Patch-ID# 114045-12 Keywords: nspr nss security Synopsis: Security 3.3.4.5: NSPR 4.1.6 / NSS 3.3.4.5 Date: Aug/24/2004 Install Requirements: None Solaris Release: 8 SunOS Release: 5.8 Unbundled Product: NSS/NSPR Unbundled Release: 3.3.4.5 Xref: This patch available for i386 as patch 114046 Topic: Relevant Architectures: sparc BugId's fixed with this patch: 4840298 4840300 4840303 4856633 4858477 4884151 4933535 4945089 4964119 4972840 4991529 5004563 5016209 5025584 5069683 Changes incorporated in this version: 5025584 5069683 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/lib/mps/64 /usr/lib/mps/cpu/sparcv8plus/libnspr_flt4.so /usr/lib/mps/libfreebl_hybrid_3.so /usr/lib/mps/libfreebl_pure32_3.so /usr/lib/mps/libnspr4.so /usr/lib/mps/libnss3.so /usr/lib/mps/libnssckbi.so /usr/lib/mps/libplc4.so /usr/lib/mps/libplds4.so /usr/lib/mps/libsmime3.so /usr/lib/mps/libssl3.so /usr/lib/mps/sparcv9/libnspr4.so /usr/lib/mps/sparcv9/libnss3.so /usr/lib/mps/sparcv9/libnssckbi.so /usr/lib/mps/sparcv9/libplc4.so /usr/lib/mps/sparcv9/libplds4.so /usr/lib/mps/sparcv9/libsmime3.so /usr/lib/mps/sparcv9/libssl3.so Problem Description: 5069683 SSL2 exploitable buffer overflow (from 114045-11) 5025584 - SUNWprx/SUNWtlsx missing SUNW_ISA=sparcv9 due to patch 114049-09 in s9u7_03 (from 114045-10) 5016209 - Crash in DER_UTCTimeToTime with corrupt certificate (from 114045-09) 4991529 - Improve NSS error messages - serviceability issue 5004563 - Web Server crashes when client presents an invalid cert (from 114045-08) 4972840 - Potential DOS target on NSS libraries (from 114045-07) 4964119 Patch 114049-06 not built correctly (from 114045-06) 4933535 - The JSS client certificate callback API allows one to have a successful handshake 4945089 - ASN1 Decoder can suffer denial of service attacks (from 114045-05) 4884151 Tracking bug for mozilla bugs for NSS 3.3.5/NSPR 4.1.5/JSS 3.1.2.4 (from 114045-04) 4856633 Patch 114045-03 missing binaries (from 114045-03) 4858477 Patch 114045-02 not built correctly (from 114045-02) 4840298 IPv6 support on HPUX 11i (Bugzilla 190865) 4840300 PBE code leaks IV (Bugzilla 193380) (from 114045-01) 4840303 _USE_BIG_FDS flag needed on HPUX 11i. This bug can cause NSPR to run out of available file descriptors in the implementation of PR_Poll on HP-UX. (Bugzilla 188439) Patch Installation Instructions: -------------------------------- Refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/114045-12 The following example removes a patch from a standalone system: example# patchrm 114045-12 For additional examples please see the appropriate man pages. Special Install Instructions: --------------------------- None. README -- Last modified date: Tuesday, August 24, 2004