Patch-ID# 103664-19 Keywords: security DNS libresolv.so.2 CERT BIND in.named nss_dns.so.1 Synopsis: SunOS 5.5.1_x86: libresolv,in.named,named-xfer,nslookup & nstest patch Date: Aug/12/2002 Install Requirements: See Special Install Instructions Solaris Release: 2.5.1_x86 SunOS Release: 5.5.1_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 103663 Topic: SunOS 5.5.1_x86: libresolv,in.named,named-xfer,nslookup & nstest patch NOTE: Refer to Special Install Instructions section for IMPORTANT specific information on this patch. Relevant Architectures: i386 BugId's fixed with this patch: 1238679 1238679 1238679 1247019 1247019 1247019 1253600 1253600 1253600 1264386 1264386 1264386 1265838 1265838 1265838 1266187 1266187 1266187 4007986 4007986 4007986 4008451 4008451 4008451 4018620 4018620 4018620 4037068 4037068 4037068 4038360 4038360 4038360 4056997 4056997 4056997 4068577 4068577 4068577 4071167 4071167 4071167 4081667 4081667 4081667 4127017 4127017 4127017 4127028 4127028 4127028 4133340 4133340 4133340 4133571 4133571 4133571 4134616 4134616 4134616 4149227 4149227 4149227 4324375 4324375 4324375 4409676 4409676 4409676 4525129 4525129 4525129 4646349 4646349 4646349 4708913 4708913 4708913 Changes incorporated in this version: 4708913 Patches accumulated and obsoleted by this patch: 103684-01 103684-01 Patches which conflict with this patch: iss_x86-01 (or newer) Patches required with this patch: Obsoleted by: Files included with this patch: /usr/include/arpa/nameser.h /usr/include/arpa/nameser.h /usr/include/arpa/nameser.h /usr/include/netdb.h /usr/include/netdb.h /usr/include/netdb.h /usr/include/resolv.h /usr/include/resolv.h /usr/include/resolv.h /usr/lib/libresolv.so /usr/lib/libresolv.so /usr/lib/libresolv.so /usr/lib/libresolv.so.1 /usr/lib/libresolv.so.1 /usr/lib/libresolv.so.1 /usr/lib/libresolv.so.2 /usr/lib/libresolv.so.2 /usr/lib/libresolv.so.2 /usr/lib/nslookup.help /usr/lib/nslookup.help /usr/lib/nslookup.help /usr/lib/nss_dns.so.1 /usr/lib/nss_dns.so.1 /usr/lib/nss_dns.so.1 /usr/sbin/in.named /usr/sbin/in.named /usr/sbin/in.named /usr/sbin/named-xfer /usr/sbin/named-xfer /usr/sbin/named-xfer /usr/sbin/nslookup /usr/sbin/nslookup /usr/sbin/nslookup /usr/sbin/nstest /usr/sbin/nstest /usr/sbin/nstest Problem Description: 4708913 CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNS Resolver Libraries (from 103664-18) 4525129 DNS over TCP can induce gethostbyX(3NSL) meltdown 4646349 libresolv.so.2 leaks memory in multi-threaded programs (from 103664-17) 4324375 rsh to machine with two interfaces on same subnet has problems with firewall. (from 103664-16) 4409676 CERT Advisory CA-2001-02/Solaris dns (bind) (from 103664-15) 4134616 in.named can hang when calling res_mkquery (from 103664-14) 4149227 103612-41 causes ldd to throw out unresolved references in libdl.so.1 (from 103664-13) 4127017 Inverse Query in BIND can crash system or gives root access to an attacker. 4127028 BIND does not properly bounds check memory references in server and resolver 4068577 libresolv.so.2 buffer overflow vulnerability per SNI-12 bulletin 4133571 BIND has /tmp vulnerabilities (from 103664-12) 4133340 res_send can hang in recvfrom after bogus select/poll return (from 103664-11) 4056997 BIND spoofing vulnerability per SNI-12 bulletin. Also CERT CA-97.22 1266187 function declaration in netdb.h wrong for non-ansi for 4.9.3 (from 103664-10) 4071167 libresolv.so.1 can cause threaded applications to deadlock via nss_dns.so.1 (from 103664-09) 4081667 in.named 4.9.3.p1 segmentation fault ns_resp+0x40ac (servfail) (from 103664-08) 4038360 Applications linked against libresolv.so.1 and running w/ 103663-05 fail 4037068 libresolv does not reread resolv.conf (from 103664-07) This patch is recranked to workaround bug 4010430 -- installpatch should ignore a required patch when not applicable to a target system. The workaround is to include an empty root sparse patch package. This will allow patch dependency requirement to be met in a server/client configuration. (from 103664-06) 4008451 in.named should have a configurable listen(3N) backlog (from 103664-05) 4018620 DNS server cache corruption and lost of root server A records. (from 103664-04) 1265838 nslookup takes to long to fail if /etc/resolv.conf is missing (from 103664-03) 1264386 BIND 4.9.3 integration not complete 4007986 libresolv conflict for libresolv.so.1 apps using DNS via NS switch (from 103664-02) 1247019 nslookup takes 90 seconds if /etc/resolv.conf file is missing (from 103664-01) 1238679 DNS spoofing is possible per Cern ca-96.02 (from 103684-01) 1253600 nss_dns.so.1 source modification and rebuild for BIND 4.9.3 Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- Reboot the system after patch installation. NOTE 1: Please refer to the file called BIND_493 that came with this patch. This document will describe the difference between libresolv.so.1 and libresolv.so.2 and it should provide the BIND 4.9.3 man pages. It is recommended to install the following patches: 103595-03 (or newer) sendmail patch 103681-01 (or newer) nscd/nscd_nischeck rebuild for BIND 4.9.3 103687-01 (or newer) rpc.nisd_resolv rebuild for BIND 4.9.3 NOTE 2: TO GET THE COMPLETE FIX FOR BUGID FOR 4149227 (103612-41 causes ldd to throw out unresolved references in libdl.so.1), ONE ALSO NEEDS TO INSTALL THE FOLLOWING PATCHES: 103628-05 (or newer) linker patch 103641-23 (or newer) libthread/KU patch 105733-02 (or newer) libxfn patch 103613-44 (or newer) libc/libnsl patch README -- Last modified date: Monday, August 12, 2002