Patch-ID# 108193-02
Keywords: security dtprintinfo timing HOME large SIGSEGV
Synopsis: CDE 1.0.1: dtprintinfo patch
Date: Aug/09/00

Solaris Release: 2.4 2.5

SunOS Release: 5.4 5.5

Unbundled Product: CDE

Unbundled Release: 1.0.1

Xref: This patch available on CDE 1.0.2 as patch 108194

Relevant Architectures: sparc

BugId's fixed with this patch: 4191060 4191065 4007233 4139394

Changes incorporated in this version: 4139394

Patches accumulated and obsoleted by this patch: 

Patches which conflict with this patch: 

Patches required with this patch: 105714-04 (or newer)

Files included with this patch:

	/usr/dt/bin/dtprintinfo

Problem Description: 

4139394 long argument causes SIGSEGV

(from 108195-01)
4191060 large HOME causes buffer overflow in dtprintinfo
4191065 dtmkdir() potentially has a timing security hole
4007233 Solaris CDE 1.0.2 dtprintinfo security vulnerability

Patch Installation Instructions:
-------------------------------- 
Refer to the Install.info file for instructions on using the
generic 'installpatch' and 'backoutpatch' scripts provided with
each patch.  Any other special or non-generic installation
instructions should be described below as special instructions.

Special Install Instructions: 
----------------------------- 

None.