Obsoleted by: 118372-08 SunOS 5.10_x86: elfsign Patch |
Disclaimer:
Please note:
Although OBSOLETED patches are available on SunSolve, Sun recommends using the most recent patches and the most recent revision of those patches. OBSOLETED patches do not include the latest bug fixes and/or product enhancements, and may require the installation of additional patches as a corrective measure.
Status: OBSOLETE
Patch Id: 118372-07
***********************************************************************
READ THE TERMS OF THE AGREEMENT ("AGREEMENT") IN THE LEGAL_LICENSE.TXT
FILE CAREFULLY BEFORE USING THIS SOFTWARE. BY USING THE SOFTWARE, YOU
AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE
TERMS, PROMPTLY DESTROY THE UNUSED SOFTWARE.
***********************************************************************Summary: Obsoleted by: 118372-08 SunOS 5.10_x86: elfsign Patch
Date: May/03/2006
Installation Requirements:
Reconfigure immediately after patch is installed
Install in Single User ModeSolaris Release: 10_x86
Sun OS Release: 5.10_x86
Unbundled Product:
Unbundled Release:
Xref: This patch available for SPARC as patch 118371
Topic:
SunOS 5.10_x86: elfsign Patch
Relevant Architecture: i386
BugId's fixed with this patch:
4987141 5019131 5057756 5099921 6196062 6214106 6214824 6216464 6218014 6218030 6220136 6221396 6222046 6222935 6238177 6238962 6239551 6258804 6258976 6259973 6265403 6268124 6282641 6283570 6301500 6317027 6326584 6331159 6333693 6340770 6347364 6348585 6367959
Changes incorporated in this version:
5099921 6258804 6282641 6326584 6331159 6333693 6340770 6347364 6348585 6367959
Patches accumulated and obsoleted by this patch:
119266-02
Patches which conflict with this patch:
Required Patches:
Obsoleted by:
Files Included in this Patch:
/usr/bin/elfsign
/usr/lib/crypto/kcfd
/usr/lib/inet/certdb
/usr/lib/inet/certlocal
/usr/lib/inet/certrldb
/usr/lib/inet/in.iked
/usr/lib/libelfsign.so.1
/usr/lib/libike.so.1
Problem Description:
6367959 Large numbers of certlib entries corrupt active Phase I SA state.
6282641 Policy with AH can cause in.iked to exit when NAT-T triggered
6333693 in.iked needs better handling of port-only selectors
6258804 IKE p1 delete notifications not being sent immediately on flush
5099921 in.iked pfkey.c: should pull memset into extract_exts()
6340770 multiple-personality disorder affects inverse_acquire, too
6326584 comedy of mismerges puts a quarter-twist into quick mode identities
6347364 SafeNet plugs ASN.1 leaks
6348585 ISAKMP notification sent to peer contains garbage
6331159 If the only pre-shared key is deleted, the IKE daemon can not add new keys from a file
(from 118372-06)
6265403 Short-lived Phase I SAs get bitten by libike's retransmit-driven delayed cleanup
6259973 IKE phase2 exchange fails to occur when phase1 SA nears expiry
6268124 ikeadm won't remove expiring phase1 SA's by address
6317027 libike tries to dereference the wrong negotiation
(from 118372-05)
6301500 Multiple elfsign failures in SPARC & X86 SUNWgcc package
(from 118372-04)
6258976 kcfd dies under a barrage of verification requests
6283570 misaligned ELF64 section heads
(from 118372-03)
6238177 ikecert certlocal -a dumps core
6238962 ikecert cache has artificially small maximum value
6239551 in.iked doesn't parse config.sample as expected
(from 118372-02)
This patch revision accumulates/obsoletes Solaris Update S9U5
feature point patch 119266-02.
(from 118372-01)
5057756 elfsign should put OU in subject name in its own AttributeTypeAndValue
6214106 elfsign damages some executables
(from 119266-02)
Uprev due to the intersection between Feature and Generic gates
(from 119266-01)
4987141 Misleading comments in do_p1getdel() function.
5019131 IKE should use uCF's libpkcs11 by default for performance improvement
6196062 Drop SafeNet QuickSec 2.1 into libike
6214824 Update NAT-T Support to full RFC 3947 compliance.
6216464 Memory leak if ssh_ike_connect_ipsec() fails immediately
6218014 qs21 putback broke tools/version of elfsign
6218030 Fix for 6218014 needs a more elegant solution
6220136 elfsign request fails
6221396 libike PKCS#11 D-H native glue needs to guard against trimmed leading-zeroes.
6222046 usr/src/lib/libike needed in its entirety to build usr/src/tools
6222935 Keystore generation is broken post-qs21Revision History:
118372-05 118372-06 118372-02 118372-01 118372-04
Patch Installation Instructions:
--------------------------------
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions. The following example
installs a patch to a standalone machine:
example# patchadd /var/spool/patch/104945-02
The following example removes a patch from a standalone system:
example# patchrm 104945-02
For additional examples please see the appropriate man pages.Special Install Instructions:
-----------------------------
Not all patches listed in this section as needed for the completion
of a fix or feature, may be available at the same time as this patch.
This allows the remaining fixes/features to be made available sooner.
NOTE 1: If you're planning to set up Zones on this system, please make
sure to install the following patch which fixes bugid 6216195
(zone installation confused by UPDATE=yes in pkginfo(4) file.)
119255-06 (or greater) Install and Patch Utilities Patch
NOTE 2: If the patch is being applied to the live system, please do the following:
svcadm disable -t cryptosvc
Apply the patch to elfsign, libelfsign and kcfd
svcadm enable -t cryptosvc
NOTE 3: To get thet complete fix for bugid 6265403 (short-lived Phase I SAs get
bitten by libike's retransmit-driven delayed cleanup), please also
install the following patch:
121407-01 (or greater) ikeadm patch
README -- Last modified date: Wednesday, February 21, 2007
|
Subscribe |
Careers |
Contact Us |
Site Maps |
Legal Notices |
Terms of Use |
Your Privacy Rights |
Sun Contracted Content
Sun Contracted Feature
