The Trusted Solaris 8 HW 12/02 release includes all product patches and bug fixes incorporated into the Solaris 8 HW 12/02 release. Use the showrev -p command to see the list of patches that are included in the release.
Additional bug fixes that are included in the Trusted Solaris 8 HW 12/02 release are listed in the following table. Most of the fixes are security bug fixes.
Table 1–1 Solaris Bug Fixes Incorporated Into the Trusted Solaris 8 HW 12/02 Release
Solaris Bug Number |
Synopsis |
---|---|
1159193 |
fmodsw needs to be dynamically allocated |
1255897 |
Arbitrary data attributes are being printed by praudit in a confusing way |
1262891 |
fbconsole core dumps if incorrect permissions on /tmp |
4059965 |
praudit has problems displaying paths with non-ASCII characters |
4280870 |
pcmcia is writing a directory and file that is owned by root |
4367223 |
In certain erroneous conditions the mount() call leaves kernel locks held |
4382410 |
“Missing message #18022” displays on front panel at installation |
4397459 |
*ed* creates temporary files in an insecure manner |
4457722 |
MLD general queries with maximum report delay of 0 can panic the Solaris x86 kernel |
4464517 |
RED State Exception on SB100/SB1000 while booting with Addonics USB DVD |
4508268 |
praudit and auditreduce do not work with RBAC profile entries |
4545809 |
mount() system call can panic machine |
4545858 |
mount(2) man page is incorrect with several issues |
4548739 |
Security vulnerability involving pmconfig |
4617380 |
Panic: assertion failure pm_cfb_comps_off |
4619275 |
pmconfig does not check bounds while processing user input |
4619526 |
powerd does not check bounds while processing user input |
4621278 |
IPv6 home address option has security concerns |
4621760 |
ftp debug output includes passwords in clear text form |
4649509 |
fdformat reads any file as boot sector |
4649511 |
fdformat contains a race condition |
4655066 |
crle: -u with nonexistent config file does not work |
4661997 |
Buffer overflow in dbm_open() |
4664152 |
TPI connection response is extremely hazardous |
4668699 |
Buffer overflow in dbm_open() and dbminit() |
4677620 |
Security issue in sysinfo() |
4680691 |
Doctored rpc calls over UDP can bring down machines through rpcbind |
4702931 |
Ordinary user can panic machine using crafted /dev/arp messages |
4708822 |
priocntl() can load a user module and gain access to system |
4712864 |
TCP_IOC_ABORT_CONN leaks kernel memory |
4725286 |
Panic: recursive rw_enter caused by sendfilev() |
4728754, 4777632 |
sad needs to validate input |
4729683 |
modload() could do some checking before loading a module |
4732677 |
TCP_IOC_ABORT_CONN leaks kernel memory |
4737417 |
ypxfrd security issue with map handling |
4737861 |
IP module allows an unprivileged process to generate raw IP packet |
4740832 |
fbconsole creates tmp files unsafely |
4756570 |
sendmail does not handle some .forward constructs correctly |
4763520 |
TCP accepts connection response queue in T_CONN_RES without validation |
4756979 |
uucp contains a buffer overflow |
4767276, 4778962 |
rpcbind can be killed remotely |
4776480 |
at -r job name handling and race conditions |
4777715 |
CERT Advisory CA-2002-31: Multiple Remote Vulnerabilities in BIND |
4786593 |
pkgadd fails with size issue when space file is present |
4788209 |
/usr/dt/bin/dtprintinfo $HOME environment variable overflow |
4788212 |
/usr/dt/bin/dtsession $HOME environment variable overflow |
4789120 |
Floating point operations in getfpregs() may cause unexpected traps |
4790725 |
Port of patch 109896 to the Trusted Solaris release |
4798301 |
Ordinary user can panic the Solaris x86 kernel |
4804524 |
getfpregs() spuriously enables FPU on sparcv9 |
4809539 |
CERT Advisory CA-2003-07: Remote Buffer Overflow in Sendmail |