Patch-ID# 142398-02

Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security libsasl sasl buffer overflow
Synopsis: SunOS 5.10_x86: patch
Date: Jul/14/2022

Install Requirements: Reboot after installing this patch to activate the changes delivered. An alternative may be specified in the Special Install Instructions.

Solaris Release: 10_x86

SunOS Release: 5.10_x86

Unbundled Product:

Unbundled Release:

Xref: This patch available for SPARC as patch 142397

Topic: SunOS 5.10_x86: patch

Relevant Architectures: i386

Bugs fixed with this patch:

Sun CR # Bug #

Changes incorporated in this version: 33893487

Patches accumulated and obsoleted by this patch: 141931-01

Patches which conflict with this patch:

Patches required with this patch: 120012-14 (or greater)

Obsoleted by:

Files included with this patch:


Problem Description:

33893487 Problem with library/libsasl
(from 142398-01)
	This revision accumulates generic Sustaining patch 141931-01
	into Solaris S10U8 update.
(from 141931-01)
6836899 sasl_encode64() is vulnerable to buffer overflow (VU#238019)

Patch Installation Instructions:
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
The following example installs a patch to a standalone machine:
       example# patchadd /var/spool/patch/123456-07
The following example removes a patch from a standalone system:
       example# patchrm 123456-07
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.

Special Install Instructions:

README -- Last modified date: Thursday, July 14, 2022