Patch-ID# 110286-11 Keywords: security core clients tooltalk database server buffer overflow Synopsis: OpenWindows 3.6.2: Tooltalk patch Date: Sep/24/2003 Install Requirements: Additional instructions may be listed below Solaris Release: 8 SunOS Release: 5.8 Unbundled Product: OpenWindows Unbundled Release: 3.6.2 Xref: This patch is available for x86 as patch 110287 Topic: Relevant Architectures: sparc BugId's fixed with this patch: 4334998 4363822 4379430 4417781 4476458 4499995 4518469 4522203 4668701 4707187 4713445 4871091 Changes incorporated in this version: 4871091 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/openwin/bin/rpc.ttdbserverd /usr/openwin/bin/ttsession /usr/openwin/lib/sparcv9/libtt.so.2 /usr/openwin/lib/libtt.so.2 Problem Description: 4871091 dtmail cannot open attached mail (from 110286-10) 4713445 buffer overflow in the ToolTalk library (from 110286-09) 4707187 multiple vulnerabilities in Tooltalk database server (from 110286-08) 4668701 64bit ToolTalk clients cannot connect with ttsession (from 110286-07) 4476458 _Tt_c_procid::set_default_session dumps core on Solaris 7 and Solaris (from 110286-06) 4522203 libtt crashes and burns when ttsession cannot be reached (from 110286-05) 4518469 pkgadd of SUNWtltk fails in the latest S8U7 nightly build (from 110286-04) 4499995 format string vulnerability in ToolTalk Database Server (from 110286-03) 4417781 Login failed after patch 105802-14 add (from 110286-02) 4379430 After patch add 105802-12, login failed 4363822 ttsession memory leak (from 110286-01) 4334998 Loopback automount maps and 107893-07 cause failed CDE logins, hangs Patch Installation Instructions: -------------------------------- Refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- None. README -- Last modified date: Wednesday, September 24, 2003