OBSOLETE Patch-ID# 146672-11

Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security libcrypto libssl ssl crypto
Synopsis: Obsoleted by: 148072-10 SunOS 5.10_x86: ssl patch
Date: Oct/10/2012

Install Requirements: After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reboot is performed. Unless
otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.

Solaris Release: 10_x86

SunOS Release: 5.10_x86

Unbundled Product:

Unbundled Release:

Xref: This patch available for SPARC as patch 147707

Topic: SunOS 5.10_x86: ssl patch

Relevant Architectures: i386

Bugs fixed with this patch:

Sun CR # Bug #

Changes incorporated in this version: 7168983 7182257

Patches accumulated and obsoleted by this patch: 146859-01

Patches which conflict with this patch:

Patches required with this patch: 118855-36 127128-11 142910-17 (or greater)

Obsoleted by:

Files included with this patch:


Problem Description:

7168983 PKCS11 engine does not check mechanism key size range
7182257 pk11_get_symmetric_cipher and pk11_get_digest should have better interface
(from 146672-10)
7169875 problem with crypto: OpenSSL
(from 146672-09)
7101916 blowfish-cbc/hmac_sha1 in the SSH test suite failed on T4
(from 146672-08)
7169340 make it possible to set SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION flag in SSL context
(from 146672-07)
7162790 problem with crypto: OpenSSL
7164437 problem with crypto: OpenSSL
7166196 BUF_MEM_grow_clean returns incorrect error string
(from 146672-06)
7155548 problem with crypto: OpenSSL
7155555 problem with crypto: OpenSSL
(from 146672-05)
7151259 problem with crypto: OpenSSL
(from 146672-04)
7133053 problem with crypto: OpenSSL
7133054 problem with crypto: OpenSSL
(from 146672-03)
6881996 problem with crypto: OpenSSL
(from 146672-02)
7017005 OpenSSL PKCS#11 engine not picking up all hardware crypto implementations
(from 146672-01)
        This revision accumulates generic Sustaining patch 146859-01
        into Solaris S10U10 update.
(from 146859-01)
6989182 CVE 2008-7270 change SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior
7015771 fix CVE-2010-4180 in OpenSSL

Patch Installation Instructions:
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
The following example installs a patch to a standalone machine:
       example# patchadd /var/spool/patch/123456-07
The following example removes a patch from a standalone system:
       example# patchrm 123456-07
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.

Special Install Instructions:

README -- Last modified date: Tuesday, March 19, 2013