Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: old post on securing a sunos 4.1.* box

From: yzarn () chevron com (Philip Yzarn de Louraille)
Date: Mon, 30 Jan 1995 18:16:23 -0800

Here is the 4.1.3_u1 one:


From
lhdsy1!uunet!usc!howland.reston.ans.net!gatech!newsxfer.itd.umich.edu!zip.eecs.umich.edu!yeshua.marcam.com!news.kei.com!babbage.ece.uc.edu!thor!montjoy
Sat Jul  9 18:59:19 PDT 1994
Article: 6510 of comp.security.unix
Path:
lhdsy1!uunet!usc!howland.reston.ans.net!gatech!newsxfer.itd.umich.edu!zip.eecs.umich.edu!yeshua.marcam.com!news.kei.com!babbage.ece.uc.edu!thor!montjoy
From: montjoy () thor uucp (Robert Montjoy)
Newsgroups: comp.sys.sun.admin,comp.security.unix
Subject: Re: SunOS 4.1.3 security patches?
Keywords: sunos,security
Message-ID: <2vfcjl$gti () babbage ece uc edu>
Date: 6 Jul 94 22:52:36 GMT
References: <2vf915$pr9 () terminator ncts navy mil>
Organization: University of Cincinnati, ECE Dept
Lines: 642
Xref: lhdsy1 comp.sys.sun.admin:35183 comp.security.unix:6510
NNTP-Posting-Host: thor.ece.uc.edu

In article <2vf915$pr9 () terminator ncts navy mil>,
Mike Jenkins <mjenkins () ncts navy mil> wrote:

What are the security patches required for SunOS 4.1.3?

I want to "wipe the slate clean" and load a machine with
SunOS 4.1.3_U1, bind 4.9.3, and sendmail 8.6.9.



Here is the SunOS 4.1.3_U1 patch list. Note: for the most
part a whole new set of patches is required for SunOS4.1.3_U1
versus 4.1.3.


It seems you should be able to get these from sunsite.unc.edu...
in the /pub/sun-info/sun-patches directory. (I do not know if
they want people to know about it). Also, most if not
all can be found on thor.ece.uc.edu in /pub/sun-faq/SunOS4.1.3_U1.patches




                 Title: Solaris 1.1.1 Patch Report Update
                            as of 30/Jun/94




















              SunService, A Sun Microsystems, Inc. Business





==========================================================================
Report Notes Section:
==========================================================================

This report is generated to provide a summary list of patches released
and available from SunService for the listed release level.  There are
bi-weekly updates of this report.  This report is also made available to
customers via the SunSolve service in the "Information Documents section."

The "Quick Reference Section" provides a listing of any new patches or
existing patch rev changes since last update report, obsoleted patches,
security patches, and a listing of the current recommended patches.

Recommended patches are considered the most important and highly
recommended patches that avoid the most critical system, user, or
security related bugs which have been reported and fixed to date.
A released patch not listed on the recommended list does not imply that
it should not be used if needed.  In many cases a security patch will be
listed in both the security patch section and recommended patch section.
A security patch, however, may not be listed in the recommended section
if it is determined to be a more application dependent issue and may not
be generally relevant.

All listed patches are available via patch database servers or other
patch access services unless they are superseded by a newer rev or patch.
It is possible that a patch listed in this report was just released
as of the report date and may not actually appear in a local patch
database for another 24-48 hours.

Any customer issues related to these patches should be directed into
normal support channels and escalated if necessary.

Solaris 1.1.1 contains SunOS 4.1.3_U1 and OpenWindows 3.0 releases.
SunOS 4.1.3_U1 patches are unique from SunOS 4.1.3.  SunOS 4.1.3
patches should not be applied to SunOS 4.1.3_U1.  For 4.1.3_U1,
use only the patches listed in this report.  The OpenWindows 3.0
release is common to both Solaris 1.1 and 1.1.1, and thus the
OpenWindows 3.0 patches apply to both these Solaris releases.

The Solaris 1.1.1 patches are compatible with both versions A and B
of Solaris 1.1.1, unless otherwise stated in the patch README file.



==========================================================================
Quick Reference Section:
==========================================================================

New Patches Released Since Last Report:
---------------------------------------

101833-01   SunOS 4.1.3_U1: Can't net install 5.3 Edition II from 4.1.x server

Update Revs Released Since Last Report:
---------------------------------------

(No changes)





Solaris 1.1.1 Recommended Patches:
------------------------------------------------

101434-03   SunOS 4.1.3_U1: lpr Jumbo Patch
101436-02   SunOS 4.1.3_U1: bin/mail jumbo patch
101440-01   SunOS 4.1.3_U1: security problem: methods to exploit login/su
101508-06   SunOS 4.1.3_U1: sun4m kernel jumbo patch
101509-01   SunOS 4.1.3_U1: SS10-51 or SS600-51 may hard hang or watchdog reset
101558-01   SunOS 4.1.3_U1: international libc jumbo patch
101579-01   SunOS 4.1.3_U1: Security problem with expreserve for Solaris 1.1.1
101587-01   SunOS 4.1.3_U1: security patch for mfree and icmp redirect
101592-01   SunOS 4.1.3_U1: UFS file system corruption and panic
101621-02   SunOS 4.1.3_U1: Jumbo tty patch
101665-02   SunOS 4.1.3_U1: sendmail jumbo patch
101679-01   SunOS 4.1.3_U1: Breach of security using modload
101759-01   SunOS 4.1.3_U1: domestic libc jumbo patch
100444-58   OpenWindows 3.0: Server Jumbo Patch 3000-107
100448-02   OpenWindows 3.0: loadmodule is a security hole.
100452-61   OpenWindows 3.0: XView 3.0 Jumbo Patch
100478-01   OpenWindows 3.0: xlock crashes leaving system open



Solaris 1.1.1 Patches Containing Security Fixes:
------------------------------------------------

101434-03   SunOS 4.1.3_U1: lpr Jumbo Patch
101436-02   SunOS 4.1.3_U1: bin/mail jumbo patch
101440-01   SunOS 4.1.3_U1: security problem: methods to exploit login/su
101558-01   SunOS 4.1.3_U1: international libc jumbo patch
101579-01   SunOS 4.1.3_U1: Security problem with expreserve for Solaris 1.1.1
101587-01   SunOS 4.1.3_U1: security patch for mfree and icmp redirect
101621-02   SunOS 4.1.3_U1: Jumbo tty patch
101665-02   SunOS 4.1.3_U1: sendmail jumbo patch
101679-01   SunOS 4.1.3_U1: Breach of security using modload
101759-01   SunOS 4.1.3_U1: domestic libc jumbo patch
100448-02   OpenWindows 3.0: loadmodule is a security hole.
100452-61   OpenWindows 3.0: XView 3.0 Jumbo Patch
100478-01   OpenWindows 3.0: xlock crashes leaving system open

*=indicates a security patch not listed in the Recommended Patch List,
  usually because the patch is determined to be more application dependent
  and may not be generally relevant.




Solaris 1.1.1 Obsoleted Patches:
------------------------------------------------

101487-01   OBSOLETED by 101508
101386-01   OBSOLETED by 100448
101393-01   OBSOLETED by 100444



==========================================================================
Solaris 1.1.1 Complete Listing of Released Patches:
==========================================================================

Total Patches:  90
Total Bugfixes: 549


SunOS Released Patch List:
------------------------------

Patch-ID# 101434-03
Synopsis: SunOS 4.1.3_U1: lpr Jumbo Patch
BugId's fixed with this patch: 1057834 1048004 1099009 1050628 1112342 1133067
1154391
Changes incorporated in this version: 1154391

Patch-ID# 101435-01
Synopsis: SunOS 4.1.3_U1: ypserv fix
BugId's fixed with this patch: 1076977
Changes incorporated in this version:

Patch-ID# 101436-02
Synopsis: SunOS 4.1.3_U1: bin/mail jumbo patch
BugId's fixed with this patch: 1115042 1161618
Changes incorporated in this version: 1161618

Patch-ID# 101437-01
Synopsis: SunOS 4.1.3_U1: accounting jumbo patch
BugId's fixed with this patch: 1059412 1033692
Changes incorporated in this version:

Patch-ID# 101438-01
Synopsis: SunOS 4.1.3_U1: applications bind to same port if IP address supplied
BugId's fixed with this patch: 1052740
Changes incorporated in this version:

Patch-ID# 101439-01
Synopsis: SunOS 4.1.3_U1: system crashed tcp_Ercvconnect() from a NULL socket
pointer.
BugId's fixed with this patch: 1115102
Changes incorporated in this version:

Patch-ID# 101440-01
Synopsis: SunOS 4.1.3_U1: security problem: methods to exploit login/su
BugId's fixed with this patch: 1121935
Changes incorporated in this version:

Patch-ID# 101441-01
Synopsis: SunOS 4.1.3_U1: syslog messages gets confused.
BugId's fixed with this patch: 1109291
Changes incorporated in this version:

Patch-ID# 101442-02
Synopsis: SunOS 4.1.3_U1: ps(1) with "j" option may segmentation fault
BugId's fixed with this patch: 1108978
Changes incorporated in this version: fixed -01 problem with sun4m binary

Patch-ID# 101443-02
Synopsis: SunOS 4.1.3_U1: esp: SCSI Errors - "ILLEGAL bit set""watchdog reset"
BugId's fixed with this patch: 1161712 1136580 1096405
Changes incorporated in this version: 1161712 1136580

Patch-ID# 101444-01
Synopsis: SunOS 4.1.3_U1: "at" jobs are not running; job files are being
over-written.
BugId's fixed with this patch: 1116833
Changes incorporated in this version:

Patch-ID# 101445-01
Synopsis: SunOS 4.1.3_U1: quota exceeded console messages misleading
BugId's fixed with this patch: 1104800
Changes incorporated in this version:

Patch-ID# 101446-01
Synopsis: SunOS 4.1.3_U1: iostat reports incorrect SCSI device names on sun4m
BugId's fixed with this patch: 1129560
Changes incorporated in this version:

Patch-ID# 101447-01
Synopsis: SunOS 4.1.3_U1: tar does not restore original ownerships on sym links
BugId's fixed with this patch: 1095930
Changes incorporated in this version:

Patch-ID# 101449-01
Synopsis: SunOS 4.1.3_U1: PANICS WITH CLGET: NULL CLIENT
BugId's fixed with this patch: 1120254
Changes incorporated in this version:

Patch-ID# 101450-01
Synopsis: SunOS 4.1.3_U1: two messages displayed when using FKFORMAT_TRACK
ioctl
BugId's fixed with this patch: 1122913
Changes incorporated in this version:

Patch-ID# 101452-01
Synopsis: SunOS 4.1.3_U1: Exit of suntools from SunView causes panic: bad
rmfree
BugId's fixed with this patch: 1034701
Changes incorporated in this version:

Patch-ID# 101453-01
Synopsis: SunOS 4.1.3_U1: /usr/ucb/Mail does not pass comma separated address
as per RFC822
BugId's fixed with this patch: 1133937
Changes incorporated in this version:

Patch-ID# 101454-01
Synopsis: SunOS 4.1.3_U1: vacation(1) does not recognize aliases of the type
firstname.lastname
BugId's fixed with this patch: 1111359
Changes incorporated in this version:

Patch-ID# 101455-01
Synopsis: SunOS 4.1.3_U1: Using compress/uncompress over your quota can trash
files
BugId's fixed with this patch: 1133789
Changes incorporated in this version:

Patch-ID# 101456-01
Synopsis: SunOS 4.1.3_U1: diff -c dumps core
BugId's fixed with this patch: 1127380
Changes incorporated in this version:

Patch-ID# 101459-01
Synopsis: SunOS 4.1.3_U1: xd incorrectly handles xd_ferr
BugId's fixed with this patch: 1097055 1110209
Changes incorporated in this version:

Patch-ID# 101460-02
Synopsis: SunOS 4.1.3_U1: SunOS consumes all file descriptors when open()
returns an EINTR
BugId's fixed with this patch: 1131073
Changes incorporated in this version:

Patch-ID# 101461-03
Synopsis: SunOS 4.1.3_U1: csh, sh jumbo patch
BugId's fixed with this patch: 1023533 1054149 1167401
Changes incorporated in this version: 1167401

Patch-ID# 101462-01
Synopsis: SunOS 4.1.3_U1: tbl may dump core on sun-4; ok on sun-3
BugId's fixed with this patch: 1016791 1101482
Changes incorporated in this version:

Patch-ID# 101508-06
Synopsis: SunOS 4.1.3_U1: sun4m kernel jumbo patch
BugId's fixed with this patch: 1116706 1110382 1130786 1137976 1134185 1153766
1118195 1121151 1122110 1126760 1148420 1148412 1150390 1151384 1131290 1101875
1164753
Changes incorporated in this version: 1164753

Patch-ID# 101509-01
Synopsis: SunOS 4.1.3_U1: SS10-51 or SS600-51 may hard hang or watchdog reset
BugId's fixed with this patch: 1153766
Changes incorporated in this version:

Patch-ID# 101532-01
Synopsis: SunOS 4.1.3_U1: gt patch for sun4c and sun4m
BugId's fixed with this patch: 1137977 1153766
Changes incorporated in this version:

Patch-ID# 101539-01
Synopsis: SunOS 4.1.3_U1: GS Jumbo patch
BugId's fixed with this patch: 1112134 1101764 1137977 1153766
Changes incorporated in this version:

Patch-ID# 101558-01
Synopsis: SunOS 4.1.3_U1: international libc jumbo patch
Changes incorporated in this version: 1033104 1039485 1049421 1054748 1061777

Patch-ID# 101561-05
Synopsis: SunOS 4.1.3_U1: TTY settings change when rlogin into a 4.x system
from a 5.x system.
BugId's fixed with this patch: 1147895
Changes incorporated in this version:

Patch-ID# 101562-02
Synopsis: SunOS 4.1.3_U1: libcurses: dlescreen() causes getch return bad char.
BugId's fixed with this patch: 1154602
Changes incorporated in this version: 1154602

Patch-ID# 101579-01
Synopsis: SunOS 4.1.3_U1: Security problem with expreserve for Solaris 1.1.1
BugId's fixed with this patch: 1044909 1083183
Changes incorporated in this version:

Patch-ID# 101587-01
Synopsis: SunOS 4.1.3_U1: security patch for mfree and icmp redirect
BugId's fixed with this patch: 1087460 1093937
Changes incorporated in this version: 1093937

Patch-ID# 101592-01
Synopsis: SunOS 4.1.3_U1: UFS file system corruption and panic
BugId's fixed with this patch: 1118195 1121151 1122110 1118195
Changes incorporated in this version:

Patch-ID# 101618-01
Synopsis: SunOS 4.1.3_U1: inetd "broken server detection" breaks on fast
machines
BugId's fixed with this patch: 1030599 1112111
Changes incorporated in this version:

Patch-ID# 101621-02
Synopsis: SunOS 4.1.3_U1: Jumbo tty patch
BugId's fixed with this patch: 1048128 1069768 1008324 1040722 1070495 1060689
1064320 1104557 1068641 1056787 1061643 1012954 1168930
Changes incorporated in this version: 1168930

Patch-ID# 101625-02
Synopsis: SunOS 4.1.3_U1: ftp does not prompt for account information
BugId's fixed with this patch: 1157359
Changes incorporated in this version: 1157359

Patch-ID# 101664-01
Synopsis: SunOS 4.1.3_U1: rare panic due to serial port load
BugId's fixed with this patch: 1119423
Changes incorporated in this version:

Patch-ID# 101665-02
Synopsis: SunOS 4.1.3_U1: sendmail jumbo patch
BugId's fixed with this patch:  1144946 1056203 1030087 1068637 1085853 1041284
1092073 1092650 1093667 1089670 1084351 1142840 1151181 1152199 1082586 1048259
1160505
Changes incorporated in this version: 1160505

Patch-ID# 101679-01
Synopsis: SunOS 4.1.3_U1: Breach of security using modload
BugId's fixed with this patch: 1137491
Changes incorporated in this version:

Patch-ID# 101686-01
Synopsis: SunOS 4.1.3_U1: libkvm/kvmopen leaks memory on sun4m machines
BugId's fixed with this patch: 1154959
Changes incorporated in this version: 1154959

Patch-ID# 101689-02
Synopsis: SunOS 4.1.3_U1: libkvm/kvmopen leaks memory on sun4m machines
BugId's fixed with this patch: 1154959
Changes incorporated in this version: added 4.1.3_U1 Rev B support

Patch-ID# 101696-01
Synopsis: SunOS 4.1.3_U1:data corruption when using cpio to archive data from
NFS
BugId's fixed with this patch:  1051844
Changes incorporated in this version:

Patch-ID# 101741-01
Synopsis: SunOS 4.1.3_U1: Asynchronous Memory panic probing non-existent sbus
device
BugId's fixed with this patch: 1158410 1156505
Changes incorporated in this version:

Patch-ID# 101757-01
Synopsis: SunOS 4.1.3_U1: POINT PATCH fixes to ethernet driver (le.o)
BugId's fixed with this patch: 1163300
Changes incorporated in this version: 1163300

Patch-ID# 101759-01
Synopsis: SunOS 4.1.3_U1: domestic libc jumbo patch
BugId's fixed with this patch: 1033104 1039485 1049421 1054748 1061777 1070565
1074633 1077337 1109666 1074819 1041424 1118688 1038421 1046855 1136266 1141781
1139883
Changes incorporated in this version:

Patch-ID# 101775-01
Synopsis: SunOS 4.1.3_U1: Cron consumes more memory as tim goes on
BugId's fixed with this patch:  1063780
Changes incorporated in this version:

Patch-ID# 101784-01
Synopsis: SunOS 4.1.3_U1: rpc.lockd jumbo patch
BugId's fixed with this patch: 1086371 1078771 1115083 1113852
Changes incorporated in this version:

Patch-ID# 101833-01
Synopsis: SunOS 4.1.3_U1: Can't net install 5.3 Edition II from 4.1.x server
BugId's fixed with this patch: 1164993
Changes incorporated in this version:



OpenWindows Released Patch List:
------------------------------------

Patch-ID# 100444-58
Synopsis: OpenWindows 3.0: Server Jumbo Patch 3000-107
BugId's fixed with this patch: 1087901 1101940 1101123 1080976 1083312 1060204
1062740 1066878 1071237 1071322 1077556 1052712 1066767 1067026 1085004 1085475
1085609 1085529 1085467 1075858 1079600 1056492 1084761 1086134 1086122 1082750
1082200 1071098 1038783 1083142 1087211 1089056 1074935 1085444 1078226 1089311
1091966 1092113 1094100 1074749 1094114 1069130 1089311 1096914 1087946 1095761
1099797 1087901 1101940 1101123 1103061 1101267 1071091 1107837 1106762 1110261
1104648 1122982 1089425 1125875
1128560 1119284 1098572 1129122 1131619 1115867 1137468 1137121 1132761 1139085
1133986 1134851 1085529 1138043 1143198 1117109 1103260 1144610 1145351 1147741
1138880 1144753 1149255 1133986 1146592 1145599 1106634 1138880 1149057 1151335
1146172
Changes incorporated in this version: 1146172

Patch-ID# 100448-02
Synopsis: OpenWindows 3.0: loadmodule is a security hole.
BugId's fixed with this patch: 1076118 1148753
Changes incorporated in this version:

Patch-ID# 100451-62
Synopsis: OpenWindows 3.0: OLIT CTE Jumbo Patch
BugId's fixed with this patch: 1094920 1112731 1114072 1101320 1114887 1097819
1099332 1095840 1097042 1095666 1097019 1097060 1079116 1077198 1056290 1059977
1090531 1088126 1085312 1087144 1053499 1054033 1070806 1086857 1069690 1085931
1085311 1055211 1085117 1085119 1083658 1071536 1075807 1075675 1076244 1077804
1067737 1069699 1069958 1070209 1071210 1071427 1071507 1071774 1071855 1073157
1073158 1073385 1073843 1074841 1075085 1097819 1099332 1098537 1101015 1100144
1069757 1097687 1086973 1094770
1109002 1105796 1098701 1087564 1102901 1086919 1104603 1054351 1076210 1104433
1106948 1109548 1106502 1111466 1114060 1114887 1114072 1112731 1075085 1101320
1119343 1112764 1120337 1093945 1101638 1140871 1141944 1145439 1148989
Changes incorporated in this version: 1148989

Patch-ID# 100452-61
Synopsis: OpenWindows 3.0: XView 3.0 Jumbo Patch
BugId's fixed with this patch: 1066919 1072832 1073167 1066366 1075863 1075950
1059597 1080579 1075124 1073246 1065873 1084865 1083436 1083405 1053515 1078467
1061299 1076560 1037992 1078467 1044411 1055172 1068828 1077164 1091601 1093039
1049703 1087337 1074553 1053036 1053292 1030878 1020408 1097384 1076907 1043723
1101846 1103579 1105512 1106032 1098466 1106525 1093908 1067716 1109382 1108767
1113021 1110227 1109875 1114662 1111308 1114561 1065350 1067367 1115954 1053622
1109875 1122244 1122239 1122353
1072252 1117789 1071584 1124324 1066669 1098379 1131411 1129722 1140264 1134887
1140806 1136974 1139167 1142387 1047558 1140250 1142387 1148561 1148724 1110936
1149528 1148277 1145729 1161640 1160672 1161637
Changes incorporated in this version: 1161637

Patch-ID# 100454-03
Synopsis: OpenWindows 3.0: convertfont -x does not produce correct bdf file
BugId's fixed with this patch: 1075518 1073601 1102515
Changes incorporated in this version: 1102515

Patch-ID# 100462-29
Synopsis: OpenWindows 3.0: File Manager Jumbo Patch
BugId's fixed with this patch: 1069592 1070935 1073659 1079554 1075050 1067411
1085050 1086418 1082021 1081836 1108738 1111569 1112446 1108738 1116040 1093144
1129676 1133046 1103246 1130463 1130391 1080650 1144427 1155878
Changes incorporated in this version: 1155878

Patch-ID# 100478-01
Synopsis: OpenWindows 3.0: xlock crashes leaving system open
BugId's fixed with this patch: 1077337
Changes incorporated in this version:

Patch-ID# 100479-01
Synopsis: OpenWindows 3.0: OLIT release does not include <Xol/Olg.h> file
BugId's fixed with this patch: 1079191
Changes incorporated in this version:

Patch-ID# 100492-10
Synopsis: OpenWindows 3.0: jumbo patch for olwm 3.0
BugId's fixed with this patch: 1075650 1088815 1089979 1064765 1100097 1085887
1108611 1108642 1108785 1116207 1116212 1150572
Changes incorporated in this version: 1150572

Patch-ID# 100493-04
Synopsis: OpenWindows 3.0: binder jumbo patch
BugId's fixed with this patch: 1065534 1065552 1065713 1069284 1070164 1074005
1074430 1075063 1077954 1082036 1083472 1098317 1118302 1104455
Changes incorporated in this version: 1118302 1104455

Patch-ID# 100497-01
Synopsis: OpenWindows 3.0: install_openwin fails and DGA does not work after
server is up
BugId's fixed with this patch: 1070633
Changes incorporated in this version:

Patch-ID# 100499-04
Synopsis: OpenWindows 3.0: printtool looks for longest entry instead of first 2
BugId's fixed with this patch: 1074177 1058325 1099010
Changes incorporated in this version: 1099010

Patch-ID# 100512-04
Synopsis: OpenWindows 3.0: libXt CTE Jumbo Patch
BugId's fixed with this patch: 1120337 1098544 1086793 1086912 1074766 1087332
Changes incorporated in this version: 1120337

Patch-ID# 100523-15
Synopsis: OpenWindows 3.0: Calendar Manager Patch
BugId's fixed with this patch: 1079235 1081962 1093114 1071379 1111718 1089855
1077699 1080326 1122551 1124859 1145866 1146332 1092042 1154939 1124545
Changes incorporated in this version: 1124545

Patch-ID# 100524-06
Synopsis: OpenWindows 3.0: Classing Engine (libce) Patch
BugId's fixed with this patch: 1077657 1077787 1091437 1086418 1081836
Changes incorporated in this version: 1086418 1081836

Patch-ID# 100525-01
Synopsis: OpenWindows 3.0 AudioTool CTE Jumbo Patch
BugId's fixed with this patch: 1073640
Changes incorporated in this version:

Patch-ID# 100529-01
Synopsis: OpenWindows 3.0: textedit core dumps during exit
BugId's fixed with this patch: 1065686
Changes incorporated in this version:

Patch-ID# 100544-03
Synopsis: OpenWindows 3.0: Mailtool jumbo patch
BugId's fixed with this patch: 1072592 1069789 1086038
Changes incorporated in this version:

Patch-ID# 100568-01
Synopsis: OpenWindows 3.0: invalid alarm command causes clock and server to
hang
BugId's fixed with this patch: 1086168
Changes incorporated in this version:

Patch-ID# 100573-04
Synopsis: OpenWindows 3.0: xstdcmap fails to set XStandardColomap for 24-bit
machines
BugId's fixed with this patch: 1087332 1105454
Changes incorporated in this version: 1105454

Patch-ID# 100580-01
Synopsis: OpenWindows 3.0: tnt locks out DGA applications
BugId's fixed with this patch: 1071713
Changes incorporated in this version:

Patch-ID# 100608-02
Synopsis: OpenWindows 3.0: xwd does not work with specific -root or -id options
BugId's fixed with this patch: 1079731, 1092236
Changes incorporated in this version:

Patch-ID# 100626-08
Synopsis: OpenWindows 3.0: Tooltalk patch
BugId's fixed with this patch: 1085317 1074150 1074612 1066949 1071723 1070440
1068765 1071035 1072772 1081742 1077513 1082628 1084299 1093746 1095103 1094598
1129057 1140652 1138827 1146783
Changes incorporated in this version: 1146783

Patch-ID# 100685-01
Synopsis: OpenWindows 3.0: snapshot running with motif window manager core
dumps
BugId's fixed with this patch: 1089508
Changes incorporated in this version:

Patch-ID# 100713-01
Synopsis: OpenWindows 3.0: In an Xterm window numlock does not work
BugId's fixed with this patch: 1098715, 1095262, 1075151
Changes incorporated in this version:

Patch-ID# 100728-02
Synopsis: OpenWindows 3.0: Under SunOS 4.1.1 "xterm" doesn't load when setuid
root
BugId's fixed with this patch: 1105607 1095437
Changes incorporated in this version: 1105607

Patch-ID# 100742-01
Synopsis: OpenWindows 3.0: iconedit patch
BugId's fixed with this patch: 1079720
Changes incorporated in this version: 1079720

Patch-ID# 100753-01
Synopsis: OpenWindows 3.0: XNeWs dumps core viewing answerbook page
BugId's fixed with this patch: 1079032 1102144
Changes incorporated in this version:

Patch-ID# 100778-03
Synopsis: OpenWindows 3.0: Direct Xlib 1.2 jumbo patch release
BugId's fixed with this patch: 1105516, 1117675, 1119220
Changes incorporated in this version: 1119220

Patch-ID# 100795-01
Synopsis: OpenWindows 3.0: time_format, numeric_format wrong
BugId's fixed with this patch: 1076928
Changes incorporated in this version:

Patch-ID# 100802-01
Synopsis: OpenWindows 3.0: cgsix patch for MP systems with OW and patch 100444
BugId's fixed with this patch: 1095841
Changes incorporated in this version:

Patch-ID# 100887-01
Synopsis: OpenWindows 3.0: checkOW patch
BugId's fixed with this patch: 1099155
Changes incorporated in this version:

Patch-ID# 100899-02
Synopsis: OpenWindows 3.0: ModeSwitch does not work correctly
BugId's fixed with this patch: 1096735 1103673 1073527 1127656
Changes incorporated in this version: 1127656

Patch-ID# 100927-01
Synopsis: OpenWindows 3.0 olwm/owplaces places incorrect script header in
.openwin-init file.
BugId's fixed with this patch: 1118777
Changes incorporated in this version:

Patch-ID# 100943-02
Synopsis: OpenWindows 3.0: cmdtool patch
BugId's fixed with this patch: 1075514 1139973
Changes incorporated in this version: 1139973

Patch-ID# 100990-01
Synopsis: OpenWindows 3.0: colorimage operator is incorrect in NEWS
BugId's fixed with this patch: 1117370
Changes incorporated in this version:

Patch-ID# 101076-02
Synopsis: OpenWindows 3.0: colorchooser patch
BugId's fixed with this patch: 1132377
Changes incorporated in this version:

Patch-ID# 101118-01
Synopsis: OpenWindows 3.0: calctool jumbo patch
BugId's fixed with this patch: 1100445, 1065280
Changes incorporated in this version:

Patch-ID# 101281-01
Synopsis: OpenWindows 3.0: pageview fails printing single page of multi-page
documents.
BugId's fixed with this patch: 1140203
Changes incorporated in this version: 1140203

Patch-ID# 101639-01
Synopsis: OpenWindows 3.0: xgettext does not recognize \" when updating .po
files
BugId's fixed with this patch: 1151120
Changes incorporated in this version:


--
Rob Montjoy                  - Computer Engineer/Systems Administrator
University of Cincinnati     - Electrical and Computer Engineering
E-Mail: Rob.Montjoy () UC EDU   - Personal or Other E-Mail

--  To Save the Earth. The Humans must die.


From
lhdsy1!uunet!ankh.iia.org!babbage.ece.uc.edu!news.kei.com!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!agate!msuinfo!harbinger.cc.monash.edu.au!yarrina.connect.com.au!warrane.connect.com.au!sfe.com.au!sfe.com.au!not-for-mail
Fri Jul 15 17:05:46 PDT 1994
Article: 6532 of comp.security.unix
Path:
lhdsy1!uunet!ankh.iia.org!babbage.ece.uc.edu!news.kei.com!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!agate!msuinfo!harbinger.cc.monash.edu.au!yarrina.connect.com.au!warrane.connect.com.au!sfe.com.au!sfe.com.au!not-for-mail
From: paul () sfe com au (Paul Hatchman)
Newsgroups: comp.security.unix,comp.sys.sun.admin
Subject: Re: writting a list of how to secure 4.1.3 & 5.3
Message-ID: <2vghdg$h5u () curly sfe com au>
Date: 7 Jul 94 09:20:48 GMT
References: <CrGKwK.12w () news Hawaii Edu>
Organization: Sydney Futures Exchange
Lines: 28
Xref: lhdsy1 comp.security.unix:6532 comp.sys.sun.admin:35282
NNTP-Posting-Host: curly.sfe.com.au

tmk () uhunix uhcc Hawaii Edu (Thomas M Kroeger) writes:


I'm writting up a basic list of things to do to secure a SunOS 4.1.3
(and 5.3 - second list) system after initial installation.


Here are a few (off the top of my head) that I havent seen posted so far

1. remove setgid kmem from /usr/kvm/crash
2. disable comsat (or patch it)
3. apply expreserve patch
4. apply loadmodule patch
5. apply xterm logging patch and make xterm setuid root.
   (is xterm more secure than allowing people to read your keystrokes? :)
6. set most lines to unsecure in /etc/ttytab
7. chmod 644 /etc/utmp (and related patches)
8. Apply tty jumbo patch (to fix the pty security probs)
*9* Know what you are doing when you modify any configuration files.
I am sure that even most secure system in the world can be misconfigured to
make
it vunerable.


later,

--------------------------------------------------------------------------------
Paul Hatchman,                        |  <this line intentionally left blank>
Analyst/Programmer,                   |      paul () sfe com au
Sydney Futures Exchange, Australia    |      Tel: +61 2 2560567
--------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: