Patch-ID# 101436-08
Keywords: mail, /bin/mail, sendmail, security
Synopsis: SunOS 4.1.3_U1: patch for mail executable
Date: Oct/31/94

Solaris Release: 1.1.1A
 
SunOS release: 4.1.3_U1A

Unbundled Product:

Unbundled Release: 

Topic:  /bin/mail jumbo patch
 
BugId's fixed with this patch: 1115042 1161618 1154720

Changes incorporated in this version: 1154720

Architectures for which this patch is available: sparc

Obsoleted by:

Problem Description:

Bug ID: 1154720
---------------------------------
4.x mail/rmail and ignores messages after single dot line

BugID: 1161618
---------------------------------
/bin/mail contains a race condition that may be exploited to
obtain root access.

BugID: 1115042
---------------------------------
mail crashes when value for MAXLET exceeded.


INSTALL:

As root, make a backup copy of files to be patched: 

mv /bin/mail to /bin/mail.old

Now install the patched files:

cp sun4/4.1.3_U1/mail to /bin/mail

Set correct permissions:

chmod 4111 /bin/mail
chmod 100 /bin/mail.old

