========================================================================== The checksum's (found through sum -r) of the files that you have received (other than this README) are as follows: 25807 4 patchSG0003348 01364 69 patchSG0003348.eoe_man 42080 910 patchSG0003348.eoe_sw 43633 7 patchSG0003348.idb ========================================================================== - 1 - 1. Patch_SG0003348_Release_Note This release note describes patch SG0003348 to IRIX 6.2 Patch SG0003348 replaces patches(es) 1281, 1471, 1639, 1780, 2231, and 3260. 1.1 Supported_Hardware_Platforms This patch contains bug fixes for all hardware platforms. 1.2 Supported_Software_Platforms This patch contains bug fixes for IRIX on a system running IRIX 6.2 The software cannot be installed on other configurations. 1.3 Bugs_Fixed_by_Patch_SG0003348 This patch contains fixes for the following bugs in IRIX 6.2 Bug numbers from Silicon Graphics bug tracking system are included for reference. Bugs fixed by patch SG0003348 o Bug 615834 - Security vulnerability in Mail o Bug 614246 - parse0 ruleset missing from antispam support o Bug 617435 - Sendmail delivery is case sensitive o Bug 617068 - /bin/mail security vulnerability o Bug 615170 - configmail script required patched nawk o Bug 615458 - configmail script required patched grep Replaces and rolls up Patch 2231, which fixed: o Bug 498861 - Similar to bug 367577. o Bug 553016 - Sendmail versions 8.6.x has security holes. The recommended solution is to upgrade to the current version of sendmail. Replaces and rolls up Patch 1780, which fixed: o Bug 443335 - sendmail load average calculation - 2 - Replaces and rolls up Patch 1639, which fixed: o Bug 389520 - When /var/mail is nfs mounted, mail files are created with incorrect ownership. Replaces and rolls up Patch 1471, which fixed: o Bug 356996 - sendmail core dumps Replaces and rolls up Patch 1281, which fixed: o Bug 367577 - There is a security hole in rmail which allows user to read any file that is readable by the group "mail". This is typically exploited to access other user's mailbox. 1.4 Subsystems_Included_in_Patch_SG0003348 This patch release includes these subsystems: o patchSG0003348.eoe_sw.unix o patchSG0003348.eoe_man.unix 1.5 Installation_Instructions Because you want to install only the patches for problems you have encountered, patch software is not installed by default. After reading the descriptions of the bugs fixed in this patch (see Section 1.3), determine the patches that meet your specific needs. If, after reading Sections 1.1 and 1.2 of these release notes, you are unsure whether your hardware and software meet the requirements for installing a particular patch, run inst. The inst program does not allow you to install patches that are incompatible with your hardware or software. Patch software is installed like any other Silicon Graphics software product. Follow the instructions in your Software Installation Administrator's Guide to bring up the miniroot form of the software installation tools. Follow these steps to select a patch for installation: 1. At the Inst> prompt, type install patchSGxxxxxxx - 3 - where xxxxxxx is the patch number. 2. Initiate the installation sequence. Type Inst> go 3. You may find that two patches have been marked as incompatible. (The installation tools reject an installation request if an incompatibility is detected.) If this occurs, you must deselect one of the patches. Inst> keep patchSGxxxxxxx where xxxxxxx is the patch number. 4. After completing the installation process, exit the inst program by typing Inst> quit 1.6 Patch_Removal_Instructions To remove a patch, use the versions remove command as you would for any other software subsystem. The removal process reinstates the original version of software unless you have specifically removed the patch history from your system. versions remove patchSGxxxxxxx where xxxxxxx is the patch number. To keep a patch but increase your disk space, use the versions removehist command to remove the patch history. versions removehist patchSGxxxxxxx where xxxxxxx is the patch number. 1.7 Known_Problems