Patch-ID# 108196-03 Keywords: security dtprintinfo timing HOME large SIGSEGV Synopsis: CDE 1.0.2_x86: dtprintinfo patch Date: Aug/10/00 Solaris Release: 2.4_x86 2.5_x86 2.5.1_x86 SunOS Release: 5.4_x86 5.5_x86 5.5.1_x86 Unbundled Product: CDE Unbundled Release: 1.0.2_x86 Xref: This patch available on CDE 1.0.1 as patch 108195 Relevant Architectures: i386 BugId's fixed with this patch: 4191060 4191065 4286834 4139394 Changes incorporated in this version: 4139394 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: 108364-01 (or newer) Files included with this patch: /usr/dt/bin/dtprintinfo Problem Description: 4139394 long argument causes SIGSEGV (from 108196-02) 4286834 Patch 105717-07 was obsoleted by 108364-01 so this patch needed to be repackaged. (from 108196-01) 4191060 large HOME causes buffer overflow in dtprintinfo 4191065 dtmkdir() potentially has a timing security hole Patch Installation Instructions: -------------------------------- Refer to the Install.info file for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below as special instructions. Special Install Instructions: ----------------------------- None.