Patch-ID# 109254-07 Keywords: security buffer overflow -m Synopsis: SunOS 5.7_x86: /usr/bin/mail Patch Date: Jan/23/2003 Install Requirements: None Solaris Release: 7_x86 SunOS Release: 5.7_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 109253 Topic: SunOS 5.7_x86: /usr/bin/mail Patch Relevant Architectures: i386 BugId's fixed with this patch: 4276509 4452230 4465086 4502850 4624990 4705717 Changes incorporated in this version: 4705717 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/bin/mail Problem Description: 4705717 unsafe use of access in printmail.c (from 109254-06) This patch fixes a packaging problem in found in patch 109254-05. (from 109254-05) 4624990 *mail* buffer overflow (from 109254-04) 4502850 *mail* allows user to supply sendmail command-line option (from 109254-03) 4465086 *mail* Buffer overflow in /bin/mail via $HOME. (from 109254-02) 4452230 *mail* /bin/mail not rfc822 conform with multiline header line (from 109254-01) 4276509 security: /bin/mail has buffer overflow Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-9 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- None. README -- Last modified date: Thursday, January 23, 2003