OBSOLETE Patch-ID# 141742-04
Download this patch from My Oracle Support
|
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
|
For further information on patching best practices and resources, please
see the following links:
|
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security aes openssl international encryption y sshd sftp-server sftp
Synopsis: Obsoleted by: 141444-09 SunOS 5.10: sshd patch
Date: Aug/14/2009
Install Requirements: Reboot after installing this patch to activate the changes delivered. An alternative may be specified in the Special Install Instructions.
Solaris Release: 10
SunOS Release: 5.10
Unbundled Product:
Unbundled Release:
Xref: This patch available for x86 as patch 140119
Topic: SunOS 5.10: sshd patch
EXPORT INFORMATION: This software contains encryption features
and requires export approval from the U.S. Department of State,
prior to exporting from the United States.
Relevant Architectures: sparc
Bugs fixed with this patch:
Changes incorporated in this version: 6705402
Patches accumulated and obsoleted by this patch: 142004-01
Patches which conflict with this patch:
Patches required with this patch: 118833-36 120011-14 127127-11 137137-09 139555-08 (or greater)
Obsoleted by: 141444-09
Files included with this patch:
/etc/ssh/sshd_config
/usr/bin/scp
/usr/bin/sftp
/usr/bin/ssh
/usr/bin/ssh-add
/usr/bin/ssh-agent
/usr/bin/ssh-keygen
/usr/bin/ssh-keyscan
/usr/lib/ssh/sftp-server
/usr/lib/ssh/ssh-keysign
/usr/lib/ssh/sshd
/usr/sfw/bin/openssl
/usr/sfw/include/openssl/asn1.h
/usr/sfw/include/openssl/opensslv.h
/usr/sfw/lib/libcrypto.so.0.9.7
/usr/sfw/lib/libcrypto_extra.so.0.9.7
/usr/sfw/lib/libssl.so.0.9.7
/usr/sfw/lib/libssl_extra.so.0.9.7
/usr/sfw/lib/sparcv9/libcrypto.so.0.9.7
/usr/sfw/lib/sparcv9/libcrypto_extra.so.0.9.7
/usr/sfw/lib/sparcv9/libssl.so.0.9.7
/usr/sfw/lib/sparcv9/libssl_extra.so.0.9.7
Problem Description:
6705402 ssh issue with scp, naming conventions within the command
(from 141742-03)
6740240 ssh: password prompt is garbled on ja_JP.PCK/ja_JP.eucJP locale
6781546 CR 6704823 is back when using LogLevel debug in sshd_config
6797221 do_exec_no_pty() function contains file descriptor leak
6812446 x11_create_display_inet does not cleanup resources correctly
(from 141742-02)
6718923 BN_bin2bn() should be more robust
(from 141742-01)
6282914 cannot use strong ciphers when linking to libcrypto
6617424 aes192/aes256 support is missing from ssh/sshd
6824175 OpenSSL needs a fix for CVE-2009-0590
(from 142004-01)
6757046 sftp/sftp-server don't allow setting of set[ug]id/sticky bits
Patch Installation Instructions:
--------------------------------
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' scripts provided with Solaris.
The following example installs a patch to a standalone machine:
example# patchadd /var/spool/patch/123456-07
The following example removes a patch from a standalone system:
example# patchrm 123456-07
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.
Special Install Instructions:
-----------------------------
NOTE 1: Before installing this patch, please be sure to install the latest
patch utilities patches for your OS. This list of patches is defined
at http://sunsolve.sun.com
Please use the pull down list which appears after the text:
"Latest Patch Update: To ensure the correct functioning of the
patching utilities on your system, stay up to date on the
following patches"
NOTE 2 : Fix for 6740240 requires to have SUNWuiu8 package installed. For some
charset SUNWiconv-unicode, SUNWiconv-extra2 are also needed. Without these
installed packages following error message appears:
invalid UTF-8 sequence: Cannot convert UTF-8 strings to the local codeset
README -- Last modified date: Saturday, November 10, 2012