Patch-ID# 112816-01 Keywords: security mail buffer overflow sendmail command-line option 4502850 4624990 Synopsis: Trusted Solaris 8 4/01: Mail patch Date: May/20/2002 Solaris Release: Trusted_Solaris_8_4/01 SunOS Release: N/A Unbundled Product: Unbundled Release: Xref: Topic: Trusted Solaris 8 4/01: Mail patch Relevant Architectures: sparc BugId's fixed with this patch: 4668266 4668341 Changes incorporated in this version: 4668266 4668341 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: usr/bin/mail Problem Description: 4668266 mail buffer overflow from Solaris bug 4624990 4668341 mail allows user to supply sendmail command line option from Solaris bug 4502850 Patch Installation Instructions: -------------------------------- Refer to the man pages for instructions on using the generic 'patchadd' and 'patchrm' scripts. Any other special or non-generic installation instructions should be described below as special instructions. Special Install Instructions: ----------------------------- Note: The steps below assume the patch file has been placed into the ADMIN_LOW subdirectory of /tmp (/tmp is a MLD) and that the patch file label is configured to ADMIN_LOW. Create a role that contains the Software Installation profile (typically the admin role). The patch file should be owned by this role. Keep in mind, after rebooting, contents in the /tmp directory are removed; if saving the patch tarfile is desired, select another MLD such as /var/tmp. 1) Login as a user authorized to assume a role that contains the Software Installation profile; typically the admin role. Assume that role. 2) cd into /tmp and unzip the patch file. A patch directory will be created by the unzip command. $ cd /tmp $ unzip <123456-01.zip> 3) Install the patch by typing: $ patchadd /tmp/ Special Backout Instructions: ----------------------------- 1) Login as a user authorized to assume a role that contains the Software Installation profile; typically the admin role. Assume that role. 2) Backout patch by typing: patchrm where is the patch number. $ patchrm 123456-01 README -- Last modified date: Monday, May 20, 2002