Executive Summary
Summary | |
---|---|
Title | Sun Alert 247386 Part II - Multiple Printing Regressions in Solaris 10 Kernel Patches 127127-11 and 127128-11 |
Informations | |||
---|---|---|---|
Name | SUN-247386 | First vendor Publication | 2009-06-15 |
Vendor | Sun | Last vendor Modification | 2009-09-08 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | N/A | Attack Range | N/A |
Cvss Impact Score | N/A | Attack Complexity | N/A |
Cvss Expoit Score | N/A | Authentication | N/A |
Calculate full CVSS 2.0 Vectors scores |
Detail
Product: Solaris 10 Operating System OpenSolaris Solaris 10 kernel patches 127127-11 (SPARC platform) or 127128-11 (x86 platform) introduce multiple printing regressions as listed below. Note that these issues are in addition to the ones already identified in Sun Alert 241426, available at http://sunsolve.sun.com/search/document.do?assetkey=1-66-241426-1 6699689 - Using the -D option to lpadmin(1M) corrupts '/etc/printers.conf' and leads lpstat(1) to core dump after which printing is no longer possible. 6740381 - 'lpstat -o' no longer reports status for remote Windows printers. 6699255 - After installation of KU 127127/127128-11, printing is no longer possible if print server and client have different KU revision. 6720586 - "nobanner" entry gets added to request when lp(1) is invoked with the -i <request-id> to change print request options. 6724477 - The command "cancel <queuename>" causes a segmentation fault when used to cancel the first job on a remote queue. 6737146 - Unprivileged users cannot place a hold on "print -" requests when using the -H switch with l(1). 6740759 - lpstat(1) always reports "Forms allowed: (none)" after making a form (lpforms(1M)) available to the printer. 6749323 - It is not possible to determine from the output from lpstat(1) which host a job was submitted from. 6723892 - 'lpstat -p' dumps core when queues are created with the "-s ipp://" or "-s lpd://" options. This issue only occurs when the required fields are not specified. Supplying valid field data ensures this does not occur. 6739383 - print commands accept(1M), reject(1), enable(1), disable(1) do not report status after execution. This has minimal impact as although the status is not reported, the commands complete correctly. This can be verified via "lpstat -lp". 6740079 - "lpstat -R" does not show queued jobs, so it is not possible to tell the order in which jobs will be printed. 6752372 - The output from "lpstat -o" is incorrect and so it is not possible to find which job is currently being printed. 6723334 - There is a slow memory leak in the libpapi library. This could result in a system-wide resource shortage. 6724379 - Printing from FireFox 3 is not possible. Attempts to print using the FireFox 3 application will crash in papiJobStreamOpen. 6727979 - Printing to local queues is not be possible due to memory corruption in psm-lpsched.so which will core dump. 6752568 - Using "lpstat -o" to display queue data for a printer which has a queue name that matches the syntax for a job id is not possible. For example, if a job id is defined as : <printer name>-<#>, i.e: hplaser-1 whereby 'hplaser' is the printer, and '1' is the job-id. If a printer is added with a name that matches the job-format "hplaser-1", then 'lpstat -o hplaser-1' will be treated as a job id rather than a printer id and will fail. 6759910 - lpstat(1) cannot display (-D) Description, but this does not affect print jobs. State: Workaround First released: 10-Dec-2008 |
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_247386_part_ii |