Patch-ID# 118263-25
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: 6.3pc25 portal server 2004q2 security
Synopsis: Portal Server 6.3: Miscellaneous Fixes
Date: Sep/14/2007
Install Requirements: NA
Solaris Release: 8 9
SunOS Release: 5.8 5.9
Unbundled Product: Portal Server
Unbundled Release: 6.3
Xref: This patch is available for x86 as patch 118264 This patch is available for Linux as patch 118265 This patch is available for Windows as patch 118266
Topic:
Relevant Architectures: sparc
Bugs fixed with this patch:
Changes incorporated in this version: 6511262
Patches accumulated and obsoleted by this patch: 118248-01
Patches which conflict with this patch:
Patches required with this patch: 118195-07 (or greater)
Obsoleted by:
Files included with this patch:
/etc/init.d/gateway
/etc/init.d/netletd
/etc/init.d/rwproxyd
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display-clientURL.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display-entries.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display-entry.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display-error.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display-summary.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display-clientURL.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display-entries.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display-entry.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display-error.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display-summary.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-checkbox.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-end.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-link.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-password.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-select.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-selectoption.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-separate.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-start.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-string.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/ma-edit-link.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/ma-edit.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display-clientURL.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display-entries.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display-entry.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display-error.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display-summary.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display.template_nosummary
/etc/opt/SUNWps/desktop/default/NetletProvider/display.template
/etc/opt/SUNWps/desktop/default/tld/wireless_ab.tld
/etc/opt/SUNWps/desktop/default/tld/wireless_cal.tld
/etc/opt/SUNWps/desktop/default/tld/wireless_mail.tld
/etc/opt/SUNWps/desktop/default/tld/wireless_socs.tld
/etc/opt/SUNWps/desktop/default/tld/wireless_util.tld
/etc/opt/SUNWps/portlet/portletappengine.jar
/etc/rc0.d/K41gateway
/etc/rc1.d/K41gateway
/etc/rc2.d/K41gateway
/etc/rc3.d/S43gateway
/etc/rcS.d/K41gateway
/opt/SUNWps/bin/gateway
/opt/SUNWps/bin/netletd
/opt/SUNWps/bin/pdeploy
/opt/SUNWps/bin/rwproxyd
/opt/SUNWps/lib/gateway.jar
/opt/SUNWps/lib/libfile.so
/opt/SUNWps/lib/libftp.so
/opt/SUNWps/lib/libgoph.so
/opt/SUNWps/lib/libhttp.so
/opt/SUNWps/lib/libjmc.so
/opt/SUNWps/lib/libnet2.so
/opt/SUNWps/lib/libparseurl.so
/opt/SUNWps/lib/liburl.so
/opt/SUNWps/lib/netletproxy.jar
/opt/SUNWps/lib/portlet.jar
/opt/SUNWps/lib/psimapprovider.jar
/opt/SUNWps/lib/rewriter.jar
/opt/SUNWps/locale/srapGateway.properties
/opt/SUNWps/migration/lib/rewriter.jar
/opt/SUNWps/sdk/desktop/desktopsdk.jar
/opt/SUNWps/web-src/WEB-INF/classes/CommsExpressAddressBookProvider.properties
/opt/SUNWps/web-src/WEB-INF/classes/ssoadapteradminmsg.properties
/opt/SUNWps/web-src/WEB-INF/lib/abprovider.jar
/opt/SUNWps/web-src/WEB-INF/lib/calendarprovider.jar
/opt/SUNWps/web-src/WEB-INF/lib/desktop.jar
/opt/SUNWps/web-src/WEB-INF/lib/iabsapi.jar
/opt/SUNWps/web-src/WEB-INF/lib/improvider.jar
/opt/SUNWps/web-src/WEB-INF/lib/jabapi.jar
/opt/SUNWps/web-src/WEB-INF/lib/ldapbp.jar
/opt/SUNWps/web-src/WEB-INF/lib/mailprovider.jar
/opt/SUNWps/web-src/WEB-INF/lib/netfilejava1.jar
/opt/SUNWps/web-src/WEB-INF/lib/netfilejava1impl.jar
/opt/SUNWps/web-src/WEB-INF/lib/netfilejava2.jar
/opt/SUNWps/web-src/WEB-INF/lib/netfilejava2impl.jar
/opt/SUNWps/web-src/WEB-INF/lib/netletservlet.jar
/opt/SUNWps/web-src/WEB-INF/lib/netmail.jar
/opt/SUNWps/web-src/WEB-INF/lib/pimexchange.jar
/opt/SUNWps/web-src/WEB-INF/lib/piminterfaces.jar
/opt/SUNWps/web-src/WEB-INF/lib/pimldap.jar
/opt/SUNWps/web-src/WEB-INF/lib/pimwebdav.jar
/opt/SUNWps/web-src/WEB-INF/lib/portletcontainer.jar
/opt/SUNWps/web-src/WEB-INF/lib/rewriter.jar
/opt/SUNWps/web-src/WEB-INF/lib/ssoadapter.jar
/opt/SUNWps/web-src/WEB-INF/lib/wireless_taglib.jar
/opt/SUNWps/web-src/WEB-INF/lib/wireless_taglib_ab.jar
/opt/SUNWps/web-src/WEB-INF/lib/wireless_taglib_cal.jar
/opt/SUNWps/web-src/WEB-INF/lib/wireless_taglib_mail.jar
/opt/SUNWps/web-src/WEB-INF/lib/wireless_taglib_util.jar
/opt/SUNWps/web-src/WEB-INF/lib/xslui.jar
/opt/SUNWps/web-src/WEB-INF/lib/xslutil.jar
/opt/SUNWps/web-src/WEB-INF/wireless_ab.tld
/opt/SUNWps/web-src/WEB-INF/wireless_cal.tld
/opt/SUNWps/web-src/WEB-INF/wireless_mail.tld
/opt/SUNWps/web-src/WEB-INF/wireless_socs.tld
/opt/SUNWps/web-src/WEB-INF/wireless_util.tld
/opt/SUNWps/web-src/console/js/netletconsolecomp.js
/opt/SUNWps/web-src/netfile/nfuijava1.cab
/opt/SUNWps/web-src/netfile/nfuijava1.jar
/opt/SUNWps/web-src/netfile/nfuijava2.jar
/opt/SUNWps/web-src/netlet/kssl.cab
/opt/SUNWps/web-src/netlet/kssl.jar
/opt/SUNWps/web-src/netlet/netlet.cab
/opt/SUNWps/web-src/netlet/netlet.cab
/opt/SUNWps/web-src/netlet/netlet.jar
/opt/SUNWps/web-src/netlet/netletdetect.cab
/opt/SUNWps/web-src/netlet/netletdetect.jar
/opt/SUNWps/web-src/netlet/netletjsse.cab
/opt/SUNWps/web-src/netlet/netletjsse.jar
/opt/SUNWps/web-src/netmail/nmins.cab
/opt/SUNWps/web-src/netmail/nmins.jar
/opt/SUNWps/web-src/netmail/nmui.cab
/opt/SUNWps/web-src/netmail/nmui.jar
/opt/SUNWps/web-src/proxylet/RegX.dll
/opt/SUNWps/web-src/proxylet/kssl.jar
/opt/SUNWps/web-src/proxylet/proxyletapplet.jar
/opt/SUNWps/web-src/proxylet/proxyletscript.jar
/opt/SUNWps/web-src/ps/ssoadapteradmin/AddProperty.jsp
/opt/SUNWps/web-src/ps/ssoadapteradmin/EditTemplateProperties.jsp
/opt/SUNWps/web-src/ps/ssoadapteradmin/PropertyPickType.jsp
Problem Description:
6511262 Gateway getting reports of Cross-site scripting vulnerabilities
(from 118263-24)
6413050 libnet: SSL through proxy is broken
4328485 Netfile certificate expired
6511262 Gateway Cross-Site Scripting issue XSS vulnerabilities
6442704 multiple instances of a portlet in the desktop can cause the portlets to fail to load
(from 118263-23)
6477961 Rewriter library does not parse some javascripts
(from 118263-22)
6364873 Gateway Rewriter not working properly with javascript
(from 118263-21)
6252410 netlet not extending the session
(from 118263-20)
6389623 Locale for the portlet title should depend on user locale vs browser locale
6420583 FileLookup should synchronize modifications to hashmap
(from 118263-19)
6344207 Lost ldap response can cause the portal server to lock up.
6397156 Must provide mechanism to inhibit session invalidation by portlet app engine.
5031606 Urlscraper channels cause webserver crash
(from 118263-18)
6386334 High CPU usage on Weblogic while using portlets
(from 118263-17)
5049587 Portlet rendering issues with jsp includes in Weblogic
6384453 issues with getPortletSession returning null
6190600 Portlet failover does not happen in Weblogic
(from 118263-16)
6354095 Exchange_owa_2003_ruleset on Portal SRAP 2005Q1 breaks the drop down menu in OWA.
6196020 mailto: links cause rewriter to throw exceptions and bloat logfiles
6195816 Significant performance degradation when Gateway Logging (Identity) Enabled on the SRA
6317346 GW fails after PS restart.
(from 118263-15)
6347098 dpadmin remove --dry-run -t root does not do a dry run
(from 118263-14)
6327560 Problem with localize portlet's title when minimized
6347744 Unnecessary error messages in gateway log causing confusion
(from 118263-13)
6225341 proxy-auth fails for MS addressbook
6274489 Anchor part in the URL is supressed during redirection
6331852 With authentication-less desktop disabled, portal/dt returns a blank page
(from 118263-12)
6294445 NLP and RWP does not pick up properties from AMConfig-<instance>.properties file
6306835 The logout URL gets redirected to the portalserver rather to the LB
(from 118263-11)
6272139 Using netlet on IE with JRE 1.5 active, HTTP respond code 500 if portal logout clicked
6279911 Netfile maybe leaving cached information
(from 118263-10)
6179131 With loadbalancer setup, portal desktop has to switch protocols depending on the client
6250950 console doesnot accept "=" char in Unnamed property values
6268100 With URLMasking enabled, the relogin link points to the wrong authentication module
(from 118263-09)
4982582 IE Crashes while Loading Netlet with Default Microsoft JVM
6181978 Need finer Netlet synchronization to avoid JSS hangs
6194214 Implement keep alives in Netlet sockets
(from 118263-08)
6176790 Portal Server does not support Filtered Roles
6177432 Proxylet does not get launched using IE with JRE1.5
6208279 Netlet with multiple targets fails in proxylet mode
6252439 Fix for 5067071 stops gateway starting when using PS/IS seperation
6252449 rwproxyd can not start after installing 118263-05
(from 118263-07)
6241901 Slow logins when one rewriter proxy in a set is unavailable
(from 118263-06)
5067071 Gateway relies on one specific portal server to start
6220853 Gateway uses wrong org to authenticate using IE with discussions enabled
(from 118263-05)
4328485 Portal applet signing certificate has expired
(from 118263-04)
4863251 Mac OS X support required in SRA 6.x
4925306 Portal 6.0 ThreadPool does not handle java.lang.Error
5085592 Multiple virtual ips cannot be configured when gateway uses a loadbalancer to do ssl
5087023 Unable to create a static netlet rule with a hyphen in the target host name
5088176 JSPProvider changes required for admin taglib
5106771 Virtualhost not usable when terminating SSL externally
6186633 Connection to Remotely Anywhere gets lost when accessed through Internet Explorer with MSJVM
6191465 pdeploy command exits with success '0' even when the command has failed.
(from 118263-03)
5085363 PS6.3 - GW fails to start when PS/IS's are behind of LB
5088270 Exchange Calendar & AddressBook should support webdav
6187226 JspSession getting lost due to mishandling of last read Map object
(from 118263-02)
4919693 Mail Channel does not work in SSL mode
4942807 PAB needs to work with hosted domains
5049038 Comm channel Integration with UWC and address book
5069157 PAB needs to work with Communications Express
5072272 trustAllServerCerts should also trust all host names
6184747 No way to remove a context from context Cache
6189042 IM Channel does not work in secure/open modes simultaneously
(from 118263-01)
5014142 ProxyAuth'n to calendar server fails if portal display preferences are changed
5075707 GW synchronization changes to prevent GW crashes on JSS/NSS
5079713 Instant messaging channel is broken when accessed through the Gateway
5003538 Netlet proxy has open connections, which causes it to hang under a mild load
5085361 Portal Desktop does not function correctly when accessed via https through a load balancer
5083578 Problems while Editing SSO Template via Admin GUI
Patch Installation Instructions:
--------------------------------
For Solaris 8-9 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions. The following example
installs a patch to a standalone machine : The command should be run
from where this patch directory is
example# patchadd 116804-01
The following example removes a patch from a standalone system:
example# patchrm 116804-01
For additional examples please see the appropriate man pages.
Special Install Instructions:
-----------------------------
To complete the patch install, you must deploy the updated web application using
# /opt/SUNWps/bin/deploy redeploy
and then restart your web container instances.
WARNING: When using Sun Java System Web Server as the portal web container
the deploy command redeploys content from /opt/SUNWwbsvr/web-src
to /var/opt/sun/portal/https-<hostname>/<deploy-dir>/web-apps.
Any customisations to the Portal web application should always be made
to web-src and then deployed to web-apps. Ensure that any changes you
have made under web-apps have been replicated in web-src before
running deploy, or they will be lost.
For further patch information and patch installation instructions, refer
to the included patch release notes file, rel_notes.html, located inside
the patch directory once the patch has been unzipped.
README -- Last modified date: Saturday, November 10, 2012