OBSOLETE Patch-ID# 126254-02
Download this patch from My Oracle Support
|
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
|
For further information on patching best practices and resources, please
see the following links:
|
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security openssl libssl cve-2006-4339 cve-2006-3738 cve-2006-4343 cve-2006-2937 cve-2006-2940
Synopsis: Obsoleted by: 127112-08 SunOS 5.10_x86: libssl patch
Date: Sep/28/2007
Install Requirements: After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reboot is performed. Unless
otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.
Solaris Release: 10_x86
SunOS Release: 5.10_x86
Unbundled Product:
Unbundled Release:
Xref: This patch available for SPARC as patch 126674
Topic: SunOS 5.10_x86: libssl patch
Relevant Architectures: i386
Bugs fixed with this patch:
Changes incorporated in this version: 6555870
Patches accumulated and obsoleted by this patch: 121230-02
Patches which conflict with this patch:
Patches required with this patch: 118855-36 (or greater)
Obsoleted by: 127112-08
Files included with this patch:
/usr/sfw/include/openssl/dh.h
/usr/sfw/include/openssl/dsa.h
/usr/sfw/include/openssl/opensslconf.h
/usr/sfw/include/openssl/opensslv.h
/usr/sfw/include/openssl/rsa.h
/usr/sfw/include/openssl/ssl.h
/usr/sfw/lib/amd64/libcrypto.so.0.9.7
/usr/sfw/lib/amd64/libssl.so.0.9.7
/usr/sfw/lib/libcrypto.so.0.9.7
/usr/sfw/lib/libssl.so.0.9.7
Problem Description:
6555870 openssl core dumps in smime subcommand with -encrypt option
(from 126254-01)
Accumulated patch 121230-02.
(from 121230-02)
6466370 security vulnerabilities in OpenSSL may lead to DoS or code execution (CVE-2006-3738,CVE-2006-4343)
6467218 fix RSA signature forgery (CVE-2006-4339)
6476279 multiple vulnerabilities in OpenSSL (CVE-2006-2937, CVE-2006-2940)
6476772 update OpenSSL version string with information about security patches included
6483054 OpenSSL lacks Thread Support
(from 121230-01)
6332476 CAN-2005-2969 upgrade OpenSSL to 0.9.7h or 0.9.8a
Patch Installation Instructions:
--------------------------------
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions. The following example
installs a patch to a standalone machine:
example# patchadd /var/spool/patch/104945-02
The following example removes a patch from a standalone system:
example# patchrm 104945-02
For additional examples please see the appropriate man pages.
Special Install Instructions:
-----------------------------
NOTE 1: Before installing this patch, please be sure to install the latest
patch utilities patches for your OS. This list of patches is defined
at http://sunsolve.sun.com
Please use the pull down list which appears after the text:
"Latest Patch Update: To ensure the correct functioning of the
patching utilities on your system, stay up to date on the
following patches"
README -- Last modified date: Saturday, November 10, 2012