Patch-ID# 108194-03 Keywords: security dtprintinfo timing HOME large SIGSEGV Synopsis: CDE 1.0.2: dtprintinfo patch Date: Aug/10/00 Solaris Release: 2.4 2.5 2.5.1 SunOS Release: 5.4 5.5 5.5.1 Unbundled Product: CDE Unbundled Release: 1.0.2 Xref: This patch available on CDE 1.0.1 as patch 108193 Relevant Architectures: sparc BugId's fixed with this patch: 4191060 4191065 4286834 4139394 Changes incorporated in this version: 4139394 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: 108363-01 Files included with this patch: /usr/dt/bin/dtprintinfo Problem Description: 4139394 long argument causes SIGSEGV (from 108194-02) 4286834 Patch 105716-07 was obsoleted by 108363-01 so this patch needed to be repackaged. (from 108194-01) 4191060 large HOME causes buffer overflow in dtprintinfo 4191065 dtmkdir() potentially has a timing security hole Patch Installation Instructions: -------------------------------- Refer to the Install.info file for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below as special instructions. Special Install Instructions: ----------------------------- None.