OBSOLETE Patch-ID# 103612-51 Keywords: security y2000 libc su getdate NIS+ libnsl nis_cachemgr rpc.nisd Synopsis: OBSOLETED by 103640 Date: Jan/27/99 Solaris Release: 2.5.1 SunOS Release: 5.5.1 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 103613 Xref: This patch available for PPC as patch 103614 Topic: SunOS 5.5.1: libc, libnsl, libucb, nis_cachemgr and rpc.nisd patch NOTE: Refer to Special Install Instructions section for IMPORTANT specific information on this patch. WARNING: A side effect of the fix for bug 1235867 causes Fortran 90 Version 1.1 programs to Segmentation Fault if they write to terminal or other line buffered device (bug 1260474). There are two ways of fixing this: 1) upgrading to Fortran 90 Version 1.2 -OR- 2) installing patch 103219-06 (or its later rev) and rebuilding the f90 application. Workaround for programs that only output to terminal by redirecting or piping output. For example -- program | cat BugId's fixed with this patch: 1159865 1168376 1189481 1202807 1206421 1212974 1213016 1219671 1221809 1223323 1223326 1225430 1230570 1232758 1234630 1235867 1242395 1243441 1244872 1244917 1245451 1246630 1246864 1247052 1248090 1249373 1249903 1255623 1258916 1259200 1262462 1262666 1264708 1265785 4005483 4005686 4006674 4011495 4011948 4016724 4018801 4018883 4018887 4022240 4022299 4022682 4025665 4026833 4029971 4030045 4035403 4040423 4045229 4045268 4050818 4055257 4057606 4060465 4062999 4067374 4075462 4080264 4085394 4098943 4102420 4105997 4118037 4127727 4128660 4129064 4135388 4136059 4139126 4140617 4149227 4150947 4155392 4157559 4165597 4175558 4184623 4188005 4190645 Changes incorporated in this version: 4136059 4155392 4175558 4184623 4188005 4190645 Relevant Architectures: sparc Patches accumulated and obsoleted by this patch: 103615-04 103654-01 Patches which conflict with this patch: iss_sparc-01 (or newer) Patches required with this patch: Obsoleted by: 103640 on May/14/99 Files included with this patch: /usr/bin/nismkdir /usr/bin/nistest /usr/lib/fn/fn_ctx_onc_fn_nisplus_root.so.1 /usr/lib/libc.a /usr/lib/libc.so.1 /usr/lib/libp/libc.a /usr/lib/libnsl.a /usr/lib/libnsl.so.1 /usr/lib/nis/nisclient /usr/lib/nis/nisupdkeys /usr/lib/pics/libc_pic.a /usr/sbin/nis_cachemgr /usr/sbin/nisinit /usr/sbin/rpc.nisd /usr/sbin/static/rcp /usr/ucblib/libucb.a /usr/ucblib/libucb.so.1 Problem Description: 4184623 broken date in GMT timezone, displays as BST with TZ=GB-Eire 4175558 TZ=GMT0BST-1,M3.5.0/2:00,M10.5.0/2:00 breaks 6 times from now to 2037 4190645 Y2000 Problem in libc in function posixgetdst - Backport of 4152473 4155392 timezone change gives wrong alternate timezone 4136059 utc changes from 2.5.1 to 2.6 cause problems when including OS patches 4188005 mktime() can return wrong time if using multiple TZ's (from 103612-50) 4150947 stubs versions of thr_keycreate(), etc., should return meaningful values NOTE: this revision takes out the changes for 4150947. (from 103612-49) 4157559 automountd won't retry the Null call to nfsd in pingnfs() (from 103612-48) 4150947 Stubs versions of thr_keycreate(), etc., should return meaningful values (from 103612-47) 4129064 NIS+ client processes fail with 'xdr_array: out of memory' errors (from 103612-46) 1202807 Expansion of NIS+ name incorrect/inconsistent (from 103612-45) 4165597 getdate should allow dates before 1970 - Backport of 4050856 & 4036732 (from 103612-44) 4149227 103612-41 causes ldd to throw out unresolved references in libdl.so.1 4140617 serving list hosed by nis+ object with non-trailing-dot group owner name 4102420 segv's and libthread panics when numerous pthread_cancel()'s are run (from 103612-43) 4139126 libnsl buffer overflows (from 103612-42) 4067374 localtime(0) error (from 103612-41) 4135388 rpc.nisd buffer overflow 4018801 ypmatch causes console message after patch T103187-16 (from 103612-40) 4127727 getgrgid_r() can corrupt stack / buffers if buffer is too small. 4128660 An application using getnam_r core dumps with the latest libc patch 4118037 getgrent_r() hangs if nis is not up and libthread is linked in. (from 103612-39) 4105997 Y2000 tm_test01 fails with current S2.5.1 strptime() 4098943 'yp_match' function not working in compatibility mode 4085394 TCP connections to rpcbind remain established if client is halted. 4062999 "Error in RPC subsystem" error from nisstat,nisupdkeys with +10 NIS+ sub-domains (from 103612-38) 1243441 abort() function does not work correct in threaded application (from 103612-37) 4045229 strptime and getdate year calculation does not count century; strptime range checks 4050818 getdate %C (century) should use current year offset if year offset not given 1189481 automountd caches old ip address of nfs server and never refreshes (from 103612-36) 4075462 nisd is not closing file descriptors. 1168376 NIS+ servers should be allowed to be in the domain they serve. (from 103612-35) 4080264 ypbind.pid file not created for diskless clients (from 103612-34) 4022240 Informix processes hang with corrupt TLI endpoint state (from 103612-33) 4055257 realloc failure does not leave orignal region "intact" (from 103612-32) 1225430 ypbind can get requests before it is ready for them (from 103612-31) 4045268 nis_cachemgr does not verify authenticity of objects 4057606 Out of domain NIS+ lookups don't work after applying fix for 4045268 (from 103612-30) 4060465 setpriority only understands TS and IA 4035403 RPC app breaks in MT mode with "signal fault in critical section" (from 103612-29) 4011948 cuserid() gets incorrect username is due to application running onto CDE (from 103612-28) 4022299 syslogd.pid file deadlock prevents syslogd from starting (from 103612-27) 4045229 strptime and getdate year calculation not count century; strptime range checks 4030045 strxfrm with LC_CTYPE == "de and LC_COLLATE == "de" causes bus error 4022682 nscd dumping core 1262462 create, delete, recreate of user account in NIS+ disruptive to NIS+ server 1206421 NIS+ credential update from client fails due to wrong connection type (from 103612-26) 4040423 ss4000 with hme interface unable to boot with nsswitch setting using dns (from 103612-25) 4011495 'zoneinfo' summertime/wintertime (Southern hemisphere) switchover anomaly Various geographic regions in the Southern hemisphere report a daylight savings time switchover problem in conjunction with the 'zoneinfo' database feeding 'localtime(3)'. (from 103612-24) 4026833 niscat hangs the rpc.nisd in getmsg when adding a third interface in Solaris 2.5.1 1159865 select small timeouts should round up (from 103612-23) 4025665 nisping -Ca broken by fix to bugid#4005483 This patch is generated to workaround bug 4010430 -- installpatch should ignore a required patch when not applicable to a target system. The workaround is to include an empty root sparse patch package. This will allow patch dependency requirement to be met in a server/client configuration. (from 103612-22) 4029971 getopt security problem The fix for 4029971 requires the static version of rcp to be included in the patch. (from 103612-21) 4029971 getopt security problem (from 103612-20) 4018883 getgrnam_r() & getpwnam_r() can overrun buffers. 4018887 gethostbyname_r() can overrun buffer. 1223323 No bounds checking on NIS_GROUP environment variable (from 103612-19) 1247052 nis_dumplog_r translates all failures into NIS_RPCERROR nis_dumplog_r() frequently fais because it attempts to reuse a connection that had been closed on the server side, but couldn't handle the resulting error. Consequently, the dumplog request gets aborted and the NIS+ replica would remain out of sync with the master until the next update for the NIS+ directory in question. (from 103612-18) 1212974 Bogus bootparam packet makes rpcbind stop working (from 103612-17) 4016724 nis_cptime failure in nisd causes unreliable update propagation (from 103612-16) 4005483 replica doing full resync too frequently (from 103612-15) 4006674 rpc.nisd crash because of simple user program The rpc.nisd can free the same memory twice during modify or add operations. Since part of the cleanup work is to zero out pointers, the second free can stomp on memory that's been re-used, or an administrative information used by the malloc library. The latter scenario leads to a core dump. 4005686 strncmp() accesses memory locations beyond what it is supposed to 1249373 Application file descriptors are being closed without applications knowledge 1232758 finddirectory call fails when there are too many replicas 1223326 possible memory leak in "rpc.nisd" rpc.nisd can leak memory if a nis_list with search criteria is done with callbacks. The leak will be equal to 8*(number of matched entries) bytes. The reason for the leak is that memory is being freed in the child process but not in the parent rpc.nisd. (from 103612-14) 1230570 nisplus strips leading spaces before doing lookup. (from 103612-13) 1259200 no more syslog from rpc.nisd after the fix for 1244917 was integrated The fix for bug 1244917 prevents syslog from working. This fix is to call closelog() so that forking and subsequent closing of all field descriptors does not prevent syslog from working. (from 103612-12) 1248090 getwd very slow over nfs to 4.1.3 server The fix for bug 1220400 ("lofs becomes confused about where the present working directory "." is") introduced a new problem -- where getcwd() would erroneously believe that it was passing a mount point, and start lstat()ing every directory in the current directory. With lots of subdirectories, and especially over NFS, these unnecessary lstat() calls could result in very noticeable delays (on the order of minutes with ten+ thousand subdirectories, and/or a slow network). (from 103612-11) 1249903 rpc.nisd hung in nis_list_svc on getmsg in _rcv_conn_con (from 103612-10) 1221809 absence of user public key caching makes NIS+ inter-domain lookups unreliable (from 103612-09) 1245451 syslogd failing to log messages every 12-48 hours of operation (from 103612-08) 1264708 get segmt fault on malloc with getcwd, chdir and opendir over PATH_MAX (from 103612-07) 1265785 fwrite regression from 2.4 to 2.5, 2.5.1 (from 103612-06) 1262666 nscd client backend, getxby_door, has buffer overflows (from 103612-05) 1244917 syslog(3) does not correctly cache the file descriptor that it writes on (from 103612-04) 1255623 getdate() fails on 1st of month with julian date (from 103612-03) 1246864 Multithreaded C++ program using strptime() causes bus error when 'new' used. (from 103612-02) 1219671 Memory is given free which was never allocated before. (from 103612-01) 1235867 line buffered stdio loses data and/or hangs in 2.5 (from 103615-04) 1258916 nis_cachemgr causing other many processes to hang in semop (from 103615-03) 1213016 User looses access to secondary groups if nisplus root master is not up (from 103615-02) 1234630 Client side RPC handle caching and server side fd leaks needs a general solutio (from 103615-01) 1244872 nis_cachemgr can deadlock when servers are unavailable 1242395 NIS+ TTLs for objects not correct on 2.4 slave replicas and 2.3 slave/clients. (from 103654-01) 1246630 nisd can potentially hang if it gets a SIGCHLD/SIGHUP on an established callbac Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- NOTE 1: TO GET THE COMPLETE FIX FOR BUGID 4040423 (SS4000 WITH HME INTERFACE UNABLE TO BOOT WITH NSSWITCH SETTING USING DNS), ONE NEEDS TO INSTALL PATCH 103630-07 (OR NEWER). NOTE 2: THE FOLLOWING PATCHES FIX A LIMITATION WITH RESOURCE QUOTAS: 103640-11 (or newer) kernel update 104736-03 (or newer) usr/bin/csh patch 105044-01 (or newer) usr/bin/renice patch 104259-04 (or newer) kernel/fs/tmpfs patch NOTE 3: TO GET THE COMPLETE FIX FOR BUGID FOR 1225430 (YPBIND CAN GET REQUESTS BEFORE IT IS READY FOR THEM), ONE ALSO NEEDS TO INSTALL THE YPBIND PATCH (105165-01 or newer). NOTE 4: TO GET THE COMPLETE FIX FOR BUGID FOR 4080264 (YPBIND.PID FILE NOT CREATED FOR DISKLESS CLIENTS), ONE ALSO NEEDS TO INSTALL THE YPBIND PATCH (105165-02 or newer). NOTE 5: If you are installing this patch to fix the "non-root NIS+ server not living in domain it serves" problem, you will also need to install the chkey/keylogin patch (104968-02 or newer). You will aslo need to install the kernel patch (103640-17 or newer) if you are instal- ling this patch on a NIS+ server that is either a Secure NFS client or server. Instructions on how to set up the non-root NIS+ server to live in the domain it serves: Setting up an existing non-root NIS+ server: 1. Install this libnsl/NIS+ commands patch on the non-root NIS+ server. Also install the kernel patch (103640-17 or newer) if this server is either a Secure NFS client or server. 2. Change the /etc/defaultdomain on the server to the domain it serves. 3. Reboot the server. Setting up a new non-root NIS+ server: 1. Set up the server as described in the NIS+ docs. 2. Install this libnsl/NIS+ commands patch on this new NIS+ server. Also install the kernel patch (103640-17 or newer) if this server is either a Secure NFS client or server. 3. Change the /etc/defaultdomain on the server to the domain it serves. 4. Reboot the server. NOTE 6: TO GET THE COMPLETE FIX FOR BUGID FOR 4085394 (TCP connections to rpcbind remain established if client is halted), ONE ALSO NEEDS TO INSTALL THE RPCBIND PATCH (104331-07 or newer). NOTE 7: TO GET THE COMPLETE FIX FOR BUGID FOR 4149227 (103612- 41 causes ldd to throw out unresolved references in libdl.so.1), ONE ALSO NEEDS TO INSTALL THE FOLLOWING PATCHES: 103663-14 (or newer) libresolv patch 103640-23 (or newer) libthread/KU patch 105732-02 (or newer) libxfn patch 103627-05 (or newer) linker patch NOTE 8: TO GET THE COMPLETE FIX FOR BUGID FOR 4102420 (segv's and libthread panics when numerous pthread_cancel()'s are run), ONE ALSO NEEDS TO INSTALL 103640-23 (KU/ libthread patch).