib/ldap/ldap_cachemgr
/usr/lib/libldap.so.4
/usr/lib/libldap.so.5
/usr/lib/libnisdb.a
/usr/lib/libnisdb.so.2
/usr/lib/libnsl.a
/usr/lib/libnsl.so.1
/usr/lib/libpam.so.1
/usr/lib/libsldap.so.1
/usr/lib/llib-lldap
/usr/lib/llib-lldap.ln
/usr/lib/llib-lnsl
/usr/lib/llib-lnsl.ln
/usr/lib/llib-lpasswdutil
/usr/lib/llib-lpasswdutil.ln
/usr/lib/llib-lsldap
/usr/lib/llib-lsldap.ln
/usr/lib/netsvc/yp/inityp2l
/usr/lib/netsvc/yp/rpc.yppasswdd
/usr/lib/netsvc/yp/ypmap2src
/usr/lib/netsvc/yp/yppush
/usr/lib/netsvc/yp/ypserv
/usr/lib/netsvc/yp/ypstart
/usr/lib/netsvc/yp/ypxfr
/usr/lib/netsvc/yp/ypxfrd
/usr/lib/nis/nisping
/usr/lib/nss_ldap.so.1
/usr/lib/passwdutil.so.1
/usr/lib/security/pam_authtok_check.so.1
/usr/lib/security/pam_authtok_get.so.1
/usr/lib/security/pam_authtok_store.so.1
/usr/lib/security/pam_dhkeys.so.1
/usr/lib/security/pam_dial_auth.so.1
/usr/lib/security/pam_ldap.so.1
/usr/lib/security/pam_passwd_auth.so.1
/usr/lib/security/pam_unix_account.so.1
/usr/lib/security/pam_unix_auth.so.1
/usr/sbin/ldapclient
/usr/sbin/makedbm
/usr/sbin/nis_cachemgr
/usr/sbin/rpc.nisd
/usr/sbin/rpc.nispasswdd
/var/yp/Makefile

Problem Description:

7042341 problem with LDAP switch
 
(from 115696-05)
 
6960503 Solaris 9 LDAP client fails to establish SSL-based LDAP conn when server cert is using subjecAltName
7000495 problem with library libldap
 
(from 115696-04)
 
6580192 nss_ldap: __ns_ldap_endEntry() called twice by top_down_search()
6677547 native LDAP client to disable VLV searches for netgroups
 
(from 115696-03)
 
6890681 rpc.yppasswdd cores when user tries to change passwd from NIS client using SHA512 encryption
 
(from 115696-02)
 
6644450 nis2ldap gateway creating Gigs of of dbm files
6899781 ypxfr unable to transfer map from N2L gateway that is larger then 2GB to Solaris 9 & 10 NIS slaves
 
(from 115696-01)
 
4822978 inityp2l should check for domains before backing up config files
4854241 need to sanitize the mapping file to improve performance
4874752 LDAP server crashes can cause N2L server to do the same
4874757 N2L mapping incompatible with IDs 5.2 schema
4882029 all MUST attributes should be explicitly specified for openldap
4884927 in N2L mode yppush does not work if old style maps not present
4884929 in N2L mode ypwhich -m does not work if old style maps not present
 
(from 114242-55)
 
6893610 CR#4300326 is not fixed with 112960-67
 
(from 114242-54)
 
6557371 ldap_cachemgr daemon crashes in getldap_lookup(), if many serviceSearchDescriptors are defined
 
(from 114242-53)
 
6793742 libnsl memory leak with "dail()" function call in strsave
 
(from 114242-52)
 
4300326 UDP replies from rpcbind and mountd can be sent with wrong source address
 
(from 114242-51)
 
6626381 rpc.nisd on subdomain-replica deadlocked when trying to access NIS+ admin group in cache
6740474 confusing 'password too short' message from Native LDAP
 
(from 114242-50)
 
6466160 problem with NIS+ callbacks
6750206 dtlogin core dumps on Solaris 9 with 112960-62 or 112960-63 patches
 
(from 114242-49)
 
6216410 pam unix modules use inconsistent criteria to determine supported repositories
6493513 changing password (in files repository) dumps core when libumem is in effect
 
(from 114242-48)
 
6564477 set_up_connection() doesn't not handle return values of t_connect() properly
6674553 getpwuid slow with bugfix 6540209 - native LDAP client config with compat and use of netgroups
 
(from 114242-47)
 
6539516 applications compiled with -lldap on Solaris 8 core dump on Solaris 9-10
 
(from 114242-46)
 
4960217 ldaplist passwd <user> fails if searchdescriptor points to two containers
6495683 LDAP client files & cred files are deleted when /var is full
 
(from 114242-45)
 
6569824 password reset loops for password changes when owner not allowed to change password aging policy
6609144 ldap_cachemgr needs to be more careful
6610117 ldap_cachemgr caching mechanism has flaws
6629064 ldap_cachemgr cores when debug is enabled on Solaris 9
 
(from 114242-44)
 
6528899 misleading native LDAP client error message while reusing closed connection
 
(from 114242-43)
 
6508442 nscd hangs with with too many sockets open with AD
 
(from 114242-42)
 
6496719 connections should fall back to primary server after it comes back
6566019 minor memory leak during connection failover
 
(from 114242-41)
 
6555239 pam_ldap to take into account DS52p5 and follow new encoding for Account Availability control
 
(from 114242-40)
 
6474978 hung rpc calls cause automounter to hang
6591680 users failed to log in at first attempt but could log in at second attempt
 
(from 114242-39)
 
6540209 nscd in nss_compat: LDAP keeps a lot of memory
 
(from 114242-38)
 
6529860 nscd core dumps in prldap_set_ld_error
 
(from 114242-37)
 
6457110 pkill -HUP ldap_cachemgr alters NS_LDAP_CACHETTL in ldap_client_file
6560410 patches T112960-50/T114242-36 missing fix for CR 6500684
 
(from 114242-36)
 
6500684 memory leak in libsldap:setup_next_search()
 
(from 114242-35)
 
4636233 libsldap logs far too much
4765530 server failover causes syslog messages with every LDAP request
 
(from 114242-34)
 
6522475 Tpatches T113319-28 & T112960-48 have circular dependencies
 
(from 114242-33)
 
6481342 null pointer dereference causes crash in CERT_GetNameElement()
 
(from 114242-32)
 
4660455 pam_dial_auth returns PAM_SUCCESS when it is a NOP
4974005 Purify/dbx reports memory leaks in PAM (Solaris 8/9/10)
6295037 passwdutil.so.1 init function has race in MT app when used with dlopen
6386770 pam_authenticate can fail if open files are >= 255 and soft fd limit greater than 256
6434595 memory leak in passwdutil.so.1 using Payflex cards
6467539 nscd's keep persistent connections to even wedged LDAP servers
6494750 nscd reuses ports after long idle time causing lookup failures
 
(from 114242-31)
 
6278068 native LDAP client: simple page mode broken in S9 and S10
 
(from 114242-30)
 
6491641 LDAP connections not released in S9
 
(from 114242-29)
 
6406153 LDAP authentication causes CDE to core when unlocking screen
 
(from 114242-28)
 
4631734 small memory leak in referral handling in libsldap
4639880 memory leak in __s_api_sortServerPref
4768758 ldap_cachemgr doesn't disable cancellation
4865643 libsldap has memory leaks
4887380 some Native LDAP Client functions may take forever using simple paged results
6329240 libsldap: nscd leaks file descriptors, too many opens on ldap_cache_door
6425808 ldaplist does not return 1001 user when 1001 users setup
6439960 Solaris PAM framework buffer overflow causes core dump
 
(from 114242-27)
 
6195509 NSCD continually reconnects to LDAP server
6404337 nscd crashes in libsldap:get_mapped_filter() when using invalid chars in search filter
 
(from 114242-26)
 
6380248 LDAP clients select incorrect profile on refresh when "cn=" is same but "dn=" is different
6384642 libldap/SSL negotiation uses synchronous I/O preventing timeouts on congested server
6453641 bringover usr/src/lib/libsldap missing a header file
 
(from 114242-25)
 
4989454 ldap_cachemgr failover functionality needs clarification
5077098 ldap_cachemgr still reports LDAP server is up, while it is down
6274517 libsldap:search_state_machine() falls into recursive loop if ldap_search_ext() returns 91
6237466 Solaris 10 LDAP Client using multiple authentication methods do not fail to second method listed
 
(from 114242-24)
 
6311010 pam_passwd_auth can't deal with old SunOS aging
 
(from 114242-23)
 
4909247 Solaris 8 Client has broken .rhosts authentication with patch 108993-21
 
(from 114242-22)
 
4756193 ldap_cache_mgr cores
4894518 passwd(1) doesn't allow for setting non-login account that is not locked
 
(from 114242-21)
 
4791006 ldap_cachemgr initializes ldap_cache_door file with wrong permissions
 
(from 114242-20)
 
6226776 passwd command will fail if first LDAP server in referral list is down
6276525 libldap5 cores when trying to resolve hostname
 
(from 114242-19)
 
6262121 Solaris 9 & 8 libldap5 crash when compiled with -DDEBUG and using SSL
6262153 unable to build libldap5 with LDAP_DEBUG defined for Solaris 8 or 9 due to error in request.c
 
(from 114242-18)
 
4626861 if search times out, libsldap logs wrong message
6232564 when interrupted (EINTR) while polling, libsldap should retry poll
6232579 libldap not handling select() failures when issuing connection
 
(from 114242-17)
 
5055748 memory leak in libsldap/sldaputil
5047250 automountd memory-heap growing on Solaris 8 with latest 108993-33 patch
 
(from 114242-16)
 
4755582 authtok_check: old and new password diff. check should loop through shorter length
 
(from 114242-15)
 
5007891 passwd(1) command may SEGV on NIS+ master servers
5096736 pwd change in NIS+ fails with "Permission denied" if new pwd longer than 11 bytes
 
(from 114242-14)
 
4894583 su to local account will dump core if LDAP is enabled
 
(from 114242-13)
 
5044522 root able to change user passwd if no. of attempts > max_attempts in NIS+
 
(from 114242-12)
 
5014993 user logins may fail when nsswitch compat mode used with NIS+ or LDAP
 
(from 114242-11)
 
4988859 passwd -g, -e, -h cause segfault
5003953 logins to Solaris 9 NIS+ clients always talk to master even when it is down
 
(from 114242-10)
 
4913437 changing password in NIS+ fails on S9 clients with "Permission denied"
5012514 'passwd <nis+_user>' fails as root on NIS+ systems
4980441 PAM module pam_dhkeys fails to retrieve changed credentials
 
(from 114242-09)
 
4977110 passwd doesn't work with compat entries in /etc/nsswitch.conf
 
(from 114242-08)
 
4887906 pam_sm_chauthtok() returns 13 (PAM_USER_UNKNOWN) if lastchg=0 for local users
 
(from 114242-07)
 
4746114 libpam internationalized messages are off by 1 for locale != C
4793719 pam_authtok_check.so.1::circ() too space-conservative
4805635 root may change enduser password in NIS+ without entering its own password
4877796 passwd (passwdutil) inadvertently resets aging information
 
(from 114242-06)
 
4873939 pam and compat do not work after applying patch 108993-18
 
(from 114242-05)
 
4874749 passwd -x modifies lastchg field also in /etc/shadow file
 
(from 114242-04)
 
4765506 NIS+ password problems with Solaris 9
4768140 passwd core dumps when changing shell
 
(from 114242-03)
 
4774607 pam_ldap gets confused when root tries to change user's password
 
(from 114242-02)
 
4830406 passwdutil too dumb to handle NIS+ subdomains correctly
 
(from 114242-01)
 
4743707 non-default nsswitch backends confuse passwdutil.so.1
4747441 pam_authtok_store does not map all PWU errors to PAM errors
4751394 non-decisive modules should not return PAM_SUCCESS
4754634 passwd command seg faults when updating user can't be authenticated to LDAP
 
(from 114241-15)
 
6219143 LDAP server failover causes client to delete cert7.db file
 
(from 114241-14)
 
4688752 "ldapclient mod" with no arguments causes naming services to fail
4698387 "ldapclient manual" results in "__default_config" error message on console
4698366 "ldapclient list" does not display CACHETTL when it is set
4698379 "ldapclient manual" gets default CACHETTL of 3600
4702568 "ldapclient uninit" does not restore /etc/.rootkey
 
(from 114241-13)
 
4784324 ldapaddent: does not function with tls specified
5022076 pam_ldap:pam_sm_acct_mgmt() uses incorrect password in BIND to LDAP
 
(from 114241-12)
 
5014922 bugfix 4624458 causes compatibility problems between libsldap and libldap
 
(from 114241-11)
 
5005602 ldapaddent does not work with iDS 5.2
 
(from 114241-10)
 
5067333 S9 needs fix for 5036036
 
(from 114241-09)
 
4890303 pam_ldap should return PAM_AUTH_ERROR instead of PAM_PERM_DENIED
 
(from 114241-08)
 
4920444 libldap.so.4 ber encoding memory corruption
 
(from 114241-07)
 
4523936 mountd memory leak when using Native LDAP
 
(from 114241-06)
 
4787488 ldapaddent can only add ethers or bootparams for same hosts, not both
 
(from 114241-05)
 
4779333 LDAP get*ent requests may free already freed memory
4780109 __ns_ldap_firstEntry may return a cookie that is freed
 
(from 114241-04)
 
4802414 client does not follow referral without hostname
4658569 following referrals does not work in all cases
 
(from 114241-03)
 
4757282 ldapclient init fails with SIGBUS if SSD's are > 15 in profile
 
(from 114241-02)
 
4624458 if hostname is used in NS_LDAP_SERVERS, LDAP goes into loop
4723361 log messages when resolving hostname for ldap_server
4776571 applications running on SSL enabled native LDAP clients may crash at termination
 
(from 114241-01)
 
4720818 LDAP naming services fail when domainname is greater than 23 characters
 
(from 116524-01)
 
4890233 using 'use_first_pass' for pam_ldap does not work
 
(from 113719-22)
 
4660455 pam_dial_auth returns PAM_SUCCESS when it is a NOP
4974005 Purify/dbx reports memory leaks in PAM (Solaris 8/9/10)
6295037 passwdutil.so.1 init function has race in MT app when used with dlopen
6386770 pam_authenticate can fail if open files are >= 255 and soft fd limit greater than 256
6434595 memory leak in passwdutil.so.1 using Payflex cards
 
(from 113719-21)
 
4937207 libnsl core dumps in __inet_taddr2uaddr()
 
(from 113719-20)
 
6316946 N2L: ypserv sporadically doesn't refresh NIS maps from LDAP after their TTL has expired
 
(from 113719-19)
 
4660084 gethostbyaddr_r leaks if type is not AF_INET
 
(from 113719-18)
 
6301766 deadlock in nis_cachemgr when addressing request to itself
 
(from 113719-17)
 
4419428 libnsl caches stale YP password data
6225117 passwd -r nisplus -e username will corrupt user's passwd
6254605 rpc.nisd cores due to broken memory management in ypproc_all_svc()
6261290 __nis_init_hash_table() should log errors to syslog in case pthread_xxx_init() fails
 
(from 113719-16)
 
4503714 rpc.nisd memory leaks and SEGVs
4686960 NIS+ replica/domain hangs if master is gone and TTL expires on replica
4757387 several daemons die with same stack trace strlen/xdr_nis_name/xdr_directory_obj
4941669 getpwent() calls core dump
4996337 replica stuck sleeping in replica_update following nismkdir/nisrmdir
4997108 spurious nis_db_sync_log errors in syslog (info level)
5071759 minor memory bugs prevent effective use of libumem with rpc.nisd
5109439 rpc.nisd stuck looping in __nis_path()
 
(from 113719-15)
 
5106725 netname to user resolution won't work for LDAP
 
(from 113719-14)
 
4644308 when public network is down, switching to a user using "su" hangs
 
(from 113719-13)
 
4966526 problem using RPC_SVC_CONNMAXREC_SET when using RPC mode RPC_SVC_MT_USER
 
(from 113719-12)
 
4817833 mountd randomly dumps core
4745909 _get_hostserv_inetnetdir_byname/NETDIR_BY may return success on failure
4915053 nss_setent() always fails for setpwent()
4973536 libnsl - t_getprotaddr memory leak
4977978 application deadlock in t_snd (libnsl) library call
 
(from 113719-11)
 
4738852 NIS: ypserv dev udp opened failed
 
(from 113719-10)
 
4757387 several daemons die with same stack trace strlen/xdr_nis_name/xdr_directory_obj
 
(from 113719-09)
 
4684558 NIS server doesn't answer ypbind broadcast request on IPMP failed over interface
 
(from 113719-08)
 
4765506 NIS+ password problems with Solaris 9
 
(from 113719-07)
 
4828271 clnt_create()/clnt_create_timed() don't timeout with unexpected UDP
 
(from 113719-06)
 
4874895 S9 x86 patches for 4353836 needs to be respun with correct dependencies
 
(from 113719-05)
 
4353836 if more than 255 file descriptors already open then gethostbyname fails
4152876 getspnam_r() fails due to use of fopen() in libnsl.so in applications under load
 
(from 113719-04)
 
4767276 rpcbind can be killed remotely
 
(from 113719-03)
 
4668699 buffer overflow in dbm_open and dbminit (except the one in libc)
 
(from 113719-02)
 
4710928 rpcbind exits with segv on both cluster nodes
 
(from 113719-01)
 
4727726 NIS+ user unable to change his/her passwd
 
(from 115166-05)
 
5016629 NIS+2LDAP: rpc.nisd does not re-BIND to DS after DS was restarted
 
(from 115166-04)
 
4990222 ypxfrd does not consistently create netgroup maps
 
(from 115166-03)
 
4724357 NIS+LDAPmapping: searches for creduser in ou=Hosts causing high overload
 
(from 115166-02)
 
        This revision accumulates S9U5 feature point patch 115493-01.
 
(from 115166-01)
 
4655472 segv in rpc.nisd on x86 stc tests
 
(from 115493-01)
 
4823553 NIS to LDAP transition project (N2L) 2001/282
4806914 use of multiple domains corrupts data in mapping elements while parsing
4687778 parser cannot process blank lines with tab spaces
4688447 parser cannot parse lines with unescaped '#'
4674036 get_lhs_match frees __nis_mapping_element_t even though it contains useful data
 
(from 114328-09)
 
6495007 memory leak in libsldap:__s_api_get_cachemgr_data()
 
(from 114328-08)
 
4667251 groups command returns number, not name for large group
5080012 LDAP: roles returns NULL if size of roles exceeds 1022 characters
 
(from 114328-07)
 
6289986 LDAP backend could be more efficient for netgroup lookups
6362106 LDAP netgroup backend does not handle null user information correctly
6455431 improper usage of locale-sensitive functions
 
(from 114328-06)
 
6230927 multiple netgroups in nfs_share access list breaks access list
 
(from 114328-05)
 
4858673 innetgr may never return and when it does, may produce incorrect results
 
(from 114328-04)
 
4966423 RBAC exec_attr search in LDAP: everything's wild
 
(from 114328-03)
 
5006801 getprojent(3project) dumps core with LDAP project(4) database
 
(from 114328-02)
 
4643366 groups with no members broken
4779333 LDAP get*ent requests may free already freed memory
4780109 __ns_ldap_firstEntry may return a cookie that is freed
4830525 buffer overflow in nss_ldap.so.1
 
(from 114328-01)
 
4751386 ether_ntohost() fails with rc 1 when resolving data from LDAP
 
(from 114342-12)
 
4882528 ypserv segfaults when connection to resolver can't be established
 
(from 114342-11)
 
6495651 putback of 6316946 introduced hard dependency (on 113719-20)
 
(from 114342-10)
 
6316946 N2L: ypserv sporadically doesn't refresh NIS maps from LDAP after their TTL has expired
 
(from 114342-09)
 
6332906 corrupt yp requests may cause ypserv to hang or dump core
 
(from 114342-08)
 
4926318 ypserv deletes cert7.db file
 
(from 114342-07)
 
4951399 ypserv prints do_accept : can't open connection : Interrupted system call
 
(from 114342-06)
 
5022150 NIS/LDAP transition disables secure maps
 
(from 114342-05)
 
4890530 ypserv should only answer bind requests from clients in /var/yp/securenets
 
(from 114342-04)
 
4905454 ypserv holds parent stdio's causing program such as rsh to hang
 
(from 114342-03)
 
4882937 patch for 4390053 should include updated /usr/include/crypt.h
 
(from 114342-02)
 
        This revision accumulates S9U5 feature point patch 115491-01.
 
(from 114342-01)
 
4283355 rpc.yppasswdd temporarily removes passwd source file resulting in exit
 
(from 115491-01)
 
4823553 NIS to LDAP transition project (N2L) 2001/282
 
(from 121322-03)
 
6294728 ldaplist: very long filter causes ldaplist to dump core in set_filter
6365882 ldaplist should print error messages to stderr not stdout
 
(from 121322-02)
 
6371932 Makefile.com fails to link ldapmodify with threads library since putback for 4701811
6373271 ldap/Makefile.com clean target does not remove object files
 
(from 121322-01)
 
4701755 idsconfig makes unsafe use of temporary files
4701811 Directory Server rootDN password is used on the command line
4739447 idsconfig needs changes to support DS 5.2 new password config
4857063 LDAP Makefile.com could be tidied up


Patch Installation Instructions:
--------------------------------
 
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
 
The following example installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/123456-07
 
The following example removes a patch from a standalone system:
 
       example# patchrm 123456-07
 
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.


Special Install Instructions:
-----------------------------
 
NOTE 1:  Migrating Your Sun Java System Directory Server:
 
         Schema changes were implemented between the release of Sun Java
         System (formerly Sun ONE) Directory Server 5.1 and the release
         of Directory Server 5.2.  ldapaddent now adds "objectclass: device"
         to the entries of ethers/bootparams.
 
         Therefore, if you choose to use the LDAP commands to migrate
         directory data from Directory Server 5.1 to 5.2, you must use
         ldapaddent -d to export data and ldapaddent to import data.
         Otherwise, if you use the Sun Java System Directory Server tools
         db2ldif and ldif2db to migrate data, you must apply Directory
         Server 5.2 with all patches before migrating the data or the data
         import could fail.
 
NOTE 2:  To get the complete fix for BugId 4909247 (Solaris 8 Client has broken
         .rhosts authentication with patch 108993-21), the LDAP server must
         be Sun Java System Directory server 5.2 patch 4 or greater, and
         pam_ldap(5) must be used for account management.  Then, in cases
         where there is no user authentication token (PAM_AUTHTOK) available,
         the pam_sm_acct_mgmt(3PAM) function from pam_ldap(5) tries to
         retrieve the user's account status without authenticating to the
         LDAP server as the user logging in.
 
NOTE 3:  To get the complete fix for BugId 6439960 (Solaris PAM framework buffer
         overflow causes core dump), please also install the following patch:
 
         114732-03 (or greater)  init patch
 
NOTE 4:  To get a complete fix for BugId 4668699 (buffer overflow in dbm_open
         and dbminit, except the one in libc), please also install the
         following patches:
 
         114570-01 (or greater)  libdbm patch
         114715-01 (or greater)  libdb2.so.1 patch
 
NOTE 5:  To get the complete fix for BugId's 4353836 (if more than 255 file
         descriptors are already open then gethostbyname fails) and 4874895
         (S9 x86 patches for 4353836 need to be respun with correct
         dependencies), please also install the following patches (after
         this patch):
 
         114354-04 (or greater)  libresolv patch
         115543-02 (or greater)  nss_compat.so.1 patch
         115546-02 (or greater)  nss_files.so.1 patch
         115551-02 (or greater)  nss_user.so.1 patch
 
NOTE 6:  To get the complete fix for BugId 4644308 (when public network is
         down, switching to a user using "su" hangs), please also install
         the following patch:
 
         117432-01 (or greater)  nss_nis.so.1 patch
 
NOTE 7:  To get the complete NIS to LDAP Transition Project, please also
         install the following patch:
 
         115678-01 (or greater)  idsconfig patch
 
NOTE 8:  To get the complete fix for BugId's 4667251 (groups command returns
         number, not name for large group) and 5080012 (LDAP: roles returns
         NULL if size of roles exceeeds 1022 characters), please also install
         the following patches:
 
         115543-04 (or greater)  nss_compat.so.1 patch
         115546-03 (or greater)  nss_files.so.1 patch
         123371-01 (or greater)  libsecdb.so.1 patch
 
NOTE 9:  To get the complete fix for BugId 6539516 (applications compiled
         with -lldap on Solaris 8 core dump on Solaris 9-10), please also
         install the following patch:
 
         114980-21 (or greater)  lp patch
 
NOTE 10: Refer to the patch log file for more information regarding the
         merging of /var/yp/Makefile.
 
NOTE 11: To get the complete fix for BugId 6750206 (dtlogin core dumps
         on Solaris 9 with 112960-62 or 112960-63 patches), please also
         install the following patch:
 
         114980-25 (or greater)  lp patch
 
NOTE 12: After applying this patch, if you encounter a message similar to
         this one:
 
May 17 17:20:04 hostname01 yppasswdd[3291]: [ID 467562 auth.error] yppasswdd: user test01: does not exist
 
         on the console or in the system log when attempting to change
         that user's password, you will need to rebuild the NIS password
         map.
 
NOTE 13: To get the complete fix for BugId's:
 
         4701755 idsconfig makes unsafe use of temporary files
         4701811 Directory Server rootDN password is used on the command line
         4739447 idsconfig needs changes to support DS 5.2 new password config
         4857063 LDAP Makefile.com could be tidied up
 
         please also install the following patch:
 
         115678-02 (or greater)  idsconfig Patch


README -- Last modified date: Saturday, November 10, 2012