Patch-ID# 118192-05
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security metropolis file-roller gtar
Synopsis: SunOS 5.9_x86: gtar patch
Date: Apr/19/2010
Install Requirements: NA
Solaris Release: 9_x86
SunOS Release: 5.9_x86
Unbundled Product:
Unbundled Release:
Xref: This patch available for SPARC as patch 118191
Topic: SunOS 5.9_x86: gtar patch
Relevant Architectures: i386
Bugs fixed with this patch:
Changes incorporated in this version: 6930214
Patches accumulated and obsoleted by this patch:
Patches which conflict with this patch:
Patches required with this patch:
Obsoleted by:
Files included with this patch:
/usr/sfw/bin/gtar
/usr/sfw/bin/tar
/usr/sfw/libexec/grmt
/usr/sfw/libexec/rmt
Problem Description:
6930214 CVE-2010-0624: heap-based buffer overflow in GNU tar
(from 118192-04)
6616278 upgrade GNU tar (gtar) to 1.19 or greater to address CVE-2007-4131
6835864 upgrade GNU tar (gtar) to version 1.22
(from 118192-03)
6812905 /usr/sfw/bin/gtar has incorrect rmt path compiled in
(from 118192-02)
6407045 upgrade GNU tar (gtar) to 1.15.90 to address CVE-2006-0300
6705131 gtar can produce broken archives when used with -M option
(from 118192-01)
5069958 [metropolis]: file-roller does not display multibyte characters
Patch Installation Instructions:
--------------------------------
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
The following example installs a patch to a standalone machine:
example# patchadd /var/spool/patch/123456-07
The following example removes a patch from a standalone system:
example# patchrm 123456-07
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.
Special Install Instructions:
-----------------------------
Not all patches listed in this section as needed for the completion
of a fix or feature, may be available at the same time as this patch.
This allows the remaining fixes/features to be made available sooner.
NOTE 1: To get the full fix for BugId's:
5069958 [metropolis]: file-roller does not display multibyte characters
(includes gtar man pages)
6407045 upgrade GNU tar (gtar) to 1.15.90 to address CVE-2006-0300
6705131 gtar can produce broken archives when used with -M option
please also install following patches:
114015-09 (or greater) libxml and Freeware man pages patch
116341-03 (or greater) gzip patch
118190-01 (or greater) Freeware localizable message file patch
118194-02 (or greater) gtar source patch
NOTE 2: To get the full fix for BugId's:
6835864 upgrade GNU tar (gtar) to version 1.22
6616278 upgrade GNU tar (gtar) to 1.19 or greater to address
CVE-2007-4131
please also install following patches:
116341-08 (or greater) gzip and Freeware info files patch
118194-03 (or greater) gtar source patch
However, note that these two patches aren't necessary to get the
operational parts of the fixes; they update documentation and
source code files.
README -- Last modified date: Saturday, November 10, 2012