Here is the 4.1.3_u1 one: From lhdsy1!uunet!usc!howland.reston.ans.net!gatech!newsxfer.itd.umich.edu!zip.eecs.umich.edu!yeshua.marcam.com!news.kei.com!babbage.ece.uc.edu!thor!montjoy Sat Jul 9 18:59:19 PDT 1994 Article: 6510 of comp.security.unix Path: lhdsy1!uunet!usc!howland.reston.ans.net!gatech!newsxfer.itd.umich.edu!zip.eecs.umich.edu!yeshua.marcam.com!news.kei.com!babbage.ece.uc.edu!thor!montjoy From: montjoy@thor.uucp (Robert Montjoy) Newsgroups: comp.sys.sun.admin,comp.security.unix Subject: Re: SunOS 4.1.3 security patches? Keywords: sunos,security Message-ID: <2vfcjl$gti@babbage.ece.uc.edu> Date: 6 Jul 94 22:52:36 GMT References: <2vf915$pr9@terminator.ncts.navy.mil> Organization: University of Cincinnati, ECE Dept Lines: 642 Xref: lhdsy1 comp.sys.sun.admin:35183 comp.security.unix:6510 NNTP-Posting-Host: thor.ece.uc.edu In article <2vf915$pr9@terminator.ncts.navy.mil>, Mike Jenkins <mjenkins@ncts.navy.mil> wrote: >What are the security patches required for SunOS 4.1.3? > >I want to "wipe the slate clean" and load a machine with >SunOS 4.1.3_U1, bind 4.9.3, and sendmail 8.6.9. > Here is the SunOS 4.1.3_U1 patch list. Note: for the most part a whole new set of patches is required for SunOS4.1.3_U1 versus 4.1.3. It seems you should be able to get these from sunsite.unc.edu... in the /pub/sun-info/sun-patches directory. (I do not know if they want people to know about it). Also, most if not all can be found on thor.ece.uc.edu in /pub/sun-faq/SunOS4.1.3_U1.patches Title: Solaris 1.1.1 Patch Report Update as of 30/Jun/94 SunService, A Sun Microsystems, Inc. Business ========================================================================== Report Notes Section: ========================================================================== This report is generated to provide a summary list of patches released and available from SunService for the listed release level. There are bi-weekly updates of this report. This report is also made available to customers via the SunSolve service in the "Information Documents section." The "Quick Reference Section" provides a listing of any new patches or existing patch rev changes since last update report, obsoleted patches, security patches, and a listing of the current recommended patches. Recommended patches are considered the most important and highly recommended patches that avoid the most critical system, user, or security related bugs which have been reported and fixed to date. A released patch not listed on the recommended list does not imply that it should not be used if needed. In many cases a security patch will be listed in both the security patch section and recommended patch section. A security patch, however, may not be listed in the recommended section if it is determined to be a more application dependent issue and may not be generally relevant. All listed patches are available via patch database servers or other patch access services unless they are superseded by a newer rev or patch. It is possible that a patch listed in this report was just released as of the report date and may not actually appear in a local patch database for another 24-48 hours. Any customer issues related to these patches should be directed into normal support channels and escalated if necessary. Solaris 1.1.1 contains SunOS 4.1.3_U1 and OpenWindows 3.0 releases. SunOS 4.1.3_U1 patches are unique from SunOS 4.1.3. SunOS 4.1.3 patches should not be applied to SunOS 4.1.3_U1. For 4.1.3_U1, use only the patches listed in this report. The OpenWindows 3.0 release is common to both Solaris 1.1 and 1.1.1, and thus the OpenWindows 3.0 patches apply to both these Solaris releases. The Solaris 1.1.1 patches are compatible with both versions A and B of Solaris 1.1.1, unless otherwise stated in the patch README file. ========================================================================== Quick Reference Section: ========================================================================== New Patches Released Since Last Report: --------------------------------------- 101833-01 SunOS 4.1.3_U1: Can't net install 5.3 Edition II from 4.1.x server Update Revs Released Since Last Report: --------------------------------------- (No changes) Solaris 1.1.1 Recommended Patches: ------------------------------------------------ 101434-03 SunOS 4.1.3_U1: lpr Jumbo Patch 101436-02 SunOS 4.1.3_U1: bin/mail jumbo patch 101440-01 SunOS 4.1.3_U1: security problem: methods to exploit login/su 101508-06 SunOS 4.1.3_U1: sun4m kernel jumbo patch 101509-01 SunOS 4.1.3_U1: SS10-51 or SS600-51 may hard hang or watchdog reset 101558-01 SunOS 4.1.3_U1: international libc jumbo patch 101579-01 SunOS 4.1.3_U1: Security problem with expreserve for Solaris 1.1.1 101587-01 SunOS 4.1.3_U1: security patch for mfree and icmp redirect 101592-01 SunOS 4.1.3_U1: UFS file system corruption and panic 101621-02 SunOS 4.1.3_U1: Jumbo tty patch 101665-02 SunOS 4.1.3_U1: sendmail jumbo patch 101679-01 SunOS 4.1.3_U1: Breach of security using modload 101759-01 SunOS 4.1.3_U1: domestic libc jumbo patch 100444-58 OpenWindows 3.0: Server Jumbo Patch 3000-107 100448-02 OpenWindows 3.0: loadmodule is a security hole. 100452-61 OpenWindows 3.0: XView 3.0 Jumbo Patch 100478-01 OpenWindows 3.0: xlock crashes leaving system open Solaris 1.1.1 Patches Containing Security Fixes: ------------------------------------------------ 101434-03 SunOS 4.1.3_U1: lpr Jumbo Patch 101436-02 SunOS 4.1.3_U1: bin/mail jumbo patch 101440-01 SunOS 4.1.3_U1: security problem: methods to exploit login/su 101558-01 SunOS 4.1.3_U1: international libc jumbo patch 101579-01 SunOS 4.1.3_U1: Security problem with expreserve for Solaris 1.1.1 101587-01 SunOS 4.1.3_U1: security patch for mfree and icmp redirect 101621-02 SunOS 4.1.3_U1: Jumbo tty patch 101665-02 SunOS 4.1.3_U1: sendmail jumbo patch 101679-01 SunOS 4.1.3_U1: Breach of security using modload 101759-01 SunOS 4.1.3_U1: domestic libc jumbo patch 100448-02 OpenWindows 3.0: loadmodule is a security hole. 100452-61 OpenWindows 3.0: XView 3.0 Jumbo Patch 100478-01 OpenWindows 3.0: xlock crashes leaving system open *=indicates a security patch not listed in the Recommended Patch List, usually because the patch is determined to be more application dependent and may not be generally relevant. Solaris 1.1.1 Obsoleted Patches: ------------------------------------------------ 101487-01 OBSOLETED by 101508 101386-01 OBSOLETED by 100448 101393-01 OBSOLETED by 100444 ========================================================================== Solaris 1.1.1 Complete Listing of Released Patches: ========================================================================== Total Patches: 90 Total Bugfixes: 549 SunOS Released Patch List: ------------------------------ Patch-ID# 101434-03 Synopsis: SunOS 4.1.3_U1: lpr Jumbo Patch BugId's fixed with this patch: 1057834 1048004 1099009 1050628 1112342 1133067 1154391 Changes incorporated in this version: 1154391 Patch-ID# 101435-01 Synopsis: SunOS 4.1.3_U1: ypserv fix BugId's fixed with this patch: 1076977 Changes incorporated in this version: Patch-ID# 101436-02 Synopsis: SunOS 4.1.3_U1: bin/mail jumbo patch BugId's fixed with this patch: 1115042 1161618 Changes incorporated in this version: 1161618 Patch-ID# 101437-01 Synopsis: SunOS 4.1.3_U1: accounting jumbo patch BugId's fixed with this patch: 1059412 1033692 Changes incorporated in this version: Patch-ID# 101438-01 Synopsis: SunOS 4.1.3_U1: applications bind to same port if IP address supplied BugId's fixed with this patch: 1052740 Changes incorporated in this version: Patch-ID# 101439-01 Synopsis: SunOS 4.1.3_U1: system crashed tcp_Ercvconnect() from a NULL socket pointer. BugId's fixed with this patch: 1115102 Changes incorporated in this version: Patch-ID# 101440-01 Synopsis: SunOS 4.1.3_U1: security problem: methods to exploit login/su BugId's fixed with this patch: 1121935 Changes incorporated in this version: Patch-ID# 101441-01 Synopsis: SunOS 4.1.3_U1: syslog messages gets confused. BugId's fixed with this patch: 1109291 Changes incorporated in this version: Patch-ID# 101442-02 Synopsis: SunOS 4.1.3_U1: ps(1) with "j" option may segmentation fault BugId's fixed with this patch: 1108978 Changes incorporated in this version: fixed -01 problem with sun4m binary Patch-ID# 101443-02 Synopsis: SunOS 4.1.3_U1: esp: SCSI Errors - "ILLEGAL bit set""watchdog reset" BugId's fixed with this patch: 1161712 1136580 1096405 Changes incorporated in this version: 1161712 1136580 Patch-ID# 101444-01 Synopsis: SunOS 4.1.3_U1: "at" jobs are not running; job files are being over-written. BugId's fixed with this patch: 1116833 Changes incorporated in this version: Patch-ID# 101445-01 Synopsis: SunOS 4.1.3_U1: quota exceeded console messages misleading BugId's fixed with this patch: 1104800 Changes incorporated in this version: Patch-ID# 101446-01 Synopsis: SunOS 4.1.3_U1: iostat reports incorrect SCSI device names on sun4m BugId's fixed with this patch: 1129560 Changes incorporated in this version: Patch-ID# 101447-01 Synopsis: SunOS 4.1.3_U1: tar does not restore original ownerships on sym links BugId's fixed with this patch: 1095930 Changes incorporated in this version: Patch-ID# 101449-01 Synopsis: SunOS 4.1.3_U1: PANICS WITH CLGET: NULL CLIENT BugId's fixed with this patch: 1120254 Changes incorporated in this version: Patch-ID# 101450-01 Synopsis: SunOS 4.1.3_U1: two messages displayed when using FKFORMAT_TRACK ioctl BugId's fixed with this patch: 1122913 Changes incorporated in this version: Patch-ID# 101452-01 Synopsis: SunOS 4.1.3_U1: Exit of suntools from SunView causes panic: bad rmfree BugId's fixed with this patch: 1034701 Changes incorporated in this version: Patch-ID# 101453-01 Synopsis: SunOS 4.1.3_U1: /usr/ucb/Mail does not pass comma separated address as per RFC822 BugId's fixed with this patch: 1133937 Changes incorporated in this version: Patch-ID# 101454-01 Synopsis: SunOS 4.1.3_U1: vacation(1) does not recognize aliases of the type firstname.lastname BugId's fixed with this patch: 1111359 Changes incorporated in this version: Patch-ID# 101455-01 Synopsis: SunOS 4.1.3_U1: Using compress/uncompress over your quota can trash files BugId's fixed with this patch: 1133789 Changes incorporated in this version: Patch-ID# 101456-01 Synopsis: SunOS 4.1.3_U1: diff -c dumps core BugId's fixed with this patch: 1127380 Changes incorporated in this version: Patch-ID# 101459-01 Synopsis: SunOS 4.1.3_U1: xd incorrectly handles xd_ferr BugId's fixed with this patch: 1097055 1110209 Changes incorporated in this version: Patch-ID# 101460-02 Synopsis: SunOS 4.1.3_U1: SunOS consumes all file descriptors when open() returns an EINTR BugId's fixed with this patch: 1131073 Changes incorporated in this version: Patch-ID# 101461-03 Synopsis: SunOS 4.1.3_U1: csh, sh jumbo patch BugId's fixed with this patch: 1023533 1054149 1167401 Changes incorporated in this version: 1167401 Patch-ID# 101462-01 Synopsis: SunOS 4.1.3_U1: tbl may dump core on sun-4; ok on sun-3 BugId's fixed with this patch: 1016791 1101482 Changes incorporated in this version: Patch-ID# 101508-06 Synopsis: SunOS 4.1.3_U1: sun4m kernel jumbo patch BugId's fixed with this patch: 1116706 1110382 1130786 1137976 1134185 1153766 1118195 1121151 1122110 1126760 1148420 1148412 1150390 1151384 1131290 1101875 1164753 Changes incorporated in this version: 1164753 Patch-ID# 101509-01 Synopsis: SunOS 4.1.3_U1: SS10-51 or SS600-51 may hard hang or watchdog reset BugId's fixed with this patch: 1153766 Changes incorporated in this version: Patch-ID# 101532-01 Synopsis: SunOS 4.1.3_U1: gt patch for sun4c and sun4m BugId's fixed with this patch: 1137977 1153766 Changes incorporated in this version: Patch-ID# 101539-01 Synopsis: SunOS 4.1.3_U1: GS Jumbo patch BugId's fixed with this patch: 1112134 1101764 1137977 1153766 Changes incorporated in this version: Patch-ID# 101558-01 Synopsis: SunOS 4.1.3_U1: international libc jumbo patch Changes incorporated in this version: 1033104 1039485 1049421 1054748 1061777 Patch-ID# 101561-05 Synopsis: SunOS 4.1.3_U1: TTY settings change when rlogin into a 4.x system from a 5.x system. BugId's fixed with this patch: 1147895 Changes incorporated in this version: Patch-ID# 101562-02 Synopsis: SunOS 4.1.3_U1: libcurses: dlescreen() causes getch return bad char. BugId's fixed with this patch: 1154602 Changes incorporated in this version: 1154602 Patch-ID# 101579-01 Synopsis: SunOS 4.1.3_U1: Security problem with expreserve for Solaris 1.1.1 BugId's fixed with this patch: 1044909 1083183 Changes incorporated in this version: Patch-ID# 101587-01 Synopsis: SunOS 4.1.3_U1: security patch for mfree and icmp redirect BugId's fixed with this patch: 1087460 1093937 Changes incorporated in this version: 1093937 Patch-ID# 101592-01 Synopsis: SunOS 4.1.3_U1: UFS file system corruption and panic BugId's fixed with this patch: 1118195 1121151 1122110 1118195 Changes incorporated in this version: Patch-ID# 101618-01 Synopsis: SunOS 4.1.3_U1: inetd "broken server detection" breaks on fast machines BugId's fixed with this patch: 1030599 1112111 Changes incorporated in this version: Patch-ID# 101621-02 Synopsis: SunOS 4.1.3_U1: Jumbo tty patch BugId's fixed with this patch: 1048128 1069768 1008324 1040722 1070495 1060689 1064320 1104557 1068641 1056787 1061643 1012954 1168930 Changes incorporated in this version: 1168930 Patch-ID# 101625-02 Synopsis: SunOS 4.1.3_U1: ftp does not prompt for account information BugId's fixed with this patch: 1157359 Changes incorporated in this version: 1157359 Patch-ID# 101664-01 Synopsis: SunOS 4.1.3_U1: rare panic due to serial port load BugId's fixed with this patch: 1119423 Changes incorporated in this version: Patch-ID# 101665-02 Synopsis: SunOS 4.1.3_U1: sendmail jumbo patch BugId's fixed with this patch: 1144946 1056203 1030087 1068637 1085853 1041284 1092073 1092650 1093667 1089670 1084351 1142840 1151181 1152199 1082586 1048259 1160505 Changes incorporated in this version: 1160505 Patch-ID# 101679-01 Synopsis: SunOS 4.1.3_U1: Breach of security using modload BugId's fixed with this patch: 1137491 Changes incorporated in this version: Patch-ID# 101686-01 Synopsis: SunOS 4.1.3_U1: libkvm/kvmopen leaks memory on sun4m machines BugId's fixed with this patch: 1154959 Changes incorporated in this version: 1154959 Patch-ID# 101689-02 Synopsis: SunOS 4.1.3_U1: libkvm/kvmopen leaks memory on sun4m machines BugId's fixed with this patch: 1154959 Changes incorporated in this version: added 4.1.3_U1 Rev B support Patch-ID# 101696-01 Synopsis: SunOS 4.1.3_U1:data corruption when using cpio to archive data from NFS BugId's fixed with this patch: 1051844 Changes incorporated in this version: Patch-ID# 101741-01 Synopsis: SunOS 4.1.3_U1: Asynchronous Memory panic probing non-existent sbus device BugId's fixed with this patch: 1158410 1156505 Changes incorporated in this version: Patch-ID# 101757-01 Synopsis: SunOS 4.1.3_U1: POINT PATCH fixes to ethernet driver (le.o) BugId's fixed with this patch: 1163300 Changes incorporated in this version: 1163300 Patch-ID# 101759-01 Synopsis: SunOS 4.1.3_U1: domestic libc jumbo patch BugId's fixed with this patch: 1033104 1039485 1049421 1054748 1061777 1070565 1074633 1077337 1109666 1074819 1041424 1118688 1038421 1046855 1136266 1141781 1139883 Changes incorporated in this version: Patch-ID# 101775-01 Synopsis: SunOS 4.1.3_U1: Cron consumes more memory as tim goes on BugId's fixed with this patch: 1063780 Changes incorporated in this version: Patch-ID# 101784-01 Synopsis: SunOS 4.1.3_U1: rpc.lockd jumbo patch BugId's fixed with this patch: 1086371 1078771 1115083 1113852 Changes incorporated in this version: Patch-ID# 101833-01 Synopsis: SunOS 4.1.3_U1: Can't net install 5.3 Edition II from 4.1.x server BugId's fixed with this patch: 1164993 Changes incorporated in this version: OpenWindows Released Patch List: ------------------------------------ Patch-ID# 100444-58 Synopsis: OpenWindows 3.0: Server Jumbo Patch 3000-107 BugId's fixed with this patch: 1087901 1101940 1101123 1080976 1083312 1060204 1062740 1066878 1071237 1071322 1077556 1052712 1066767 1067026 1085004 1085475 1085609 1085529 1085467 1075858 1079600 1056492 1084761 1086134 1086122 1082750 1082200 1071098 1038783 1083142 1087211 1089056 1074935 1085444 1078226 1089311 1091966 1092113 1094100 1074749 1094114 1069130 1089311 1096914 1087946 1095761 1099797 1087901 1101940 1101123 1103061 1101267 1071091 1107837 1106762 1110261 1104648 1122982 1089425 1125875 1128560 1119284 1098572 1129122 1131619 1115867 1137468 1137121 1132761 1139085 1133986 1134851 1085529 1138043 1143198 1117109 1103260 1144610 1145351 1147741 1138880 1144753 1149255 1133986 1146592 1145599 1106634 1138880 1149057 1151335 1146172 Changes incorporated in this version: 1146172 Patch-ID# 100448-02 Synopsis: OpenWindows 3.0: loadmodule is a security hole. BugId's fixed with this patch: 1076118 1148753 Changes incorporated in this version: Patch-ID# 100451-62 Synopsis: OpenWindows 3.0: OLIT CTE Jumbo Patch BugId's fixed with this patch: 1094920 1112731 1114072 1101320 1114887 1097819 1099332 1095840 1097042 1095666 1097019 1097060 1079116 1077198 1056290 1059977 1090531 1088126 1085312 1087144 1053499 1054033 1070806 1086857 1069690 1085931 1085311 1055211 1085117 1085119 1083658 1071536 1075807 1075675 1076244 1077804 1067737 1069699 1069958 1070209 1071210 1071427 1071507 1071774 1071855 1073157 1073158 1073385 1073843 1074841 1075085 1097819 1099332 1098537 1101015 1100144 1069757 1097687 1086973 1094770 1109002 1105796 1098701 1087564 1102901 1086919 1104603 1054351 1076210 1104433 1106948 1109548 1106502 1111466 1114060 1114887 1114072 1112731 1075085 1101320 1119343 1112764 1120337 1093945 1101638 1140871 1141944 1145439 1148989 Changes incorporated in this version: 1148989 Patch-ID# 100452-61 Synopsis: OpenWindows 3.0: XView 3.0 Jumbo Patch BugId's fixed with this patch: 1066919 1072832 1073167 1066366 1075863 1075950 1059597 1080579 1075124 1073246 1065873 1084865 1083436 1083405 1053515 1078467 1061299 1076560 1037992 1078467 1044411 1055172 1068828 1077164 1091601 1093039 1049703 1087337 1074553 1053036 1053292 1030878 1020408 1097384 1076907 1043723 1101846 1103579 1105512 1106032 1098466 1106525 1093908 1067716 1109382 1108767 1113021 1110227 1109875 1114662 1111308 1114561 1065350 1067367 1115954 1053622 1109875 1122244 1122239 1122353 1072252 1117789 1071584 1124324 1066669 1098379 1131411 1129722 1140264 1134887 1140806 1136974 1139167 1142387 1047558 1140250 1142387 1148561 1148724 1110936 1149528 1148277 1145729 1161640 1160672 1161637 Changes incorporated in this version: 1161637 Patch-ID# 100454-03 Synopsis: OpenWindows 3.0: convertfont -x does not produce correct bdf file BugId's fixed with this patch: 1075518 1073601 1102515 Changes incorporated in this version: 1102515 Patch-ID# 100462-29 Synopsis: OpenWindows 3.0: File Manager Jumbo Patch BugId's fixed with this patch: 1069592 1070935 1073659 1079554 1075050 1067411 1085050 1086418 1082021 1081836 1108738 1111569 1112446 1108738 1116040 1093144 1129676 1133046 1103246 1130463 1130391 1080650 1144427 1155878 Changes incorporated in this version: 1155878 Patch-ID# 100478-01 Synopsis: OpenWindows 3.0: xlock crashes leaving system open BugId's fixed with this patch: 1077337 Changes incorporated in this version: Patch-ID# 100479-01 Synopsis: OpenWindows 3.0: OLIT release does not include <Xol/Olg.h> file BugId's fixed with this patch: 1079191 Changes incorporated in this version: Patch-ID# 100492-10 Synopsis: OpenWindows 3.0: jumbo patch for olwm 3.0 BugId's fixed with this patch: 1075650 1088815 1089979 1064765 1100097 1085887 1108611 1108642 1108785 1116207 1116212 1150572 Changes incorporated in this version: 1150572 Patch-ID# 100493-04 Synopsis: OpenWindows 3.0: binder jumbo patch BugId's fixed with this patch: 1065534 1065552 1065713 1069284 1070164 1074005 1074430 1075063 1077954 1082036 1083472 1098317 1118302 1104455 Changes incorporated in this version: 1118302 1104455 Patch-ID# 100497-01 Synopsis: OpenWindows 3.0: install_openwin fails and DGA does not work after server is up BugId's fixed with this patch: 1070633 Changes incorporated in this version: Patch-ID# 100499-04 Synopsis: OpenWindows 3.0: printtool looks for longest entry instead of first 2 BugId's fixed with this patch: 1074177 1058325 1099010 Changes incorporated in this version: 1099010 Patch-ID# 100512-04 Synopsis: OpenWindows 3.0: libXt CTE Jumbo Patch BugId's fixed with this patch: 1120337 1098544 1086793 1086912 1074766 1087332 Changes incorporated in this version: 1120337 Patch-ID# 100523-15 Synopsis: OpenWindows 3.0: Calendar Manager Patch BugId's fixed with this patch: 1079235 1081962 1093114 1071379 1111718 1089855 1077699 1080326 1122551 1124859 1145866 1146332 1092042 1154939 1124545 Changes incorporated in this version: 1124545 Patch-ID# 100524-06 Synopsis: OpenWindows 3.0: Classing Engine (libce) Patch BugId's fixed with this patch: 1077657 1077787 1091437 1086418 1081836 Changes incorporated in this version: 1086418 1081836 Patch-ID# 100525-01 Synopsis: OpenWindows 3.0 AudioTool CTE Jumbo Patch BugId's fixed with this patch: 1073640 Changes incorporated in this version: Patch-ID# 100529-01 Synopsis: OpenWindows 3.0: textedit core dumps during exit BugId's fixed with this patch: 1065686 Changes incorporated in this version: Patch-ID# 100544-03 Synopsis: OpenWindows 3.0: Mailtool jumbo patch BugId's fixed with this patch: 1072592 1069789 1086038 Changes incorporated in this version: Patch-ID# 100568-01 Synopsis: OpenWindows 3.0: invalid alarm command causes clock and server to hang BugId's fixed with this patch: 1086168 Changes incorporated in this version: Patch-ID# 100573-04 Synopsis: OpenWindows 3.0: xstdcmap fails to set XStandardColomap for 24-bit machines BugId's fixed with this patch: 1087332 1105454 Changes incorporated in this version: 1105454 Patch-ID# 100580-01 Synopsis: OpenWindows 3.0: tnt locks out DGA applications BugId's fixed with this patch: 1071713 Changes incorporated in this version: Patch-ID# 100608-02 Synopsis: OpenWindows 3.0: xwd does not work with specific -root or -id options BugId's fixed with this patch: 1079731, 1092236 Changes incorporated in this version: Patch-ID# 100626-08 Synopsis: OpenWindows 3.0: Tooltalk patch BugId's fixed with this patch: 1085317 1074150 1074612 1066949 1071723 1070440 1068765 1071035 1072772 1081742 1077513 1082628 1084299 1093746 1095103 1094598 1129057 1140652 1138827 1146783 Changes incorporated in this version: 1146783 Patch-ID# 100685-01 Synopsis: OpenWindows 3.0: snapshot running with motif window manager core dumps BugId's fixed with this patch: 1089508 Changes incorporated in this version: Patch-ID# 100713-01 Synopsis: OpenWindows 3.0: In an Xterm window numlock does not work BugId's fixed with this patch: 1098715, 1095262, 1075151 Changes incorporated in this version: Patch-ID# 100728-02 Synopsis: OpenWindows 3.0: Under SunOS 4.1.1 "xterm" doesn't load when setuid root BugId's fixed with this patch: 1105607 1095437 Changes incorporated in this version: 1105607 Patch-ID# 100742-01 Synopsis: OpenWindows 3.0: iconedit patch BugId's fixed with this patch: 1079720 Changes incorporated in this version: 1079720 Patch-ID# 100753-01 Synopsis: OpenWindows 3.0: XNeWs dumps core viewing answerbook page BugId's fixed with this patch: 1079032 1102144 Changes incorporated in this version: Patch-ID# 100778-03 Synopsis: OpenWindows 3.0: Direct Xlib 1.2 jumbo patch release BugId's fixed with this patch: 1105516, 1117675, 1119220 Changes incorporated in this version: 1119220 Patch-ID# 100795-01 Synopsis: OpenWindows 3.0: time_format, numeric_format wrong BugId's fixed with this patch: 1076928 Changes incorporated in this version: Patch-ID# 100802-01 Synopsis: OpenWindows 3.0: cgsix patch for MP systems with OW and patch 100444 BugId's fixed with this patch: 1095841 Changes incorporated in this version: Patch-ID# 100887-01 Synopsis: OpenWindows 3.0: checkOW patch BugId's fixed with this patch: 1099155 Changes incorporated in this version: Patch-ID# 100899-02 Synopsis: OpenWindows 3.0: ModeSwitch does not work correctly BugId's fixed with this patch: 1096735 1103673 1073527 1127656 Changes incorporated in this version: 1127656 Patch-ID# 100927-01 Synopsis: OpenWindows 3.0 olwm/owplaces places incorrect script header in .openwin-init file. BugId's fixed with this patch: 1118777 Changes incorporated in this version: Patch-ID# 100943-02 Synopsis: OpenWindows 3.0: cmdtool patch BugId's fixed with this patch: 1075514 1139973 Changes incorporated in this version: 1139973 Patch-ID# 100990-01 Synopsis: OpenWindows 3.0: colorimage operator is incorrect in NEWS BugId's fixed with this patch: 1117370 Changes incorporated in this version: Patch-ID# 101076-02 Synopsis: OpenWindows 3.0: colorchooser patch BugId's fixed with this patch: 1132377 Changes incorporated in this version: Patch-ID# 101118-01 Synopsis: OpenWindows 3.0: calctool jumbo patch BugId's fixed with this patch: 1100445, 1065280 Changes incorporated in this version: Patch-ID# 101281-01 Synopsis: OpenWindows 3.0: pageview fails printing single page of multi-page documents. BugId's fixed with this patch: 1140203 Changes incorporated in this version: 1140203 Patch-ID# 101639-01 Synopsis: OpenWindows 3.0: xgettext does not recognize \" when updating .po files BugId's fixed with this patch: 1151120 Changes incorporated in this version: -- Rob Montjoy - Computer Engineer/Systems Administrator University of Cincinnati - Electrical and Computer Engineering E-Mail: Rob.Montjoy@UC.EDU - Personal or Other E-Mail -- To Save the Earth. The Humans must die. From lhdsy1!uunet!ankh.iia.org!babbage.ece.uc.edu!news.kei.com!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!agate!msuinfo!harbinger.cc.monash.edu.au!yarrina.connect.com.au!warrane.connect.com.au!sfe.com.au!sfe.com.au!not-for-mail Fri Jul 15 17:05:46 PDT 1994 Article: 6532 of comp.security.unix Path: lhdsy1!uunet!ankh.iia.org!babbage.ece.uc.edu!news.kei.com!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!agate!msuinfo!harbinger.cc.monash.edu.au!yarrina.connect.com.au!warrane.connect.com.au!sfe.com.au!sfe.com.au!not-for-mail From: paul@sfe.com.au (Paul Hatchman) Newsgroups: comp.security.unix,comp.sys.sun.admin Subject: Re: writting a list of how to secure 4.1.3 & 5.3 Message-ID: <2vghdg$h5u@curly.sfe.com.au> Date: 7 Jul 94 09:20:48 GMT References: <CrGKwK.12w@news.Hawaii.Edu> Organization: Sydney Futures Exchange Lines: 28 Xref: lhdsy1 comp.security.unix:6532 comp.sys.sun.admin:35282 NNTP-Posting-Host: curly.sfe.com.au tmk@uhunix.uhcc.Hawaii.Edu (Thomas M Kroeger) writes: >I'm writting up a basic list of things to do to secure a SunOS 4.1.3 >(and 5.3 - second list) system after initial installation. Here are a few (off the top of my head) that I havent seen posted so far 1. remove setgid kmem from /usr/kvm/crash 2. disable comsat (or patch it) 3. apply expreserve patch 4. apply loadmodule patch 5. apply xterm logging patch and make xterm setuid root. (is xterm more secure than allowing people to read your keystrokes? :) 6. set most lines to unsecure in /etc/ttytab 7. chmod 644 /etc/utmp (and related patches) 8. Apply tty jumbo patch (to fix the pty security probs) *9* Know what you are doing when you modify any configuration files. I am sure that even most secure system in the world can be misconfigured to make it vunerable. later, -------------------------------------------------------------------------------- Paul Hatchman, | <this line intentionally left blank> Analyst/Programmer, | paul@sfe.com.au Sydney Futures Exchange, Australia | Tel: +61 2 2560567 --------------------------------------------------------------------------------