OBSOLETE Patch-ID# 148309-05


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security buffer overflow crafted dhcp
Synopsis: Obsoleted by: 148309-06 SunOS 5.10: dhcp patch
Date: Aug/15/2014


Install Requirements: Reboot after installing this patch to activate the changes delivered. An alternative may be specified in the Special Install Instructions.

Solaris Release: 10

SunOS Release: 5.10

Unbundled Product:

Unbundled Release:

Xref: This patch available for x86 as patch 148310

Topic: SunOS 5.10: dhcp patch

Relevant Architectures: sparc

Bugs fixed with this patch:

Sun CR # Bug #
16807129
17003748
17624647
637059715306062
657301015405645
661939815432374
671380515486931
676465515518436
695983615648746
696397115652032
708011915736076
711167015754898
711656615757953
714432415772097
715744615782134


Changes incorporated in this version: 17624647

Patches accumulated and obsoleted by this patch: 138876-03

Patches which conflict with this patch:

Patches required with this patch: 120011-14 141444-09 (or greater)

Obsoleted by:

Files included with this patch:

/lib/libdhcputil.so.1
/usr/lib/inet/in.dhcpd

Problem Description:

17624647 in.dhcpd spits SENDTO error while it's being restarted
 
(from 148309-04)
 
16807129 in.dhcpd assigns address a second time while lease is still valid
17003748 misleading uses of htonl() in dhcp.c
 
(from 148309-03)
 
7144324 in.dhcpd SEGV during termination
7157446 in.dhcpd SEGV at startup
 
(from 148309-02)
 
6764655 array overrun in dhcp_inittab.c
7111670 uninitialized variable in dsrvr_socktype
7116566 remove ITAB_CAT_COUNT in dhcp_inittab.h
 
(from 148309-01)
 
        This revision accumulates generic Sustaining patch 138876-03
        into Solaris S10U11 update.
 
(from 138876-03)
 
7080119 DHCPNAK larger than the minimum size for a DHCP response, the CD_END is not included
 
(from 138876-02)
 
6370597 in.dhcpd core dumps: double free on a DHCP network container record
6959836 DHCP server should set file limit even in debug mode
6963971 dhcpd needs to be hardened against the 32-bit fopen/255 problem
 
(from 138876-01)
 
6573010 DHCP server fails to lock newly created client record
6619398 [CVE-2007-5365] potential buffer overflow due to crafted requests
6713805 DHCP server should not care about the number of offers


Patch Installation Instructions:
--------------------------------
 
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
 
The following example installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/123456-07
 
The following example removes a patch from a standalone system:
 
       example# patchrm 123456-07
 
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.


Special Install Instructions:
-----------------------------
 
NOTE 1: Reboot the system after patch installation.
 
   	This patch may be activated without a reboot by restarting the
   	DHCP server manually when convenient.
 
      	Example 1. Restarting DHCP service (in.dhcpd) after installing
        	   this patch:
 
      		   svcadm restart svc:/network/dhcp-server:default


README -- Last modified date: Wednesday, May 13, 2015