Patch-ID# 115927-10 Keywords: nspr nss security jss Synopsis: SunOS 5.9_x86: NSPR 4.1.6 / NSS 3.3.11 / JSS 3.1.4 Date: Aug/09/2004 Install Requirements: None Solaris Release: 9_x86 SunOS Release: 5.9_x86 Unbundled Product: NSS/JSS/NSPR Unbundled Release: 3.3.11 Xref: This patch available for sparc as patch 115926 Topic: Relevant Architectures: i386 BugId's fixed with this patch: 4877287 4885952 4886464 4888311 4903564 4933535 4945089 4961743 4972840 4991529 5004563 5009031 5011517 5016209 5016498 5044857 5069683 5083437 Changes incorporated in this version: 5083437 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/lib/mps/secv1/libjss3.so /usr/lib/mps/secv1/libnspr4.so /usr/lib/mps/secv1/libnss3.so /usr/lib/mps/secv1/libnssckbi.so /usr/lib/mps/secv1/libplc4.so /usr/lib/mps/secv1/libplds4.so /usr/lib/mps/secv1/libsmime3.so /usr/lib/mps/secv1/libssl3.so /usr/sfw/bin/certutil /usr/sfw/bin/cmsutil /usr/sfw/bin/crlutil /usr/sfw/bin/modutil /usr/sfw/bin/pk12util /usr/sfw/bin/signtool /usr/sfw/bin/signver /usr/sfw/bin/ssltap /usr/share/lib/mps/secv1/jss3.jar Problem Description: 5083437 Regression in JSS asserts breaks SSLSockets in PS 6.1 (from 115927-09) 5069683 SSL2 exploitable buffer overflow 4877287 NSS / JSS : Library crash in SSL Handshaking if certificate has AIAExtension 5044857 null pointer dereference causes crash in CERT_NameToAscii 5009031 Build 0303.5: amadmin based acceptance tests fail with JVM abort on Linux 4961743 Gateway crashes with OOMErrors with AS 7.0 U1/ WS 6.1 and NSS Package 3.3.7 (from 115927-08) 5016209 Crash in DER_UTCTimeToTime with corrupt certificate (from 115927-07) 5016498 JES 2 Build 8 has incorrect Security 115924 and 115926 patches (from 115927-06) 5011517 SUNWtlsu tools are missing/corrupt on SPARC and x86 Solaris (from 115927-05) 4991529 - improve NSS error messages - serviceability issue 5004563 - Web Server crashes when client presents an invalid cert (from 115927-04) 4972840 - potential DOS target on NSS libraries (from 115927-03) 4933535 - JSS client certificate callback API allows one to have a successful handshake 4945089 - ASN1 Decoder can suffer denial of service attacks (from 115927-02) 4888311 CertStore.delete certificate does not work for CA certificate 4886464 SSL Client authentication is not working 4885952 JVM crash occuring during SSLSocket.read() (from 115927-01) 4903564 Security libraries (3.3.5+) for Orion should install in new location Patch Installation Instructions: -------------------------------- Refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- None. README -- Last modified date: Friday, August 27, 2004