Obsoleted by: 112908-16 WITHDRAWN PATCH SunOS 5.9: krb5 shared object Patch |
Disclaimer:
Please note:
Although OBSOLETED patches are available on SunSolve, Sun recommends using the most recent patches and the most recent revision of those patches. OBSOLETED patches do not include the latest bug fixes and/or product enhancements, and may require the installation of additional patches as a corrective measure.
Status: OBSOLETE
Patch Id: 112908-15
Summary: Obsoleted by: 112908-16 WITHDRAWN PATCH SunOS 5.9: krb5 shared object Patch
Date: Aug/31/2004
******************************************************
Patch 112908-15 has been withdrawn on Sept. 23, 2004.
Patch 112908-14 was re-instated.
Reason:
SUNWk5pk(x) pkgs will not install on user systems because the
version strings of these packages do not agree with those
of the fcs pkgs
Please reference bug ID 4807010 for more information.
Recommendation:
Please install 112908-14 or 112908-16 (or newer) when
available.
******************************************************
******************************************************
The items made available through this website
are subject to United States export laws and
may be subject to export and import laws
of other countries. You agree to strictly comply
with all such laws and obtain licenses to
export, re-export, or import as may be required.
Unless expressly authorized by the United States
Government to do so you will not, directly or
indirectly, export or re-export the items made
available through this website, nor direct the
items therefrom, to any embargoed or restricted
country identified in the United States export
laws, including but not limited to the Export
Administration Regulations (15 C.F.R. Parts
730-774).
******************************************************
Installation Requirements:
Install in Single User Mode
Reboot immediately after patch is installedSolaris Release: 9
Sun OS Release: 5.9
Unbundled Product:
Unbundled Release:
Xref: This patch available for x86 as patch 113990
Topic:
SunOS 5.9: krb5 shared object Patch
***********************************************************
NOTE: This patch may contain one or more OEM-specific platform ports.
See the appropriate OEM_NOTES file within the patch for
information specific to these platforms.
DO NOT INSTALL this patch on an OEM system if a corresponding
OEM_NOTES file is not present (or is present, but instructs not
to install the patch), unless the OEM vendor directs otherwise.
***********************************************************
Relevant Architecture: sparc sparc.sun4u
BugId's fixed with this patch:
4197937 4220042 4430138 4516537 4521000 4526202 4630574 4642879 4657596 4666887 4671577 4690212 4691352 4711993 4727224 4743181 4744280 4794436 4807010 4830044 4836676 4837278 4841013 4846024 4847827 4865664 4881066 4882946 4995543 5004688 5055875 5063407
Changes incorporated in this version:
4807010 4837278 4865664 5055875 5063407
Patches accumulated and obsoleted by this patch:
112726-03
Patches which conflict with this patch:
Required Patches:
Obsoleted by:
Files Included in this Patch:
/kernel/misc/kgss/do_kmech_krb5
/kernel/misc/kgss/gl_kmech_krb5
/kernel/misc/kgss/sparcv9/do_kmech_krb5
/kernel/misc/kgss/sparcv9/gl_kmech_krb5
/platform/sun4u/kernel/misc/kgss/gl_kmech_krb5
/platform/sun4u/kernel/misc/kgss/sparcv9/gl_kmech_krb5
/usr/lib/gss/gl/abi/abi_mech_krb5.so.1
/usr/lib/gss/gl/abi/sparcv9/abi_mech_krb5.so.1
/usr/lib/gss/gl/mech_krb5.so.1
/usr/lib/gss/gl/sparcv9/mech_krb5.so.1
/usr/lib/security/pam_krb5.so.1
/usr/lib/security/pam_krb5_migrate.so
/usr/lib/security/pam_krb5_migrate.so.1
/usr/lib/security/sparcv9/pam_krb5.so.1
/usr/lib/security/sparcv9/pam_krb5_migrate.so.1
Problem Description:
4807010 Crash in the gssapi module
4837278 Kerberos utilities should include automigrate capability
5055875 buffer overflow in (undocumented) auth_to_local rules
4865664 gssapi/krb5 may hang with corrupted data
5063407 memory corruption between decode_krb5_ap_req() and krb5_gss_accept_sec_context()
(from 112908-14)
This patch was respun to require patch 112907-03
(from 112908-13)
4995543 pam_krb5.so.1 from 112908-12 causes SEGV when using *su* or dtsession lock
5004688 Kerberos patch 112908-12 causes user passwords to be logged in clear text
(from 112908-12)
4794436 strict TGT verification in pam_krb5 should be configurable
4430138 pam_krb5 has wrong return codes for some service module function
4516537 pam_krb5 does not conform to the PAM standards set forth in pam(3PAM)
4711993 mech_krb5: memory caching MUST be enabled in kerberos mech
4841013 krb5 memory cache code should use mktemp instead of mkstemp
4846024 krb5 err msg: login: /tmp/krb5cc_35224 owned by 35224 instead of 0
4881066 pam_krb5 setcred function causes BUS error due to incorrectly freed memory
(from 112908-11)
4882946 GSS_C_NO_BUFFER: gss_init_sec_context gives an Error code
(from 112908-10)
4836676 Bounds checks not in place for princs in krbv5
(from 112908-09)
4847827 Kerberos patch 112908-07 Error verifying TGT with host, Bad encryption type
(from 112908-08)
4830044 pam_krb5 needs to be repository aware
(from 112908-07)
4630574 pam_krb5 should not reimplement utility functions and use libpam utilities
4743181 gss/kerberos frees a buffer returned to caller
(from 112908-06)
4727224 user application hangs at rpc_gss_seccreate()
4744280 gss_display_status() always returning error
(from 112908-05)
4526202 pam_krb5 auth can fail with multiple ftp sessions of same user
(from 112908-04)
4521000 krb5_gss_wrap_size_limit() does not work
4671577 mech_krb5.so should expose krb5_c_verify_checksum function
4691352 Multiple Kerberos vulnerabilities need to be fixed
(from 112908-03)
4666887 decrypt_as_reply can cause SEGV when request is NULL.
(from 112908-02)
4657596 passwd aging fix does not work for passwords greater than 8 characters.
4690212 krb5/gss nfs users all getting mapped to user nobody
(from 112908-01)
This patch revision was generated to accumulate and obsolete
the changes introduced in Solaris Update: s9u1
feature point patches: 112726-03
(from 112726-03)
This patch revision was generated to fix the Stab table problem
in the previous revision.
(from 112726-02)
This patch revision was generated to synchronize the
package version string between s9 and s9u1
(from 112726-01)
4642879 Kerberos Mechanism Re-sync with MIT 1.2.1
4197937 gss_init_sec_context() doesn't set GSS_C_TRANS_FLAG
4220042 "kadmin: add_principal -expire "9/1/1999 7:00am" xhu" doesn't workRevision History:
112908-08 112908-14 112908-04 112908-11 112908-02 112908-13 112908-09 112908-12 112908-07
Patch Installation Instructions:
--------------------------------
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
For Solaris 7-9 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions. The following example
installs a patch to a standalone machine:
example# patchadd /var/spool/patch/104945-02
The following example removes a patch from a standalone system:
example# patchrm 104945-02
For additional examples please see the appropriate man pages.Special Install Instructions:
NOTE 1: To get the complete Kerberos feature, please also install the
following patches:
112921-01 (or newer) adm5
112922-01 (or newer) krb5 lib
112923-01 (or newer) usr lib krb
112924-01 (or newer) usr sbin krb
112925-01 (or newer) util admin
NOTE 2: To get the complete fix of bug 4836676 "Bounds checks not in place
for princs in krbv5" please also install the following patches:
112925-03 (or newer) kdb5_util
112923-03 (or newer) krb5kdc
112921-02 (or newer) libkadm5srv.so.1
README -- Last modified date: Monday, September 27, 2004
|
Subscribe |
Careers |
Contact Us |
Site Maps |
Legal Notices |
Terms of Use |
Your Privacy Rights |
Sun Contracted Content
Sun Contracted Feature
