Solaris Bug Fixes Incorporated Into This Release
The Trusted Solaris 8 HW 12/02 release includes all product patches and bug fixes incorporated into the Solaris 8 HW 12/02 release. Use the showrev -p command to see the list of patches that are included in the release.
Additional bug fixes that are included in the Trusted Solaris 8 HW 12/02 release are listed in the following table. Most of the fixes are security bug fixes.
Table 1–1 Solaris Bug Fixes Incorporated Into the Trusted Solaris 8 HW 12/02 Release|
Solaris Bug Number |
Synopsis |
|---|---|
|
1159193 |
fmodsw needs to be dynamically allocated |
|
1255897 |
Arbitrary data attributes are being printed by praudit in a confusing way |
|
1262891 |
fbconsole core dumps if incorrect permissions on /tmp |
|
4059965 |
praudit has problems displaying paths with non-ASCII characters |
|
4280870 |
pcmcia is writing a directory and file that is owned by root |
|
4367223 |
In certain erroneous conditions the mount() call leaves kernel locks held |
|
4382410 |
“Missing message #18022” displays on front panel at installation |
|
4397459 |
*ed* creates temporary files in an insecure manner |
|
4457722 |
MLD general queries with maximum report delay of 0 can panic the Solaris x86 kernel |
|
4464517 |
RED State Exception on SB100/SB1000 while booting with Addonics USB DVD |
|
4508268 |
praudit and auditreduce do not work with RBAC profile entries |
|
4545809 |
mount() system call can panic machine |
|
4545858 |
mount(2) man page is incorrect with several issues |
|
4548739 |
Security vulnerability involving pmconfig |
|
4617380 |
Panic: assertion failure pm_cfb_comps_off |
|
4619275 |
pmconfig does not check bounds while processing user input |
|
4619526 |
powerd does not check bounds while processing user input |
|
4621278 |
IPv6 home address option has security concerns |
|
4621760 |
ftp debug output includes passwords in clear text form |
|
4649509 |
fdformat reads any file as boot sector |
|
4649511 |
fdformat contains a race condition |
|
4655066 |
crle: -u with nonexistent config file does not work |
|
4661997 |
Buffer overflow in dbm_open() |
|
4664152 |
TPI connection response is extremely hazardous |
|
4668699 |
Buffer overflow in dbm_open() and dbminit() |
|
4677620 |
Security issue in sysinfo() |
|
4680691 |
Doctored rpc calls over UDP can bring down machines through rpcbind |
|
4702931 |
Ordinary user can panic machine using crafted /dev/arp messages |
|
4708822 |
priocntl() can load a user module and gain access to system |
|
4712864 |
TCP_IOC_ABORT_CONN leaks kernel memory |
|
4725286 |
Panic: recursive rw_enter caused by sendfilev() |
|
4728754, 4777632 |
sad needs to validate input |
|
4729683 |
modload() could do some checking before loading a module |
|
4732677 |
TCP_IOC_ABORT_CONN leaks kernel memory |
|
4737417 |
ypxfrd security issue with map handling |
|
4737861 |
IP module allows an unprivileged process to generate raw IP packet |
|
4740832 |
fbconsole creates tmp files unsafely |
|
4756570 |
sendmail does not handle some .forward constructs correctly |
|
4763520 |
TCP accepts connection response queue in T_CONN_RES without validation |
|
4756979 |
uucp contains a buffer overflow |
|
4767276, 4778962 |
rpcbind can be killed remotely |
|
4776480 |
at -r job name handling and race conditions |
|
4777715 |
CERT Advisory CA-2002-31: Multiple Remote Vulnerabilities in BIND |
|
4786593 |
pkgadd fails with size issue when space file is present |
|
4788209 |
/usr/dt/bin/dtprintinfo $HOME environment variable overflow |
|
4788212 |
/usr/dt/bin/dtsession $HOME environment variable overflow |
|
4789120 |
Floating point operations in getfpregs() may cause unexpected traps |
|
4790725 |
Port of patch 109896 to the Trusted Solaris release |
|
4798301 |
Ordinary user can panic the Solaris x86 kernel |
|
4804524 |
getfpregs() spuriously enables FPU on sparcv9 |
|
4809539 |
CERT Advisory CA-2003-07: Remote Buffer Overflow in Sendmail |
- © 2010, Oracle Corporation and/or its affiliates