Patch-ID# 103262-08 Keywords: security y2000 ufsrestore /tmp AC ufsdump hangs incremental tm_year Synopsis: SunOS 5.5_x86: ufsdump & ufsrestore patch Date: Jun/19/2001 Solaris Release: 2.5_x86 SunOS Release: 5.5_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 103261 Topic: SunOS 5.5_x86: ufsdump & ufsrestore patch NOTE: Refer to Special Install Instructions Section for IMPORTANT specific information on this patch. Relevant Architectures: i386 BugId's fixed with this patch: 1186435 1213496 1254700 1265176 4022408 4060760 4132365 4339366 4366956 4375449 Changes incorporated in this version: 4366956 4375449 Patches accumulated and obsoleted by this patch: 103845-02 Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/lib/fs/ufs/ufsdump /usr/lib/fs/ufs/ufsrestore Problem Description: 4366956 NLSPATH gettext introduces problems when used printf format specifier 4375449 dtmail crashes when calling catgets with NULL default message (from 103262-07) 4339366 Security vulnerability in ufsrestore allows root compromise. 4132365 Security vulnerability on ufsdump and restore in 2.6 and 2.6 x86 (from 103262-06) 1254700 ufsdump ufsrestore changes ownership of symlinks to root (from 103262-05) 4060760 ufsrestore allows normal user to attain root identity (from 103262-04) 1265176 usfdump: certain source files are not able to deal with 2000AD+ years (from 103262-03) 4022408 ufsrestore can't restore ACLs (from 103262-01) 1186435 Simultaneous ufsrestores fail due to non-unique /tmp file names, no-25 (from 103845-02) 1213496 ufsdump: hangs when dumping a small or null incremental dump (from 103844-01) 1213496 ufsdump: hangs when dumping a small or null incremental dump Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- NOTE: To get the complete fix for 4366956 (NLSPATH gettext introduces problems when used printf format specifier), we recommend installing the following patches: 103188-49 (or newer) /usr/lib/libc.a /usr/lib/libc.so.1 /usr/lib/libp/libc.a /usr/lib/pics/libc_pic.a /usr/lib/libintl.a /usr/lib/libintl.so.1 /usr/sbin/in.telnetd /usr/sbin/static/rcp 104411-05 (or newer) /sbin/su patch README -- Last modified date: Tuesday, June 19, 2001