Patch-ID# 113319-22 Keywords: security udp rpc crypt plugin hash nispasswdd segv nis ldap libnisdb Synopsis: SunOS 5.9: libnsl nispasswdd Patch Date: Apr/25/2005 Install Requirements: Reboot immediately after patch is installed Install in Single User Mode Solaris Release: 9 SunOS Release: 5.9 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 113719 Topic: SunOS 5.9: libnsl nispasswdd Patch Relevant Architectures: sparc BugId's fixed with this patch: 1226166 4152876 4156580 4192824 4248430 4353836 4390053 4503714 4517003 4644308 4648085 4655472 4668699 4674036 4680691 4684558 4686960 4687778 4688447 4690775 4691127 4700602 4710928 4724357 4727726 4738852 4745909 4753610 4756113 4757387 4765506 4767276 4772960 4806914 4817833 4823553 4825334 4828271 4915053 4941669 4966526 4973536 4977978 4990222 4996337 4997108 5016629 5071759 5106725 5109439 Changes incorporated in this version: 4503714 4686960 4757387 4941669 4996337 4997108 5071759 5109439 Patches accumulated and obsoleted by this patch: 113481-03 115165-05 115492-01 Patches which conflict with this patch: Patches required with this patch: 112874-16 (or greater) Obsoleted by: Files included with this patch: /usr/include/rpcsvc/nis.x /usr/include/rpcsvc/nislib.h /usr/lib/abi/abi_libnsl.so.1 /usr/lib/abi/sparcv9/abi_libnsl.so.1 /usr/lib/libnisdb.a /usr/lib/libnisdb.so.2 /usr/lib/libnsl.a /usr/lib/libnsl.so.1 /usr/lib/llib-lnsl /usr/lib/llib-lnsl.ln /usr/lib/nis/nisping /usr/lib/sparcv9/libnsl.so.1 /usr/lib/sparcv9/llib-lnsl.ln /usr/sbin/rpc.nisd /usr/sbin/rpc.nispasswdd Problem Description: 4503714 rpc.nisd memory leaks and SEGVs 4686960 NIS+ replica/domain hangs if master is gone and TTL expires on replica 4757387 Several daemons die with same stack trace strlen/xdr_nis_name/xdr_directory_obj 4941669 getpwent() calls core dump. 4996337 Replica stuck sleeping in replica_update following nismkdir/nisrmdir 4997108 Spurious nis_db_sync_log errors in syslog (info level) 5071759 Minor memory bugs prevent effective use of libumem with rpc.nisd 5109439 rpc.nisd stuck looping in __nis_path() (from 113319-21) 5106725 netname to user resolution won't work for ldap (from 113319-20) 4644308 when public network is down, switching to a user using "su" hangs (from 113319-19) 4966526 Problem using RPC_SVC_CONNMAXREC_SET when using the rpc mode RPC_SVC_MT_USER (from 113319-18) 4817833 mountd randomly dumps core 4745909 _get_hostserv_inetnetdir_byname/NETDIR_BY may return success on failure 4915053 nss_setent() always fails for setpwent() 4973536 libnsl - t_getprotaddr memory leak 4977978 Application deadlock in t_snd (libnsl) library call (from 113319-17) 4738852 NIS: ypserv dev udp opened failed (from 113319-16) 4757387 Several daemons die with same stack trace strlen/xdr_nis_name/xdr_directory_obj (from 113319-15) 4684558 NIS server doesn't answer ypbind broadcast request on IPMP failed over interface (from 113319-14) 4765506 NIS+ password problems with Solaris 9 (from 113319-13) 4828271 clnt_create()/clnt_create_timed() don't timeout with unexpected UDP. (from 113319-12) 4353836 if more than 255 file descriptors are already open then gethostbyname fails 4152876 getspnam_r() fails due to use of fopen() in libnsl.so in applications under load 4156580 getnetlist uses fopen, limiting RPC to 256 descriptors (from 113319-11) 4767276 rpcbind can be killed remotely (from 113319-10) 4668699 buffer overflow in dbm_open and dbminit (except the one in libc) (from 113319-09) 4825334 113319-06+ needs a dependency on 112874-07+ (from 113319-08) The bug fix for this revision was excluded due to the bug 4825334 (from 113319-07) 4710928 rpcbind exits with segv on both cluster node (from 113319-06) 4727726 NIS+ user unable to change his/her passwd. (from 113319-05) 4772960 Several patches have pkginfo and patchinfo files that fail consistency checking (from 113319-04) 4680691 doctored rpc calls over UDP can bring down machines through rpcbind (from 113319-03) 1226166 rpcbind does not bind with the correct network interface 4690775 nisplus_ldap_udt: rpcbind got killed and core dump during nisplus server setup (from 113319-02) 4517003 ypserv spinning after client disconnects 4648085 automountd dumps core freeing an illegal address in __svc_dupcache_victim() (from 113319-01) 4691127 Possible type overflow in xdr_array (from 113481-03) 4753610 rpc.nispasswdd::nis_object2passwd() makes rpc.nispasswdd dump core (from 113481-02) 4756113 libc version number is incorrect in s9u2 (from 113481-01) 4390053 crypt(3c) needs to interoperate with BSD and Linux 4248430 RFE: NIS+ should support alternate encryption algorithms for the user password 4192824 newkey/chkey should use a configurable crypt() to encrypt the users password 4700602 crypt_gensalt should be version SUNW_1.22 instead of SUNW_1.21 (from 115165-05) 5016629 NIS+2LDAP: rpc.nisd does not re-BIND to DS after DS was restarted (from 115165-04) 4990222 ypxfrd does not consistently create netgroup maps (from 115165-03) 4724357 NIS+LDAPmapping: searches for creduser in ou=Hosts are causing high overload (from 115165-02) This patch revision accumulates/obsoletes Solaris Update s9u5 feature point patch 115492-01. (from 115165-01) 4655472 segv in rpc.nisd on x86 stc tests (from 115492-01) 4823553 NIS to LDAP transition project (N2L) 2001/282 4806914 Use of multiple domains corrupts data in the mapping elements while parsing 4687778 Parser cannot process blank lines with tab spaces. 4688447 Parser cannot parse lines with unescaped '#' 4674036 get_lhs_match frees __nis_mapping_element_t even though it contains useful data. Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-10 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- In order for this patch to take effect, your system must be rebooted immediately after the patch has been installed. In order for this patch to take effect, your system must be rebooted immediately after the patch has been installed. NOTE 1: To get the complete Flexible Crypt feature, please also install the following patches: 112874-06 (or greater) libc 113475-01 (or greater) libsecurity crypt 113476-01 (or greater) passwdutil.so.1 113480-01 (or greater) pam_unix Patch 113482-01 (or greater) sbin/sulogin 113483-01 (or greater) rpc.ypasswdd NOTE 2: The fix for bug# 4680691 uncovered a bug (4775198) in the SUNWjbcp package. A patch for this bug has been released as 114153-01. This patch or a later revision of it has to be installed if you use the SUNWjbcp package. NOTE 3: To get the complete fix for bugids 1226166 and 4690775, please also install the following patch: 113330-01 (or greater) rpcbind patch NOTE 4: To get the complete fix for BugID 4353836, please also install the following patches: 112874-16 (or greater) libc patch (must be the 1st patch to be installed) 112970-05 (or greater) libresolv patch 115545-01 (or greater) nss_files patch 115542-01 (or greater) nss_user patch 115544-01 (or greater) nss_compat patch NOTE 5: To get the complete fix for BugID 4828271, please also install the following patch: 112874-16 (or greater) libc patch NOTE 6: To get the complete fix for BugID 4765506, please also install the following patch: 113476-08 (or greater) passwdutil.so.1 patch NOTE 7: To get the complete fix for BugID 4915053 please also install the following patch: 112874-25 (or greater) libc patch NOTE 8: To get the complete fix for BugID 4644308 please also install the following patch: 117431-01 (or greater) nss_nis patch NOTE 9: To get the complete NIS to LDAP Transition Project, please also install the following patches: 113579-02 (or greater) YP components patch 115677-01 (or greater) idsconfig patch README -- Last modified date: Monday, April 25, 2005