Patch-ID# 116837-04


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: ldap c sdk 5.19 security
Synopsis: Sun LDAP C SDK 5.19 patch : SunOS sparc
Date: Feb/06/2009


Install Requirements: NA

Solaris Release: 9 10

SunOS Release: 5.9 5.10

Unbundled Product:

Unbundled Release:

Xref: This patch available for i386 as patch 116838
        NOTE:   Refer to Special Install Instructions section for
                specific information on this patch.


Topic:

Relevant Architectures: sparc

Bugs fixed with this patch:

Sun CR # Bug #
476333112069146
620948112105495
629821512127239
632311112134280
634109012140024
638005112151412
638396212152601
639613012156268
642104912163739
648983612183429
649560212185167
663075912218233
668380812233125

Note: Mozilla bugs fixed with this patch: 121276 123420 136534 137017 140101 152852 166189 174912 177775 177778 179951 139535 143300


Changes incorporated in this version: 6209481 6323111 6383962 6495602 6630759 6683808

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch:

Obsoleted by:

Files included with this patch:

/usr/lib/mps/libldap50.so
/usr/lib/mps/libprldap50.so
/usr/lib/mps/libssldap50.so
/usr/lib/mps/sparcv9/libldap50.so
/usr/lib/mps/sparcv9/libprldap50.so
/usr/lib/mps/sparcv9/libssldap50.so

Problem Description:

6209481 mshttpd crashes due to double free in libldap50.so
6323111 memleak in nslberi_ber_realloc
6383962 memory leak in prldap_connect()
6495602 ldapsearch core dump following anonymous referral
6630759 DS 5.2 p6, crash on some requests
6683808 memory and resource leaks in ldapssl_AuthCertificate()
 
(from 116837-03)
6298215 JES dependency mismatch on libldap50.so
6341090 Escaped character stripped by ldap_explode_dn
6380051 Undersized buffer causes Directory Server not to scale
6396130 sasl bind does not respect LDAP_OPT_RECONNECT option
6421049 Directory Server 5.2* vulnerable against remote DoS attack
6489836 ldapcsdk fails to connect in ipv6
 
(from 116837-02)
4763331 reconnect option prevents LDAP binds from execution


Patch Installation Instructions:
--------------------------------
 
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions.  The following example
installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
       example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.


Special Install Instructions:
-----------------------------


README -- Last modified date: Saturday, November 10, 2012