OBSOLETE Patch-ID# 141031-11


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security passwdutil iig idsconfig indexing nss_ldap getbymember _success _dbop_group_bymember core ldap_cachemgr hang password native dsconf passwd nisplus corruption nisd udp
Synopsis: Obsoleted by: 142437-04 SunOS 5.10_x86: passwd patch
Date: Mar/24/2010


Install Requirements: After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reboot is performed. Unless
otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.

Solaris Release: 10_x86

SunOS Release: 5.10_x86

Unbundled Product:

Unbundled Release:

Xref: This patch available for SPARC as patch 141030

Topic: SunOS 5.10_x86: passwd patch

Relevant Architectures: i386

Bugs fixed with this patch:

Sun CR # Bug #
430032615009963
462216615092882
479676615139071
490460315172125
622511715247587
632951615289166
646616015348463
649351315361194
650937415369712
653754915385840
656124915399234
656344315400475
658019215409663
658535015412503
661569315430011
661907115432127
662638115436456
663334715440652
663622815442403
664407715447183
666938615461585
667754715466241
669925015479049
671517115487762
671584315488224
673728415501488
674038215503472
674047415503522
674130515504041
677489515524694
679374215535321
679737815537409
680595915542352
681040715544894
683969315562104
684241915563716
684418615564844
684976715568563
685608415572943
686370915577833
686429615578101
689046815595828
689551515599442
690165215603848


Changes incorporated in this version: 6619071

Patches accumulated and obsoleted by this patch: 122086-01 138047-02 138264-03 138875-05 139505-01 139569-01 140108-01 140127-01 140145-01 140147-01 140166-01 140168-01 140392-03 140918-02 141023-02 141543-01

Patches which conflict with this patch:

Patches required with this patch: 118855-36 120012-14 127128-11 137138-09 139556-08 (or greater)

Obsoleted by: 142437-04

Files included with this patch:

/lib/amd64/libnsl.so.1
/lib/amd64/llib-lnsl.ln
/lib/amd64/nss_dns.so.1
/lib/amd64/nss_nisplus.so.1
/lib/libnsl.so.1
/lib/llib-lnsl
/lib/llib-lnsl.ln
/lib/nss_dns.so.1
/lib/nss_nisplus.so.1
/usr/bin/chkey
/usr/bin/nisaddcred
/usr/bin/passwd
/usr/include/rpcsvc/nispasswd.h
/usr/include/rpcsvc/nispasswd.x
/usr/lib/amd64/libsldap.so.1
/usr/lib/amd64/llib-lpasswdutil.ln
/usr/lib/amd64/nss_ldap.so.1
/usr/lib/amd64/passwdutil.so.1
/usr/lib/ldap/idsconfig
/usr/lib/ldap/ldap_cachemgr
/usr/lib/libsldap.so.1
/usr/lib/llib-lpasswdutil.ln
/usr/lib/nss_ldap.so.1
/usr/lib/passwdutil.so.1
/usr/lib/security/amd64/pam_dhkeys.so.1
/usr/lib/security/pam_dhkeys.so.1
/usr/sbin/ldapaddent
/usr/sbin/ldapclient
/usr/sbin/newkey
/usr/sbin/nscd
/usr/sbin/rpc.nisd
/usr/sbin/rpc.nispasswdd

Problem Description:

6619071 when LDAP config'd w/ mult. auth. methods, nscd keeps creating connections if 1st auth. method fails
 
(from 141031-10)
 
6895515 nscd aborting in libumem
 
(from 141031-09)
 
6810407 schema defined in idsconfig.sh is not strictly compliant with RFC 4512 Syntax
6842419 idsconfig(1M) fails to set up an LDAP server a second time
6890468 idsconfig must support DS 7.x
6901652 nscd could better handle running out of naming enumeration contexts
 
(from 141031-08)
 
6863709 nscd dumps core after receiving SIGHUP
 
(from 141031-07)
 
6856084 Sparks DNS backend should return canonical name before aliases
6864296 private __res_ndestroy interface may now be removed from dns_common.c
 
(from 141031-06)
 
6563443 nisaddcred and chkey have issues in md5 password encryption with passwords > eight characters
6839693 ldapclient init w/profile with more than 16 objectClassMaps core dumped on Solaris 10 x86
 
(from 141031-05)
 
	This revision accumulates generic Sustaining patch 138875-05
	into Solaris S10U8 update.
 
(from 141031-04)
 
	This revision accumulates generic Sustaining patch 138875-04
	into Solaris S10U8 update.
 
(from 141031-03)
 
6849767 wrong SUNWcsu postinstall script in patch 141031-02
 
(from 141031-02)
 
	This revision accumulates generic Sustaining patch 138875-03
	into Solaris S10U8 update.
 
(from 141031-01)
 
	This revision accumulates generic Sustaining patch 138875-02
	into Solaris S10U8 update.
 
(from 138875-05)
 
6805959 per-user nscd doesn't reap child processes after these exited, such child processes remain as zombies
 
(from 138875-04)
 
4904603 disable ldaplist to not show userpassword attribute or just user logged in
6615693 nscd only checks the file_dac_read check privilege and not the euid for access to the shadow file
 
(from 138875-03)
 
4622166 ldapaddent does not escape some special characters in DN for exec_attr, services and tnrhtp database
6844186 fix for 6715843 incomplete in Solaris 10 patch gate
 
(from 138875-02)
 
4796766 idsconfig and ldapaddent should support project database
6329516 unlimited password guesses allowed
6509374 idsconfig doesn't create container for projects
6580192 nss_ldap: __ns_ldap_endEntry() called twice by top_down_search()
6677547 Native LDAP client to disable vlv searches for netgroups
6715171 nss_ldap and passwdutil do not support all shadowAccount attributes
6715843 ldapaddent is not accepting a one character entry for the tnrhtp file
6797378 'ldapaddent -d passwd' does not print 'x' for the password field
 
(from 138875-01)
 
6561249 idsconfig prints out incorrect information for VLV indexing when run against DS5.2 & 6.0
 
(from 140108-01)
 
        This revision accumulates generic Sustaining patch 139569-01
        into Solaris S10U7 update.
 
(from 139569-01)
 
6585350 nss_nisplus: getbymember() does not follow NSS_DBOP_GROUP_BYMEMBER protocol
6669386 nss_ldap getbymember always returns NSS_SUCCESS
 
(from 140127-01)
 
        This revision accumulates generic Sustaining patch 139505-01
        into Solaris S10U7 update.
 
(from 139505-01)
 
6493513 changing password (in files repository) dumps core when libumem is in effect
 
(from 140166-01)
 
        This revision accumulates generic Sustaining patch 140145-01
        into Solaris S10U7 update.
 
(from 140145-01)
 
6774895 Solaris 10 ldap_cachemgr hang
 
(from 140168-01)
 
        This revision accumulates generic Sustaining patch 140147-01
        into Solaris S10U7 update.
 
(from 140147-01)
 
6740474 confusing 'password too short' message from Native LDAP
 
(from 140392-03)
 
6699250 nscd core dumps in NIS do_getent
6741305 nscd core file generated during storage pool reconfig
 
(from 140392-02)
 
6633347 nscd (sparks) can give inconsistent name resolution if started without a resolv.conf file
 
(from 140392-01)
 
        This revision accumulates generic Sustaining patch 138264-03
        into Solaris S10U7 update.
 
(from 138264-03)
 
6737284 nscd does not return NSS_TRYLOCAL for foreign NSS backends for enumerated searches when using compat
6740382 nscd needs improved permission checking
 
(from 138264-02)
 
        This revision accumulates generic Sustaining patch 138047-02
        into Solaris S10U6 update.
 
(from 138264-01)
 
        This revision accumulates generic Sustaining patch 138047-01
        into Solaris S10U6 update.
 
(from 138047-02)
 
6537549 nscd dies with SIGPIPE
 
(from 138047-01)
 
6636228 foreign NSS backends, nscd does not return NSS_TRYLOCAL when processing getgroupsbymember
6644077 nscd rejects foreign nsswitch backends
 
(from 122086-01)
 
6225117 passwd -r nisplus -e username will corrupt the user's passwd
 
(from 141023-02)
 
	This revision accumulates generic Sustaining patch 140918-02
	into Solaris S10U8 update.
 
(from 141023-01)
 
	This revision accumulates generic Sustaining patch 140918-01
	into Solaris S10U8 update.
 
(from 140918-02)
 
6793742 libnsl memory leak with "dail()" function call in strsave
 
(from 140918-01)
 
4300326 UDP replies from rpcbind and mountd can be sent with wrong source address
6466160 rpc.nisd can hang for 3-4 minutes attempting NIS+ callback if connection to client silently fails
6626381 rpc.nisd on subdomain-replica deadlocked when trying to access NIS+ admin group in cache


Patch Installation Instructions:
--------------------------------
 
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
 
The following example installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/123456-07
 
The following example removes a patch from a standalone system:
 
       example# patchrm 123456-07
 
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.


Special Install Instructions:
-----------------------------
 
None.


README -- Last modified date: Saturday, November 10, 2012