Patch-ID# 116298-21

This revision was created to correct a patch construction issue.
 
(from 116298-20)
 
6230798 Exception thrown during the closure of a connection by the pool leads to a connection leak
6264531 AS7.x connection pool does not manage failed connections well hence later unable to get connections
6360036 Cannot delete certificate
6361877 On restart, initPool throw IllegalStateException  and jdbc pool not initialized (JDBC fails)
6387790 Cross Site Scripting Vulnebility in Application Server 7 Update 8 and 2004Q2 UR4
6396045 NFS support on SUN 's app server
 
(from 116298-19)
 
6267905 appservd takes up CPU resources when primordial appservd is not present
6277733 On RH3 Linux, appservd crashes in intermittently and caused by LinuxKernelStats (when stats-init on)
6193156 AS7.x crash with CORE3148: failed to wait on signals. (Interrupted system call)
6223367 modification of acl does not add object into server1-obj.conf
6223368 Not able to see the ACL's in admin UI eg "B. Pick an existing ACL".
6285724 HTTP request smmuggling vulnerability["GETorPOST / HTTP/1.x" with content-length and body]
6286783 server has to reject requests with Double 'Content-Length' header
6288472 Unable to change the smux port of subagent
6308777 Servlet container UTF-8 URI mapping vulnerability
6324565 Fixes for 6316387 and 6318003 need to be ported to appserver7
 
(from 116298-18)
 
4954711 Missing synchronization in connection pool can cause deadlock
4994363 Security role mapping not updated properly
6210327 Appserver Reverse SSL Proxy plugin is vulnerable to MITM attacks
6217658 "Server-Parsed HTML" can lead to display jsp source with trailing '/' on URI
6240424 cross-site scripting vulnerability in a default error page
6251775 Session Timeout did not appear to be taking into account of the last access time
 
(from 116298-17)
 
6181948 alleged input validation error.
6197275 cert7.db getting generated in Appserver 7 ur5
 
(from 116298-16)
 
5043376 unwanted and conflicting Cache-control headers are generated
5057723 templates of asenv.conf and server.xml have hardcoded location specific to Solaris
5022976 Error while creating auth-realm using sun-appserv-admin
5049159 app svr should reconnect to directory svr if directory svr goes down and then co
5056917 Neither the CNCtxFactory or S1ASCtxFactory can be used to programmatically reconn
6088593 cts testsuite : ContainsHeaderTestServlet test FAILED
6092475 DOC: web server crash when running high load and app server reverse proxy plugin
6092499 REG:GAT resulting LDAP Server crash
6152742 JDBC connection pool does not properly release connections
6155154 client authentication not working with IIS 5.0 sun-passthrough plugin
6155446 Corrupted transaction log files hang appserver
6156869 DOC: No documentation on how to use MQ3.5SP1 with AS7 UR4
 
(from 116298-15)
 
Remove the changes introduced in -14 to address bugid 5043376.
 
5021054 7 SE : The EJB Classloader doesn't adhere to EJB Spec in terms of loading Java
5015561 JCA will leak physical connections if getMetaData() throws ResourceException
5025894 partial JCA 1.5 functionality requested
5017695 AS7 - cannot deploy .rar without <authentication-mechanism>.
6067367 AppServer 7.0 Ur3 rpms fails sun_patchchk during
 
(from 116298-14)
 
5063854 Able to access the last session of SJAS 7.0/7.1
5033159 HttpServletRequest.getCookies() method returns cookies from a totally different
5034880 Standalone AppServer UR3 Svr4 patch doesn't install properly
5039545 RN: AppServer-WebContainer sends ABSOLUTE redirects causing problems with extern
(removed) 5043376 unwanted and conflicting Cache-control headers are generated
5063790 Require a port (and backport) of a web server bug: 4882838
 
(from 116298-13)
 
4734337 IWS: Listing of groups/users in ACL UI is broken.
4744128 EJB compiler failed to generate valid java code for inner classes
4761151 Persistency of proxy-to-container connections is not maintained(out of box).
4840324 Security : Cross-site scripting in sample applications
4849368 "Use Existing JDK" text field accepts blank space
4872948 circular path in jar manifest causes 'error received from mbean null' error
4876672 request.getAttribute("javax.servlet.error.request_uri") is not working ..
4921551 JDOQL does not work when contains a non trivial, proper filter with boolean expr
4923230 CMP Oracle boolean field problem in finder
4926581 Appserver asadmin utility always requests a password for SSL startup
4930027 Appserver performance problem with jsp:useBean
4947756 Reg: Not able to setup Log Rotation - A blank page is loaded
4949245 App Server crashes during deployment of a WAR file
4955404 appclient does not honor -mainclass option
4957162 NMTOKEN/NMTOKENS values must be XML name tokens : Failed Message during deployment
4962418 a typo in JMS SessionWrapperWeb.rollback prevent the method from working
4965815 DOC::Logging/simple sample doesn't work
4969425 SNMP doesn't work when the instance is stopped and started (restart).
4972432 Not able to create a new domain using asant
4972796 Changes in j2ee application role mappings are lost during deployment
4976025 RPP:WebServer crashes when more one instance is defined in  obj.conf
4976401 iwsInstanceDeathCount is not being updated.
4976502 RN: perfdump for appserver does not work as in documentation
4978068 No information is displayed about the errors occurred while running ejbc.
4982525 Admin Tool works improperly in AS7.0UR1 Japanese version
4987274 S1AS7: Deployment fails if remote interface for the bean is named Util
4991198 S1AS7SE/Appserver logs user passwords in CLEAR TEXT in the log file
4991659 Appserver RPMs for 7.0.0_02 are not compatible with NSPR 4.1.6 in JES2
4992275 Need to modify the README file
4994366 RN: S1AS7 - deploy error with  ejb-local-ref and ejb-link.
4997113 appservd.exe crashed when  application is accessed using  passthrough plug-in wi
5003309 DOCS: URL wrong in AG Deployment chapter under static deployment
5004406 --passwordfile does not work with mix of upper/lowercase characters
5005643 Need to modify the README file for CD
5005653 There is a warning message when deploy jdbc/simple sample
5013767 Plugin truncating XML stream
5017630 RN: AS7U3: can not upgrade on XP
5017895 NPE when running NileApp in x86 platform
5021585 REG:  Monitoring iiop-listener not working
5021712 REG: Error while running ejbc
5022904 RN: DB2 Server has connection growing after idle time out with DB2 Type II Drive
5024804 error in 7.0 performance tuning doc
5029014 package-appclient script needs updating to be compatible with new NSS path(s)
 
(from 116298-12)
 
This patch revision was reserved but not used.
 
(from 116298-11)
 
This patch revision was reserved but not used.
 
(from 116298-10)
 
This patch revision created to address patch construction issues.
 
(from 116298-09)
 
This patch revision created to address patch construction issues.
 
(from 116796-04)
 
This patch revision created to address patch construction issues.
 
(from 116796-03)
 
5004406 --passwordfile does not work with mix of upper/lowercase characters
 
(from 116796-02)
 
4761151 Persistency of proxy-to-container connections is not maintained(out of b
ox).
4969425 SNMP doesn't work when the instance is stopped and started (restart).
4976401 iwsInstanceDeathCount is not being updated.
 
(from 116796-01)
 
Revision skipped.
 
(from 116298-08)
 
4996111 webcore memory growth
 
(from 116298-07)
 
4978647 Petstore: org.apache.jasper.JasperException: Unable to compile class for JSPNote
4987217 REG in UR3 JSP compiler
 
(from 116298-06)
 
4724728 Redefined finder methods in spr/subclass home intfs duplicated in generated code
4776091 MSTR: CLI -License key with leading and trailing spaces not honored (Problems exists in RMT)
4811431 Cannot access a web module if the location attribute in server.xml ends in /
4818853 LocalTransaction association with ManagedConnection not preserved between EJBs
4819412 i18n "is not valid entry" is hardcoded
4830338 korean characters in cookie not working
4849513 dynamic reloading does not pick up changes to sun-application.xml after the firs
4851218 DOC: unable to install self signed certificate
4853543 MODEL: Should allow for PK class to have inherited fields
4860400 EJB Classloader returns null when calling Class.getPackaged()
4861767 SECURITY BUG FIX:Accept language issue (SB)
4861948 getEJBMetaDATA0 fails with exception after context re-initialized
4862994 Domain Creation fails on RedHat 9 (New Linux version support)
4869664 two byte characters cause problems in the http GET URLs
4870233 JSP with page directive "buffer=none" does not work when using s1as7.0
4884552 auth-method=CLIENT-CERT forces the SSL client auth regardless of uri-pattern in
4886253 Unable to retrieve X509 Client Certificate behind a passthrough proxy listener
4886683 S1AS7:UR2 installation on Win2003 enterprise throughs "Unsupported platform (New Windows OS Version support)
4888612 Failed to start server instance after installing eval build on X86 (New Eval installer for X86)
4890613 UR2 Linux installer not upgrading existing jdk
4892587 S1AS7 does not enforce "grant signed by" policy
4893954 Rotatelogs script causes watchdog process to die and all other appserver processes
4895814 request getRequestUR1() returning inconsistent values.
4902210 REG: Incorrect support jdk version provided in java config page
4904100 At S1AS7 SE, rich Client always see an exception
4904764 Could not stop the admin-server when running Redhat 8.0 (New Red Hat OS version support)
4907283 CodeFix as in lWs60SP5 for Bugid 4846815 to S1AS7
4909380 Orion Uninstall of unbundled AS7 pkg-based product removes shared components
4909796 UR2: Upgrade installer fails if JDK used by S1AS is at non-default location
4910686 app-server does lazy auth even if http port is not client auth enabled
4913290 Form Based Authentication does not provide the same functionality as in iAS6.x
4913458 Web container thread names are not unique
4914362 Enabling WebPub or Remote File Manipulation allows any user to obtain a director (SB)
4917206 Unable to set ACL for anything but entire server through admin GUI
4922884 Web Service invocation from JAXRPC client throws Internal Server Error
4925548 ExceptionininitializerError with JDK 1.4.2
4926972 S1AS-UR2-Bld3: eval upgrade: error about missing archive file during upgrade
4928341 using chunk data causes endless loop/high CPU in appserver (SB)
4930027 Appserver performance problem with jsp:useBean
4930986 Throw appropriate errormsg when Abrupt termination of upgrade corrupts pkgs
4931379 S1AS 7.0 U1 crashes when AS_NSS points to /usr/lib/mps/secv1 in Orion1_B09 +
4933997 Appserver startup problems after upgrade on Linux (iMQ upgrade)
4937667 Upgrade script to use the same packages that complete install
4937416 User Principle class throws ClassCastException
4938319 RN: Online doc: Need to document the workaround for escalation 548517
4942044 Migrating NSS/NSPR from 3.3.4 t0 3.3.6
4942341 Code generated for <jsp:useBean> differs based on class or beanName attr usage
4942381 Could not initialize ORB monitoring
4947231 libpassthrough.so(AS7.0-UR3) causes WS6.1 to crash on x86 Solaris Keywords:
4949318 Reg: Petstore sample deployment failed on Windows 2000 advanced server
4950035 Performance Tuning doc refers to both obj.conf and <instance_name>-obj.conf
4954609 -passwordfile doesn't work on Appserver 7.0MU1 create-domain
4958393 ServletContext.getContex(String) does not return other contexts when...
4958395 Reg: Not able to install mainstream build if an eval build pre-installed on windows
4962225 RN: We should remove Smartticket sample on X86.
4965713 LDAP: user can enter wildcard '*' for UID in basic auth(WEbserver:4957829)
4969036 Regression: After entering username/password appserver changing URI
4978369 flex log buffer overflow
4980136 SolSparc: 7.0.0_03 UR3 B02-Upgrade script fails while adding SUNWpr package
4980660 SOAP server array DoS
 
(from 116298-05)
(from 116298-04)
(from 116298-03)
(from 116298-02)
(from 116298-01)
 
Revisions skipped.

--------------------------------
 
Refer to the man pages for instructions on using 'patchadd' and
'patchrm' scripts provided with Solaris, to install and remove patches.

-----------------------------
In the event that a version of the SUNWjaxp, SUNWxrpcrt, SUNWxrgrt,
or SUNWxsrt packages is installed on the target system that is
incompatible with this patch, the patchadd will terminate with a
message. In this case the package(s) must be replaced with a compatible
version of the package(s).
 
The incompatible VERSIONS of the packages which may be identified
by this patch are:
 
  PKGNAME      VERSION
  -----------  ----------------------
  SUNWjaxp     7.0,REV=2003.04.30.22.55
  SUNWxrpcrt   7.0,REV=2003.04.30.22.55
  SUNWxrgrt    7.0,REV=2003.04.30.22.55
  SUNWxsrt     7.0,REV=2003.04.30.22.55
 
You may check the VERSION of the installed packages using the pkgparam(1)
command as follows:
 
   /bin/pkgparam <PKGNAME> VERSION
 
A compatible version of the package(s) can be obtained
from the Java ES Release 2 media or by contacting Sun Support.
 
To update the target system remove the installed packages using:
 
   /usr/sbin/pkgrm <PACKAGE_NAME>
 
To install the compatible version of the package, change to the
directory where the package is located and use:
 
   /usr/sbin/pkgadd -d . <PACKAGE_NAME>
 
After the compatible package versions are installed, this patch
should be applied using patchadd.