Patch-ID# 118264-25


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: 6.3pc25 portal server 2004q2 x86 security
Synopsis: Portal Server 6.3_x86: Miscellaneous Fixes
Date: Sep/14/2007


Install Requirements: NA

Solaris Release: 8_x86 9_x86

SunOS Release: 5.8_x86 5.9_x86

Unbundled Product: Portal Server

Unbundled Release: 6.3

Xref: This patch is available for sparc as patch 118263 This patch is avaialble for linux as patch 118265 This patch is available for windows as patch 118266

Topic:

Relevant Architectures: i386

Bugs fixed with this patch:

Sun CR # Bug #
4328485
486325111990399
491969312076504
492530612075093
494280712076537
498258212094478
500353812094629
501414212094621
503160612079831
504903812094713
504958712083986
506707112070059
506915712094691
507227212078720
507570712094391
507971312094521
508357812094544
508536112094390
508536312088448
508559212081830
508702312078951
508817612079603
508827012092436
510677112094903
617679012097780
617743212097953
617913112098432
618197812099215
618474712099991
618663312100504
618722612100640
618904212100750
619060012101130
619146512101377
619421412102011
619581612102330
619602012102382
620827912105273
622085312107824
622534112108862
624190112112272
625095012114278
625241012114599
625243912114610
625244912114616
626810012118775
627213912119800
627448912120441
627991112121811
629444512126110
630683512129637
631734612132587
632756012135818
633185212137336
634420712140837
634709812141475
634774412141647
635409512143371
636487312146798
638445312152765
638633412153285
638962312154252
639715612156543
641305012161235
642058312163624
644270412169847
647796112180196
651126212189494


Changes incorporated in this version: 6511262

Patches accumulated and obsoleted by this patch: 118249-01

Patches which conflict with this patch:

Patches required with this patch: 118196-07 (or greater)

Obsoleted by:

Files included with this patch:

/etc/init.d/gateway
/etc/init.d/netletd
/etc/init.d/rwproxyd
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display-clientURL.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display-entries.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display-entry.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display-error.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display-summary.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/aml/display.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display-clientURL.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display-entries.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display-entry.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display-error.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display-summary.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/display.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-checkbox.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-end.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-link.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-password.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-select.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-selectoption.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-separate.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-start.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit-string.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/edit.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/ma-edit-link.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/html/ma-edit.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display-clientURL.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display-entries.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display-entry.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display-error.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display-summary.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display.template
/etc/opt/SUNWps/desktop/default/CommsExpressAddressBookProvider/wml/display.template_nosummary
/etc/opt/SUNWps/desktop/default/NetletProvider/display.template
/etc/opt/SUNWps/desktop/default/tld/wireless_ab.tld
/etc/opt/SUNWps/desktop/default/tld/wireless_cal.tld
/etc/opt/SUNWps/desktop/default/tld/wireless_mail.tld
/etc/opt/SUNWps/desktop/default/tld/wireless_socs.tld
/etc/opt/SUNWps/desktop/default/tld/wireless_util.tld
/etc/opt/SUNWps/portlet/portletappengine.jar
/etc/rc0.d/K41gateway
/etc/rc1.d/K41gateway
/etc/rc2.d/K41gateway
/etc/rc3.d/S43gateway
/etc/rcS.d/K41gateway
/opt/SUNWps/bin/gateway
/opt/SUNWps/bin/netletd
/opt/SUNWps/bin/pdeploy
/opt/SUNWps/bin/rwproxyd
/opt/SUNWps/lib/gateway.jar
/opt/SUNWps/lib/libfile.so
/opt/SUNWps/lib/libftp.so
/opt/SUNWps/lib/libgoph.so
/opt/SUNWps/lib/libhttp.so
/opt/SUNWps/lib/libjmc.so
/opt/SUNWps/lib/libnet2.so
/opt/SUNWps/lib/libparseurl.so
/opt/SUNWps/lib/liburl.so
/opt/SUNWps/lib/netletproxy.jar
/opt/SUNWps/lib/portlet.jar
/opt/SUNWps/lib/psimapprovider.jar
/opt/SUNWps/lib/rewriter.jar
/opt/SUNWps/locale/srapGateway.properties
/opt/SUNWps/migration/lib/rewriter.jar
/opt/SUNWps/sdk/desktop/desktopsdk.jar
/opt/SUNWps/web-src/WEB-INF/classes/CommsExpressAddressBookProvider.properties
/opt/SUNWps/web-src/WEB-INF/classes/ssoadapteradminmsg.properties
/opt/SUNWps/web-src/WEB-INF/lib/abprovider.jar
/opt/SUNWps/web-src/WEB-INF/lib/calendarprovider.jar
/opt/SUNWps/web-src/WEB-INF/lib/desktop.jar
/opt/SUNWps/web-src/WEB-INF/lib/iabsapi.jar
/opt/SUNWps/web-src/WEB-INF/lib/improvider.jar
/opt/SUNWps/web-src/WEB-INF/lib/jabapi.jar
/opt/SUNWps/web-src/WEB-INF/lib/ldapbp.jar
/opt/SUNWps/web-src/WEB-INF/lib/mailprovider.jar
/opt/SUNWps/web-src/WEB-INF/lib/netfilejava1.jar
/opt/SUNWps/web-src/WEB-INF/lib/netfilejava1impl.jar
/opt/SUNWps/web-src/WEB-INF/lib/netfilejava2.jar
/opt/SUNWps/web-src/WEB-INF/lib/netfilejava2impl.jar
/opt/SUNWps/web-src/WEB-INF/lib/netletservlet.jar
/opt/SUNWps/web-src/WEB-INF/lib/netmail.jar
/opt/SUNWps/web-src/WEB-INF/lib/pimexchange.jar
/opt/SUNWps/web-src/WEB-INF/lib/piminterfaces.jar
/opt/SUNWps/web-src/WEB-INF/lib/pimldap.jar
/opt/SUNWps/web-src/WEB-INF/lib/pimwebdav.jar
/opt/SUNWps/web-src/WEB-INF/lib/portletcontainer.jar
/opt/SUNWps/web-src/WEB-INF/lib/rewriter.jar
/opt/SUNWps/web-src/WEB-INF/lib/ssoadapter.jar
/opt/SUNWps/web-src/WEB-INF/lib/wireless_taglib.jar
/opt/SUNWps/web-src/WEB-INF/lib/wireless_taglib_ab.jar
/opt/SUNWps/web-src/WEB-INF/lib/wireless_taglib_cal.jar
/opt/SUNWps/web-src/WEB-INF/lib/wireless_taglib_mail.jar
/opt/SUNWps/web-src/WEB-INF/lib/wireless_taglib_util.jar
/opt/SUNWps/web-src/WEB-INF/lib/xslui.jar
/opt/SUNWps/web-src/WEB-INF/lib/xslutil.jar
/opt/SUNWps/web-src/WEB-INF/wireless_ab.tld
/opt/SUNWps/web-src/WEB-INF/wireless_cal.tld
/opt/SUNWps/web-src/WEB-INF/wireless_mail.tld
/opt/SUNWps/web-src/WEB-INF/wireless_socs.tld
/opt/SUNWps/web-src/WEB-INF/wireless_util.tld
/opt/SUNWps/web-src/console/js/netletconsolecomp.js
/opt/SUNWps/web-src/netfile/nfuijava1.cab
/opt/SUNWps/web-src/netfile/nfuijava1.jar
/opt/SUNWps/web-src/netfile/nfuijava2.jar
/opt/SUNWps/web-src/netlet/kssl.cab
/opt/SUNWps/web-src/netlet/kssl.jar
/opt/SUNWps/web-src/netlet/netlet.cab
/opt/SUNWps/web-src/netlet/netlet.cab
/opt/SUNWps/web-src/netlet/netlet.jar
/opt/SUNWps/web-src/netlet/netletdetect.cab
/opt/SUNWps/web-src/netlet/netletdetect.jar
/opt/SUNWps/web-src/netlet/netletjsse.cab
/opt/SUNWps/web-src/netlet/netletjsse.jar
/opt/SUNWps/web-src/netmail/nmins.cab
/opt/SUNWps/web-src/netmail/nmins.jar
/opt/SUNWps/web-src/netmail/nmui.cab
/opt/SUNWps/web-src/netmail/nmui.jar
/opt/SUNWps/web-src/proxylet/RegX.dll
/opt/SUNWps/web-src/proxylet/kssl.jar
/opt/SUNWps/web-src/proxylet/proxyletapplet.jar
/opt/SUNWps/web-src/proxylet/proxyletscript.jar
/opt/SUNWps/web-src/ps/ssoadapteradmin/AddProperty.jsp
/opt/SUNWps/web-src/ps/ssoadapteradmin/EditTemplateProperties.jsp
/opt/SUNWps/web-src/ps/ssoadapteradmin/PropertyPickType.jsp

Problem Description:

6511262 Gateway getting reports of Cross-Site scripting vulnerabilities
 
(from 118264-24)
 
6413050 libnet: SSL through proxy is broken
4328485 Netfile certificate expired
6511262 Gateway Cross-Site Scripting issue XSS vulnerabilities
6442704 multiple instances of a portlet in the desktop can cause the portlets to fail to load
 
(from 118264-23)
 
6477961 Rewriter library does not parse some javascripts
 
(from 118264-22)
 
6364873 Gateway Rewriter not working properly with javascript
 
(from 118264-21)
 
6252410 netlet not extending the session
 
(from 118264-20)
 
6389623 Locale for the portlet title should depend on user locale vs browser locale
6420583 FileLookup should synchronize modifications to hashmap
 
(from 118264-19)
 
6344207 Lost ldap response can cause the portal server to lock up.
6397156 Must provide mechanism to inhibit session invalidation by portlet app engine.
5031606 Urlscraper channels cause webserver crash
 
(from 118264-18)
 
6386334 High CPU usage on Weblogic while using portlets
 
(from 118264-17)
 
5049587 Portlet rendering issues with jsp includes in Weblogic
6384453 issues with getPortletSession returning null
6190600 Portlet failover does not happen in Weblogic
 
(from 118264-16)
 
6354095 Exchange_owa_2003_ruleset on Portal SRAP 2005Q1 breaks the drop down menu in OWA.
6196020 mailto: links cause rewriter to throw exceptions and bloat logfiles
6195816 Significant performance degradation when Gateway Logging (Identity) Enabled on the SRA
6317346 GW fails after PS restart.
 
(from 118264-15)
 
6347098 dpadmin remove --dry-run -t root does not do a dry run
 
(from 118264-14)
 
6327560 Problem with localize portlet's title when minimized
6347744 Unnecessary error messages in gateway log causing confusion
 
(from 118264-13)
 
6225341 proxy-auth fails for MS addressbook
6274489 Anchor part in the URL is supressed during redirection
6331852 With authentication-less desktop disabled, portal/dt returns a blank page
 
(from 118264-12)
 
6294445 NLP and RWP does not pick up properties from AMConfig-<instance>.properties file
6306835 The logout URL gets redirected to the portalserver rather to the LB
 
(from 118264-11)
 
6272139 Using netlet on IE with JRE 1.5 active, HTTP respond code 500 if portal logout clicked
6279911 Netfile maybe leaving cached information
 
(from 118264-10)
 
6179131 With loadbalancer setup, portal desktop has to switch protocols depending on the client
6250950 console doesnot accept "=" char in Unnamed property values
6268100 With URLMasking enabled, the relogin link points to the wrong authentication module
 
(from 118264-09)
 
4982582 IE Crashes while Loading Netlet with Default Microsoft JVM
6181978 Need finer Netlet synchronization to avoid JSS hangs
6194214 Implement keep alives in Netlet sockets
 
(from 118264-08)
 
6176790 Portal Server does not support Filtered Roles
6177432 Proxylet does not get launched using IE with JRE1.5
6208279 Netlet with multiple targets fails in proxylet mode
6252439 Fix for 5067071 stops gateway starting when using PS/IS seperation
6252449 rwproxyd can not start after installing 118264-05
 
(from 118264-07)
 
6241901 Slow logins when one rewriter proxy in a set is unavailable
 
(from 118264-06) 
 
5067071 Gateway relies on one specific portal server to start
6220853 Gateway uses wrong org to authenticate using IE with discussions enabled
 
(from 118264-05)
 
4328485 Portal applet signing certificate has expired
 
(from 118264-04)
 
4863251 Mac OS X support required in SRA 6.x
4925306 Portal 6.0 ThreadPool does not handle java.lang.Error
5085592 Multiple virtual ips cannot be configured when gateway uses a loadbalancer to do ssl
5087023 Unable to create a static netlet rule with a hyphen in the target host name
5088176 JSPProvider changes required for admin taglib
5106771 Virtualhost not usable when terminating SSL externally
6186633 Connection to Remotely Anywhere gets lost when accessed through Internet Explorer with MSJVM
6191465 pdeploy command exits with success '0' even when the command has failed.
 
(from 118264-03) 
 
5085363 PS6.3 - GW fails to start when PS/IS's are behind of LB
5088270 Exchange Calendar & AddressBook should support webdav
6187226 JspSession getting lost due to mishandling of last read Map object
 
(from 118264-02)
 
4919693 Mail Channel does not work in SSL mode
4942807 PAB needs to work with hosted domains
5049038 Comm channel Integration with UWC and address book
5069157 PAB needs to work with Communications Express
5072272 trustAllServerCerts should also trust all host names
6184747 No way to remove a context from context Cache
6189042 IM Channel does not work in secure/open modes simultaneously
 
(from 118264-01)
 
5014142 ProxyAuth'n to calendar server fails if portal display preferences are changed
5075707 GW synchronization changes to prevent GW crashes on JSS/NSS
5079713 Instant messaging channel is broken when accessed through the Gateway
5003538 Netlet proxy has open connections, which causes it to hang under a mild load
5085361 Portal Desktop does not function correctly when accessed via https through a load balancer
5083578 Problems while Editing SSO Template via Admin GUI


Patch Installation Instructions:
-------------------------------- 
For Solaris 8-9 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions.  The following example
installs a patch to a standalone machine : The command should be run
from where this patch directory is
 
       example# patchadd 116804-01
 
The following example removes a patch from a standalone system:
 
       example# patchrm 116804-01
 
For additional examples please see the appropriate man pages.


Special Install Instructions:
----------------------------- 
 
To complete the patch install, you must deploy the updated web application using
# /opt/SUNWps/bin/deploy redeploy
and then restart your web container instances.
 
WARNING: When using Sun Java System Web Server as the portal web container
the deploy command redeploys content from /opt/SUNWwbsvr/web-src
to /var/opt/sun/portal/https-<hostname>/<deploy-dir>/web-apps.
Any customisations to the Portal web application should always be made
to web-src and then deployed to web-apps. Ensure that any changes you
have made under web-apps have been replicated in web-src before
running deploy, or they will be lost.
 
For further patch information and patch installation instructions, refer
to the included patch release notes file, rel_notes.html, located inside
the patch directory once the patch has been unzipped.


README -- Last modified date: Saturday, November 10, 2012