Patch-ID# 112535-03
Keywords: security kerberos mech_krb5.so.1 gss mech
Synopsis: SEAM 1.0: patch for Solaris 2.6_x86
Date: Nov/13/2003


Install Requirements: None                      
                      
Solaris Release: 2.6_x86

SunOS Release: 5.6_x86

Unbundled Product: Solaris Enterprise Authentication Mechanism

Unbundled Release: 1.0

Xref: This patch available for SPARC as patch 112534

Topic: 

Relevant Architectures: i386

BugId's fixed with this patch: 4338622 4691352 4836676

Changes incorporated in this version: 4836676

Patches accumulated and obsoleted by this patch: 

Patches which conflict with this patch: 

Patches required with this patch: 

Obsoleted by: 

Files included with this patch: 

/kernel/misc/kgss/do_kmech_krb5
/kernel/misc/kgss/gl_kmech_krb5
/usr/lib/gss/do/mech_krb5.so
/usr/lib/gss/do/mech_krb5.so.1
/usr/lib/gss/gl/mech_krb5.so
/usr/lib/gss/gl/mech_krb5.so.1

Problem Description:

4836676 Bounds checks not in place for princs in krbv5
 
(from 112535-02)
 
4691352 Multiple Kerberos vulnerabilities need to be fixed
 
(from 112535-01)
 
4338622 BUFFER OVERRUN VULNERABILITIES IN KERBEROS (SEAM)

Patch Installation Instructions:
-------------------------------- 
Refer to the Install.info file for instructions on using the
generic 'installpatch' and 'backoutpatch' scripts provided with
each patch.  Any other special or non-generic installation
instructions should be described below as special instructions.

Special Install Instructions:
----------------------------- 
For Bug ID 4338622, the complete fix requires
patch 110058-05 (or newer). Although patches 112535-01 and
110058-05 do not require/depend on each other,
the complete resolution for the bug requires both.
 
For Bug ID 4836676, the complete fix requires
patch 110058-07 (or newer).  Although patches 112535-03 and
110058-07 do not require/depend on each other,
the complete resolution for the bug requires both.

README -- Last modified date:  Thursday, November 13, 2003