Patch-ID# 104241-23 Keywords: security y2000 libX11 Xsun HP OpenView Node Manager 6.1 Synopsis: OpenWindows 3.5.1_x86: Xsun Patch Date: Aug/06/2002 Install Requirements: None Solaris Release: 2.5.1_x86 SunOS Release: 5.5.1_x86 Unbundled Product: OpenWindows Unbundled Release: 3.5.1_x86 Xref: This patch is available for SPARC as patch 103566 Topic: Relevant Architectures: i386 BugId's fixed with this patch: 1173815 1210990 1254504 1266793 4006666 4036289 4048352 4062802 4067299 4077223 4143461 4145697 4149801 4152947 4156993 4162373 4178868 4184297 4192179 4200108 4202465 4211145 4263074 4291215 4304268 4323164 4332966 4333070 4383751 4483090 4661987 Changes incorporated in this version: 4661987 Patches accumulated and obsoleted by this patch: 105106-01 105109-01 105289-01 Patches which conflict with this patch: Patches required with this patch: 103641-35 or greater Obsoleted by: Files included with this patch: /usr/openwin/bin/fbconsole /usr/openwin/bin/xlock /usr/openwin/bin/xterm /usr/openwin/lib/libX11.a /usr/openwin/lib/libX11.so.4 /usr/openwin/lib/libdga.so.1 /usr/openwin/lib/libp/libX11.a /usr/openwin/server/lib/libcfb.so.1 /usr/openwin/server/lib/libcfb16.so.1 /usr/openwin/server/lib/libcfb32.so.1 /usr/openwin/server/lib/libcfb4.so.1 /usr/openwin/server/lib/libfont.so.1 /usr/openwin/server/lib/libmfb.so.1 /usr/openwin/server/lib/libmi.so.1 /usr/openwin/bin/Xsun Problem Description: 4661987 CAN-2002-0158: Xsun "-co" heap overflow (from 104241-22) 4483090 xlock buffer overflow (from 104241-21) 4383751 Xsun dumps core with HP OpenView Node Manager 6.1 (from 104241-20) 4323164 fbconsole should open /dev/console with O_NOCTTY (from 104241-19) 4332966 security: Xsun has a buffer overflow 4333070 X setuid/setgid binary permissions need to be changed (from 104241-18) 1254504 xserver crashes upon cde startup in build 10 (from 104241-17) 4304268 Xserver crashes in Taiwanese locale 4149801 libfont has a possible buffer overflow issue (from 104241-16) 1173815 Xsun crashes drawing the "X" logo (from 104241-15) 4263074 Cu's own app slows down the Xserver when patch 103566-43 is installed (from 104241-14) 4291215 Cannot use large font after applying patch 103566-45 (from 104241-13) 4200108 Openwin starting gives X_mkdir Error:0" first time after system boot. (from 104241-12) 4202465 Patch 103566 causes hang in XDestroyWindow using ffb (from 104241-11) 4211145 Xserver does not handle 12x24 font correctly (from 104241-10) 4162373 winlock at start of Pro/E R20 with XGL/ZX/openwindows causing graphics problem (from 104241-09) 4192179 cu has his own application that crashes the xserver. 4184297 CDE not sending the correct signals when CDE is killed (XTERM) (from 105289-01) 4048352 xterm y2000 - Incorrect timestamp on Tek COPY (from 105109-01) 4036289 Xlock has security problem (from 104241-08) 4145697 Linking Patran with pthreads library crashes XGL driver 4178868 Large, multi-threaded X application hangs in _XFlushInt 4143461 "bin" gid of Xsun in patch 103566-xx causing ow startup to fail from commandline (from 104241-07) 4152947 XInitThreads doesn't work when patch 103566-34 is installed 4067299 Xsun security issue (from 104241-06) 4156993 Xsun crashes when accessing converted fonts. (from 104241-05) 4077223 Install of patch 104241-03 and above causes regular user not be able to run openwin. (from 104241-04) 4062802 Needless characters are added at dragging and dropping at Solaris 2.5.1. (from 104241-03) (from 105106-01) 1266793 Solaris 2.x libX11 security vulnerability (from 104241-02) 4006666 Recursive mutex lock in quark routine causes hang (from 104241-01) 1210990 option "-dpi" of "openwin" command does not work Patch Installation Instructions: -------------------------------- Refer to the Install.info file for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below as special instructions. Special Install Instructions: ----------------------------- None. README -- Last modified date: Tuesday, August 6, 2002