OBSOLETE Patch-ID# 122301-61


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security genunix kernel /var/sadm/messages mpt doorfs race smark bottleneck sshd udfs corruption hang slave buffer nfs nfsv2 rfs3_symlink symlink_data nfs3_srv vpn mount pcfs usb fdgetchange multiterabyte ufs autofs vop_readdir mountd kernel rts rtm ssh
Synopsis: Obsoleted by: 122301-62 SunOS 5.9_x86: Kernel Patch
Date: Nov/03/2011


Install Requirements: After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reconfigure reboot is performed. Unless otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reconfigure reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.

Solaris Release: 9_x86

SunOS Release: 5.9_x86

Unbundled Product:

Unbundled Release:

Xref: This patch available for SPARC as patch 122300

Topic: SunOS 5.9_x86: Kernel Patch

Relevant Architectures: i386 i386.i86pc

Bugs fixed with this patch:

Sun CR # Bug #
124689314914259
433989715026405
440691415050242
445233915062632
461497915091161
462121915092635
463451915096115
463554615096390
465336115100439
466598315103787
467304115105292
468023015106684
468554515107766
468565815107790
470603615112738
470778615113192
470778815113194
470884615113496
470947515113635
471010815113786
471011115113787
471133515114104
471309715114498
471359215114590
471427315114784
471459615114853
471641315115301
471859015115791
471965415116032
472059515116271
472570215117604
472803415118208
473353215119703
474096915121918
474590915123360
474726115123772
474857815124136
475098915124873
475377615125728
475742715126834
475934115127365
475975915127483
476225415128198
476386415128699
476704515129721
476879515130339
477743615133006
478487215135301
479471215138347
479912215139946
480104415140684
480416515141749
481157515144194
481659015145766
481781715146159
481783315146168
482228715147612
482846715149452
483714015152228
483728515152283
483729015152287
484156615153752
485226915156721
485717915158294
485768315158432
485952815158931
486012015159103
486244915159625
486573115160595
486886315161461
488563815166254
488918715167344
489401515168762
489507615169172
489579815169455
489839715170307
489899115170488
490051615170944
490138015171172
490276315171588
490352115171821
490581215172451
492331215177189
492455415177535
492597015177949
492639115178062
492662415178115
492896415178794
493905515181452
495596215185954
495907715186809
495989915187075
496033615187183
496128815187439
496483915188484
496499615188533
496652115188958
496767415189315
496930615189702
497163015190375
497181015190438
497187615190453
497443115191083
497505715191280
497615515191545
497674515191712
497687515191752
497757415191927
498220415193169
498299115193450
498434615193847
498536515194150
499012215195508
500210015198109
500282615198211
500587015198978
500646915199124
500669015199198
500669515199199
500676215199221
501167615200830
501171815200839
501206515200961
501276515201191
501364015201468
501418015201617
501422915201629
501460015201754
501494615201854
501495115201856
501496915201859
501904415202913
502032515203300
502134715203532
502290315203838
502307415203897
502529615204449
503037715206043
503058115206098
503147015206365
503554915207747
503624215207916
504763015211315
504814515211478
504859615211609
504966015211868
505424015213143
505483515213332
505570315213528
505829315214254
506042515214595
506054815214638
506061815214657
506133115214840
506250815215181
506337515215431
506539715216002
506676715216389
507044815217497
507440415218809
507626215219392
507680115219585
507680415219587
508082815220975
508228215221461
508287515221681
508304815221724
508313315221757
508319715221775
508779215223174
508867015223455
509032415223954
509414215225129
509452815225254
509965315226730
510501015228489
510922515229870
510940415229926
510948715229970
510949615229975
617538115230925
617609615231135
617625615231196
618022515232389
618055715232464
618168015232849
618269515233133
618572615234077
618624915234242
619051915235087
619237015235664
619427115236274
621068115241869
621462015243218
622104015245883
622476415247443
623362415251170
625338815259468
625946715261586
626003915261787
626224915262567
626503615263647
626614015264148
627286515266763
627730715268435
627931715269297
629718615276337
629722715276353
631142815281937
632217915286433
632618715287870
632896015288939
632959315289189
633299015290442
633975915293266
634243015294347
634360415294827
634517115295528
635109215298215
635179315298509
635219615298682
635561415299874
635804715300846
635911615301282
636513815303679
636875315305176
638636515313276
639325115316335
640270815320933
640273715320941
641076215324284
641473715325816
641671415326651
642134015328546
642517615330190
642865815331775
643046115332445
643100615332688
645049015340901
645049415340903
645138015341346
645554815343377
645947015345299
646440815347703
646614915348457
646637015348570
646721815348966
647219215351262
647237715351314
647303915351595
647627915353033
647677215353250
647741015353598
647772015353718
648286115356069
648953615359294
650354715366469
650479815367145
650950215369806
650962715369852
651007515370348
651385815372542
651549215373369
652529915379008
652681515379799
652706415379925
652982215381452
653031015381715
653414715383849
653755315385841
653875815386451
654796615391520
655296615394203
655484115395365
655613415396265
656229215399852
656623915401982
657830215408575
658227215410785
659102415415600
659423915417407
659825515419789
660936015426178
661294415428327
661553115429903
661584815430126
661883915431999
662066115433162
663651315442599
664334315446748
664636615448211
664689015448479
664767315448947
666030115456439
666184415457229
666647215459859
667027115462135
668400315470145
668608615471393
668710415472020
668710515472021
668710815472024
668713415472041
668780315472426
669237315474984
669607215477101
669767915478097
669944315479158
670385015481212
670482315481793
671001915484812
671235215486129
671434615487232
671661715488662
671921415490235
672342315492849
672620015494661
672685815495086
674462415506058
674827515508380
674926115508931
676189015516810
678062715527404
679287815534752
679568815536459
680003515538924
681438315547247
681607115548201
682245415551955
682485615553261
683832615561274
686114915576141
686726815579636
691086415610786
691365515612886
692027115617889
692122515618695
692955515625368
695001715641241
697971015664820
698315615667657
699032815673500
699257315675391


Changes incorporated in this version: 6950017

Patches accumulated and obsoleted by this patch: 113108-01 114357-18 114858-13 114973-03 115021-05 115254-02 115347-01 116053-03 116503-03 117176-02 117458-01 117460-01 117468-20 117469-05 117482-01 117484-03 119439-15 120883-01 121317-02

Patches which conflict with this patch:

Patches required with this patch: 115168-22 117172-17 118559-39 (or greater)

Obsoleted by:

Files included with this patch:

/etc/fs/nfs/mount
/etc/init.d/sshd
/etc/rc0.d/K03sshd
/etc/rc1.d/K03sshd
/etc/rc2.d/K03sshd
/etc/rc3.d/S89sshd
/etc/rcS.d/K03sshd
/etc/security/audit_record_attr
/etc/security/bsmconv
/etc/ssh/moduli
/etc/ssh/sshd_config
/kernel/drv/mpt
/kernel/drv/rts
/kernel/exec/elfexec
/kernel/fs/autofs
/kernel/fs/cachefs
/kernel/fs/nfs
/kernel/fs/specfs
/kernel/fs/tmpfs
/kernel/fs/udfs
/kernel/fs/ufs
/kernel/genunix
/kernel/misc/nfssrv
/kernel/misc/rpcsec
/kernel/misc/rpcsec_gss
/kernel/strmod/rpcmod
/kernel/strmod/rts
/kernel/sys/c2audit
/kernel/sys/doorfs
/kernel/sys/nfs
/kernel/sys/rpcmod
/kernel/sys/shmsys
/platform/i86pc/kadb
/platform/i86pc/kernel/mmu/mmu32
/platform/i86pc/kernel/mmu/mmu36
/platform/i86pc/kernel/unix
/sbin/mount
/sbin/umount
/usr/bin/crontab
/usr/bin/nfsstat
/usr/bin/scp
/usr/bin/sftp
/usr/bin/ssh
/usr/bin/ssh-add
/usr/bin/ssh-agent
/usr/bin/ssh-keygen
/usr/include/bsm/adt.h
/usr/include/nfs/nfs.h
/usr/include/nfs/nfs_clnt.h
/usr/include/nfs/rnode.h
/usr/include/rpc/auth.h
/usr/include/rpc/clnt.h
/usr/include/rpc/rpcsec_gss.h
/usr/include/sys/buf.h
/usr/include/sys/callo.h
/usr/include/sys/cred.h
/usr/include/sys/door.h
/usr/include/sys/door_data.h
/usr/include/sys/door_impl.h
/usr/include/sys/exacct.h
/usr/include/sys/fp.h
/usr/include/sys/fs/pc_fs.h
/usr/include/sys/fs/ufs_fs.h
/usr/include/sys/fs/ufs_inode.h
/usr/include/sys/fs/ufs_log.h
/usr/include/sys/proc.h
/usr/include/sys/session.h
/usr/include/sys/stream.h
/usr/include/sys/strsubr.h
/usr/include/sys/task.h
/usr/include/sys/termios.h
/usr/include/sys/thread.h
/usr/include/sys/timer.h
/usr/include/sys/uio.h
/usr/include/vm/hat.h
/usr/include/vm/page.h
/usr/kernel/fs/pcfs
/usr/lib/abi/abi_libbsm.so.1
/usr/lib/adb/audit_path
/usr/lib/adb/cwrd (deleted)
/usr/lib/adb/door
/usr/lib/adb/fad
/usr/lib/adb/ill
/usr/lib/adb/mpt
/usr/lib/adb/pad
/usr/lib/adb/proc
/usr/lib/adb/task
/usr/lib/adb/thread
/usr/lib/audit/Audit.jar
/usr/lib/autofs/automountd
/usr/lib/fs/nfs/mount
/usr/lib/fs/nfs/share
/usr/lib/fs/nfs/umount
/usr/lib/fs/ufs/fsck
/usr/lib/libbsm.a
/usr/lib/libbsm.so.1
/usr/lib/mdb/kvm/genunix.so
/usr/lib/mdb/kvm/ip.so
/usr/lib/mdb/kvm/sppp.so
/usr/lib/nfs/lockd
/usr/lib/nfs/mountd
/usr/lib/nfs/nfsd
/usr/lib/nfs/nfslogd
/usr/lib/rpcsec.so.1
/usr/lib/ssh/sftp-server
/usr/lib/ssh/ssh-http-proxy-connect
/usr/lib/ssh/ssh-keysign
/usr/lib/ssh/ssh-socks5-proxy-connect
/usr/lib/ssh/sshd
/usr/sbin/auditconfig
/usr/sbin/auditreduce
/usr/sbin/bsmrecord
/usr/sbin/cron
/usr/sbin/inetd
/usr/sbin/mount
/usr/sbin/rpcbind
/usr/sbin/umount
/usr/sbin/vold

Problem Description:

6950017 problem with kernel streams
 
(from 122301-60)
 
6714346 problem with sshd
6921225 problem with kernel/fs
 
(from 122301-59)
 
        Revision skipped.
 
(from 122301-58)
 
        Revision skipped.
 
(from 122301-57)
 
        Revision skipped.
 
(from 122301-56)
 
        Revision skipped.
 
(from 122301-55)
 
4748578 panic: segmap_getmap bad len caused by write()
4974431 BAD TRAP: type 31 - in ufs, running badboy test
6594239 interrupting fssnap when it is being trussed will wedge the system
6979710 mpt driver should not print "No memory availablefor dispatch taskq"
6992573 mpt_poll does not timeout when it is receiving interrupts
 
(from 122301-54)
 
6983156 kmem_alloc(..., KM_NOSLEEP) should never panic
6990328 "alignment error" panic on SPARC when trying to execute an ELF file
 
(from 122301-53)
 
6666472 network performance regression under heavy load (introduced by 4868863)
6861149 UFS panic: ufs_putapage: bn == UFS_HOLE
 
(from 122301-52)
 
6910864 memscrubber should not scrub pages *scheduled* for retirement
6920271 divmod64 produces wrong results on x86 platforms (32-bit) in kernel
 
(from 122301-51)
 
6929555 122300-48 mpt leaves disk target 7 on v445 inaccessible
 
(from 122301-50)
 
6867268 on T2000: vn_rele: vnode ref count 0
 
(from 122301-49)
 
6913655 nfslogd(1M) contains file handling error
 
(from 122301-48)
 
5076262 reduce CE reports from retired pages due to memscrubber
6339759 memscrubber scrubs retired pages
6726858 mpt should not probe its own SCSI ID during BUS_CONFIG_ALL
6792878 Connected and Disconnected command timeouts are still seen with firmware introduced via CR 6573359
6824856 Sun Fire V440 Internal RAID volume continues to resync after every boot w/ patch 138888-07
 
(from 122301-47)
 
4673041 ufs_vget() should not hide its internal errors to VFS_VGET() callers
6504798 ssh fails for users when ngroups_max=32
6838326 UFS: VFS_VGET() can return a vnode for a removed file in transit
 
(from 122301-46)
 
6692373 ptree and ps -ef hang during stress test
 
(from 122301-45)
 
6416714 anon_map_getpages panic during stress test
6615531 cond_wait() returns ESRCH which is not a documented return value
 
(from 122301-44)
 
4768795 accessing character device drivers in block mode will panic the system
6221040 ssh sets not only LANG but also LC_ALL
6646366 strgetmsg() and kstrgetmsg() leak M_SIGs
6646890 rts_wrw() leaks short M_DATA/M_PROTO/M_PCPROTO messages
6726200 comments in qdrain_syncq() do not match the code, and multiple typos in strsubr.c comments
6780627 endless loop between drain_syncq and qdrain_syncq when Q_SQQUEUED is set and q_sqhead==NULL
6800035 delete_memory_thread causes deadlock
 
(from 122301-43)
 
6814383 idle thread stack is untunable on Solaris 9 and too small in some circumstances, leading to panic
 
(from 122301-42)
 
6345171 sendfile needs to rearchitecture vnode function calls
6719214 secure NFS doesn't work in Solaris 9 branded zone
6816071 fsattr(5) auditing shouldn't attempt to record pathnames for invalid fds
 
(from 122301-41)
 
1246893 mmap and write issues
6509627 filling up /tmp hangs Solaris 10+ systems
6647673 tmpfs race condition between write() and mmap() at the end of a file
 
(from 122301-40)
 
6328960 calling fstat() with an fd of AT_FDCWD panics the system
6686086 system call numbers in /etc/name_to_sysnmum should be range checked
 
(from 122301-39)
 
6414737 auditconfig -setasid, -setaudit, -setauid issues
6795688 fsattr(5) auditing needs to be more careful with certain fad_aupaths
 
(from 122301-38)
 
6703850 VMODSORT functionality in pvn_vplist_dirty fails if given offset exceeds highest clean page offset
6761890 ssh protocol security vulnerability may be used to reveal some plaintext
 
(from 122301-37)
 
6687104 door servers can deadlock in handling arguments
6687105 door_call watchpoint problems
6687108 race in transfer of control from a caller to the server
6723423 UFS slow following large file deletion with fix for 6513858 installed
 
(from 122301-36)
 
6744624 cron may ignore jobs when initializing if system clock is reset
6749261 6265036 (delivered in Kernel patches 122300-30/137111-04) changed nanosleep and broke SMS
 
(from 122301-35)
 
6704823 fix for CR 6684003 prevents ssh from X forwarding on IPv4-only system
 
(from 122301-34)
 
6451380 ufs_fiolfs() can race with a forcible unmount
6699443 page retirement can call flush_ecache in a migratable context, leading to panic
6748275 panic in ufs_acl_access due to a race between clearing an ACL and ufs_iaccess()
 
(from 122301-33)
 
6660301 fsck does not fix the file system corruption related to information of rotational position
6670271 UFS: mount/umount loop resulted in FS inconsistency
 
(from 122301-32)
 
6609360 drain_syncq can loop in case a stream is being closed (QWCLOSE)
 
(from 122301-31)
 
4339897 system hangs in ufs_check_lockfs()
4889187 ufs_quiesce()/ufs_readdir()/ufs_create() - 3 way deadlock
6430461 ufs_quiesce() involved in a 4-way deadlock
6482861 clock thread hung causing deadman panic
6510075 ufs_read/ufs_map/pagefault can deadlock when there is a pending ufs_quiesce
6529822 syncq gets stuck and network performance degradation occurs intermittently
6661844 panic from failed assertion in vm_machdep.c at line 735
 
(from 122301-30)
 
6265036 cv_waituntil_sig() often returns early
6696072 logic error in user-level lock system call
 
(from 122301-29)
 
6582272 overreaction to needfree can inundate swap device
6687803 sshd passes incorrect descriptor to audit_sshd_settid() when spawned from inetd
 
(from 122301-28)
 
6513858 deleting large file while creating another on full UFS, spending lots of time in ufs_log_amt() loop
6598255 sshd may print bogus error messages in lastlog_get_entry()
6684003 fix CVE-2008-1483 in SunSSH
 
(from 122301-27)
 
6618839 crontab(1) temporary file creation can be circumvented
6620661 possible race condition issue in crontab(1)
 
(from 122301-26)
 
        Rev26 for x86 was not generated as the bugfixes for rev26
        were only applicable to SPARC platform.
 
(from 122301-25)
 
6402737 IP spends too much time identifying bad remote host when under SYN attack
 
(from 122301-24)
 
        Rev24 for x86 was not generated as the bugfixes for rev24
        were only applicable to SPARC platform.
 
(from 122301-23)
 
6636513 SIGFPE incorrectly delivered to process with masked Floating Point exceptions
 
(from 122301-22)
 
4885638 I_UNLINK can race with itself and corrupt or panic the system
 
(from 122301-21)
 
6450494 LWPs not in the TS scheduling class can lose signals
6547966 panic: free: freeing free block, after newfs -T and fsck
 
(from 122301-20)
 
6343604 specfs race: multiple "last-close" of the same device
6643343 fsck emits unnecessary warnings with -n
 
(from 122301-19)
 
6459470 Max POST on Panther 1800 system leaves Jasper 320 card unusable
6489536 MPT on-bus-timer not configurable, maybe too restrictive
 
(from 122301-18)
 
4822287 Sun Ray servers, dotoprocs holds pidlock for inordinate amount of time
6428658 dotoprocs missing sanity checks leading to system panic
6556134 race between unlink() calls on a namefs node
 
(from 122301-17)
 
4753776 auditconfig -getpinfo prints negative audit SID
4984346 adt_set_user() needs ADT_USER flag for PAM-mediated login sequence
6562292 race between drv_getparm and setpgrp leads to panic
6612944 audit-ID is always zero after applying SSH resync patches
6615848 AUE_SSH audit records have incorrect session-ID after SSH resync patches
 
(from 122301-16)
 
6352196 fsck cannot open disk images
6365138 fsck overzealous when checking mounted read/write filesystem with -n
6431006 new fsck_ufs(1M) should be more helpful when encountering bad CG with bad CG_MAGIC
6525299 mpt driver 1.18 in Solaris 9 requires triple or more time needed to resync HW mirror
 
(from 122301-15)
 
4868863 recv() with MSG_PEEK does not return length of all data
6311428 exacct doesn't account for process's microstate data when it moves between tasks
6455548 exacct can double-count an exiting process
 
(from 122301-14)
 
6233624 page_do_relocate() doesn't wake up thread waiting on old page in page_lock_es()
6326187 page_lock_es() leaves behind SE_EWANTED on page - results in system hang
6472192 panic in cv_wait when exiting a process
 
(from 122301-13)
 
6351793 sfmmu_mlist_enter recursive mutex_enter
6358047 sfmmu_mlist_enter() and hrm_init() deadlock
6477410 fsck complains about BAD/CORRUPT ACL inode
 
(from 122301-12)
 
	Uprev to keep patch revision numbers the same.
 
(from 122301-11)
 
4894015 TIOCSSID and realloctty() will probably panic if used
6297227 deadlock between qdrain_syncq and removeq
6322179 strfreectty() passed a stream that was not yet a ctty
6526815 aiowaitn() causes hung user process
 
(from 122301-10)
 
4959899 UFS: ufs_iinactive incorrectly places inodes on idle queue
6351092 race for t_ctx in removectx() can lead to panic
6386365 mdb hangs on single stepping instruction that causes bus error
6466149 long ph_mutex[] holdtimes in page_hashout() mediated by vph_mutex holds in vpn_vplist_dirty
6538758 sporadic I/O error will cause data corruption in Veritas CFS with VMODSORT mode on
 
(from 122301-09)
 
	Uprev to keep patch revision numbers the same.
 
(from 122301-08)
 
	Uprev to keep patch revision numbers the same.
 
(from 122301-07)
 
4982204 lufs_unsnarf/lufs_snarf no longer needed in remountfs
6515492 kshmdt in Solaris 8/9 should not loop through whole shmem array
 
(from 122301-06)
 
4714273 fchownat() and other extended attribute calls generate incomplete audit records
4767045 possible deadlock on pad_lock
4900516 deadlock between mutex ulp->ul_lock and pagelock p_selock lead to hanging procs
6393251 data corruption caused by VMODSORT problem
 
(from 122301-05)
 
	Uprev to keep patch revision numbers the same.
 
(from 122301-04)
 
6176096 issues with IP fragment handling
6210681 null pointer in ill_frag_free_pkts
6259467 ill_frag_prune() can be invoked with negative number as second argument
 
(from 122301-03)
 
5030581 system became wedged by thundering herd of revolving doors
 
(from 122301-02)
 
6509502 'uname -a' still shows 118558-39 after adding T122300-01
 
(from 122301-01)
 
6464408 timestamp on /var/adm/messages is wrong after 248 days
6473039 no bounds check on m_reply_q in mpt driver
 
(from 121317-02)
 
6272865 race condition between SIGKILL and /proc PCAGENT
6329593 pr_wait_die() can hang while waiting for SIGKILL to be processed
 
(from 121317-01)
 
5031470 doors don't like being both server and client (race in door_call/door_results)
 
(from 117482-01)
 
5012065 audit_setfsat_path() panics on kernel initiated file rename
 
(from 120883-01)
 
5030377 smark turns up as bottleneck in /dev/urandom microbenchmark
 
(from 114858-13)
 
6527064 sshd uses LC_CTIME instead of LC_TIME
6552966 ssh should issue warning message for expired passwords again
 
(from 114858-12)
 
6477720 possible DoS in CRC compensation attack detector for SSH protocol 1
 
(from 114858-11)
 
6466370 security vulnerabilities in OpenSSL may lead to DoS or code execution (CVE-2006-3738,CVE-2006-4343)
6467218 fix RSA signature forgery (CVE-2006-4339)
6476279 multiple vulnerabilities in OpenSSL (CVE-2006-2937, CVE-2006-2940)
6476772 update OpenSSL version string with information about security patches included
 
(from 114858-10)
 
5080828 sshd's default SUPATH = PATH = /usr/bin when SUPATH not set in dflt login
6410762 Solaris 9 SSH patch 113273-11 does not check for SUNWfns dependencies
 
(from 114858-09)
 
6176256 Solaris 9 ssh backporting project
4406914 support draft-ietf-secsh-dh-group-exchange-01.txt
4452339 key_fingerprint needs to support md5/sha/bubblebabble output
4614979 ssh connections break after rekey interval elapses on
4621219 sftp prints incorrect error message if connection refused
4635546 superfluous IP options check in ssh should be removed
4680230 usr/src/cmd/ssh/ssh Makefile needs to have lib dependencies
4707788 implement ClientAlive on the server side
4708846 vis in libopenbsd-compat has I18N problem
4709475 ssh and ssh-keygen: not extracted messages for localization
4710108 sshd: locale environments not passed to shells
4710111 ssh-agent: strings 'echo' should not be extracted for localization
4711335 sshd V1 authentication behaves poorly for invalid users
4713097 sftp: word 'abormally' should be 'abnormally'
4713592 ssh & friends print incorrect error message if server breaks connection at login
4714596 request for filename option in sftp commandline
4719654 ssh: localized messages should be extracted per sentence
4720595 ssh-keygen does not finish with dsa key
4733532 scp leaves connection open
4740969 cli_write() in libssh.a has memory leak
4750989 expired passwords not working with KbdInteractiveAuthentication yes
4759759 ssh(1) doesn't terminate proxy commands on exit
4777436 ssh client should ignore signals which are already ignored
4784872 locales !=  RFC-1766 language tags
4799122 ssh doesn't use getopt(3c) (concatenated options don't work)
4811575 ssh-keygen list fails on long public key entries (base64 encoding > 1024b)
4816590 ssh in Solaris 9 doesn't forward X11 session from 3-party software
4828467 sftp client sends directory path that causes windows interop problems
4837140 sshd sets bogus fixed path and ignores /etc/default/login
4841566 ksh limits ssh/Xauth using -X option with uid's 99 or less
4857179 ssh and password expiry do not work
4862449 SUNWssh needs a resync
4924554 resync'ed ssh cores after connect from Solaris 9 client with mixed locale setting
4925970 sshd logging extra warning messages on console
4926391 fatal_remove_cleanup() should not fatal()
4926624 ssh exits with -1 if stdin is not a terminal
4928964 sshd breaks finger
4964839 SUNWsshdr needs to remove CheckMail from sshd_config
4966521 sshd core dumps/drops connection if server has many locales
4967674 sshd sets LC_ALL and LANG to strange values
4969306 sshd dumps core on root login
4971630 ssh attempts to do exit(-1) arbitrarily when not using ptys
4971810 fix for 4406914 is incomplete - /etc/ssh/moduli is missing
4975057 ssh got smarter about proxy commands, but not enough: always prepends "exec "
4976155 ssh crashes with SEGV when connecting to Sun_SSH_1.1 (in iso_8859_1)
4976745 sshd has a small malloc problem
4977574 sshd dumps core when some clients connect
4982991 Please enter user name: prompt doesn't go away quickly enough
4990122 sshd has a(nother) malloc problem
5002100 ssh displays wrong (useless) 'Last login' date and time
5005870 sshd setsockopt SO_KEEPALIVE Invalid argument error
5006690 sshd does not pass PAM environment variables to its children
5006695 SUNWssh should support GSS-API extensions to SSHv2 (PSARC 2003/778)
5006762 sshd(1M) does not support optimistic key exchange (SSHv2)
5012765 sshd(1M) should do something about privileges (PSARC 2004/677)
5013640 sshd core dumps while trying to log messages, take 2
5014180 ssh should keep /dev/random open
5014600 ssh-add cores if the agent socket could not be opened
5014969 default X11Forwarding to yes in sshd_config (PSARC 2004/011)
5019044 sshd(1M) lets libgss spew on stderr on startup about unconfigured mechs
5020325 sftp: 'get *' coredumps
5021347 ssh commands link with -ldl, shouldn't (-z ignore masked this)
5022903 ssh(1) should support send-break extension
5023074 SUNWsshdr: /etc/ssh is not valid temp directory during install
5025296 sshd should use closefrom() instead of a 3-to-64 close() loop
5036242 sshd(1M) should workaround KEXGSS_HOSTKEY bug in MacOS ssh(1) with GSS
5048596 ssh(1) host-based authentication should try all client host keys, not just 1st
5049660 locale problems with ssh
5054240 ssh should be more descriptive when GSS key exchange fails
5054835 sshd GSS error logic needs a little work
5058293 ssh packages do not declare dependency on GSS-API
5060425 ssh backspace not working
5060618 ssh-keysign needs to utilize privileges
5062508 GSS option names should match OpenSSH's (PSARC/2004/461)
5063375 sshd(1M) PAM svc change after pam_start() ineffective
5066767 sshd dumps core in finish_userauth_do_pam()
5076804 sshd(1M) logs successful login messages to auth.notice (and thence the console)
5082282 sshd core dumps printing usage message
5083048 accepted yes/no strings itself should be displayed
5083197 another coredump in finish_userauth_do_pam()
5088670 RFE 5062528 breaks ssh-agent (missing privileges)
5090324 session id confusion with ssh & su
5094142 sshd calls pam_chauthtok() as root, skips pw quality checks
5094528 ssh(1) core dumps in gssapi userauth
5109225 version string missing from sshd's usage message
5109404 missing whitespace in some ssh messages
5109487 language negotiation not useful after initial key exchange
5109496 packet_set_connection() should be more careful
6181680 sshd doesn't log logouts in utmpx
6182695 sshd debug mode deadlock potential
6185726 MaxStartups now counts all concurrent sessions
5014946 add support to libgss for gss_store_cred() (PSARC 2003/779) (phase 1)
5014951 mech_krb5 needs a krb5_gss_store_cred() (PSARC 2003/779)
 
(from 114858-08)
 
5087792 patch 113273-08 breaks who and last from populating IP/hostname
 
(from 114858-07)
 
5048145 race relating to SIGCHLD in sshd results in ssh hanging
5055703 sshd fails to set PAM_RHOST correctly during authentication
5060548 scp/ssh to Solaris 9 sshd daemon arbitrarily returns success or failure
 
(from 114858-06)
 
5006469 sshd not calling pam_close_session() when exiting
 
(from 114858-05)
 
4939055 ssh does not return standard errors
 
(from 114858-04)
 
4718590 sshd doesn't do proper check when changing expired passwords
4895076 ssh does not allow logins after password expiration when using pk authentication
4725702 sshd fails to report remote address when listening to IPv4 only
 
(from 114858-03)
 
4923312 possible root exploit in ssh
 
(from 114858-02)
 
4860120 ssh echoes back "Kerberos authentication failed: password incorrect"
 
(from 114858-01)
 
4801044 sshd writes incorrect audit session ID for logout events
 
(from 117469-05)
 
4902763 patch 114332-05 fails with error if SUNWvolr is missing
6425176 inetd wastes time when doing serial rsh connections
 
(from 117469-04)
 
4964996 rpc.metamedd does not respond if restarted via inetd
 
(from 117469-03)
 
6260039 at-jobs which don't have corresponding ancillary file fail now
 
(from 117469-02)
 
4685545 audit_inetd_config gets SEGV if /etc/security/audit_event file is empty
4959077 bsmconv should reuse saved audit_startup file if it exists
5076801 audit-ID for cron jobs with missing ancillary file can be wrong
 
(from 117469-01)
 
5082875 bsmrecord -a > somefile displays uninitialized value message
6192370 L1-A audit records are not being generated
 
(from 113108-01)
 
4865731 VOP_READDIR returns uninitialized data on most filesystems
 
(from 115347-01)
 
4762254 panic happened during rsm_api test run in udfs
 
(from 117468-20)
 
6503547 deadlock between utilities accessing /proc and processes using NFS
6710019 automountd might dump core if NFS URL is used
 
(from 117468-19)
 
6566239 nfslog_logbuffer_rename causes nfslogd self deadlock
6578302 nfs3readdirplus updates DNLC asynchronously causing stale filehandles
 
(from 117468-18)
 
6186249 NFS server should not rely on gsscred mapping root princs to UID 0
6591024 kadmind vulnerable to stack buffer overflow in RPCSEC_GSS [MITKRB-SA-2007-006]
 
(from 117468-17)
 
6554841 rpcsec_gss library vulnerability [MITKRB5-SA-2007-004]
 
(from 117468-16)
 
6537553 fix for CR 5014229 needs to be improved in Solaris 9
 
(from 117468-15)
 
6534147 vulnerability in the NFS ACL code may lead to kernel panic
 
(from 117468-14)
 
4857683 silent data corruption writing to NFS file system mounted with nocto
5014229 simultaneously writing to a file shared through NFS produces garbage
6266140 EBUSY errors during unmounting NFS filesystem
 
(from 117468-13)
 
6421340 nfssrv:nfslog_write_logrecords() does not release vnode rwlock on ENOSPC condition..recursive rwenter
 
(from 117468-12)
 
6194271 acl3_getxattrdir / acl2_getxattrdir are missing a VN_RELE
6368753 need a patch solution to 4522909 automountd hangs with executable maps
 
(from 117468-11)
 
6342430 NFS client doesn't notice change of file in server because of bugfix 4407669
 
(from 117468-10)
 
6190519 Solaris 9 NFS client mounting filesystem using NFS V3 hangs on directory with pre-epoch timestamps
 
(from 117468-09)
 
4706036 rename over NFS is slow and CPU intensive
6262249 negative filehandle length can cause nfs3_mount system call to panic
 
(from 117468-08)
 
4955962 bug in handling NFS operations on STALE files
6224764 Solaris 9 df -k fails over NFS lofs with df: cannot canonicalize .: No such file or directory
 
(from 117468-07)
 
        This revision removes unneeded dependency on patch 113987-09.
 
(from 117468-06)
 
6277307 Solaris 9 x86 patch 117176-02 breaks NFS
 
(from 117468-05)
 
5105010 VOP_PATHCONF incorrectly calculates maxfilesize, causing problems for cachefs
 
(from 117468-04)
 
4837290 VPN clients using non-static IPs do not have fully qualified host principal name
4837285 HA-NFS under Sun Cluster and Kerberos must inter-operate
5083133 nfssrv module fills up /var after nfslogd failed to process buffer file
 
(from 117468-03)
 
4960336 NFS mmap(2) does not have consistent behavior to local FSs with DirectIO
 
(from 117468-02)
 
5002826 cthon04: nfsv2 client fails to mount from redhat server
 
(from 117468-01)
 
4976875 under some circumstances using ln and mv file vanished
 
(from 114973-03)
 
5011676 nfssrv: undefined symbol 'rfs3_tsize' after installing patch 113222-04
 
(from 114973-02)
 
        This revision accumulates S9U5 feature point patch 115254-02.
 
(from 114973-01)
 
4716413 rfs3_symlink() does not check for symlink_data == nfs3nametoolong
 
(from 115254-02)
 
4852269 NFS O_RDWR writing very slow from Solaris 7-9 clients to Solaris 10 NFS servers
 
(from 115254-01)
 
4747261 NFSv3 transfer sizes need to be increased
4759341 NFS server does an extra bcopy
4757427 NFS server serializes write requests
 
(from 117176-02)
 
4837290 VPN clients using non-static IPs do not have fully qualified host principal name
 
(from 117176-01)
 
4901380 forked NFS mount process uses stderr but has none
 
(from 117484-03)
 
4898397 file truncates in a PCFS mounted filesystem cause a system panic
5047630 df -k on pcfs mounted USB disk causes panic
 
(from 117484-02)
 
6180557 pc_find_free_space() fails to recognize deleted LFN entries as being free slots
 
(from 117484-01)
 
5065397 FDGETCHANGE is not supported on USB floppy
 
(from 115021-05)
 
6712352 duplicate partitions are not correctly counted by vold
 
(from 115021-04)
 
5035549 vold sometimes stops responding to eject/volcheck request
 
(from 115021-03)
 
4961288 vold does not set noquota in /etc/mnttab
 
(from 115021-02)
 
4895798 Sunfire 480/880 with Solaris 8 - vol.log messages
4903521 warning: either couldn't find a driver for floppy or it's already managed
4905812 vold dumped core shortly after system is booted up
4817817 vold accesses non-existent devices multiple times
 
(from 115021-01)
 
4794712 UFS should support > 1 TB file systems
 
(from 116053-03)
 
6687134 autofs xdr processing problems
 
(from 116053-02)
 
5070448 stack overflow in autofs thread, stack size is not configurable
 
(from 116053-01)
 
4865731 VOP_READDIR returns uninitialized data on most filesystems
 
(from 116503-03)
 
4634519 dead clients significantly delay lockd startup on Solaris 9
6253388 during nlm tests, BAD TRAP: type=31 rp=2a103e08ad0 addr=1 mmu_fsr=0 occurred in module "genunix"
6279317 mountd hangs up when receiving a signal
 
(from 116503-02)
 
4817833 mountd randomly dumps core
4745909 _get_hostserv_inetnetdir_byname/NETDIR_BY may return success on failure
 
(from 116503-01)
 
4898991 mountd leaks memory
 
(from 119439-15)
 
6716617 rpc: svc_run may pass a NULL pointer to putnext
 
(from 119439-14)
 
4971876 memory leak in udp_rput()
 
(from 119439-13)
 
6180225 nfs4getfh_otw() continues to spew forth panics
6530310 Solaris 9 system panicked in nfs:rp_rmhash()
 
(from 119439-12)
 
4859528 svc_poll can loop forever not giving up the CPU
 
(from 119439-11)
 
4728034 race between rmm_open() and rmm_wput() can end in panic
 
(from 119439-10)
 
4985365 several systems are panicing in xdrmblk_init
 
(from 119439-09)
 
6359116 mir_svc_start()/svc_queuereq() deadlock part II
 
(from 119439-08)
 
        This revision corrects an integration issue from the last revision.
        No new bugIDs were included in this revision.
 
(from 119439-07)
 
6297186 seeing fetch_record: dbm_fetch failed error, when manually start nfslogd
6332990 rpcbind saws off the branch it's sitting on (and dumps core)
6355614 rpcbind frees freed memory when forwarded XID rolls over
 
(from 119439-06)
 
6272865 race condition between SIGKILL and /proc PCAGENT
6329593 pr_wait_die() can hang while waiting for SIGKILL to be processed
 
(from 119439-05)
 
5011718 panic: turnstile_block(303137b5cc8): unowned mutex
 
(from 119439-04)
 
4634519 dead clients significantly delay lockd startup on Solaris 9
6253388 during nlm tests, BAD TRAP: type=31 rp=2a103e08ad0 addr=1 mmu_fsr=0 occurred in module "genunix"
6279317 mountd hangs up when receiving a signal
 
(from 119439-03)
 
4653361 rpc need not break chain of mblk
 
(from 119439-02)
 
        Patch rebuilt to fix dependency issues.
 
(from 119439-01)
 
5061331 possible regression of BugId 1117036 in Solaris 9
6214620 nfslogd keeps showing error messages once ndbm becomes an error condition
 
(from 117460-01)
 
5074404 some RTM_* commands return true when they shouldn't
 
(from 114357-18)
 
6221040 ssh sets not only LANG but also LC_ALL
 
(from 114357-17)
 
6822454 ssh patches 114356-17, 114357-17 do not need system reboot
 
(from 114357-16)
 
6761890 ssh protocol security vulnerability may be used to reveal some plaintext
 
(from 114357-15)
 
6697679 sftp - 'ls -l' must print usernames/groupnames instead of uids/gids
 
(from 114357-14)
 
6704823 bugfix 6684003 prevents ssh from X forwarding on IPv4-only system
 
(from 114357-13)
 
6684003 fix CVE-2008-1483 in SunSSH
 
(from 114357-12)
 
6450490 ssh prints banner even when in quiet mode
 
(from 114357-11)
 
6472377 use of system() can cause execution of arbitrary code through malformed filenames (CVE-2006-0225)
 
(from 114357-10)
 
6466370 security vulnerabilities in OpenSSL may lead to DoS or code execution (CVE-2006-3738,CVE-2006-4343)
6467218 fix RSA signature forgery (CVE-2006-4339)
6476279 multiple vulnerabilities in OpenSSL (CVE-2006-2937, CVE-2006-2940)
6476772 update OpenSSL version string with information about security patches included
 
(from 114357-09)
 
6410762 S9 ssh patch 113273-11 does not check for SUNWfns dependencies
 
(from 114357-08)
 
6402708 new ssh in Solaris 9 exits if key fingerprint cannot be found in known_host files
 
(from 114357-07)
 
6176256 S9 ssh backporting project
4406914 support draft-ietf-secsh-dh-group-exchange-01.txt
4452339 key_fingerprint needs to support md5/sha/bubblebabble output
4614979 ssh connections break after the rekey interval elapses on
4621219 sftp prints incorrect error message if connection refused
4635546 superfluous IP options check in ssh should be removed
4680230 usr/src/cmd/ssh/ssh Makefile needs to have lib dependencies
4707788 implement ClientAlive on the server side
4708846 vis in libopenbsd-compat has I18N problem
4709475 ssh and ssh-keygen: not extracted messages for localization
4710108 sshd: locale environments are not passed to shells
4710111 ssh-agent: strings 'echo' should not be extracted for localization
4711335 sshd V1 authentication behaves poorly for invalid users
4713097 sftp: word 'abormally' should be 'abnormally'
4713592 ssh & friends print incorrect error message if server breaks connection at login
4714596 request for filename option in sftp command line
4719654 ssh: localized messages should be extracted per sentence
4720595 ssh-keygen does not finish with dsa key
4733532 scp leaves connection open
4740969 cli_write() in libssh.a has a memory leak
4750989 expired passwords not working with KbdInteractiveAuthentication yes
4759759 ssh(1) doesn't terminate proxy commands on exit
4777436 ssh client should ignore signals which are already ignored
4784872 locales !=  RFC-1766 language tags
4799122 ssh doesn't use getopt(3c) (concatenated options don't work)
4811575 ssh-keygen list fails on long public key entries (base64 encoding > 1024b)
4816590 ssh in Solaris 9 doesn't forward the X11 session from 3-party software
4828467 sftp client sends directory path that causes windows interop problems
4837140 sshd sets bogus fixed path and ignores /etc/default/login
4841566 ksh limits ssh/Xauth using -X option with uid's 99 or less
4857179 ssh and password expiry do not work
4862449 SUNWssh needs a resync
4924554 resync'ed ssh cores after connect from Solaris 9 client with mixed locale setting
4925970 sshd logging extra warning messages on console
4926391 fatal_remove_cleanup() should not fatal()
4926624 ssh exits with -1 if stdin is not a terminal
4928964 sshd breaks finger
4964839 SUNWsshdr needs to remove CheckMail from sshd_config
4966521 sshd core dumps/drops connection if server has many locales
4967674 sshd sets LC_ALL and LANG to strange values
4969306 sshd dumps core on root login
4971630 ssh attempts to do exit(-1) arbitrarily when not using ptys
4971810 fix for 4406914 is incomplete - /etc/ssh/moduli is missing
4975057 ssh got smarter about proxy commands, but not enough: always prepends "exec "
4976155 ssh crashes with SEGV when connecting to Sun_SSH_1.1 (in iso_8859_1)
4976745 sshd has a small malloc problem
4977574 sshd dumps core when some clients connect
4982991 Please enter user name: prompt doesn't go away quickly enough
4990122 sshd has a(nother) malloc problem
5002100 ssh displays wrong (useless) 'Last login' date and time
5005870 sshd setsockopt SO_KEEPALIVE Invalid argument error
5006690 sshd does not pass PAM environment variables to its children
5006695 SUNWssh should support GSS-API extensions to SSHv2 (PSARC 2003/778)
5006762 sshd(1M) does not support optimistic key exchange (SSHv2)
5012765 sshd(1M) should do something about privileges (PSARC 2004/677)
5013640 sshd core dumps while trying to log messages, take 2
5014180 ssh should keep /dev/random open
5014600 ssh-add cores if the agent socket could not be opened
5014969 default X11Forwarding to yes in sshd_config (PSARC 2004/011)
5019044 sshd(1M) lets libgss spew on stderr on startup about unconfigured mechs
5020325 sftp: 'get *' coredumps
5021347 ssh commands link with -ldl, shouldn't (-z ignore masked this)
5022903 ssh(1) should support send-break extension
5023074 SUNWsshdr: /etc/ssh is not a valid temp directory during install
5025296 sshd should use closefrom() instead of a 3-to-64 close() loop
5036242 sshd(1M) should workaround KEXGSS_HOSTKEY bug in MacOS ssh(1) with GSS
5048596 ssh(1) host-based authentication should try all client host keys, not just 1st
5049660 locale problems with ssh
5054240 ssh should be more descriptive when GSS key exchange fails
5054835 sshd GSS error logic needs a little work
5058293 ssh packages do not declare dependency on GSS-API
5060425 ssh backspace not working
5060618 ssh-keysign needs to utilize privileges
5062508 GSS option names should match OpenSSH's (PSARC/2004/461)
5063375 sshd(1M) PAM svc change after pam_start() ineffective
5066767 sshd dumps core in finish_userauth_do_pam()
5076804 sshd(1M) logs successful login messages to auth.notice (and thence the console)
5082282 sshd core dumps printing usage message
5083048 accepted yes/no strings itself should be displayed
5083197 another coredump in finish_userauth_do_pam()
5088670 RFE 5062528 breaks ssh-agent (missing privileges)
5090324 session id confusion with ssh & su
5094142 sshd calls pam_chauthtok() as root, skips pw quality checks
5094528 ssh(1) core dumps in gssapi userauth
5109225 version string missing from sshd's usage message
5109404 missing whitespace in some ssh messages
5109487 language negotiation is not useful after initial key exchange
5109496 packet_set_connection() should be more careful
6181680 sshd doesn't log logouts in utmpx
6182695 sshd debug mode deadlock potential
6185726 MaxStartups now counts all concurrent sessions
5014946 add support to libgss for gss_store_cred() (PSARC 2003/779) (phase 1)
5014951 mech_krb5 needs a krb5_gss_store_cred() (PSARC 2003/779)
 
(from 114357-06)
 
5099653 scp connection that fails reports incorrect return code of 0
 
(from 114357-05)
 
4763864 non-interactive ssh can hang after remote command has exited
4804165 scp host:/file host2:/file fails
 
(from 114357-04)
 
4665983 long command silently truncated without error over ssh
 
(from 114357-03)
 
4939055 ssh does not return standard errors
 
(from 114357-02)
 
4707786 ssh client does not fail requests for unknown channels
 
(from 114357-01)
 
4685658 /usr/bin/ssh always returns 255
 
(from 117458-01)
 
6175381 ISMs show up in core dumps, making it impossible to get core files


Patch Installation Instructions:
--------------------------------
 
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
 
The following example installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/123456-07
 
The following example removes a patch from a standalone system:
 
       example# patchrm 123456-07
 
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.


Special Install Instructions:
-----------------------------
 
Not all patches listed in this section as needed for the completion
of a fix or feature, may be available at the same time as this patch.
This allows the remaining fixes/features to be made available sooner.
 
NOTE 1:  To get the complete fix for BugId 6322179 (strfreectty() passed stream
         that was not yet a ctty), please also install the following patch:
 
         114433-13 (or greater)  Miscellaneous SunOS Commands Patch
 
NOTE 2:  This patch introduces a new mpt.conf property for the mpt(7D)
         driver that permits the enabling of RAID write cache.  Be aware that
         enabling RAID write cache may lead to data corruption if for example
         a power failure occurs and the RAID write cache contents have not been
         completely flushed.  Therefore taking extra precautions (e.g. running
         system on UPS) is recommended when enabling RAID write cache.
 
         RAID write cache can be enabled globally or per controller.  To enable
         RAID write cache globally, insert the following property and setting
         into your mpt.conf before creating your RAID volume:
 
              raid-write-cache=1
 
         Here's an example of enabling RAID write cache for a single SCSI
         controller:
 
              name="mpt" parent="/pci@1f,700000"
                         unit-address="2"
                         raid-write-cache=1;
 
         You must reboot your system for RAID write cache setting to take
         effect.
 
         *NOTE - RAID write cache will not be enabled on existing RAID volumes.
         Existing RAID volumes must be recreated.
 
         The following example can be used to verify whether RAID write cache
         is enabled:
 
             # format -e
         Searching for disks...done
 
         AVAILABLE DISK SELECTIONS:
              0. c1t0d0 <SUN36G cyl 24620 alt 2 hd 27 sec 107>
                  /pci@1f,700000/scsi@2/sd@0,0
              1. c1t1d0 <SUN36G cyl 24620 alt 2 hd 27 sec 107>
                  /pci@1f,700000/scsi@2/sd@1,0
              2. c1t2d0 <SUN36G cyl 24620 alt 2 hd 27 sec 107>
                 /pci@1f,700000/scsi@2/sd@2,0
         Specify disk (enter its number): 2
         selecting c1t2d0
         [disk formatted]
 
         FORMAT MENU:
              disk       - select a disk
              type       - select (define) a disk type
              partition  - select (define) a partition table
              current    - describe the current disk
              format     - format and analyze the disk
              repair     - repair a defective sector
              label      - write label to the disk
              analyze    - surface analysis
              defect     - defect list management
              backup     - search for backup labels
              verify     - read and display labels
              save       - save new disk/partition definitions
              inquiry    - show vendor, product and revision
              scsi       - independent SCSI mode selects
              cache      - enable, disable or query SCSI disk cache
              volname    - set 8-character volume name
              !<cmd>     - execute <cmd>, then return
              quit
              format> cache
 
        CACHE MENU:
              write_cache - display or modify write cache settings
              read_cache  - display or modify read cache settings
              !<cmd>      - execute <cmd>, then return
              quit
              cache> write_cache
 
        WRITE_CACHE MENU:
              display     - display current setting of write cache
              enable      - enable write cache
              disable     - disable write cache
              !<cmd>      - execute <cmd>, then return
              quit
              write_cache> display
              Write Cache is enabled
 
NOTE 3:  This patch requires the package, SUNWfns, to be installed and it
         can be checked by executing 'pkginfo SUNWfns'. SUNWfns is in
         the Solaris 9 CD.
 
NOTE 4:  If you encounter an error message from /usr/lib/gss/gl/mech_krb5.so
         by starting sshd, please use the workaround for BugId 5020096.
 
NOTE 5:  To get the complete fix for multiple vulnerabilities in OpenSSL,
         please also install the following patches:
 
         114568-23 (or greater)  pkg utilities patch
         122715-02 (or greater)  wanboot patch
         123377-01 (or greater)  bootconfchk patch
 
NOTE 6:  To get the complete fix for BugId 6343604 (specfs race: multiple
         "last-close" of the same device), please also install the
         following patches:
 
         114243-21 (or greater)  st driver patch
         125677-02 (or greater)  SunOS Header Files
 
NOTE 7:  To get the complete fix for BugId 6402737 (IP spends too much time
         identifying bad remote host when under SYN attack), please also
         install the following patch:
 
         119435-23 (or greater)  ip patch
 
NOTE 8:  To get the complete NFS Database Acceleration feature. please
         also install the following patch:
 
         115672-01 (or greater)  mntinfo patch
 
NOTE 9:  To get the complete fix of Multiterabyte UFS feature, please also
         install the following patches:
 
         114440-02 (or greater)  devinfo
         115025-01 (or greater)  dqblk
         115027-01 (or greater)  ml_odunit
         115029-01 (or greater)  quota utilities
         115031-01 (or greater)  file system identification utilities
         115034-01 (or greater)  df
         115036-01 (or greater)  mount
 
NOTE 10: To get the complete fix for Atlas support: BugId's 4810810, 4865731,
         4860183, 4860789, 4785321, 4785304, and 4808811; please also install
         the following patches:
 
         116050-01 (or greater)  fdfs      BugId 4865731
         113109-01 (or greater)  xmemfs    BugId 4865731
         114432-06 (or greater)  libc      BugId 4810810
 
NOTE 11: To get the complete fix for ALL the BugId's from 114357-07,
         please also install the following patch:
 
         117178-02 (or greater)  gssapi module patch


README -- Last modified date: Saturday, November 10, 2012