Patch-ID# 105714-05 Keywords: security SIGBUS libDtSvc 105669-01 remote login fails Buffer Overflow Synopsis: CDE 1.0.1: libDtSvc Patch Date: Dec/06/2001 Solaris Release: 2.4 2.5 SunOS Release: 5.4 5.5 Unbundled Product: CDE Unbundled Release: 1.0.1 Xref: This patch available on x86 as patch 105715 Topic: Relevant Architectures: sparc BugId's fixed with this patch: 1242841 4057875 4095426 4099389 4101096 4118762 4527363 Changes incorporated in this version: 4527363 Patches accumulated and obsoleted by this patch: 103725-01 Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/dt/lib/libDtSvc.so.1 Problem Description: 4527363 Buffer Overflow in CDE Subprocess Control Service (dtspcd) (from 105714-04) Corrected a patch packaging issue. (from 105714-03) 4118762 remote applications die, logging user out and not saving session (from 105714-02) 4099389 Patch 105669-01 breaks CDE. 4101096 Can't login using a host-and-screen-specific session directory. 4095426 Set Home Session in StyleManager causes core dumps. (from 105714-01) 4057875 SIGBUS and security hole if big $HOME. (from 103725-01) 1242841 Action file is rejected if CWD field does not start with /. Patch Installation Instructions: -------------------------------- Refer to the Install.info file for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below as special instructions. Special Install Instructions: ----------------------------- None. README -- Last modified date: Thursday, December 6, 2001