OBSOLETE Patch-ID# 128625-11
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security ldapclient libldap automountd libthread sigbus rpc.nisd mdb sppp.so ldap libsldap.so bsearch 2gb libc ldap_cachemgr sldaputil.so embedded_su
Synopsis: Obsoleted by: 128625-12 SunOS 5.8_x86: LDAP2 client, libc, libthread and libnsl libraries patch
Date: Mar/09/2009
Install Requirements: See Special Install Instructions
After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reboot is performed. Unless
otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.
Solaris Release: 8_x86
SunOS Release: 5.8_x86
Unbundled Product:
Unbundled Release:
Xref: This patch available for SPARC as patch 128624
Topic: SunOS 5.8_x86: LDAP2 client, libc, libthread and libnsl libraries patch
Relevant Architectures: i386
Bugs fixed with this patch:
Changes incorporated in this version: 6710019 6754514
Patches accumulated and obsoleted by this patch: 108828-40 108992-18 108994-67 108998-03 109006-05 109323-09 109462-03 109681-01 110195-01 110406-02 110512-06 110590-02 110701-01 111082-01 111086-02 111091-03 111178-06 111218-02 111300-04 111394-02 111432-01 111465-01 111642-01 111660-07 111781-01 111922-02 112023-01 112219-01 112606-04 125803-01 126374-05 126770-01 126947-01 126955-01 126993-01
Patches which conflict with this patch:
Patches required with this patch: 108529-24 108990-02 110400-01 111024-03 111318-05 113649-03 115828-01 116603-01 (or greater)
Obsoleted by:
Files included with this patch:
/etc/asppp.cf
/etc/default/login
/etc/default/nss
/etc/default/rpc.nisd
/etc/init.d/asppp
/etc/init.d/ldap.client
/etc/init.d/pppd
/etc/lib/nss_files.so.1
/etc/name_to_major
/etc/nsswitch.conf
/etc/nsswitch.dns
/etc/nsswitch.files
/etc/nsswitch.ldap
/etc/nsswitch.nis
/etc/nsswitch.nisplus
/etc/pam.conf
/etc/project
/etc/rc0.d/K41ldap.client
/etc/rc0.d/K50asppp
/etc/rc0.d/K50pppd
/etc/rc1.d/K41ldap.client
/etc/rc1.d/K50asppp
/etc/rc1.d/K50pppd
/etc/rc2.d/S47asppp
/etc/rc2.d/S47pppd
/etc/rc2.d/S71ldap.client
/etc/rcS.d/K41ldap.client
/etc/rcS.d/K50asppp
/etc/rcS.d/K50pppd
/etc/security/exec_attr
/kernel/fs/autofs
/sbin/su.static
/usr/bin/chkey
/usr/bin/ldapadd
/usr/bin/ldapdelete
/usr/bin/ldaplist
/usr/bin/ldapmodify
/usr/bin/ldapmodrdn
/usr/bin/ldapsearch
/usr/bin/login
/usr/bin/nispasswd
/usr/bin/passwd
/usr/bin/pppd
/usr/bin/su
/usr/bin/yppasswd
/usr/include/exacct.h
/usr/include/exacct_impl.h
/usr/include/ldap.h
/usr/include/net/ppp-comp.h
/usr/include/net/ppp_defs.h
/usr/include/net/pppio.h
/usr/include/net/vjcompress.h
/usr/include/netinet/if_ether.h
/usr/include/nl_types.h
/usr/include/nss_dbdefs.h
/usr/include/nsswitch.h
/usr/include/project.h
/usr/include/pthread.h
/usr/include/rpc/clnt.h
/usr/include/rpc/clnt_stat.h
/usr/include/rpc/rpc_com.h
/usr/include/rpc/svc.h
/usr/include/rpc/trace.h
/usr/include/rpcsvc/autofs_prot.h
/usr/include/rpcsvc/autofs_prot.x
/usr/include/rpcsvc/nis.x
/usr/include/rpcsvc/nislib.h
/usr/include/secdb.h
/usr/include/security/pam_appl.h
/usr/include/shadow.h
/usr/include/synch.h
/usr/include/sys/fs/autofs.h
/usr/include/thread_db.h
/usr/include/userdefs.h
/usr/kernel/drv/sppp
/usr/kernel/drv/sppptun
/usr/kernel/drv/sppptun.conf
/usr/kernel/strmod/spppasyn
/usr/kernel/strmod/spppcomp
/usr/kernel/strmod/sppptun
/usr/lib/abi/abi_libc.so.1
/usr/lib/abi/abi_libexacct.so.1
/usr/lib/abi/abi_libnsl.so.1
/usr/lib/abi/abi_libproject.so.1
/usr/lib/abi/abi_libsldap.so.1
/usr/lib/abi/abi_watchmalloc.so.1
/usr/lib/adb/ppp_stats
/usr/lib/adb/pppstat
/usr/lib/adb/sppa
/usr/lib/adb/sppp_ahdlc
/usr/lib/adb/sppp_comp
/usr/lib/adb/spppstr
/usr/lib/adb/vjcompress
/usr/lib/adb/vjstat
/usr/lib/autofs/automountd
/usr/lib/embedded_su
/usr/lib/fs/autofs/automount
/usr/lib/ldap/idsconfig
/usr/lib/ldap/ldap_cachemgr
/usr/lib/libc.a
/usr/lib/libc.so
/usr/lib/libc.so.1
/usr/lib/libdoor.so.1
/usr/lib/libexacct.so
/usr/lib/libexacct.so.1
/usr/lib/libldap.so.4
/usr/lib/libnsl.a
/usr/lib/libnsl.so
/usr/lib/libnsl.so.1
/usr/lib/libp/libc.a
/usr/lib/libpam.so.1
/usr/lib/libproject.so
/usr/lib/libproject.so.1
/usr/lib/libpthread.so.1
/usr/lib/libsldap.so.1
/usr/lib/libthread.so.1
/usr/lib/libthread_db.so.0
/usr/lib/libthread_db.so.1
/usr/lib/llib-lc
/usr/lib/llib-lc.ln
/usr/lib/llib-ldoor.ln
/usr/lib/llib-lexacct
/usr/lib/llib-lexacct.ln
/usr/lib/llib-lnsl
/usr/lib/llib-lnsl.ln
/usr/lib/llib-lpam
/usr/lib/llib-lpam.ln
/usr/lib/llib-lpasswdutil
/usr/lib/llib-lpasswdutil.ln
/usr/lib/llib-lproject
/usr/lib/llib-lproject.ln
/usr/lib/llib-lpthread.ln
/usr/lib/llib-lsldap
/usr/lib/llib-lsldap.ln
/usr/lib/llib-lsldaputil
/usr/lib/llib-lsldaputil.ln
/usr/lib/llib-lthread.ln
/usr/lib/lwp/libthread.so.1
/usr/lib/lwp/libthread_db.so.1
/usr/lib/lwp/llib-lthread.ln
/usr/lib/lwp/llib-lthread_db.ln
/usr/lib/mdb/kvm/sppp.so
/usr/lib/nfs/rquotad
/usr/lib/nis/nisping
/usr/lib/nss_files.so.1
/usr/lib/nss_ldap.so.1
/usr/lib/nss_nis.so.1
/usr/lib/nss_nisplus.so.1
/usr/lib/passwdutil.so
/usr/lib/passwdutil.so.1
/usr/lib/pics/libc_pic.a
/usr/lib/security/pam_authtok_check.so
/usr/lib/security/pam_authtok_check.so.1
/usr/lib/security/pam_authtok_get.so
/usr/lib/security/pam_authtok_get.so.1
/usr/lib/security/pam_authtok_store.so
/usr/lib/security/pam_authtok_store.so.1
/usr/lib/security/pam_dhkeys.so
/usr/lib/security/pam_dhkeys.so.1
/usr/lib/security/pam_dial_auth.so.1
/usr/lib/security/pam_ldap.so.1
/usr/lib/security/pam_passwd_auth.so
/usr/lib/security/pam_passwd_auth.so.1
/usr/lib/security/pam_rhosts_auth.so.1
/usr/lib/security/pam_unix.so.1
/usr/lib/security/pam_unix_account.so
/usr/lib/security/pam_unix_account.so.1
/usr/lib/security/pam_unix_auth.so
/usr/lib/security/pam_unix_auth.so.1
/usr/lib/security/pam_unix_session.so
/usr/lib/security/pam_unix_session.so.1
/usr/lib/sldaputil.so
/usr/lib/sldaputil.so.5
/usr/lib/watchmalloc.so.1
/usr/sbin/aspppd
/usr/sbin/aspppls
/usr/sbin/ldap_gen_profile
/usr/sbin/ldapaddent
/usr/sbin/ldapclient
/usr/sbin/newkey
/usr/sbin/nis_cachemgr
/usr/sbin/rpc.nisd
/usr/sbin/rpc.nispasswdd
/usr/share/src/ppputil/plugins/pppd.h
/usr/xpg4/lib/abi/abi_libpthread.so.1
/usr/xpg4/lib/abi/abi_libthread.so.1
/usr/xpg4/lib/libpthread.so
/usr/xpg4/lib/libpthread.so.1
/usr/xpg4/lib/libthread.so
/usr/xpg4/lib/libthread.so.1
/usr/xpg4/lib/llib-lpthread.ln
/usr/xpg4/lib/llib-lthread.ln
Problem Description:
6710019 automountd might dump core if NFS URL is used
6754514 su(1M) uses wrong facility level to record syslog message
(from 128625-10)
6773445 nss_files leaks in get_wild
(from 128625-09)
6466160 rpc.nisd can hang for 3-4 minutes attempting NIS+ callback if connection to client silently fails
6687134 autofs xdr processing problems
(from 128625-08)
6737566 S8: MT application hangs up as a thread is suspended after getting _calloutlock
(from 128625-07)
6674553 getpwuid slow with bugfix 6540209 - native LDAP client config with compat and use of netgroups
(from 128625-06)
4960217 ldaplist passwd <user> fails if searchdescriptor points to two containers
6660193 bad interaction between Solaris 8 brand and NLSPATH security code
(from 128625-05)
6569824 password reset loops for password changes when owner not allowed to change password aging policy
6609144 ldap_cachemgr needs to be more careful
6610117 ldap_cachemgr caching mechanism has flaws
6629064 ldap_cachemgr cores when debug is enabled on Solaris 9
(from 128625-04)
4791006 ldap_cachemgr initializes ldap_cache_door file with wrong permissions
6508442 nscd hangs with too many sockets open with AD
6528899 misleading native LDAP client error message during reusing closed connection
(from 128625-03)
6293320 gettxt() not MT-SAFE
6406198 regexec with REG_ICASE may not correctly work
6586050 bracket expression with REG_ICASE doesn't match in some locale
(from 128625-02)
6496719 connections should fall back to primary server after it comes back
6566019 minor memory leak during connection failover
(from 128625-01)
6625860 prepatch script from 108993 and 108994 fails to halt patch if SUNWxcu4 package cannot be added
6625861 patches 108993-67 and 108994-67 don't contain SUNWxcu4.stream.pkg required by prepatch script
(from 108994-67)
4660455 pam_dial_auth returns PAM_SUCCESS when it is a NOP
4974005 Purify/dbx reports Memory Leaks in PAM [Solaris 8/9/10]
6295037 passwdutil.so.1 init function has race in MT app when used with dlopen
6386770 pam_authenticate can fail if open files are >= 255 and soft fd limit greater than 256
6467539 nscd's keep persistent connections to even wedged LDAP servers
6481342 null pointer dereference causes crash in CERT_GetNameElement()
6494750 nscd reuses ports after long idle time causes lookup failures
(from 108994-66)
4631734 small memory leak in referral handling in libsldap
4639880 memory leak in __s_api_sortServerPref
4865643 libsldap has memory leaks
4887380 some Native LDAP client functions may take forever using simple paged results
6406153 LDAP authentication causes CDE to core when unlocking screen
(from 108994-65)
4937207 libnsl core dumps in __inet_taddr2uaddr()
(from 108994-64)
4667251 groups command returns number, not name for large group
5080012 LDAP: roles returns NULL if size of roles exceeds 1022 characters
(from 108994-63)
4768758 ldap_cachemgr doesn't disable cancellation
6226776 passwd command will fail if first LDAP server in referral list down
(from 108994-62)
4288129 problem in C standard I/O library
6289986 LDAP backend could be more efficient for netgroup lookups
6362106 LDAP netgroup backend does not handle null user information correctly
6455431 improper usage of locale-sensitive functions
6329240 libsldap: nscd leaks file descriptors, too many opens on ldap_cache_door
(from 108994-61)
6195509 NSCD continually reconnects to LDAP server
6402129 strfmon truncates most significant digit when rounding up
(from 108994-60)
4660084 gethostbyaddr_r leaks if type is not AF_INET
6380248 LDAP clients select incorrect profile on refresh when "cn=" same but "dn=" is different
(from 108994-59)
4989454 ldap_cachemgr failover functionality needs clarification
5077098 ldap_cachemgr still reports LDAP server is up, while it is down
6274517 libsldap: search_state_machine() falls into recursive loop if ldap_search_ext() returns 91
6237466 LDAP client using multiple authentication methods do not fail to second method listed
(from 108994-58)
6294728 ldaplist: very long filter causes ldaplist to dump core in set_filter
6365882 ldaplist should print error messages to stderr not stdout
(from 108994-57)
6301766 deadlock in nis_cachemgr when addressing request to itself
(from 108994-56)
6368753 need patch solution to 4522909 automountd hangs with executable maps
(from 108994-55)
6311010 pam_passwd_auth can't deal with old SunOS aging
(from 108994-54)
4909247 Solaris 8 Client broken .rhosts authentication with patch 108993-21
(from 108994-53)
4751182 strtod() with inf or infinity input sets endptr incorrectly
(from 108994-52)
4756193 ldap_cache_mgr cores
6348147 POSIX timezones 2007 transition dates - U.S. Energy Policy Act of 2005
6371932 Makefile.com fails to link ldapmodify with threads library since putback for 4701811
6373271 ldap/Makefile.com clean target does not remove object files
(from 108994-51)
4419428 libnsl caches stale YP password data
4701755 idsconfig makes unsafe use of temporary files
4701811 Directory Server rootDN password used on command line
4739447 idsconfig needs changes to support DS 5.2 new password config
4857063 LDAP Makefile.com could be tidied up
(from 108994-50)
6262121 Solaris 9 & 8 libldap5 crashes when compiled with -DDEBUG and using SSL
6262153 unable to build libldap5 with LDAP_DEBUG defined for Solaris 8 or 9 due to error in request.c
(from 108994-49)
4626861 if search times out, libsldap logs wrong message
6232564 when interrupted (EINTR) while polling, libsldap should retry poll
6232579 libldap not handling select() failures when issuing connection
(from 108994-48)
4827670 buffer overflow in printf when printing very long string
4843354 snprintf() reduced to sprintf() after 4827670
6182807 printf(3C) can induce memory corruption
(from 108994-47)
6230927 using multiple netgroups in nfs_share access list breaks access list
(from 108994-46)
5055748 memory leak in libsldap/sldaputil
5047250 automountd memory-heap growing on Solaris 8 with 108993-33 patch
4858984 automountd leaks memory when umountall is run
(from 108994-45)
4503714 rpc.nisd memory leaks and SEGVs
4686960 NIS+ replica/domain hangs if master gone and TTL expires on replica
4757387 several daemons die with same stack trace strlen/xdr_nis_name/xdr_directory_obj
4941669 getpwent() calls core dump
4996337 replica stuck sleeping in replica_update following nismkdir/nisrmdir
5046855 unfortunate free() in __nis_destroy_callback()
5071759 minor memory bugs prevent effective use of libumem with rpc.nisd
5109439 rpc.nisd stuck looping in __nis_path()
5067333 need fix for 5036036
6219143 LDAP server failover causes client to delete cert7.db file
(from 108994-44)
4688752 "ldapclient mod" with no arguments causes naming services to fail
4698387 "ldapclient manual" results in "__default_config" error message on console
4698366 "ldapclient list" does not display CACHETTL when it set
4698379 "ldapclient manual" gets default CACHETTL of 3600
4702568 "ldapclient uninit" does not restore /etc/.rootkey
5106725 netname to user resolution won't work for LDAP
(from 108994-43)
4026556 su - command does not pick up locale variables from /etc/TIMEZONE
5022076 pam_ldap:pam_sm_acct_mgmt() uses incorrect password in BIND to LDAP
(from 108994-42)
4643366 groups with no members broken
5069377 libthread opens file without application's consent or knowledge
4954310 automountd runs continuously
6176463 core dump in printf() functions after patch 108993-35 and kernel patch
6182350 printf() behavior changed after fixing 4981484
(from 108994-41)
4894583 su to local account will dump core if LDAP enabled
(from 108994-40)
4858673 innetgr may never return and when it does, may produce incorrect results
(from 108994-39)
5044522 root able to change user passwd if no. of attempts > max_attempts in NIS+
5066336 /usr/lib/lwp/libthread crashes returning in child of fork1()
5084241 thr_suspend(3THR) dequeues already dequeued thread from onprocq
(from 108994-38)
4644308 when public network down, switching to user using "su" hangs
4830406 passwdutil too dumb to handle NIS+ subdomains correctly
4966423 RBAC exec_attr search in LDAP: everything's wild
4966526 problem using RPC_SVC_CONNMAXREC_SET when using rpc mode RPC_SVC_MT_USER
4981868 "passwd <user>" with NIS+ backend chooses wrong uid/credentials for update
4988859 passwd -g, -e, -h cause segfault
5070448 stack overflow in autofs thread, stack size not configurable
(from 108994-37)
4774607 pam_ldap gets confused when root tries to change user's password
4745909 _get_hostserv_inetnetdir_byname/NETDIR_BY may return success on failure
4915053 nss_setent() always fails for setpwent()
5014993 user logins may fail when nsswitch compat mode used with NIS+ or LDAP
(from 108994-36)
5039201 patches 108993-35 & 108994-35 missing correct i.none CAS for SUNWcsl
(from 108994-35)
4342387 libexacct coredumps because of missing data initialization
4890303 pam_ldap should return PAM_AUTH_ERROR instead of PAM_PERM_DENIED
4913437 changing password in NIS+ fails on clients with "Permission denied"
5012514 'passwd <nis+_user>' fails as root on NIS+ systems
4977110 passwd doesn't work with compat entries in /etc/nsswitch.conf
4980441 PAM module pam_dhkeys fails to retrieve changed credentials
4981484 vsprintf does not perform as well as sprintf
5006801 getprojent(3project) dumps core with LDAP project(4) database
5007891 Solaris 8 passwd(1) command may SEGV on NIS+ master servers
(from 108994-34)
4887906 pam_sm_chauthtok() returns 13 (PAM_USER_UNKNOWN) if lastchg=0 for local users
4902137 PPP4.0 using demand option, fails to negotiate MTU above 1500
(from 108994-33)
4490341 nis_cachemgr too reluctant to rebind when server address changes
4765506 NIS+ password problems
4848470 ldap_gen_profile(1M) broken with patch 108993-18
4902302 patch 108993-18+: support generation & use of both versions of client profile
4890233 using 'use_first_pass' for pam_ldap does not work
4920444 libldap.so.4 ber encoding memory corruption
(from 108994-32)
4305504 statd dumped core in add_aliases
4297213 literal IPv4 address code in __mappedtov4 wrong and unnecessary
4390505 swscanf memory leaks
4523936 mountd memory leak when using Native LDAP
4898991 mountd leaks memory
4746114 libpam internationalized messages off by 1 for locale != C
4787488 ldapaddent can only add ethers or bootparams for same hosts, not both
4793719 pam_authtok_check.so.1::circ() too space-conservative
4805635 root may change enduser password in NIS+ without entering own password
4873939 pam and compat do not work after applying patch 108993-18
4877796 passwd (passwdutil) inadvertently resets aging information
(from 108994-31)
4947516 undefined symbol in /etc/lib/nss_files.so.1 between 108993-27 through 108993-30
(from 108994-30)
4253630 nis_first_entry dumps core
4461391 nisplus library SEGV's in stc/nss 64-bit tests
4804971 nss_nisplus: some test cases failed
4738852 NIS: ypserv dev udp opened failed
4779333 LDAP get*ent requests may free already freed memory
4780109 __ns_ldap_firstEntry may return cookie that is freed
4802414 client does not follow referral without hostname
4658569 following referrals does not work in all cases
4874749 passwd -x modifies lastchg field also in /etc/shadow file
4892237 native LDAP 2 on Solaris 8 does not include read support for printers
4916612 bugfix 4684558 breaks mulithomed NIS master to reply correct ip-address
4923449 bugfix 4506972 inadvertently made in Solaris 8 needs to be backed out
(from 108994-29)
4830525 buffer overflow in nss_ldap.so.1
(from 108994-28)
4271957 ucontext_t.uc_link points to garbage
(from 108994-27)
4353836 if more than 255 file descriptors already open then gethostbyname fails
4152876 getspnam_r() fails due to use of fopen() in libnsl.so in applications under load
4156580 getnetlist uses fopen, limiting RPC to 256 descriptors
4852270 libnsl accesses freed memory
(from 108994-26)
1209758 need thread local storage rather than just thread specific data
4292524 POSIX threads created with PTHREAD_INHERIT_SCHED will not inherit t_mappedpri
4465316 TDB Portion of TLS Support
4479187 dtlogin deadlock while invoking Xreset, induced by longjmp()
4491093 default thread attributes initialized correctly by accident
4494324 _libc_thr_keycreate isn't robust w.r.t. memory allocation failures
4496343 ph_lock_ta returns success on failure; caller unlocks unowned rwlock
4501153 bugfix 4461751 breaks old libthread
4504772 rwlock: writers can be starved
4514506 libthread uncontended recursive/errorcheck mutexes much slower
4514508 would like non-error-checking recursive mutex
4519798 libthread should not use alloca()
4528422 process-shared mutexes could benefit from adaptive locking
4622736 zombie threads show up wrong in thread_db (in T2)
4632928 gdb doesn't like new libthread_db
4647410 SIGCANCEL received (and interrupted door_call) with cancellation OFF
4647927 new libthread thr_suspend/continue behaves differently from old libthread
4663077 libthread can deadlock itself on _schedlock
4667173 ti_sigmask is all 0's when 64bit dbx debugs 32bit app
4679005 thr_stksegment() reports incorrect stack sizes
4688450 VSU TC setcontex4.c dumps core due to setcontext() if linked with libthread
4768343 fork() in libthread won't clear deferred signal for child
4769150 libthread should not depend on librt
4769166 x86 libthread could improve current thread references
4786566 mdb dumps core when examining process linked with old_libthread
4792908 new libthread inherits arbitrary restrictions on mutex attributes from old
4819289 threads: ASSERT(sigequalset(&oldset, &self->ul_sigmask))
(from 108994-25)
4684558 NIS server doesn't answer ypbind broadcast request on IPMP failed over interface
4894746 header file autofs_prot.h for autofs version 4 missing in patch 108993-22
(from 108994-24)
4757282 ldapclient init fails with SIGBUS if SSD's are > 15 in profile
4768140 passwd core dumps when changing shell
4776571 applications running on SSL enabled native LDAP clients may crash at termination
(from 108994-23)
4313135 do_accept() does not log enough info when t_open fails
4828271 clnt_create()/clnt_create_timed() don't timeout with unexpected UDP
(from 108994-22)
4705942 invoke_utmp_update(): buffer-overflow bug and pad field written to utmpx wrong
(from 108994-21)
4861279 libsldap: password of proxyagent becomes logged as cleartext
(from 108994-20)
4847047 automountd dumps core when accessing /xfn/_x500 with patch 108993-18
(from 108994-19)
4757993 libthread patch 108827-30 fails to install on AutoClients
4387986 libthread deadlock
4432953 UNIX98: nftw does not set errno=0 before calling walk()
4780417 deferred pthread cancellation in non-cancellation point with DCE
4455838 kernel cancellation handled asynchronously
(from 108994-18)
4767276 rpcbind can be killed remotely
(from 108994-17)
1141585 makecontext() is buggy
(from 108994-16)
4668699 buffer overflow in dbm_open and dbminit (except the one in libc)
4823090 NLDAP2 backport: update idsconfig to use Solaris 8 ldap_gen_profile SYNOPSIS
(from 108994-15)
4820798 restore bootable version of etc/pam.conf file after LDAP2 patch removed
(from 108994-14)
4357827 pam_ldap should fully support password aging
4792396 request to backport Native LDAP Phase 2 to Solaris 8
4807184 bugfix 4720818 overwritten by Native LDAP 2 backport to Solaris 8
(from 108994-13)
4751386 ether_ntohost() fails with rc 1 when resolving data from LDAP
(from 108994-12)
4720818 LDAP naming services fail when domainname greater than 23 characters
(from 108994-11)
4614945 memory leak in getgrent() when using against Native Ldap
(from 108994-10)
4486616 NS_LDAP_SERVER_PREF= in ldap_client_file causes libsldap to crash
(from 108994-09)
4623957 nested netgroups on Solaris 8 Native LDAP I causes getent to core
(from 108994-08)
4357885 passwd dumps core if no gecos field in LDAP entry for user
(from 108994-07)
4459155 mountd in netgroup_check() waiting for LDAP
4632611 putback for 4320901 backed out fix for 4425163
(from 108994-06)
4320901 native LDAP takes long time to try next server in list
(from 108994-05)
4351510 LDAP Switch getgrpgid causes nscd crash
4425163 handling of multiple solarisdatasearchdn still broken
4359677 ldapclient -m -B overwrites previous database rather than adding new one
(from 108994-04)
4409411 LDAP Name Service (nss_ldap) returns unexpected NULL pointer for group passwd
4429802 LDAP Name Service (nss_ldap) neglects to remove "{crypt}" from group password
4480119 _nss_ldap_group2ent() getgrent.c does not use last byte in supplied buffer
(from 108994-03)
1257084 login times out due to excessive time in group lookup
4357778 PSARC 2000/038 creates /etc/default/nss
(from 108994-02)
4353601 i.nsswitch CAS removes non-hosts entries for xfn
(from 108994-01)
4312278 tasks, projects, extended accounting project
(from 110406-02)
4415143 ldapclient fails to handle -i flag
(from 110406-01)
This revision accumulates feature point patch 110195-01.
(from 110195-01)
4310379 ldapclient needs to be smarter to work with install (sysid)
(from 111091-03)
4449613 buffer overflow in libsldap.so.1 leads to root compromise
(from 111091-02)
4357912 cannot change password when ldapclient set to use a replica
(from 111091-01)
4359656 LDAP backend does not search multiple paths as per NS_LDAP_SEARCH_DN parameter
(from 111432-01)
4435628 libldap does not support rfc 2254 encoded characters as used by automountd
(from 108828-40)
4710928 rpcbind exits with segv on both cluster nodes
(from 108828-39)
4530367 after retry timeout - nss_search() no longer retries lookups
4749274 MT-Safe functions such as syslog(3C) and wordexp(3C) cannot use fork()
(from 108828-38)
4767215 incorrect output with kP format, losing significant digits
(from 108828-37)
4680691 doctored rpc calls over UDP can bring down machines through rpcbind
4730459 Solaris 8 libthread library causes coredump
(from 108828-36)
4669963 strong security checks in catgets(3C) break setuid application
4727726 NIS+ user unable to change his/her passwd
(from 108828-35)
4311360 updwtmp(3c) creates files with unspecified permissions
4475044 GNU gettext should be supported
4545738 iconv not picking up geniconvtbl conversion binaries
4629623 regression: iconv_open() can return -1 with incorrect errno values
(from 108828-34)
1226166 rpcbind does not bind with correct network interface
4690775 nisplus_ldap_udt: rpcbind got killed and core dump during nisplus server setup
4683311 rquotad is not largefile aware
(from 108828-33)
4663077 libthread can deadlock itself on _schedlock
(from 108828-32)
4648085 automountd dumps core freeing illegal address in __svc_dupcache_victim()
(from 108828-31)
4691127 possible type overflow in xdr_array
(from 108828-30)
4517003 ypserv spinning after client disconnects
4525671 RPC exit when running out of memory
4616609 libnsl rpcb_clnt.c/add_cache() calls exit() unnecessarily
4617318 more calls to exit() in libnsl
(from 108828-29)
4350332 netdir_getbyaddr fails often for IPv6 addresses
4503048 getutxent_frec sends init looping
(from 108828-28)
1258570 qsort performs poorly with multiple identical keys
4635556 atexit() does not scale. Can cause very slow startup of C++ programs
(from 108828-27)
4525851 DCE 3.1 hangs while configuring
(from 108828-26)
4524527 pstack goes into a loop
(from 108828-25)
4661997 buffer overflow in dbm_open
(from 108828-24)
4318178 wordexp puts automatic string into environment
4444569 Purify reports memory leaks in wordexp(3C)
4656546 Purify UMR errors with Solaris 8 02/02 libthread library
(from 108828-23)
4380626 strcasecmp and strncasecmp broken for 8-bit characters
4617356 dcgettext() doesn't properly restore signal masks
(from 108828-22)
4517584 bad performance due to serialization in mutex_destroy()
(from 108828-21)
4221365 readdir_r() is not POSIX compliant
4523940 more getipnodebyname memory leaks
(from 108828-20)
4617135 status error with ROBUST shm mutexes used with shm condition-variable
4393752 cond_* calls might cause data corruption when used with ROBUST mutexes
(from 108828-19)
4496617 getgrent_r not consistent between 5.7 and 5.8
4614041 UNIX98: execvp does not use standards-conforming shell
(from 108828-18)
4394576 nisgrpadm intermittently fails to update NIS+ group
4484522 call from HotSpot JavaVM to libthread "T1" thr_suspend hangs calling thread
(from 108828-17)
4430473 rpc.nisd: svc_getreqset: No transport handle for fd 291
4484035 vxvm - vxlicense and other commands hang when locale is set
4506569 catgets() function call doesn't return, hang in extract_format()
(from 108828-16)
4510302 UNIX98: *vsu* getpriority returned EINVAL when ESRCH was expected
4528665 deadlock between clnt_create_timed and fork1
(from 108828-15)
4411880 NIS+ cannot handle file descriptors > 1024
4411929 inter-record timeout for non-blocking COTS RPC results in early disconnects
4512099 directory server hangs and returns to normal after applying pstack
4493323 thr_getconcurrency() behaves differently for alt. and default libthread
4491094 thread-specific data memory leak in child of fork1()
4490965 pthread_rwlock_rdlock(): allow multiple read locks with writers waiting
4490889 LIBTHREAD_ERROR_DETECTION race malfunction for USYNC_PROCESS mutexes
4488249 lwp_suspend() livelocks with spin_lock_loop() or continue_fork()
(from 108828-14)
This revision accumulates feature point patch 111922-02
and also includes these additional fixes:
4324788 NIS+ commands may core dump on literal IPv6 address
4497853 THR_BOUND THR_DETACHED thread can run and exit before thrp_create has finished
4515843 bugfix 4307676 causes recursion between libthread and ld.so.1
(from 108828-13)
4393752 cond_* calls might cause data corruption when used with ROBUST mutexes
(from 108828-12)
4433015 libthread & ld.so.1 should not use crt*.o modules provided by compilers
(from 108828-11)
4368163 ypserv starts hundreds of ypserv processes all in defunct-status
4300228 threaded process grows tired of receiving signals
(from 108828-10)
4376585 libthread abysmal when many threads awakened from cond_wait_cancel
(from 108828-09)
4279077 mutex_unlock not atomic when thread is signaled
(from 108828-08)
4335956 msgrcv hangs in multi processor environment due to signal loss
(from 108828-07)
4381908 libthread hangs when both SIGPROF and SIGEMT are arriving
4367192 libthread leaves underlying lwp signal mask with SIGEMT (and SIGPROF) blocked
(from 108828-06)
4236427 Sybase Replication Server crashes on Multi-CPU Ultra Platforms
(from 108828-05)
4336933 fix for overflow problem in bug 4145630 incomplete
(from 108828-04)
4311948 non-static recursive mutexes do not get unlocked
(from 108828-03)
4091466 RFE (request for enhancement) to force core dump instead of libthread hang
(from 108828-02)
4307551 td_sync_get_info() returns incorrect ownership information
(from 108828-01)
4288299 recursive mutexes not properly released
(from 108992-18)
4419882 large select(3c) timeout
(from 108992-17)
4312667 getpriority fails with ESRCH when used on SHR class process
(from 108992-16)
4408502 lfmt(3C) calls ctime() which is MT_Unsafe
4425090 strange files in /var/adm when using utmp library (utmpname())
(from 108992-15)
4428257 kernel patch 106541-15 makes application dysfunctional
4459797 catgets sets errno to EBADF for special message catalog for C locale
(from 108992-14)
4396628 UNIX98: catopen() does not set errno when it receives null or empty string
4386274 check_nlspath_env should avoid using strncmp()
4452064 errno handling of catgets not correct
(from 108992-13)
This revision accumulates feature point patch 111218-02.
(from 108992-12)
1257084 login times out due to excessive time in group lookup
4357778 PSARC 2000/038 creates /etc/default/nss
(from 108992-11)
4395379 door_return mishandles arguments after EINTR
(from 108992-10)
4341290 memory leak in regcomp
(from 108992-09)
This revision accumulates feature point patch 110590-02.
(from 108992-08)
4374039 libc/realpath can still write past end of buffer
(from 108992-07)
4302592 TLI library is not fork-safe
(from 108992-06)
4366956 NLSPATH gettext introduces problems when used printf format specifier
4375449 dtmail crashes when calling catgets with NULL default message
(from 108992-05)
4303962 multi-threaded fork1/execvp can fail because __environ_lock is held in parent
(from 108992-04)
4291844 strftime and strptime MT-Unsafe due to use of tzname[]
(from 108992-03)
4310353 msgids, semids, shmids and msgsnap
(from 108992-02)
4312278 tasks, projects, extended accounting project
(from 108992-01)
4193683 malloc() with very big requested array size works incorrectly
4225913 malloc does not set errno to ENOMEM when not enough memory
4314913 bugfix 4042527 leaves part of heap unusable, so frees cannot combine
4292683 /usr/ucb/shutdown core dumps in syslog()
(from 110590-02)
Patch rev'ed to sync feature gate with generic patch gate.
(from 110590-01)
4355205 System V semaphores suffer from false sharing
4355206 System V semaphore timeout mechanism
(from 109681-01)
4244731 initgroups() doesn't return all groups when RFE 4005653 (full table scans can overload NIS+ servers) is on NIS+ server
(from 111218-02)
This revision includes an escalated fix.
(from 111218-01)
4400361 need to add support for sendfilev() system call
(from 109323-09)
4455896 rpc.nispasswdd failed: RPC: .... NIS+ fatal error: 15
(from 109323-08)
4356567 multiple system daemons loop in clnt_dg_call
(from 109323-07)
4283726 fsck hangs in phase 4 in getpwuid() call
4327396 nis_modify_entry(): deadlock in rpc_fd_lock() with MT NIS table modification
4354007 xdrmem_putbytes and xdrmem_putlong emit syslog error message
(from 109323-06)
4374142 RPC services using RPC_SVC_MT_AUTO can stop listening
(from 109323-05)
4357266 bad line syntax in /etc/hosts causes host table lookup to abort early
(from 109323-04)
4336332 svc_getreqset (t_accept) returns illegal file descriptor
(from 109323-03)
4302592 TLI library is not fork-safe
(from 109323-02)
4320661 getipnodebyname hangs on mutex when requesting IPv6 literal
(from 109323-01)
4305859 libnsl security bug
(from 111178-06)
4413227 cond_* calls might cause data corruption when used with ROBUST mutexes
(from 111178-05)
This revision accumulates feature point patch 111642-01.
(from 111178-04)
4433015 libthread & ld.so.1 should not use crt*.o modules provided by compilers
(from 111178-03)
4441422 FP control state lost on thread_create with alt_libthread
(from 111178-02)
4421186 prex aborts when using /usr/lib/lwp/libthread.so on Solaris 8
(from 111178-01)
4393363 lwp/libthread_db doesn't work with core files
(from 109462-03)
4407002 UNIX98: pthread wrapper needed in /usr/xpg4/lib
4390345 UNIX98: SCHED_FIFO and SCHED_RR threads fail to enter real time class
4371624 UNIX98: aio_fsync signal arrives before aio_read signal
(from 109462-02)
4336933 fix for overflow problem in bug 4145630 incomplete
(from 109462-01)
4305389 SIGPROF/SIGEMT erroneously masked for some threads/LWPs
(from 111642-01)
4423126 pthread_getspecific()/thr_getspecific() can be made up to 4x faster
(from 111922-02)
This revision accumulates feature point patch 112023-01.
(from 111922-01)
1167742 MUTEX_HELD and similar macros don't do a very good test
1239168 introduce pthread_cond_timedwait_np() which takes relative timeout arg
4160415 door_return has evil knowledge of libthread internals
4196528 thr_stksegment() returns incorrect stack information
4285623 libthread siglongjmp should not restore SPARC application globals
4298024 32-bit popen(3S) does not set errno when fd > 255
4299191 alternate libthread needs improvement
4304367 performance problem in SIGPROF handling with alternate libthread
4307676 libthreads (alt and default) need consistent handshake with ld.so.1
4309140 libthread should lazyload librt
4324815 need interface to provide information about recursive mutexes etc
4325063 alternate libthread lock statistics must be aware of dynamic linker
4332046 alternate libthread: thr_create() not fork1-safe on x86
4332595 system(3S) and popen(3S) should be made thread-safe
4332614 definitions of DEFAULTRWLOCK and SHAREDRWLOCK incorrect
4334488 libthread should set and clear PTHREAD_PRIO_INHERIT mutex lock byte
4341150 private memory allocator inconsistency causes SEGVs
4343787 need infrastructure to enable OS-NET libraries to become fork1-safe
4367496 restore _sigon/_sigoff until alternative is phased in
4372508 incorrect field being used for T_TEMPBOUND in libthread/common/disp.c
4380494 nanosleep() isn't acting as cancellation point for deferred cancellation
4384709 error in <pthread.h>
4390347 UNIX98: pthread_detach() should not be a cancellation point
4391115 alt libthread library clobbers preemption control state
4393752 cond_* calls might cause data corruption when used with ROBUST mutexes
4401864 PTHREAD_MUTEX_ERRORCHECK should work across process boundaries
4402453 thr_create segfaults in child of fork1
4402909 libthread missing mutex_held(), rw_read_held(), rw_write_held(), and sema_held()
4403938 doors cancellation doesn't work with alternate libthread
4404805 /usr/lib/sparcv9/libthread.so.1 doesn't inline curthread()
4413203 lock primitive data types need to be cleaned up and made consistent
4413363 __free_selector() called with wrong argument if sysi86(SI86DSCR) fails
4413411 implement user-level sleep queues in alternate libthread
4421485 add setcontext() to libc/libthread jump table
4422968 need to set fp of door server to 0 on Intel
4424606 race between sigprocmask and sigacthandler causes assertion failure
4424844 dueling libthreads result in mutual annihilation
4425392 alternate libthread should provide _libthread_sema_wait() function
4433072 alternate libthread_db: td_thr_get_info() returns empty ti_sigmask
4433373 alt. libthread should optimize case of mutex_unlock() with no waiters
4438470 T2: primordial threads need to have tid and lid of 1
4445697 T2: calling _thr_main() in middle of init will seg fault
4445802 thr_slot_get()/thr_slot_set() should be ripped out
4449557 improve speed of uncontended mutex_lock()/mutex_unlock()
4451547 thr_setmutator() returns spurious EINVAL when marking thread as non-mutator
4452634 old libthread.so.1 fails to build on 32-bit sparc kernel
4454327 libthread should have option to defer signals within cond_wait()
4455654 many problems with thread suspend/continue
4464111 thread cancelled in pthread_cond_wait() consumes condition signal
4468559 restore tag names of lock structs for threaded programs in system headers
4478852 libthread assertion failure in sigaction.c with sigsuspend()
(from 112023-01)
4485436 require support of one-way asynchronous model to RPC library
(from 110701-01)
4341272 kernel and /etc/mnttab do not contain reliable info on automounted filesystems
(from 111086-02)
4516885 *login* security problem
(from 111086-01)
4291278 /bin/login misses failure when logging to /var/adm/loginlog
(from 111300-04)
4683015 aspppls unsafely opens /tmp/.asppp.fifo file
(from 111300-03)
4516011 pppd fails with "Failed to open /dev/hihp0: Device busy" error
4517632 pppd erroneously falls back on Configure-Reject for Magic-Number
(from 111300-02)
This revision accumulates feature point patch 111465-01.
(from 111300-01)
This revision accumulates feature point patch 111082-01.
(from 111082-01)
1264523 aspppd must be restarted when new PAP identification added
4098801 request to turn off hardware flow control feature on ppp
4410142 libpam does not lint cleanly
(from 111465-01)
4328476 RFE: PPPoE (RFC 2516) client support in Solaris
4421547 uts/common/io/ppp/sppp/sppp.c includes __DATE__ and __TIME__
4421548 uts/common/io/ppp/spppasyn/spppasyn.c includes __DATE__ and __TIME__
4421549 uts/common/io/ppp/spppcomp/spppcomp.c includes __DATE__ and __TIME__
4419454 idle option doesn't work if lcp-echo-interval/chap-interval is used
(from 111781-01)
4452726 maxconnect timeout causes SIGSEGV
(from 111660-07)
4099654 no convenient method of reactivating inactive accounts
4393399 bugfix 4180899 changes password prompt behavior of pam_unix
(from 111660-06)
4450103 ftp login fails on system under full load
(from 111660-05)
4462175 passwd -g option does not work as advertised
(from 111660-04)
4452232 passwd -D domainname ignored - uses default domainname
(from 111660-03)
4250887 pam_open_session() segfaults if PAM_RHOST or PAM_TTY == NULL
(from 111660-02)
4112707 password expiration (passwd -f) doesn't work correctly
4284795 when passwd given -r option, it ignores /etc/pam.conf
(from 111660-01)
4392250 "passwd -r nis -e user" causes rpc.yppasswdd down
(from 112219-01)
4384816 users able to authenticate in pam_ldap with NULL password
(from 112606-04)
4525971 autofs passes nonsensical unmount requests to automountd, which may then spin
(from 112606-03)
4471199 autofs deadlock when thread allowed to stop() while holding mutex
(from 112606-02)
4631449 race condition in autofs between auto_perform_link and auto_search
(from 112606-01)
4506578 Solaris 8, lofs panic, NULL vfs ptr passed into makelfsnode()
(from 111394-02)
4308622 automountd dumps core while umounting mounted file systems
(from 111394-01)
4379906 automounter LDAP wildcard key lookup incorrect
(from 108998-03)
This revision reinstates the new /var/adm/exacct directory which got
dropped from -02.
(from 108998-02)
4305365 kernel, libexacct need to be marked as dependent on common/exacct
4313746 ea_set_item and ea_object_t definitions don't agree well
4313747 ea_attach functions not hardened against incorrect types
4314201 extended accounting partial records not distinguishable from full
(from 108998-01)
4312278 tasks, projects, extended accounting project
(from 109006-05)
4487986 su(1M) limits TZ to 26 characters
(from 109006-04)
4411652 'su' command fails to correctly log failed attempts to assume role - RBAC
(from 109006-03)
4331401 segmentation violation in au_user_mask()
(from 109006-02)
4374692 su does not warn about logins of imminent expiry
(from 109006-01)
4312278 tasks, projects, extended accounting project
(from 110512-06)
1226166 rpcbind does not bind with correct network interface
4690775 nisplus_ldap_udt: rpcbind got killed and core dump during nisplus server setup
(from 110512-05)
4686223 rpc.nisd_resolv fails in startup after patch 110511-03 installed
(from 110512-04)
4471041 rpc.nisd should accept rpc records > 9K for non-blocking transfers
(from 110512-03)
4411880 NIS+ cannot handle file descriptors > 1024
4411929 inter-record timeout for non-blocking COTS RPC results in early disconnects
(from 110512-02)
4280714 rpc.nisd hangs and consumes a lot of memory
(from 110512-01)
4326943 gets hundreds of __directory_object: Failed to lookup ... no such name
(from 125803-01)
6176096 DoS attack on IP fragment handling
6210681 null pointer in ill_frag_free_pkts
6259467 ill_frag_prune() can be invoked with negative number as second argument
(from 126374-05)
6591680 users failed to log in at first attempt but could log in at second attempt
(from 126374-04)
6555239 pam_ldap to take into account DS52p5 and follow new encoding for Account Availability control
(from 126374-03)
6540209 nscd in nss_compat:ldap keeps a lot of memory
(from 126374-02)
6404337 nscd crashes in libsldap:get_mapped_filter() when using invalid chars in search filter
(from 126374-01)
4636233 libsldap logs far too much
4765530 server failover causes syslog messages with every LDAP request
(from 126770-01)
6505933 bsearch breaks if table size larger than 2GB
(from 126947-01)
6457110 pkill -HUP ldap_cachemgr alters NS_LDAP_CACHETTL in ldap_client_file
(from 126955-01)
6529860 nscd core dumps in prldap_set_ld_error
(from 126993-01)
6219774 embedded_su: create new variation on su for use by other programs (PSARC 2004/695)
Patch Installation Instructions:
--------------------------------
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' scripts provided with Solaris.
The following example installs a patch to a standalone machine:
example# patchadd /var/spool/patch/123456-07
The following example removes a patch from a standalone system:
example# patchrm 123456-07
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.
Special Install Instructions:
-----------------------------
Not all patches listed in this section as needed for the completion
of a fix or feature, may be available at the same time as this patch.
This allows the remaining fixes/features to be made available sooner.
NOTE 1: Reboot the system while in single user mode after patch installation.
NOTE 2: VERITAS Volume Manager (VxVM) commands may break after installing
patch 108827-15 or greater.
- After installation of 108827-15 or greater, a subset of VxVM
commands may produce error messages which contain the text
"referenced symbol not found".
For example:
# vxlicense -c
ld.so.1: vxlicense: fatal: relocation error: file /etc/vx/slib/libnsl.so.1:
symbol _libc_register_forkhandler: referenced symbol not found
Killed
The workaround is to add "usr/lib" to environment variable
LD_LIBRARY_PATH before running the VERITAS commands. The full
workaround is documented in SunAlert document 42797. VERITAS
has committed to fix this problem in the next VxVM 3.1.1 and
3.2 patch releases.
NOTE 3: Native LDAP Phase 2 to Solaris 8
a) ldapclient -f certificatepath option is non-functional
If using ldapclient -P, the default certificate path (/var/ldap)
will always be used.
The -f certificatepath option will report an error.
The workaround is to copy your certificate db's to /var/ldap.
b) ldapaddent: does not function with tls specified
You cannot use ldapaddent with tls at present. If you wish to
protect the data sent to ldapaddent, you must either run
ldapaddent on the server running the LDAP server that you will
write the data to. (You must make the LDAP server a client of
itself to do this - which is not a supported configuration.)
Alternately, you can use ipsec or a private network.
NOTE 4: The following patches can be installed to obtain further documentation
and man pages:
114256-01 (or greater) System Administration documentation
108809-43 (or greater) Manual Page updates for Solaris 8
NOTE 5: During patchadd, before the /etc/pam.conf file is changed, a copy of
the current version is saved as /etc/pam.conf.pre<patchid>. If the
patch is removed, the existing /etc/pam.conf file is copied to
/etc/pam.conf.<patchid> and then the previous version is restored
to /etc/pam.conf from the existing /etc/pam.con.pre<patchid> file.
The method of restoring the file is not supported if the following
action(s) occur:
a) /etc/pam.conf is changed after the patch has been installed.
b) same rev of the patch is installed more than once.
NOTE 6: To get the complete support for Tasks, Projects and Accounting,
please also install the following patches:
108996-01 (or greater) /usr/lib/libproc.so.1 patch
109004-01 (or greater) /etc/init.d/acctadm and
/usr/sbin/acctadm patch
109000-01 (or greater) PAM patch
109008-01 (or greater) at/atrm/batch/cron patch
109010-01 (or greater) /etc/magic and /usr/bin/file patch
109012-01 (or greater) /usr/bin/id and /usr/xpg4/bin/id patch
109014-01 (or greater) /usr/bin/lastcomm patch
109016-01 (or greater) /usr/bin/newtask patch
109018-01 (or greater) /usr/bin/pgrep and /usr/bin/pkill patch
109020-01 (or greater) /usr/bin/priocntl patch
109022-01 (or greater) /usr/bin/projects patch
109026-01 (or greater) /usr/bin/i86/truss patch
109028-01 (or greater) /usr/bin/wracct patch
109024-01 (or greater) /usr/bin/i86/ps patch
109030-01 (or greater) perl patch
109034-01 (or greater) /usr/bin/i86/prstat patch
109036-01 (or greater) useradd/userdel/usermod patch
109038-01 (or greater) /var/yp/Makefile and
/var/yp/nicknames patch
109032-01 (or greater) projadd/projdel/projmod patch
NOTE 7: To get the complete fix for 4310353 (msgids, semids, shmids and
msgsnap -- provide all of the System 5 message queue identifiers
in the system), please also install the following patches:
109237-01 (or greater) msgsys, semsys and shmsys patch
109239-01 (or greater) ipcs patch
NOTE 8: To get the complete fix for:
4355205 System V semaphores suffer from false sharing
4355206 System V semaphore timeout mechanism
please also install the following patch:
109026-02 (or greater) truss patch
NOTE 9: To get the complete NCAfs, NCA Proxy and sendfilev() feature,
please also install the following patches:
108996-02 (or greater) libproc.so.1 patch
109026-04 (or greater) truss patch
109235-04 (or greater) Apache Security & NCA patch
109473-06 (or greater) tcp driver patch
111296-01 (or greater) pstack patch
111298-01 (or greater) libsendfile.so.1 patch
NOTE 10: To get the complete T2 Modifications to "Alternate Libthread
in Solaris 8" feature, please also install the following patches:
109026-05 (or greater) truss patch
108996-03 (or greater) libproc patch
109046-03 (or greater) crash patch
NOTE 11: To get the complete Sun RPC Library feature, please also
install the following patch:
112166-01 (or greater) rpcgen patch
NOTE 12: When responding to the question:
Do you wish to continue this installation {yes or no} [yes]?
(by default, installation will continue in 60 seconds)
A 'kill <pid>' is shown when default behavior is specified
(e.g. yes). This is harmless.
NOTE 13: The fix for 4614041 involves a dependency on /usr/xpg4/bin/sh
which is delivered in the optional package SUNWxcu4. To ensure
that libc functions correctly, this package is automatically
installed on user's system if it does not exist. The stream
formatted base FCS SUNWxcu4 package included with this patch
is "SUNWxcu4.stream.pkg".
NOTE 14: To get the complete fix for bugid 4691127 (possible type overflow
in xdr_array), please also install the following patch:
108902-05 (or greater) rpcmod patch
NOTE 15: To get the complete fix for bugids 4475044, 4335175 and 4340959,
please also install the following patch:
113416-01 (or greater) GNU gettext patch
NOTE 16: To get complete feature for Solaris 8 PPP 4.0, please also install
the following packages from Solaris 8 Update 5 (07/01) Release:
SUNWpppd (Solaris PPP Device Drivers)
SUNWpppdr (Solaris PPP configuration files)
SUNWpppdu (Solaris PPP daemon and utilities)
SUNWpppg (GNU utilities for PPP)
SUNWpppgS (Source for the GNU utilities for PPP)
NOTE 17: To get the complete support for PPP over Ethernet, please also
install:
the new package SUNWpppdt (Solaris PPP Tunneling)
from Solaris 8 Update 6 (10/01) Release
and the following patch:
108965-06 (or greater) snoop patch
NOTE 18: To get the complete fix for 4392250 ("passwd -r nis -e user " causes
rpc.yppasswdd down), please also install the following patch:
111597-02 (or greater) rpc.yppasswdd patch
NOTE 19: To get the complete security fix for bugid 4668699 (buffer overflow
in dbm_open), please also install the following patch:
114617-01 (or greater) libdbm patch
NOTE 20: The fix for 4506972 included in 108993-18 and 108994-18 changed the
behavior of some commands such as cron(1M), rcp(1) and OpenSSH for
locked accounts. Accounts which have been locked (via 'passwd -l'
command) contain the string "*LK*" in the password field of the
shadow(4) file. Users with locked accounts were no longer able
to execute cron jobs successfully or issue rcp(1) commands with
.rhosts files for example. This changed behavior has been backed
out and the original behavior of affected commands such as cron(1),
rcp(1) and OpenSSH has been restored with the fix for 4923449
which is included in 108993-30 and 108994-30 and later revisions
of these patches.
Solaris 9 and future releases will keep the fix for 4506972
and the new behavior of locked accounts for commands such
as cron(1M), rcp(1), and OpenSSH will remain.
NOTE 21: To get the complete fix for bugid 4503714 (rpc.nisd memory
leaks and SEGVs), please also install the following patch:
110270-02 (or greater) libnisdb.so.2 patch
NOTE 22: To get the complete fix for "U.S. Energy Policy Act of 2005"
which will change daylight saving time transition dates of
United States timezones, beginning in 2007, please also install
the following patch:
109810-02 (or greater) timezone data patch
Solaris supports two types of timezones: POSIX timezones and
zoneinfo timezones. This patch incorporates the fix for
"U.S. Energy Policy Act of 2005" for POSIX timezones, whereas
patch 109810-02 incorporates the fix for "U.S. Energy Policy
Act of 2005" for zoneinfo timezones. In Solaris, the default
transition dates for POSIX timezones (when the transition date
is not specified) use U.S. rules.
Note this patch does not include the fix for DST changes in 2006
for Australia. Those fixes are in aforementioned Patch 109810-02,
where the zoneinfo timezones for Australia are fixed.
NOTE 23: To get the complete fix for 4909247 (Solaris 8 Client has broken
.rhosts authentication with patch 108993-21), the LDAP server must
be Sun Java System Directory server 5.2 patch 4 or newer, and
pam_ldap(5) must be used for account management. Then, in cases
where there is no user authentication token (PAM_AUTHTOK) available,
the pam_sm_acct_mgmt(3PAM) function from pam_ldap(5) tries to
retrieve the user's account status without authenticating to the
LDAP server as the user logging in.
NOTE 24: To get the complete fix for:
6176096 DoS attack on IP fragment handling
6210681 null pointer in ill_frag_free_pkts
6259467 ill_frag_prune() can be invoked with negative number
as second argument
please also install the following patches:
116966-25 (or greater) ip/arp/tcp/udp/tun patch
116976-03 (or greater) kadb patch
NOTE 25: To get the complete fix for bugid 6710019 (automountd might dump core
if NFS URL is used), please, also install the following patch:
113649-05 (or greater) mount patch
NOTE: The list of 'patches required with this patch' (above) has been
modified from the list specified at patch creation time. The reason for
the modification is that one or more of the required patches was
either never released or withdrawn after its release. The following
substitutions (which are guaranteed to satisfy the original requirements)
were therefore made:
108990-02 replaces 108990-01
README -- Last modified date: Saturday, November 10, 2012