home *** CD-ROM | disk | FTP | other *** search
-
-
-
- - 1 -
-
-
-
- 1. _P_a_t_c_h__S_G_0_0_0_2_2_2_2__R_e_l_e_a_s_e__N_o_t_e
-
- This release note describes patch SG0002222 to IRIX 6.3 for
- O2 (incl. R10K) and IRIX 6.4
-
- Patch SG0002222 replaces patch SG0001724
-
- 1.1 _S_u_p_p_o_r_t_e_d__H_a_r_d_w_a_r_e__P_l_a_t_f_o_r_m_s
-
- This patch contains bug fixes suitable for all hardware
- platforms running the supported software platforms described
- below.
-
-
- 1.2 _S_u_p_p_o_r_t_e_d__S_o_f_t_w_a_r_e__P_l_a_t_f_o_r_m_s
-
- This patch contains bug fixes for OutBox 1.4 on a system
- running IRIX 6.3 for O2 (incl. R10K) or IRIX 6.4
-
- The software cannot be installed on other configurations.
-
- 1.3 _B_u_g_s__F_i_x_e_d__b_y__P_a_t_c_h__S_G_0_0_0_2_2_2_2
-
- This patch contains fixes for the following bugs in IRIX 6.3
- for O2 (incl. R10K) and IRIX 6.4
-
- Bug numbers from Silicon Graphics bug tracking system are
- included for reference.
-
- +o 498919 - OutBox has numerous security vulnerabilities.
-
- +o 484580 - webdist has security hole.
-
- +o 448788 - OutBox publishing tool: clicking on down-arrow
- to pop up folder selection menu can cause application
- to exit unexpectedly with a core dump.
-
- +o 453793 - OutBox user web page: clicking on 'Snap'
- toolbar button to change the user's picture will
- display an error dialog instead of the mediarecorder
- image capture tool.
-
- +o 443650 - OutBox wrap doesn't handle mailto or file
- WebJumpers. Clicking on a WebJumper containing non-
- http: URL types displays the WebJumper file instead of
- opening the URL.
-
- +o 507641 - OutBox should not display RCS source control
- directories.
-
-
-
-
-
-
-
-
-
-
-
-
-
- - 2 -
-
-
-
- Side effects: The fixes for the security-related bugs 498919
- and 484580 required removal of the functionality responsible
- for the security problems. The resulting changes in OutBox
- behavior are described below:
-
- +o On the OutBox user page, published files no longer
- display the "(download)" link. This provided the user
- with a way to download a document without viewing it.
- This feature was not secure, and has been removed. The
- secure way to download a document is by using the
- browser 'Save Link As' feature. (In Netscape, press
- Shift-Button1 on the OutBox file, or press the right
- mouse button over the link to access the feature via a
- popup menu.)
-
- +o The script "/cgi-bin/wrap" has been modified. A URL
- containing the text "/cgi-bin/wrap" can no longer be
- used to view a document. To access a document from
- such a URL, simply remove the text "/cgi-bin/wrap" from
- the URL. Note: the "/cgi-bin/wrap" script is still
- used in URL's pointing to OutBox folders. URL's
- pointing to OutBox folders should not be modified.
-
- +o The script "/cgi-bin/handler" has been disabled. A URL
- containing the text "/cgi-bin/handler" can no longer be
- used to download a document. To access the document
- from such a URL, remove the text "/cgi-bin/handler"
- from the URL.
-
- +o The scripts "/cgi-bin/webdist.cgi" and "/cgi-
- bin/webdist.install.cgi" have been disabled. The
- WebDist feature was not secure, and has been removed.
-
- 1.4 _S_u_b_s_y_s_t_e_m_s__I_n_c_l_u_d_e_d__i_n__P_a_t_c_h__S_G_0_0_0_2_2_2_2
-
- This patch release includes these subsystems:
-
- +o patchSG0002222.outbox_sw.outbox
-
- +o patchSG0002222.outbox_sw.webdist
-
-
- 1.5 _I_n_s_t_a_l_l_a_t_i_o_n__I_n_s_t_r_u_c_t_i_o_n_s
-
- Because you want to install only the patches for problems
- you have encountered, patch software is not installed by
- default. After reading the descriptions of the bugs fixed
- in this patch (see Section 1.3), determine the patches that
- meet your specific needs.
-
-
-
-
-
-
-
-
-
-
-
-
-
- - 3 -
-
-
-
- If, after reading Sections 1.1 and 1.2 of these release
- notes, you are unsure whether your hardware and software
- meet the requirements for installing a particular patch, run
- _i_n_s_t. The _i_n_s_t program does not allow you to install
- patches that are incompatible with your hardware or
- software.
-
- Patch software is installed like any other Silicon Graphics
- software product. Follow the instructions in your _S_o_f_t_w_a_r_e
- _I_n_s_t_a_l_l_a_t_i_o_n _A_d_m_i_n_i_s_t_r_a_t_o_r'_s _G_u_i_d_e to bring up the miniroot
- form of the software installation tools.
-
- Follow these steps to select a patch for installation:
-
- 1. At the Inst> prompt, type
-
- iiiinnnnssssttttaaaallllllll ppppaaaattttcccchhhhSSSSGGGG_x_x_x_x_x_x_x
-
- where _x_x_x_x_x_x_x is the patch number.
-
- 2. Initiate the installation sequence. Type
-
- IIIInnnnsssstttt>>>> ggggoooo
-
- 3. You may find that two patches have been marked as
- incompatible. (The installation tools reject an
- installation request if an incompatibility is
- detected.) If this occurs, you must deselect one of
- the patches.
-
- IIIInnnnsssstttt>>>> kkkkeeeeeeeepppp ppppaaaattttcccchhhhSSSSGGGG_x_x_x_x_x_x_x
-
- where _x_x_x_x_x_x_x is the patch number.
-
- 4. After completing the installation process, exit the
- _i_n_s_t program by typing
-
- IIIInnnnsssstttt>>>> qqqquuuuiiiitttt
-
-
-
- 1.6 _P_a_t_c_h__R_e_m_o_v_a_l__I_n_s_t_r_u_c_t_i_o_n_s
-
- To remove a patch, use the _v_e_r_s_i_o_n_s _r_e_m_o_v_e command as you
- would for any other software subsystem. The removal process
- reinstates the original version of software unless you have
- specifically removed the patch history from your system.
-
- vvvveeeerrrrssssiiiioooonnnnssss rrrreeeemmmmoooovvvveeee ppppaaaattttcccchhhhSSSSGGGG_x_x_x_x_x_x_x
-
-
-
-
-
-
-
-
-
-
-
-
-
- - 4 -
-
-
-
- where _x_x_x_x_x_x_x is the patch number.
-
- To keep a patch but increase your disk space, use the
- _v_e_r_s_i_o_n_s _r_e_m_o_v_e_h_i_s_t command to remove the patch history.
-
- vvvveeeerrrrssssiiiioooonnnnssss rrrreeeemmmmoooovvvveeeehhhhiiiisssstttt ppppaaaattttcccchhhhSSSSGGGG_x_x_x_x_x_x_x
-
- where _x_x_x_x_x_x_x is the patch number.
-
- 1.7 _K_n_o_w_n__P_r_o_b_l_e_m_s
-
- There are no known problems with the patch at this time.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
