Patch 3018 : Performer 2.2 performer_tools security fix : [IRIX 6.5 6.2]
INDEX
RELATIONS
RELEASE NOTES
1. Patch SG0003018 Release Note This release note describes patch SG0003018; IRIS Performer 2.2 performer_tools security fixes. Note: Patch SG0003018 replaces patch SG0003004. See section 1.5 below if you have installed patch SG0003004.1.1 Supported Hardware Platforms This patch contains bug fixes for all systems.1.2 Supported Software Platforms This patch contains bug fixes for the performer_tools subsystem shipped with IRIS Performer 2.2. The patch should be loaded on any system which has performer_tools 2.2 installed. It is only necessary with performer_tools 2.2 and cannot be installed on prior versions of IRIS Performer. This patch has been tested with IRIS Performer 2.2 on systems running IRIX 6.2, IRIX 6.3, IRIX 6.4, and IRIX 6.5.1.3 Bugs Fixed by Patch SG0003018 This patch contains fixes for the following bugs. Bug numbers from Silicon Graphics bug tracking system are included for reference. o SCR 581294 - Performer API tool security vulnerability o SCR 581950 - pfsearch.cgi fails with outbox webserver o SCR 584224 - pfresults.cgi fails with perl5 o SCR 585820 - wrong title for patch 30041.4 Subsystems Included in Patch SG0003018 This patch release includes these subsystems: o patchSG0003018.performer_tools_sw.webtools o patchSG0003018.performer_tools_man.relnotes1.5 Interactions with Patch SG0003004 Patch 3004 (the predecessor to this patch) contains an installation rule error which, on some systems, causes /var/www/cgi-bin to be renamed to /var/www/cgi-bin.o if the patch is removed or /var/www/cgi-bin.O if the patch is upgraded. If you have already installed patch 3004, do the following before upgrading to this patch: % su - root # versions remove patchSG0003004 # cd /var/www # ls Some users may see an empty cgi-bin, a cgi-bin.o or cgi- bin.O, and other files. If you do not see a cgi-bin.o or cgi-bin.O, then your system was not effected by the bug and you can go on to install this patch. If you do see a cgi-bin.o or cgi-bin.O, and cgi-bin is empty, do the following: # rmdir cgi-bin # mv cgi-bin.o cgi-bin (or mv cgi-bin.O cgi-bin) Then install this patch normally.1.6 Installation Instructions Because you want to install only the patches for problems you have encountered, patch software is not installed by default. After reading the descriptions of the bugs fixed in this patch (see Section 1.3), determine the patches that meet your specific needs. If, after reading Sections 1.1 and 1.2 of these release notes, you are unsure whether your hardware and software meet the requirements for installing a particular patch, run inst. The inst program does not allow you to install patches that are incompatible with your hardware or software. Patch software is installed like any other Silicon Graphics software product. Follow the instructions in your Software Installation Administrator's Guide to bring up the miniroot form of the software installation tools. Follow these steps to select a patch for installation: 1. At the Inst> prompt, type install patchSGxxxxxxx where xxxxxxx is the patch number. 2. Initiate the installation sequence. Type Inst> go 3. You may find that two patches have been marked as incompatible. (The installation tools reject an installation request if an incompatibility is detected.) If this occurs, you must deselect one of the patches. Inst> keep patchSGxxxxxxx where xxxxxxx is the patch number. 4. After completing the installation process, exit the inst program by typing Inst> quit1.7 Patch Removal Instructions To remove a patch, use the versions remove command as you would for any other software subsystem. The removal process reinstates the original version of software unless you have specifically removed the patch history from your system. versions remove patchSGxxxxxxx where xxxxxxx is the patch number. To keep a patch but increase your disk space, use the versions removehist command to remove the patch history. versions removehist patchSGxxxxxxx where xxxxxxx is the patch number. INST SUBSYSTEM REQUIREMENTS No Requirements Information Available. INST SUBSYSTEM CHECKSUMS These checksums help to provide a 'signature' for the patch inst image which can be used to authenticate other inst images. You can obtain this kind of output by running sum -r on the image (from the command line): 01679 2 patchSG0003018 01339 2 patchSG0003018.idb 10201 8 patchSG0003018.performer_tools_man 48474 18 patchSG0003018.performer_tools_sw INST SUBSYSTEM FILE LISTINGS The following lists the files which get installed from each subsystem in the patch:
DOWNLOAD PATCH
|
||||||||||||||||||||||||||||||||||||
Document Id: 20021117071616-IRIXPatch-1218
|