Patch-ID# 114049-12 Keywords: nspr nss security Synopsis: SunOS 5.9: NSPR 4.1.6 / NSS 3.3.4.5 Date: Aug/24/2004 Install Requirements: None Solaris Release: 9 SunOS Release: 5.9 Unbundled Product: Unbundled Release: Xref: This patch available for i386 as patch 114050 Topic: Relevant Architectures: sparc BugId's fixed with this patch: 4840298 4840300 4840303 4856631 4856633 4884151 4933535 4945089 4964119 4972840 4991529 5004563 5016209 5025584 5069683 Changes incorporated in this version: 5025584 5069683 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: 114045-02 (or newer) Patches required with this patch: Obsoleted by: Files included with this patch: /usr/lib/mps/64 /usr/lib/mps/cpu/sparcv8plus/libnspr_flt4.so /usr/lib/mps/libfreebl_hybrid_3.so /usr/lib/mps/libfreebl_pure32_3.so /usr/lib/mps/libnspr4.so /usr/lib/mps/libnss3.so /usr/lib/mps/libnssckbi.so /usr/lib/mps/libplc4.so /usr/lib/mps/libplds4.so /usr/lib/mps/libsmime3.so /usr/lib/mps/libssl3.so /usr/lib/mps/sparcv9/libnspr4.so /usr/lib/mps/sparcv9/libnss3.so /usr/lib/mps/sparcv9/libnssckbi.so /usr/lib/mps/sparcv9/libplc4.so /usr/lib/mps/sparcv9/libplds4.so /usr/lib/mps/sparcv9/libsmime3.so /usr/lib/mps/sparcv9/libssl3.so Problem Description: 5069683 SSL2 exploitable buffer overflow (from 114049-11) 5025584 - SUNWprx/SUNWtlsx missing SUNW_ISA=sparcv9 due to patch 114049-09 in s9u7_03 (from 114049-10) 5016209 - Crash in DER_UTCTimeToTime with corrupt certificate (from 114049-09) 4991529 - Improve NSS error messages - serviceability issue 5004563 - Web Server crashes when client presents an invalid cert (from 114049-08) 4972840 - Potential DOS target on NSS libraries (from 114049-07) 4964119 Patch 114049-06 not built correctly (from 114049-06) 4933535 - The JSS client certificate callback API allows one to have a successful handshake 4945089 - ASN1 Decoder can suffer denial of service attacks (from 114049-05) 4884151 Tracking bug for mozilla bugs for NSS 3.3.5/NSPR 4.1.5/JSS 3.1.2.4 (from 114049-04) 4856633 Patch 114049-03 missing the 64 bit binaries (from 114049-03) 4856631 Patch 114049-02 not built correctly (from 114049-02) 4840298 IPv6 support on HPUX 11i (Bugzilla 190865) 4840300 PBE code leaks IV (Bugzilla 193380) (from 114049-01) 4840303 _USE_BIG_FDS flag needed on HPUX 11i. This bug can cause NSPR to run out of available file descriptors in the implementation of PR_Poll on HP-UX. (Bugzilla 188439) Patch Installation Instructions: -------------------------------- Refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/114049-12 The following example removes a patch from a standalone system: example# patchrm 114049-12 For additional examples please see the appropriate man pages. Special Install Instructions: -------------------------- None. README -- Last modified date: Tuesday, August 24, 2004