The Trusted Solaris 8 4/01 release includes all product patches and bug fixes incorporated into the Solaris 8 4/01 release. The bug fixes that are listed in the tables below are additional.
Security bugs that are fixed in releases later than Solaris 8 4/01 have been incorporated into this release. The Trusted Solaris 8 4/01 release includes the following Solaris security bug fixes:
Table 1-1 Solaris Security Bug Fixes Integrated in Trusted Solaris 8 4/01
Solaris Bug Number |
Synopsis |
---|---|
4153434, 4274696 |
|
4328124 |
Security hole in rmmount.conf - possible string buffer overflow |
4330421, 4383387 |
LP subsystem is vulnerable to printing unauthorized files |
4338622 |
Buffer overflow vulnerabilities in Kerberos (SEAM) |
4356377, 4425845, 4440161 |
Buffer overflow vulnerabilities in keyboard DDX module |
4392144, 4434978 |
catman makes dangerous use of tmpfiles |
4406722 |
Buffer overflow in cu(1C) allows access as uucp UID |
4409676, 4444745 |
CERT Advisory CA-2001-02 / Solaris DNS (BIND) vulnerabilities |
4412996, 4451002 |
Buffer overflow in snmpXdmid allows remote root compromise |
4414237 |
snmpXdmi has hard-coded security strings |
4416701 |
Buffer overflow in uucp can allow access as uucp UID |
4430971 |
tip, getent() can ignore supplied buffer size |
4432295 |
send() with a negative "len" arg puts kernel in a loop - DOS attack |
4436988 |
CERT CA-2001-07 / Globbing problem in in.ftpd |
4439142 |
Kernel preemption can corrupt floating point register |
4448598 |
Buffer overflow in |
4449613 |
Buffer overflow in libsldap.so.1 compromises root |
4450699 |
Solaris Intel system can panic from user process |
4451291 |
CDE: Buffer overflow in libXm.so.4 |
4456994 |
Buffer overflow in rpc.yppasswdd |
4465086 |
Buffer overflow in /bin/mail |
4477380 |
Buffer overflow in /usr/bin/whodo via |
4370975, 4414939 |
CDE: Motif text widget accesses illegal memory addresses |
4411170 |
CDE: dtfile dumps core at draw_separator() when resizing window |
4446925, 4458432 |
in.lpd contains a remote exploitable overflow |
4448655 |
telmod.c could panic the system |
4452732 |
Buffer overflow in mailx |
4466215, 4482260 |
ckitem(1) could cause stack overflow |
4499995 |
Format string vulnerability in ToolTalk Database Server |
Table 1-2 Solaris Bug Fixes Integrated in Trusted Solaris 8 4/01
Solaris Bug Number |
Synopsis |
---|---|
4418312 |
turnstile_block() does not accurately detect cycle in blocking chain |
4300800 |
inet_ntop(): BAD TRAP: type=e (Page Fault) rp=ef4229d8 addr=e0f1007 |