Patch-ID# 108993-37 Keywords: security ldap ldapclient libldap automountd libthread libc sigbus Synopsis: SunOS 5.8: LDAP2 client, libc, libthread and libnsl libraries patch Date: Sep/01/2004 Install Requirements: Install in Single User Mode Reboot immediately after patch is installed See Special Install Instructions Solaris Release: 8 SunOS Release: 5.8 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 108994 Topic: SunOS 5.8: LDAP2 client, libc, libthread and libnsl libraries patch *********************************************************** NOTE: This patch may contain one or more OEM-specific platform ports. See the appropriate OEM_NOTES file within the patch for information specific to these platforms. DO NOT INSTALL this patch on an OEM system if a corresponding OEM_NOTES file is not present (or is present, but instructs not to install the patch), unless the OEM vendor directs otherwise. *********************************************************** NOTE: Refer to Special Install Instructions section for IMPORTANT specific information on this patch. Relevant Architectures: sparc BugId's fixed with this patch: 1141585 1167742 1209758 1226166 1239168 1257084 1258570 1264523 4091466 4098801 4099654 4112707 4152876 4156580 4160415 4193683 4196528 4221365 4225913 4236427 4244731 4250887 4253630 4271957 4283726 4284795 4285623 4288299 4291278 4291844 4292524 4292683 4297213 4298024 4299191 4300228 4302592 4303962 4304367 4305365 4305389 4305504 4305859 4307551 4307676 4308622 4309140 4310353 4310379 4311360 4311948 4312278 4312667 4313135 4313746 4313747 4314201 4314913 4314993 4318178 4320661 4320901 4324788 4324815 4325063 4327396 4328476 4331401 4332046 4332595 4332614 4334488 4335956 4336332 4336933 4341150 4341272 4341290 4342387 4343006 4343787 4344726 4350332 4351510 4353601 4353836 4354007 4355205 4355206 4356567 4357266 4357778 4357827 4357885 4357912 4359656 4359677 4366956 4367192 4367496 4368163 4371624 4372508 4374039 4374142 4374692 4375449 4376585 4379906 4380494 4380626 4381908 4384709 4384816 4386274 4387986 4390345 4390347 4390505 4391115 4392250 4393363 4393399 4393752 4394576 4395379 4396628 4400361 4401864 4402453 4402909 4403938 4404805 4407002 4408502 4409411 4410142 4411652 4411880 4411929 4413203 4413227 4413363 4413411 4415143 4419454 4419882 4421186 4421485 4421547 4421548 4421549 4422968 4423126 4424606 4424844 4425090 4425163 4425392 4428257 4429802 4430473 4432953 4433015 4433072 4433373 4435628 4438470 4441422 4444569 4445697 4445802 4449557 4449613 4450103 4451547 4452064 4452232 4452634 4452726 4454327 4455654 4455838 4455896 4459155 4459797 4461391 4462175 4464111 4465316 4468559 4471199 4475044 4478852 4479187 4480119 4484035 4484522 4485436 4486616 4487986 4488249 4490341 4490889 4490965 4491093 4491094 4493323 4494324 4496343 4496617 4497853 4501153 4503048 4504155 4504772 4506569 4506578 4510302 4512099 4514506 4514508 4515843 4516011 4516885 4517003 4517584 4517632 4519798 4523936 4523940 4524527 4525671 4525851 4525971 4528422 4528665 4530367 4545738 4614041 4614945 4616609 4617135 4617318 4617356 4622736 4623957 4629623 4631449 4632611 4632928 4635556 4647410 4647927 4648085 4656546 4658569 4661997 4663077 4667173 4668699 4669963 4679005 4680691 4683015 4683311 4684558 4688450 4690775 4691127 4705942 4710928 4720818 4727726 4730459 4738852 4745909 4746114 4749274 4751386 4757282 4757993 4765506 4767215 4767276 4768140 4768343 4769150 4769166 4774607 4775285 4776571 4779333 4780109 4780417 4786566 4787488 4792396 4792908 4793719 4802414 4804971 4805635 4807184 4819289 4820798 4823090 4828271 4830525 4847047 4848470 4852270 4856115 4861279 4873939 4874749 4877796 4887906 4890233 4890303 4892237 4894746 4897700 4898991 4902137 4902302 4913437 4915053 4916612 4920444 4923449 4947516 4977110 4980441 4981484 5006801 5007891 5012514 5014993 5039201 Changes incorporated in this version: 4745909 4774607 4915053 5014993 Patches accumulated and obsoleted by this patch: 108827-40 108991-18 108997-03 109005-05 109322-09 109461-03 109680-01 110194-01 110390-02 110589-02 110700-01 111081-01 111085-02 111090-03 111177-06 111217-02 111299-04 111393-02 111431-01 111464-01 111641-01 111659-07 111780-01 111921-02 112022-02 112218-01 112605-04 Patches which conflict with this patch: 109079-01 (or newer) Patches required with this patch: 108528-24 or greater 108989-01 or greater 110386-01 or greater 111023-03 or greater 111317-05 or greater 113648-03 or greater 115827-01 or greater 116602-01 or greater Obsoleted by: Files included with this patch: /etc/asppp.cf /etc/default/login /etc/default/nss /etc/init.d/asppp /etc/init.d/ldap.client /etc/init.d/pppd /etc/lib/nss_files.so.1 /etc/name_to_major /etc/nsswitch.conf /etc/nsswitch.dns /etc/nsswitch.files /etc/nsswitch.ldap /etc/nsswitch.nis /etc/nsswitch.nisplus /etc/pam.conf /etc/project /etc/rc0.d/K41ldap.client /etc/rc0.d/K50asppp /etc/rc0.d/K50pppd /etc/rc1.d/K41ldap.client /etc/rc1.d/K50asppp /etc/rc1.d/K50pppd /etc/rc2.d/S47asppp /etc/rc2.d/S47pppd /etc/rc2.d/S71ldap.client /etc/rcS.d/K41ldap.client /etc/rcS.d/K50asppp /etc/rcS.d/K50pppd /etc/security/exec_attr /kernel/fs/autofs /kernel/fs/sparcv9/autofs /sbin/su.static /usr/bin/chkey /usr/bin/ldaplist /usr/bin/login /usr/bin/nispasswd /usr/bin/passwd /usr/bin/pppd /usr/bin/su /usr/bin/yppasswd /usr/include/exacct.h /usr/include/exacct_impl.h /usr/include/ldap.h /usr/include/net/ppp-comp.h /usr/include/net/ppp_defs.h /usr/include/net/pppio.h /usr/include/net/vjcompress.h /usr/include/netinet/if_ether.h /usr/include/nl_types.h /usr/include/nss_dbdefs.h /usr/include/nsswitch.h /usr/include/project.h /usr/include/pthread.h /usr/include/rpc/clnt.h /usr/include/rpc/clnt_stat.h /usr/include/rpc/rpc_com.h /usr/include/rpc/svc.h /usr/include/rpc/trace.h /usr/include/rpcsvc/autofs_prot.h /usr/include/rpcsvc/autofs_prot.x /usr/include/secdb.h /usr/include/security/pam_appl.h /usr/include/shadow.h /usr/include/synch.h /usr/include/sys/fs/autofs.h /usr/include/thread_db.h /usr/include/userdefs.h /usr/kernel/drv/sparcv9/sppp /usr/kernel/drv/sparcv9/sppptun /usr/kernel/drv/sppp /usr/kernel/drv/sppptun /usr/kernel/drv/sppptun.conf /usr/kernel/strmod/sparcv9/spppasyn /usr/kernel/strmod/sparcv9/spppcomp /usr/kernel/strmod/sparcv9/sppptun /usr/kernel/strmod/spppasyn /usr/kernel/strmod/spppcomp /usr/kernel/strmod/sppptun /usr/lib/abi/abi_libc.so.1 /usr/lib/abi/abi_libexacct.so.1 /usr/lib/abi/abi_libnsl.so.1 /usr/lib/abi/abi_libproject.so.1 /usr/lib/abi/abi_libsldap.so.1 /usr/lib/abi/abi_watchmalloc.so.1 /usr/lib/abi/sparcv9/abi_libc.so.1 /usr/lib/abi/sparcv9/abi_libexacct.so.1 /usr/lib/abi/sparcv9/abi_libnsl.so.1 /usr/lib/abi/sparcv9/abi_libproject.so.1 /usr/lib/abi/sparcv9/abi_libsldap.so.1 /usr/lib/abi/sparcv9/abi_watchmalloc.so.1 /usr/lib/adb/ppp_stats /usr/lib/adb/pppstat /usr/lib/adb/sparcv9/ppp_stats /usr/lib/adb/sparcv9/pppstat /usr/lib/adb/sparcv9/sppa /usr/lib/adb/sparcv9/sppp_ahdlc /usr/lib/adb/sparcv9/sppp_comp /usr/lib/adb/sparcv9/spppstr /usr/lib/adb/sparcv9/vjcompress /usr/lib/adb/sparcv9/vjstat /usr/lib/adb/sppa /usr/lib/adb/sppp_ahdlc /usr/lib/adb/sppp_comp /usr/lib/adb/spppstr /usr/lib/adb/vjcompress /usr/lib/adb/vjstat /usr/lib/autofs/automountd /usr/lib/fs/autofs/automount /usr/lib/ldap/idsconfig /usr/lib/ldap/ldap_cachemgr /usr/lib/libc.a /usr/lib/libc.so.1 /usr/lib/libdoor.so.1 /usr/lib/libexacct.so /usr/lib/libexacct.so.1 /usr/lib/libldap.so.4 /usr/lib/libnsl.a /usr/lib/libnsl.so /usr/lib/libnsl.so.1 /usr/lib/libp/libc.a /usr/lib/libp/sparcv9/libc.so.1 /usr/lib/libpam.so.1 /usr/lib/libproject.so /usr/lib/libproject.so.1 /usr/lib/libpthread.so.1 /usr/lib/libsldap.so.1 /usr/lib/libthread.so.1 /usr/lib/libthread_db.so.0 /usr/lib/libthread_db.so.1 /usr/lib/llib-lc /usr/lib/llib-lc.ln /usr/lib/llib-ldoor.ln /usr/lib/llib-lexacct /usr/lib/llib-lexacct.ln /usr/lib/llib-lnsl /usr/lib/llib-lnsl.ln /usr/lib/llib-lpam /usr/lib/llib-lpam.ln /usr/lib/llib-lpasswdutil /usr/lib/llib-lpasswdutil.ln /usr/lib/llib-lproject /usr/lib/llib-lproject.ln /usr/lib/llib-lpthread.ln /usr/lib/llib-lsldap /usr/lib/llib-lsldap.ln /usr/lib/llib-lsldaputil /usr/lib/llib-lsldaputil.ln /usr/lib/llib-lthread.ln /usr/lib/lwp/libthread.so.1 /usr/lib/lwp/libthread_db.so.1 /usr/lib/lwp/llib-lthread.ln /usr/lib/lwp/llib-lthread_db.ln /usr/lib/lwp/sparcv9/libthread.so.1 /usr/lib/lwp/sparcv9/libthread_db.so.1 /usr/lib/lwp/sparcv9/llib-lthread.ln /usr/lib/lwp/sparcv9/llib-lthread_db.ln /usr/lib/mdb/kvm/sparcv9/sppp.so /usr/lib/mdb/kvm/sppp.so /usr/lib/nfs/rquotad /usr/lib/nss_files.so.1 /usr/lib/nss_ldap.so.1 /usr/lib/nss_nis.so.1 /usr/lib/nss_nisplus.so.1 /usr/lib/passwdutil.so /usr/lib/passwdutil.so.1 /usr/lib/pics/libc_pic.a /usr/lib/pics/sparcv9/libc_pic.a /usr/lib/security/pam_authtok_check.so /usr/lib/security/pam_authtok_check.so.1 /usr/lib/security/pam_authtok_get.so /usr/lib/security/pam_authtok_get.so.1 /usr/lib/security/pam_authtok_store.so /usr/lib/security/pam_authtok_store.so.1 /usr/lib/security/pam_dhkeys.so /usr/lib/security/pam_dhkeys.so.1 /usr/lib/security/pam_dial_auth.so.1 /usr/lib/security/pam_ldap.so.1 /usr/lib/security/pam_passwd_auth.so /usr/lib/security/pam_passwd_auth.so.1 /usr/lib/security/pam_rhosts_auth.so.1 /usr/lib/security/pam_unix.so.1 /usr/lib/security/pam_unix_account.so /usr/lib/security/pam_unix_account.so.1 /usr/lib/security/pam_unix_auth.so /usr/lib/security/pam_unix_auth.so.1 /usr/lib/security/pam_unix_session.so /usr/lib/security/pam_unix_session.so.1 /usr/lib/security/sparcv9/pam_authtok_check.so /usr/lib/security/sparcv9/pam_authtok_check.so.1 /usr/lib/security/sparcv9/pam_authtok_get.so /usr/lib/security/sparcv9/pam_authtok_get.so.1 /usr/lib/security/sparcv9/pam_authtok_store.so /usr/lib/security/sparcv9/pam_authtok_store.so.1 /usr/lib/security/sparcv9/pam_dhkeys.so /usr/lib/security/sparcv9/pam_dhkeys.so.1 /usr/lib/security/sparcv9/pam_dial_auth.so.1 /usr/lib/security/sparcv9/pam_ldap.so.1 /usr/lib/security/sparcv9/pam_passwd_auth.so /usr/lib/security/sparcv9/pam_passwd_auth.so.1 /usr/lib/security/sparcv9/pam_rhosts_auth.so.1 /usr/lib/security/sparcv9/pam_unix.so.1 /usr/lib/security/sparcv9/pam_unix_account.so /usr/lib/security/sparcv9/pam_unix_account.so.1 /usr/lib/security/sparcv9/pam_unix_auth.so /usr/lib/security/sparcv9/pam_unix_auth.so.1 /usr/lib/security/sparcv9/pam_unix_session.so /usr/lib/security/sparcv9/pam_unix_session.so.1 /usr/lib/sldaputil.so /usr/lib/sldaputil.so.5 /usr/lib/sparcv9/libc.so.1 /usr/lib/sparcv9/libdoor.so.1 /usr/lib/sparcv9/libexacct.so /usr/lib/sparcv9/libexacct.so.1 /usr/lib/sparcv9/libldap.so.4 /usr/lib/sparcv9/libnsl.so /usr/lib/sparcv9/libnsl.so.1 /usr/lib/sparcv9/libnss_files.so.1 /usr/lib/sparcv9/libnss_ldap.so.1 /usr/lib/sparcv9/libnss_nis.so.1 /usr/lib/sparcv9/libnss_nisplus.so.1 /usr/lib/sparcv9/libpam.so.1 /usr/lib/sparcv9/libproject.so /usr/lib/sparcv9/libproject.so.1 /usr/lib/sparcv9/libpthread.so.1 /usr/lib/sparcv9/libsldap.so.1 /usr/lib/sparcv9/libthread.so.1 /usr/lib/sparcv9/libthread_db.so.1 /usr/lib/sparcv9/llib-lc.ln /usr/lib/sparcv9/llib-ldoor.ln /usr/lib/sparcv9/llib-lexacct.ln /usr/lib/sparcv9/llib-lnsl.ln /usr/lib/sparcv9/llib-lpam.ln /usr/lib/sparcv9/llib-lpasswdutil.ln /usr/lib/sparcv9/llib-lproject.ln /usr/lib/sparcv9/llib-lpthread.ln /usr/lib/sparcv9/llib-lsldap.ln /usr/lib/sparcv9/llib-lsldaputil.ln /usr/lib/sparcv9/llib-lthread.ln /usr/lib/sparcv9/nss_files.so.1 /usr/lib/sparcv9/nss_ldap.so.1 /usr/lib/sparcv9/nss_nis.so.1 /usr/lib/sparcv9/nss_nisplus.so.1 /usr/lib/sparcv9/passwdutil.so /usr/lib/sparcv9/passwdutil.so.1 /usr/lib/sparcv9/sldaputil.so /usr/lib/sparcv9/sldaputil.so.5 /usr/lib/sparcv9/watchmalloc.so.1 /usr/lib/watchmalloc.so.1 /usr/sbin/aspppd /usr/sbin/aspppls /usr/sbin/ldap_gen_profile /usr/sbin/ldapaddent /usr/sbin/ldapclient /usr/sbin/newkey /usr/sbin/rpc.nispasswdd /usr/share/src/ppputil/plugins/pppd.h /usr/xpg4/lib/abi/abi_libpthread.so.1 /usr/xpg4/lib/abi/abi_libthread.so.1 /usr/xpg4/lib/abi/sparcv9/abi_libpthread.so.1 /usr/xpg4/lib/abi/sparcv9/abi_libthread.so.1 /usr/xpg4/lib/libpthread.so /usr/xpg4/lib/libpthread.so.1 /usr/xpg4/lib/libthread.so /usr/xpg4/lib/libthread.so.1 /usr/xpg4/lib/llib-lpthread.ln /usr/xpg4/lib/llib-lthread.ln /usr/xpg4/lib/sparcv9/libpthread.so /usr/xpg4/lib/sparcv9/libpthread.so.1 /usr/xpg4/lib/sparcv9/libthread.so /usr/xpg4/lib/sparcv9/libthread.so.1 /usr/xpg4/lib/sparcv9/llib-lpthread.ln /usr/xpg4/lib/sparcv9/llib-lthread.ln Problem Description: 4774607 pam_ldap gets confused when root tries to change user's password 4745909 _get_hostserv_inetnetdir_byname/NETDIR_BY may return success on failure 4915053 nss_setent() always fails for setpwent() 5014993 user logins may fail when nsswitch compat mode is used with NIS+ or LDAP (from 108993-36) 5039201 Patch 108993-35 & 108994-35 are missing the correct i.none CAS for SUNWcsl (from 108993-35) 4342387 libexacct coredumps because of missing data initialization 4890303 pam_ldap should return PAM_AUTH_ERROR instead of PAM_PERM_DENIED 4913437 Changing password in NIS+ fails on S9 clients with "Permission denied" 5012514 'passwd ' fails as root on NIS+ systems 4977110 passwd doesn't work with compat entries in /etc/nsswitch.conf 4980441 PAM module pam_dhkeys fails to retrieve changed credentials 4981484 vsprintf does not perform as well as sprintf 5006801 getprojent(3project) dumps core with LDAP project(4) database 5007891 s8 passwd(1) command may SEGV on NIS+ master servers. (from 108993-34) 4887906 pam_sm_chauthtok() returns 13 (PAM_USER_UNKNOWN) if lastchg=0 for local users 4902137 PPP4.0 Using the demand option, fails to negotiate a MTU above 1500. (from 108993-33) 4490341 nis_cachemgr too reluctant to rebind when server address changes 4765506 NIS+ password problems with Solaris 9 4848470 ldap_gen_profile(1M) is broken with patch 108993-18 4902302 patch 108993-18+:support generation & use of both versions of the client profile 4890233 using 'use_first_pass' for pam_ldap does not work 4920444 libldap.so.4 ber encoding memory corruption (from 108993-32) 4305504 statd dumped core in add_aliases 4297213 Literal IPv4 address code in __mappedtov4 wrong and unnecessary 4390505 swscanf memory leaks 4523936 mountd memory leak when using Native LDAP 4898991 mountd leaks memory 4746114 libpam internationalized messages are off by 1 for locale != C 4787488 ldapaddent can only add ethers or bootparams for the same hosts, not both. 4793719 pam_authtok_check.so.1::circ() too space-conservative 4805635 root may change enduser password in NIS+ without entering its own password 4873939 pam and compat does not work after applying patch 108993-18 4877796 passwd (passwdutil) inadvertently resets aging information (from 108993-31) 4947516 Undefined symbol in /etc/lib/nss_files.so.1 between 108993-27 through 108993-30 (from 108993-30) 4253630 nis_first_entry dumps core 4461391 nisplus library SEGV's in stc/nss 64-bit tests 4804971 nss_nisplus: some test cases failed 4738852 NIS: ypserv dev udp opened failed 4779333 ldap get*ent requests may free already freed memory 4780109 __ns_ldap_firstEntry may return a cookie that is freed 4802414 Client does not follow referral without hostname. 4658569 Following referrals does not work in all cases 4856115 sldaputil: __BP_ldap_simple_bind() fails in 64-bit mode when using tls:simple 4874749 passwd -x modifies the lastchg field also in /etc/shadow file 4892237 Native ldap 2 on Solaris 8 does not include read support for printers 4897700 Memory alignment of %sp is set to non 8bytes alignment in _ex_unwind_local() 4916612 fix for bug 4684558 breaks mulithomed nis master to reply correct ip-address 4923449 The fix of 4506972 inadvertently made in S8 needs to be backed out. (from 108993-29) 4830525 Buffer overflow in nss_ldap.so.1 (from 108993-28) 4271957 ucontext_t.uc_link points to garbage (from 108993-27) 4353836 if more than 255 file descriptors are already open then gethostbyname fails 4152876 getspnam_r() fails due to use of fopen() in libnsl.so in applications under load 4156580 getnetlist uses fopen, limiting RPC to 256 descriptors 4852270 libnsl accesses freed memory. (from 108993-26) 1209758 Need thread local storage rather than just thread specific data 4292524 POSIX threads created with PTHREAD_INHERIT_SCHED will not inherit t_mappedpri 4465316 TDB Portion of TLS Support 4479187 dtlogin deadlock while invoking Xreset, induced by longjmp() 4491093 default thread attributes are initialized correctly by accident 4494324 _libc_thr_keycreate isn't robust w.r.t. memory allocation failures 4496343 ph_lock_ta returns success on failure; caller unlocks unowned rwlock 4501153 fix for bugid 4461751 breaks the old libthread 4504772 rwlock: writers can be starved 4514506 libthread uncontended recursive/errorcheck mutexes much slower than S8 4514508 Would like non error checking recursive mutex 4519798 libthread should not use alloca() 4528422 process-shared mutexes could benefit from adaptive locking 4622736 zombie threads show up wrong in thread_db (in T2) 4632928 gdb doesn't like new libthread_db 4647410 SIGCANCEL received (and interrupted door_call) with cancellation OFF 4647927 new libthread thr_suspend/continue behaves differently from the old libthread 4663077 libthread can deadlock itself on _schedlock 4667173 ti_sigmask is all 0's when 64bit dbx debugs 32bit app 4679005 thr_stksegment() reports incorrect stack sizes 4688450 VSU TC setcontex4.c dumps core due to setcontext() if linked with libthread. 4768343 fork() in libthread won't clear deferred signal for the child. 4769150 libthread should not depend on librt 4769166 x86 libthread could improve current thread references 4786566 mdb dumps core when examining a process linked with old_libthread 4792908 new libthread inherits arbitrary restrictions on mutex attributes from old 4819289 threads: ASSERT(sigequalset(&oldset, &self->ul_sigmask)) (from 108993-25) 4684558 NIS server doesn't answer ypbind broadcast request on IPMP failed over interface 4894746 header file autofs_prot.h for autofs version 4 missing in patch 108993-22 (from 108993-24) 4757282 ldapclient init fails with SIGBUS if SSD's are > 15 in profile 4768140 passwd core dumps when changing shell 4776571 Applications running on SSL enabled native ldap clients may crash at termination (from 108993-23) 4313135 do_accept() does not log enough info when t_open fails 4828271 clnt_create()/clnt_create_timed() don't timeout with unexpected UDP. (from 108993-22) 4705942 invoke_utmp_update(): buffer-overflow bug and pad field written to utmpx wrong (from 108993-21) 4861279 libsldap: password of proxyagent becomes logged as cleartext (from 108993-20) 4847047 automountd dumps core when accessing /xfn/_x500 with Patch 108993-18 (from 108993-19) 4757993 libthread patch 108827-30 fails to install on AutoClients 4387986 libthread deadlock 4432953 UNIX98: *nftw* nftw does not set errno=0 before calling walk() 4780417 Deferred pthread cancellation in non cancellation point with DCE 4455838 kernel cancellation is handled asynchronously (from 108993-18) 4767276 rpcbind can be killed remotely (from 108993-17) 1141585 makecontext() is buggy (from 108993-16) 4668699 buffer overflow in dbm_open and dbminit (except the one in libc) 4823090 NLDAP2 backport: update idsconfig to use Solaris8 ldap_gen_profile SYNOPSIS (from 108993-15) 4820798 Restore a bootable version of the etc/pam.conf file after LDAP2 patch removed (from 108993-14) 4357827 pam_ldap should fully support password aging 4792396 request to backport Native LDAP Phase 2 to Solaris 8 4807184 Fix for 4720818 overwritten by Native LDAP 2 backport to Solaris 8 (from 108993-13) 4751386 ether_ntohost() fails with rc 1 when resolving data from LDAP (from 108993-12) 4720818 LDAP naming services fails when domainname is greater than 23 characters (from 108993-11) 4614945 Memleak in getgrent() when using against Native Ldap. (from 108993-10) 4486616 NS_LDAP_SERVER_PREF= in ldap_client_file causes libsldap to crash (from 108993-09) 4623957 nested netgroups on Solaris 8 Native ldap I causes getent to core. (from 108993-08) 4357885 passwd dumps core if no gecos field in LDAP entry for user (from 108993-07) 4459155 mountd in netgroup_check() waiting for LDAP 4632611 Putback for 4320901 backed out fix for 4425163 (from 108993-06) 4320901 Native LDAP takes a very long time to try the next server in the list (from 108993-05) 4351510 LDAP Switch getgrpgid causes nscd crash 4425163 handling of multiple solarisdatasearchdn still broken 4359677 ldapclient -m -B overwrites previous database rather than adding new one (from 108993-04) 4409411 LDAP Name Service (nss_ldap) returns unexpected NULL pointer for group passwd 4429802 LDAP Name Service (nss_ldap) neglects to remove "{crypt}" from group password 4480119 _nss_ldap_group2ent() getgrent.c does not use last byte in supplied buffer. (from 108993-03) 1257084 login times out, due to excessive time in group lookup 4357778 PSARC 2000/038 create /etc/default/nss (from 108993-02) 4353601 i.nsswitch CAS removes non-hosts entries for xfn (from 108993-01) 4312278 tasks, projects, extended accounting project (from 110390-02) 4415143 ldapclient fails to handle -i flag (from 110390-01) This patch revision was generated to accumulate and obsolete the feature changes introduced in point patch 110194-01 4310379 ldapclient needs to be smarter to work with install (sysid) (from 110194-01) 4310379 ldapclient needs to be smarter to work with install (sysid) (from 111090-03) 4449613 Buffer overflow in libsldap.so.1 leads to root compromise (from 111090-02) 4357912 cannot change password when ldapclient set to use a replica (from 111090-01) 4359656 ldap backend does not search multiple paths as per NS_LDAP_SEARCH_DN parameter (from 111431-01) 4435628 libldap does not support rfc 2254 encoded characters as used by automountd (from 108827-40) 4710928 rpcbind exits with segv on both cluster node (from 108827-39) 4530367 After retry timeout - nss_search() no longer retries lookups 4749274 MT-Safe functions such as syslog(3C) and wordexp(3C) cannot use fork() (from 108827-38) 4775285 memory leak in 64-bit fopen() (from 108827-37) 4767215 Incorrect output with kP format, losing significant digits. (from 108827-36) 4680691 doctored rpc calls over UDP can bring down machines through rpcbind 4730459 Solaris 8 libthread library causes coredump (from 108827-35) 4669963 Strong security checks in catgets(3C) break setuid application 4727726 NIS+ user unable to change his/her passwd. (from 108827-34) 4311360 updwtmp(3c) creates files with unspecified permissions 4475044 GNU gettext should be supported 4545738 iconv not picking up geniconvtbl conversion binaries 4629623 regression: iconv_open() can return -1 with incorrect errno values (from 108827-33) 1226166 rpcbind does not bind with the correct network interface 4690775 nisplus_ldap_udt: rpcbind got killed and core dump during nisplus server setup 4683311 rquotad is not largefile aware (from 108827-32) 4663077 libthread can deadlock itself on _schedlock (from 108827-31) 4648085 automountd dumps core freeing an illegal address in __svc_dupcache_victim() (from 108827-30) 4691127 Possible type overflow in xdr_array (from 108827-29) 4517003 ypserv spinning after client disconnects 4525671 RPC exit when running out of memory 4616609 libnsl rpcb_clnt.c/add_cache() calls exit() unnecessarily 4617318 More calls to exit() in libnsl (from 108827-28) 4350332 netdir_getbyaddr fails often for IPv6 addresses 4503048 getutxent_frec sends init looping (from 108827-27) 1258570 qsort performs poorly with multiple identical keys 4635556 *atexit* atexit() does not scale. Can cause very slow startup of C++ programs. (from 108827-26) 4525851 DCE 3.1 hangs on Solaris 9 beta while configuring (from 108827-25) 4524527 pstack goes into a loop (from 108827-24) 4661997 buffer overflow in dbm_open (from 108827-23) 4318178 wordexp puts automatic string into environment. 4444569 Purify reports memory leaks in wordexp(3C) 4656546 Purify UMR errors with Solaris 8 02/02 libthread library (from 108827-22) 4380626 strcasecmp and strncasecmp are broken for 8-bit characters 4617356 dcgettext() doesn't properly restore signal masks (from 108827-21) 4344726 /usr/sbin/rpcbind SEGV in __xdrrec_getbytes_nonblock() 4517584 bad performance due to serialization in mutex_destroy() (from 108827-20) 4221365 readdir_r() is not POSIX compliant 4523940 more getipnodebyname memory leaks (from 108827-19) 4617135 Status error with ROBUST shm mutexes used with an shm condition-variable 4393752 cond_* calls might cause data corruption when used with ROBUST mutexes (from 108827-18) 4496617 getgrent_r is not consistent between 5.7 and 5.8 4614041 UNIX98: execvp does not use standards-conforming shell (from 108827-17) 4394576 nisgrpadm intermittently fails to update NIS+ group 4484522 Call from HotSpot JavaVM to libthread "T1" thr_suspend hangs calling thread (from 108827-16) 4430473 rpc.nisd: svc_getreqset: No transport handle for fd 291 4484035 vxvm - vxlicense and other commands hang when locale is set. 4506569 catgets() function call doesn't return, hang in extract_format() (from 108827-15) 4510302 UNIX98: *vsu* getpriority returned EINVAL when ESRCH was expected 4528665 Deadlock between clnt_create_timed and fork1 (from 108827-14) 4411880 NIS+ cannot handle file descriptors > 1024 4411929 Inter-record timeout for non-blocking COTS RPC results in early disconnects 4512099 The directory server hangs and returns to normal after applying pstack 4493323 thr_getconcurrency() behaves differently for alt. and default libthread 4491094 thread-specific data memory leak in child of fork1() 4490965 pthread_rwlock_rdlock(): allow multiple read locks with writers waiting 4490889 LIBTHREAD_ERROR_DETECTION race malfunction for USYNC_PROCESS mutexes 4488249 lwp_suspend() livelocks with spin_lock_loop() or continue_fork() (from 108827-13) This patch revision was generated to accumulate and obsolete the feature changes introduced in feature point patch 111921-02 and to include these additional fixes: 4324788 NIS+ commands may core dump on literal IPv6 address 4343006 td_thr_validate returns wrong results in 64 bit mode 4497853 THR_BOUND THR_DETACHED thread can run and exit before thrp_create has finished. 4515843 fix for bugid 4307676 causes recursion between libthread and ld.so.1 (from 108827-12) 4393752 cond_* calls might cause data corruption when used with ROBUST mutexes (from 108827-11) 4433015 libthread & ld.so.1 should not use crt*.o modules provided by compilers (from 108827-10) 4368163 ypserv starts hundreds of ypserv processes all in defunct-status 4300228 threaded process grows tired of receiving signals (from 108827-09) 4376585 libthread is abysmal when many threads are awakened from a cond_wait_cancel (from 108827-08) 4335956 msgrcv hangs in multi processor environment due to signal loss. (from 108827-07) 4381908 libthread hangs when both SIGPROF and SIGEMT are arriving 4367192 libthread leaves underlying lwp signal mask with SIGEMT (and SIGPROF) blocked (from 108827-06) 4236427 Sybase Replication Server crashes on Multi-CPU Ultra Platforms (from 108827-05) 4336933 fix for overflow problem in bug 4145630 is incomplete (from 108827-04) 4311948 non-static recursive mutexes do not get unlocked (from 108827-03) 4091466 RFE (request for enhancement) to force core dump instead of libthread hang (from 108827-02) 4307551 td_sync_get_info() returns incorrect ownership information. (from 108827-01) 4288299 Recursive mutexes are not properly released (from 108991-18) 4419882 large select(3c) timeout (from 108991-17) 4312667 getpriority fails with ESRCH when used on SHR class process. (from 108991-16) 4408502 lfmt(3C) calls ctime() which is MT_Unsafe. 4425090 strange files in /var/adm when using utmp library (utmpname()) (from 108991-15) 4428257 Kernel patch 106541-15 makes application dysfunctional 4459797 catgets sets errno to EBADF for the special message catalog for C locale (from 108991-14) 4396628 UNIX98: catopen() does not set errno when it receives a null or empty string 4386274 check_nlspath_env should avoid using strncmp() 4452064 errno handling of catgets is not correct (from 108991-13) This patch revision was generated to accumulate and obsolete the feature changes introduced in feature point patch 111217-02. (from 108991-12) 1257084 login times out, due to excessive time in group lookup 4357778 PSARC 2000/038 create /etc/default/nss (from 108991-11) 4395379 door_return mishandles arguments after EINTR (from 108991-10) 4341290 memory leak in regcomp (from 108991-09) This patch revision was generated to accumulate and obsolete the feature changes introduced in feature point patch 110589-02. (from 108991-08) 4314993 libc .init race causes .div to overwrite return address in MT application 4374039 libc/realpath can still write past end of buffer (from 108991-07) 4302592 TLI library is not fork-safe (from 108991-06) 4366956 NLSPATH gettext introduces problems when used printf format specifier 4375449 dtmail crashes when calling catgets with NULL default message (from 108991-05) 4303962 multi-threaded fork1/execvp can fail because __environ_lock is held in parent (from 108991-04) 4291844 strftime and strptime are MT-Unsafe due to use of tzname[] (from 108991-03) 4310353 msgids, semids, shmids and msgsnap (from 108991-02) 4312278 tasks, projects, extended accounting project (from 108991-01) 4193683 malloc() with very big requested array size works incorrectly 4225913 malloc does not set errno to ENOMEM when not enough memory 4314913 fix for Bug 4042527 leaves part of heap unusable, so frees cannot combine. 4292683 /usr/ucb/shutdown core dumps in syslog() (from 110589-02) Patch reved to sync feature gate with patch gate (from 110589-01) 4355205 System V semaphores suffer from false sharing 4355206 System V semaphore timeout mechanism (from 109680-01) 4244731 initgroups() doesn't return all groups when RFE 4005653 (full table scans can overload NIS+ servers) is on NIS+ server (from 111217-02) This patch revision was generated to include an escalated fix for libc. (from 111217-01) 4400361 Need to add support for sendfilev() system call (from 109322-09) 4455896 rpc.nispasswdd failed: RPC: .... NIS+ fatal error: 15 (from 109322-08) 4356567 multiple system daemons loop in clnt_dg_call (from 109322-07) 4283726 fsck hangs in phase 4 in getpwuid() call 4327396 nis_modify_entry(): deadlock in rpc_fd_lock() with MT nis table modification 4354007 : xdrmem_putbytes and xdrmem_putlong emit a syslog error message when the buffer (from 109322-06) 4374142 RPC services using RPC_SVC_MT_AUTO can stop listening (from 109322-05) 4357266 Bad line syntax in /etc/hosts causes host table lookup to abort early (from 109322-04) 4336332 svc_getreqset (t_accept) returns illegal file descriptor (from 109322-03) 4302592 TLI library is not fork-safe (from 109322-02) 4320661 getipnodebyname hangs on mutex when requesting IPv6 literal (from 109322-01) 4305859 libnsl security bug. (from 111177-06) 4413227 cond_* calls might cause data corruption when used with ROBUST mutexes (from 111177-05) This patch revision was generated to accumulate and obsolete the feature changes introduced in feature point patch 111641-01. (from 111177-04) 4433015 libthread & ld.so.1 should not use crt*.o modules provided by compilers (from 111177-03) 4441422 FP control state lost on thread_create with alt_libthread (from 111177-02) 4421186 prex aborts when using /usr/lib/lwp/libthread.so on Solaris 8 (from 111177-01) 4393363 lwp/libthread_db doesn't work with corefiles (from 109461-03) 4407002 UNIX98: *pthread* wrapper needed in /usr/xpg4/lib 4390345 UNIX98: SCHED_FIFO and SCHED_RR threads fail to enter the real time class 4371624 UNIX98: aio_fsync signal arrives before aio_read signal (from 109461-02) 4336933 fix for overflow problem in bug 4145630 is incomplete (from 109461-01) 4305389 SIGPROF/SIGEMT erroneously masked for some threads/LWPs (from 111641-01) 4423126 pthread_getspecific()/thr_getspecific() can be made up to 4x faster (from 111921-02) This patch revision was generated to accumulate and obsolete the feature changes introduced in feature point patch 112022-02. (from 111921-01) 1167742 MUTEX_HELD and similar macros don't do a very good test 1239168 Introduce pthread_cond_timedwait_np() which takes a relative timeout arg 4160415 door_return has evil knowledge of libthread internals 4196528 thr_stksegment() returns incorrect stack information 4285623 libthread siglongjmp should not restore SPARC application globals 4298024 32-bit popen(3S) does not set errno when fd > 255 4299191 alternate libthread needs improvement 4304367 performance problem in SIGPROF handling with alternate libthread 4307676 libthreads (alt and default) need consistent handshake with ld.so.1 4309140 libthread should lazyload librt 4324815 need interface to provide information about recursive mutexes etc 4325063 alternate libthread lock statistics must be aware of the dynamic linker 4332046 alternate libthread: thr_create() is not fork1-safe on x86 4332595 system(3S) and popen(3S) should be made thread-safe 4332614 definitions of DEFAULTRWLOCK and SHAREDRWLOCK are incorrect 4334488 libthread should set and clear the PTHREAD_PRIO_INHERIT mutex lock byte 4341150 private memory allocator inconsistency causes SEGVs 4343787 need an infrastructure to enable OS-NET libraries to become fork1-safe 4367496 restore _sigon/_sigoff until alternative is phased in 4372508 Incorrect field being used for T_TEMPBOUND in libthread/common/disp.c 4380494 nanosleep() isn't acting as a cancellation point for deferred cancellation 4384709 error in 4390347 UNIX98: pthread_detach() should not be a cancellation point 4391115 alt libthread library clobbers preemption control state 4393752 cond_* calls might cause data corruption when used with ROBUST mutexes 4401864 PTHREAD_MUTEX_ERRORCHECK should work across process boundaries 4402453 thr_create segfaults in child of fork1 4402909 libthread missing mutex_held(), rw_read_held(), rw_write_held(), and sema_held() 4403938 doors cancellation doesn't work with alternate libthread 4404805 /usr/lib/sparcv9/libthread.so.1 doesn't inline curthread() 4413203 lock primitive data types need to be cleaned up and made consistent 4413363 __free_selector() called with wrong argument if sysi86(SI86DSCR) fails 4413411 implement user-level sleep queues in the alternate libthread 4421485 add setcontext() to the libc/libthread jump table 4422968 Need to set the fp of door server to 0 on Intel 4424606 race between sigprocmask and sigacthandler causes assertion failure 4424844 dueling libthreads result in mutual annihilation 4425392 alternate libthread should provide _libthread_sema_wait() function 4433072 alternate libthread_db: td_thr_get_info() returns empty ti_sigmask 4433373 alt. libthread should optimize the case of mutex_unlock() with no waiters 4438470 T2: primordial threads need to have tid and lid of 1 4445697 T2:calling _thr_main() in the middle of init will seg fault 4445802 thr_slot_get()/thr_slot_set() should be ripped out 4449557 improve the speed of uncontended mutex_lock()/mutex_unlock() 4451547 thr_setmutator() returns spurious EINVAL when marking thread as a non-mutator 4452634 old libthread.so.1 fails to build on 32-bit sparc kernel 4454327 libthread should have an option to defer signals within cond_wait() 4455654 there are many problems with thread suspend/continue 4464111 thread cancelled in pthread_cond_wait() consumes condition signal 4468559 Restore tag names of the lock structs for threaded programs in system headers 4478852 libthread assertion failure in sigaction.c with sigsuspend() (from 112022-02) 4504155 Missing symbols in the 64bits version of libnsl (from 112022-01) 4485436 Require support of oneway asynchronous model to RPC library (from 110700-01) 4341272 kernel and /etc/mnttab do not contain reliable info on automounted filesystems (from 111085-02) 4516885 *login* security problem (from 111085-01) 4291278 /bin/login misses failure when logging to /var/adm/loginlog (from 111299-04) 4683015 aspppls unsafely opens /tmp/.asppp.fifo file (from 111299-03) 4516011 pppd fails with "Failed to open /dev/hihp0: Device busy" error 4517632 pppd erroneously falls back on Configure-Reject for Magic-Number (from 111299-02) This patch revision was generated to accumulate and obsolete the feature changes introduced in feature point patch 111464-01. (from 111299-01) This patch revision was generated to accumulate and obsolete the feature changes introduced in feature point patch 111081-01. (from 111081-01) 1264523 The aspppd must be restarted when a new PAP identification is added. 4098801 request to allow to turn off hardware flow control feature on ppp 4410142 libpam does not lint cleanly (from 111464-01) 4328476 RFE: PPPoE (RFC 2516) client support in Solaris 4421547 uts/common/io/ppp/sppp/sppp.c includes __DATE__ and __TIME__ 4421548 uts/common/io/ppp/spppasyn/spppasyn.c includes __DATE__ and __TIME__ 4421549 uts/common/io/ppp/spppcomp/spppcomp.c includes __DATE__ and __TIME__ 4419454 idle option doesn't work if lcp-echo-interval/chap-interval is used (from 111780-01) 4452726 maxconnect timeout causes SIGSEGV (from 111659-07) 4099654 No convenient method of reactivating inactive accounts 4393399 Fix for 4180899 changes password prompt behaviour of pam_unix (from 111659-06) 4450103 ftp login fails on system under full load (from 111659-05) 4462175 *passwd* -g option does not work as advertised (from 111659-04) 4452232 passwd -D domainname is ignored - it uses the default domainname. (from 111659-03) 4250887 pam_open_session() segfaults if PAM_RHOST or PAM_TTY == NULL (from 111659-02) 4112707 Password expiration (passwd -f) doesn't work correctly 4284795 when passwd is given the -r option, it ignores /etc/pam.conf (from 111659-01) 4392250 "passwd -r nis -e user" causes rpc.yppasswdd down. (from 112218-01) 4384816 Users able to authenticate in pam_ldap with NULL password (from 112605-04) 4525971 autofs passes nonsensical unmount requests to automountd, which may then spin (from 112605-03) 4471199 autofs deadlock when a thread was allowed to stop() while holding mutex (from 112605-02) 4631449 race condition in autofs: between auto_perform_link and auto_search (from 112605-01) 4506578 Solaris 8, lofs panic, NULL vfs ptr passed into makelfsnode(). (from 111393-02) 4308622 automountd dumps core while umount mounted file systems (from 111393-01) 4379906 automounter LDAP wildcard key lookup incorrect. (from 108997-03) This patch revision was generated to reinstate the new /var/adm/exacct directory which got dropped from -02. (from 108997-02) 4305365 kernel, libexacct need to be marked as dependent on common/exacct 4313746 ea_set_item and ea_object_t definitions don't agree well 4313747 ea_attach functions not hardened against incorrect types 4314201 extended accounting partial records not distinguishable from full (from 108997-01) 4312278 tasks, projects, extended accounting project (from 109005-05) 4487986 *su* su(1M) limits TZ to 26 characters (from 109005-04) 4411652 'su' command fails to correctly log failed attempts to assume a role - RABC (from 109005-03) 4331401 segmentation violation in au_user_mask() (from 109005-02) 4374692 su does not warn about logins of imminent expiry (from 109005-01) 4312278 tasks, projects, extended accounting project Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-9 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- Reboot the system while in single user mode after patch installation. ------------------------------------------------------------------------------- For Sun Cluster 3.0 Customers Only =================================== Sun Cluster 3.0 cluster nodes will hang at boot time after installing Solaris 8 02/02 (Update 7 *without* the Sun Cluster core patch 110648-12 (or newer). The workaround is to install Sun Cluster core patch 110648-12 (or newer), before rebooting the nodes into cluster mode. If the cluster nodes are already hung, boot the nodes in non-cluster mode (boot -x), add Sun Cluster core patch 110648-12 (or newer) and then boot the nodes back into cluster mode. ------------------------------------------------------------------------------- Native LDAP Phase 2 to Solaris 8 ================================ a) ldapclient -f certificatepath option is non-functional If using ldapclient -P, the default certificate path (/var/ldap) will always be used. The -f certificatepath option will report an error. The workaround is to copy your certificate db's to /var/ldap. b) ldapaddent: does not function with tls specified You cannot use ldapaddent with tls at present. If you wish to protect the data sent to ldapaddent, you must either run ldapaddent on the server running the ldapserver that you will write the data to. (You must make the ldap server a client of itself to do this - which is not a supported configuration.) Alternately, you can use ipsec or a private network. The following patches can be installed to obtain further documentation and man pages: 114255-01 (or newer) Documentation 108808-43 (or newer) Man Pages Special NOTE: During patchadd, before the /etc/pam.conf file is changed, a copy of the current version is saved as /etc/pam.conf.pre. If the patch is removed, the existing /etc/pam.conf file is copied to /etc/pam.conf. and then the previous version is restored to /etc/pam.conf from the existing /etc/pam.con.pre file. The method of restoring the file is not supported if the following action(s) occur: 1) /etc/pam.conf is changed after the patch has been installed. 2) The same rev of the patch is installed more than once. ------------------------------------------------------------------------------- NOTE 1: To get the complete support for Tasks, Projects and Accounting, one needs to install the following patches: 108528-01 (or newer) kernel update patch 108989-01 (or newer) /usr/kernel/sys/acctctl and /usr/kernel/sys/exacctsys patch 108995-01 (or newer) /usr/lib/libproc.so.1 patch 109025-01 (or newer) /usr/bin/sparcv7/truss and /usr/bin/sparcv9/truss patch 109003-01 (or newer) /etc/init.d/acctadm and /usr/sbin/acctadm patch 109009-01 (or newer) /etc/magic and /usr/bin/file patch 109019-01 (or newer) /usr/bin/priocntl patch 109027-01 (or newer) /usr/bin/wracct patch 109007-01 (or newer) at/atrm/batch/cron patch 109011-01 (or newer) /usr/bin/id and /usr/xpg4/bin/id patch 109013-01 (or newer) /usr/bin/lastcomm patch 109015-01 (or newer) /usr/bin/newtask patch 108999-01 (or newer) PAM patch 109021-01 (or newer) /usr/bin/projects patch 109023-01 (or newer) /usr/bin/sparcv7/ps and /usr/bin/sparcv9/ps patch 109035-01 (or newer) useradd/userdel/usermod patch 109029-01 (or newer) perl patch 109017-01 (or newer) /usr/bin/pgrep and /usr/bin/pkill patch 109033-01 (or newer) /usr/bin/sparcv7/prstat and /usr/bin/sparcv9/prstat patch 109037-01 (or newer) /var/yp/Makefile and /var/yp/nicknames patch 109031-01 (or newer) projadd/projdel/projmod patch NOTE 2: To get the complete fix for 4310353 (msgids, semids, shmids and msgsnap -- provide all of the System 5 message queue identifiers in the system), one needs to install the following patches: 109236-01 (or newer) msgsys, semsys and shmsys patch 109238-01 (or newer) /usr/bin/{sparcv7,sparcv9}/ipcs patch NOTE 3: To get the complete fix for 4355205 System V semaphores suffer from false sharing 4355206 System V semaphore timeout mechanism one needs to install the following patches: 108528-07 (or newer) kernel update patch 109025-02 (or newer) /usr/bin/sparcv7/truss and /usr/bin/sparcv9/truss patch NOTE 4: To get the complete NCAfs, NCA Proxy and sendfilev() feature, please install the following patches: 108528-09 (or newer) kernel update patch 109472-06 (or newer) /kernel/drv/tcp patch 109234-03 (or newer) NCA patch 108995-02 (or newer) /usr/lib/libproc.so.1 patch 111295-01 (or newer) /usr/bin/sparcv7/pstack and /usr/bin/sparcv9/pstack patch 109025-03 (or newer) /usr/bin/sparcv7/truss and /usr/bin/sparcv9/truss patch 111297-01 (or newer) /usr/lib/libsendfile.so.1 patch NOTE 5: To get the complete T2 Modifications to alternate Libthread in Solaris 8 feature, please install the following patches: 109025-04 (or newer) truss patch 108995-03 (or newer) libproc patch 109045-03 (or newer) crash patch 108528-13 (or newer) KU patch NOTE 6: To get the complete Sun RPC Library feature, please install the following patches: 112165-01 (or newer) rpcgen patch NOTE 7: To get the complete fix for 4394576, please install the following patches: 110511-04 (or newer) rpc.nisd patch (includes bugid 4471041) NOTE 8: When responding to the question: Do you wish to continue this installation {yes or no} [yes]? (by default, installation will continue in 60 seconds) A 'kill ' is shown when the default behavior is specified (e.g. yes). This is harmless. NOTE 9: The fix for 4614041 involves a dependency on /usr/xpg4/bin/sh which is delivered in the optional package SUNWxcu4. To ensure that libc functions correctly, this package is automatically installed on the user's system if it does not exist. The stream formatted base FCS SUNWxcu4 package included with this patch is "SUNWxcu4.stream.pkg". NOTE 10: To get the complete fix for bugid 4691127, please install the following patch: 108901-06 (or newer) rpcmod patch NOTE 11: To get the complete fix for bugids 4475044, 4335175 and 4340959 please install the following patch: 113415-01 (or newer) GNU gettext patch NOTE 12: The fix for bug#4680691 uncovered a bug (4775198) in the SUNWjbcp package. A patch for this bug has been released as 114152-01. This patch (or newer) has to be installed if you use the SUNWjbcp package. NOTE 13: To get the complete feature for Solaris 8 PPP 4.0, one needs to install the following packages from the Solaris 8 Update 5 (07/01) Release: SUNWpppd (Solaris PPP Device Drivers) SUNWpppdr (Solaris PPP configuration files) SUNWpppdu (Solaris PPP daemon and utilities) SUNWpppdx (Solaris PPP Device Drivers (64-bit)) SUNWpppg (GNU utilities for PPP) SUNWpppgS (Source for the GNU utilities for PPP) NOTE 14: To get the complete support for PPP over Ethernet, please install the new package SUNWpppdt (Solaris PPP Tunneling) from Solaris 8 Update 6 (10/01) Release and the following patches: 108964-06 (or newer) /usr/sbin/snoop patch NOTE 15: To get the complete fix for 4392250 ("passwd -r nis -e user " causes rpc.yppasswdd down.), one needs to install the rpc.yppasswdd patch 111596-02 (or newer). NOTE 16: To get the complete security fix for 4668699 (buffer overflow in dbm_open), one needs to install the libdbm and libc.so.x.9 patch 109152-02 (or newer). NOTE 17: The fix for 4506972 included in 108993-18 and 108994-18 changed the behavior of some commands such as cron(1M), rcp(1) and OpenSSH for locked accounts. Accounts which have been locked (via the 'passwd -l' command) contain the string "*LK*" in the password field of the shadow(4) file. Users with locked accounts were no longer able to execute cron jobs successfully or issue rcp(1) commands with .rhosts files for example. This changed behavior has been backed out and the original behavior of affected commands such as cron(1), rcp(1), and OpenSSH has been restored with the fix for 4923449 which is included in 108993-30 and 108994-30 and later revisions of these patches. Solaris 9 and future releases will keep the fix for 4506972 and the new behavior of locked accounts for commands such as cron(1M), rcp(1), and OpenSSH will remain. README -- Last modified date: Wednesday, September 1, 2004