# CLUSTER_README

NAME: Solaris 2.5.1 x86_Recommended Patch Cluster
DATE: Sep/15/04

########################################################################

This patch cluster is intended to provide a selected set of patches for
the designated Solaris release level.  This is a bundled set of patches
conveniently wrapped for one-step installation.  Only install this
cluster on the appropriate Solaris system.  Carefully read all important
notes and install instructions provided in this README file before
installing the cluster.  A cluster grouping does not necessarily imply
that additional compatibility testing has occured since the individual
patches were released.

WARNING!! IT IS HIGHLY RECOMMENDED that the installation of this patch
cluster be performed in single-user mode (Run Level S).

########################################################################

CLUSTER DESCRIPTION
-------------------

These Solaris Recommended patches are considered the most important and
highly recommended patches that avoid the most critical system, user, or
security related bugs which have been reported and fixed to date.  In
most cases a Solaris security patch will be included in the recommended
patch set.  It is possible, however, that a security patch may not be
included in the recommended set if it is determined to be a more obscure
application specific issue and not generally applicable.

During initial installation of the Solaris product other patches or patch
sets may be provided with the product and required with product installation.
Refer to the Solaris product installation documentation to be sure that all
the patches required at product installation are already installed.  This
patch cluster can then be used to update or augment the system with the
recommended patches included.


PATCHES INCLUDED:
-----------------

104579-05  SunOS 5.5.1_x86: pkgadd/pkginstall & related utilities
103717-11  CDE 1.0.2_x86: dtcm sdtcm_convert rpc.cmsd patch
103631-15  SunOS 5.5.1_x86: ip ifconfig arp udp icmp patch
103664-19  SunOS 5.5.1_x86: libresolv,in.named,named-xfer,nslookup & nstest patch
103559-16  SunOS 5.5.1_x86: admintool/launcher fixes + swmtool fixes & y2000
103581-24  SunOS 5.5.1_x86: /kernel/drv/tcp and /usr/bin/netstat patch
103595-19  SunOS 5.5.1_x86: sendmail fixes
103641-42  SunOS 5.5.1_x86: kernel update patch
103681-04  SunOS 5.5.1_x86: nscd/nscd_nischeck/nss_files.so.1 patch
103687-03  SunOS 5.5.1_x86: rpc.nisd_resolv patch
103691-12  SunOS 5.5.1_x86: cron/crontab/at/atq/atrm patch
103700-02  SunOS 5.5.1_x86: /usr/sbin/ping patch
103739-14  SunOS 5.5.1_x86: /usr/sbin/syslogd patch
103744-01  SunOS 5.5.1_x86: XFN source modifications for BIND 4.9.3
103802-05  SunOS 5.5.1_x86: Patch for make & sccs
103818-04  SunOS 5.5.1_x86: /usr/bin/rdist patch
103960-13  SunOS 5.5.1_x86: lp patch
104011-02  SunOS 5.5.1_x86: VolMgt Patch
104221-04  SunOS 5.5.1_x86: /usr/lib/nfs/mountd patch
104267-02  SunOS 5.5.1_x86: inetd patch
104284-03  SunOS 5.5.1_x86: procfs patch
104332-08  SunOS 5.5.1_x86: /usr/sbin/rpcbind patch
104335-02  SunOS 5.5.1_x86: lockd patch
104517-03  SunOS 5.5.1_x86: aspppd patch
104614-01  SunOS 5.5.1_x86: /usr/lib/newsyslog patch
104651-02  SunOS 5.5.1_x86: /usr/bin/rlogin patch
104655-05  SunOS 5.5.1_x86: automount/automountd patch
104167-05  SunOS 5.5.1_x86: /usr/lib/nfs/statd patch
104693-02  SunOS 5.5.1_x86: usr/sbin/in.talkd patch
104737-06  SunOS 5.5.1_x86: /usr/bin/csh patch
104777-02  SunOS 5.5.1_x86: libvolmgt patch
104842-06  SunOS 5.5.1_x86: /usr/sbin/vold patch
104894-01  SunOS 5.5.1_x86: kernel/sys/c2audit patch
104969-02  SunOS 5.5.1_x86: chkey and newkey patch
104936-01  SunOS 5.5.1_x86: usr/sbin/in.rlogind patch
105051-01  SunOS 5.5.1_x86: usr/bin/ps and usr/ucb/ps patch
105093-01  SunOS 5.5.1_x86: usr/sbin/sysdef patch
105300-02  SunOS 5.5.1_x86: kernel/misc/nfssrv patch
105638-02  SunOS 5.5.1_x86: /platform/i86pc/kernel/misc/pdwa patch
105785-02  SunOS 5.5.1_x86: libbsm patch
103881-05  OpenWindows 3.5.1_x86: KCMS tools have security vulnerability
104241-23  OpenWindows 3.5.1_x86: Xsun Patch
104557-04  OpenWindows 3.5.1_x86: OLIT multiple fixes patch
104641-13  OpenWindows 3.5.1_x86: Xview Patch
105105-02  OpenWindows 3.5.1_x86: libXt patch
105124-07  OpenWindows 3.5.1_x86: Calendar Manager patch
106225-01  OpenWindows 3.5.1_x86: filemgr (ff.core) fixes
104195-20  Motif 1.2.3_x86: Runtime library patch
103628-14  SunOS 5.5.1_x86: Linker patch
104874-08  SunOS 5.5.1_x86: /usr/bin/uustat and other uucp fixes
106690-01  SunOS 5.5.1_x86: /usr/sbin/in.uucpd patch
106906-01  SunOS 5.5.1_x86: apropos/catman/man/whatis patch
107757-01  SunOS 5.5.1_x86: /usr/bin/pax patch
106412-06  OpenWindows 3.5.1_x86: xdm patch
106664-01  OpenWindows 3.5.1_x86: libce suid/sgid security fix
106665-01  OpenWindows 3.5.1_x86: libdeskset patch
105127-05  OpenWindows 3.5.1_x86: mailtool patch
106647-03  SNC 3.2: rpc.pcnfsd has security problem, also hangs and dumps core
104961-02  SunOS 5.5.1_x86: usr/sbin/snoop patch
108659-02  SunOS 5.5.1_x86: Patch for sadmind
105496-12  OpenWindows 3.5.1_x86: ToolTalk patch
106530-07  SunOS 5.5.1_x86: Shared library patch for C++
108498-01  SunOS 5.5.1_x86: ASET sets gid on /tmp,/var/tmp when med/high security
108471-01  SunOS 5.5.1_x86: possible denial of service bug
109276-04  SunOS 5.5.1_x86: /usr/bin/mail patch
109393-01  SunOS 5.5.1_x86: /usr/vmsys/bin/chkperm patch
108803-02  SunOS 5.5.1_x86: /usr/bin/tip patch
109722-01  SunOS 5.5.1_x86: arp should lose set-gid bit
111280-01  SunOS 5.5.1_x86: in.fingerd can store a NULL after end of an array
103892-08  SunOS 5.5.1_x86: ksh and rksh patch
111282-01  SunOS 5.5.1_x86: finger doesn't always correctly match NULL usernames
105166-04  SunOS 5.5.1_x86: /usr/lib/netsvc/yp/ypbind patch
111577-01  SunOS 5.5.1_x86: catman makes dangerous use of tmpfiles.
111843-01  SunOS 5.5.1_x86: nawk line length limit corrupts patch dependency
111841-01  SunOS 5.5.1_x86: Buffer overflow in whodo via $TZ
104638-04  SunOS 5.5.1_x86: /usr/ccs/lib/libcurses.a patch
105963-05  SunOS 5.5.1_x86: vi/ex/edit/view/vedit patch
111518-01  SunOS 5.5.1_x86: dmesg security problem
111026-02  SunOS 5.5.1_x86: sdiff patch
105999-03  SunOS 5.5.1_x86: /usr/bin/bdiff patch
111917-01  SunOS 5.5.1_x86: telmod could panic the system
112087-03  SunOS 5.5.1_x86: /usr/bin/mailx patch
104819-02  SunOS 5.5.1_x86: /usr/bin/passwd and /etc/lib/pam_pwmgt.so.1 patch
103868-04  SunOS 5.5.1_x86: jsh, sh and rsh patch
108364-02  CDE 1.0.2_x86: libDtSvc Patch
106161-02  SunOS 5.5.1_x86: /usr/bin/login patch
104185-04  CDE 1.0.2_x86: dtmail fixes
105207-06  CDE 1.1_x86: dtmail patch
106603-01  CDE 1.1_x86: dtlogin patch for security vulnerabilities
103996-02  SunOS 5.5.1_x86: rpc.nispasswdd patch
105134-02  SunOS 5.5.1_x86: usr/sbin/keyserv patch
108929-01  SunOS 5.5.1_x86: Patch usr/sbin/rpc.bootparamd
106910-01  CDE 1.1_x86: dtfile patch
107021-01  CDE 1.1_x86: sdtcm_convert patch
112455-01  SunOS 5.5.1_x86: pt_chmod should call fdetach
104848-09  SunOS 5.5.1_x86: /kernel/fs/cachefs patch
106397-02  SunOS 5.5.1_x86: /usr/lib/saf/ttymon patch
105098-03  SunOS 5.5.1_x86: usr/lib/libsocket.a and usr/lib/libsocket.so.1 patch
103604-16  SunOS 5.5.1_x86: ftp, in.ftpd, in.rexecd and in.rshd patch
106442-02  CDE 1.1_x86: dtappgather patch


IMPORTANT NOTES AND WARNINGS:
-----------------------------

SYSTEMS WITH LIMITED DISK SPACE SHOULD *NOT* INSTALL PATCHES:
With or without using the save option, the patch installation process
will still require some amount of disk space for installation and
administrative tasks in the /, /usr, /var, or /opt partitions where
patches are typically installed.  The exact amount of space will
depend on the machine's architecture, software packages already
installed, and the difference in the patched objects size.  To be
safe, it is not recommended that a patch cluster be installed on a
system with less than 4 MBytes of available space in each of these
partitions.  Running out of disk space during installation may result
in only partially loaded patches.  Be sure a recent full system backup
is available in case a problem occurs, and check to be sure adequate
disk space is available before installing the patch cluster.

SAVE AND BACKOUT OPTIONS:
By default, the cluster installation procedure uses the installpatch
save feature to save the base objects being patched.  Prior to installing
the patches the cluster installation script will first determine if
enough system disk space is available in /var/sadm/patch to save the
base objects and will terminate if not.  Patches can only be individually
backed out with the original object restored if the save option was used
when installing this cluster.  Please later refer to the backoutpatch
instructions provided in the individual patch README file which will be
located in the specific patch directory under /var/sadm/patch after
the patch has been installed.  It is possible to override the save
feature by using the [-nosave] option when executing the cluster
installation script.  Using the nosave option, however, means that you
will not be able to backout individual patches if the need arises.

SPECIAL INSTALL INSTRUCTIONS:
As with any patch individually applied, there may be additional special
installation instructions which are documented in the individual patch
readme file.  It is recommended that each individual patch readme is
reviewed before installing this cluster to determine if any additional
installation steps are necessary for a patch.  Otherwise it is possible
that an individual patch may still not be completely installed in all
respects after the cluster has been installed.

DISKLESS OR DATALESS CLIENT SYSTEMS:
On server machines that service diskless and/or dataless clients, a
patch is NOT applied to existing clients or to the client root template
space.  Therefore, all client machines of the server that will need
this cluster will have to individually apply this cluster.  Install
this cluster on the client machines first, then the server.

A PATCH MAY NOT BE APPLIED:
Under certain circumstances listed below, a particular patch provided in
this cluster may not be installed if:

- The patch applies to a package that has not originally been installed
- The same or newer revision of the patch has already been installed
- The patch was obsoleted by another patch that has already been installed
- The package database is corrupt or missing

Use the 'showrev -p' command to compare the list of patches already
installed on the system with the patch list and revision levels provided
in this cluster.  During installation, the install process will indicate
if a patch was not applied and more detailed installation messages will
be logged to the installation log file.  The README file with each patch
also provides documentation regarding install and backout messages.

OLDER VERSIONS OF PATCHES ALREADY INSTALLED:
Backout of older versions of patches provided in the cluster is not
required in order for the newer version to be installed.  However
not backing out an older rev before installing a newer rev will
cause showrev -p to continue to show the older rev along with the
newer rev.  And, if the older rev was previously installed with
the save option, the older rev will continue to occupy disk space
in /var/sadm/patch even though it has been obsoleted by the new rev.
The backoutpatch utility will only allow the most recently saved
objects to be restored, thus there are no serious risks associated
with leaving an older rev on the system.  It just may, however,
avoid confusion and be more economical to first backout an older
patch rev before installing a newer rev.


INSTALL INSTRUCTIONS:
---------------------

First, be sure the patch cluster has been uncompressed and extracted
if the cluster was received as a tar.Z file, then proceed as follows:


1)      Decide on which method you wish to install the cluster:

Recommended Method Using Save Feature:

By default, the cluster installation procedure uses the installpatch
save feature to save the original objects being patched.  Prior
to installing the patches the cluster installation script will
first determine if enough system disk space is available in
/var/sadm/patch to save the objects and will terminate if not.
Using the default save feature is recommended.

Method Using No Save Option:

It is possible to override the save feature by using the [-nosave]
option when executing the cluster installation script.  Using the
nosave option means that you will not be able to backout individual
patches if the need arises.


2)      Run the install_cluster script

       cd <patch cluster directory>
       ./install_cluster

By default, a message warning the user to check for minimum disk
space allowance (separate from the save feature) will appear
and allow the user to abort if inadequate space exists.  To
suppress this interactive message the "-q" (quiet) option can
be used when invoking install_cluster.

The progress of the script will be displayed on your terminal.
It should look something like:

# ./install_cluster

Patch cluster install script for <cluster name>

Determining if sufficient save space exists...
Sufficient save space exists, continuing...
Installing patches located in <patch cluster directory>
Installing <patch-id>
Installing <patch-id>

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.