SUMMARY: what are the right patches to apply for 4.1.2?

From: Chris Metcalf (metcalf@catfish.LCS.MIT.EDU)
Date: Wed Apr 08 1992 - 10:52:12 CDT

I recently posted asking for suggestions on appropriate patches to
install along with SunOS 4.1.2. This is the summary. I have marked
with a star patches that fix known security problems; everyone should
probably run the file-permissions script (it's not specifically
labelled for 4.1.2, but it's basically harmless and just tries to fix a
few bad setuid settings on some files) and install the rdist patch.
People using yppasswdd or pwdauthd should install the C2 jumbo patch.

        100075-08 lockd jumbo patch
        100103-10 *script to change file permissions to a more secure mode
        100188-02 pty can get output from another application
        100224-03 program "mail" "rmail" problem in delivering mail
        100249-03 automounter JUMBO patch
        100303-02 system freezes using loopback interface
        100342-02 NIS client needs long recovery time if server reboots
        100359-04 streams jumbo patch
        100383-04 *rdist security enhancement
        100458-01 Setitimer sometimes fails to deliver a SIGALRM.
        100469-01 cdrom mount error messages
        100474-01 Assertion Failure on 1.3GB Elite Drive
        100490-01 patches for libxpg
        100505-01 Zero length directories can be left on system
        100507-01 tmpfs fix
        100539-01 umount of busy hsfs filesystem causes panic data fault
        100564-01 *C2 Jumbo patch
        100570-01 ie0 ethernet jumbo patch

The following patches may be useful for people with different hardware
or software environments than ours. Note that patches 474, 475, and
544 are not listed in the current set of 4.1.2 patches in the Sun
database, but are labelled specifically for 4.1.2. (Curious!) 425 is
not labelled for 4.1.2, but fixes the old problem of using ""
as the address for the "whois" command; we just fix this with emacs.
10377-02 is a 4.1.1 patch, but is probably still better than the
buggy 4.1.2 version of sendmail...

        100274-02 dup biodone related panics
        100338-04 system crashes with assertion failed panic
        100377-02 doesn't recognize wildcard, etc.
        100407-03 accounting files are corrupted (and other acct problems)
        100425-01 whois gets host unknown when using the hard coded NICHOST
        100431-03 Performance improvements for GT
        100453-01 GT DVMA window size can be increased
        100475-01 mmap system call on galaxy causes BAD TRAP
        100484-01 esp0 appears about 20 times a day on console
        100494-01 munmap'ing ctl register page clobbers shmem buffer
        100495-01 asynch I-O on a sun4m machine causes panics
        100496-01 ptrace panic with a memory fault
        100511-01 SunDiag cg6test failed on segmentation violation
        100516-01 increase HEAPBYTES to prevent system hangs
        100521-01 GT crash using screenload if mouse is moving
        100527-01 rsh uses old-style selects instead of 4.0 selects
        100531-01 libc jumbo patch
        100536-01 NFS can cause panic: assertion failed crashes
        100537-01 async i-o peaks can hang system
        100542-01 MP with cg6 and prestoserve crashes on ipi
        100544-01 Mailtool3.0
        100547-01 sundiag fputest kvm_open failed
        100569-01 xnews and mouse freeze running GT accelerated application

The following patches were also suggested by one or two people, but as
they seem to be, by and large, older patches that aren't listed in the
4.1.2 patch set, we decided not to install them (possibly our mistake!):

        100272-04 in.comsat daemon fails with 8-character login names
        100296-02 netgroup exports to world via rpc.mountd
        100448-01 OpenWindows 3.0: loadmodule is a security hole.

For those people interested in finding patches on the Internet, let me
recommend archie. UUNET does not have particularly current patches,
and some that they do have are at old revision levels. It's also quite
easy to get patches from Sun, either by email or by snail mail.

As a final note, let me repeat Sun's traditional caution about patches:
except for security-related patches, your best bet is to apply a patch
only once you actually have a problem; otherwise you may end up causing
yourself extra problems with patches that don't work well together.

Thanks to Robert Harker <>, Alain Brossard
and F. L. Charles Seeger III <>.

Chris Metcalf

ps. For those of you who got this far, a question: is the new
/usr/lib/lpd immune to the bug fixed in 100305 (moving /dev/printer to
/dev/lpd/printer, etc.)? lpd seems to be newer, but... ?

			Chris Metcalf, MIT Laboratory for Computer Science   //   +1 (617) 253-7766

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:40 CDT