Date: 22 December 2008
References: AU-2008.0027
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2008.0873 -- [Solaris]
Multiple Printing Regressions in Solaris 10
22 December 2008
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Solaris 10
Publisher: Sun Microsystems
Operating System: Solaris
Impact: Denial of Service
Provide Misleading Information
Access: Existing Account
Original Bulletin:
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-241426-1
Comment: Please note this alert contains two (2) parts
Revision History: December 22 2008: Sun has added a Part II to this alert
December 22 2008: Sun has now released the patches to
resolve this issue
September 12 2008: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
Solution Type: Sun Alert
Solution 241426 : Multiple Printing Regressions in Solaris 10
Kernel Patches 127127-11 and 127128-11
Bug ID: 6715450, 6718897, 6724904, 6729885, 6735837, 6694850, 6698648,
6698649, 6698650, 6704910, 6180823, 6667354, 6689188, 6699182, 6708442,
6707986
Product
Solaris 10 Operating System
OpenSolaris
Date of Workaround Release: 29-Aug-2008
Date of Resolved Release: 12-Dec-2008
SA Document Body
Multiple Printing Regressions in Solaris 10 Kernel Patches 127127-11 and
127128-11
1. Impact
Solaris 10 kernel patches 127127-11 (SPARC platform) or
127128-11 (x86 platform) introduce multiple printing regressions as
listed below:
6715450 - 'lp -P m-' no longer prints pages for range 'm' until end of
file.
6718897 - lpstat(1) output is missing information for Connection,
Printer types, PPD, Character sets and Default Page Size.
6724904 - lpr(1B) -r and -s options are now mutually exclusive and
attempting to use the options together generates a usage error.
6699182 - cancel(1) no longer works as expected when trying to cancel
the following:
all jobs owned by user on a specific queue
all jobs owned by user on all queues
all jobs on a specific queue
first job on a specific queue
6729885 - When at least one print server is unreachable or not
accepting connections, submission of print jobs may cause 'lpd-port
to hang, causing all print jobs to affected and unaffected print
servers to be impacted.
6735837 - printmgr(1M) no longer displays the description for printers
in the printer administration overview window.
6694850 - Issues with the list_remove() function in libpapi(3LIB)
causes lists to be freed more than once resulting in a segmentation
fault.
6698648 - 'lp -P <start>-<end>' no longer prints pages in the given
range; instead, all pages of a given document will be printed.
6698649 - After resuming a held print job using 'lp -H resume',
calling lp(1) -H hold will fail to place the job on hold.
6698650 - Priority order of 'lp -q' has been reversed. 'lp -q 0'
should assign a print request the highest priority and 'lp -q 39'
should assign the request the lowest priority. Patch
127127/127128-11 reverses this order causing 39 to be the highest
priority and 0 to be the lowest.
6704910 - Options set for print requests, set via 'lp -o <option
name>' are no longer being honored by the printing system.
6180823 - When banner printing is disabled for a printer using
lpadmin(1M), printmgr(1M) incorrectly displays "Always print banner"
regardless of the entry in the print database.
6708442 - Location of printing PPD files have changed causing
printmgr(1M) to display a blank error message whenever the "New
Attached Printer" window is closed.
6667354 - The changed location of printing PPD files causes
printmgr(1M) to display an error when any modification or addition is
actioned
6689188 - printmgr(1M) shows incorrect information for a given
printer. The fields affected are:
File Contents
Fault Notification
Printer types
The printing system performs correctly as specified by the print
database, but the printmgr(1M) display does not reflect the correct
values.
6707986 - Using lpset(1M) to add a print queue to an LDAP repository
causes print requests targeting the new queue to fail. lpset(1M) does
not add printer-uri data in a format that is compatible with the
libpapi(3LIB) support for printer/service endpoint information.
Note the information for the following bugs has been moved to a new
secondary Sun Alert for this printing regression issue: 6699689,
6740381, 6699255, 6720586, 6724477, 6737146 Please refer to this new
new secondary Sun Alert 247386 for these BugIDs and more BugIDs
relating to this printing issue.
2. Contributing Factors
These issues can occur in the following releases:
SPARC Platform:
* Solaris 10 with patch 127127-11
* OpenSolaris based upon builds snv_44 through snv_99
x86 Platform:
* Solaris 10 with patch 127128-11
* OpenSolaris based upon builds snv_44 through snv_99
Note: OpenSolaris is not affected by 6708442
OpenSolaris distributions may include additional bug fixes above and
beyond the build from which it was derived. The base build can be
derived as follows:
$ uname -v
snv_86
3. Symptoms
The symptoms of each issue are as listed below:
6715450 - When submitting a request with a page range, all pages of
the document will be printed.
6718897 - 'lpstat -o <queue>' will return blank fields for Printer
types, PPD, Connection, Character Sets and Default Page Size even when
this fields have been populated with information.
6724904 - lpr(1B) will report the following usage error:
"-r and -s may not be used together"
6729885 - Print requests to remote printers will be seen to hang.
6735837 - printmgr(1M) will show blank descriptions in the printer
overview window even when printer description fields have been
populated.
6694850 - The stack trace from the core file will be similar to the
following:
fedc246c papiAttributeValuesFree (deadbeef, deadbeef) + 1c
fedc24d6 papiAttributeFree (8067a90) + 3a
fedc250f papiAttributeListFree (806da98) + 27
fede4e68 papiServiceDestroy (8068430) + 5c
6698648 - All pages will be printed even if a valid page range has
been supplied.
6698649 - After applying a hold to a print request, lpstat(1) will not
show the request as being held.
6698650 - Applying a priority of 39 will result in the request being
moved to the top of the print queue. Applying a priority of 0 will
result in the request being moved to the end of the queue. This
behavior can be observed via lpstat(1).
6704910 - Examining /var/spool/lp/logs/requests will show the request
as having a field: "Ui=false" which is not understood by the print
server. A mail will also be received by the user containing this
information.
6180823 - printmgr(1M) will always show the banner option as:
"Always print banner"
regardless of the setting applied.
6667354 - printmgr(1M) will display a popup error message containing
"java.lang.NullPointerException" when closing the printer
addition/modification windows, whether or not any printer settings
were modified/added.
6689188 - After modifying a printer via printmgr(1M), viewing the
details of the printer again using printmgr(1M) will show no changes
having been made. File Contents, Notification and Printer Type will
still have the previous values.
6699182 - 'cancel(1) -u <user>' will result in all printers being
purged of all jobs, regardless of whom owns them.
'cancel -u <user> <printer>' will result in the supplied printer being
purged of all jobs - again, regardless of the owner.
6708442 - printmgr(1M) will show a blank popup error message when
closing the add/modify printer window.
6707986 - After using lpset(1M) job submission via lp(1) will produce
an error message similar to the following:
<queue>: failed to commit job (<job id>): unknown destination
4. Workaround
Removing the affected patches 127127-11 (SPARC platform) or
127128-11 (x86 platform) will resolve these printing issues.
However, these patches fix certain security issues which are not
resolved by any other patch, and as such, this course of action is not
recommended.
5. Resolution
These issues are addressed in the following releases:
SPARC Platform:
Solaris 10 with:
* patch 138112-01 or later (for 6180823, 6667354, 6689188)
* patch 138116-01 or later (for 6698648, 6698649, 6698650,
6704910)
* patch 138118-01 or later (for 6699182)
* patch 138120-01 or later (for 6708442)
* patch 138627-02 or later (for 6694850)
* patch 139487-01 or later (for 6724904)
* patch 138870-01 or later (for 6707986)
* patch 138627-03 or later (for 6715450)
* patch 138848-02 or later (for 6718897)
* patch 139390-01 or later (for 6735837)
* patch 140192-01 or later (for 6729885)
* OpenSolaris based upon builds snv_100 or later
x86 Platform:
Solaris 10 with:
* patch 138113-01 or later (for 6180823, 6667354, 6689188)
* patch 138117-01 or later (for 6698648, 6698649, 6698650,
6704910)
* patch 138119-01 or later (for 6699182)
* patch 138121-01 or later (for 6708442)
* patch 138628-02 or later (for 6694850)
* patch 139488-01 or later (for 6724904)
* patch 138871-01 or later (for 6707986)
* patch 138628-03 or later (for 6715450)
* patch 138849-02 or later (for 6718897)
* patch 139391-01 or later (for 6735837)
* patch 140193-01 or later (for 6729885)
* OpenSolaris based upon builds snv_100 or later
Note the current/latest patches that that will deliver all the above
fixes are:
* SPARC - 138848-02 138627-03 138411-01 138858-01
139487-01 138870-01, 139390-01, 140192-01
* x86 - 138849-02 138628-03 138412-01 138859-01
139488-01 138871-01, 139391-01 140193-01
Note that it is advisable that customers install these patches since
this is the patch baseline for relief available for the issues
documented in Sun Alert 247386.
This Sun Alert notification is being provided to you on an "AS IS"
basis. This Sun Alert notification may contain information provided by
third parties. The issues described in this Sun Alert notification may
or may not impact your system(s). Sun makes no representations,
warranties, or guarantees as to the information contained herein. ANY
AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT
YOU ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE
OUT OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN.
This Sun Alert notification contains Sun proprietary and confidential
information. It is being provided to you pursuant to the provisions of
your agreement to purchase services from Sun, or, if you do not have
such an agreement, the Sun.com Terms of Use. This Sun Alert
notification may only be used for the purposes contemplated by these
agreements.
Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa
Clara, CA 95054 U.S.A. All rights reserved
- ---
Solution Type: Sun Alert
Solution 247386 : Part II - Multiple Printing Regressions in
Solaris 10 Kernel Patches 127127-11 and 127128-11
Bug ID: 6699689, 6740381, 6699255, 6720586, 6724477, 6737146, 6740759,
6748739, 6749323, 6723892, 6739383, 6740079, 6752372, 6723334, 6724379,
6727979, 6752568, 6751830, 6759910, 6752577, 6759604, 6757330, 6591929,
6755076, 6760057, 6763608, 6770599, 6746130, 6770629, 6780792, 6619120,
6761767, 6781426, 6783023, 6781952
Product
Solaris 10 Operating System
OpenSolaris
Date of Workaround Release: 10-Dec-2008
Part II - Multiple Printing Regressions in Solaris 10 Kernel Patches
127127-11 and 127128-11
1. Impact
Solaris 10 kernel patches 127127-11 (SPARC platform) or
127128-11 (x86 platform) introduce multiple printing regressions as
listed below.
Note that these issues are in addition to the ones already identified
in Sun Alert 241426, available at
http://sunsolve.sun.com/search/document.do?assetkey=1-66-241426-1
6699689 - Using the -D option to lpadmin(1M) corrupts
'/etc/printers.conf' and leads lpstat(1) to core dump after which
printing is no longer possible.
6740381 - 'lpstat -o' no longer reports status for remote Windows
printers.
6699255 - After installation of KU 127127/127128-11, printing is no
longer possible if print server and client have different KU revision.
6720586 - "nobanner" entry gets added to request when lp(1) is invoked
with the -i <request-id> to change print request options.
6724477 - The command "cancel <queuename>" causes a segmentation fault
when used to cancel the first job on a remote queue.
6737146 - Unprivileged users cannot place a hold on "print -" requests
when using the -H switch with l(1).
6740759 - lpstat(1) always reports "Forms allowed: (none)" after
making a form (lpforms(1M)) available to the printer.
6748739 - cancel(1) doesn't print correct status for Windows remote
printers. Job will be cancelled but output from the command
incorrectly states that it could not find the job.
6749323 - It is not possible to determine from the output from
lpstat(1) which host a job was submitted from.
6723892 - 'lpstat -p' dumps core when queues are created with the "-s
ipp://" or "-s lpd://" options. This issue only occurs when the
required fields are not specified. Supplying valid field data ensures
this does not occur.
6739383 - print commands accept(1M), reject(1), enable(1), disable(1)
do not report status after execution. This has minimal impact as
although the status is not reported, the commands complete correctly.
This can be verified via "lpstat -lp".
6740079 - "lpstat -R" does not show queued jobs, so it is not possible
to tell the order in which jobs will be printed.
6752372 - The output from "lpstat -o" is incorrect and so it is not
possible to find which job is currently being printed.
6723334 - There is a slow memory leak in the libpapi library. This
could result in a system-wide resource shortage.
6724379 - Printing from FireFox 3 is not possible. Attempts to print
using the FireFox 3 application will crash in papiJobStreamOpen.
6727979 - Printing to local queues is not be possible due to memory
corruption in psm-lpsched.so which will core dump.
6752568 - Using "lpstat -o" to display queue data for a printer which
has a queue name that matches the syntax for a job id is not possible.
For example, if a job id is defined as : <printer name>-<#>, i.e:
hplaser-1 whereby 'hplaser' is the printer, and '1' is the job-id.
If a printer is added with a name that matches the job-format
"hplaser-1", then 'lpstat -o hplaser-1' will be treated as a job id
rather than a printer id and will fail.
6751830 - In cases where a remote queue is disabled, using lpstat(1)
on the client will incorrectly report that the printer is accepting
requests. The status reported by the server will be correct.
6759910 - lpstat(1) cannot display (-D) Description, but this does not
affect print jobs.
6752577 - lpmove(1M) dumps core after moving a print job. Print jobs
will be processed correctly, however each time lpmove is executed, a
core file will be created.
6759604 - A local unprivileged user on the lp client can cancel print
jobs owned by root.
6757330 - Zero byte print jobs will hang. Other print jobs are not
impacted when this occurs.
6591929 - Passing in a postscript file to lp via standard input (using
the command like '$ cat <postscript-file> | lp)', will cause the
printer to print the postscript markup version of the file.
Drivers such as ljet and hpijs use this command format and are
therefore impacted by this issue. Note that 'lp <postscript-file>' is
not impacted by this issue.
6755076 - enable(1), disable(1) commands are not supported for remote
printer queues. Using these commands on remote printers fails but the
error message generated omits the reason why the command is not
working (not supported).
6760057 - accept(1M), reject(1) commands are not supported for remote
printer queues. Using these commands on remote printers fails but the
error message generated omits the reason why the command is not
working (not supported).
6763608 - lpstat reports remote Windows printers as disabled even when
they are enabled. In some cases jobs will print even though the queue
is listed as disabled. In other cases, jobs will not be printed.
6770599 - Configuring network printers as remote printers is not
supported and will not work. lpstat(1) will report these remote
printers as disabled. (In the past however, such incorrectly
configured printers may have worked.)
This affects network printers that are configured using the remote
printer format which looks like the following:
printer-uri-supported=lpd://<print server>/printers/<printer name>
bsdaddr=<print server>,<printer name>, Solaris
6746130 - more memory leaks in the libpapi library. This could result
in a system-wide resource shortage.
6770629 - lpsched(1M) will core dump when using Xerox printers. smf(5)
will detect this event and will respond by disabling print services.
This only occurs with Xerox printers. Print services will need to be
re-enabled.
6780792 - Print jobs sent to NIprint print-server software on Windows
systems will not be processed and will never print.
6619120 - lpmove(1M) dumps core if it is invoked without using any
paramaters as in the case when displaying the command usage data.
Users may instead refer to the man page for usage details to work
around this issue.
6761767 - '/usr/ucb/lpc topq' (see lpc(1B)), fails to move the
specified print jobs to the top of the print queue. Instead it will
dump core.
6781426 - When sending print jobs to a Novell print server, all jobs
can be rejected if '-o nobanner' is passed as an option.
6783023 - lpstat -v dumps core if there is no printer name defined in
/etc/printers.conf.
6781952 - enable(1)/accept(1M) used to return code 1 (meaning failure)
if the print queue is already enabled/accepting. Now, with these
patches installed, enable(1)/accept(1M) will instead return code 0
(meaning success) if the queue is already enabled/accepting. Return
codes for other situations has remained unchanged.
2. Contributing Factors
These issues can occur in the following releases:
SPARC Platform:
* Solaris 10 with patch 127127-11
* OpenSolaris based upon builds snv_44 or later
x86 Platform:
* Solaris 10 with patch 127128-11
* OpenSolaris based upon builds snv_44 or later
Notes:
1. Solaris 8 and 9 are not impacted by this issue.
2. Solaris 10 is not affected by 6724379.
3. OpenSolaris distributions may include additional bug fixes above
and beyond the build from which it was derived. The base build can be
derived as follows:
$uname -v
snv_86
3. Symptoms
The symptoms of each issue are as listed below:
6699689 - Examining '/etc/printers.conf' will show that the
destination field in the 'bsdaddr' line is blank after adding a
description.
6740381 - 'lpstat -o <queue residing on MS Windows server>' will
return no output, even when jobs are resident on the queue.
6699255 - 'lpstat -o <queue>' will return a different request-id to
that returned from lp(1) during request submission.
6720586 - After passing the -i switch to lp(1), the output from:
/var/spool/lp/tmp/<print server>/<job-id>
will contain the text:
nobanner
6724477 - cancel(1) will suffer a segmentation fault, a stack trace
from the core will be similar to the following:
ff25276c papiAttributeListFind (0, 245e4, 245e4, ffbffbec, ff396000, 6c706400)+ 18
ff252878 papiAttributeListGetValue (0, ffbffb14, 245e4, 1, ffbffb7c, ffbffcdc)+ 5c
ff25296c papiAttributeListGetInteger (6c706400, 0, 245e4, ffbffbec, ff396000, 13c7c) + 2c
00012aac cancel_job (25b68, 24a00, ffbffe1d, 25c80, 0, ffbffcdc) + 6c
00012fd8 berkeley_cancel_request (25b68, 24a00, ffbffe1d, 0, ffbffcdc, 29) + 158
00011fe4 main (2, ffbffd6c, ffbffd78, 24400, ff3600c0, ff360100) + 43c
000118b8 _start (0, 0, 0, 0, 0, 0) + 108
6737146 - After placing a hold on a print request, the 'Hold' keyword
will not be present in:
/var/spool/lp/tmp/<print server>/<job-id>
6740759 - lpstat always reports "Forms allowed: (none)" after making a
form available to printer.
6748739 - Cancel reports : <job-id>: not-found when attempting to
cancel jobs on remote Windows server.
6749323 - lpstat(1) does not show which host a job was submitted from.
'lpstat -o' does not display the host information along with the owner
of the request.
6723892 - lpstat -p dumps core when used on queues created with the
"-s ipp://" or "-s lpd://" options.
The stack trace generated is similar to the following:
core 'core' of 20123: /usr/lib/lp/bin/lpstat -p a2
fee93088 strrchr (8046fa0) + 18
fee43ec1 getprinterbyname (8047246, 0) + 16d
fee44b85 service_load (8068470, 8047246) + 49
fee44e08 papiServiceCreate (8047040, 8047246, 0, 0, 8054cec, 1) + a0
08053037 printer_query (8047246, 80526b4, 1, 0, 0) + 2f
08053ddb main (3, 80470e4, 80470f4) + 4cb
08052046 _start (3, 804722c, 8047243, 8047246, 0, 8047249) + 7a
6739383 - Commands 'accept', 'reject', disable', 'enable' do not
report status after execution.
6740079 - 'lpstat -R' will show no output when run against a valid
queue.
6752372 - "lpstat -o" output fails to show which job is currently
being printed. The output should look like the following but the 'on
<printer>' information is missing:
VSP4720FM-39213 bsnps 343 Jun 18 20:52 on VSP4720FM
6723334 - memory leak in libpapi will result in increased system
memory usage. The cause can be determined using dtrace(1M) to profile
the processes.
6724379 - Crash dump created when printing using firefox 3 will have a
stack trace similar to the following:
core 'core' of 1153: /usr/lib/firefox/firefox-bin
----------------- lwp# 1 / thread# 1 --------------------
fed0d955 _lwp_kill (1, b) + 15
fecc1592 raise (b) + 22
fcecd20a __1cNnsProfileLockSFatalSignalHandler6Fi_v_ (b, 0, 8045928) + e6
fed0942f __sighndlr (b, 0, 8045928, fcecd124) + f
fecfe5c2 call_user_handler (b, 0, 8045928) + 2bf
fecfe7f6 sigacthandler (b, 0, 8045928) + d0
--- called from signal handler with signal 11 (SIGSEGV) ---
fecb41f0 t_splay (f0c3e054) + 30
fecb40bd t_delete (f0c3e054) + 2d
fecb3dd0 realfree (f0c3ab24) + 60
fecb4433 cleanfree (eef20780) + 5b
fecb3a2e realloc (eef20780, 16) + 59
f67b3836 add_lpd_control_line (804650c, 50, f7465030) + 66
6727979 - Core dump created when printing to local queues will have a
stack trace similar to the following:
psm-lpsched.so.1'_Free+0x1b
psm-lpsched.so.1'freerequest+0x138
psm-lpsched.so.1'papiJobSubmitByReference+0x24e
libpapi.so.0'_papi_job_submit_reference_or_validate+0x90
libpapi.so.0'papiJobSubmitByReference+0x31
lp'main+0x593
lp'_start+0x7a
6752568 - Using lpstat(1) -o to display queue data for a printer which
has a queue name that matches the syntax for a job id will result in
the following error:
Failed to contact service for <printer>: not-found
6751830 - Where a remote queue is disabled, using lpstat(1) on the
client will incorrectly report that the printer is accepting requests
but the server will report the correct status.
On the server:
<printer name> not accepting requests since <date>
On the client:
<printer name> accepting requests since <date>
6759910 - 'lpstat -D' does not display (-D) Description. lpstat will
not show any printer descriptions.
6752577 - lpmove(1M) dumps core with a stack trace similar to the
following:
psm-lpsched.so.1`_getmessage+0x137(80af0d0, 20, 8047c6c)
psm-lpsched.so.1`rcv_msg+0x7b(807ddf0, 20, 8047cc8)
psm-lpsched.so.1`papiJobMove+0x10f(807ddf0, 8088eb0, f, 8088d00)
libpapi.so.0`papiJobMove+0x9b(8088f88, 8047ee5, f, 8088d00)
0x80515d2(8088f88, 8047ee5, f, 8047ef2)
main+0x119(2, 8047e14, 8047e24)
_start+0x7a(3, 8047ed4, 8047ee5, 8047ef2, 0, 8047efa)
6759604 - A local unprivileged user on the lp client can cancel print
jobs owned by root.
6757330 - Zero byte print jobs will hang. Other print jobs are not
impacted when this occurs.
6591929 - Passing in a postscript file to lp via standard input 'cat
<postscript-file> | lp', will cause the printer to print the
postscript markup.
6755076 - Output messages from the enable(1)/disable(1) print commands
when using a remote queue fail to state that enable(1) and disable(1)
are not supported for remote queues. The output shows the following:
enable: <printer>: operation-not-supported
disable: <printer>: operation-not-supported
6760057 - Output messages from the accept(1)/reject(1) print commands
when using a remote queue fail to state that accept(1) and reject(1)
are not supported for remote queues. The output shows the following:
accept: <printer>: operation-not-supported
reject: <printer>: operation-not-supported
6763608 - lpstat(1) reports remote Window printers as disabled even
when they are enabled.
6770599 - lpstat(1) reports network printers that have been
incorrectly configured as remote printers as disabled, even when they
are enabled. Printing to these will fail.
6746130 - Memory leaks in libpapi will result in increased system
memory usage The cause can be determined using dtrace(1M) to profile
the processes.
6770629 - lpsched(1M) will core dump when using Xerox printers causing
smf(5) to disable the print services and issue the following message:
[ <date> Stopping because process dumped core. ]
6780792 - Print jobs sent to NIprint print-server software running on
Windows systems will fail to print. lp(1) will complete correctly and
a job-id will be returned but the job will not be printed.
6619120 - lpmove(1) will dump core when invoked without any parameters
when displaying the usage data.
6761767 - When the 'topq' command is excecuted within the lpc(1B)
shell, lpc will dump core with a stack trace similar to:
core 'core' of 744: lpc
ff2c1470 atoi (2a058, 25f10, 0, 0, 25b00, 0) + 4
00011e5c ???????? (ffffffff, 25f10, 2, 13400, 24400, 11ab0)
00011f34 ???????? (11ab0, 25f10, 2, 0, 29618, 0)
00011fe8 ???????? (0, 25f10, ffbfeb7c, 2, 25f10, 1)
000121d4 ???????? (0, 25f18, 1, 13400, 134e4, 13400)
00012290 main (0, ffbffd9c, ffbffda4, 25000, 13400, 13400) + 94
00011440 _s
tart (0, 0, 0, 0, 0, 0) + 108
6781426 - Print jobs sent to a Novell print server fail with the
following message visible via snoop(1M):
"<printer>: Unrecognized LPR syntax. Only BSD-type usage acceped
(per RFC 1179)."
6783023 Using lpstat -v with no printer name defined, will coredump
with a stack trace similar to:
ff2b1d50 strlen (14b0d, ffbffd48, ffbfff47, 0, 0, 0) + 50
ff31c4c8 printf (14afc, 27170, 0, 2718e, ff36e308, 14afc) + f4
00011978 ???????? (27620, 2bca8, ffbfff42, 0, 0, 14800)
000129b0 ???????? (0, 11804, 0, 0, 0, 0)
00013738 main (0, ffbffe8c, 27400, 1, 11800, 12a28) + 3ec
000114ec _start (0, 0, 0, 0, 0, 0) + 108
6781952 - enable(1)/accept(1M) return code 0 (meaning success) if the
print queue is already enabled/accepting.
4. Workaround
Removing the affected patches 127127-11 (SPARC platform) or
127128-11 (x86 platform) will resolve these printing issues.
However, these patches fix certain security issues which are not
resolved by any other patch, and as such, this course of action is not
recommended.
Binary relief can be obtained via the normal support channels for the
following Bugs:
6699689, 6740381, 6699255, 6720586, 6724477, 6737146, 6740759,
6749323, 6757330, 6752568, 6759910, 6752577, 6780792, 6619120,
6591929, 6761767, 6763608.
To date, there is no binary relief available for the following Bugs:
6748739, 6723892, 6739383, 6740079, 6752372, 6723334, 6727979,
6751830, 6759604, 6755076, 6760057, 6770599, 6746130, 6770629,
6781426, 6783023, 6781952
5. Resolution
This issue is addressed in the following releases:
SPARC Platform:
* OpenSolaris based upon builds snv_104 or later (only for bugs
6699689, 6699255, 6720586, 6724477, 6723892, 6723334, 6724379,
6727979, 6591929)
x86 Platform:
* OpenSolaris based upon builds snv_104 or later (only for bugs
6699689, 6699255, 6720586, 6724477, 6723892, 6723334, 6724379,
6727979, 6591929)
A final resolution is pending completion for Solaris 10 and for the
remaining Bugs in OpenSolaris.
This Sun Alert notification is being provided to you on an "AS IS"
basis. This Sun Alert notification may contain information provided by
third parties. The issues described in this Sun Alert notification may
or may not impact your system(s). Sun makes no representations,
warranties, or guarantees as to the information contained herein. ANY
AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT
YOU ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE
OUT OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN.
This Sun Alert notification contains Sun proprietary and confidential
information. It is being provided to you pursuant to the provisions of
your agreement to purchase services from Sun, or, if you do not have
such an agreement, the Sun.com Terms of Use. This Sun Alert
notification may only be used for the purposes contemplated by these
agreements.
Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa
Clara, CA 95054 U.S.A. All rights reserved
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBSU8P+yh9+71yA2DNAQI2qwP/azlp490dZ0U8VssQg7aw2FWR3rimMHJ+
xrQCEu1YpEElhNpc1hw6WtzxSipW/QwXISSmahrMlcZa+eVe0bB/9ptNdu43yan4
QaOy0kCX4y6C5ULDkJP+RATSSx3OXStNd6D97vvz5uxs03mZwMiGWtz1Qgdt6DcS
lgBse9K/+cE=
=4icy
-----END PGP SIGNATURE-----
|