Patch-ID# 148071-19
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security libcrypto crypto openssl commands
Synopsis: SunOS 5.10: openssl patch
Date: Dec/16/2015
Install Requirements: After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reboot is performed. Unless
otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.
Solaris Release: 10
SunOS Release: 5.10
Unbundled Product:
Unbundled Release:
Xref: This patch available for x86 as patch 148072
Topic: SunOS 5.10: openssl patch
Relevant Architectures: sparc
Bugs fixed with this patch:
Changes incorporated in this version: 21815734 22229510
Patches accumulated and obsoleted by this patch: 147707-10 148320-01
Patches which conflict with this patch:
Patches required with this patch: 118833-36 120011-14 127127-11 137137-09 139555-08 141444-09 144500-19 147147-26 (or greater)
Obsoleted by:
Files included with this patch:
/usr/lib/pkgconfig/openssl.pc (deleted)
/usr/lib/sparcv9/pkgconfig/openssl.pc (deleted)
/usr/sfw/bin/openssl
/usr/sfw/bin/sparcv9/openssl
/usr/sfw/include/openssl/asn1.h
/usr/sfw/include/openssl/buffer.h
/usr/sfw/include/openssl/crypto.h
/usr/sfw/include/openssl/opensslv.h
/usr/sfw/include/openssl/pkcs7.h
/usr/sfw/include/openssl/ssl.h
/usr/sfw/include/openssl/ssl3.h
/usr/sfw/include/openssl/tls1.h
/usr/sfw/include/openssl/x509.h
/usr/sfw/lib/libcrypto.so.0.9.7
/usr/sfw/lib/libcrypto_extra.so.0.9.7
/usr/sfw/lib/libssl.so.0.9.7
/usr/sfw/lib/libssl_extra.so.0.9.7
/usr/sfw/lib/llib-lcrypto.ln
/usr/sfw/lib/llib-lssl.ln
/usr/sfw/lib/pkgconfig/openssl.pc
/usr/sfw/lib/sparcv9/libcrypto.so.0.9.7
/usr/sfw/lib/sparcv9/libcrypto_extra.so.0.9.7
/usr/sfw/lib/sparcv9/libssl.so.0.9.7
/usr/sfw/lib/sparcv9/libssl_extra.so.0.9.7
/usr/sfw/lib/sparcv9/llib-lcrypto.ln
/usr/sfw/lib/sparcv9/llib-lssl.ln
/usr/sfw/lib/sparcv9/pkgconfig/openssl.pc
Problem Description:
21815734 move pkgconfig files for old OpenSSL 0.9.7 to /usr/sfw/lib
22229510 mismatched GID for OpenSSL deliverables under /usr/sfw
(from 148071-18)
21240446 problem with OpenSSL
21240457 problem with OpenSSL
21240488 problem with OpenSSL
(from 148071-17)
20688058 problem with OpenSSL
20735495 problem with OpenSSL
20735520 problem with OpenSSL
20735531 problem with OpenSSL
20735537 problem with OpenSSL
20735541 problem with OpenSSL
20735563 problem with OpenSSL
(from 148071-16)
20325582 problem with OpenSSL
20325594 problem with OpenSSL
20325600 problem with OpenSSL
20325603 problem with OpenSSL
(from 148071-15)
16368404 SPARC standalone wanboot client upgrade SSLv3->TLSv1
19823193 problem with OpenSSL
19823202 problem with OpenSSL
19823212 problem with OpenSSL
(from 148071-14)
19385643 problem with OpenSSL
19385708 problem with OpenSSL
(from 148071-13)
18889686 problem with OpenSSL
(from 148071-12)
16694535 problem with OpenSSL
(from 148071-11)
16211866 problem with OpenSSL
(from 148071-10)
15243249 ssh / OPENSSL_cleanse accesses memory beyond malloc'ed buffer
(from 148071-09)
This revision accumulates generic Sustaining patch 147707-10
into Solaris S10U11 update.
(from 148071-08)
This revision accumulates generic Sustaining patch 147707-09
into Solaris S10U11 update.
(from 148071-07)
This revision accumulates generic Sustaining patch 147707-08
into Solaris S10U11 update.
(from 148071-06)
This revision accumulates generic Sustaining patch 147707-07
into Solaris S10U11 update.
(from 148071-05)
This revision accumulates generic Sustaining patch 147707-06
into Solaris S10U11 update.
(from 148071-04)
This revision accumulates generic Sustaining patch 147707-05
into Solaris S10U11 update.
(from 148071-03)
This revision accumulates generic Sustaining patch 147707-04
into Solaris S10U11 update.
(from 148071-02)
This revision accumulates generic Sustaining patch 147707-03
into Solaris S10U11 update.
(from 148071-01)
This revision accumulates generic Sustaining patch 147707-02
into Solaris S10U11 update.
(from 147707-10)
7168983 PKCS11 engine does not check mechanism key size range
7182257 pk11_get_symmetric_cipher and pk11_get_digest should have better interface
(from 147707-09)
7169875 problem with crypto: OpenSSL
(from 147707-08)
7101916 blowfish-cbc/hmac_sha1 in the SSH test suite failed on T4
(from 147707-07)
7169340 make it possible to set SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION flag in SSL context
7172970 SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION is not defined
(from 147707-06)
7162790 problem with crypto: OpenSSL
7164437 problem with crypto: OpenSSL
7166196 BUF_MEM_grow_clean returns incorrect error string
(from 147707-05)
7155548 problem with crypto: OpenSSL
7155555 problem with crypto: OpenSSL
(from 147707-04)
7151259 problem with crypto: OpenSSL
(from 147707-03)
7133053 problem with crypto: OpenSSL
7133054 problem with crypto: OpenSSL
(from 147707-02)
6881996 problem with crypto: OpenSSL
(from 147707-01)
7017005 OpenSSL PKCS#11 engine not picking up all hardware crypto implementations
(from 148320-01)
6192392 build and ship 64-bit openssl command
Patch Installation Instructions:
--------------------------------
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
The following example installs a patch to a standalone machine:
example# patchadd /var/spool/patch/123456-07
The following example removes a patch from a standalone system:
example# patchrm 123456-07
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.
Special Install Instructions:
-----------------------------
NOTE 1: This patch forces the use of strong encryption, which breaks
applications that use crypto on systems without SUNWcry* packages
installed. Solaris 10 11/06 (Update 3) and earlier do not include
SUNWcry* packages. It is strongly advised that affected systems
upgrade to the later Solaris 10 Update S10 1/13 (Update 11).
For more details, please see Service Alert Doc ID 2013494.1:
https://support.oracle.com/rs?type=doc&id=2013494.1
README -- Last modified date: Wednesday, December 16, 2015