Patch-ID# 124207-01 NOTE: *********************************************************************** READ THE TERMS OF THE AGREEMENT ("AGREEMENT") IN THE LEGAL_LICENSE.TXT FILE CAREFULLY BEFORE USING THIS SOFTWARE. BY USING THE SOFTWARE, YOU AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS, PROMPTLY DESTROY THE UNUSED SOFTWARE. *********************************************************************** Keywords: security libtsol libtsnet Synopsis: SunOS 5.10_x86: libtsol patch Date: Oct/09/2006 Install Requirements: Reconfigure immediately after patch is installed Install in Single User Mode Solaris Release: 10_x86 SunOS Release: 5.10_x86 Unbundled Product: Unbundled Release: Xref: Topic: SunOS 5.10_x86: libtsol patch Relevant Architectures: i386 BugId's fixed with this patch: 5039974 5080821 6227744 6249707 6268229 6270225 6293271 6313214 6355953 6378316 6389264 6391893 6394554 6398564 6399963 6403267 6404051 6404290 6404563 6404654 6404729 6404877 6405400 6405777 6406097 6407402 6407920 6411400 6411980 6412471 6413767 6413809 6414797 6415528 6431503 6433603 6450052 Changes incorporated in this version: 6415528 6431503 6433603 6450052 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /lib/amd64/libtsnet.so /lib/amd64/libtsnet.so.1 /lib/amd64/libtsol.so /lib/amd64/libtsol.so.2 /lib/amd64/llib-ltsnet.ln /lib/amd64/llib-ltsol.ln /lib/libtsnet.so.1 /lib/libtsol.so /lib/libtsol.so.2 /lib/llib-ltsnet /lib/llib-ltsnet.ln /lib/llib-ltsol /lib/llib-ltsol.ln /usr/lib/amd64/libtsnet.so /usr/lib/amd64/libtsnet.so.1 /usr/lib/amd64/libtsol.so /usr/lib/amd64/libtsol.so.2 /usr/lib/amd64/llib-ltsnet.ln /usr/lib/amd64/llib-ltsol.ln /usr/lib/libtsnet.so /usr/lib/libtsnet.so.1 /usr/lib/libtsol.so /usr/lib/libtsol.so.2 /usr/lib/llib-ltsnet.ln /usr/lib/llib-ltsol.ln Problem Description: 5080821 auditconfig(1M)'s usage message is not up-to-date 6249707 auditconfig has unused variables 6378316 auditconfig has undocumented commands that do nothing and undocumented redundant commands 6398564 auditconfig TX code review issues. 6407402 Named pipes should work between labeled zones to support write up. 6411980 getlabel(2) returns wrong label for lofs mounted FIFOs 6415528 syslog plugin TX code review issues 6431503 label_to_str printer_caveats and printer_channels always start with a space 6433603 panic occurs when setting the audit flags to "all" 6394554 integrate Solaris Trusted Extensions 5039974 modhash could do with an mdb walker 6227744 sys/modhash.h has an unnecessary nested include 6268229 gcc and snoop don't get along 6270225 gcc and route don't get along 6293271 Zone processes should use zone_kcred instead of kcred 6313214 hextoalabel(1M) succeeds with hexadecimal label that is invalid by one character 6355953 assertion failed: cpu == CPU, file: ../../i86pc/vm/hat_i86.c, line: 925 6403267 address remaining issues raised during TX code reviews 6389264 acl_totext needs support for bypassing nameservice lookup 6391893 acl_totext support for bypassing nameservice lookup needs to support ZFS-style ACLs 6399963 get_zone_pool() isn't consistent with its return values ##patch3# 123423-01 6404051 ABI versioning is missing for sparcv9 and amd64 libtsnet 6404290 snoop uses is_system_labeled as if it were a variable 6404563 Trusted integration breaks part of ucred propagation 6404654 zoneadm mount command fails on labeled systems 6404729 libtsol changes needed for gcc 6404877 Classifications should be ranged checked during label conversions 6405400 sctp_send_abort() tips over referencing uninitialized variable 6405777 SCTP cannot find a correct source address 6406097 tsol_option_set breaks userland IP option setting 6407920 TX panic during lo_mount 6411400 Solaris trusted extensions putback breaks SC build 6412471 str_to_label error offsets into the string are dependent on leading spaces. 6413767 sort out libc versions for U3 (and TLC) 6413809 Trusted Extensions automount daemon failure in reading-down over NFS 6414797 code in zone_find_by_any_path generates bad assembly code and panics, can be worked around with change 6450052 missing TX deliverables Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-10 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- Please note that not all patches listed in the following "NOTEs" are necessarily being released at the same time as this patch. This staggered release allows this patch to deliver other fixes now (outside of the complementary fixes detailed with the other patches listed below.) NOTE 1: If you're planning to set up Zones on this system, please make sure to install the following patch which fixes bugid 6216195 (zone installation confused by UPDATE=yes in pkginfo(4) file.) 119255-06 (or greater) Install and Patch Utilities Patch NOTE 2: To obtain the complete Solaris Trusted Extensions functionality support, please install the following patches: 118855-25 (or greater) kernel patch 118891-03 (or greater) llib-lc patch 120037-08 (or greater) ldap patch 120053-04 (or greater) pam library patch 120846-02 (or greater) audit patch 122659-06 (or greater) zonecfg patch 122661-03 (or greater) zoneadm patch 122663-06 (or greater) libzonecfg patch 123840-01 (or greater) FMA Patch README -- Last modified date: Monday, October 9, 2006