OBSOLETE Patch-ID# 143962-04
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: audit_syslog.so.1
Synopsis: Obsoleted by: 143962-05 SunOS 5.10: audit_syslog.so.1 patch
Date: Oct/13/2014
Install Requirements: NA
Solaris Release: 10
SunOS Release: 5.10
Unbundled Product:
Unbundled Release:
Xref: This patch available for x86 as patch 143963
Topic: SunOS 5.10: audit_syslog.so.1 patch
Relevant Architectures: sparc
Bugs fixed with this patch:
Changes incorporated in this version: 18690720 18735226
Patches accumulated and obsoleted by this patch: 144455-01
Patches which conflict with this patch:
Patches required with this patch: 118833-36 (or greater)
Obsoleted by:
Files included with this patch:
/usr/lib/security/audit_syslog.so.1
Problem Description:
18690720 audit_syslog(5) doesn't include 'arge' data if 'argv' policy also specified
18735226 audit_syslog needs to interpret return code from cacheauevent() correctly
(from 143962-03)
16969774 audit_syslog should include argv and arge if present in record
17000108 auditd_syslog plugin leaks memory when uauth token is logged
(from 143962-02)
7065439 audit_syslog.so generates 'error before token' errors when handling Extended File Attributes
(from 143962-01)
This revision accumulates generic Sustaining patch 144455-01
into Solaris S10U9 update.
(from 144455-01)
6314610 audit_syslog(5) plugin module logs IP addresses in host byte order
Patch Installation Instructions:
--------------------------------
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
The following example installs a patch to a standalone machine:
example# patchadd /var/spool/patch/123456-07
The following example removes a patch from a standalone system:
example# patchrm 123456-07
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.
Special Install Instructions:
-----------------------------
NOTE 1: Manual page audit_syslog(5) contains a list of tokens logged, such as
session, by, as, proc_uid and so on. Two new tokens need to be added:
argv <arguments> Listed are the execv(2) system call parameter
arguments from the exec_args token.
Arguments can be truncated from the right if
necessary to fit them on the line.
Truncation is indicated by trailing
ellipsis (...).
arge <arguments> Listed are the execv(2) system call environment
arguments from the exec_env token.
Arguments can be truncated from the right if
necessary to fit them on the line.
Truncation is indicated by trailing
ellipsis (...).
README -- Last modified date: Wednesday, October 12, 2016