Patch-ID# 114858-08
Keywords: security sshd sftp-server audit session logout
Synopsis: SunOS 5.9_x86: usr/lib/ssh/sshd Patch
Date: Oct/21/2004


Install Requirements: Install in Single User Mode                      
                      Reconfigure immediately after patch is installed                      
                      
Solaris Release: 9_x86

SunOS Release: 5.9_x86

Unbundled Product: 

Unbundled Release: 

Xref: This patch available for SPARC as patch 113273

Topic: SunOS 5.9_x86: usr/lib/ssh/sshd Patch

Relevant Architectures: i386

BugId's fixed with this patch: 4718590 4725702 4801044 4860120 4895076 4923312 4939055 5006469 5048145 5055703 5060548 5087792

Changes incorporated in this version: 5087792

Patches accumulated and obsoleted by this patch: 

Patches which conflict with this patch: 

Patches required with this patch: 

Obsoleted by: 

Files included with this patch: 

/usr/lib/ssh/sftp-server
/usr/lib/ssh/sshd

Problem Description:

5087792 patch 113273-08 breaks who and last from populating ip/hostname
 
(from 114858-07)
 
5048145 Race relating to SIGCHLD in sshd results in ssh hanging
5055703 sshd fails to set PAM_RHOST correctly during authentication
5060548 scp/ssh to Solaris 9 sshd deamon arbitrarily returns success or failure.
 
(from 114858-06)
 
5006469 sshd is not calling pam_close_session() when exiting
 
(from 114858-05)
 
4939055 ssh does not return standard errors
 
(from 114858-04)
 
4718590 sshd doesn't do proper check when changing expired passwords
4895076 ssh does not allow logins after password expiration when using pk authentication
4725702 sshd fails to report remote address when listening to IPv4 only
 
(from 114858-03)
 
4923312 Possible root exploit in ssh
 
(from 114858-02)
 
4860120 ssh echoes back "Kerberos authentication failed:  password incorrect"
 
(from 114858-01)
 
4801044 sshd writes incorrect audit session ID for logout events

Patch Installation Instructions:
--------------------------------
 
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
 
For Solaris 7-9 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions.  The following example
installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
       example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.

Special Install Instructions:
-----------------------------
 
NOTE 1: It is necessary to restart sshd daemon after the patch
        is installed.
 
NOTE 2: To get the complete fix for the bug 4939055, please install
        114357-03 (or newer)

README -- Last modified date:  Thursday, October 21, 2004