Patch-ID# 121957-01 NOTE: *********************************************************************** READ THE TERMS OF THE AGREEMENT ("AGREEMENT") IN THE LEGAL_LICENSE.TXT FILE CAREFULLY BEFORE USING THIS SOFTWARE. BY USING THE SOFTWARE, YOU AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS, PROMPTLY DESTROY THE UNUSED SOFTWARE. *********************************************************************** Keywords: qsh qrsh qlogin root security vulnerability Synopsis: N1 Grid Engine 6.0: security patch Date: Jan/20/2006 Install Requirements: See Special Install Instructions Solaris Release: 7 8 9 10 SunOS Release: 5.7 5.8 5.9 5.10 Unbundled Product: N1 Grid Engine Unbundled Release: 6.0 Xref: See patch matrix below Topic: Relevant Architectures: sparc BugId's fixed with this patch: 6366691 Changes incorporated in this version: 6366691 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: 118130-08 Patches required with this patch: 118130-07 (or greater) Obsoleted by: Files included with this patch: /utilbin/sol-sparc64/rsh Problem Description: 6366691 utilbin//rsh can be used to gain root access Patch Installation Instructions: -------------------------------- For Solaris 7, 8, 9 and 10 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. See the "Special Install Instructions" section below before installing this patch. Patch requirements and patch matrix for N1 Grid Engine 6 packages ----------------------------------------------------------------- This patch fixes only CR6366691 and can be installed for every patch level of the binary packages of the N1 Grid Engine 6.0 software up to and including N1 Grid Engine 6.0u7. Later updates of N1 Grid Engine 6.0 will include this fix. To verify if your installation is at patch level N1GE 6.0u7 or earlier see the binary patch matrix below. 1. Patches for packages in Sun pkgadd format --------------------------------------------------- Package name* OS* Architecture* Patch-Id ----------------------------------------------------------------- SUNWsgee Solaris, Sparc, 32bit sol-sparc 118094-07 SUNWsgeex Solaris, Sparc, 64bit sol-sparc64 118130-07 SUNWsgeex Solaris x86 sol-x86 118131-07 SUNWsgeeax Solaris, x64 (AMD64) sol-amd64 120438-03 SUNWsgeec all common 118132-07 SUNWsgeea all arco 118133-05 SUNWsgeed all doc 119846-02 *Package Name = see pkginfo(1) *OS = Operating system *Architecture = N1 Grid Engine binary architecture string or "common" = architecture independent packages "arco" = Accounting and Reporting console "doc" = PDF documentation "gemm" = Grid Engine Management Module for Sun Control Station (SCS) (tar.gz only) 2. Patches for packages in tar.gz format ----------------------------------------------- OS* Architecture Patch-Id ----------------------------------------------------- Solaris, Sparc, 32bit sol-sparc 118082-07 Solaris, Sparc, 64bit sol-sparc64 118083-07 Solaris, x86 sol-x86 118084-07 Solaris, x64 (AMD64) sol-amd64 120439-03 Linux kernel2.4/2.6, x86 lx24-x86 118085-07 Linux kernel2.4/2.6, AMD64 lx24-amd64 118086-07 IBM AIX 4.3 aix43 118087-07 IBM AIX 5.1 aix51 118088-07 Apple MAC OS/X darwin 118089-07 HP HP-UX 11 hp11 118090-07 SGI Irix 6.5 irix65 118091-07 Microsoft Windows win32-x86 120434-03 all common 118092-07 all arco 118093-05 all doc 119861-02 Solaris, Linux gemm 120435-02 Special Install Instructions: -------------------------- None. README -- Last modified date: Friday, January 20, 2006