Patch-ID# 103566-57 Keywords: security y2000 Xsun libfont HP OpenView Node Manager 6.1 Synopsis: OpenWindows 3.5.1: Xsun patch Date: Aug/02/2002 Install Requirements: None Solaris Release: 2.5.1 SunOS Release: 5.5.1 Unbundled Product: OpenWindows Unbundled Release: 3.5.1 Xref: This patch is available for x86 as patch 104241 Topic: Relevant Architectures: sparc BugId's fixed with this patch: 1173815 1197532 1232029 1236764 1243445 1245095 1248661 1249475 1251340 1251860 1254504 1254709 1256655 1260016 1261277 1266793 4006666 4010744 4012465 4016426 4017413 4019277 4026015 4036289 4038922 4039053 4042030 4043113 4048352 4058716 4060009 4062802 4067299 4076297 4077223 4084821 4095459 4102279 4115129 4115576 4120484 4128304 4139181 4143461 4145697 4149801 4152947 4156993 4162373 4177224 4178868 4184297 4192179 4200108 4202310 4202465 4211145 4245099 4263074 4291215 4304268 4323164 4332966 4333070 4356377 4383751 4483090 4661987 Changes incorporated in this version: 4661987 Patches accumulated and obsoleted by this patch: 103508-01 Patches which conflict with this patch: Patches required with this patch: 103640-40 or greater Obsoleted by: Files included with this patch: /usr/openwin/bin/Xsun /usr/openwin/bin/fbconsole /usr/openwin/bin/xterm /usr/openwin/bin/xwd /usr/openwin/lib/X11/PostScript.VM /usr/openwin/lib/X11/XErrorDB /usr/openwin/lib/libX11.a /usr/openwin/lib/libX11.so.4 /usr/openwin/lib/libdga.so.1 /usr/openwin/lib/libp/libX11.a /usr/openwin/server/lib/libcfb.so.1 /usr/openwin/server/lib/libcfb16.so.1 /usr/openwin/server/lib/libcfb32.so.1 /usr/openwin/server/lib/libcfb4.so.1 /usr/openwin/server/lib/libfont.so.1 /usr/openwin/server/lib/libmfb.so.1 /usr/openwin/server/lib/libmhc.so.1 /usr/openwin/server/lib/libmi.so.1 /usr/openwin/server/lib/libmpg.so.1 /usr/openwin/server/lib/libserverX11.so.1 /usr/openwin/server/lib/libserverdps.so.1 /usr/openwin/server/modules/ddxSUNWcg6.so.1 /usr/openwin/server/modules/ddxSUNWdials.so.1 /usr/openwin/server/modules/ddxSUNWkbd.so.1 /usr/openwin/bin/xlock Problem Description: 4661987 CAN-2002-0158: Xsun "-co" heap overflow (from 103566-56) 4356377 keyboard ddx does not check bounds correctly 4483090 xlock buffer overflow (from 103566-55) 4383751 Xsun dumps core with HP OpenView Node Manager 6.1 (from 103566-54) 4323164 fbconsole should open /dev/console with O_NOCTTY (from 103566-53) 4332966 security: Xsun has a buffer overflow 4333070 X setuid/setgid binary permissions need to be changed Changed incorrect requires from rev -52 back to original required patch (from 103566-52) 1254504 xserver crashes upon cde startup (from 103566-51) 4304268 Xserver crashes in Taiwanese locale 4149801 libfont has a possible buffer overflow issue (from 103566-50) 4263074 Cu's own app slows down the Xserver when patch 103566-43 is installed (from 103566-49) 1173815 Xsun crashes drawing the "X" logo (from 103566-48) 4291215 Cannot use large font after applying patch 103566-45 (from 103566-47) 4200108 Openwin starting gives X_mkdir Error:0" first time after system boot. (from 103566-46) 4202465 Patch 103566 causes hang in XDestroyWindow using ffb (from 103566-45) 4211145 Xserver does not handle 12x24 font correctly (from 103566-44) 4245099 XGL Application fails when FFB default visual sets overlay (from 103566-43) 4162373 winlock at start of Pro/E R20 with XGL/ZX/openwindows causing graphics problems (from 103566-42) 4202310 openwin shows unexpected message when patch #103566 applied. (from 103566-41) 4192179 cu has his own application that crashes the xserver. 4184297 CDE not sending the correct signals when CDE is killed (XTERM) (from 103566-40) 4177224 patch 103566-36 breaks large fonts 4145697 Linking Patran with pthreads library crashes XGL driver (from 103566-39) 4178868 Large, multi-threaded X application hangs in _XFlushInt (from 103566-38) 4143461 "bin" gid of Xsun in patch 103566-xx causing ow startup to fail from commandline (reworked) (from 103566-37) 4152947 XInitThreads doesn't work when patch 103566-34 is installed (from 103566-36) 4156993 Xsun crashes when accessing converted fonts. (from 103566-35) 4102279 Xsun crashes while searching for a close match of HP font (from 103566-34) 4139181 Xsun is crashing when trying to load particular font with XLoadQueryFont call (reworked) (from 103566-33) 4139181 Xsun is crashing when trying to load particular font with XLoadQueryFont call (from 103566-32) 4143461 "bin" gid of Xsun in patch 103566-xx causing ow startup to fail from commandline (from 103566-31) (from 103566-30) (from 103566-29) (from 103566-28) 4120484 Problem in filling with stippled with XFillPolygon(). 4128304 GLX error strings missing in XErrorDB. 4115576 Patch 103566-27 makes autoclient unable to start X. 4095459 A window is not repainted correctly when the window is restored. 4115129 .X11-unix security problem. (from 103566-27) (from 103566-26) 4067299 Xsun security issue. 4076297 glXChooseVisual hangs if XInitThreads is called. (from 103566-25) 4077223 Permissions on Xsun from patch 103566-xx differs from FCS. 4060009 DPS text coordinate origin move when when move TGX+ under 2.5.1. (from 103566-24) 1197532 xterm pty may disagree with actual window size. 4084821 xterm in 103566-23 was not built properly and does not execute. (from 103566-23) (from 103566-22) 4062802 Needless characters are added at dragging and dropping at solaris 2.5.1. 4048352 xterm y2000 - Incorrect timestamp on Tek COPY. (from 103566-21) 1266793 Solaris 2.x libX11 security vulnerability. (from 103566-20) 4016426 Xsun dumps core is due to repeat calling XSetWindowColormap under leo. (from 103566-19) 4038922 Unable to display monochrome EPS file correctly in dpsexec. 4042030 Ansys53 won't run under Solaris 2.5 if patch 103210-08 or above installed. 4058716 WinTach demo crashes Xsun. (from 103566-18) (from 103566-17) 4039053 application crashes with BadDrawable error on FFB under CDE1.2. 4043113 User defined cursor's image does not properly refresh large cursor. (from 103566-16) (from 103566-15) (from 103566-14) 1256655 PFA fonts min & max bounds are different between Solaris 2.4 and 2.5. 4036289 xlock has a security problem. (from 103566-13) 4019277 Pro/E crashes X server with ZX graphics. (from 103566-12) 1236764 Xsun dumps core in FreeCell. (from 103566-11) 4017413 Double buffer program does not refresh correctly on Solaris 2.5.1. (from 103566-10) (from 103566-09) (from 103566-08) 4026015 Xsun crashes with geode 3.0 on Solaris 2.5.1 with GX. 4010744 Xpr doesn't work properly with multivisual. 4012465 Stippled fillpolygon doesn't render when the window is resized. (from 103566-07) 1248661 XGL resources not freed when raster is destroyed. (from 103566-06) 1251340 starting and leaving xgl applications crashes the X server on ZX. 1232029 X server core dump on frame buffers without DGA support. (from 103566-05) (from 103566-04) 4006666 Recursive mutex lock in quark routine causes hang. 1260016 Keyboard is in strange state when the X server crashes. 1251860 On TGX+ motifanim can't draw correctly. 1261277 Xsun will crash if you are using sundial and Sunbutton. (from 103566-03) 1254709 XPutImage to a GC tile pixmap does not work correctly on GX+ or TGX+. 1245095 Pro/CDRS main window not redrawn correctly. 1243445 XPutImage from a bitmap image to a pixmap is wrong in a GX+. (from 103566-02) (from 103566-01) (from 103508-01) 1249475 Xserver sometimes hung up when run with 24 depth and TrueColor. Patch Installation Instructions: -------------------------------- Refer to the Install.info file for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below as special instructions. Special Install Instructions: ----------------------------- None. README -- Last modified date: Friday, August 2, 2002